proxmox/docs/00-meta/NEXT_STEPS_MASTER.md

# Next Steps — Master List

**Last Updated:** 2026-02-16  
**Document Version:** 1.3  
**Status:** Active Documentation  
**Source:** Consolidated from REMAINING_TASKS.md, PHASES_AND_TASKS_MASTER.md, IMPLEMENTATION_CHECKLIST.md, REQUIRED_FIXES_UPDATES_GAPS.md

---

## Purpose

This document is the **single source of truth** for all next steps and remaining tasks across the project. Use it for prioritization, sprint planning, and status reporting.

**Consolidated checklist (all next steps + remaining TODOs):** [NEXT_STEPS_AND_REMAINING_TODOS.md](NEXT_STEPS_AND_REMAINING_TODOS.md) — single list with Operator/LAN vs in-repo marked. **Single-file task list:** [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md).

**Your next actions:** [NEXT_STEPS_FOR_YOU.md](NEXT_STEPS_FOR_YOU.md) — Ledger form ✅ submitted (2026-02-13); all remaining steps optional (Blockscout, on-chain check, etc.).  
**Remaining components, tasks, and all recommendations:** [REMAINING_COMPONENTS_TASKS_AND_RECOMMENDATIONS.md](REMAINING_COMPONENTS_TASKS_AND_RECOMMENDATIONS.md) — single list of what’s left and what to implement.  
**Consolidated review:** [REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md](REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md).  
**Step-by-step for each task:** [REMAINING_WORK_DETAILED_STEPS.md](REMAINING_WORK_DETAILED_STEPS.md) — Wave 0–3, cron, API keys; "Can be accomplished now" and completion note (2026-02-05).  
**Single reference (all tasks + detailed steps):** [ALL_TASKS_DETAILED_STEPS.md](ALL_TASKS_DETAILED_STEPS.md) — index, blockers, and exact steps per task (2026-02-12).  
**Execution order (full maximum parallel):** [FULL_PARALLEL_EXECUTION_ORDER.md](FULL_PARALLEL_EXECUTION_ORDER.md) — run all items in the same wave concurrently (Wave 0 → 1 → 2 → 3).

---

## Immediate (Do First)

### 1. CCIP WETH9 Bridge (Chain 138) — ✅ Complete

| Step | Task | Status | Notes |
|------|------|--------|-------|
| 1 | Run `./scripts/deploy-and-configure-weth9-bridge-chain138.sh` (requires PRIVATE_KEY) | ✅ Done | Bridge at 0x971cD9D156f193df8051E48043C476e53ECd4693 |
| 2 | Set `export CCIPWETH9_BRIDGE_CHAIN138=<printed_address>` in shell and .env | ✅ Done | Set in smom-dbis-138/.env |
| 3 | Execute sendCrossChain and verify transfer | ⏳ Pending | Ready for bridge operations |

**References:** [COMPREHENSIVE_STATUS_BRIDGE_READY.md](../../COMPREHENSIVE_STATUS_BRIDGE_READY.md), [07-ccip/README.md](../07-ccip/README.md), [scripts/README.md](../../scripts/README.md).

### 2. CCIP Relay Service (Chain 138 → Mainnet) — ✅ Complete (2026-02-12)

| Attribute | Value |
|-----------|-------|
| **Host** | r630-01 (192.168.11.11) |
| **Path** | `/opt/smom-dbis-138/services/relay` |
| **Chain 138 Public RPC** | `RPC_URL_138_PUBLIC` — VMID 2201 (192.168.11.221:8545) |
| **Purpose** | Monitors MessageSent events, relays to Ethereum Mainnet |

**References:** [07-ccip/CCIP_RELAY_DEPLOYMENT.md](../07-ccip/CCIP_RELAY_DEPLOYMENT.md), [OPERATIONAL_RUNBOOKS.md](../03-deployment/OPERATIONAL_RUNBOOKS.md#ccip-operations).

### 3. Chain 138 optional contracts (mirror) — ✅ Partial (2026-02-12)

AddressMapper and MirrorManager deployed. TransactionMirror: deploy when needed; if script fails with constructor-args decode, use `forge create` with `--with-gas-price 1000000000`. All Chain 138 Forge deploys require that gas price. On-chain check: run `./scripts/verify/check-contracts-on-chain-138.sh` (address list from config/smart-contracts-master.json when available). [CONTRACT_ADDRESSES_REFERENCE](../11-references/CONTRACT_ADDRESSES_REFERENCE.md), [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md).

