@seasonkoh/webaz 0.1.24 → 0.1.26

package/dist/pwa/routes/disputes-write.js

@@ -4,6 +4,9 @@ import { transition, settleFault, settleDeclinedNoFault } from '../../layer0-fou
 // RFC-014 PR5 — 争议后佣金/基金 clawback 走整数 base-units + 绝对值落库。
 import { toUnits, toDecimal, mulRate } from '../../money.js';
 import { applyWalletDelta } from '../../ledger.js';
+// RFC-016 Phase 1 — 纯只读端点/校验读/SNF 分发读/标记写 → async seam;arbitrate 仲裁核心(原子领取 +
+//   2 settlement db.transaction + reputation/strike/publish)与 tx 内 appendAuditLog 保持同步(Phase 3 迁 pg)。
+import { dbOne, dbAll, dbRun } from '../../layer0-foundation/L0-1-database/db.js';
 export function registerDisputesWriteRoutes(app, deps) {
     const { db, auth, generateId, detectFraud, errorRes, isEligibleArbitrator, requireHumanPresence, getDisputeDetails, respondToDispute, arbitrateDispute, addPartyEvidence, requestEvidence, markEvidenceExpiry, uploadEvidence, EVIDENCE_MAX_BYTES, EVIDENCE_ALLOWED_MIME, appendOrderEvent, FUND_BASE_RATE, settleCommission, depositToFund, calculatePv, recordDisputeReputation, issueAgentStrike, publishDisputeCase, logAdminAction, snfSend, getProtocolParam } = deps;
     // ── RFC-007 stage 5：客观拒单【临时判责】的仲裁翻案 ─────────────────────────────
@@ -11,23 +14,23 @@ export function registerDisputesWriteRoutes(app, deps) {
     //   仲裁员(真实人工 + WebAuthn)裁决:uphold → declined_nofault(免责全退+退质押);reject → 违约结算。
     const SYS = 'sys_protocol';
     // 仲裁员待办:列出所有被举证的临时判责拒单
-    app.get('/api/admin/decline-contests', (req, res) => {
+    app.get('/api/admin/decline-contests', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
         const elig = isEligibleArbitrator(user.id);
         if (!elig.ok)
             return void errorRes(res, 403, 'NOT_ARBITRATOR', elig.reason || '仅限仲裁员');
-        const rows = db.prepare(`
+        const rows = await dbAll(`
       SELECT id AS order_id, buyer_id, seller_id, product_id, total_amount, decline_reason_code, declined_at, decline_contest_deadline
       FROM orders
       WHERE status = 'fault_seller' AND COALESCE(decline_objective_pending,0)=1 AND COALESCE(decline_contested,0)=1 AND settled_fault_at IS NULL
       ORDER BY declined_at ASC
-    `).all();
+    `);
         res.json({ contests: rows });
     });
     // 仲裁员裁决
-    app.post('/api/admin/decline-contests/:orderId/resolve', (req, res) => {
+    app.post('/api/admin/decline-contests/:orderId/resolve', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -43,7 +46,7 @@ export function registerDisputesWriteRoutes(app, deps) {
             return void errorRes(res, 400, 'BAD_DECISION', "decision 必须为 'uphold'(认定无责) 或 'reject'(驳回,判违约)");
         if (!reason || !String(reason).trim())
             return void errorRes(res, 400, 'REASON_REQUIRED', '请提供裁决理由');
-        const order = db.prepare('SELECT * FROM orders WHERE id = ?').get(req.params.orderId);
+        const order = await dbOne('SELECT * FROM orders WHERE id = ?', [req.params.orderId]);
         if (!order)
             return void res.status(404).json({ error: '订单不存在' });
         if (order.status !== 'fault_seller' || Number(order.decline_objective_pending) !== 1 || Number(order.decline_contested) !== 1 || order.settled_fault_at) {
@@ -73,12 +76,12 @@ export function registerDisputesWriteRoutes(app, deps) {
         res.json({ success: true, outcome: 'fault_seller', note: '裁决:驳回。按违约结算,买家已全额退款,卖家质押按规则罚没。' });
     });
     // 被诉方反驳
-    app.post('/api/disputes/:id/respond', (req, res) => {
+    app.post('/api/disputes/:id/respond', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
         const { notes = '', evidence_description = '' } = req.body;
-        const dispute = getDisputeDetails(db, req.params.id);
+        const dispute = await getDisputeDetails(db, req.params.id);
         if (!dispute)
             return void res.status(404).json({ error: '争议不存在' });
         if (dispute.defendant_id !== user.id)
