Update webhook events

[pedromcunha]

No description provided.

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
unevenlabs	🟢 Ready	View Preview	Mar 25, 2026, 10:51 PM

[github-actions]

Claude finished @pedromcunha's task in 56s —— View job

---

Code Review: Update webhook events

• Read changed files and gather context
• Review against documentation standards
• Post review feedback

---

Great addition — the webhook docs are well-structured and cover the key topics (integration, events, verification, reliability). A few items to address:

Timing attack vulnerability in verification example

webhooks.mdx:79 — Using signature === expected for HMAC comparison is vulnerable to timing attacks. Use crypto.timingSafeEqual() instead:

const signatureBuffer = Buffer.from(signature, 'hex');
const expectedBuffer = Buffer.from(expected, 'hex');
return signatureBuffer.length === expectedBuffer.length &&
  crypto.timingSafeEqual(signatureBuffer, expectedBuffer);

Since this is documentation that developers will copy, it's important to model secure practices. Fix this →

Heading hierarchy (CLAUDE.md violation)

webhooks.mdx:35 — #### Example Payload uses H4. Per the repo's CLAUDE.md, avoid going deeper than H3. This should be ### Example Payload. Fix this →

Grammar / style nits

• webhooks.mdx:6 — "Building applications at scale require" → "requires" (gerund subject is singular)
• webhooks.mdx:18 — "reach out to Relay to configure your api key" → "API key" (capitalization consistency with rest of doc)
• webhooks.mdx:53 — "By default we post all status updates, if you're…" — add a comma after "By default" or split into two sentences for clarity

Missing newline at EOF

webhooks.mdx:96 — File is missing a trailing newline. Most editors and linters expect one.

Minor observations (non-blocking)

• The example payload shows "txHashes": [] with "status": "success" — an empty fill tx hash on a successful fill might confuse integrators. Consider either populating it or adding a note.
• The description frontmatter has inconsistent title case: "Simplify your Integration" — minor, but worth normalizing.

---

Overall this is solid documentation. The security fix on the verification example is the most important item — the rest are polish.

[github-actions]

Claude finished @pedromcunha's task in 1m 5s —— View job

---

Code Review: Update webhook events

• Read changed files and gather context
• Review against documentation standards
• Post review feedback

---

Nice improvements in the latest commit — the timing-safe comparison fix, heading hierarchy correction, and grammar fixes from the previous review are all addressed. A few remaining items:

Missing comma (style)

webhooks.mdx:53 — "By default we post all status updates." — a comma after "By default" improves readability: "By default**,** we post all status updates." Fix this →

Missing trailing newline

webhooks.mdx:103 — File does not end with a newline character. Most editors and linters expect one. Fix this →

Potentially confusing example payload (non-blocking)

webhooks.mdx:44 — The example shows "txHashes": [] with "status": "success". An empty fill tx hash array on a successful fill may confuse integrators. Consider either populating it with a placeholder hash or adding a brief note explaining when this field may be empty.

Empty code block line

webhooks.mdx:88 — There's an empty line before the closing ``` in the verification code block. Minor, but trimming it keeps the snippet clean.

---

Overall this is solid — the security fix was the most important item and it's been properly addressed. The remaining items are all polish.

[github-actions]

Claude finished @pedromcunha's task in 54s —— View job

---

Code Review: Update webhook events

• Read changed files and gather context
• Review against documentation standards
• Post review feedback

---

Good progress — the major items from previous reviews (timing-safe comparison, heading hierarchy, grammar fixes, trailing newline) are all properly addressed. A couple of remaining items:

Missing comma (style)

webhooks.mdx:53 — "By default we post all status updates." — per standard English style, an introductory phrase takes a comma: "By default**,** we post all status updates." This was flagged in the previous review and is still outstanding. Fix this →

Minor observations (non-blocking)

• webhooks.mdx:44 — The example payload shows "txHashes": [] with "status": "success". An empty array on a successful fill could confuse integrators. Consider populating it with a placeholder hash or adding a brief note explaining when this field may be empty.
• webhooks.mdx:3 — Description frontmatter uses mixed title case: "Simplify your Integration" — consider normalizing to "Simplify Your Integration with Low-Latency Relay Webhooks".

---

Overall this is in good shape. The security-critical fix is in place and the doc is well-structured. Just the comma and optional polish items above remain.