---

## Deployment Phases (Infrastructure)

### Phase 1 — VLAN Enablement ⏳

| Task | Required | Status |
|------|----------|--------|
| UDM Pro VLAN config | Optional | ⏳ Pending |
| VLAN-aware bridge on Proxmox | Optional | ⏳ Pending |
| Services migrated to VLANs | Optional | ⏳ Pending |

### Phase 2 — Observability ⏳

| Task | Required | Status |
|------|----------|--------|
| Monitoring stack (Prometheus, Grafana, Loki, Alertmanager) | Required | ⏳ Pending |
| Grafana published via Cloudflare Access | Required | ⏳ Pending |
| Alerts configured | Required | ⏳ Pending |

### Phase 3 — CCIP Fleet ⏳

| Task | Required | Status |
|------|----------|--------|
| CCIP Ops/Admin (VMID 5400-5401) | Required | ⏳ Pending |
| 16 commit nodes (5410-5425) | Required | ⏳ Pending |
| 16 execute nodes (5440-5455) | Required | ⏳ Pending |
| 7 RMN nodes (5470-5476) | Required | ⏳ Pending |
| NAT pools configured | Required | ⏳ Pending |

**Reference:** [07-ccip/CCIP_DEPLOYMENT_SPEC.md](../07-ccip/CCIP_DEPLOYMENT_SPEC.md).

### Phase 4 — Sovereign Tenants ⏳

| Task | Required | Status |
|------|----------|--------|
| Sovereign VLANs configured | Required | ⏳ Pending |
| Tenant isolation enforced | Required | ⏳ Pending |
| Access control configured | Required | ⏳ Pending |

---

## Missing Containers (Chain 138)

**Single source of truth:** [03-deployment/MISSING_CONTAINERS_LIST.md](../03-deployment/MISSING_CONTAINERS_LIST.md) — canonical missing VMIDs only.

| Category | Missing | Total | Priority |
|----------|---------|-------|----------|
| Besu RPC (only) | 3 (2506, 2507, 2508) | 19 | High |
| Hyperledger / Blockscout | 0 | 6 | — (deployed) |

**Reference:** MISSING_CONTAINERS_LIST.md for the full list and deployment checklist.

---

## Codebase & Scripts

### smom-dbis-138

| Task | Priority | Status |
|------|----------|--------|
| Security audits (VLT-024, ISO-024) | Critical | ⏳ Pending |
| Bridge integrations (BRG-VLT, BRG-ISO) | High | ⏳ Pending |
| CCIP AMB full implementation | High | ⏳ Pending |
| dbis_core TypeScript/Prisma fixes | High | ~1186 errors remain |
| IRU remaining tasks | High | ⏳ Pending |

### Implementation Checklist (Best Practices)

| Category | Total | Completed | Pending |
|----------|-------|-----------|---------|
| High Priority | 25 | 5 | 20 |
| Medium Priority | 20 | 0 | 20 |
| Low Priority | 15 | 0 | 15 |
| Quick Wins | 8 | 5 | 3 |

**Quick Wins pending:** Add progress indicators to scripts; Add --dry-run flag to scripts; Add configuration validation.

**Reference:** [10-best-practices/IMPLEMENTATION_CHECKLIST.md](../10-best-practices/IMPLEMENTATION_CHECKLIST.md).

---

## Optional / Enhancement

### MetaMask & Explorer

| Task | Priority | Effort |
|------|----------|--------|
| Token-aggregation production hardening | Medium | 2-3 h |
| Chain 138 Snap: market data UI, swap quotes, bridge routes | Low | 8-12 h each |
| CoinGecko submission (Chain 138) | Low | 1-2 h |
| Consensys outreach (Swaps/Bridge support) | Low | 1 h |
| Explorer: dark mode, network selector | Low | 2-3 h each |

### Placeholders (REQUIRED_FIXES)

| Item | Location | Priority |
|------|----------|----------|
| Canonical addresses env-only | token-aggregation canonical-tokens.ts | Medium |
| AlltraAdapter fee | AlltraAdapter.sol (TODO: actual fee) | Medium |
| Smart accounts kit | DeploySmartAccountsKit.s.sol (placeholders) | Medium |
| Quote service Fabric chainId 999 | quote-service.ts | Low |
| .bak script/test restoration or deprecation | Various | Low |

**Reference:** [REQUIRED_FIXES_UPDATES_GAPS.md](../REQUIRED_FIXES_UPDATES_GAPS.md).

---

## Maintenance (Ongoing)

| Task | Frequency |
|------|------------|
| Monitor explorer sync status | Daily |
| Monitor RPC node health (e.g. VMID 2201) | Daily |
| Check config API uptime | Weekly |
| Review explorer logs | Weekly |
| Update token list as needed | As needed |
| **Fix E2E 502s (when domains 502)** | As needed — from LAN: `./scripts/maintenance/address-all-remaining-502s.sh`; runbook: [502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md](502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md) |

