docs: migrate roadmap to structured yaml tasks

docs/roadmap/backlog/BT-001C-shared-historical-fixture-provider.yaml

@@ -0,0 +1,14 @@
+id: BT-001C
+title: Shared Historical Fixture/Test Provider Cleanup
+status: backlog
+priority: P2
+effort: S
+depends_on:
+  - BT-001A
+  - BT-003A
+tags: [backtesting, test-infra]
+summary: Centralize deterministic historical fixture logic used by browser-tested backtest UIs.
+acceptance_criteria:
+  - Deterministic historical fixture/provider logic is centralized.
+  - Supported seeded windows are explicit and fail closed outside allowed ranges.
+  - Both /backtests and /event-comparison use the shared deterministic provider.

docs/roadmap/backlog/BT-002-historical-options-snapshots.yaml

@@ -0,0 +1,14 @@
+id: BT-002
+title: Historical Daily Options Snapshot Provider
+status: backlog
+priority: P2
+effort: L
+depends_on:
+  - BT-001
+tags: [backtesting, data]
+summary: Support real daily historical options premiums in backtests.
+acceptance_criteria:
+  - Historical provider abstraction supports point-in-time daily option snapshots.
+  - Backtests can swap synthetic pricing for observed historical premiums.
+  - Contract selection avoids lookahead bias.
+  - Provider/data-quality tradeoffs are documented.

docs/roadmap/backlog/BT-003-selloff-event-report.yaml

@@ -0,0 +1,13 @@
+id: BT-003
+title: Selloff Event Comparison Report
+status: backlog
+priority: P2
+effort: M
+depends_on:
+  - BT-001
+tags: [backtesting, events]
+summary: Rank named strategies across historical selloff events.
+acceptance_criteria:
+  - Event presets define named windows.
+  - Reports rank strategies by survival, max LTV, cost, and final equity.
+  - UI can show unhedged vs hedged path comparisons.

docs/roadmap/backlog/BT-003B-event-comparison-drilldown.yaml

@@ -0,0 +1,14 @@
+id: BT-003B
+title: Event Comparison Drilldown
+status: backlog
+priority: P1
+effort: M
+depends_on:
+  - BT-003A
+tags: [backtesting, ui]
+summary: Explain why one ranked strategy beat another on the event comparison page.
+acceptance_criteria:
+  - Selecting a ranked strategy shows daily path details.
+  - UI exposes margin-call days, payoff realized, hedge cost, and final equity.
+  - Worst LTV point and breach dates are highlighted.
+  - Browser test verifies drilldown content updates when selecting a ranked result.

docs/roadmap/backlog/CORE-001D-decimal-boundary-cleanup.yaml

@@ -0,0 +1,15 @@
+id: CORE-001D
+title: External Boundary and Persistence Cleanup for Decimal Unit Types
+status: backlog
+priority: P2
+effort: M
+depends_on:
+  - CORE-001B
+  - CORE-001C
+tags: [core, decimal, persistence]
+summary: Make Decimal/unit-safe values reliable across persistence, APIs, and provider boundaries.
+acceptance_criteria:
+  - Persistence format for unit-safe values is explicit and stable.
+  - Decimal-bearing JSON/API serialization is documented and tested.
+  - Float-heavy integrations have named conversion boundaries.
+  - Remaining raw-float domain hotspots are identified or removed.

docs/roadmap/backlog/DATA-001A-live-overview-price-wiring.yaml

@@ -0,0 +1,15 @@
+id: DATA-001A
+title: Live Overview Price Wiring
+status: backlog
+priority: P0
+effort: S
+depends_on:
+  - DATA-001
+  - PORT-001
+tags: [overview, pricing]
+summary: Use the live price service directly on the overview page.
+acceptance_criteria:
+  - Overview uses live quote data instead of a hardcoded spot.
+  - Source and last-updated metadata are displayed.
+  - Margin-call and LTV values use configured portfolio inputs.
+  - Browser test verifies visible live data metadata.

docs/roadmap/backlog/DATA-002A-lazy-options-loading.yaml

@@ -0,0 +1,15 @@
+id: DATA-002A
+title: Lazy Options Loading
+status: backlog
+priority: P0
+effort: S
+depends_on:
+  - DATA-002
+tags: [options, performance]
+summary: Render the options page fast by loading only the minimum data initially.
+acceptance_criteria:
+  - Initial page load fetches expirations plus one default expiry chain.
+  - Changing expiry fetches only that expiry on demand.
+  - Browser test verifies /options becomes visible quickly with no visible runtime error.
+technical_notes:
+  - Keep initial render fast and move additional data loading behind user selection.