@@ -97,7 +100,7 @@ export function registerDisputesWriteRoutes(app, deps) {
         res.json({ success: true, message: result.message });
     });
     // 仲裁员裁定
-    app.post('/api/disputes/:id/arbitrate', (req, res) => {
+    app.post('/api/disputes/:id/arbitrate', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -128,7 +131,7 @@ export function registerDisputesWriteRoutes(app, deps) {
                 }
             }
         }
-        const dispute = getDisputeDetails(db, req.params.id);
+        const dispute = await getDisputeDetails(db, req.params.id);
         if (!dispute)
             return void res.status(404).json({ error: '争议不存在' });
         // P0: 防"任意仲裁员裁决任意争议"
@@ -345,7 +348,7 @@ export function registerDisputesWriteRoutes(app, deps) {
         res.json({ success: true, message: result.message, settlement: result.settlement });
     });
     // 参与方主动举证（text）+ SNF 信封分发
-    app.post('/api/disputes/:id/add-evidence', (req, res) => {
+    app.post('/api/disputes/:id/add-evidence', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -360,14 +363,13 @@ export function registerDisputesWriteRoutes(app, deps) {
         const evReasons = detectFraud(rawDesc);
         if (evReasons.length > 0 && result.evidenceId) {
             try {
-                db.prepare(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`)
-                    .run(JSON.stringify(evReasons), result.evidenceId);
+                await dbRun(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`, [JSON.stringify(evReasons), result.evidenceId]);
             }
             catch { }
         }
         // 协议层：作为签名 SNF 信封投到对方 + 已分配仲裁员 inbox
         try {
-            const d = db.prepare(`SELECT order_id, initiator_id, defendant_id, assigned_arbitrators FROM disputes WHERE id = ?`).get(req.params.id);
+            const d = await dbOne(`SELECT order_id, initiator_id, defendant_id, assigned_arbitrators FROM disputes WHERE id = ?`, [req.params.id]);
             if (d) {
                 const uid = user.id;
                 const recipients = new Set();
@@ -419,7 +421,7 @@ export function registerDisputesWriteRoutes(app, deps) {
         next();
     };
     // N: limit 精确 = EVIDENCE_MAX_BYTES
-    app.post('/api/disputes/:id/evidence-blob', lightAuthGuard, express.raw({ type: 'application/octet-stream', limit: EVIDENCE_MAX_BYTES }), (req, res) => {
+    app.post('/api/disputes/:id/evidence-blob', lightAuthGuard, express.raw({ type: 'application/octet-stream', limit: EVIDENCE_MAX_BYTES }), async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -458,15 +460,13 @@ export function registerDisputesWriteRoutes(app, deps) {
             const evReasons = detectFraud(description);
             if (evReasons.length > 0 && out.id) {
                 try {
-                    db.prepare(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`)
-                        .run(JSON.stringify(evReasons), out.id);
+                    await dbRun(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`, [JSON.stringify(evReasons), out.id]);
                 }
                 catch { }
             }
             // SNF 信封投递
             try {
-                const d = db.prepare(`SELECT order_id, initiator_id, defendant_id, assigned_arbitrators FROM disputes WHERE id = ?`)
-                    .get(req.params.id);
+                const d = await dbOne(`SELECT order_id, initiator_id, defendant_id, assigned_arbitrators FROM disputes WHERE id = ?`, [req.params.id]);
                 if (d) {
                     const uid = user.id;
                     const recipients = new Set();
@@ -549,8 +549,8 @@ export function registerDisputesWriteRoutes(app, deps) {
     // Both endpoints require caller is one of dispute.assigned_arbitrators.
     // Repause(extend) allowed — each pause writes an audit_log entry.
     // No Iron-Rule Passkey: routine arbitrator action, fully audit-traceable.
