diff --git a/.cursor/rules/chain138-tokens-and-pmm.mdc b/.cursor/rules/chain138-tokens-and-pmm.mdc index dd909425..2a60c4a5 100644 --- a/.cursor/rules/chain138-tokens-and-pmm.mdc +++ b/.cursor/rules/chain138-tokens-and-pmm.mdc @@ -10,10 +10,14 @@ alwaysApply: true - **cUSDT:** `0x93E66202A11B1772E55407B32B44e5Cd8eda7f22` (6 decimals) - **cUSDC:** `0xf22258f57794CC8E06237084b353Ab30fFfa640b` (6 decimals) -**DODOPMMIntegration:** `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` — reconciled with `docs/11-references/ADDRESS_MATRIX_AND_STATUS.md` (on-chain verification 2026-03-26); `compliantUSDT()` / `compliantUSDC()` return the canonical cUSDT/cUSDC above. +**DODOPMMIntegration (canonical, official DVM-backed stack):** `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` — use for stable-pool routing, token-aggregation, explorer fallbacks, and `info-defi-oracle-138` swaps. **`DODOPMMProvider`:** `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. **`DODO_VENDING_MACHINE_ADDRESS`:** `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C`. Single source: `docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md` and `ADDRESS_MATRIX_AND_STATUS.md` (on-chain verification 2026-04-02). + +**Older PMM integration (historical / supplemental only):** `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` — do **not** treat as canonical for stable routing or explorer reads; retained for older XAU-phase references and probes. **PMM pools (live funded public):** cUSDT/cUSDC `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | cUSDT/USDT `0x6fc60DEDc92a2047062294488539992710b99D71` | cUSDC/USDC `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` — see `docs/11-references/ADDRESS_MATRIX_AND_STATUS.md` / `PMM_DEX_ROUTING_STATUS.md`. **cXAUC / cXAUT (XAU):** `0x290E52a8819A4fbD0714E517225429aA2B70EC6b`, `0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E` (6 decimals). **1 full token = 1 troy ounce Au** — not USD face value; see `EXPLORER_TOKEN_LIST_CROSSCHECK.md` section 5.1. **RPC (deploy):** `RPC_URL_138=http://192.168.11.211:8545`. **Deployer:** `0x4A666F96fC8764181194447A7dFdb7d471b301C8`. Add-liquidity reads tokens from the integration contract, not env. Do not use non-canonical Blockscout addresses (§2 of EXPLORER_TOKEN_LIST_CROSSCHECK). + +**Token symbol grammar (UTRNF vs GRU `c*`):** DBIS **`c*`** (e.g. cUSDC) is **compliant GRU base money**, not Universal Token Role Naming Framework “`c` = collateral.” For prefix collision rules, registry fields, and bridges, use `docs/04-configuration/naming-conventions/02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md` and `docs/04-configuration/naming-conventions/README.md`. diff --git a/.cursor/rules/operator-context-lan-proxmox.mdc b/.cursor/rules/operator-context-lan-proxmox.mdc index 7ae667d2..f9719929 100644 --- a/.cursor/rules/operator-context-lan-proxmox.mdc +++ b/.cursor/rules/operator-context-lan-proxmox.mdc @@ -8,10 +8,10 @@ alwaysApply: true **Remember:** This machine **is** LAN/operator — it has LAN and Proxmox access to 192.168.11.x. Operator scripts **can and should** be run from here when the user asks to run operator tasks. - **Dotenv:** `run-all-operator-tasks-from-lan.sh` and `run-operator-tasks-from-lan.sh` **always load dotenv** via `scripts/lib/load-project-env.sh` (repo `.env` + `smom-dbis-138/.env`). No need to `source .env` before running. -- **Proxmox hosts:** 192.168.11.10 (ML110), .11 (R630-01), .12 (R630-02). Chain 138 RPC: 192.168.11.211:8545. +- **Proxmox hosts (IPs):** 192.168.11.10–.14 (ML110, R630-01..04). **Canonical FQDNs:** `ml110.sankofa.nexus`, `r630-01.sankofa.nexus`, … `r630-04.sankofa.nexus` (`config/ip-addresses.conf` `PROXMOX_FQDN_*`). Chain 138 RPC: 192.168.11.211:8545. - **NPMplus password:** In **project root** `.env` — variable `NPM_PASSWORD` (with `NPM_EMAIL`, `NPM_URL`). Operator scripts load it via `load-project-env.sh`; NPMplus API: 192.168.11.167:81 or .166:81. - **Continue and complete:** (1) `./scripts/run-completable-tasks-from-anywhere.sh` then (2) `./scripts/run-all-operator-tasks-from-lan.sh` (use `--skip-backup` if NPM_PASSWORD not set; add `--deploy` or `--create-vms` as needed). -When suggesting or running operator/LAN tasks (e.g. `run-all-operator-tasks-from-lan.sh`, contract verification, NPMplus backup, nginx/VMID 5000, token-aggregation DB, E2E checks), assume this host can reach Proxmox hosts (192.168.11.10–12), Chain 138 RPC, NPMplus, and Blockscout. Credentials in `.env` or `smom-dbis-138/.env` (e.g. `NPM_PASSWORD`, `PRIVATE_KEY`) are used automatically when the operator script runs. +When suggesting or running operator/LAN tasks (e.g. `run-all-operator-tasks-from-lan.sh`, contract verification, NPMplus backup, nginx/VMID 5000, token-aggregation DB, E2E checks), assume this host can reach Proxmox nodes (192.168.11.10–.14 or `*.sankofa.nexus`), Chain 138 RPC, NPMplus, and Blockscout. Credentials in `.env` or `smom-dbis-138/.env` (e.g. `NPM_PASSWORD`, `PRIVATE_KEY`) are used automatically when the operator script runs. **Optional:** Before running operator scripts, run the **Operator/LAN access check** (curl RPC, env files) per rule `operator-lan-access-check.mdc`; if unreachable, suggest `run-completable-tasks-from-anywhere.sh` and document that operator tasks need LAN. diff --git a/.cursor/rules/operator-lan-access-check.mdc b/.cursor/rules/operator-lan-access-check.mdc index a473dc35..a50cc438 100644 --- a/.cursor/rules/operator-lan-access-check.mdc +++ b/.cursor/rules/operator-lan-access-check.mdc @@ -38,7 +38,11 @@ test -f .env && test -f smom-dbis-138/.env && echo "env OK" || echo "env missing - Suggest: `./scripts/run-completable-tasks-from-anywhere.sh` (config validation, on-chain check, reconcile output). - Tell the user that NPMplus backup, Blockscout verify, RPC proxy updates, and deploy require a host on **LAN (192.168.11.x)** with root `.env` and `smom-dbis-138/.env`; see **docs/00-meta/OPERATOR_CREDENTIALS_CHECKLIST.md** and **OPERATOR_READY_CHECKLIST.md**. -## 4. References +## 4. Proxmox FQDN on LAN (optional) + +If you use **`*.sankofa.nexus`** for SSH: `bash scripts/verify/check-proxmox-mgmt-fqdn.sh` (exit `1` until UDM/local DNS or `/etc/hosts` has A-records). Snippet: `bash scripts/verify/check-proxmox-mgmt-fqdn.sh --print-hosts`. + +## 5. References - **Operator context (always):** `.cursor/rules/operator-context-lan-proxmox.mdc` — this machine is assumed LAN/operator when that rule applies. - **Credentials:** `docs/00-meta/OPERATOR_CREDENTIALS_CHECKLIST.md` — per-task LAN, PRIVATE_KEY, NPM_PASSWORD, RPC_URL_138. diff --git a/.cursor/rules/project-doc-and-deployment-refs.mdc b/.cursor/rules/project-doc-and-deployment-refs.mdc index f123d6a8..06fad335 100644 --- a/.cursor/rules/project-doc-and-deployment-refs.mdc +++ b/.cursor/rules/project-doc-and-deployment-refs.mdc @@ -8,8 +8,10 @@ alwaysApply: true When answering token/PMM/deployment questions, prefer these docs over inferring from other files. Cite §5 / §8 for canonical and verification. **Canonical / verification:** `docs/11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md` (§5 canonical, §8 on-chain verification) -**Contract addresses:** `docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md` +**Token / bridge naming (UTRNF + DBIS `c*` mapping):** `docs/04-configuration/naming-conventions/README.md` (especially `02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md` for UTRNF `c` vs compliant money) +**Contract addresses:** `docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md` (includes **Ethereum mainnet optional TRUU PMM** subsection) **Address matrix:** `docs/11-references/ADDRESS_MATRIX_AND_STATUS.md` +**Mainnet TRUU PMM (optional volatile rail):** `docs/03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md` section 11; `cross-chain-pmm-lps/config/deployment-status.json` `chains."1".pmmPoolsVolatile[]` **Fixes and deployments:** `docs/00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md` **TODOs:** `docs/00-meta/TODOS_CONSOLIDATED.md` **Operator commands:** `docs/00-meta/OPERATOR_READY_CHECKLIST.md` diff --git a/.cursor/rules/proxmox-production-safety.mdc b/.cursor/rules/proxmox-production-safety.mdc new file mode 100644 index 00000000..efcdb3ec --- /dev/null +++ b/.cursor/rules/proxmox-production-safety.mdc @@ -0,0 +1,28 @@ +--- +description: Mission-critical Proxmox — scoped mutations, no accidental cross-workload impact +alwaysApply: true +--- + +# Production safety — Proxmox and operator automation + +This environment is **mission-critical**. Prefer **small, explicit scopes** over broad loops. + +## Do not + +- Run **host-wide** or **cluster-wide** `pct start` / `qm start` / `pct stop` / destructive maintenance **without** a named list of VMIDs and a **dry-run first**. +- Edit **`config/ip-addresses.conf`** or shared dotenv for a **single-workload** fix unless the change is documented and reviewed; prefer **workload-specific scripts** with explicit `--host` / `--vmid` flags. +- Rely on ad-hoc shell one-liners that iterate all Proxmox IPs for the user; use **`scripts/operator/start-stopped-lxc-scoped.sh`** (or an equally scoped script) instead. + +## Do + +- **Default dry-run**, then **`--apply`** or **`PROXMOX_OPS_APPLY=1`** for mutations. Optional **`PROXMOX_OPS_ALLOWED_VMIDS`** for an extra allowlist. +- Set **`PROXMOX_SAFE_DEFAULTS=1`** in operator `.env` so guarded maintenance scripts (`fix-core-rpc-2101.sh`, `make-rpc-vmids-writable-via-ssh.sh`, `ensure-legacy-monitor-networkd-via-ssh.sh`) default to **dry-run** unless **`--apply`** or **`PROXMOX_OPS_APPLY=1`**. Orchestrators (e.g. `run-all-maintenance-via-proxmox-ssh.sh`) pass **`--apply`** to sub-steps when not in top-level `--dry-run`. +- Use **`scripts/lib/proxmox-production-guard.sh`** in new operator scripts that SSH to PVE. +- After changing VM placement, update **`get_host_for_vmid`** in `scripts/lib/load-project-env.sh` so automation targets the correct node. +- For Chain 138 RPC checks only: **`scripts/verify/check-chain138-rpc-health.sh`** (read-only HTTP probes). + +## Reference + +- Scoped start: `scripts/operator/start-stopped-lxc-scoped.sh` +- Guard helpers: `scripts/lib/proxmox-production-guard.sh` +- VMID / host facts: `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` diff --git a/.env.master.example b/.env.master.example index 966dfcbe..29f60dea 100644 --- a/.env.master.example +++ b/.env.master.example @@ -245,15 +245,20 @@ DODO_PMM_INTEGRATION_MAINNET= # Forge sources: smom-dbis-138/script/flash/RunMainnetAaveCwusdcUsdcQuotePushOnce.s.sol # Modeling (no chain writes): scripts/deployment/run-mainnet-cwusdc-flash-quote-push-model-sweep.sh # Optional sweep tuning: FLASH_MODEL_GAS_TX_COUNT FLASH_MODEL_GAS_PER_TX FLASH_MODEL_MAX_POST_TRADE_DEV_BPS -AAVE_QUOTE_PUSH_RECEIVER_MAINNET= -QUOTE_PUSH_EXTERNAL_UNWINDER_MAINNET= -FLASH_QUOTE_AMOUNT_RAW= +AAVE_QUOTE_PUSH_RECEIVER_MAINNET=0x241cb416aaFC2654078b7E2376adED2bDeFbCBa2 +# QUOTE_PUSH_UNWINDER_TYPE=two_hop_dodo # lets run-mainnet-aave-cwusdc-quote-push-once.sh auto-pick the latest real broadcast unwinder after --apply +QUOTE_PUSH_EXTERNAL_UNWINDER_MAINNET=0xaB74B4369e5603085A58FDa181E9B43617C6a58f +FLASH_QUOTE_AMOUNT_RAW=200000 # UNWIND_MODE: 0 = Uniswap V3 exactInputSingle (set UNWIND_V3_FEE_U24); 1 = DODO pool (UNWIND_DODO_POOL); # 2 = Uniswap V3 exactInput packed path hex (UNWIND_V3_PATH_HEX) when no direct pool — see UniswapV3ExternalUnwinder. -UNWIND_MODE=0 -UNWIND_V3_FEE_U24= +UNWIND_MODE=4 +# UNWIND_V3_FEE_U24= # UNWIND_V3_PATH_HEX=0x... # UNWIND_MODE=2 — build: bash scripts/verify/build-uniswap-v3-exact-input-path-hex.sh # UNWIND_DODO_POOL= +UNWIND_TWO_HOP_POOL_A=0xe944b7Cb012A0820c07f54D51e92f0e1C74168DB +UNWIND_TWO_HOP_POOL_B=0x27f3aE7EE71Be3d77bAf17d4435cF8B895DD25D2 +UNWIND_TWO_HOP_MID_TOKEN=0xaF5017d0163ecb99d9B5D94e3b4D7b09Af44D8AE +UNWIND_MIN_MID_OUT_RAW=1 # Discover V3 pools: bash scripts/verify/probe-uniswap-v3-cwusdc-usdc-mainnet.sh # Optional min-out overrides (script derives from pool query + Aave premium when unset): # MIN_OUT_PMM= diff --git a/.gitea/workflows/live-inventory-hardware-weekly.yml b/.gitea/workflows/live-inventory-hardware-weekly.yml new file mode 100644 index 00000000..d895060a --- /dev/null +++ b/.gitea/workflows/live-inventory-hardware-weekly.yml @@ -0,0 +1,30 @@ +# Weekly: hardware poll + live inventory / drift export → artifacts. +# GitHub: see .github/workflows/live-inventory-drift.yml +# Gitea: use a LAN self-hosted runner with label [lan] for live Proxmox reachability; +# ubuntu-latest will usually produce seed_unreachable (still uploads JSON). +name: Live inventory + hardware poll (weekly) + +on: + workflow_dispatch: + schedule: + - cron: '20 7 * * 1' + +jobs: + inventory-and-hardware: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Poll Proxmox cluster hardware (LAN optional) + run: bash scripts/verify/poll-proxmox-cluster-hardware.sh + continue-on-error: true + + - name: Export live inventory and IPAM drift + run: bash scripts/it-ops/export-live-inventory-and-drift.sh + continue-on-error: true + + - name: Summarize reports/status (commit artifacts on LAN runner if needed) + if: always() + run: | + ls -la reports/status/ 2>/dev/null || true + test -f reports/status/drift.json && head -c 400 reports/status/drift.json || true diff --git a/.github/workflows/dbis-core-gateway-ci.yml b/.github/workflows/dbis-core-gateway-ci.yml new file mode 100644 index 00000000..6d7a3d70 --- /dev/null +++ b/.github/workflows/dbis-core-gateway-ci.yml @@ -0,0 +1,55 @@ +# Gateway rails unit + HTTP integration tests (dbis_core submodule) +name: dbis-core-gateway-ci + +on: + push: + paths: + - 'dbis_core/package.json' + - 'dbis_core/package-lock.json' + - 'dbis_core/jest.config.js' + - 'dbis_core/jest.gateway-http.config.js' + - 'dbis_core/src/core/gateway/**' + - 'dbis_core/src/workers/gateway-outbox.worker.ts' + - 'dbis_core/src/workers/run-gateway-outbox-worker.ts' + - 'dbis_core/src/__tests__/unit/core/gateway/**' + - 'dbis_core/src/__tests__/integration/api/gateway-rails-http.integration.test.ts' + - 'dbis_core/src/__tests__/gateway-http-env-setup.ts' + - 'dbis_core/src/__tests__/utils/gateway-http-test-app.ts' + - '.github/workflows/dbis-core-gateway-ci.yml' + pull_request: + paths: + - 'dbis_core/package.json' + - 'dbis_core/package-lock.json' + - 'dbis_core/jest.config.js' + - 'dbis_core/jest.gateway-http.config.js' + - 'dbis_core/src/core/gateway/**' + - 'dbis_core/src/workers/gateway-outbox.worker.ts' + - 'dbis_core/src/workers/run-gateway-outbox-worker.ts' + - 'dbis_core/src/__tests__/unit/core/gateway/**' + - 'dbis_core/src/__tests__/integration/api/gateway-rails-http.integration.test.ts' + - 'dbis_core/src/__tests__/gateway-http-env-setup.ts' + - 'dbis_core/src/__tests__/utils/gateway-http-test-app.ts' + - '.github/workflows/dbis-core-gateway-ci.yml' + +defaults: + run: + working-directory: dbis_core + +jobs: + test-gateway: + runs-on: ubuntu-latest + timeout-minutes: 15 + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + cache-dependency-path: dbis_core/package-lock.json + + - name: Install dependencies + run: npm ci + + - name: Gateway tests (unit + integration) + run: npm run test:gateway diff --git a/.github/workflows/economics-toolkit.yml b/.github/workflows/economics-toolkit.yml new file mode 100644 index 00000000..5c6aa9b9 --- /dev/null +++ b/.github/workflows/economics-toolkit.yml @@ -0,0 +1,42 @@ +# Unit tests for packages/economics-toolkit (no live RPC required). +name: economics-toolkit + +on: + push: + paths: + - "packages/economics-toolkit/**" + - "pnpm-workspace.yaml" + - "package.json" + - "scripts/economics/**" + - "scripts/validation/validate-economics-strategy-json.sh" + - "AGENTS.md" + - ".github/workflows/economics-toolkit.yml" + pull_request: + paths: + - "packages/economics-toolkit/**" + - "pnpm-workspace.yaml" + - "package.json" + - "scripts/economics/**" + - "scripts/validation/validate-economics-strategy-json.sh" + - "AGENTS.md" + - ".github/workflows/economics-toolkit.yml" + workflow_dispatch: {} + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: pnpm/action-setup@v4 + with: + version: 10 + - uses: actions/setup-node@v4 + with: + node-version: "20" + cache: "pnpm" + - name: Install + run: pnpm install + - name: Test economics-toolkit + run: pnpm run economics:test + - name: Validate strategy JSON (smoke + template) + run: pnpm run economics:validate diff --git a/.github/workflows/info-defi-oracle-138.yml b/.github/workflows/info-defi-oracle-138.yml new file mode 100644 index 00000000..c2c65e6a --- /dev/null +++ b/.github/workflows/info-defi-oracle-138.yml @@ -0,0 +1,43 @@ +# Build Chain 138 info hub SPA when its package or workspace lockfile changes. +name: info-defi-oracle-138 + +on: + pull_request: + paths: + - 'info-defi-oracle-138/**' + - 'pnpm-lock.yaml' + - 'pnpm-workspace.yaml' + - '.github/workflows/info-defi-oracle-138.yml' + push: + branches: [main, master] + paths: + - 'info-defi-oracle-138/**' + - 'pnpm-lock.yaml' + - 'pnpm-workspace.yaml' + - '.github/workflows/info-defi-oracle-138.yml' + +jobs: + build: + name: Typecheck & Vite build + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + version: 10 + + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'pnpm' + cache-dependency-path: pnpm-lock.yaml + + - name: Install dependencies + run: pnpm install --frozen-lockfile + + - name: Build info-defi-oracle-138 + run: pnpm --filter info-defi-oracle-138 build diff --git a/.github/workflows/pmm-soak-grid-smoke.yml b/.github/workflows/pmm-soak-grid-smoke.yml new file mode 100644 index 00000000..37da332b --- /dev/null +++ b/.github/workflows/pmm-soak-grid-smoke.yml @@ -0,0 +1,46 @@ +# Dry-run PMM soak helpers: export, fund-grid plan, grid + single-wallet quote ticks (read-only RPC). +name: PMM soak grid smoke + +on: + pull_request: + paths: + - 'scripts/deployment/pmm-soak*.sh' + - 'scripts/deployment/chain138-pmm*.sh' + - 'scripts/deployment/pmm-soak-grid-smoke-check.sh' + - 'scripts/lib/pmm-soak*.sh' + - 'scripts/lib/pmm-soak-dotenv-override.sh' + - 'scripts/deployment/pmm-soak-export-wallet-grid.py' + - 'config/pmm-soak-pools-stable.txt' + - 'config/pmm-soak-wallet-grid.example.json' + - '.github/workflows/pmm-soak-grid-smoke.yml' + push: + branches: [main, master] + paths: + - 'scripts/deployment/pmm-soak*.sh' + - 'scripts/deployment/chain138-pmm*.sh' + - 'scripts/deployment/pmm-soak-grid-smoke-check.sh' + - 'scripts/lib/pmm-soak*.sh' + - 'scripts/lib/pmm-soak-dotenv-override.sh' + - 'scripts/deployment/pmm-soak-export-wallet-grid.py' + - 'config/pmm-soak-pools-stable.txt' + - 'config/pmm-soak-wallet-grid.example.json' + - '.github/workflows/pmm-soak-grid-smoke.yml' + +jobs: + smoke: + name: Grid smoke (dry-run, public RPC) + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install Foundry (cast) + uses: foundry-rs/foundry-toolchain@v1 + + - name: Install bc + run: sudo apt-get update -qq && sudo apt-get install -y bc + + - name: PMM soak grid smoke + env: + CI: "true" + run: bash scripts/deployment/pmm-soak-grid-smoke-check.sh diff --git a/.github/workflows/verify-info-defi-oracle-public.yml b/.github/workflows/verify-info-defi-oracle-public.yml new file mode 100644 index 00000000..fff6dc79 --- /dev/null +++ b/.github/workflows/verify-info-defi-oracle-public.yml @@ -0,0 +1,44 @@ +# Smoke-test the public Chain 138 info hub (HTTPS + agent files + same-origin token-aggregation JSON). +# No secrets. May fail if the public edge or origin is down — inspect logs and runbook. +name: Verify info.defi-oracle.io (public) + +on: + pull_request: + paths: + - 'scripts/verify/check-info-defi-oracle-public.sh' + - 'scripts/verify/playwright-audit-info-defi-oracle.mjs' + - 'info-defi-oracle-138/**' + - '.github/workflows/verify-info-defi-oracle-public.yml' + workflow_dispatch: + inputs: + info_site_base: + description: 'Optional INFO_SITE_BASE (staging). Leave empty to use repo variable or default https://info.defi-oracle.io' + required: false + type: string + default: '' + schedule: + - cron: '35 14 * * 1' # Mondays 14:35 UTC (~ weekly) + +jobs: + verify: + name: check-info-defi-oracle-public.sh + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install jq + run: | + sudo apt-get update -qq + sudo apt-get install -y -qq jq + + - name: Public info site + token-aggregation + shell: bash + env: + INPUT_BASE: ${{ github.event.inputs.info_site_base }} + VAR_BASE: ${{ vars.INFO_SITE_BASE }} + run: | + set -euo pipefail + if [ -n "${INPUT_BASE}" ]; then export INFO_SITE_BASE="${INPUT_BASE}"; fi + if [ -z "${INFO_SITE_BASE:-}" ] && [ -n "${VAR_BASE}" ]; then export INFO_SITE_BASE="${VAR_BASE}"; fi + bash scripts/verify/check-info-defi-oracle-public.sh diff --git a/.gitignore b/.gitignore index 650582df..a026f1eb 100644 --- a/.gitignore +++ b/.gitignore @@ -12,10 +12,17 @@ yarn.lock # DBIS identity package — never commit real secrets (example only is tracked) config/production/dbis-identity-public-did-secrets.env +# Local executor allowlist (copy from executor-allowlist.example.json) +packages/economics-toolkit/config/executor-allowlist.json + +# PMM soak grid (addresses tied to a real mnemonic — generate locally) +config/pmm-soak-wallet-grid.json + # Environment files .env .env.local .env.