---

## Validation & Testing

| Check | Command | Requires |
|-------|---------|----------|
| **E2E routing (all domains)** | `./scripts/verify/verify-end-to-end-routing.sh` | Public DNS/HTTPS; use `E2E_ACCEPT_502_INTERNAL=1` to allow exit 0 when only 502s remain |
| **Address all 502s (LAN)** | `./scripts/maintenance/address-all-remaining-502s.sh` [--run-besu-fix] [--e2e] | LAN + SSH to Proxmox + NPM_PASSWORD for NPMplus update |
| Prerequisites (smom-dbis-138) | `./scripts/validation/check-prerequisites.sh` (from smom-dbis-138-proxmox or repo root) | Local + config dirs |
| Prerequisites (root) | `./scripts/check-prerequisites.sh` (if present) | Local tools |
| Deployment validation | `./scripts/validate-ml110-deployment.sh` | Proxmox API |
| Connection test | `./scripts/test-connection.sh` | Proxmox host |
| Full validation | `./scripts/complete-validation.sh` | Proxmox + env |
| MCP basic tests | `pnpm test:basic` | mcp-proxmox + Proxmox |
| Workspace tests | `pnpm test` | Node/pnpm |
| WETH9 bridge deploy (dry-run) | `./scripts/deploy-and-configure-weth9-bridge-chain138.sh --dry-run` | None |

**Latest test run (2026-02-16):** run-completable-tasks-from-anywhere.sh passed; config validation OK; on-chain check 46/49 OK (3 expected MISS); run-all-validation --skip-genesis passed; forge test (smom-dbis-138) passed.

---

## Completions (2026-02-16)

| Item | Status | Notes |
|------|--------|-------|
| Run completable tasks | ✅ Done | Config validation, on-chain check, run-all-validation, reconcile-env — all passed |
| forge test (smom-dbis-138) | ✅ Passed | All 24 test contracts passed |
| Token lists | ✅ Updated | dbis-138, cronos, avalanche, arbitrum, all-mainnet, canonical-tokens Cronos ISO-4217W |

---

## Completions (2026-02-03 to 2026-02-05)

| Item | Status | Notes |
|------|--------|-------|
| CT 2301 (besu-rpc-private-1) | ✅ Resolved | Recreated 2026-02-04 via `scripts/recreate-ct-2301.sh`; see [VM_RESTART_AND_VERIFICATION_20260203.md](../../reports/status/VM_RESTART_AND_VERIFICATION_20260203.md) |
| E2E Cloudflare domains runbook | ✅ Added | [05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md](../05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md) — full E2E success for all Cloudflare-facing endpoints |
| RPC 405 (NPMplus Block Exploits) | ✅ Fixed in script | `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` sets `block_exploits: false` for RPC hosts; run from LAN to apply |
| verify-end-to-end-routing.sh | ✅ Updated | All Cloudflare domains added; `ACCEPT_ANY_DNS=1` option; RPC failures counted in summary |
| RPC_ENDPOINTS_MASTER proxy hosts | ✅ Corrected | Sankofa/phoenix/mim4u IPs and explorer port aligned with tables |

---

## Master TODO Task List

**[TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md)** — Single-file checklist (high/medium/LAN/low/external/phases/validation).  
**[TODO_TASK_LIST_MASTER.md](TODO_TASK_LIST_MASTER.md)** — Consolidated fixes, enhancements, gas steps, known issues, and recommendations (1–139).

---

## Related Documents

- [REMAINING_TASKS.md](../REMAINING_TASKS.md) — Optional/enhancement tasks and maintenance
- [00-meta/PHASES_AND_TASKS_MASTER.md](PHASES_AND_TASKS_MASTER.md) — Phases and codebase tasks
- [10-best-practices/IMPLEMENTATION_CHECKLIST.md](../10-best-practices/IMPLEMENTATION_CHECKLIST.md) — Best practices checklist
- [REQUIRED_FIXES_UPDATES_GAPS.md](../REQUIRED_FIXES_UPDATES_GAPS.md) — Fixes and gaps
- [03-deployment/MISSING_CONTAINERS_LIST.md](../03-deployment/MISSING_CONTAINERS_LIST.md) — Container deployment
- [MASTER_INDEX.md](../MASTER_INDEX.md) — Documentation index

---

**Last Updated:** 2026-02-16  
**Maintained By:** Infrastructure Team