docs/roadmap/backlog/EXEC-001-strategy-builder.yaml

@@ -0,0 +1,13 @@
+id: EXEC-001
+title: Strategy Builder
+status: backlog
+priority: P1
+effort: L
+depends_on:
+  - DATA-003
+tags: [strategies, hedge]
+summary: Build and compare hedge strategies from the product UI.
+acceptance_criteria:
+  - Select strategy type, strikes, and expirations.
+  - Show payoff diagrams and compare cost vs protection.
+  - Store strategy templates for reuse.

docs/roadmap/backlog/EXEC-002-ibkr-order-integration.yaml

@@ -0,0 +1,13 @@
+id: EXEC-002
+title: IBKR Order Integration
+status: backlog
+priority: P2
+effort: L
+depends_on:
+  - EXEC-001
+tags: [broker, execution]
+summary: Execute hedge trades directly from the dashboard.
+acceptance_criteria:
+  - Support IBKR paper trading first.
+  - Preview order, execute, and track status.
+  - Securely store credentials and maintain audit history.

docs/roadmap/backlog/OPS-001-public-caddy-route.yaml

@@ -0,0 +1,15 @@
+id: OPS-001
+title: Public Caddy Route for Lombard Dashboard
+status: backlog
+priority: P1
+effort: S
+depends_on: []
+tags: [ops, deploy, routing]
+summary: Move the production route to public HTTPS at lombard.uncloud.tech.
+acceptance_criteria:
+  - Caddy proxies lombard.uncloud.tech to the deployment container.
+  - HTTPS works with a valid certificate.
+  - Health check succeeds through Caddy.
+  - Deployment docs note that vd1.uncloud.vpn was retired in favor of the public route.
+technical_notes:
+  - Keep public-exposure controls aligned with SEC-001 Turnstile bootstrap protection.

docs/roadmap/backlog/PORT-003-historical-ltv-chart.yaml

@@ -0,0 +1,13 @@
+id: PORT-003
+title: Historical LTV Chart
+status: backlog
+priority: P2
+effort: M
+depends_on:
+  - PORT-001
+tags: [portfolio, history, charts]
+summary: Record and display historical LTV snapshots.
+acceptance_criteria:
+  - Store LTV snapshots over time.
+  - Display 7/30/90 day charts with the margin threshold line.
+  - Allow export as CSV.

docs/roadmap/backlog/SEC-001-turnstile-captcha.yaml

@@ -0,0 +1,26 @@
+id: SEC-001
+title: Turnstile CAPTCHA for Public Workspace Bootstrap
+status: backlog
+priority: P0
+effort: M
+depends_on:
+  - PORT-004
+tags:
+  - security
+  - public-exposure
+  - workspace
+summary: >
+  Require Cloudflare Turnstile verification before creating a workspace from the
+  public welcome page on lombard.uncloud.tech.
+acceptance_criteria:
+  - Welcome/bootstrap flow at / and /workspaces/bootstrap requires valid Turnstile verification before creating a workspace.
+  - Workspace creation fails closed when the Turnstile token is missing, invalid, expired, or verification cannot be completed.
+  - Existing users with a valid workspace cookie visiting / are redirected to their workspace without solving CAPTCHA again.
+  - UI shows a clear user-facing retry path when CAPTCHA verification fails.
+  - Server-side verification uses TURNSTILE_SECRET_KEY and does not trust client-side success alone.
+  - Browser test covers protected bootstrap flow using Cloudflare Turnstile test keys in local/dev mode.
+technical_notes:
+  - Use Cloudflare Turnstile only on the welcome/bootstrap flow, not on normal workspace navigation.
+  - Keep verification in a focused server-side seam such as app/services/turnstile.py.
+  - Use Cloudflare's published Turnstile test keys for deterministic local/browser coverage.
+  - This story exists because the app is now publicly reachable at https://lombard.uncloud.tech.

docs/roadmap/backlog/SEC-001A-turnstile-config.yaml

@@ -0,0 +1,23 @@
+id: SEC-001A
+title: Turnstile Config, Test Keys, and Deployment Wiring
+status: backlog
+priority: P0
+effort: S
+depends_on:
+  - SEC-001
+tags:
+  - security
+  - config
+  - deploy
+summary: >
+  Wire Cloudflare Turnstile configuration cleanly across local dev, tests, CI,
+  and production deployment.
+acceptance_criteria:
+  - App config supports environment-driven TURNSTILE_SITE_KEY and TURNSTILE_SECRET_KEY.
+  - Local/dev defaults can use Cloudflare's documented Turnstile test keys.
+  - Forgejo deploy/runtime path passes vars.TURNSTILE_SITE_KEY and secrets.TURNSTILE_SECRET_KEY into the app environment.
+  - Missing production keys fail loudly in public/prod mode rather than silently disabling CAPTCHA.
+  - Docs explain local vs production key usage and browser-test setup.
+technical_notes:
+  - Secret key must remain server-side only.
+  - Prefer explicit settings validation over silent fallback in production.