# dd0c/route — Epic Addendum (BMad Review Findings) **Source:** BMad Code Review (March 1, 2026) **Approach:** Surgical additions to existing epics — no new epics created. --- ## Epic 1 Addendum: Proxy Engine ### Story 1.5: API Key Redaction in Error Traces As a security-conscious developer, I want all API keys scrubbed from panic traces, error logs, and telemetry events, so that a proxy crash never leaks customer credentials. **Acceptance Criteria:** - Custom panic handler intercepts all panics and runs `redact_sensitive()` before logging. - Regex patterns cover `sk-*`, `sk-ant-*`, `sk-proj-*`, `Bearer *` tokens. - Telemetry events never contain raw API keys (verified by unit test scanning serialized JSON). - Error responses to clients never echo back the Authorization header value. **Estimate:** 2 points ### Story 1.6: SSE Disconnect Billing Accuracy As an engineering manager, I want billing to reflect only the tokens actually streamed to the client, so that early disconnects don't charge for undelivered tokens. **Acceptance Criteria:** - When a client disconnects mid-stream, the proxy aborts the upstream connection within 1 second. - Usage record reflects only tokens in chunks that were successfully flushed to the client. - Disconnect during prompt processing (before first token) records 0 completion tokens. - Provider connection count returns to 0 after client disconnect (no leaked connections). **Estimate:** 3 points --- ## Epic 2 Addendum: Router Brain ### Story 2.5: Token Calculation Edge Cases As a billing-accurate platform, I want token counting to handle Unicode, CJK, and emoji correctly per provider tokenizer, so that cost calculations match provider invoices within 1%. **Acceptance Criteria:** - Uses `cl100k_base` for OpenAI models, Claude tokenizer for Anthropic models. - Token count for emoji sequences (🌍🔥) matches provider's count within 1%. - CJK characters tokenized correctly (each char = 1+ tokens). - Property test: 10K random strings, our count vs mock provider count within 1% tolerance. **Estimate:** 2 points --- ## Epic 8 Addendum: Infrastructure & DevOps ### Story 8.7: Dedicated CI Runner for Latency Benchmarks As a solo founder, I want proxy latency benchmarks to run on a dedicated self-hosted runner (NAS), so that P99 measurements are reproducible and not polluted by shared CI noise. **Acceptance Criteria:** - GitHub Actions workflow triggers on pushes to `src/proxy/**`. - Runs `cargo bench --bench proxy_latency` on self-hosted runner. - Fails the build if P99 exceeds 5ms. - Results stored in `target/criterion/` for trend tracking. **Estimate:** 1 point --- **Total Addendum:** 8 points across 4 stories