epic-backend-architecture

Guide for epic-backend-architecture

Epic: Backend & Architecture

Security, Performance, Database, and API development.

Missions Completed

🔴 Critical Security

Mission INTEGRITY-PROTECT: Anti-Cheat (2026-01-20)

Role: Principal Engineer - Security
  • Heuristics Engine: detect_robotic_precision, macro_sequence_detection
  • Shadow Banning: shadow_banned flag degrades drop tables
  • Behavior Monitor: Fatigue tracking, Honeypot detection
  • Player Reports: /integrity/report API endpoint

Mission ITEM-INTEGRITY: Duplication Prevention (2026-01-19)

Role: Principal Engineer - Game Systems
  • Atomic Save Writes: Temp-rename pattern, 3-slot backup
  • Trade Escrow: Atomic item swapping with locking
  • Inventory Nonces: Sequence numbers prevent replay attacks
  • Dupe Detector: 5-min background job, Discord alerting

Mission ANTI-BOT-INFRASTRUCTURE (2026-01-17)

  • XP Rate Limiter: Hard caps on XP/hr
  • Heuristics Engine: Variance analysis for bot detection
  • Bija/Tapasya Auditing: Server-side resource validation

Mission S: Security Hardening (2026-01-15)

  • Bank Atomicity: Transaction-based withdrawals
  • WebSocket DoS Fix: Bounded channel (256)
  • Auth Deduplication: Centralized Argon2id

🟠 Architecture & Performance

Mission ENGINE-STRESS: Mass Simulation (2026-01-20)

Role: Principal Engineer - Performance
  • Load Test Client: load-test-client crate with bot roles
  • Observability Stack: Prometheus, Grafana (port 6006)
  • SRE Dashboard: CPU, Memory, Tick Time panels
  • Spawn Tool: spawn_bots.sh for 2k CCU testing

Mission BACKEND-CORE: Architecture (2026-01-17)

  • Auth Bypass Fix: create_order verification
  • Rate Limiting: tower_governor for public routes
  • Multi-Profile Schema: Master Account → N Game Profiles
  • Sharding Logic: Zone-based state partitioning
  • A* Optimization: JPS/Hierarchical for 2000 players

Mission CORE-DIFFERENTIATION: Combat Stats (2026-01-19)

  • Custom XP Curve: 5-tier with Level 108 cap
  • 0.4s Tick Rate: 50% faster than OSRS
  • 6 New Modules: Stances, Combo/Crit, Dodge/Parry, Inventory Grid, Prayer Drain, Death System

🟡 Data & Database

Mission DB-SCHEMA: Schema Updates (2026-01-16)

  • attack_speed column added to item_bonuses
  • HP migration script for formula changes
  • Slayer tables: slayer_tasks, slayer_masters

Mission IMPLEMENTATION-PHASE-1: Test Automation (2026-01-19)

  • Coverage: cargo-llvm-cov baseline reporting
  • 363+ unit tests in logic-core
  • Docker-based PostgreSQL integration tests

Mission AM: PostgreSQL Integration Testing (2026-01-13)

  • Ephemeral Postgres via Docker Compose
  • CI Integration: cargo test --ignored
  • Critical path tests for combat, market, bank

📊 Analytics & Observability

Mission N: Infrastructure Monitoring (2026-01-12)

  • Prometheus: cadvisor, node-exporter scraping
  • Alertmanager: Email/webhook routes
  • Alert Rules: High CPU, OOM, Disk Full, Crash Loop

Mission M: Analytics Enhancements (2026-01-13)

  • RabbitMQ Integration for WebSocket analytics
  • PII Hashing at rest

Mission O: PagerDuty Integration (2026-01-13)

  • Alertmanager → PagerDuty routing
  • Severity-based paging (critical only)