-    function isAssignedArbitrator(disputeId, userId) {
-        const row = db.prepare(`SELECT assigned_arbitrators FROM disputes WHERE id = ?`).get(disputeId);
+    async function isAssignedArbitrator(disputeId, userId) {
+        const row = await dbOne(`SELECT assigned_arbitrators FROM disputes WHERE id = ?`, [disputeId]);
         if (!row)
             return false;
         let arr = [];
@@ -585,7 +585,7 @@ export function registerDisputesWriteRoutes(app, deps) {
             return text; // unparseable — leave as is
         return new Date(ms + secondsToAdd * 1000).toISOString();
     }
-    app.post('/api/disputes/:id/arbitrator-pause-auto-judge', (req, res) => {
+    app.post('/api/disputes/:id/arbitrator-pause-auto-judge', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -605,7 +605,7 @@ export function registerDisputesWriteRoutes(app, deps) {
         if (untilTs > maxAllowed) {
             return void errorRes(res, 400, 'EXCEEDS_MAX_HOURS', `until_ts 超过最大暂停窗口 ${maxHours}h(playbook §2.1)`);
         }
-        const dispute = db.prepare(`SELECT id, status, ruling_type, assigned_arbitrators, auto_judge_paused_until, respond_deadline, arbitrate_deadline FROM disputes WHERE id = ?`).get(disputeId);
+        const dispute = await dbOne(`SELECT id, status, ruling_type, assigned_arbitrators, auto_judge_paused_until, respond_deadline, arbitrate_deadline FROM disputes WHERE id = ?`, [disputeId]);
         if (!dispute)
             return void errorRes(res, 404, 'NOT_FOUND', 'dispute 不存在');
         if (dispute.ruling_type) {
@@ -614,7 +614,7 @@ export function registerDisputesWriteRoutes(app, deps) {
         if (dispute.status !== 'open' && dispute.status !== 'in_review') {
             return void errorRes(res, 409, 'WRONG_STATUS', `status='${dispute.status}',只能 pause open / in_review`);
         }
-        if (!isAssignedArbitrator(disputeId, userId)) {
+        if (!await isAssignedArbitrator(disputeId, userId)) {
             return void errorRes(res, 403, 'NOT_ASSIGNED_ARBITRATOR', '仅 assigned_arbitrators 可暂停自动判定时钟');
         }
         // P0 fix:计算 deadline 扩展秒数
@@ -622,32 +622,64 @@ export function registerDisputesWriteRoutes(app, deps) {
         // - repause(已经 paused):increment = untilTs - existing_paused_until(可能 < 0,clamp 0)
         // 这样多次 pause 累加正确;repause 缩短无效果(只 audit_log 记)
         const nowSec = Math.floor(Date.now() / 1000);
-        const baseline = dispute.auto_judge_paused_until && dispute.auto_judge_paused_until > nowSec
-            ? dispute.auto_judge_paused_until
-            : nowSec;
-        const incrementSec = Math.max(0, untilTs - baseline);
-        db.transaction(() => {
-            // 扩展 deadline(若 increment > 0)
-            let newRespondDeadline = dispute.respond_deadline;
-            let newArbitrateDeadline = dispute.arbitrate_deadline;
-            if (incrementSec > 0) {
-                newRespondDeadline = extendIsoDeadlineBySeconds(dispute.respond_deadline, incrementSec);
-                newArbitrateDeadline = extendIsoDeadlineBySeconds(dispute.arbitrate_deadline, incrementSec);
-                db.prepare(`UPDATE disputes SET respond_deadline = ?, arbitrate_deadline = ? WHERE id = ?`)
-                    .run(newRespondDeadline, newArbitrateDeadline, disputeId);
-            }
-            db.prepare(`UPDATE disputes SET auto_judge_paused_until = ?, auto_judge_pause_reason = ? WHERE id = ?`)
-                .run(untilTs, reason, disputeId);
-            appendAuditLog(disputeId, {
-                event: 'arbitrator_pause_auto_judge',
-                actor: userId,
-                reason,
-                until_ts: untilTs,
-                deadline_extended_seconds: incrementSec,
-                is_repause: dispute.auto_judge_paused_until !== null && dispute.auto_judge_paused_until > nowSec,
-                spec_ref: 'playbook §2.1',
-            });
-        })();
+        // Codex #229 P1:上面的 await 预检与同步 tx 之间有 yield,dispute 的 status/ruling/
+        // assignment 可能已变。所有授权+状态判定 + baseline/increment 计算必须基于【tx 内重读】的行,
+        // 先于任何写抛回滚;预检仅作友好 fast-fail。
+        let incrementSec = 0;
+        let isRepause = false;
+        try {
+            db.transaction(() => {
+                const d = db.prepare(`SELECT status, ruling_type, assigned_arbitrators, auto_judge_paused_until, respond_deadline, arbitrate_deadline FROM disputes WHERE id = ?`).get(disputeId);
+                if (!d)
+                    throw new Error('DW_NOT_FOUND');
+                if (d.ruling_type)
+                    throw new Error('DW_ALREADY_RULED');
+                if (d.status !== 'open' && d.status !== 'in_review')
+                    throw new Error('DW_WRONG_STATUS');