*.local +.env.keeper.local .env.master # Logs diff --git a/.gitmodules b/.gitmodules index 2d660735..12b8f8fa 100644 --- a/.gitmodules +++ b/.gitmodules @@ -64,3 +64,6 @@ [submodule "MEV_Bot"] path = MEV_Bot url = https://gitea.d-bis.org/d-bis/MEV_Bot.git +[submodule "thirdweb-core-2103-test/lib/contracts"] + path = thirdweb-core-2103-test/lib/contracts + url = https://github.com/thirdweb-dev/contracts diff --git a/.ops-backups/cloudflare/sfvalley02-config-20260405-1512.json b/.ops-backups/cloudflare/sfvalley02-config-20260405-1512.json new file mode 100644 index 00000000..e69de29b diff --git a/.ops-backups/cloudflare/sfvalley02-config-20260405-1513-post-cleanup.json b/.ops-backups/cloudflare/sfvalley02-config-20260405-1513-post-cleanup.json new file mode 100644 index 00000000..dffef520 --- /dev/null +++ b/.ops-backups/cloudflare/sfvalley02-config-20260405-1513-post-cleanup.json @@ -0,0 +1 @@ +{"success":true,"errors":[],"messages":[],"result":{"tunnel_id":"892bd3fe-c6fa-4ddf-8b60-a8ed2b849c3d","version":14,"config":{"ingress":[{"service":"https://192.168.11.169:443","hostname":"rpc-core-2.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"rpc-alltra.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"rpc-alltra-2.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"rpc-alltra-3.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"rpc-hybx.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"rpc-hybx-2.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"rpc-hybx-3.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"cacti-alltra.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"https://192.168.11.169:443","hostname":"cacti-hybx.d-bis.org","originRequest":{"noTLSVerify":true}},{"service":"http_status:404"}],"warp-routing":{"enabled":false}},"source":"cloudflare","created_at":"2026-04-05T22:11:28.363368Z"}} \ No newline at end of file diff --git a/.ops-backups/npmplus/proxy-hosts-20260405-115027.json b/.ops-backups/npmplus/proxy-hosts-20260405-115027.json new file mode 100644 index 00000000..40a9e742 --- /dev/null +++ b/.ops-backups/npmplus/proxy-hosts-20260405-115027.json @@ -0,0 +1 @@ +[{"id":58,"created_on":"2026-03-24 14:38:08","modified_on":"2026-04-04 20:54:18","owner_user_id":1,"domain_names":["*.tw-core.d-bis.org"],"forward_host":"192.168.11.217","forward_port":8545,"access_list_id":0,"certificate_id":174,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":65,"created_on":"2026-03-30 15:45:46","modified_on":"2026-04-04 21:18:00","owner_user_id":1,"domain_names":["admin.d-bis.org"],"forward_host":"192.168.11.130","forward_port":80,"access_list_id":0,"certificate_id":181,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":62,"created_on":"2026-03-29 07:49:48","modified_on":"2026-04-04 01:44:01","owner_user_id":1,"domain_names":["admin.sankofa.nexus"],"forward_host":"192.168.11.51","forward_port":3000,"access_list_id":0,"certificate_id":179,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":54,"created_on":"2026-03-10 10:53:25","modified_on":"2026-04-01 14:23:52","owner_user_id":1,"domain_names":["api.explorer.d-bis.org"],"forward_host":"192.168.11.140","forward_port":4000,"access_list_id":0,"certificate_id":168,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":53,"created_on":"2026-03-07 16:23:35","modified_on":"2026-04-04 20:37:25","owner_user_id":1,"domain_names":["blockscout.defi-oracle.io"],"forward_host":"192.168.11.140","forward_port":80,"access_list_id":0,"certificate_id":167,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":37,"created_on":"2026-02-07 00:42:23","modified_on":"2026-02-07 00:46:30","owner_user_id":1,"domain_names":["cacti-alltra.d-bis.org"],"forward_host":"192.168.11.177","forward_port":80,"access_list_id":0,"certificate_id":146,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":38,"created_on":"2026-02-07 00:42:24","modified_on":"2026-02-07 00:46:53","owner_user_id":1,"domain_names":["cacti-hybx.d-bis.org"],"forward_host":"192.168.11.251","forward_port":80,"access_list_id":0,"certificate_id":147,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":41,"created_on":"2026-02-07 20:41:16","modified_on":"2026-04-01 14:24:49","owner_user_id":1,"domain_names":["codespaces.d-bis.org"],"forward_host":"192.168.11.60","forward_port":3000,"access_list_id":0,"certificate_id":156,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":66,"created_on":"2026-03-30 15:45:49","modified_on":"2026-04-04 21:19:58","owner_user_id":1,"domain_names":["core.d-bis.org"],"forward_host":"192.168.11.155","forward_port":3000,"access_list_id":0,"certificate_id":182,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":22,"created_on":"2026-01-18 22:19:18","modified_on":"2026-01-29 22:52:50","owner_user_id":1,"domain_names":["cross-all.defi-oracle.io"],"forward_host":"192.168.11.211","forward_port":80,"access_list_id":0,"certificate_id":134,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":63,"created_on":"2026-03-30 15:45:40","modified_on":"2026-04-04 21:14:17","owner_user_id":1,"domain_names":["d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":183,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":49,"created_on":"2026-02-20 22:27:16","modified_on":"2026-04-04 01:41:16","owner_user_id":1,"domain_names":["dapp.d-bis.org"],"forward_host":"192.168.11.58","forward_port":80,"access_list_id":0,"certificate_id":162,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"letsencrypt_agree":false,"dns_challenge":false,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":78,"created_on":"2026-04-01 13:56:15","modified_on":"2026-04-04 01:44:07","owner_user_id":1,"domain_names":["dash.sankofa.nexus"],"forward_host":"192.168.11.51","forward_port":3000,"access_list_id":0,"certificate_id":187,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":77,"created_on":"2026-03-30 17:02:34","modified_on":"2026-04-04 01:41:04","owner_user_id":1,"domain_names":["data.d-bis.org"],"forward_host":"192.168.11.155","forward_port":3000,"access_list_id":0,"certificate_id":188,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":13,"created_on":"2026-01-16 14:41:02","modified_on":"2026-04-04 21:21:42","owner_user_id":1,"domain_names":["dbis-admin.d-bis.org"],"forward_host":"192.168.11.130","forward_port":80,"access_list_id":0,"certificate_id":46,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":15,"created_on":"2026-01-16 14:41:04","modified_on":"2026-04-04 21:31:13","owner_user_id":1,"domain_names":["dbis-api-2.d-bis.org"],"forward_host":"192.168.11.156","forward_port":3000,"access_list_id":0,"certificate_id":47,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":14,"created_on":"2026-01-16 14:41:03","modified_on":"2026-04-04 21:23:45","owner_user_id":1,"domain_names":["dbis-api.d-bis.org"],"forward_host":"192.168.11.155","forward_port":3000,"access_list_id":0,"certificate_id":48,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":45,"created_on":"2026-02-13 20:32:33","modified_on":"2026-04-04 01:42:33","owner_user_id":1,"domain_names":["dbis.xom-dev.phoenix.sankofa.nexus"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":165,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":39,"created_on":"2026-02-07 20:41:12","modified_on":"2026-04-01 14:26:42","owner_user_id":1,"domain_names":["dev.d-bis.org"],"forward_host":"192.168.11.60","forward_port":3000,"access_list_id":0,"certificate_id":157,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":69,"created_on":"2026-03-30 17:00:31","modified_on":"2026-04-04 01:37:40","owner_user_id":1,"domain_names":["developers.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":189,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":55,"created_on":"2026-03-18 02:25:40","modified_on":"2026-04-04 20:39:46","owner_user_id":1,"domain_names":["docs.d-bis.org"],"forward_host":"192.168.11.140","forward_port":80,"access_list_id":0,"certificate_id":169,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":8,"created_on":"2026-01-16 14:40:58","modified_on":"2026-04-05 04:00:33","owner_user_id":1,"domain_names":["explorer.d-bis.org"],"forward_host":"192.168.11.140","forward_port":80,"access_list_id":0,"certificate_id":145,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"add_header Referrer-Policy \"strict-origin-when-cross-origin\" always;","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[{"path":"/token-aggregation/api/v1/","forward_scheme":"https","forward_host":"192.168.11.140","forward_port":443}],"hsts_enabled":true,"hsts_subdomains":true},{"id":30,"created_on":"2026-01-31 00:13:09","modified_on":"2026-02-06 19:09:43","owner_user_id":1,"domain_names":["explorer.defi-oracle.io"],"forward_host":"192.168.11.140","forward_port":80,"access_list_id":0,"certificate_id":144,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"letsencrypt_agree":false,"dns_challenge":false,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":40,"created_on":"2026-02-07 20:41:14","modified_on":"2026-04-01 14:28:12","owner_user_id":1,"domain_names":["gitea.d-bis.org"],"forward_host":"192.168.11.60","forward_port":3000,"access_list_id":0,"certificate_id":158,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":46,"created_on":"2026-02-13 20:32:35","modified_on":"2026-04-04 01:42:39","owner_user_id":1,"domain_names":["iccc.xom-dev.phoenix.sankofa.nexus"],"forward_host":"192.168.11.54","forward_port":3002,"access_list_id":0,"certificate_id":170,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":73,"created_on":"2026-03-30 17:01:51","modified_on":"2026-04-04 01:39:29","owner_user_id":1,"domain_names":["identity.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":190,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":79,"created_on":"2026-04-02 11:13:16","modified_on":"2026-04-04 21:01:06","owner_user_id":1,"domain_names":["info.defi-oracle.io"],"forward_host":"192.168.11.240","forward_port":80,"access_list_id":0,"certificate_id":0,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":false,"hsts_subdomains":false},{"id":76,"created_on":"2026-03-30 17:02:21","modified_on":"2026-04-04 01:40:39","owner_user_id":1,"domain_names":["interop.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":191,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":60,"created_on":"2026-03-27 00:57:43","modified_on":"2026-04-04 01:43:26","owner_user_id":1,"domain_names":["keycloak.sankofa.nexus"],"forward_host":"192.168.11.52","forward_port":8080,"access_list_id":0,"certificate_id":177,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":68,"created_on":"2026-03-30 17:00:13","modified_on":"2026-04-04 01:37:03","owner_user_id":1,"domain_names":["members.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":192,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":17,"created_on":"2026-01-16 14:41:05","modified_on":"2026-04-04 01:41:28","owner_user_id":1,"domain_names":["mim4u.org"],"forward_host":"192.168.11.37","forward_port":80,"access_list_id":0,"certificate_id":50,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\r\nadd_header X-Content-Type-Options \"nosniff\" always;\r\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\r\nadd_header X-XSS-Protection \"1; mode=block\" always;\r\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\r\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\r\n\r\n# Ensure proper DOCTYPE (if backend doesn't provide it)\r\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"letsencrypt_agree":false,"dns_challenge":false,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":47,"created_on":"2026-02-13 20:32:37","modified_on":"2026-04-04 01:42:55","owner_user_id":1,"domain_names":["omnl.xom-dev.phoenix.sankofa.nexus"],"forward_host":"192.168.11.54","forward_port":3003,"access_list_id":0,"certificate_id":172,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":72,"created_on":"2026-03-30 17:01:33","modified_on":"2026-04-04 01:39:06","owner_user_id":1,"domain_names":["ops.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":193,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":5,"created_on":"2026-01-16 14:40:55","modified_on":"2026-04-04 01:43:13","owner_user_id":1,"domain_names":["phoenix.sankofa.nexus"],"forward_host":"192.168.11.50","forward_port":4000,"access_list_id":0,"certificate_id":51,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":71,"created_on":"2026-03-30 17:01:16","modified_on":"2026-04-04 01:38:45","owner_user_id":1,"domain_names":["policy.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":194,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":61,"created_on":"2026-03-29 07:49:44","modified_on":"2026-04-04 01:43:56","owner_user_id":1,"domain_names":["portal.sankofa.nexus"],"forward_host":"192.168.11.51","forward_port":3000,"access_list_id":0,"certificate_id":180,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":42,"created_on":"2026-02-07 20:41:17","modified_on":"2026-04-01 14:31:28","owner_user_id":1,"domain_names":["pve.ml110.d-bis.org"],"forward_host":"192.168.11.10","forward_port":8006,"access_list_id":0,"certificate_id":159,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":43,"created_on":"2026-02-07 20:41:19","modified_on":"2026-04-01 14:31:33","owner_user_id":1,"domain_names":["pve.r630-01.d-bis.org"],"forward_host":"192.168.11.11","forward_port":8006,"access_list_id":0,"certificate_id":160,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":44,"created_on":"2026-02-07 20:41:21","modified_on":"2026-04-01 14:31:36","owner_user_id":1,"domain_names":["pve.r630-02.d-bis.org"],"forward_host":"192.168.11.12","forward_port":8006,"access_list_id":0,"certificate_id":161,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\n#dns_cloudflare_api_token=65d8f07ebb3f0454fdc4e854b6ada13fba0f0\r\n# OR Cloudflare API credentials\r\ndns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":70,"created_on":"2026-03-30 17:00:43","modified_on":"2026-04-04 01:38:16","owner_user_id":1,"domain_names":["research.