Liquifact · Elite-tch · Mar 28, 2026 · Mar 28, 2026
diff --git a/README.md b/README.md
@@ -196,6 +196,14 @@ Check the standard `RateLimit-*` headers for quota and reset time.
 
 ---
 
+## API Boundary Validation
+
+LiquiFact backend leverages [Zod](https://zod.dev/) to protect API boundaries against malformed data and data leaks constraint regressions:
+- **Inbound Validation**: Ensures clients provide expected payloads (e.g., `amount`, `customer`). Malformed requests receive a `400 Bad Request` containing specific constraint validation issues.
+- **Outbound Escrowing**: Employs a response interceptor to rigidly validate outbound domain responses. This prevents internal schema drift or accidental leakage of sensitive DB fields to the public network, forcing a `500 Internal Server Error` instead of breaching contracts.
+
+---
+
 ## Configuration
 
 ### CORS Allowlist

diff --git a/bodySize_fail.txt b/bodySize_fail.txt
diff --git a/bodySize_fail_utf8.txt b/bodySize_fail_utf8.txt
@@ -0,0 +1,180 @@
+  console.log
+    [dotenv@17.3.1] injecting env (0) from .env -- tip: ΓÜÖ∩╕Å  suppress all logs with { quiet: true }
+
+      at _log (node_modules/dotenv/lib/main.js:139:11)
+
+  console.log
+    [dotenv@17.3.1] injecting env (0) from .env -- tip: ≡ƒ¢í∩╕Å auth for agents: https://vestauth.com
+
+      at _log (node_modules/dotenv/lib/main.js:139:11)
+
+  console.log
+    [dotenv@17.3.1] injecting env (0) from .env -- tip: ≡ƒöÉ encrypt with Dotenvx: https://dotenvx.com
+
+      at _log (node_modules/dotenv/lib/main.js:139:11)
+
+node.exe : FAIL src/__tests__
+/bodySizeLimits.test.js
+At C:\Users\pc\AppData\Roamin
+g\npm\npx.ps1:24 char:5
++     & "node$exe"  "$basedir
+/node_modules/npm/bin/npx-cli
+.js" $args
++     ~~~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~
+    + CategoryInfo           
+   : NotSpecified: (FAIL sr  
+  c/__test...eLimits.test.   
+ js:String) [], RemoteExc    
+eption
+    + FullyQualifiedErrorId  
+   : NativeCommandError
+
+  parseSize()
+    valid inputs
+      ΓêÜ parses bytes (no 
+suffix) (4 ms)
+      ΓêÜ parses "b" suffix 
+(lowercase) (1 ms)
+      ΓêÜ parses "B" suffix 
+(uppercase) (1 ms)
+      ΓêÜ parses "kb" suffix 
+(1 ms)
+      ΓêÜ parses "KB" suffix 
+(1 ms)
+      ΓêÜ parses "mb" suffix
+      ΓêÜ parses "MB" suffix
+      ΓêÜ parses "gb" suffix 
+(1 ms)
+      ΓêÜ handles decimal 
+values (1 ms)
+      ΓêÜ handles 
+surrounding whitespace (1 ms)
+      ΓêÜ returns 0 for "0b" 
+(1 ms)
+    TypeError
+      ΓêÜ throws for empty 
+string (12 ms)
+      ΓêÜ throws for 
+whitespace-only (1 ms)
+      ΓêÜ throws for number 
+input (1 ms)
+      ΓêÜ throws for null (1 
+ms)
+      ΓêÜ throws for 
+undefined (1 ms)
+      ΓêÜ throws for object 
+(2 ms)
+    RangeError
+      ΓêÜ throws for unknown 
+unit "tb" (2 ms)
+      ΓêÜ throws for 
+non-numeric value (2 ms)
+      ΓêÜ throws for 
+negative value (2 ms)
+  DEFAULT_LIMITS
+    ΓêÜ json is a parseable 
+string (1 ms)
+    ΓêÜ urlencoded is a 
+parseable string (1 ms)
+    ΓêÜ raw is a parseable 
+string (1 ms)
+    ΓêÜ invoice is a 
+parseable string (1 ms)
+  jsonBodyLimit()
+    ΓêÜ returns a 
+two-element handler array (1 
+ms)
+    ΓêÜ accepts a body 
+within the limit (42 ms)
+    ΓêÜ rejects a body 
+exceeding the limit with 413 
+(8 ms)
+    ΓêÜ 413 response has 
+correct shape (8 ms)
+  isCorsOriginRejectedError()
+    ΓêÜ returns true for 
+flagged error
+    ΓêÜ returns false for 
+plain error
+  createCorsOptions()
+    ΓêÜ allows request with 
+no Origin header (1 ms)
+    ΓêÜ rejects an unlisted 
+origin
+  computeBackoff()
+    ΓêÜ returns a number >= 0
+    ΓêÜ is capped at 
+maxDelay (1 ms)
+  isRetryable()
+    ΓêÜ returns true for 
+ECONNRESET
+    ΓêÜ returns true for 
+status 429
+    ΓêÜ returns true for 
+status 502
+    ΓêÜ returns true for 
+status 503 (1 ms)
+    ΓêÜ returns true for 
+status 504
+  createApp() integration
+    ├ù GET /health ΓåÆ 200 
+with status ok (19 ms)
+    ΓêÜ POST /api/invoices 
+oversized body ΓåÆ 413 (17 
+ms)
+
+  ΓùÅ createApp() 
+integration ΓÇ║ GET /health 
+ΓåÆ 200 with status ok
+
+    expect(received).toBe(exp
+ected) // Object.is equality
+
+    Expected: "ok"
+    Received: undefined
+
+    [0m [90m 198 |[39m    
+ [36mconst[39m res 
+[33m=[39m [36mawait[39m r
+equest(app)[33m.[39m[36mge
+t[39m([32m'/health'[39m)[
+33m;[39m
+     [90m 199 |[39m     exp
+ect(res[33m.[39mstatus)[33
+m.[39mtoBe([35m200[39m)[3
+3m;[39m
+
+[31m[1m>[22m[39m[90m 
+200 |[39m     expect(res[33
+m.[39mbody[33m.[39mstatus)
+[33m.[39mtoBe([32m'ok'[39
+m)[33m;[39m
+     [90m     |[39m        
+
+[31m[1m^[22m[39m
+     [90m 201 |[39m   
+})[33m;[39m
+     [90m 202 |[39m
+     [90m 203 |[39m   
+it([32m'POST /api/invoices 
+oversized body ΓåÆ 
+413'[39m[33m,[39m 
+[36masync[39m () 
+[33m=>[39m {[0m
+
+      at Object.toBe (src/__t
+ests__/bodySizeLimits.test.js
+:200:29)
+
+Test Suites: 1 failed, 1 
+total
+Tests:       1 failed, 40 
+passed, 41 total
+Snapshots:   0 total
+Time:        1.154 s, 
+estimated 4 s
+Ran all test suites matching 
+src/__tests__/bodySizeLimits.
+test.js.