+                let assigned = [];
+                try {
+                    assigned = JSON.parse(d.assigned_arbitrators || '[]');
+                }
+                catch {
+                    assigned = [];
+                }
+                if (!assigned.includes(userId))
+                    throw new Error('DW_NOT_ASSIGNED');
+                const baseline = d.auto_judge_paused_until && d.auto_judge_paused_until > nowSec ? d.auto_judge_paused_until : nowSec;
+                incrementSec = Math.max(0, untilTs - baseline);
+                isRepause = d.auto_judge_paused_until !== null && d.auto_judge_paused_until > nowSec;
+                // 扩展 deadline(若 increment > 0)— 基于 tx 内重读的 deadline,非陈旧预检值
+                if (incrementSec > 0) {
+                    const newRespondDeadline = extendIsoDeadlineBySeconds(d.respond_deadline, incrementSec);
+                    const newArbitrateDeadline = extendIsoDeadlineBySeconds(d.arbitrate_deadline, incrementSec);
+                    db.prepare(`UPDATE disputes SET respond_deadline = ?, arbitrate_deadline = ? WHERE id = ?`)
+                        .run(newRespondDeadline, newArbitrateDeadline, disputeId);
+                }
+                db.prepare(`UPDATE disputes SET auto_judge_paused_until = ?, auto_judge_pause_reason = ? WHERE id = ?`)
+                    .run(untilTs, reason, disputeId);
+                appendAuditLog(disputeId, {
+                    event: 'arbitrator_pause_auto_judge',
+                    actor: userId,
+                    reason,
+                    until_ts: untilTs,
+                    deadline_extended_seconds: incrementSec,
+                    is_repause: isRepause,
+                    spec_ref: 'playbook §2.1',
+                });
+            })();
+        }
+        catch (e) {
+            const msg = e.message;
+            if (msg === 'DW_NOT_FOUND')
+                return void errorRes(res, 404, 'NOT_FOUND', 'dispute 不存在');
+            if (msg === 'DW_ALREADY_RULED')
+                return void errorRes(res, 409, 'ALREADY_RULED', '已裁决的 dispute 不能暂停自动判定时钟');
+            if (msg === 'DW_WRONG_STATUS')
+                return void errorRes(res, 409, 'WRONG_STATUS', 'dispute 状态已变更,只能 pause open / in_review');
+            if (msg === 'DW_NOT_ASSIGNED')
+                return void errorRes(res, 403, 'NOT_ASSIGNED_ARBITRATOR', '仅 assigned_arbitrators 可暂停自动判定时钟');
+            throw e;
+        }
         res.json({
             success: true,
             dispute_id: disputeId,
@@ -660,13 +692,13 @@ export function registerDisputesWriteRoutes(app, deps) {
                 : 'pause 已记录(repause 缩短无 deadline 变化)。',
         });
     });
-    app.post('/api/disputes/:id/arbitrator-resume-auto-judge', (req, res) => {
+    app.post('/api/disputes/:id/arbitrator-resume-auto-judge', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
         const userId = user.id;
         const disputeId = req.params.id;
-        const dispute = db.prepare(`SELECT id, ruling_type, auto_judge_paused_until FROM disputes WHERE id = ?`).get(disputeId);
+        const dispute = await dbOne(`SELECT id, ruling_type, auto_judge_paused_until FROM disputes WHERE id = ?`, [disputeId]);
         if (!dispute)
             return void errorRes(res, 404, 'NOT_FOUND', 'dispute 不存在');
         if (dispute.ruling_type) {
@@ -675,18 +707,49 @@ export function registerDisputesWriteRoutes(app, deps) {
         if (!dispute.auto_judge_paused_until) {
             return void errorRes(res, 409, 'NOT_PAUSED', '当前未暂停,无需 resume');
         }
-        if (!isAssignedArbitrator(disputeId, userId)) {
+        if (!await isAssignedArbitrator(disputeId, userId)) {
             return void errorRes(res, 403, 'NOT_ASSIGNED_ARBITRATOR', '仅 assigned_arbitrators 可 resume');
         }
-        db.transaction(() => {
-            db.prepare(`UPDATE disputes SET auto_judge_paused_until = NULL, auto_judge_pause_reason = NULL WHERE id = ?`)
-                .run(disputeId);
-            appendAuditLog(disputeId, {
-                event: 'arbitrator_resume_auto_judge',
-                actor: userId,
-                spec_ref: 'playbook §2.1',
-            });
-        })();
+        // Codex #229 P1:tx 内重读 + 重判授权/状态,先于任何写抛回滚;上面 await 预检仅友好 fast-fail。
+        try {
+            db.transaction(() => {
+                const d = db.prepare(`SELECT ruling_type, assigned_arbitrators, auto_judge_paused_until FROM disputes WHERE id = ?`).get(disputeId);
+                if (!d)
+                    throw new Error('DW_NOT_FOUND');
+                if (d.ruling_type)
+                    throw new Error('DW_ALREADY_RULED');
+                if (!d.auto_judge_paused_until)
+                    throw new Error('DW_NOT_PAUSED');