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":195,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":32,"created_on":"2026-02-07 00:42:16","modified_on":"2026-02-07 00:47:07","owner_user_id":1,"domain_names":["rpc-alltra-2.d-bis.org"],"forward_host":"192.168.11.173","forward_port":8545,"access_list_id":0,"certificate_id":148,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":33,"created_on":"2026-02-07 00:42:17","modified_on":"2026-02-07 08:15:41","owner_user_id":1,"domain_names":["rpc-alltra-3.d-bis.org"],"forward_host":"192.168.11.174","forward_port":8545,"access_list_id":0,"certificate_id":150,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":31,"created_on":"2026-02-07 00:42:15","modified_on":"2026-02-07 08:15:53","owner_user_id":1,"domain_names":["rpc-alltra.d-bis.org"],"forward_host":"192.168.11.172","forward_port":8545,"access_list_id":0,"certificate_id":151,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":67,"created_on":"2026-03-30 16:56:52","modified_on":"2026-04-04 20:48:45","owner_user_id":1,"domain_names":["rpc-core.d-bis.org"],"forward_host":"192.168.11.211","forward_port":8545,"access_list_id":0,"certificate_id":196,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":false,"hsts_subdomains":false},{"id":50,"created_on":"2026-02-21 17:37:16","modified_on":"2026-04-04 21:11:14","owner_user_id":1,"domain_names":["rpc-fireblocks.d-bis.org"],"forward_host":"192.168.11.232","forward_port":8545,"access_list_id":0,"certificate_id":163,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":11,"created_on":"2026-01-16 14:41:00","modified_on":"2026-04-04 20:44:46","owner_user_id":1,"domain_names":["rpc-http-prv.d-bis.org"],"forward_host":"192.168.11.211","forward_port":8545,"access_list_id":0,"certificate_id":52,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":false,"hsts_subdomains":true},{"id":9,"created_on":"2026-01-16 14:40:59","modified_on":"2026-04-04 20:41:39","owner_user_id":1,"domain_names":["rpc-http-pub.d-bis.org"],"forward_host":"192.168.11.221","forward_port":8545,"access_list_id":0,"certificate_id":53,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":35,"created_on":"2026-02-07 00:42:20","modified_on":"2026-02-07 08:16:06","owner_user_id":1,"domain_names":["rpc-hybx-2.d-bis.org"],"forward_host":"192.168.11.247","forward_port":8545,"access_list_id":0,"certificate_id":152,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":36,"created_on":"2026-02-07 00:42:22","modified_on":"2026-02-07 08:16:19","owner_user_id":1,"domain_names":["rpc-hybx-3.d-bis.org"],"forward_host":"192.168.11.248","forward_port":8545,"access_list_id":0,"certificate_id":153,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":34,"created_on":"2026-02-07 00:42:19","modified_on":"2026-02-07 08:16:32","owner_user_id":1,"domain_names":["rpc-hybx.d-bis.org"],"forward_host":"192.168.11.246","forward_port":8545,"access_list_id":0,"certificate_id":154,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":12,"created_on":"2026-01-16 14:41:01","modified_on":"2026-04-04 20:46:41","owner_user_id":1,"domain_names":["rpc-ws-prv.d-bis.org"],"forward_host":"192.168.11.211","forward_port":8546,"access_list_id":0,"certificate_id":54,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":10,"created_on":"2026-01-16 14:40:59","modified_on":"2026-04-04 20:43:18","owner_user_id":1,"domain_names":["rpc-ws-pub.d-bis.org"],"forward_host":"192.168.11.221","forward_port":8546,"access_list_id":0,"certificate_id":55,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":26,"created_on":"2026-01-29 16:35:10","modified_on":"2026-04-04 21:03:53","owner_user_id":1,"domain_names":["rpc.d-bis.org"],"forward_host":"192.168.11.221","forward_port":8545,"access_list_id":0,"certificate_id":141,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"# Cloudflare API token\r\ndns_cloudflare_email = pandoramannli@gmail.com\r\ndns_cloudflare_api_key = 65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":24,"created_on":"2026-01-29 15:38:44","modified_on":"2026-04-04 20:57:48","owner_user_id":1,"domain_names":["rpc.defi-oracle.io"],"forward_host":"192.168.11.221","forward_port":8545,"access_list_id":0,"certificate_id":197,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"letsencrypt_agree":false,"dns_challenge":false,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":21,"created_on":"2026-01-16 14:41:09","modified_on":"2026-04-04 20:56:09","owner_user_id":1,"domain_names":["rpc.public-0138.defi-oracle.io"],"forward_host":"192.168.11.221","forward_port":8545,"access_list_id":0,"certificate_id":56,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":56,"created_on":"2026-03-24 14:37:36","modified_on":"2026-04-04 20:50:40","owner_user_id":1,"domain_names":["rpc.tw-core.d-bis.org"],"forward_host":"192.168.11.217","forward_port":8545,"access_list_id":0,"certificate_id":175,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":27,"created_on":"2026-01-29 16:35:11","modified_on":"2026-04-04 21:05:30","owner_user_id":1,"domain_names":["rpc2.d-bis.org"],"forward_host":"192.168.11.221","forward_port":8545,"access_list_id":0,"certificate_id":137,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email = pandoramannli@gmail.com\r\ndns_cloudflare_api_key = 65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":75,"created_on":"2026-03-30 17:02:13","modified_on":"2026-04-04 01:40:15","owner_user_id":1,"domain_names":["sandbox.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":186,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":3,"created_on":"2026-01-16 14:40:54","modified_on":"2026-04-04 01:43:04","owner_user_id":1,"domain_names":["sankofa.nexus"],"forward_host":"192.168.11.63","forward_port":3000,"access_list_id":0,"certificate_id":57,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"add_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":16,"created_on":"2026-01-16 14:41:04","modified_on":"2026-04-04 21:31:48","owner_user_id":1,"domain_names":["secure.d-bis.org"],"forward_host":"192.168.11.130","forward_port":80,"access_list_id":0,"certificate_id":58,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":19,"created_on":"2026-01-16 14:41:07","modified_on":"2026-04-04 01:42:08","owner_user_id":1,"domain_names":["secure.mim4u.org"],"forward_host":"192.168.11.37","forward_port":80,"access_list_id":0,"certificate_id":59,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\r\nadd_header X-Content-Type-Options \"nosniff\" always;\r\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\r\nadd_header X-XSS-Protection \"1; mode=block\" always;\r\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\r\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\r\n\r\n# Ensure proper DOCTYPE (if backend doesn't provide it)\r\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"letsencrypt_agree":false,"dns_challenge":false,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":74,"created_on":"2026-03-30 17:02:05","modified_on":"2026-04-04 01:39:52","owner_user_id":1,"domain_names":["status.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":185,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":52,"created_on":"2026-03-01 15:16:30","modified_on":"2026-04-04 01:43:46","owner_user_id":1,"domain_names":["studio.sankofa.nexus"],"forward_host":"192.168.11.72","forward_port":8000,"access_list_id":0,"certificate_id":166,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":7,"created_on":"2026-01-16 14:40:57","modified_on":"2026-04-04 01:43:34","owner_user_id":1,"domain_names":["the-order.sankofa.nexus"],"forward_host":"192.168.11.39","forward_port":80,"access_list_id":0,"certificate_id":60,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":20,"created_on":"2026-01-16 14:41:08","modified_on":"2026-04-04 01:42:23","owner_user_id":1,"domain_names":["training.mim4u.org"],"forward_host":"192.168.11.37","forward_port":80,"access_list_id":0,"certificate_id":61,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\r\nadd_header X-Content-Type-Options \"nosniff\" always;\r\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\r\nadd_header X-XSS-Protection \"1; mode=block\" always;\r\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\r\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\r\n\r\n# Ensure proper DOCTYPE (if backend doesn't provide it)\r\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"letsencrypt_agree":false,"dns_challenge":false,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":51,"created_on":"2026-02-21 17:37:45","modified_on":"2026-04-04 21:12:39","owner_user_id":1,"domain_names":["ws.rpc-fireblocks.d-bis.org"],"forward_host":"192.168.11.232","forward_port":8546,"access_list_id":0,"certificate_id":164,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":28,"created_on":"2026-01-29 16:35:12","modified_on":"2026-04-04 21:07:24","owner_user_id":1,"domain_names":["ws.rpc.d-bis.org"],"forward_host":"192.168.11.221","forward_port":8546,"access_list_id":0,"certificate_id":138,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email = pandoramannli@gmail.com\r\ndns_cloudflare_api_key = 65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":29,"created_on":"2026-01-29 16:35:12","modified_on":"2026-04-04 21:09:24","owner_user_id":1,"domain_names":["ws.rpc2.d-bis.org"],"forward_host":"192.168.11.221","forward_port":8546,"access_list_id":0,"certificate_id":139,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email = pandoramannli@gmail.com\r\ndns_cloudflare_api_key = 65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":25,"created_on":"2026-01-29 15:38:45","modified_on":"2026-04-04 20:59:14","owner_user_id":1,"domain_names":["wss.defi-oracle.io"],"forward_host":"192.168.11.221","forward_port":8546,"access_list_id":0,"certificate_id":140,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email = pandoramannli@gmail.com\r\ndns_cloudflare_api_key = 65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":57,"created_on":"2026-03-24 14:37:51","modified_on":"2026-04-04 20:52:39","owner_user_id":1,"domain_names":["wss.tw-core.d-bis.org"],"forward_host":"192.168.11.217","forward_port":8546,"access_list_id":0,"certificate_id":176,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":true,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":false,"hsts_subdomains":false},{"id":64,"created_on":"2026-03-30 15:45:43","modified_on":"2026-04-04 21:15:48","owner_user_id":1,"domain_names":["www.d-bis.org"],"forward_host":"192.168.11.54","forward_port":3001,"access_list_id":0,"certificate_id":184,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"return 301 https://d-bis.org$request_uri;","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":80,"created_on":"2026-04-02 11:13:18","modified_on":"2026-04-04 21:02:24","owner_user_id":1,"domain_names":["www.info.defi-oracle.io"],"forward_host":"192.168.11.240","forward_port":80,"access_list_id":0,"certificate_id":0,"ssl_forced":false,"caching_enabled":false,"block_exploits":false,"advanced_config":"return 301 https://info.defi-oracle.io$request_uri;","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":false,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":false,"hsts_subdomains":false},{"id":18,"created_on":"2026-01-16 14:41:06","modified_on":"2026-04-04 01:41:46","owner_user_id":1,"domain_names":["www.mim4u.org"],"forward_host":"192.168.11.37","forward_port":80,"access_list_id":0,"certificate_id":62,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"# Security Headers\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests\" always;\n\n# Ensure proper DOCTYPE (if backend doesn't provide it)\n# Note: This requires backend to send proper DOCTYPE, Nginx can't modify HTML body easily","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":6,"created_on":"2026-01-16 14:40:56","modified_on":"2026-04-04 01:43:18","owner_user_id":1,"domain_names":["www.phoenix.sankofa.nexus"],"forward_host":"192.168.11.50","forward_port":4000,"access_list_id":0,"certificate_id":63,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"return 301 https://phoenix.sankofa.nexus$request_uri;","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":4,"created_on":"2026-01-16 14:40:55","modified_on":"2026-04-04 01:43:10","owner_user_id":1,"domain_names":["www.sankofa.nexus"],"forward_host":"192.168.11.63","forward_port":3000,"access_list_id":0,"certificate_id":64,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"return 301 https://sankofa.nexus$request_uri;","meta":{"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":null,"hsts_enabled":true,"hsts_subdomains":true},{"id":59,"created_on":"2026-03-25 17:41:44","modified_on":"2026-04-04 01:43:39","owner_user_id":1,"domain_names":["www.the-order.sankofa.nexus"],"forward_host":"192.168.11.39","forward_port":80,"access_list_id":0,"certificate_id":178,"ssl_forced":true,"caching_enabled":false,"block_exploits":false,"advanced_config":"return 301 https://the-order.sankofa.nexus$request_uri;","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true},{"id":48,"created_on":"2026-02-13 20:32:39","modified_on":"2026-04-04 01:43:00","owner_user_id":1,"domain_names":["xom.xom-dev.phoenix.sankofa.nexus"],"forward_host":"192.168.11.54","forward_port":3004,"access_list_id":0,"certificate_id":173,"ssl_forced":true,"caching_enabled":false,"block_exploits":true,"advanced_config":"","meta":{"dns_challenge":true,"dns_provider":"cloudflare","dns_provider_credentials":"dns_cloudflare_email=pandoramannli@gmail.com\r\ndns_cloudflare_api_key=65d8f07ebb3f0454fdc4e854b6ada13fba0f0","letsencrypt_agree":true,"nginx_online":true,"nginx_err":null},"allow_websocket_upgrade":false,"http2_support":true,"forward_scheme":"http","enabled":true,"locations":[],"hsts_enabled":true,"hsts_subdomains":true}] \ No newline at end of file diff --git a/COMPREHENSIVE_STATUS_BRIDGE_READY.md b/COMPREHENSIVE_STATUS_BRIDGE_READY.md index 2b33f04f..42a8715d 100644 --- a/COMPREHENSIVE_STATUS_BRIDGE_READY.md +++ b/COMPREHENSIVE_STATUS_BRIDGE_READY.md @@ -252,7 +252,7 @@ NEW_BRIDGE="0xNEW_ADDRESS_HERE" # From deployment # 1. Add Mainnet destination cast send $NEW_BRIDGE "addDestination(uint64,address)" \ 5009297550715157269 \ - 0x2A0840e5117683b11682ac46f5CF5621E67269E3 \ + 0xc9901ce2Ddb6490FAA183645147a87496d8b20B6 \ --private-key $PRIVATE_KEY \ --rpc-url http://192.168.11.211:8545 diff --git a/config/aggregator-route-matrix.csv b/config/aggregator-route-matrix.csv index 389ede7c..9a7c4a3c 100644 --- a/config/aggregator-route-matrix.csv +++ b/config/aggregator-route-matrix.csv @@ -1,26 +1,35 @@ kind,routeId,status,routeType,fromChainId,toChainId,tokenInSymbol,tokenInAddress,tokenOutSymbol,tokenOutAddress,hopCount,bridgeType,bridgeAddress,aggregatorFamilies,tags,intermediateSymbols,legRefs,notesOrReason -liveSwapRoute,138-cUSDT-cUSDC-direct,live,swap,138,138,cUSDT,0x93E66202A11B1772E55407B32B44e5Cd8eda7f22,cUSDC,0xf22258f57794CC8E06237084b353Ab30fFfa640b,1,,,1inch|0x|LiFi,stable|direct|public,,0xff8d3b8fDF7B112759F076B69f4271D4209C0849, -liveSwapRoute,138-cUSDT-USDT-direct,live,swap,138,138,cUSDT,0x93E66202A11B1772E55407B32B44e5Cd8eda7f22,USDT,0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1,1,,,1inch|0x|LiFi,stable|official-mirror|public,,0x6fc60DEDc92a2047062294488539992710b99D71, -liveSwapRoute,138-cUSDC-USDC-direct,live,swap,138,138,cUSDC,0xf22258f57794CC8E06237084b353Ab30fFfa640b,USDC,0x71D6687F38b93CCad569Fa6352c876eea967201b,1,,,1inch|0x|LiFi,stable|official-mirror|public,,0x0309178ae30302D83c76d6Dd402a684eF3160eec, -liveSwapRoute,138-cUSDT-cXAUC-direct,live,swap,138,138,cUSDT,0x93E66202A11B1772E55407B32B44e5Cd8eda7f22,cXAUC,0x290E52a8819A4fbD0714E517225429aA2B70EC6b,1,,,1inch|0x|LiFi,xau-hub|public,,0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0, -liveSwapRoute,138-cUSDC-cXAUC-direct,live,swap,138,138,cUSDC,0xf22258f57794CC8E06237084b353Ab30fFfa640b,cXAUC,0x290E52a8819A4fbD0714E517225429aA2B70EC6b,1,,,1inch|0x|LiFi,xau-hub|public,,0xEA9Ac6357CaCB42a83b9082B870610363B177cBa, -liveSwapRoute,138-cEURT-cXAUC-direct,live,swap,138,138,cEURT,0xdf4b71c61E5912712C1Bdd451416B9aC26949d72,cXAUC,0x290E52a8819A4fbD0714E517225429aA2B70EC6b,1,,,1inch|0x|LiFi,xau-hub|public,,0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf, -liveSwapRoute,138-cEURT-cUSDT-via-cXAUC,live,swap,138,138,cEURT,0xdf4b71c61E5912712C1Bdd451416B9aC26949d72,cUSDT,0x93E66202A11B1772E55407B32B44e5Cd8eda7f22,2,,,1inch|0x|LiFi,multihop|xau-hub|public,cXAUC,0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf|0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0,Inferred from two live public pools. -liveSwapRoute,138-cEURT-cUSDC-via-cXAUC,live,swap,138,138,cEURT,0xdf4b71c61E5912712C1Bdd451416B9aC26949d72,cUSDC,0xf22258f57794CC8E06237084b353Ab30fFfa640b,2,,,1inch|0x|LiFi,multihop|xau-hub|public,cXAUC,0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf|0xEA9Ac6357CaCB42a83b9082B870610363B177cBa,Inferred from two live public pools. -liveSwapRoute,138-cUSDT-cUSDC-via-cXAUC,live,swap,138,138,cUSDT,0x93E66202A11B1772E55407B32B44e5Cd8eda7f22,cUSDC,0xf22258f57794CC8E06237084b353Ab30fFfa640b,2,,,1inch|0x|LiFi,multihop|xau-hub|public|alternate,cXAUC,0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0|0xEA9Ac6357CaCB42a83b9082B870610363B177cBa,Alternate path to the deeper direct cUSDT/cUSDC pool. -liveBridgeRoute,138-WETH-1-ccip,live,bridge,138,1,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-56-ccip,live,bridge,138,56,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-137-ccip,live,bridge,138,137,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-10-ccip,live,bridge,138,10,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-42161-ccip,live,bridge,138,42161,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-43114-ccip,live,bridge,138,43114,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-8453-ccip,live,bridge,138,8453,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-100-ccip,live,bridge,138,100,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-25-ccip,live,bridge,138,25,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-42220-ccip,live,bridge,138,42220,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,CCIP,0xcacfd227A040002e49e2e01626363071324f820a,LiFi,,,, -liveBridgeRoute,138-WETH-651940-alltra,live,bridge,138,651940,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,WETH,0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2,,ALT,0x66FEBA2fC9a0B47F26DD4284DAd24F970436B8Dc,LiFi,,,, -liveBridgeRoute,138-WETH10-1-ccip,live,bridge,138,1,WETH10,0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f,WETH10,0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f,,CCIP,0xe0E93247376aa097dB308B92e6Ba36bA015535D0,LiFi,,,, -blockedOrPlannedRoute,138-compliant-stable-to-weth-bridgeable,blocked,swap-bridge-swap,138,1,cUSDT|cUSDC|cEURT,,,,,,,,,,,"No live public cUSDT/WETH, cUSDC/WETH, or cEURT/WETH pool on Chain 138." -blockedOrPlannedRoute,651940-public-dex-routes,planned,swap,651940,651940,,,,,,,,,,,,Uniswap V2/V3 and DODO are env placeholders only; no pool addresses are documented in-repo. -blockedOrPlannedRoute,cw-edge-pools-public-chains,planned,swap,1,43114,,,,,,,,,,,,"cW* token addresses exist on several public chains, but deployment-status.json contains no PMM pools." -blockedOrPlannedRoute,138-weth-1111-ccip,planned,bridge,138,1111,,,,,,,,,,,,Wemix bridge is pending funding and deployment. +liveSwapRoute,chain-138-swap-dodo-cusdt-cusdc-0x9e89bae0,live,swap,138,138,cUSDT,0x93e66202a11b1772e55407b32b44e5cd8eda7f22,cUSDC,0xf22258f57794cc8e06237084b353ab30fffa640b,1,,,1inch|0x|LiFi,planner-v2-generated|dodo,,0x9e89bae009adf128782e19e8341996c596ac40dc,Generated from live planner route graph. +liveSwapRoute,chain-138-swap-dodo-cusdc-cusdt-0x9e89bae0,live,swap,138,138,cUSDC,0xf22258f57794cc8e06237084b353ab30fffa640b,cUSDT,0x93e66202a11b1772e55407b32b44e5cd8eda7f22,1,,,1inch|0x|LiFi,planner-v2-generated|dodo,,0x9e89bae009adf128782e19e8341996c596ac40dc,Generated from live planner route graph. +liveSwapRoute,chain-138-swap-dodo-cusdt-usdt-0x866cb44b,live,swap,138,138,cUSDT,0x93e66202a11b1772e55407b32b44e5cd8eda7f22,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,1,,,1inch|0x|LiFi,planner-v2-generated|dodo,,0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66,Generated from live planner route graph. +liveSwapRoute,chain-138-swap-dodo-usdt-cusdt-0x866cb44b,live,swap,138,138,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,cUSDT,0x93e66202a11b1772e55407b32b44e5cd8eda7f22,1,,,1inch|0x|LiFi,planner-v2-generated|dodo,,0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66,Generated from live planner route graph. +liveSwapRoute,chain-138-swap-dodo-cusdc-usdc-0xc39b7d0f,live,swap,138,138,cUSDC,0xf22258f57794cc8e06237084b353ab30fffa640b,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,1,,,1inch|0x|LiFi,planner-v2-generated|dodo,,0xc39b7d0f40838cbfb54649d327f49a6dac964062,Generated from live planner route