feat(gru): governance supervision profile, storage standard, naming 03–04, identity reports

- config/gru-governance-supervision-profile.json + gru-standards-profile cross-refs
- GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md; GRU matrix/profile doc updates
- naming-conventions: 03 bridges/cross-chain, 04 registry JSON fields; README table complete
- validate-config-files: governance profile checks (existing jq rules)
- reports/identity-completion: templates + README for DID/governance completion path
- mlfo-gitea-avatar.svg; refreshed transaction-package-HYBX-BATCH-001.zip
- gitignore: .codex, tmp/, regenerated output audit trees/zips, token-lists/logos PNGs

Submodules remain dirty locally (commit inside each submodule separately).

Made-with: Cursor

scripts/validation/validate-config-files.sh

@@ -51,7 +51,7 @@ check_env() {
 
 if $DRY_RUN; then
   echo "=== Validation (--dry-run: would check) ==="
-  echo "  REQUIRED_FILES: ${REQUIRED_FILES:-<default: config/ip-addresses.conf, .env.example, token-mapping*.json, gru-transport-active.json, gru-iso4217-currency-manifest.json>}"
+  echo "  REQUIRED_FILES: ${REQUIRED_FILES:-<default: config/ip-addresses.conf, .env.example, token-mapping*.json, gru-transport-active.json, gru-iso4217-currency-manifest.json, gru-governance-supervision-profile.json>}"
   echo "  OPTIONAL_ENV: ${OPTIONAL_ENV:-<empty; set VALIDATE_OPTIONAL_ENV for Proxmox API vars>}"
   exit 0
 fi
@@ -369,6 +369,26 @@ NODE
     log_err "Missing config/gru-transport-active.json"
     ERRORS=$((ERRORS + 1))
   fi
+
+  if [[ -f "$PROJECT_ROOT/config/gru-governance-supervision-profile.json" ]]; then
+    log_ok "Found: config/gru-governance-supervision-profile.json"
+    if command -v jq &>/dev/null; then
+      if jq -e '
+        (.profileId | type == "string")
+        and (.requiredAssetMetadata | type == "array")
+        and (.roles.tokenRoles | type == "array")
+        and (.roles.registryRoles | type == "array")
+        and (.roles.governanceRoles | type == "array")
+        and (.storageNamespaces | type == "object")
+        and (.proposalPolicy.defaultMinimumUpgradeNoticePeriodSeconds | type == "number")
+      ' "$PROJECT_ROOT/config/gru-governance-supervision-profile.json" &>/dev/null; then
+        log_ok "gru-governance-supervision-profile.json: top-level structure is valid"
+      else
+        log_err "gru-governance-supervision-profile.json: invalid top-level structure"
+        ERRORS=$((ERRORS + 1))
+      fi
+    fi
+  fi
   [[ -f "$PROJECT_ROOT/config/smart-contracts-master.json" ]] && log_ok "Found: config/smart-contracts-master.json" || true
   # Token lists (Uniswap format): validate structure if present
   for list in token-lists/lists/dbis-138.tokenlist.json token-lists/lists/cronos.tokenlist.json token-lists/lists/all-mainnet.tokenlist.json; do
@@ -491,13 +511,15 @@ NODE
         and (.canonicalChainId == $manifestChain)
         and (.references.transportOverlay == "config/gru-transport-active.json")
         and (.references.currencyManifest == "config/gru-iso4217-currency-manifest.json")
+        and (.references.governanceSupervisionProfile == "config/gru-governance-supervision-profile.json")
+        and (.references.storageGovernanceDoc == "docs/04-configuration/GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md")
       ' \
         --argjson activeChain "$(jq -r '.system.canonicalChainId' "$PROJECT_ROOT/config/gru-transport-active.json")" \
         --argjson manifestChain "$(jq -r '.canonicalChainId' "$PROJECT_ROOT/config/gru-iso4217-currency-manifest.json")" \
         "$PROJECT_ROOT/config/gru-standards-profile.json" &>/dev/null; then
-        log_ok "gru-standards-profile.json: canonical-chain and reference wiring matches active overlay + currency manifest"
+        log_ok "gru-standards-profile.json: canonical-chain and reference wiring matches active overlay + currency manifest + governance profile"
       else
-        log_err "gru-standards-profile.json: canonical-chain or reference wiring does not match active overlay / currency manifest"
+        log_err "gru-standards-profile.json: canonical-chain or reference wiring does not match active overlay / currency manifest / governance profile"
         ERRORS=$((ERRORS + 1))
       fi
     fi