+                let assigned = [];
+                try {
+                    assigned = JSON.parse(d.assigned_arbitrators || '[]');
+                }
+                catch {
+                    assigned = [];
+                }
+                if (!assigned.includes(userId))
+                    throw new Error('DW_NOT_ASSIGNED');
+                db.prepare(`UPDATE disputes SET auto_judge_paused_until = NULL, auto_judge_pause_reason = NULL WHERE id = ?`)
+                    .run(disputeId);
+                appendAuditLog(disputeId, {
+                    event: 'arbitrator_resume_auto_judge',
+                    actor: userId,
+                    spec_ref: 'playbook §2.1',
+                });
+            })();
+        }
+        catch (e) {
+            const msg = e.message;
+            if (msg === 'DW_NOT_FOUND')
+                return void errorRes(res, 404, 'NOT_FOUND', 'dispute 不存在');
+            if (msg === 'DW_ALREADY_RULED')
+                return void errorRes(res, 409, 'ALREADY_RULED', '已裁决的 dispute 不需 resume');
+            if (msg === 'DW_NOT_PAUSED')
+                return void errorRes(res, 409, 'NOT_PAUSED', '当前未暂停,无需 resume');
+            if (msg === 'DW_NOT_ASSIGNED')
+                return void errorRes(res, 403, 'NOT_ASSIGNED_ARBITRATOR', '仅 assigned_arbitrators 可 resume');
+            throw e;
+        }
         res.json({ success: true, dispute_id: disputeId, note: '自动判定时钟已解冻' });
     });
 }

package/dist/pwa/routes/evidence.js

@@ -1,14 +1,15 @@
 import { readEvidenceBlob, withdrawEvidence, verifyEvidenceSig, listEvidence as listEvidenceFiles } from '../../layer3-trust/L3-1-dispute-engine/evidence-storage.js';
 import { submitEvidenceForRequest } from '../../layer3-trust/L3-1-dispute-engine/dispute-engine.js';
+import { dbOne, dbRun } from '../../layer0-foundation/L0-1-database/db.js'; // RFC-016 异步 DB seam
 export function registerEvidenceRoutes(app, deps) {
     const { db, auth, detectFraud } = deps;
     // 下载证据 blob（仅参与方/仲裁员）
-    app.get('/api/evidence/:id/blob', (req, res) => {
+    app.get('/api/evidence/:id/blob', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
         try {
-            const out = readEvidenceBlob(db, req.params.id, user.id);
+            const out = await readEvidenceBlob(db, req.params.id, user.id);
             res.setHeader('Content-Type', out.mime);
             res.setHeader('X-Content-Hash', out.hash);
             res.setHeader('Cache-Control', 'private, max-age=300');
@@ -45,23 +46,23 @@ export function registerEvidenceRoutes(app, deps) {
         }
     });
     // 验签 — 任意参与方
-    app.get('/api/evidence/:id/verify', (req, res) => {
+    app.get('/api/evidence/:id/verify', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
-        const ev = db.prepare('SELECT dispute_id FROM evidence WHERE id = ?').get(req.params.id);
+        const ev = await dbOne('SELECT dispute_id FROM evidence WHERE id = ?', [req.params.id]);
         if (!ev)
             return void res.status(404).json({ error: 'evidence_not_found' });
         try {
-            listEvidenceFiles(db, ev.dispute_id, user.id);
+            await listEvidenceFiles(db, ev.dispute_id, user.id);
         } // 复用鉴权
         catch {
             return void res.status(403).json({ error: 'not_dispute_party' });
         }
-        res.json(verifyEvidenceSig(db, req.params.id));
+        res.json(await verifyEvidenceSig(db, req.params.id));
     });
     // 当事人提交补充证据响应（仲裁员 request 后用）
-    app.post('/api/evidence-requests/:requestId/submit', (req, res) => {
+    app.post('/api/evidence-requests/:requestId/submit', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -76,8 +77,7 @@ export function registerEvidenceRoutes(app, deps) {
         const evReasons = detectFraud(rawDesc);
         if (evReasons.length > 0 && result.evidenceId) {
             try {
-                db.prepare(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`)
-                    .run(JSON.stringify(evReasons), result.evidenceId);
+                await dbRun(`UPDATE evidence SET flag_reasons = ? WHERE id = ?`, [JSON.stringify(evReasons), result.evidenceId]);
             }
             catch { }
         }

package/dist/pwa/routes/external-anchors.js

@@ -1,3 +1,4 @@
+import { dbAll } from '../../layer0-foundation/L0-1-database/db.js'; // RFC-016 异步 DB seam
 import { createAnchor, verifyAnchorSignature, revokeAnchor, issueOwnershipToken, submitVerification, getAnchor, listAnchorsByProduct, listAnchorsBySeller, distributeAnchorRewards, ANCHOR_VERIFICATION_FEE_RECOMMENDED, } from '../../layer1-agent/L1-2-external-anchor/anchor-engine.js';
 export function registerExternalAnchorsRoutes(app, deps) {