graph. +liveSwapRoute,chain-138-swap-dodo-usdc-cusdc-0xc39b7d0f,live,swap,138,138,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,cUSDC,0xf22258f57794cc8e06237084b353ab30fffa640b,1,,,1inch|0x|LiFi,planner-v2-generated|dodo,,0xc39b7d0f40838cbfb54649d327f49a6dac964062,Generated from live planner route graph. +liveSwapRoute,chain-138-swap-dodo-v3-weth10-usdt-0x6550a3a5,live,swap,138,138,WETH10,0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,1,,,1inch|0x|LiFi,planner-v2-generated|dodo_v3,,0x6550a3a59070061a262a893a1d6f3f490affdbda,Generated from live planner route graph. | DODO v3 / D3MM Chain 138 pilot venue. | Canonical private pilot pool 0x6550a3a59070061a262a893a1d6f3f490affdbda executes through D3Proxy 0xc9a11abb7c63d88546be24d58a6d95e3762cb843. | Planner-v2 exposure and EnhancedSwapRouterV2 internal execution-plan calldata are live for the canonical pilot pair. +liveSwapRoute,chain-138-swap-dodo-v3-usdt-weth10-0x6550a3a5,live,swap,138,138,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,WETH10,0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f,1,,,1inch|0x|LiFi,planner-v2-generated|dodo_v3,,0x6550a3a59070061a262a893a1d6f3f490affdbda,Generated from live planner route graph. | DODO v3 / D3MM Chain 138 pilot venue. | Canonical private pilot pool 0x6550a3a59070061a262a893a1d6f3f490affdbda executes through D3Proxy 0xc9a11abb7c63d88546be24d58a6d95e3762cb843. | Planner-v2 exposure and EnhancedSwapRouterV2 internal execution-plan calldata are live for the canonical pilot pair. +liveSwapRoute,chain-138-swap-uniswap-v3-weth-usdt,live,swap,138,138,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,1,,,1inch|0x|LiFi,planner-v2-generated|uniswap_v3,,0xde9cd8ee2811e6e64a41d5f68be315d33995975e,Generated from live planner route graph. | Chain 138 upstream-native Uniswap v3 WETH/USDT venue. +liveSwapRoute,chain-138-swap-uniswap-v3-usdt-weth,live,swap,138,138,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,1,,,1inch|0x|LiFi,planner-v2-generated|uniswap_v3,,0xde9cd8ee2811e6e64a41d5f68be315d33995975e,Generated from live planner route graph. | Chain 138 upstream-native Uniswap v3 WETH/USDT venue. +liveSwapRoute,chain-138-swap-uniswap-v3-weth-usdc,live,swap,138,138,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,1,,,1inch|0x|LiFi,planner-v2-generated|uniswap_v3,,0xde9cd8ee2811e6e64a41d5f68be315d33995975e,Generated from live planner route graph. | Chain 138 upstream-native Uniswap v3 WETH/USDC venue. +liveSwapRoute,chain-138-swap-uniswap-v3-usdc-weth,live,swap,138,138,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,1,,,1inch|0x|LiFi,planner-v2-generated|uniswap_v3,,0xde9cd8ee2811e6e64a41d5f68be315d33995975e,Generated from live planner route graph. | Chain 138 upstream-native Uniswap v3 WETH/USDC venue. +liveSwapRoute,chain-138-swap-balancer-weth-usdt,live,swap,138,138,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,1,,,1inch|0x|LiFi,planner-v2-generated|balancer,,0x96423d7c1727698d8a25ebfb88131e9422d1a3c3,Generated from live planner route graph. | Chain 138 pilot-compatible Balancer USDT/WETH venue. +liveSwapRoute,chain-138-swap-balancer-usdt-weth,live,swap,138,138,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,1,,,1inch|0x|LiFi,planner-v2-generated|balancer,,0x96423d7c1727698d8a25ebfb88131e9422d1a3c3,Generated from live planner route graph. | Chain 138 pilot-compatible Balancer USDT/WETH venue. +liveSwapRoute,chain-138-swap-balancer-weth-usdc,live,swap,138,138,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,1,,,1inch|0x|LiFi,planner-v2-generated|balancer,,0x96423d7c1727698d8a25ebfb88131e9422d1a3c3,Generated from live planner route graph. | Chain 138 pilot-compatible Balancer USDC/WETH venue. +liveSwapRoute,chain-138-swap-balancer-usdc-weth,live,swap,138,138,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,1,,,1inch|0x|LiFi,planner-v2-generated|balancer,,0x96423d7c1727698d8a25ebfb88131e9422d1a3c3,Generated from live planner route graph. | Chain 138 pilot-compatible Balancer USDC/WETH venue. +liveSwapRoute,chain-138-swap-curve-usdt-usdc,live,swap,138,138,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,1,,,1inch|0x|LiFi,planner-v2-generated|curve,,0xe440ec15805be4c7babcd17a63b8c8a08a492e0f,Generated from live planner route graph. | Chain 138 pilot-compatible Curve 3Pool stable/stable venue. +liveSwapRoute,chain-138-swap-curve-usdc-usdt,live,swap,138,138,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,1,,,1inch|0x|LiFi,planner-v2-generated|curve,,0xe440ec15805be4c7babcd17a63b8c8a08a492e0f,Generated from live planner route graph. | Chain 138 pilot-compatible Curve 3Pool stable/stable venue. +liveSwapRoute,chain-138-swap-one-inch-weth-usdt,live,swap,138,138,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,1,,,1inch|0x|LiFi,planner-v2-generated|one_inch,,0x500b84b1bc6f59c1898a5fe538ea20a758757a4f,Generated from live planner route graph. | Chain 138 pilot-compatible 1inch router lane. +liveSwapRoute,chain-138-swap-one-inch-usdt-weth,live,swap,138,138,USDT,0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,1,,,1inch|0x|LiFi,planner-v2-generated|one_inch,,0x500b84b1bc6f59c1898a5fe538ea20a758757a4f,Generated from live planner route graph. | Chain 138 pilot-compatible 1inch router lane. +liveSwapRoute,chain-138-swap-one-inch-weth-usdc,live,swap,138,138,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,1,,,1inch|0x|LiFi,planner-v2-generated|one_inch,,0x500b84b1bc6f59c1898a5fe538ea20a758757a4f,Generated from live planner route graph. | Chain 138 pilot-compatible 1inch router lane. +liveSwapRoute,chain-138-swap-one-inch-usdc-weth,live,swap,138,138,USDC,0x71d6687f38b93ccad569fa6352c876eea967201b,WETH,0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2,1,,,1inch|0x|LiFi,planner-v2-generated|one_inch,,0x500b84b1bc6f59c1898a5fe538ea20a758757a4f,Generated from live planner route graph. | Chain 138 pilot-compatible 1inch router lane. +liveBridgeRoute,bridge-138-651940-cusdt-alltraadapter,live,bridge,138,651940,cUSDT,0x93e66202a11b1772e55407b32b44e5cd8eda7f22,cUSDT,0x93e66202a11b1772e55407b32b44e5cd8eda7f22,,ALT,0x66feba2fc9a0b47f26dd4284dad24f970436b8dc,1inch|0x|LiFi,planner-v2-generated|bridge,,,Generated from bridge registry and planner visibility. | Registry route AlltraAdapter +liveBridgeRoute,bridge-138-651940-cusdc-alltraadapter,live,bridge,138,651940,cUSDC,0xf22258f57794cc8e06237084b353ab30fffa640b,cUSDC,0xf22258f57794cc8e06237084b353ab30fffa640b,,ALT,0x66feba2fc9a0b47f26dd4284dad24f970436b8dc,1inch|0x|LiFi,planner-v2-generated|bridge,,,Generated from bridge registry and planner visibility. | Registry route AlltraAdapter +blockedOrPlannedRoute,chain-138-capability-dodo-planned-cbtc-cusdt,planned,swap,138,138,cBTC|cUSDT,,,,,,,,,,,Set CHAIN138_POOL_CBTC_CUSDT after the canonical cBTC/cUSDT PMM pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-cusdt-cbtc,planned,swap,138,138,cUSDT|cBTC,,,,,,,,,,,Set CHAIN138_POOL_CBTC_CUSDT after the canonical cBTC/cUSDT PMM pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-cbtc-cusdc,planned,swap,138,138,cBTC|cUSDC,,,,,,,,,,,Set CHAIN138_POOL_CBTC_CUSDC after the canonical cBTC/cUSDC PMM pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-cusdc-cbtc,planned,swap,138,138,cUSDC|cBTC,,,,,,,,,,,Set CHAIN138_POOL_CBTC_CUSDC after the canonical cBTC/cUSDC PMM pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-cbtc-cxauc,planned,swap,138,138,cBTC|cXAUC,,,,,,,,,,,Set CHAIN138_POOL_CBTC_CXAUC after the canonical cBTC/cXAUC PMM pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-cxauc-cbtc,planned,swap,138,138,cXAUC|cBTC,,,,,,,,,,,Set CHAIN138_POOL_CBTC_CXAUC after the canonical cBTC/cXAUC PMM pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-weth-usdt,planned,swap,138,138,WETH|USDT,,,,,,,,,,,Set CHAIN138_POOL_WETH_USDT after the canonical WETH/USDT pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-usdt-weth,planned,swap,138,138,USDT|WETH,,,,,,,,,,,Set CHAIN138_POOL_WETH_USDT after the canonical WETH/USDT pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-weth-usdc,planned,swap,138,138,WETH|USDC,,,,,,,,,,,Set CHAIN138_POOL_WETH_USDC after the canonical WETH/USDC pool is created and funded. +blockedOrPlannedRoute,chain-138-capability-dodo-planned-usdc-weth,planned,swap,138,138,USDC|WETH,,,,,,,,,,,Set CHAIN138_POOL_WETH_USDC after the canonical WETH/USDC pool is created and funded. diff --git a/config/aggregator-route-matrix.json b/config/aggregator-route-matrix.json index 7ef1580f..3fb9ffe3 100644 --- a/config/aggregator-route-matrix.json +++ b/config/aggregator-route-matrix.json @@ -1,102 +1,87 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "description": "Canonical route matrix for 1inch/0x/LiFi-style adapter ingestion. Captures live Chain 138 public DEX routes, live bridge lanes, and planned-but-not-live routes that should be filtered out by executors.", - "version": "1.0.0", - "updated": "2026-03-27", + "description": "Planner-v2-generated aggregator route visibility matrix for Chain 138 and approved bridge lanes.", + "version": "2.0.0", + "updated": "2026-04-05T19:31:45.871Z", "homeChainId": 138, "metadata": { "generatedFrom": [ - "docs/11-references/LIQUIDITY_POOLS_MASTER_MAP.md", - "docs/11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md", - "config/routing-registry.json", - "config/token-mapping-multichain.json", - "cross-chain-pmm-lps/config/deployment-status.json" + "services/token-aggregation/src/services/route-graph-builder.ts", + "services/token-aggregation/src/config/provider-capabilities.ts", + "services/token-aggregation/src/config/cross-chain-bridges.ts" ], "verification": { - "verifiedAt": "2026-03-27", - "verifiedBy": "scripts/verify/check-pmm-pool-balances-chain138.sh", + "verifiedAt": "2026-04-05T19:31:45.871Z", + "verifiedBy": "services/token-aggregation planner-v2 generator", "rpc": "http://192.168.11.211:8545" }, "adapterNotes": [ - "Executors should ingest only entries with status=live.", - "Entries with status=planned or blocked are included to make missing routes explicit and prevent false discovery.", - "Chain 138 has live DODO PMM pools but no native 1inch/0x support in this repo; adapter layers must map these routes into their own quote/execution abstractions." + "This file is generated from planner-v2 graph and provider capability truth.", + "Partner payload generation should prefer planner-v2 outputs over this visibility artifact when route inputs are available.", + "Only live routes should be considered executable candidates." ] }, "chains": { + "1": { + "name": "Ethereum Mainnet" + }, "138": { - "name": "SMOM-DBIS-138 (DeFi Oracle Meta)", - "rpc": "https://rpc-core.d-bis.org", - "nativeDexes": [ - { - "dexId": "dodo_pmm_chain138", - "type": "dodo_pmm", - "integrationAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "providerAddress": "0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381", - "status": "live" - } - ] + "name": "Chain 138" }, "651940": { - "name": "ALL Mainnet (Alltra)", - "nativeDexes": [ - { - "dexId": "allmainnet_uniswap_v2", - "type": "uniswap_v2", - "status": "planned" - }, - { - "dexId": "allmainnet_uniswap_v3", - "type": "uniswap_v3", - "status": "planned" - }, - { - "dexId": "allmainnet_dodo", - "type": "dodo_pmm", - "status": "planned" - } - ] + "name": "ALL Mainnet" } }, "tokens": { - "138": { - "cUSDT": { - "address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "decimals": 6 - }, - "cUSDC": { - "address": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "decimals": 6 - }, - "USDT": { - "address": "0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1", - "decimals": 6 - }, - "USDC": { - "address": "0x71D6687F38b93CCad569Fa6352c876eea967201b", - "decimals": 6 - }, - "cXAUC": { - "address": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "decimals": 6 - }, - "cEURT": { - "address": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "decimals": 6 - }, - "WETH": { - "address": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "decimals": 18 - }, - "WETH10": { - "address": "0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f", - "decimals": 18 - } + "WETH": { + "address": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "decimals": 18, + "kind": "wrapped" + }, + "WETH10": { + "address": "0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f", + "decimals": 18, + "kind": "wrapped" + }, + "USDT": { + "address": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "decimals": 6, + "kind": "stable" + }, + "USDC": { + "address": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "decimals": 6, + "kind": "stable" + }, + "cUSDT": { + "address": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "decimals": 6, + "kind": "compliant" + }, + "cUSDC": { + "address": "0xf22258f57794cc8e06237084b353ab30fffa640b", + "decimals": 6, + "kind": "compliant" + }, + "cBTC": { + "address": "0xcb7c000000000000000000000000000000000138", + "decimals": 8, + "kind": "monetary_unit" + }, + "cEURT": { + "address": "0xdf4b71c61e5912712c1bdd451416b9ac26949d72", + "decimals": 6, + "kind": "compliant" + }, + "cXAUC": { + "address": "0x290e52a8819a4fbd0714e517225429aa2b70ec6b", + "decimals": 6, + "kind": "commodity" } }, "liveSwapRoutes": [ { - "routeId": "138-cUSDT-cUSDC-direct", + "routeId": "chain-138-swap-dodo-cusdt-cusdc-0x9e89bae0", "status": "live", "aggregatorFamilies": [ "1inch", @@ -106,71 +91,38 @@ "fromChainId": 138, "toChainId": 138, "tokenInSymbol": "cUSDT", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "tokenInAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", "tokenOutSymbol": "cUSDC", - "tokenOutAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "tokenOutAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", "routeType": "swap", "hopCount": 1, + "label": "DODO PMM cUSDT -> cUSDC", + "intermediateSymbols": [], "legs": [ { "kind": "swap", "protocol": "dodo_pmm", - "executor": "DODOPMMIntegration", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xff8d3b8fDF7B112759F076B69f4271D4209C0849", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "executor": "DODO PMM", + "executorAddress": "0x3f729632e9553ebaccde2e9b4c8f2b285b014f2e", + "poolAddress": "0x9e89bae009adf128782e19e8341996c596ac40dc", + "tokenInAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "tokenOutAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", "reserves": { - "cUSDT": "10000000.000000", - "cUSDC": "10000000.000000" + "reserveIn": "999999997998", + "reserveOut": "999999997998" } } ], "tags": [ - "stable", - "direct", - "public" + "planner-v2-generated", + "dodo" + ], + "notes": [ + "Generated from live planner route graph." ] }, { - "routeId": "138-cUSDT-USDT-direct", - "status": "live", - "aggregatorFamilies": [ - "1inch", - "0x", - "LiFi" - ], - "fromChainId": 138, - "toChainId": 138, - "tokenInSymbol": "cUSDT", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutSymbol": "USDT", - "tokenOutAddress": "0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1", - "routeType": "swap", - "hopCount": 1, - "legs": [ - { - "kind": "swap", - "protocol": "dodo_pmm", - "executor": "DODOPMMIntegration", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0x6fc60DEDc92a2047062294488539992710b99D71", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutAddress": "0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1", - "reserves": { - "cUSDT": "10000000.000000", - "USDT": "10000000.000000" - } - } - ], - "tags": [ - "stable", - "official-mirror", - "public" - ] - }, - { - "routeId": "138-cUSDC-USDC-direct", + "routeId": "chain-138-swap-dodo-cusdc-cusdt-0x9e89bae0", "status": "live", "aggregatorFamilies": [ "1inch", @@ -180,234 +132,38 @@ "fromChainId": 138, "toChainId": 138, "tokenInSymbol": "cUSDC", - "tokenInAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "tokenOutSymbol": "USDC", - "tokenOutAddress": "0x71D6687F38b93CCad569Fa6352c876eea967201b", - "routeType": "swap", - "hopCount": 1, - "legs": [ - { - "kind": "swap", - "protocol": "dodo_pmm", - "executor": "DODOPMMIntegration", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0x0309178ae30302D83c76d6Dd402a684eF3160eec", - "tokenInAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "tokenOutAddress": "0x71D6687F38b93CCad569Fa6352c876eea967201b", - "reserves": { - "cUSDC": "10000000.000000", - "USDC": "10000000.000000" - } - } - ], - "tags": [ - "stable", - "official-mirror", - "public" - ] - }, - { - "routeId": "138-cUSDT-cXAUC-direct", - "status": "live", - "aggregatorFamilies": [ - "1inch", - "0x", - "LiFi" - ], - "fromChainId": 138, - "toChainId": 138, - "tokenInSymbol": "cUSDT", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutSymbol": "cXAUC", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "routeType": "swap", - "hopCount": 1, - "legs": [ - { - "kind": "swap", - "protocol": "dodo_pmm", - "executor": "DODOPMMIntegration", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "reserves": { - "cUSDT": "2666965.000000", - "cXAUC": "519.477000" - } - } - ], - "tags": [ - "xau-hub", - "public" - ] - }, - { - "routeId": "138-cUSDC-cXAUC-direct", - "status": "live", - "aggregatorFamilies": [ - "1inch", - "0x", - "LiFi" - ], - "fromChainId": 138, - "toChainId": 138, - "tokenInSymbol": "cUSDC", - "tokenInAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "tokenOutSymbol": "cXAUC", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "routeType": "swap", - "hopCount": 1, - "legs": [ - { - "kind": "swap", - "protocol": "dodo_pmm", - "executor": "DODOPMMIntegration", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xEA9Ac6357CaCB42a83b9082B870610363B177cBa", - "tokenInAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "reserves": { - "cUSDC": "1000000.000000", - "cXAUC": "194.782554" - } - } - ], - "tags": [ - "xau-hub", - "public" - ] - }, - { - "routeId": "138-cEURT-cXAUC-direct", - "status": "live", - "aggregatorFamilies": [ - "1inch", - "0x", - "LiFi" - ], - "fromChainId": 138, - "toChainId": 138, - "tokenInSymbol": "cEURT", - "tokenInAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "tokenOutSymbol": "cXAUC", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "routeType": "swap", - "hopCount": 1, - "legs": [ - { - "kind": "swap", - "protocol": "dodo_pmm", - "executor": "DODOPMMIntegration", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf", - "tokenInAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "reserves": { - "cEURT": "1000000.000000", - "cXAUC": "225.577676" - } - } - ], - "tags": [ - "xau-hub", - "public" - ] - }, - { - "routeId": "138-cEURT-cUSDT-via-cXAUC", - "status": "live", - "aggregatorFamilies": [ - "1inch", - "0x", - "LiFi" - ], - "fromChainId": 138, - "toChainId": 138, - "tokenInSymbol": "cEURT", - "tokenInAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "tokenInAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", "tokenOutSymbol": "cUSDT", - "tokenOutAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "tokenOutAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", "routeType": "swap", - "hopCount": 2, - "intermediateSymbols": [ - "cXAUC" - ], + "hopCount": 1, + "label": "DODO PMM cUSDC -> cUSDT", + "intermediateSymbols": [], "legs": [ { "kind": "swap", "protocol": "dodo_pmm", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf", - "tokenInAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b" - }, - { - "kind": "swap", - "protocol": "dodo_pmm", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0", - "tokenInAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "tokenOutAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22" + "executor": "DODO PMM", + "executorAddress": "0x3f729632e9553ebaccde2e9b4c8f2b285b014f2e", + "poolAddress": "0x9e89bae009adf128782e19e8341996c596ac40dc", + "tokenInAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", + "tokenOutAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "reserves": { + "reserveIn": "999999997998", + "reserveOut": "999999997998" + } } ], "tags": [ - "multihop", - "xau-hub", - "public" + "planner-v2-generated", + "dodo" ], "notes": [ - "Inferred from two live public pools." + "Generated from live planner route graph." ] }, { - "routeId": "138-cEURT-cUSDC-via-cXAUC", - "status": "live", - "aggregatorFamilies": [ - "1inch", - "0x", - "LiFi" - ], - "fromChainId": 138, - "toChainId": 138, - "tokenInSymbol": "cEURT", - "tokenInAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "tokenOutSymbol": "cUSDC", - "tokenOutAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "routeType": "swap", - "hopCount": 2, - "intermediateSymbols": [ - "cXAUC" - ], - "legs": [ - { - "kind": "swap", - "protocol": "dodo_pmm", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf", - "tokenInAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b" - }, - { - "kind": "swap", - "protocol": "dodo_pmm", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xEA9Ac6357CaCB42a83b9082B870610363B177cBa", - "tokenInAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "tokenOutAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b" - } - ], - "tags": [ - "multihop", - "xau-hub", - "public" - ], - "notes": [ - "Inferred from two live public pools." - ] - }, - { - "routeId": "138-cUSDT-cUSDC-via-cXAUC", + "routeId": "chain-138-swap-dodo-cusdt-usdt-0x866cb44b", "status": "live", "aggregatorFamilies": [ "1inch", @@ -417,262 +173,994 @@ "fromChainId": 138, "toChainId": 138, "tokenInSymbol": "cUSDT", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutSymbol": "cUSDC", - "tokenOutAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "tokenInAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "tokenOutSymbol": "USDT", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", "routeType": "swap", - "hopCount": 2, - "intermediateSymbols": [ - "cXAUC" - ], + "hopCount": 1, + "label": "DODO PMM cUSDT -> USDT", + "intermediateSymbols": [], "legs": [ { "kind": "swap", "protocol": "dodo_pmm", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0", - "tokenInAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "tokenOutAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b" - }, - { - "kind": "swap", - "protocol": "dodo_pmm", - "executorAddress": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "poolAddress": "0xEA9Ac6357CaCB42a83b9082B870610363B177cBa", - "tokenInAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "tokenOutAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b" + "executor": "DODO PMM", + "executorAddress": "0x3f729632e9553ebaccde2e9b4c8f2b285b014f2e", + "poolAddress": "0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66", + "tokenInAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "reserves": { + "reserveIn": "999999997998", + "reserveOut": "999999997998" + } } ], "tags": [ - "multihop", - "xau-hub", - "public", - "alternate" + "planner-v2-generated", + "dodo" ], "notes": [ - "Alternate path to the deeper direct cUSDT/cUSDC pool." + "Generated from live planner route graph." + ] + }, + { + "routeId": "chain-138-swap-dodo-usdt-cusdt-0x866cb44b", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDT", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutSymbol": "cUSDT", + "tokenOutAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "routeType": "swap", + "hopCount": 1, + "label": "DODO PMM USDT -> cUSDT", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "dodo_pmm", + "executor": "DODO PMM", + "executorAddress": "0x3f729632e9553ebaccde2e9b4c8f2b285b014f2e", + "poolAddress": "0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", + "reserves": { + "reserveIn": "999999997998", + "reserveOut": "999999997998" + } + } + ], + "tags": [ + "planner-v2-generated", + "dodo" + ], + "notes": [ + "Generated from live planner route graph." + ] + }, + { + "routeId": "chain-138-swap-dodo-cusdc-usdc-0xc39b7d0f", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "cUSDC", + "tokenInAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", + "tokenOutSymbol": "USDC", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "routeType": "swap", + "hopCount": 1, + "label": "DODO PMM cUSDC -> USDC", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "dodo_pmm", + "executor": "DODO PMM", + "executorAddress": "0x3f729632e9553ebaccde2e9b4c8f2b285b014f2e", + "poolAddress": "0xc39b7d0f40838cbfb54649d327f49a6dac964062", + "tokenInAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "reserves": { + "reserveIn": "999999997998", + "reserveOut": "999999997998" + } + } + ], + "tags": [ + "planner-v2-generated", + "dodo" + ], + "notes": [ + "Generated from live planner route graph." + ] + }, + { + "routeId": "chain-138-swap-dodo-usdc-cusdc-0xc39b7d0f", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDC", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutSymbol": "cUSDC", + "tokenOutAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", + "routeType": "swap", + "hopCount": 1, + "label": "DODO PMM USDC -> cUSDC", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "dodo_pmm", + "executor": "DODO PMM", + "executorAddress": "0x3f729632e9553ebaccde2e9b4c8f2b285b014f2e", + "poolAddress": "0xc39b7d0f40838cbfb54649d327f49a6dac964062", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", + "reserves": { + "reserveIn": "999999997998", + "reserveOut": "999999997998" + } + } + ], + "tags": [ + "planner-v2-generated", + "dodo" + ], + "notes": [ + "Generated from live planner route graph." + ] + }, + { + "routeId": "chain-138-swap-dodo-v3-weth10-usdt-0x6550a3a5", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH10", + "tokenInAddress": "0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f", + "tokenOutSymbol": "USDT", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "routeType": "swap", + "hopCount": 1, + "label": "DODO V3 / D3MM WETH10 -> USDT", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "dodo_v3", + "executor": "DODO V3 / D3MM", + "executorAddress": "0xc9a11abb7c63d88546be24d58a6d95e3762cb843", + "poolAddress": "0x6550a3a59070061a262a893a1d6f3f490affdbda", + "tokenInAddress": "0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "reserves": { + "reserveIn": "1962869492785022013", + "reserveOut": "5078833460" + } + } + ], + "tags": [ + "planner-v2-generated", + "dodo_v3" + ], + "notes": [ + "Generated from live planner route graph.", + "DODO v3 / D3MM Chain 138 pilot venue.", + "Canonical private pilot pool 0x6550a3a59070061a262a893a1d6f3f490affdbda executes through D3Proxy 0xc9a11abb7c63d88546be24d58a6d95e3762cb843.", + "Planner-v2 exposure and EnhancedSwapRouterV2 internal execution-plan calldata are live for the canonical pilot pair." + ] + }, + { + "routeId": "chain-138-swap-dodo-v3-usdt-weth10-0x6550a3a5", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDT", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutSymbol": "WETH10", + "tokenOutAddress": "0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f", + "routeType": "swap", + "hopCount": 1, + "label": "DODO V3 / D3MM USDT -> WETH10", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "dodo_v3", + "executor": "DODO V3 / D3MM", + "executorAddress": "0xc9a11abb7c63d88546be24d58a6d95e3762cb843", + "poolAddress": "0x6550a3a59070061a262a893a1d6f3f490affdbda", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutAddress": "0xf4bb2e28688e89fcce3c0580d37d36a7672e8a9f", + "reserves": { + "reserveIn": "5078833460", + "reserveOut": "1962869492785022013" + } + } + ], + "tags": [ + "planner-v2-generated", + "dodo_v3" + ], + "notes": [ + "Generated from live planner route graph.", + "DODO v3 / D3MM Chain 138 pilot venue.", + "Canonical private pilot pool 0x6550a3a59070061a262a893a1d6f3f490affdbda executes through D3Proxy 0xc9a11abb7c63d88546be24d58a6d95e3762cb843.", + "Planner-v2 exposure and EnhancedSwapRouterV2 internal execution-plan calldata are live for the canonical pilot pair." + ] + }, + { + "routeId": "chain-138-swap-uniswap-v3-weth-usdt", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutSymbol": "USDT", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "routeType": "swap", + "hopCount": 1, + "label": "Uniswap V3 WETH -> USDT", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "uniswap_v3", + "executor": "Uniswap V3", + "executorAddress": "0xde9cd8ee2811e6e64a41d5f68be315d33995975e", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "reserves": { + "reserveIn": "49114042175602566111", + "reserveOut": "107740000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "uniswap_v3" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 upstream-native Uniswap v3 WETH/USDT venue." + ] + }, + { + "routeId": "chain-138-swap-uniswap-v3-usdt-weth", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDT", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutSymbol": "WETH", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "routeType": "swap", + "hopCount": 1, + "label": "Uniswap V3 USDT -> WETH", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "uniswap_v3", + "executor": "Uniswap V3", + "executorAddress": "0xde9cd8ee2811e6e64a41d5f68be315d33995975e", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "reserves": { + "reserveIn": "107740000000", + "reserveOut": "49114042175602566111" + } + } + ], + "tags": [ + "planner-v2-generated", + "uniswap_v3" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 upstream-native Uniswap v3 WETH/USDT venue." + ] + }, + { + "routeId": "chain-138-swap-uniswap-v3-weth-usdc", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutSymbol": "USDC", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "routeType": "swap", + "hopCount": 1, + "label": "Uniswap V3 WETH -> USDC", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "uniswap_v3", + "executor": "Uniswap V3", + "executorAddress": "0xde9cd8ee2811e6e64a41d5f68be315d33995975e", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "reserves": { + "reserveIn": "49999999999999991304", + "reserveOut": "105830000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "uniswap_v3" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 upstream-native Uniswap v3 WETH/USDC venue." + ] + }, + { + "routeId": "chain-138-swap-uniswap-v3-usdc-weth", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDC", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutSymbol": "WETH", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "routeType": "swap", + "hopCount": 1, + "label": "Uniswap V3 USDC -> WETH", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "uniswap_v3", + "executor": "Uniswap V3", + "executorAddress": "0xde9cd8ee2811e6e64a41d5f68be315d33995975e", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "reserves": { + "reserveIn": "105830000000", + "reserveOut": "49999999999999991304" + } + } + ], + "tags": [ + "planner-v2-generated", + "uniswap_v3" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 upstream-native Uniswap v3 WETH/USDC venue." + ] + }, + { + "routeId": "chain-138-swap-balancer-weth-usdt", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutSymbol": "USDT", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "routeType": "swap", + "hopCount": 1, + "label": "Balancer WETH -> USDT", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "balancer", + "executor": "Balancer", + "executorAddress": "0x96423d7c1727698d8a25ebfb88131e9422d1a3c3", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "reserves": { + "reserveIn": "100000000000000000000", + "reserveOut": "210000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "balancer" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible Balancer USDT/WETH venue." + ] + }, + { + "routeId": "chain-138-swap-balancer-usdt-weth", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDT", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutSymbol": "WETH", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "routeType": "swap", + "hopCount": 1, + "label": "Balancer USDT -> WETH", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "balancer", + "executor": "Balancer", + "executorAddress": "0x96423d7c1727698d8a25ebfb88131e9422d1a3c3", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "reserves": { + "reserveIn": "210000000000", + "reserveOut": "100000000000000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "balancer" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible Balancer USDT/WETH venue." + ] + }, + { + "routeId": "chain-138-swap-balancer-weth-usdc", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutSymbol": "USDC", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "routeType": "swap", + "hopCount": 1, + "label": "Balancer WETH -> USDC", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "balancer", + "executor": "Balancer", + "executorAddress": "0x96423d7c1727698d8a25ebfb88131e9422d1a3c3", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "reserves": { + "reserveIn": "100000000000000000000", + "reserveOut": "210000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "balancer" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible Balancer USDC/WETH venue." + ] + }, + { + "routeId": "chain-138-swap-balancer-usdc-weth", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDC", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutSymbol": "WETH", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "routeType": "swap", + "hopCount": 1, + "label": "Balancer USDC -> WETH", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "balancer", + "executor": "Balancer", + "executorAddress": "0x96423d7c1727698d8a25ebfb88131e9422d1a3c3", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "reserves": { + "reserveIn": "210000000000", + "reserveOut": "100000000000000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "balancer" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible Balancer USDC/WETH venue." + ] + }, + { + "routeId": "chain-138-swap-curve-usdt-usdc", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDT", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutSymbol": "USDC", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "routeType": "swap", + "hopCount": 1, + "label": "Curve USDT -> USDC", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "curve", + "executor": "Curve", + "executorAddress": "0xe440ec15805be4c7babcd17a63b8c8a08a492e0f", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "reserves": { + "reserveIn": "500000000000", + "reserveOut": "500000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "curve" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible Curve 3Pool stable/stable venue." + ] + }, + { + "routeId": "chain-138-swap-curve-usdc-usdt", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDC", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutSymbol": "USDT", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "routeType": "swap", + "hopCount": 1, + "label": "Curve USDC -> USDT", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "curve", + "executor": "Curve", + "executorAddress": "0xe440ec15805be4c7babcd17a63b8c8a08a492e0f", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "reserves": { + "reserveIn": "500000000000", + "reserveOut": "500000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "curve" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible Curve 3Pool stable/stable venue." + ] + }, + { + "routeId": "chain-138-swap-one-inch-weth-usdt", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutSymbol": "USDT", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "routeType": "swap", + "hopCount": 1, + "label": "1inch WETH -> USDT", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "one_inch", + "executor": "1inch", + "executorAddress": "0x500b84b1bc6f59c1898a5fe538ea20a758757a4f", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "reserves": { + "reserveIn": "100000000000000000000", + "reserveOut": "210000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "one_inch" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible 1inch router lane." + ] + }, + { + "routeId": "chain-138-swap-one-inch-usdt-weth", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDT", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutSymbol": "WETH", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "routeType": "swap", + "hopCount": 1, + "label": "1inch USDT -> WETH", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "one_inch", + "executor": "1inch", + "executorAddress": "0x500b84b1bc6f59c1898a5fe538ea20a758757a4f", + "tokenInAddress": "0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "reserves": { + "reserveIn": "210000000000", + "reserveOut": "100000000000000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "one_inch" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible 1inch router lane." + ] + }, + { + "routeId": "chain-138-swap-one-inch-weth-usdc", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "WETH", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutSymbol": "USDC", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "routeType": "swap", + "hopCount": 1, + "label": "1inch WETH -> USDC", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "one_inch", + "executor": "1inch", + "executorAddress": "0x500b84b1bc6f59c1898a5fe538ea20a758757a4f", + "tokenInAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "tokenOutAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "reserves": { + "reserveIn": "100000000000000000000", + "reserveOut": "210000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "one_inch" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible 1inch router lane." + ] + }, + { + "routeId": "chain-138-swap-one-inch-usdc-weth", + "status": "live", + "aggregatorFamilies": [ + "1inch", + "0x", + "LiFi" + ], + "fromChainId": 138, + "toChainId": 138, + "tokenInSymbol": "USDC", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutSymbol": "WETH", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "routeType": "swap", + "hopCount": 1, + "label": "1inch USDC -> WETH", + "intermediateSymbols": [], + "legs": [ + { + "kind": "swap", + "protocol": "one_inch", + "executor": "1inch", + "executorAddress": "0x500b84b1bc6f59c1898a5fe538ea20a758757a4f", + "tokenInAddress": "0x71d6687f38b93ccad569fa6352c876eea967201b", + "tokenOutAddress": "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2", + "reserves": { + "reserveIn": "210000000000", + "reserveOut": "100000000000000000000" + } + } + ], + "tags": [ + "planner-v2-generated", + "one_inch" + ], + "notes": [ + "Generated from live planner route graph.", + "Chain 138 pilot-compatible 1inch router lane." ] } ], "liveBridgeRoutes": [ { - "routeId": "138-WETH-1-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 1, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-56-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 56, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-137-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 137, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-10-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 10, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-42161-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 42161, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-43114-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 43114, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-8453-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 8453, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-100-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 100, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-25-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 25, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-42220-ccip", - "status": "live", - "aggregatorFamilies": [ - "LiFi" - ], - "fromChainId": 138, - "toChainId": 42220, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", - "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", - "label": "CCIPWETH9Bridge" - }, - { - "routeId": "138-WETH-651940-alltra", + "routeId": "bridge-138-651940-cusdt-alltraadapter", "status": "live", "aggregatorFamilies": [ + "1inch", + "0x", "LiFi" ], "fromChainId": 138, "toChainId": 651940, - "assetSymbol": "WETH", - "assetAddress": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", + "assetSymbol": "cUSDT", + "assetAddress": "0x93e66202a11b1772e55407b32b44e5cd8eda7f22", "routeType": "bridge", "bridgeType": "ALT", - "bridgeAddress": "0x66FEBA2fC9a0B47F26DD4284DAd24F970436B8Dc", - "label": "AlltraAdapter" + "bridgeAddress": "0x66feba2fc9a0b47f26dd4284dad24f970436b8dc", + "label": "AlltraAdapter cUSDT 138 -> 651940", + "tags": [ + "planner-v2-generated", + "bridge" + ], + "notes": [ + "Generated from bridge registry and planner visibility.", + "Registry route AlltraAdapter" + ] }, { - "routeId": "138-WETH10-1-ccip", + "routeId": "bridge-138-651940-cusdc-alltraadapter", "status": "live", "aggregatorFamilies": [ + "1inch", + "0x", "LiFi" ], "fromChainId": 138, - "toChainId": 1, - "assetSymbol": "WETH10", - "assetAddress": "0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f", + "toChainId": 651940, + "assetSymbol": "cUSDC", + "assetAddress": "0xf22258f57794cc8e06237084b353ab30fffa640b", "routeType": "bridge", - "bridgeType": "CCIP", - "bridgeAddress": "0xe0E93247376aa097dB308B92e6Ba36bA015535D0", - "label": "CCIPWETH10Bridge" + "bridgeType": "ALT", + "bridgeAddress": "0x66feba2fc9a0b47f26dd4284dad24f970436b8dc", + "label": "AlltraAdapter cUSDC 138 -> 651940", + "tags": [ + "planner-v2-generated", + "bridge" + ], + "notes": [ + "Generated from bridge registry and planner visibility.", + "Registry route AlltraAdapter" + ] } ], "blockedOrPlannedRoutes": [ { - "routeId": "138-compliant-stable-to-weth-bridgeable", - "status": "blocked", + "routeId": "chain-138-capability-dodo-planned-cbtc-cusdt", + "status": "planned", "fromChainId": 138, - "toChainId": 1, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_CBTC_CUSDT after the canonical cBTC/cUSDT PMM pool is created and funded.", + "tokenInSymbols": [ + "cBTC", + "cUSDT" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-cusdt-cbtc", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_CBTC_CUSDT after the canonical cBTC/cUSDT PMM pool is created and funded.", "tokenInSymbols": [ "cUSDT", - "cUSDC", - "cEURT" - ], - "routeType": "swap-bridge-swap", - "reason": "No live public cUSDT/WETH, cUSDC/WETH, or cEURT/WETH pool on Chain 138." + "cBTC" + ] }, { - "routeId": "651940-public-dex-routes", - "status": "planned", - "fromChainId": 651940, - "toChainId": 651940, - "routeType": "swap", - "reason": "Uniswap V2/V3 and DODO are env placeholders only; no pool addresses are documented in-repo." - }, - { - "routeId": "cw-edge-pools-public-chains", - "status": "planned", - "fromChainId": 1, - "toChainId": 43114, - "routeType": "swap", - "reason": "cW* token addresses exist on several public chains, but deployment-status.json contains no PMM pools." - }, - { - "routeId": "138-weth-1111-ccip", + "routeId": "chain-138-capability-dodo-planned-cbtc-cusdc", "status": "planned", "fromChainId": 138, - "toChainId": 1111, - "routeType": "bridge", - "reason": "Wemix bridge is pending funding and deployment." + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_CBTC_CUSDC after the canonical cBTC/cUSDC PMM pool is created and funded.", + "tokenInSymbols": [ + "cBTC", + "cUSDC" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-cusdc-cbtc", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_CBTC_CUSDC after the canonical cBTC/cUSDC PMM pool is created and funded.", + "tokenInSymbols": [ + "cUSDC", + "cBTC" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-cbtc-cxauc", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_CBTC_CXAUC after the canonical cBTC/cXAUC PMM pool is created and funded.", + "tokenInSymbols": [ + "cBTC", + "cXAUC" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-cxauc-cbtc", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_CBTC_CXAUC after the canonical cBTC/cXAUC PMM pool is created and funded.", + "tokenInSymbols": [ + "cXAUC", + "cBTC" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-weth-usdt", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_WETH_USDT after the canonical WETH/USDT pool is created and funded.", + "tokenInSymbols": [ + "WETH", + "USDT" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-usdt-weth", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_WETH_USDT after the canonical WETH/USDT pool is created and funded.", + "tokenInSymbols": [ + "USDT", + "WETH" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-weth-usdc", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_WETH_USDC after the canonical WETH/USDC pool is created and funded.", + "tokenInSymbols": [ + "WETH", + "USDC" + ] + }, + { + "routeId": "chain-138-capability-dodo-planned-usdc-weth", + "status": "planned", + "fromChainId": 138, + "toChainId": 138, + "routeType": "swap", + "reason": "Set CHAIN138_POOL_WETH_USDC after the canonical WETH/USDC pool is created and funded.", + "tokenInSymbols": [ + "USDC", + "WETH" + ] } ] } diff --git a/config/besu-node-lists/README.md b/config/besu-node-lists/README.md index c1e650a0..d02e3ea1 100644 --- a/config/besu-node-lists/README.md +++ b/config/besu-node-lists/README.md @@ -27,9 +27,9 @@ See [docs/06-besu/MASTER_DOCS_AND_NODE_LISTS_REVIEW.md](../../docs/06-besu/MASTE - **New node (e.g. 1504, 2102):** Get the node’s enode (e.g. from `admin_nodeInfo` or the node’s data dir), add it to both files here, then run the deploy script. - **Node removed:** Remove its enode from both files and redeploy. - **Regenerate all (no duplicates):** Run `bash scripts/besu/collect-enodes-from-all-besu-nodes.sh` to collect from every node (admin_nodeInfo or `besu public-key export`), merge with existing for unreachable nodes, and overwrite both files. -- **Fix failures only:** Run `bash scripts/besu/collect-enodes-from-all-besu-nodes.sh --missing-only` to try only VMIDs whose IP is not yet in the list (no full 32-node sweep). -- **Generate missing node keys:** Run `bash scripts/besu/generate-node-keys-for-missing-vmids.sh [--force] [--collect]` to create `/data/besu/key` (64-hex) only for VMIDs not yet in the list. Use `--force` to overwrite PEM/wrong-format keys; use `--collect` to run collect --missing-only after. Containers without Besu (1505–1508, 2501–2505) are supported via helper nodes (1504 on ml110, 2500 on r630-01). -- **Install Besu permanently on nodes missing it:** Run `bash scripts/besu/install-besu-permanent-on-missing-nodes.sh` to install Besu (23.10.3) in 1505–1508 and 2501–2505, deploy config/genesis/node lists, and enable+start the service so RPC/sentry runs after reboot. +- **Fix failures only:** Run `bash scripts/besu/collect-enodes-from-all-besu-nodes.sh --missing-only` to try only VMIDs whose IP is not yet in the list (no full 37-node sweep). +- **Generate missing node keys:** Run `bash scripts/besu/generate-node-keys-for-missing-vmids.sh [--force] [--collect]` to create `/data/besu/key` (64-hex) only for VMIDs not yet in the list. Use `--force` to overwrite PEM/wrong-format keys; use `--collect` to run collect --missing-only after. Current auxiliary / edge nodes include sentries `1505–1510` and RPCs `2420/2430/2440/2460/2470/2480`. +- **Install Besu permanently on nodes missing it:** Run `bash scripts/besu/install-besu-permanent-on-missing-nodes.sh` to install the current Besu line used by the fleet, deploy config/genesis/node lists, and enable+start the service so RPC/sentry runs after reboot. ## Sentry 1504 (.154) diff --git a/config/besu-node-lists/permissions-nodes.toml b/config/besu-node-lists/permissions-nodes.toml index ff674b8e..7644615c 100644 --- a/config/besu-node-lists/permissions-nodes.toml +++ b/config/besu-node-lists/permissions-nodes.toml @@ -1,6 +1,6 @@ # Node Permissioning — SINGLE SOURCE OF TRUTH for all Besu nodes # Must match config/besu-node-lists/static-nodes.json and be deployed to every node. -# Generated by scripts/besu/collect-enodes-from-all-besu-nodes.sh — 34 enodes (incl. Putu RPC 2307/2308 .237/.238). +# Generated by scripts/besu/collect-enodes-from-all-besu-nodes.sh — 37 enodes (incl. 2103 refreshed, Putu RPC 2307/2308 .237/.238, and Thirdweb sentries 1509/1510). nodes-allowlist=[ "enode://2221dd9fc65c9082d4a937832cba9f6759981888df6798407c390bd153f4332c152ea5d03dd9d9cda74d7990fb3479a5c4ba7166269322be9790eed9ebdcfe24@192.168.11.100:30303", @@ -15,10 +15,13 @@ nodes-allowlist=[ "enode://225d902bf840379ce122f8cc431a542ddee0bde3e949b48767285bbc9c774cc3fc22cd4913ee72f0a19dce266e3ecb66dba5c58092d0b0e5ceb4e13bf96a1a68@192.168.11.154:30303", "enode://afa44c03ac3dd97efcbbef8edea11d1edf23bd595f30d4cf0c4be364d0b194e4217926a37141b54dcff71107f9ee257f621553cd867a2c9fa5a5537b3ae59746@192.168.11.213:30303", "enode://5f048208071f2a3036128433e1e4a647a7683abd8bc0f27d063e2933ced983accdfc44998666f3be711e4eff27511142d9989775b86cdbe28c79b74409fc36bb@192.168.11.214:30303", + "enode://8a3337adcc2d177caf3aee26b3b6077d9adf126c580e12f352743ca07828f056ceb1d5fb1a06287e2dbbe19043fcc4b9bdd2ca9ae2a2c9142cf0cc3a549bfc68@192.168.11.219:30303", + "enode://09fe518689c54a34c3dac8aebf3c94bfc390f4bae143a80c57d92a502414df0689d12a2243ff9376c2f44a419894d934b4f47783ced31ea9668522078854e58f@192.168.11.220:30303", "enode://8da1b586e2e98f521f07148d3bb5d81fde151ce3d5738b51bc36e2c81de1aaa5404ce31e991b4393bbe471934f0a9a31f78d1d7c17c1899c3e2dde5e9f16eb24@192.168.11.244:30303", "enode://acd46d31913b8379f075467cd88d2ea650d33474d2f9546426da4a414fe92233584c9d8c2e1ea9962fa4257c20b66c9434d0488e51c632f285205d6a379cfbd6@192.168.11.245:30303", "enode://6cdc892fa09afa2b05c21cc9a1193a86cf0d195ce81b02a270d8bb987f78ca98ad90d907670796c90fc6e4eaf3b4cae6c0c15871e2564de063beceb4bbfc6532@192.168.11.211:30303", "enode://e53713bb77ad9f39e8a04b9c82aadddd3449220167f546bca8e9f36f6ebf60ae003e48ac293790e2bd7b0aca382777db9eca61d6f048c04f9dbe65eedb79d893@192.168.11.212:30303?discport=0", + "enode://e871ff3b1f58b9a87122e552b2404e1893bf92ae74d4fa6bc2bd002d0350c506ea452f4aefa1a3497ef32694c4beb48bf8a006d2b82f57649c90b22f59044aad@192.168.11.217:30303?discport=0", "enode://07daf3d64079faa3982bc8be7aa86c24ef21eca4565aae4a7fd963c55c728de0639d80663834634edf113b9f047d690232ae23423c64979961db4b6449aa6dfd@192.168.11.221:30303", "enode://868bd957d6d887944deac0190161a3db7d1316a022e40a2383d5c334aa3fb8bc7ca36f165b6fb377b77d202fec46f3840f2f659b6a47807b7ce9b944b8382f10@192.168.11.232:30303", "enode://688f271d94c7995600ae36d25aa2fb92fea0c52e50e86c598be8966515458c1408b67fba76e1f771073e4774a6e399588443da63394ea25d56e6ca36f2288e00@192.168.11.233:30303", diff --git a/config/besu-node-lists/static-nodes.json b/config/besu-node-lists/static-nodes.json index a3ed3654..91e6ed25 100644 --- a/config/besu-node-lists/static-nodes.json +++ b/config/besu-node-lists/static-nodes.json @@ -11,10 +11,13 @@ "enode://225d902bf840379ce122f8cc431a542ddee0bde3e949b48767285bbc9c774cc3fc22cd4913ee72f0a19dce266e3ecb66dba5c58092d0b0e5ceb4e13bf96a1a68@192.168.11.154:30303", "enode://afa44c03ac3dd97efcbbef8edea11d1edf23bd595f30d4cf0c4be364d0b194e4217926a37141b54dcff71107f9ee257f621553cd867a2c9fa5a5537b3ae59746@192.168.11.213:30303", "enode://5f048208071f2a3036128433e1e4a647a7683abd8bc0f27d063e2933ced983accdfc44998666f3be711e4eff27511142d9989775b86cdbe28c79b74409fc36bb@192.168.11.214:30303", + "enode://8a3337adcc2d177caf3aee26b3b6077d9adf126c580e12f352743ca07828f056ceb1d5fb1a06287e2dbbe19043fcc4b9bdd2ca9ae2a2c9142cf0cc3a549bfc68@192.168.11.219:30303", + "enode://09fe518689c54a34c3dac8aebf3c94bfc390f4bae143a80c57d92a502414df0689d12a2243ff9376c2f44a419894d934b4f47783ced31ea9668522078854e58f@192.168.11.220:30303", "enode://8da1b586e2e98f521f07148d3bb5d81fde151ce3d5738b51bc36e2c81de1aaa5404ce31e991b4393bbe471934f0a9a31f78d1d7c17c1899c3e2dde5e9f16eb24@192.168.11.244:30303", "enode://acd46d31913b8379f075467cd88d2ea650d33474d2f9546426da4a414fe92233584c9d8c2e1ea9962fa4257c20b66c9434d0488e51c632f285205d6a379cfbd6@192.168.11.245:30303", "enode://6cdc892fa09afa2b05c21cc9a1193a86cf0d195ce81b02a270d8bb987f78ca98ad90d907670796c90fc6e4eaf3b4cae6c0c15871e2564de063beceb4bbfc6532@192.168.11.211:30303", "enode://e53713bb77ad9f39e8a04b9c82aadddd3449220167f546bca8e9f36f6ebf60ae003e48ac293790e2bd7b0aca382777db9eca61d6f048c04f9dbe65eedb79d893@192.168.11.212:30303?discport=0", + "enode://e871ff3b1f58b9a87122e552b2404e1893bf92ae74d4fa6bc2bd002d0350c506ea452f4aefa1a3497ef32694c4beb48bf8a006d2b82f57649c90b22f59044aad@192.168.11.217:30303?discport=0", "enode://07daf3d64079faa3982bc8be7aa86c24ef21eca4565aae4a7fd963c55c728de0639d80663834634edf113b9f047d690232ae23423c64979961db4b6449aa6dfd@192.168.11.221:30303", "enode://868bd957d6d887944deac0190161a3db7d1316a022e40a2383d5c334aa3fb8bc7ca36f165b6fb377b77d202fec46f3840f2f659b6a47807b7ce9b944b8382f10@192.168.11.232:30303", "enode://688f271d94c7995600ae36d25aa2fb92fea0c52e50e86c598be8966515458c1408b67fba76e1f771073e4774a6e399588443da63394ea25d56e6ca36f2288e00@192.168.11.233:30303", diff --git a/config/btc-settlement-pathways.json b/config/btc-settlement-pathways.json new file mode 100644 index 00000000..3442a40e --- /dev/null +++ b/config/btc-settlement-pathways.json @@ -0,0 +1,133 @@ +{ + "schemaVersion": 1, + "updated": "2026-04-03", + "description": "End-to-end pathways from Chain 138 to native BTC via Changelly (partner API) or Atomic Wallet (user-operated swap). Used by orchestration design; does not imply keys or contracts are configured.", + "homeChainId": 138, + "destinationAsset": { + "symbol": "BTC", + "network": "bitcoin-mainnet", + "addressFormat": "bech32-p2wpkh-or-legacy" + }, + "references": { + "mainnetLiquidityPlan": "docs/00-meta/MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md", + "rampUserFlows": "docs/04-configuration/MAINNET_RAMP_USER_FLOWS.md", + "deployedBridgesStatus": "docs/11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md", + "changellyDocs": "https://docs.changelly.com/", + "changellySupportEmail": "pro@changelly.com", + "atomicWalletSwapKb": "https://support.atomicwallet.io/article/73-how-to-make-an-exchange" + }, + "changelly": { + "product": "Changelly Exchange API v2", + "integrationSurface": "backend_jsonrpc", + "apiBaseUrl": "https://api.changelly.com/v2", + "authentication": { + "headers": ["X-Api-Key", "X-Api-Signature"], + "signatureAlgorithm": "RSA-SHA256 over raw JSON-RPC body", + "note": "Generate RSA keypair; register public key with Changelly; never expose private key to browsers." + }, + "documentedRpcFlow": [ + "getCurrencies", + "getPairsParams", + "getMinAmount", + "validateAddress", + "getExchangeAmount", + "createTransaction", + "getTransactions (poll status)" + ], + "envVars": [ + "CHANGELLY_API_PUBLIC_KEY", + "CHANGELLY_API_PRIVATE_KEY_PEM_PATH" + ] + }, + "atomicWallet": { + "product": "Atomic Wallet (desktop/mobile)", + "integrationSurface": "user_operated", + "note": "Swaps route through in-wallet partners to deposit addresses; there is no documented first-party B2B swap API equivalent to Changelly v2 for arbitrary server-side settlement. Use for operator or end-user manual path after funds sit on a chain Atomic supports.", + "supportedChainsForSwap": "See in-app asset list; typically includes BTC and major EVM assets when counterpart is available." + }, + "pathways": [ + { + "id": "138-evm-changelly-btc-treasury", + "label": "Automated-friendly: 138 → Ethereum mainnet stables/ETH → Changelly → BTC payout address", + "venue": "changelly", + "automationTier": "high", + "summary": "Bridge and swap on-chain until Ethereum holds USDT, USDC, ETH, or WETH that Changelly lists; backend calls createTransaction with payout btc address; treasury sends the exact deposit amount to Changelly’s deposit address.", + "preconditions": [ + "Ethereum mainnet liquidity for chosen bridge (LiquidityPoolETH / CCIP WETH path per MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md)", + "Changelly partner API key registered (pro@changelly.com)", + "Treasury hot wallet on Ethereum with gas ETH and sendable USDT/USDC/ETH per quote", + "Confirm Changelly ticker names for from-currency (e.g. eth, usdt20, usdc) match your token contract version" + ], + "steps": [ + { + "order": 1, + "chainId": 138, + "action": "swap_to_bridge_asset", + "detail": "Use DODOPMMIntegration / EnhancedSwapRouter on 138 to convert source (e.g. cUSDT, cUSDC) into the token your bridge expects (often WETH for CCIP WETH bridges, or corridor-specific asset)." + }, + { + "order": 2, + "chainId": 138, + "action": "bridge_to_ethereum", + "detail": "Execute