Production Readiness
Rollback
Rollback paths for documentation, integration, and incident response.
Rollback
Rollback path depends on failure type.
Configuration rollback
Use when problem came from:
- wrong webhook secret
- wrong API key deployment
- wrong market visibility mode
- wrong wallet adapter config
Flow:
- stop new risky traffic if needed
- restore last known-good config
- run focused smoke checks
- replay failed webhooks only after fix confirmed
Application rollback
Use when operator-side deploy broke:
- signature verification
- raw body handling
- wallet adapter responses
- operation lookup behavior
Flow:
- deploy previous stable version
- verify launch
- verify one non-money health check if available
- verify webhook receiver and lookup path
Incident guardrails
- do not replay money-related requests blindly
- do not create new idempotency keys for same business action during investigation
- do not rotate multiple variables at once unless compromise confirmed
After rollback
- collect failing IDs and timestamps
- compare last good vs first bad change
- update troubleshooting docs if new failure mode discovered