     const { db, auth } = deps;
@@ -24,14 +25,14 @@ export function registerExternalAnchorsRoutes(app, deps) {
         }
     });
     // 透出推荐 fee + anchor 的奖励情况
-    app.get('/api/external-anchors/:id/rewards', (req, res) => {
-        const a = getAnchor(db, req.params.id);
+    app.get('/api/external-anchors/:id/rewards', async (req, res) => {
+        const a = await getAnchor(db, req.params.id);
         if (!a)
             return void res.status(404).json({ error: 'anchor 不存在' });
-        const verifications = db.prepare(`
+        const verifications = await dbAll(`
       SELECT verifier_id, verifier_role, content_matches, token_found, reward_amount, verified_at
       FROM external_anchor_verifications WHERE anchor_id = ? ORDER BY verified_at ASC
-    `).all(req.params.id);
+    `, [req.params.id]);
         res.json({
             verification_fee: a.verification_fee || 0,
             fee_paid_out: !!a.fee_paid_out,
@@ -51,20 +52,20 @@ export function registerExternalAnchorsRoutes(app, deps) {
         const paid = distributeAnchorRewards(db, req.params.id);
         res.json({ ok: true, paid });
     });
-    app.get('/api/external-anchors/by-product/:id', (req, res) => {
-        res.json({ items: listAnchorsByProduct(db, req.params.id) });
+    app.get('/api/external-anchors/by-product/:id', async (req, res) => {
+        res.json({ items: await listAnchorsByProduct(db, req.params.id) });
     });
-    app.get('/api/external-anchors/by-seller/:id', (req, res) => {
-        res.json({ items: listAnchorsBySeller(db, req.params.id) });
+    app.get('/api/external-anchors/by-seller/:id', async (req, res) => {
+        res.json({ items: await listAnchorsBySeller(db, req.params.id) });
     });
-    app.get('/api/external-anchors/:id', (req, res) => {
-        const a = getAnchor(db, req.params.id);
+    app.get('/api/external-anchors/:id', async (req, res) => {
+        const a = await getAnchor(db, req.params.id);
         if (!a)
             return void res.status(404).json({ error: 'anchor 不存在' });
         res.json(a);
     });
-    app.get('/api/external-anchors/:id/verify-sig', (req, res) => {
-        res.json(verifyAnchorSignature(db, req.params.id));
+    app.get('/api/external-anchors/:id/verify-sig', async (req, res) => {
+        res.json(await verifyAnchorSignature(db, req.params.id));
     });
     app.post('/api/external-anchors/:id/revoke', (req, res) => {
         const user = auth(req, res);

package/dist/pwa/routes/feedback.js

@@ -1,8 +1,9 @@
+import { dbOne, dbAll, dbRun } from '../../layer0-foundation/L0-1-database/db.js'; // RFC-016 异步 DB seam
 const VALID_FEEDBACK_CAT = new Set(['bug', 'abuse', 'feature', 'account', 'other']);
 const VALID_FEEDBACK_SEV = new Set(['low', 'medium', 'high']);
 export function registerFeedbackRoutes(app, deps) {
     const { db, generateId, auth, broadcastSystemEvent, detectFraud, anthropic } = deps;
-    app.post('/api/feedback', (req, res) => {
+    app.post('/api/feedback', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -16,12 +17,11 @@ export function registerFeedbackRoutes(app, deps) {
             return void res.status(400).json({ error: '标题 4-80 字' });
         if (bod.length < 10 || bod.length > 2000)
             return void res.status(400).json({ error: '正文 10-2000 字' });
-        const recent = db.prepare(`SELECT COUNT(*) as n FROM feedback_tickets WHERE user_id = ? AND created_at > datetime('now', '-1 hour')`).get(user.id).n;
+        const recent = (await dbOne(`SELECT COUNT(*) as n FROM feedback_tickets WHERE user_id = ? AND created_at > datetime('now', '-1 hour')`, [user.id])).n;
         if (recent >= 5)
             return void res.status(429).json({ error: '提交过于频繁，请稍后再试' });
         const id = generateId('fbk');
-        db.prepare(`INSERT INTO feedback_tickets (id, user_id, category, severity, subject, body) VALUES (?,?,?,?,?,?)`)
-            .run(id, user.id, String(category), sev, sub, bod);
+        await dbRun(`INSERT INTO feedback_tickets (id, user_id, category, severity, subject, body) VALUES (?,?,?,?,?,?)`, [id, user.id, String(category), sev, sub, bod]);
         try {
             broadcastSystemEvent('feedback', '💬', `反馈工单 ${id} · ${category}/${sev}`, id);
         }
@@ -43,8 +43,7 @@ export function registerFeedbackRoutes(app, deps) {
                         }],
                 });
                 const text = message.content[0]?.text || '';
-                db.prepare(`UPDATE feedback_tickets SET ai_suggested_reply = ?, ai_generated_at = datetime('now') WHERE id = ?`)
-                    .run(text.trim(), id);
+                await dbRun(`UPDATE feedback_tickets SET ai_suggested_reply = ?, ai_generated_at = datetime('now') WHERE id = ?`, [text.trim(), id]);
