Okay, let’s get our bearings. First, snapshot the repo and run a static analysis tool—spot unused functions, dead branches, and any legacy dependencies. That’s the baseline for the 20 % cut. 1. **Audit (2 h)** – list all functions/classes that aren’t referenced or have no tests. 2. **Prioritize (1 h)** – rank by size and risk. Target the biggest, low‑risk pieces first. 3. **Refactor (6 h)** – rewrite or merge those chunks, keep the interface identical, and add a unit test for each change. 4. **Security check (2 h)** – run the static scanner again and do a quick penetration‑style test on the exposed API surface. 5. **Integration (4 h)** – merge the refactor into the main branch, run the full test suite, resolve any flakiness. 6. **Staging rollout (3 h)** – deploy to a staging cluster, run load tests, monitor logs for anomalies. 7. **Final cut‑over (1 h)** – switch traffic, watch for errors, have rollback ready. That’s about 19 hours of hands‑on work, plus a couple of buffer windows for unforeseen hitches. Stick to the timeline, keep the tests tight, and we’ll shave the codebase cleanly while keeping security intact.