Skip to content

Implement secure file upload with malware scanning #401

Open
Open
Implement secure file upload with malware scanning#401
Labels
200-points200 point issuedrips-waveIssues in the Drips Wave programhighHigh complexity issue
@Smartdevs17

Description

@Smartdevs17
Smartdevs17
opened on May 24, 2026

Description

File uploads (dispute evidence, KYC docs) are accepted without validation or scanning. Implement file type validation, size limits, and malware scanning.

Acceptance Criteria

  • File type validation (MIME type, magic bytes)
  • File size limits with configurable thresholds
  • Malware scanning via ClamAV integration
  • Secure file storage with access control
  • Automatic quarantine of suspicious files
  • File retention and scheduled cleanup

Technical Scope

  • backend/src/middleware/
  • backend/src/routes/
  • infra/
  • Edge: archive bombs (zip, tar), polyglot files, exif data leakage

Metadata

Metadata

Assignees

No one assigned

    Labels

    200-points200 point issuedrips-waveIssues in the Drips Wave programhighHigh complexity issue

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions