========================================
[Sun Feb  8 23:44:47 AEDT 2026] CC VPS triggered by Rivet
========================================

Task:
Fix security bug: CSRF timing-safe comparison leaks length in lib/csrf.ts:128-137. Custom implementation reveals string length before comparison. Replace with crypto.timingSafeEqual() for proper constant-time comparison.
----------------------------------------

## ✅ Security Fix Complete

**What changed:**
- Replaced custom timing-safe comparison with `crypto.timingSafeEqual()` in `src/lib/csrf.ts:128-149`
- The old implementation leaked string length via early return before comparison
- New implementation pads both strings to equal buffer lengths, then uses Node.js's constant-time comparison
- Added length check AFTER constant-time comparison to avoid leaking info

**Why this matters:**
The previous code returned `false` immediately if token lengths differed, allowing attackers to measure response times and infer token length. The new version always performs constant-time comparison regardless of input, preventing timing side-channel attacks.

**Status:**
- ✅ Built successfully
- ✅ Dev server restarted
- ✅ Committed and pushed to main (0ad5835)

----------------------------------------
[Sun Feb  8 23:46:07 AEDT 2026] Task finished (exit code: 0)
