proxmox/docs/GAPS_AND_RECOMMENDATIONS_CONSOLIDATED.md

# Gaps, Placeholders, and Recommendations — Consolidated

**Last Updated:** 2026-03-27  
**Purpose:** Single reference for all identified gaps, placeholders, and actionable recommendations across the repository.

**Related:** [REQUIRED_FIXES_UPDATES_GAPS.md](REQUIRED_FIXES_UPDATES_GAPS.md) | [00-meta/GAPS_STATUS.md](00-meta/GAPS_STATUS.md) | [PLACEHOLDERS_AND_TBD.md](PLACEHOLDERS_AND_TBD.md) | [NOT_IMPLEMENTED_FULL_SCOPE](00-meta/NOT_IMPLEMENTED_FULL_SCOPE.md) | [ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](00-meta/ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md) | [04-configuration/VERIFICATION_GAPS_AND_TODOS.md](04-configuration/VERIFICATION_GAPS_AND_TODOS.md). **Where to update when completed:** [00-meta/BLITZKRIEG_SOURCE_DOCUMENT_INDEX.md](00-meta/BLITZKRIEG_SOURCE_DOCUMENT_INDEX.md).

**Updates (2026-03-27):** Sankofa / The Order NPM routing documented as **live** (NPM → 10210 `192.168.11.39:80` → portal `:3000`). See [ALL_VMIDS_ENDPOINTS.md](04-configuration/ALL_VMIDS_ENDPOINTS.md), [SANKOFA_CUTOVER_PLAN.md](04-configuration/SANKOFA_CUTOVER_PLAN.md) v1.1. Section 2.1 below updated accordingly.

**Updates (2026-03-02):** All in-repo actionable gaps from REQUIRED_FIXES (§§1–6), DETAILED_GAPS, and VERIFICATION_GAPS addressed or documented. See [00-meta/GAPS_STATUS.md](00-meta/GAPS_STATUS.md). Fixes: verify-all-systems Explorer/Wallet timeout 25s; nginx order documented; runbook .env production note added.

**Updates (2026-02-05):** API keys in token-aggregation and root `.env.example` replaced with placeholders. `docs/TODO.md` and `smom-dbis-138/docs/TODO.md` created; smom-dbis-138 status-report links to `../tasks/TODO.md` fixed. RPC_ENDPOINTS_MASTER Sankofa section updated (sankofa.nexus → 7801/.51:3000, phoenix → 7800/.50:4000; the-order TBD). dbis_core nostro-vostro emergency hotline and example URLs set to "To be configured".

---

## 1. Security and secrets

### 1.1 API keys and secrets in `.env.example` (high)

| Location | Issue | Recommendation |
|----------|--------|-----------------|
| `smom-dbis-138/services/token-aggregation/.env.example` | **Done.** Uses placeholders `your-coingecko-api-key`, `your-coinmarketcap-api-key`. | Rotate keys if they were ever committed or shared. |
| `.env.example` (root) | **Done.** Uses placeholder `your-coingecko-api-key`. | — |

### 1.2 Other secret placeholders

- **Root `.env.example`:** Documents `PRIVATE_KEY`, `JWT_SECRET`, `NPM_PASSWORD`, Cloudflare, AWS, etc. with `your-*` placeholders — good. Ensure no real values are committed.
- **OMNIS/backend, dbis_core, the-order:** Use `your-*` or empty; keep examples placeholder-only and document in [MASTER_SECRETS_INVENTORY.md](04-configuration/MASTER_SECRETS_INVENTORY.md) or [API_KEYS_REQUIRED.md](../reports/API_KEYS_REQUIRED.md).

---

## 2. Configuration and DNS placeholders

### 2.1 Sankofa / The Order (routing — **done 2026-03**)

| Item | Location | Status / recommendation |
|------|----------|-------------------------|
| `the-order.sankofa.nexus` (+ `www`) | [ALL_VMIDS_ENDPOINTS.md](04-configuration/ALL_VMIDS_ENDPOINTS.md), [RPC_ENDPOINTS_MASTER.md](04-configuration/RPC_ENDPOINTS_MASTER.md) | **Live:** NPM → `192.168.11.39:80` (VMID 10210 HAProxy) → `192.168.11.51:3000`. Provision: `scripts/deployment/provision-order-haproxy-10210.sh`. |
| Sankofa cutover plan | [SANKOFA_CUTOVER_PLAN.md](04-configuration/SANKOFA_CUTOVER_PLAN.md) | **Updated v1.1 (2026-03-27):** live backend tables + historical procedure. Replace any remaining `<TARGET_*>` in copy-paste API examples if you reuse them for new hosts. |

### 2.2 sankofa.nexus / phoenix.sankofa.nexus routing (authoritative)

- **Master docs (source of truth):** [ALL_VMIDS_ENDPOINTS.md](04-configuration/ALL_VMIDS_ENDPOINTS.md), [RPC_ENDPOINTS_MASTER.md](04-configuration/RPC_ENDPOINTS_MASTER.md), [DNS_NPMPLUS_VM_COMPREHENSIVE_ARCHITECTURE.md](04-configuration/DNS_NPMPLUS_VM_COMPREHENSIVE_ARCHITECTURE.md). Correct targets: `sankofa.nexus` / `www.sankofa.nexus` → 192.168.11.51:3000 (VMID 7801); `phoenix.sankofa.nexus` / `www.phoenix.sankofa.nexus` → 192.168.11.50:4000 (VMID 7800). Only `explorer.d-bis.org` should point to 192.168.11.140 (Blockscout). If NPMplus proxy hosts for Sankofa/Phoenix still point to .140, update them to the correct IP:port per the master docs.

### 2.3 Network / architecture placeholders

| Item | Location | Recommendation |
|------|----------|----------------|
| Public blocks #2–#6 | [NETWORK_ARCHITECTURE.md](02-architecture/NETWORK_ARCHITECTURE.md) | "Placeholders - To Be Configured". Document when blocks are assigned or mark as reserved. |
| Blocks #2–#6 | [NETWORK_CONFIGURATION_MASTER.md](11-references/NETWORK_CONFIGURATION_MASTER.md) | "To be configured". Same as above. |

### 2.4 Token mapping (138↔Mainnet) — Done 2026-02-13

| Item | Location | Status |
|------|----------|--------|
| Token mapping source of truth | [config/token-mapping.json](../config/token-mapping.json) | **Done.** Single source of truth; relay and CI use it. When adding a token, update this file and optionally [CHAIN138_TOKEN_ADDRESSES](11-references/CHAIN138_TOKEN_ADDRESSES.md). See [TOKEN_MAPPING_AND_MAINNET_ADDRESSES](07-ccip/TOKEN_MAPPING_AND_MAINNET_ADDRESSES.md). |

---