             }
             catch (e) {
                 console.error('[ai feedback draft]', e.message);
@@ -52,12 +51,12 @@ export function registerFeedbackRoutes(app, deps) {
         })();
         res.json({ success: true, id });
     });
-    app.get('/api/feedback/mine', (req, res) => {
+    app.get('/api/feedback/mine', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
-        const rows = db.prepare(`SELECT id, category, severity, subject, body, status, admin_reply, replied_at, user_seen_reply_at, created_at, updated_at
-      FROM feedback_tickets WHERE user_id = ? ORDER BY created_at DESC LIMIT 100`).all(user.id);
+        const rows = await dbAll(`SELECT id, category, severity, subject, body, status, admin_reply, replied_at, user_seen_reply_at, created_at, updated_at
+      FROM feedback_tickets WHERE user_id = ? ORDER BY created_at DESC LIMIT 100`, [user.id]);
         // 派生 has_unread_reply
         let unreadReplyCount = 0;
         for (const r of rows) {
@@ -71,16 +70,16 @@ export function registerFeedbackRoutes(app, deps) {
         }
         res.json({ items: rows, unread_reply_count: unreadReplyCount });
     });
-    app.post('/api/feedback/seen', (req, res) => {
+    app.post('/api/feedback/seen', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
-        db.prepare(`UPDATE feedback_tickets SET user_seen_reply_at = datetime('now')
-      WHERE user_id = ? AND admin_reply IS NOT NULL AND (user_seen_reply_at IS NULL OR replied_at > user_seen_reply_at)`).run(user.id);
+        await dbRun(`UPDATE feedback_tickets SET user_seen_reply_at = datetime('now')
+      WHERE user_id = ? AND admin_reply IS NOT NULL AND (user_seen_reply_at IS NULL OR replied_at > user_seen_reply_at)`, [user.id]);
         res.json({ success: true });
     });
     // admin 列出工单
-    app.get('/api/admin/feedback', (req, res) => {
+    app.get('/api/admin/feedback', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
@@ -99,7 +98,7 @@ export function registerFeedbackRoutes(app, deps) {
             params.push(category);
         }
         const whereClause = where.length > 0 ? `WHERE ${where.join(' AND ')}` : '';
-        const rows = db.prepare(`
+        const rows = await dbAll(`
       SELECT f.*, u.name as user_name, u.handle as user_handle, u.role as user_role
       FROM feedback_tickets f
       JOIN users u ON u.id = f.user_id
@@ -109,17 +108,17 @@ export function registerFeedbackRoutes(app, deps) {
         CASE f.severity WHEN 'high' THEN 1 WHEN 'medium' THEN 2 ELSE 3 END,
         f.created_at DESC
       LIMIT 200
-    `).all(...params);
+    `, params);
         res.json({ items: rows });
     });
     // admin 回复 + 切状态
-    app.post('/api/admin/feedback/:id/reply', (req, res) => {
+    app.post('/api/admin/feedback/:id/reply', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
         if (user.role !== 'admin')
             return void res.status(403).json({ error: '仅 admin 可回复' });
-        const ticket = db.prepare('SELECT user_id, status FROM feedback_tickets WHERE id = ?').get(req.params.id);
+        const ticket = await dbOne('SELECT user_id, status FROM feedback_tickets WHERE id = ?', [req.params.id]);
         if (!ticket)
             return void res.status(404).json({ error: '工单不存在' });
         const { reply, status } = req.body || {};
@@ -137,8 +136,7 @@ export function registerFeedbackRoutes(app, deps) {
         })();
         try {
             const actions = JSON.stringify([{ kind: 'navigate', label: '查看工单', href: `#ticket/${req.params.id}`, style: 'primary' }]);
-            db.prepare(`INSERT INTO notifications (id, user_id, type, title, body, order_id, actions) VALUES (?,?,?,?,?,?,?)`)
-                .run(generateId('ntf'), ticket.user_id, 'ticket_reply', `💬 客服回复了你的工单`, replyStr.slice(0, 100), null, actions);
+            await dbRun(`INSERT INTO notifications (id, user_id, type, title, body, order_id, actions) VALUES (?,?,?,?,?,?,?)`, [generateId('ntf'), ticket.user_id, 'ticket_reply', `💬 客服回复了你的工单`, replyStr.slice(0, 100), null, actions]);
         }
         catch (e) {
             console.warn('[notif ticket_reply]', e.message);
@@ -147,25 +145,25 @@ export function registerFeedbackRoutes(app, deps) {
     });
     // ─── W7 ticket-thread ────────────────────────────────────
     // 工单详情 + timeline
-    app.get('/api/feedback/:id', (req, res) => {
+    app.get('/api/feedback/:id', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
-        const t = db.prepare(`
+        const t = await dbOne(`
       SELECT f.*, u.name as user_name, u.handle as user_handle, u.role as user_role
       FROM feedback_tickets f JOIN users u ON u.id = f.user_id WHERE f.id = ?
