# Testing and launch checklist

## Required automated suites

- Unit: atomic money conversion, canonical signatures, quote freshness, state transitions, fee calculations, retry classification.
- Feature/API: authentication, verification, 2FA, scopes, rate limits, response envelopes, tenant isolation, pagination and idempotency.
- Provider contract: recorded and sanitized fixtures for webhook verification, TRC-20 normalization, finality changes, timeouts and malformed responses.
- Ledger: property tests for balanced postings, no negative available balance, immutable entries and exact reversal behavior.
- Concurrency: duplicate provider events, two finalizers, two payout requests, payout broadcast lock expiry and ambiguous provider acceptance.
- End-to-end: create invoice, send testnet USDT, detect, finalize, post ledger, deliver IPN, request/approve/broadcast testnet payout.
- Resilience: provider outage, stale rate, Redis restart, duplicate queue delivery, MySQL 8.4 failover and webhook endpoint recovery.

## Mainnet gates

- Independent legal/custody review and approved supported-country policy.
- External penetration test with no unresolved critical or high findings.
- Backup restore and PITR exercise completed.
- Global/network/asset/merchant/wallet payout freezes tested.
- Provider credential and webhook-secret rotation tested.
- Reconciliation produces zero unexplained differences for the pilot period.
- Queue lag, unknown payout state, ledger failure and provider error alerts tested end-to-end.
- Low limits, manual approvals and named pilot merchants only.
