# Pigeon Master List * Decide on what DID Method to use * `key` or `ion` * a `DIDKey` implementation already exists in kotlin * [tbdex-protocol] **Nice to have**: Figure out when `Close` messages are allowed * [tbdex-protocol] implement protocol validation (which messages can be sent when) * [tbdex-protocol] implement signature check helper * [tbdex-protocol] implement structural validation (json schema) * [tbdex-protocol] implement private field validation * [tbdex-protocol] finish RESTful API Doc * [tbdex-protocol] message structure overhaul * [tbdex-protocol] add signature field * [tbdex-protocol] add privates field (PII container) * [tbdex-protocol] add metadata field and refactor existing metadata fields * [tbdex-protocol] rename kycRequirements/kycProofs ## Sanctions Credential * [DIDPay FE] Auto-create user id and store locally if one doesn't exist * [DIDPay FE] Save `hasOnboarded` boolean and store locally. * [DIDPay FE] Render "Onboarding form" if `hasOnboarded === false` * [DIDPay FE] Send onboarding form input to DIDPay Backend * [DIDPay BE] create DID * [DIDPay BE] implement API endpoint that takes onboarding form input * Apply for sanctions credential * Store sanctions credential in `credentials` table * Create `credentials` table schema * [TBDiligence] Create DID * [TBDiligence] Implement DIDAuthn * [TBDiligence] Will require DID resolution * [TBDiligence] design API endpoint that can be used to apply for a sanctions credential * [TBDiligence] for async APIs, consider using queues to detach response from process * [TBDiligence] decide on request body schema * [TBDiligence] decide on response body schema * [TBDiligence] decide on DB schema for credential applications * [TBDiligence] Satisfy DSG requirements for PII included in credential application * [TBDiligence] design API Endpoint that can be used to get the result of applying * [TBDiligence] decide on request body schema * [TBDiligence] decide on response body schema * [TBDiligence] Implement method that can be used to create a VC * [TBDiligence] Finish implementing Castellum client * [TBDiligence] Use result of sanctions check to update cred. application result * [TBDiligence] Implement Revocation Check * [TBDiligence] **Stretch Goal** Implement Revocation Check using StatusList * [TBDiligence] **Stretch Goal Pending Megan** Implement refresh daemon process * [TBDiligence] Implement some mechanism to manually revoke a credential ## Get Offerings * [YC PFI] Create Offerings / PayoutMethods, OfferingSent db tables * [YC PFI] Seed offerings table by calling YC b2b endpoints * [DIDPay FE] Implement component to render offerings * [DIDPay BE] API endpoint to get offerings * [DIDPay BE] Calls YC PFI * [YC PFI] Implement API endpoint to return offerings * [YC PFI] Enrich offerings with current rates * [YC PFI] upsert to offerings sent table ## Create RFQ * [YC PFI] Create RFQ and Quotes DB schemas * [DIDPay FE] Implement components to create a user flow for sending an RFQ (only if user `hasOnboarded == true`) * [DIDPay BE] Implement method to construct RFQ * [DIDPay BE] Implement API endpoint to send RFQ * [DIDPay BE] Lookup VC for user's UUID * [DIDPay BE] associate the new thread with user's UUID * [YC PFI] Implement API endpoint for send RFQ * [YC PFI] Calls YC b2b API POST /payments * [YC PFI] Include response from YC b2b API call into Quote and store in DB ## Retrieve a Quote * [YC PFI] Implement DID authn via http header bearer token * [DIDPay FE] Implement component to poll for and render Quote in a given thread (associated with user's uuid) * [DIDPay BE] Implement API endpoint to retrieve Quote * [YC PFI] Implement API endpoint to retrieve thread by id with message type and sort query params ## Submit Order * [YC PFI] Create Order and OrderUpdates DB schemas * [DIDPay FE] Render component to review Quote and submit Order * [DIDPay BE] Implement API endpoint to submit order * [YC PFI] Implement API endpoint for submit order * [YC PFI] Call YC b2b API to accept payment * [YC PFI] Store initial order status from YC b2b API response ## Receive OrderStatus * [DIDPay FE] Implement component to show the latest message of each user's threads * [DIDPay BE] Implement API endpoint to ping YC PFI for OrderStatus * [YC PFI] Implement YC b2b API webhook handler * [DIDPay FE] Implement order status polling * [DIDPay BE] Implement API endpoint to get order status * [YC PFI] Implement API endpoint to get order status ```typescript= const threadValidationMap = { 'RFQ': ['Quote', 'Close'], 'Quote': ['Order', 'Close'], 'Order': ['OrderStatus'], 'Close': [], 'OrderStatus': [] } ``` export async function handler(event, context) { return new Promise( async (resolve, reject) => { const token = await post("/oauth/token", { client_id: "", client_secret: "", audience: "https://grpc-server.castellum.ai", grant_type: "client_credentials" }); console.log(token) }) }