-    `).get(req.params.id);
+    `, [req.params.id]);
         if (!t)
             return void res.status(404).json({ error: '工单不存在' });
         const isOwner = t.user_id === user.id;
         const isAdmin = user.role === 'admin';
         if (!isOwner && !isAdmin)
             return void res.status(403).json({ error: '无权查看' });
-        const messages = db.prepare(`
+        const messages = await dbAll(`
       SELECT m.*, u.name as sender_name, u.handle as sender_handle
       FROM feedback_messages m LEFT JOIN users u ON u.id = m.sender_id
       WHERE m.ticket_id = ? ORDER BY m.created_at ASC
-    `).all(t.id);
+    `, [t.id]);
         const events = [];
         events.push({
             id: `create-${t.id}`,
@@ -206,24 +204,24 @@ export function registerFeedbackRoutes(app, deps) {
         events.sort((a, b) => a.ts.localeCompare(b.ts));
         if (isOwner) {
             try {
-                db.prepare(`UPDATE feedback_tickets SET user_seen_reply_at = datetime('now') WHERE id = ? AND admin_reply IS NOT NULL`).run(t.id);
+                await dbRun(`UPDATE feedback_tickets SET user_seen_reply_at = datetime('now') WHERE id = ? AND admin_reply IS NOT NULL`, [t.id]);
             }
             catch { }
         }
         if (isAdmin) {
             try {
-                db.prepare(`UPDATE feedback_tickets SET admin_seen_at = datetime('now') WHERE id = ?`).run(t.id);
+                await dbRun(`UPDATE feedback_tickets SET admin_seen_at = datetime('now') WHERE id = ?`, [t.id]);
             }
             catch { }
         }
         res.json({ item: t, timeline: events, is_admin: isAdmin });
     });
     // 工单内追加消息（user 或 admin）
-    app.post('/api/feedback/:id/messages', (req, res) => {
+    app.post('/api/feedback/:id/messages', async (req, res) => {
         const user = auth(req, res);
         if (!user)
             return;
-        const t = db.prepare(`SELECT id, user_id, status FROM feedback_tickets WHERE id = ?`).get(req.params.id);
+        const t = await dbOne(`SELECT id, user_id, status FROM feedback_tickets WHERE id = ?`, [req.params.id]);
         if (!t)
             return void res.status(404).json({ error: '工单不存在' });
         const isOwner = t.user_id === user.id;
@@ -251,15 +249,13 @@ export function registerFeedbackRoutes(app, deps) {
         try {
             const tktAction = JSON.stringify([{ kind: 'navigate', label: '查看工单', href: `#ticket/${t.id}`, style: 'primary' }]);
             if (isOwner) {
-                const admins = db.prepare(`SELECT id FROM users WHERE role = 'admin'`).all();
+                const admins = await dbAll(`SELECT id FROM users WHERE role = 'admin'`, []);
                 for (const a of admins) {
-                    db.prepare(`INSERT INTO notifications (id, user_id, type, title, body, order_id, actions) VALUES (?,?,?,?,?,?,?)`)
-                        .run(generateId('ntf'), a.id, 'ticket_followup', '💬 用户追问了工单', body.slice(0, 100), null, tktAction);
+                    await dbRun(`INSERT INTO notifications (id, user_id, type, title, body, order_id, actions) VALUES (?,?,?,?,?,?,?)`, [generateId('ntf'), a.id, 'ticket_followup', '💬 用户追问了工单', body.slice(0, 100), null, tktAction]);
                 }
             }
             else {
-                db.prepare(`INSERT INTO notifications (id, user_id, type, title, body, order_id, actions) VALUES (?,?,?,?,?,?,?)`)
-                    .run(generateId('ntf'), t.user_id, 'ticket_reply', '💬 客服回复了你的工单', body.slice(0, 100), null, tktAction);
+                await dbRun(`INSERT INTO notifications (id, user_id, type, title, body, order_id, actions) VALUES (?,?,?,?,?,?,?)`, [generateId('ntf'), t.user_id, 'ticket_reply', '💬 客服回复了你的工单', body.slice(0, 100), null, tktAction]);
             }
         }
         catch (e) {