Developer Documentation

Disaster Recovery

Disaster Recovery

Targets

• RPO: start with 24 hours for pilot, reduce after provider integrations.
• RTO: start with 4 hours for pilot, reduce after automated restore tests.

Restore Process

1. Enable maintenance mode.

2. Stop workers.

3. Restore database backup into staging first.

4. Restore storage files: KYC documents, exports, logs if required.

5. Re-run migrations only after confirming target schema.

6. Run health checks and reconciliation.

7. Restart workers and disable maintenance.

Provider Outage

Switch affected provider configs to maintenance, keep verification/reconciliation workers running, and queue retries.

Webhook Replay

Use stored webhook_events payloads. Prevent duplicate processing with provider event IDs and provider references.

Settlement Failure

Freeze settlement generation for affected merchants, reconcile internal/provider records, and use reversal workflow where required.

Security Incident

Lock affected accounts, revoke refresh tokens, rotate secrets, preserve logs, notify leadership, and prepare breach notification if personal data exposure is confirmed.