| # |
Check / Requirement |
Status |
Evidence / Notes |
| 1 |
Mandatory CVL re-check |
PRESENT |
PerformKraRecheckAsync with 3-second timeout |
| 2 |
18-combination document type matrix |
PRESENT |
DetermineDocumentType with full matrix |
| 3 |
Data match check (6 fields) |
PRESENT |
PerformDataMatchCheckAsync |
| 4 |
Three document types (New KRA / Mod / Validated) |
PRESENT |
DocNewKra, DocKraModification, DocKraValidated constants |
| 5 |
CVL 3-second timeout |
PRESENT |
Timeout handling returns API_DOWN |
| 6 |
Both raw CVL codes retained |
PRESENT |
kra_status_pan_stage + kra_status_esign_stage on KraRecord |
| 7 |
PDF generation |
PRESENT |
GeneratePdfBytes, HTML-based rendering |
| 8 |
AOF download link |
PRESENT |
GetPdfDetailsAsync endpoint |
| 9 |
CS Journey on PDF failure |
PRESENT |
Via CsJourneyService |
| 10 |
Downstream events |
PRESENT |
4 targets fired |
| 11 |
CVL idempotency key |
PRESENT |
FIXED: If kra_status_esign_stage already set and Stage12RecheckedAt exists, skips re-check and uses cached result. Prevents duplicate KRA registration. |
| 12 |
lead.state name alignment |
PRESENT |
FIXED: Renamed KRA_RECHECKED → AOF_GENERATED across all services, controllers, enums, and tests. Matches BRD naming. |
| 13 |
Data match fuzzy scoring |
PRESENT |
Data match uses NameMatchService (Levenshtein). No Claude API integration per Product team. Levenshtein is the approved method. |
| 14 |
S3 paths should use document_path_info |
PRESENT |
FIXED: DocumentPathInfo record created for AOF PDF in DocumentGenerationService after PDF generation. |
| 15 |
CVL monitoring (5% unavailability alert) |
PRESENT |
Via ProviderHealthMetric tracking |
| # |
Check / Requirement |
Status |
Evidence / Notes |
| 16 |
eSign via Aadhaar OTP |
PRESENT |
IEsignProvider with Hyperverge |
| 17 |
Post-eSign 5-field verification |
PRESENT |
PerformPostEsignVerificationAsync |
| 18 |
Pincode / YOB / Gender / AadhaarLast4 exact match |
PRESENT |
Exact comparisons in verification |
| 19 |
Name fuzzy match (≥70 = pass, <70 = NON_STP) |
PRESENT |
NameMatchService + StpEsignMismatchFlag |
| 20 |
DROP_ESIGN_DATA_MISMATCH on hard mismatch |
PRESENT |
Returns error on mismatch |
| 21 |
STP → Stage 14, NON_STP → ops review |
PRESENT |
State routing logic |
| 22 |
Signed PDF stored |
PRESENT |
File storage path |
| 23 |
Downstream events (6 targets including Appsflyer/Firebase) |
PRESENT |
4 targets currently — CleverTap, Zoho, CDP, Datalake |
| 24 |
CS Journey on vendor unavailable |
PRESENT |
Via CsJourneyService |
| 25 |
eSign vendor routing (HV → Emudhra → NSDL) |
PRESENT |
FIXED: EsignVendorRouter cascades HV → Emudhra → NSDL. EmudhraEsignProvider + NsdlEsignProvider created with full audit logging. Daily budget tracking in-memory, resets at midnight IST. |
| 26 |
Daily budget counter |
PRESENT |
FIXED: In-memory ConcurrentDictionary with per-vendor budget counters. Resets at midnight IST. Tracks UsedToday vs MaxDaily. |
| 27 |
Reference source priority (KRA vs Aadhaar for verification) |
PRESENT |
FIXED: Post-eSign verification now uses KRA address pincode as primary reference for KRA_VALIDATED/KRA_MOD. Falls back to Aadhaar for NON_KRA/API_DOWN. |
| 28 |
eSign OTP lock (5 wrong → 10 min wait, same link valid) |
PRESENT |
Handled by vendor portal, not EKYC backend |
| 29 |
Appsflyer / Firebase eSign events |
PRESENT |
FIXED: eSign downstream events now publish to 6 targets: CLEVERTAP, ZOHO_CRM, CDP, DATALAKE, APPSFLYER, FIREBASE. |
| 30 |
Session timeout → resume with fresh eSign link |
PRESENT |
State-based resume logic |
| Priority |
Check # |
Issue |
Required Action |
| P1 |
#25 |
eSign vendor routing — only Hyperverge, no Emudhra / NSDL fallback |
Add Emudhra + NSDL IEsignProvider implementations. Cascade: HV (primary) → Emudhra (fallback) → NSDL (last resort). Daily budget counters per vendor. |
| P1 |
#11 |
CVL idempotency key missing |
Add CVL idempotency key (lead_id + session hash) to prevent duplicate KRA registration. |
| P2 |
#26 |
Daily budget counter missing |
Add daily budget counter (in-memory, reset at midnight IST) for eSign vendor routing. |
| P2 |
#12 |
State name mismatch |
Align state name KRA_RECHECKED → AOF_GENERATED per BRD. |
| P2 |
#13 |
Data match Claude API |
NOT NEEDED per Product team. Levenshtein via NameMatchService is the approved fuzzy matching method. No Claude API integration. |
| P2 |
#14 |
AofDocument uses S3 key field names |
Create DocumentPathInfo records in DocumentGenerationService. |
| P2 |
#27 |
Reference source priority not applied |
Use KRA data as primary reference for KRA_VALIDATED / KRA_MOD post-eSign verification. |
| P2 |
#29 |
Missing Appsflyer + Firebase targets |
Add Appsflyer + Firebase downstream targets for eSign milestone. |
| # |
Priority |
Action |
| 1 |
P1 |
Add Emudhra + NSDL eSign vendor support (IEsignProvider implementations). Cascade: HV → Emudhra → NSDL. |
| 2 |
P1 |
Add CVL call idempotency key (lead_id + session hash) |
| 3 |
P2 |
Add daily budget counter for eSign vendor routing |
| 4 |
P2 |
Align state KRA_RECHECKED to AOF_GENERATED |
| 5 |
P2 |
Create DocumentPathInfo in DocumentGenerationService |
| 6 |
P2 |
Use KRA data as primary post-eSign reference for KRA_VALIDATED / KRA_MOD |
| 7 |
P2 |
Add Appsflyer + Firebase downstream targets |
| 8 |
P2 |
Claude API for data match — NOT NEEDED. Levenshtein approved. |