CCIP or trustless bridge to Ethereum mainnet per deployed bridge matrix (DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md)." + }, + { + "order": 3, + "chainId": 1, + "action": "optional_swap_on_mainnet", + "detail": "If payout asset is wrong shape (e.g. WETH only, need USDT), swap on mainnet via DEX/aggregator to Changelly-accepted from-currency." + }, + { + "order": 4, + "chainId": 0, + "action": "changelly_quote_and_create", + "detail": "JSON-RPC: getMinAmount, getExchangeAmount, validateAddress(BTC), createTransaction with amount, from, to btc, address = user btc address. Store payin address + id." + }, + { + "order": 5, + "chainId": 1, + "action": "send_payin", + "detail": "Broadcast Ethereum tx from treasury to Changelly deposit address for exact amount; single output per Changelly rules for UTXO targets." + }, + { + "order": 6, + "chainId": 0, + "action": "poll_until_btc_sent", + "detail": "Poll getTransactions / status until outbound BTC confirmed; record btc txid for reconciliation." + } + ] + }, + { + "id": "138-evm-atomic-user-btc", + "label": "User-operated: 138 → Ethereum → Atomic Wallet swap → BTC", + "venue": "atomic_wallet", + "automationTier": "low", + "summary": "After funds arrive on an Ethereum address the user controls in Atomic Wallet, user runs in-app Exchange to BTC; no server-side Atomic swap API in repo.", + "preconditions": [ + "Bridge completes to user-controlled Ethereum address (same EOA in MetaMask and Atomic, or user sends to Atomic-seeded wallet)", + "User installs Atomic Wallet and holds seed phrase", + "Asset appears in Atomic’s supported list for swap into BTC" + ], + "steps": [ + { + "order": 1, + "chainId": 138, + "action": "swap_and_bridge_to_user_eoa_mainnet", + "detail": "Same as Changelly path steps 1–2 but recipient is user’s Ethereum mainnet address." + }, + { + "order": 2, + "chainId": 1, + "action": "user_opens_atomic_exchange", + "detail": "In Atomic: Exchange → select from asset (ETH/USDT/USDC etc.) → to BTC → enter amount and destination BTC address (often same app wallet’s BTC account)." + }, + { + "order": 3, + "chainId": 0, + "action": "user_completes_partner_flow", + "detail": "Follow Atomic prompts (rates non-fixed, ~20 min typical per vendor KB); user bears slippage and network fees." + } + ] + } + ] +} diff --git a/config/compliance-matrix/README.md b/config/compliance-matrix/README.md new file mode 100644 index 00000000..ba4a95de --- /dev/null +++ b/config/compliance-matrix/README.md @@ -0,0 +1,14 @@ +# Global compliance matrix index + +**Canonical index:** [`global-compliance-matrix-index.json`](global-compliance-matrix-index.json) + +This folder holds a **top-level registry** of compliance packages by jurisdiction or region. Each entry points to a **drill-down manifest** under [`jurisdictions/`](jurisdictions/) that lists: + +- Transaction-grade JSON matrices (Indonesia / JVMTM) +- Audit closure matrices (markdown) +- Institutional submission binders (Indonesia 4.995 package) +- Regional rulebook mappings (e.g. SEPA under `gru-docs/`) + +**Indonesia drill-down:** [`jurisdictions/ID.json`](jurisdictions/ID.json) → `config/jvmtm-regulatory-closure/transaction-compliance-matrix.json` plus submission docs in `docs/04-configuration/mifos-omnl-central-bank/`. + +**Validation:** `python3 scripts/validation/validate-global-compliance-matrix-index.py` (also invoked from `scripts/validation/validate-jvmtm-regulatory-closure-schemas.sh`). diff --git a/config/compliance-matrix/global-compliance-matrix-index.json b/config/compliance-matrix/global-compliance-matrix-index.json new file mode 100644 index 00000000..2fe04a46 --- /dev/null +++ b/config/compliance-matrix/global-compliance-matrix-index.json @@ -0,0 +1,30 @@ +{ + "schema_version": 1, + "matrix_version": "2026-04-03", + "title": "Global compliance matrix index", + "description": "Top-level registry of jurisdiction and regional compliance packages. Each row links to a manifest JSON for drill-down (controls, audit closure, submission binders, or regional rulebook mappings).", + "canonical_format": "json", + "cross_cutting": { + "dbis_institutional": "config/dbis-institutional/README.md", + "settlement_stack_runbook": "docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md", + "iso_gateway_spec": "docs/dbis-rail/ISO_GATEWAY_AND_RELAYER_SPEC.md" + }, + "jurisdictions": [ + { + "jurisdiction_id": "ID", + "display_name": "Indonesia", + "iso_3166_alpha2": "ID", + "status": "active", + "summary": "JVMTM audit closure (INAAUDJVMTM 2025), transaction-grade operator pack, OJK/BI identifier policy, BI/MoF institutional submission binder (4.995).", + "jurisdiction_manifest": "config/compliance-matrix/jurisdictions/ID.json" + }, + { + "jurisdiction_id": "EU-SEPA", + "display_name": "European Union (SEPA — GRU docs)", + "iso_3166_alpha2": null, + "status": "active", + "summary": "SEPA Credit Transfer rulebook mapping in gru-docs; separate from Indonesia JVMTM JSON controls.", + "jurisdiction_manifest": "config/compliance-matrix/jurisdictions/EU-SEPA.json" + } + ] +} diff --git a/config/compliance-matrix/jurisdictions/EU-SEPA.json b/config/compliance-matrix/jurisdictions/EU-SEPA.json new file mode 100644 index 00000000..ba07529d --- /dev/null +++ b/config/compliance-matrix/jurisdictions/EU-SEPA.json @@ -0,0 +1,25 @@ +{ + "schema_version": 1, + "jurisdiction_id": "EU-SEPA", + "iso_3166_alpha2": null, + "display_name": "European Union (SEPA — GRU documentation)", + "summary": "GRU site compliance set for SEPA Credit Transfer / SCT Inst rulebook mapping (markdown); use alongside global settlement runbooks when EUR rails apply.", + "audit_engagements": [], + "regulators": [ + {"short": "EPC", "full_name": "European Payments Council"} + ], + "compliance_packages": [ + { + "package_id": "gru-sepa-compliance-matrix", + "kind": "regional_markdown", + "title": "SEPA Compliance Matrix for GRU System", + "description": "Maps GRU implementation to EPC SEPA rulebook elements (ISO 20022); maintained under gru-docs.", + "human_readable_md": [ + "gru-docs/_compliance/sepa/SEPA_Compliance_Matrix.md" + ], + "index_md": [ + "gru-docs/compliance.md" + ] + } + ] +} diff --git a/config/compliance-matrix/jurisdictions/ID.json b/config/compliance-matrix/jurisdictions/ID.json new file mode 100644 index 00000000..023b03ea --- /dev/null +++ b/config/compliance-matrix/jurisdictions/ID.json @@ -0,0 +1,51 @@ +{ + "schema_version": 1, + "jurisdiction_id": "ID", + "iso_3166_alpha2": "ID", + "display_name": "Indonesia", + "summary": "Transaction-grade controls derived from JVMTM Tables B/C/D closure; supervisory submission artifacts for HYBX-BATCH-001 (Bank Kanaya / BI–MoF package).", + "audit_engagements": [ + { + "id": "018215821582", + "label": "INAAUDJVMTM/2025", + "closure_matrix": "config/jvmtm-regulatory-closure/INAAUDJVMTM_2025_AUDIT_CLOSURE_MATRIX.md" + } + ], + "regulators": [ + {"short": "BI", "full_name": "Bank Indonesia"}, + {"short": "OJK", "full_name": "Otoritas Jasa Keuangan"}, + {"short": "MoF", "full_name": "Ministry of Finance of the Republic of Indonesia"}, + {"short": "PPATK", "full_name": "Indonesian Financial Transaction Reports and Analysis Centre (PPATK)"} + ], + "compliance_packages": [ + { + "package_id": "jvmtm-transaction-grade", + "kind": "transaction_controls_json", + "title": "JVMTM transaction-grade compliance matrix", + "description": "Canonical controls and runtime slots for pre-transaction through high-value mode; maps to audit rows and repo evidence.", + "canonical_matrix_json": "config/jvmtm-regulatory-closure/transaction-compliance-matrix.json", + "spreadsheet_csv": "config/jvmtm-regulatory-closure/transaction-compliance-matrix.csv", + "human_readable_md": [ + "config/jvmtm-regulatory-closure/JVMTM_TRANSACTION_GRADE_COMPLIANCE_MATRIX.md", + "config/jvmtm-regulatory-closure/README.md" + ], + "policy_md": [ + "docs/03-deployment/OJK_BI_AUDIT_JVMTM_REMEDIATION_AND_UETR_POLICY.md" + ] + }, + { + "package_id": "submission-binder-hybx-batch-001", + "kind": "institutional_submission", + "title": "Indonesia central bank / MoF submission package (4.995 target)", + "description": "Master proof manifest, binder layout, scorecard, and regulatory annex for institutional transmission.", + "entry_point_md": [ + "docs/04-configuration/mifos-omnl-central-bank/INDONESIA_MASTER_PROOF_MANIFEST.md", + "docs/04-configuration/mifos-omnl-central-bank/INDONESIA_CENTRAL_BANK_SUBMISSION_BINDER.md", + "docs/04-configuration/mifos-omnl-central-bank/INDONESIA_SUBMISSION_PACKAGE_GRADE_AND_SCORECARD.md", + "docs/04-configuration/mifos-omnl-central-bank/INDONESIA_PACKAGE_4_995_EVIDENCE_STANDARD.md", + "docs/04-configuration/mifos-omnl-central-bank/INDONESIA_REGULATORY_REFERENCES_ANNEX.md", + "docs/04-configuration/mifos-omnl-central-bank/HYBX_BATCH_001_OPERATOR_CHECKLIST.md" + ] + } + ] +} diff --git a/config/dbis-institutional/README.md b/config/dbis-institutional/README.md index 52ecf385..2e4eedb6 100644 --- a/config/dbis-institutional/README.md +++ b/config/dbis-institutional/README.md @@ -6,6 +6,13 @@ Machine-readable artifacts for **OMNL + DBIS Core + Chain 138 + RTGS** integrati [OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md](../../docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md) +## WEB3-ETH-IBAN (`web3_eth_iban`) vs bank IBAN + +In this registry, **`aliases[].aliasType` = `web3_eth_iban`** is an **Ethereum presentation alias**: an **XE…** string in the same family as [ICAP / IBAN-style encoding](https://github.com/ethereum/wiki/wiki/ICAP:-Inter-exchange-Client-Address-Protocol) used by [Web3.js `Iban`](https://docs.web3js.org/libdocs/Iban). It is **not** a SWIFT bank IBAN. **`fiat_rails[].railType` = `iban`** is for **regulated fiat** account identifiers. + +- **Validate checksum and resolve to `address`:** from repo root, `node scripts/verify/validate-address-registry-xe-aliases.mjs [file.json …]` (defaults to institutional examples). Wired into `validate-dbis-institutional-schemas.sh` when `node` and npm package `web3-eth-iban` are installed at the workspace root. +- **Library:** [`web3-eth-iban`](https://www.npmjs.com/package/web3-eth-iban) (also bundled as `web3.eth.Iban` in web3.js v1). + ## Event producers (`event-producers.manifest.json`) Registered logical emitters for `settlement-event.event_producer` (kept in sync with the `enum` in `schemas/settlement-event.schema.json`). Add a producer: extend both the manifest and the schema enum in one change. @@ -25,7 +32,7 @@ Registered logical emitters for `settlement-event.event_producer` (kept in sync | `settlement-event.chain138-primary.example.json` | Same schema; **Chain 138 as authoritative rail** — no `uetr`; `rtgs_message_ids.rail` + internal refs; see [OJK_BI_AUDIT_JVMTM_REMEDIATION_AND_UETR_POLICY.md](../../docs/03-deployment/OJK_BI_AUDIT_JVMTM_REMEDIATION_AND_UETR_POLICY.md) | | `settlement-event.min.json` | **Minimal** valid `CHAIN_SETTLEMENT` fixture (required fields + `chain_tx_hash` / `chain_id`); CI baseline in `validate-dbis-institutional-schemas.sh`. | | `settlement-events-batch.example.json` | Each array element validated against `settlement-event.schema.json` (see `validate-dbis-institutional-schemas.sh`) | -| `address-registry-entry.example.json` | `address-registry-entry.schema.json` | +| `address-registry-entry.example.json` | `address-registry-entry.schema.json`; `web3_eth_iban` uses a valid **XE…** string that resolves to `address` (see XE section above) | | `address-registry-entries-batch.example.json` | Each array element validated against `address-registry-entry.schema.json` | Examples use placeholder addresses and ids; replace with live data in a secure store (not committed). diff --git a/config/dbis-institutional/examples/address-registry-entry.example.json b/config/dbis-institutional/examples/address-registry-entry.example.json index 95905a63..5494aebf 100644 --- a/config/dbis-institutional/examples/address-registry-entry.example.json +++ b/config/dbis-institutional/examples/address-registry-entry.example.json @@ -8,7 +8,7 @@ "omnl_office_id": 22, "dbis_participant_id": "PART-ID-OMNL-HO-001", "chain_id": 138, - "address": "0x0000000000000000000000000000000000000001", + "address": "0x00c5496aEe77C1bA1f0854206A26DdA82a81D6D8", "addressRole": "treasury_vault", "fiat_rails": [ { @@ -27,7 +27,7 @@ }, { "aliasType": "web3_eth_iban", - "aliasValue": "ETHXXXXXXXXXXXXXXXX", + "aliasValue": "XE7338O073KYGTWWZN0F2WZ0R8PX5ZPPZS", "validFrom": "2026-03-15T00:00:00Z" }, { diff --git a/config/deployer-gas-routes.json b/config/deployer-gas-routes.json index d1f375a8..3103828c 100644 --- a/config/deployer-gas-routes.json +++ b/config/deployer-gas-routes.json @@ -1,6 +1,17 @@ { "description": "Chain-to-method mapping for deployer gas auto-route: swap/bridge ERC-20 to native gas per chain. Used by scripts/deployment/deployer-gas-auto-route.sh.", "deployerAddress": "0x4A666F96fC8764181194447A7dFdb7d471b301C8", + "nonEvmNetworks": [ + { + "identifier": "Solana", + "vmKind": "SVM", + "nativeSymbol": "SOL", + "method": "manual", + "caip2": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp", + "manualInstructions": "Acquire SOL for Solana mainnet-beta gas and fund the assigned Solana deployer / relay signer when the Solana rollout wave is opened. This entry is planning-only; deployer-gas-auto-route.sh currently processes only the EIP-155 .chains array.", + "note": "Desired non-EVM deployment network for future GRU / cW-style mirrored assets via a bridge-wrapped or SPL-native representation." + } + ], "chains": [ { "chainId": 138, @@ -8,10 +19,10 @@ "nativeSymbol": "ETH", "thresholdEther": "0.006", "method": "internal", - "tokenAggregationBaseUrl": "https://dbis-api.d-bis.org/api/v1", + "tokenAggregationBaseUrl": "https://explorer.d-bis.org/token-aggregation/api/v1", "tokenAggregationFallbackUrl": "http://192.168.11.140:3001", - "dodoPmmIntegration": "0x79cdbaFBaA0FdF9F55D26F360F54cddE5c743F7D", - "poolCusdtCusdc": "0x9fcB06Aa1FD5215DC0E91Fd098aeff4B62fEa5C8", + "dodoPmmIntegration": "0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895", + "poolCusdtCusdc": "0x9e89bAe009adf128782E19e8341996c596ac40dC", "cusdt": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", "cusdc": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", "weth9": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", diff --git a/config/flash_candidates-chain138.json b/config/flash_candidates-chain138.json new file mode 100644 index 00000000..8fadb80f --- /dev/null +++ b/config/flash_candidates-chain138.json @@ -0,0 +1 @@ +{"schemaVersion":1,"generatedAt":"2026-04-02T23:12:00Z","rpcUrl":"https://rpc-core.d-bis.org","chainId":138,"description":"Heuristic flash/callback selector scan; false positives possible (e.g. unrelated executeOperation).","flashSelectorsReference":[{"selector":"0x10d1e85c","signature":"uniswapV2Call(address,uint256,uint256,bytes)"},{"selector":"0x244dac6e","signature":"executeOperation(address,address,address,uint256,uint256,bytes)"},{"selector":"0x2b2d17ad","signature":"flashLoanSimple(address,uint256,bytes,uint16)"},{"selector":"0x2eaeb2e6","signature":"DSPFlashLoanCall(address,uint256,uint256,bytes)"},{"selector":"0x3e0a794c","signature":"operateAction(uint8,uint256,bytes)"},{"selector":"0x4d7f652f","signature":"DPPFlashLoanCall(address,uint256,uint256,bytes)"},{"selector":"0x5c38449e","signature":"flashLoan(address,address[],uint256[],bytes)"},{"selector":"0x5cffe9de","signature":"flashLoan(address,address,uint256,bytes)"},{"selector":"0x613255ab","signature":"maxFlashLoan(address)(uint256)"},{"selector":"0x88e492ab","signature":"flashFees(address,address)(uint256)"},{"selector":"0xadf51de1","signature":"flashLoan(address,uint256,address,bytes)"},{"selector":"0xd0a494e4","signature":"flashLoan(uint256,uint256,address,bytes)"},{"selector":"0xeb2021c3","signature":"DVMFlashLoanCall(address,uint256,uint256,bytes)"},{"selector":"0xf740f328","signature":"flash(address,uint256,bytes)"},{"selector":"0xf859ddd7","signature":"flashLoan(address,uint256,uint256,address,bytes)"},{"selector":"0xfc08f9f6","signature":"executeOperation(address[],uint256[],uint256[],address,address,bytes)"}],"candidates":[{"name":"WETH10","address":"0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f","matchedSelectors":["0x5cffe9de","0x613255ab"],"matchedSignatures":["flashLoan(address,address,uint256,bytes)","maxFlashLoan(address)(uint256)"]}],"scannedContracts":[{"name":"WETH9","address":"0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2","bytecodeHexChars":6248,"flashMatchCount":0},{"name":"WETH10","address":"0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f","bytecodeHexChars":19950,"flashMatchCount":2},{"name":"Oracle_Aggregator","address":"0x99b3511a2d315a497c8112c1fdd8d508d4b1e506","bytecodeHexChars":7954,"flashMatchCount":0},{"name":"Oracle_Proxy","address":"0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6","bytecodeHexChars":1308,"flashMatchCount":0},{"name":"CCIP_Router","address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817","bytecodeHexChars":8568,"flashMatchCount":0},{"name":"CCIP_Router_Direct_Legacy","address":"0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e","bytecodeHexChars":8568,"flashMatchCount":0},{"name":"CCIP_Sender","address":"0x105F8A15b819948a89153505762444Ee9f324684","bytecodeHexChars":10346,"flashMatchCount":0},{"name":"CCIPWETH9_Bridge","address":"0xcacfd227A040002e49e2e01626363071324f820a","bytecodeHexChars":13716,"flashMatchCount":0},{"name":"CCIPWETH9_Bridge_Direct_Legacy","address":"0x971cD9D156f193df8051E48043C476e53ECd4693","bytecodeHexChars":13012,"flashMatchCount":0},{"name":"CCIPWETH10_Bridge","address":"0xe0E93247376aa097dB308B92e6Ba36bA015535D0","bytecodeHexChars":13046,"flashMatchCount":0},{"name":"LINK","address":"0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03","bytecodeHexChars":3776,"flashMatchCount":0},{"name":"cUSDT","address":"0x93E66202A11B1772E55407B32B44e5Cd8eda7f22","bytecodeHexChars":13610,"flashMatchCount":0},{"name":"cUSDC","address":"0xf22258f57794CC8E06237084b353Ab30fFfa640b","bytecodeHexChars":13610,"flashMatchCount":0},{"name":"TokenRegistry","address":"0x91Efe92229dbf7C5B38D422621300956B55870Fa","bytecodeHexChars":10716,"flashMatchCount":0},{"name":"TokenFactory","address":"0xEBFb5C60dE5f7C4baae180CA328D3BB39E1a5133","bytecodeHexChars":7692,"flashMatchCount":0},{"name":"ComplianceRegistry","address":"0xbc54fe2b6fda157c59d59826bcfdbcc654ec9ea1","bytecodeHexChars":7158,"flashMatchCount":0},{"name":"BridgeVault","address":"0x31884f84555210FFB36a19D2471b8eBc7372d0A8","bytecodeHexChars":6494,"flashMatchCount":0},{"name":"FeeCollector","address":"0xF78246eB94c6CB14018E507E60661314E5f4C53f","bytecodeHexChars":10166,"flashMatchCount":0},{"name":"DebtRegistry","address":"0x95BC4A997c0670d5DAC64d55cDf3769B53B63C28","bytecodeHexChars":5342,"flashMatchCount":0},{"name":"PolicyManager","address":"0x0C4FD27018130A00762a802f91a72D6a64a60F14","bytecodeHexChars":7606,"flashMatchCount":0},{"name":"TokenImplementation","address":"0x0059e237973179146237aB49f1322E8197c22b21","bytecodeHexChars":20174,"flashMatchCount":0},{"name":"PriceFeed_Keeper","address":"0xD3AD6831aacB5386B8A25BB8D8176a6C8a026f04","bytecodeHexChars":10746,"flashMatchCount":0},{"name":"OraclePriceFeed","address":"0x8918eE0819fD687f4eb3e8b9B7D0ef7557493cfa","bytecodeHexChars":9482,"flashMatchCount":0},{"name":"WETH_MockPriceFeed","address":"0x3e8725b8De386feF3eFE5678c92eA6aDB41992B2","bytecodeHexChars":3048,"flashMatchCount":0},{"name":"MerchantSettlementRegistry","address":"0x16D9A2cB94A0b92721D93db4A6Cd8023D3338800","bytecodeHexChars":8498,"flashMatchCount":0},{"name":"WithdrawalEscrow","address":"0xe77cb26eA300e2f5304b461b0EC94c8AD6A7E46D","bytecodeHexChars":11900,"flashMatchCount":0},{"name":"UniversalAssetRegistry","address":"0xAEE4b7fBe82E1F8295951584CBc772b8BBD68575","bytecodeHexChars":266,"flashMatchCount":0},{"name":"GovernanceController","address":"0xA6891D5229f2181a34D4FF1B515c3Aa37dd90E0e","bytecodeHexChars":266,"flashMatchCount":0},{"name":"UniversalCCIPBridge","address":"0xCd42e8eD79Dc50599535d1de48d3dAFa0BE156F8","bytecodeHexChars":266,"flashMatchCount":0},{"name":"BridgeOrchestrator","address":"0x89aB428c437f23bAB9781ff8Db8D3848e27EeD6c","bytecodeHexChars":266,"flashMatchCount":0},{"name":"PaymentChannelManager","address":"0x302aF72966aFd21C599051277a48DAa7f01a5f54","bytecodeHexChars":10474,"flashMatchCount":0},{"name":"GenericStateChannelManager","address":"0xe5e3bB424c8a0259FDE23F0A58F7e36f73B90aBd","bytecodeHexChars":10686,"flashMatchCount":0},{"name":"AddressMapper","address":"0x439Fcb2d2ab2f890DCcAE50461Fa7d978F9Ffe1A","bytecodeHexChars":2944,"flashMatchCount":0},{"name":"MirrorManager","address":"0x6eD905A30c552a6e003061A38FD52A5A427beE56","bytecodeHexChars":3290,"flashMatchCount":0},{"name":"Lockbox138","address":"0xFce6f50B312B3D936Ea9693C5C9531CF92a3324c","bytecodeHexChars":3204,"flashMatchCount":0},{"name":"CREATE2Factory","address":"0x750E4a8adCe9f0e67A420aBE91342DC64Eb90825","bytecodeHexChars":1536,"flashMatchCount":0},{"name":"UniversalAssetRegistry_Deterministic","address":"0xC98602aa574F565b5478E8816BCab03C9De0870f","bytecodeHexChars":266,"flashMatchCount":0},{"name":"UniversalCCIPBridge_Deterministic","address":"0x532DE218b94993446Be30eC894442f911499f6a3","bytecodeHexChars":266,"flashMatchCount":0},{"name":"MirrorRegistry","address":"0x6427F9739e6B6c3dDb4E94fEfeBcdF35549549d8","bytecodeHexChars":3318,"flashMatchCount":0},{"name":"AlltraAdapter","address":"0x66FEBA2fC9a0B47F26DD4284DAd24F970436B8Dc","bytecodeHexChars":11524,"flashMatchCount":0},{"name":"TransactionMirror","address":"0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc","bytecodeHexChars":11494,"flashMatchCount":0},{"name":"DODO_Pool_cUSDT_cUSDC","address":"0x9e89bAe009adf128782E19e8341996c596ac40dC","bytecodeHexChars":90,"flashMatchCount":0},{"name":"DODOPMMIntegration","address":"0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895","bytecodeHexChars":23916,"flashMatchCount":0},{"name":"DODOPMMProvider","address":"0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e","bytecodeHexChars":13960,"flashMatchCount":0},{"name":"DODO_Pool_cUSDT_USDT","address":"0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66","bytecodeHexChars":90,"flashMatchCount":0},{"name":"DODO_Pool_cUSDC_USDC","address":"0xc39B7D0F40838cbFb54649d327f49a6DAC964062","bytecodeHexChars":90,"flashMatchCount":0},{"name":"ReserveSystem","address":"0x607e97cD626f209facfE48c1464815DDE15B5093","bytecodeHexChars":15974,"flashMatchCount":0},{"name":"ReserveTokenIntegration","address":"0x34B73e6EDFd9f85a7c25EeD31dcB13aB6E969b96","bytecodeHexChars":7800,"flashMatchCount":0},{"name":"RegulatedEntityRegistry","address":"0xEA4C892D6c1253797c5D95a05BF3863363080b4B","bytecodeHexChars":9092,"flashMatchCount":0},{"name":"VaultFactory","address":"0xB2Ac70f35A81481B005067ed6567a5043BA32336","bytecodeHexChars":29744,"flashMatchCount":0},{"name":"Ledger","address":"0x67b3831dc64C14FB9352B2a45C6Dd69b3C86B7af","bytecodeHexChars":10638,"flashMatchCount":0},{"name":"Liquidation","address":"0x3aCdbCB749d6037a02F0ef6ea2E5Fb89D31fAB72","bytecodeHexChars":6826,"flashMatchCount":0},{"name":"XAU_Oracle","address":"0xf23E1eDa304082ab7a81531dFE6020E6105e77A8","bytecodeHexChars":9532,"flashMatchCount":0},{"name":"cEURC","address":"0x8085961F9cF02b4d800A3c6d386D31da4B34266a","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cEURT","address":"0xdf4b71c61E5912712C1Bdd451416B9aC26949d72","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cGBPC","address":"0x003960f16D9d34F2e98d62723B6721Fb92074aD2","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cGBPT","address":"0x350f54e4D23795f86A9c03988c7135357CCaD97c","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cAUDC","address":"0xD51482e567c03899eecE3CAe8a058161FD56069D","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cJPYC","address":"0xEe269e1226a334182aace90056EE4ee5Cc8A6770","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cCHFC","address":"0x873990849DDa5117d7C644f0aF24370797C03885","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cCADC","address":"0x54dBd40cF05e15906A2C21f600937e96787f5679","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cXAUC","address":"0x290E52a8819A4fbD0714E517225429aA2B70EC6b","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"cXAUT","address":"0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E","bytecodeHexChars":14576,"flashMatchCount":0},{"name":"ISO20022Router","address":"0xBf1BB3E73C2DB7c4aebCd7bf757cdD1C12dE9074","bytecodeHexChars":5382,"flashMatchCount":0},{"name":"EXTRA_CANONICAL","address":"0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d","bytecodeHexChars":23916,"flashMatchCount":0},{"name":"EXTRA_CANONICAL","address":"0xff8d3b8fDF7B112759F076B69f4271D4209C0849","bytecodeHexChars":1150,"flashMatchCount":0},{"name":"EXTRA_CANONICAL","address":"0x6fc60DEDc92a2047062294488539992710b99D71","bytecodeHexChars":1150,"flashMatchCount":0},{"name":"EXTRA_CANONICAL","address":"0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263","bytecodeHexChars":1150,"flashMatchCount":0}],"emptyBytecode":[],"errors":[]} diff --git a/config/generated-node-configs/config-1505.toml b/config/generated-node-configs/config-1505.toml index 6e7b1095..a1d0ecdb 100644 --- a/config/generated-node-configs/config-1505.toml +++ b/config/generated-node-configs/config-1505.toml @@ -8,21 +8,20 @@ genesis-file="" network-id=138 p2p-host="192.168.11.213" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true # RPC rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-http-api=["ETH","NET","WEB3"] rpc-http-cors-origins=["*"] -rpc-http-api-enable-unsafe-txsigning=true rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-ws-api=["ETH","NET","WEB3"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-1506.toml b/config/generated-node-configs/config-1506.toml index 08361dc6..37233c47 100644 --- a/config/generated-node-configs/config-1506.toml +++ b/config/generated-node-configs/config-1506.toml @@ -8,21 +8,20 @@ genesis-file="" network-id=138 p2p-host="192.168.11.214" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true # RPC rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-http-api=["ETH","NET","WEB3"] rpc-http-cors-origins=["*"] -rpc-http-api-enable-unsafe-txsigning=true rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-ws-api=["ETH","NET","WEB3"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-1507.toml b/config/generated-node-configs/config-1507.toml index da75961f..fd608ec5 100644 --- a/config/generated-node-configs/config-1507.toml +++ b/config/generated-node-configs/config-1507.toml @@ -8,21 +8,20 @@ genesis-file="" network-id=138 p2p-host="192.168.11.244" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true # RPC rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-http-api=["ETH","NET","WEB3"] rpc-http-cors-origins=["*"] -rpc-http-api-enable-unsafe-txsigning=true rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-ws-api=["ETH","NET","WEB3"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-1508.toml b/config/generated-node-configs/config-1508.toml index 95a4843f..8fad9b66 100644 --- a/config/generated-node-configs/config-1508.toml +++ b/config/generated-node-configs/config-1508.toml @@ -8,21 +8,20 @@ genesis-file="" network-id=138 p2p-host="192.168.11.245" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true # RPC rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-http-api=["ETH","NET","WEB3"] rpc-http-cors-origins=["*"] -rpc-http-api-enable-unsafe-txsigning=true rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-ws-api=["ETH","NET","WEB3"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-2500.toml b/config/generated-node-configs/config-2500.toml index 765c2cc5..491bd364 100644 --- a/config/generated-node-configs/config-2500.toml +++ b/config/generated-node-configs/config-2500.toml @@ -1,5 +1,5 @@ -# Besu Configuration for besu-rpc-alltra-1 (VMID: 2500) -# Type: Full Function RPC Node +# Besu Configuration for besu-rpc-alltra-1 (legacy filename, live VMID: 2420) +# Type: Permissioned / Private RPC Node # Generated: Fri Jan 23 22:33:18 PST 2026 data-path="/data/besu" @@ -9,21 +9,20 @@ genesis-file="" network-id=138 p2p-host="192.168.11.172" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true -# RPC - Full Function (can deploy contracts, execute writes) +# RPC - Permissioned / private (no ADMIN) rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT","DEBUG","TRACE"] rpc-http-cors-origins=["*"] -rpc-http-api-enable-unsafe-txsigning=true rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-ws-api=["ETH","NET","WEB3","TXPOOL","QBFT"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-2501.toml b/config/generated-node-configs/config-2501.toml index a8e6a3da..7fa745d9 100644 --- a/config/generated-node-configs/config-2501.toml +++ b/config/generated-node-configs/config-2501.toml @@ -1,5 +1,5 @@ -# Besu Configuration for besu-rpc-alltra-2 (VMID: 2501) -# Type: Standard Base RPC Node (Read-only, Public Services) +# Besu Configuration for besu-rpc-alltra-2 (legacy filename, live VMID: 2430) +# Type: Permissioned / Private RPC Node # Generated: Fri Jan 23 22:33:18 PST 2026 data-path="/data/besu" @@ -9,14 +9,14 @@ genesis-file="" network-id=138 p2p-host="192.168.11.173" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true -# RPC - Standard Base (read-only, no admin APIs) +# RPC - Permissioned / private (no ADMIN) rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3"] +rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT","DEBUG","TRACE"] rpc-http-cors-origins=["*"] # NO unsafe tx signing # NO ADMIN/PERSONAL/MINER/DEBUG APIs @@ -24,7 +24,7 @@ rpc-http-cors-origins=["*"] rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3"] +rpc-ws-api=["ETH","NET","WEB3","TXPOOL","QBFT"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-2502.toml b/config/generated-node-configs/config-2502.toml index 4b6b4c4a..30e01b42 100644 --- a/config/generated-node-configs/config-2502.toml +++ b/config/generated-node-configs/config-2502.toml @@ -1,5 +1,5 @@ -# Besu Configuration for besu-rpc-alltra-3 (VMID: 2502) -# Type: Standard Base RPC Node (Read-only, Public Services) +# Besu Configuration for besu-rpc-alltra-3 (legacy filename, live VMID: 2440) +# Type: Permissioned / Private RPC Node # Generated: Fri Jan 23 22:33:18 PST 2026 data-path="/data/besu" @@ -9,14 +9,14 @@ genesis-file="" network-id=138 p2p-host="192.168.11.174" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true -# RPC - Standard Base (read-only, no admin APIs) +# RPC - Permissioned / private (no ADMIN) rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3"] +rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT","DEBUG","TRACE"] rpc-http-cors-origins=["*"] # NO unsafe tx signing # NO ADMIN/PERSONAL/MINER/DEBUG APIs @@ -24,7 +24,7 @@ rpc-http-cors-origins=["*"] rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3"] +rpc-ws-api=["ETH","NET","WEB3","TXPOOL","QBFT"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-2503.toml b/config/generated-node-configs/config-2503.toml index 7707c158..ad3f5e54 100644 --- a/config/generated-node-configs/config-2503.toml +++ b/config/generated-node-configs/config-2503.toml @@ -1,5 +1,5 @@ -# Besu Configuration for besu-rpc-hybx-1 (VMID: 2503) -# Type: Full Function RPC Node +# Besu Configuration for besu-rpc-hybx-1 (legacy filename, live VMID: 2460) +# Type: Permissioned / Private RPC Node # Generated: Fri Jan 23 22:33:18 PST 2026 data-path="/data/besu" @@ -9,21 +9,20 @@ genesis-file="" network-id=138 p2p-host="192.168.11.246" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true -# RPC - Full Function (can deploy contracts, execute writes) +# RPC - Permissioned / private (no ADMIN) rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT","DEBUG","TRACE"] rpc-http-cors-origins=["*"] -rpc-http-api-enable-unsafe-txsigning=true rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3","ADMIN","PERSONAL","MINER","DEBUG"] +rpc-ws-api=["ETH","NET","WEB3","TXPOOL","QBFT"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-2504.toml b/config/generated-node-configs/config-2504.toml index 72cd3d0d..ee806b9b 100644 --- a/config/generated-node-configs/config-2504.toml +++ b/config/generated-node-configs/config-2504.toml @@ -1,5 +1,5 @@ -# Besu Configuration for besu-rpc-hybx-2 (VMID: 2504) -# Type: Standard Base RPC Node (Read-only, Public Services) +# Besu Configuration for besu-rpc-hybx-2 (legacy filename, live VMID: 2470) +# Type: Permissioned / Private RPC Node # Generated: Fri Jan 23 22:33:18 PST 2026 data-path="/data/besu" @@ -9,14 +9,14 @@ genesis-file="" network-id=138 p2p-host="192.168.11.247" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true -# RPC - Standard Base (read-only, no admin APIs) +# RPC - Permissioned / private (no ADMIN) rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3"] +rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT","DEBUG","TRACE"] rpc-http-cors-origins=["*"] # NO unsafe tx signing # NO ADMIN/PERSONAL/MINER/DEBUG APIs @@ -24,7 +24,7 @@ rpc-http-cors-origins=["*"] rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3"] +rpc-ws-api=["ETH","NET","WEB3","TXPOOL","QBFT"] # GraphQL graphql-http-enabled=true diff --git a/config/generated-node-configs/config-2505.toml b/config/generated-node-configs/config-2505.toml index c95e0795..a37663d7 100644 --- a/config/generated-node-configs/config-2505.toml +++ b/config/generated-node-configs/config-2505.toml @@ -1,5 +1,5 @@ -# Besu Configuration for besu-rpc-hybx-3 (VMID: 2505) -# Type: Standard Base RPC Node (Read-only, Public Services) +# Besu Configuration for besu-rpc-hybx-3 (legacy filename, live VMID: 2480) +# Type: Permissioned / Private RPC Node # Generated: Fri Jan 23 22:33:18 PST 2026 data-path="/data/besu" @@ -9,14 +9,14 @@ genesis-file="" network-id=138 p2p-host="192.168.11.248" p2p-port=30303 -max-peers=32 +max-peers=40 discovery-enabled=true -# RPC - Standard Base (read-only, no admin APIs) +# RPC - Permissioned / private (no ADMIN) rpc-http-enabled=true rpc-http-host="0.0.0.0" rpc-http-port=8545 -rpc-http-api=["ETH","NET","WEB3"] +rpc-http-api=["ETH","NET","WEB3","TXPOOL","QBFT","DEBUG","TRACE"] rpc-http-cors-origins=["*"] # NO unsafe tx signing # NO ADMIN/PERSONAL/MINER/DEBUG APIs @@ -24,7 +24,7 @@ rpc-http-cors-origins=["*"] rpc-ws-enabled=true rpc-ws-host="0.0.0.0" rpc-ws-port=8546 -rpc-ws-api=["ETH","NET","WEB3"] +rpc-ws-api=["ETH","NET","WEB3","TXPOOL","QBFT"] # GraphQL graphql-http-enabled=true diff --git a/config/gru-global-priority-currency-rollout.json b/config/gru-global-priority-currency-rollout.json new file mode 100644 index 00000000..dc921360 --- /dev/null +++ b/config/gru-global-priority-currency-rollout.json @@ -0,0 +1,706 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "name": "GRU Global Priority Cross-Chain Rollout", + "version": "1.0.0", + "updated": "2026-04-03", + "canonicalChainId": 138, + "desiredDestinationNetworks": { + "evmPublicCwMeshChainIds": [ + 1, + 10, + 25, + 56, + 100, + 137, + 42161, + 42220, + 43114, + 8453, + 1111 + ], + "altEvmPrograms": [ + { + "chainId": 651940, + "name": "ALL Mainnet (Alltra)", + "classification": "custom_alt_bridge", + "status": "live" + }, + { + "chainId": 42793, + "name": "Etherlink", + "classification": "feature_gated_evm_target", + "status": "planned" + } + ], + "nonEvmRelayPrograms": [ + { + "identifier": "Solana", + "vmKind": "SVM", + "classification": "desired_non_evm_target", + "status": "planned_relay_dependent", + "notes": "Track under token-mapping-multichain.json -> nonEvmNetworks. Requires an SPL or bridge-wrapped cW representation before live GRU transport can be enabled." + } + ], + "notes": [ + "The default mirrored-asset rollout surface remains the public EVM cW mesh.", + "ALL Mainnet and Etherlink are separate bridge programs, not rows in the default EVM cW pool mesh.", + "Truth and Tron remain separate adapter programs rather than default GRU cW rollout targets." + ] + }, + "notes": "Planning queue for globally important fiat, commodity, and monetary-unit assets that may be onboarded into GRU as canonical c* on Chain 138 and mirrored cW* on destination chains. This file does not itself activate support; live support is still controlled by gru-iso4217-currency-manifest.json, gru-transport-active.json, and deployed cW addresses in token-mapping-multichain.json.", + "symbolConvention": { + "defaultFiatPrimaryForm": "coin", + "defaultFiatCanonicalPattern": "cC", + "defaultFiatWrappedPattern": "cWC", + "defaultCommodityPrimaryForm": "coin", + "defaultCommodityCanonicalPattern": "cC", + "defaultCommodityWrappedPattern": "cWC", + "dualFormExceptions": [ + "USD", + "EUR", + "GBP", + "XAU" + ], + "assumptions": [ + "Currencies without a live or canonical token form default to a coin-style cC symbol until governance chooses a paired token form.", + "USD keeps the existing dual cUSDC/cUSDT pattern, and EUR/GBP/XAU keep their current dual-form conventions.", + "Meta-units such as XDR and XAG are modeled as governance-approved monetary units using the same c*/cW* naming discipline." + ] + }, + "waves": [ + { + "id": "wave0", + "name": "Live GRU Transport Baseline", + "goal": "Keep the current USD transport and x402 path healthy while GRU v2 promotion continues." + }, + { + "id": "wave1", + "name": "Promote Existing Canonical Chain 138 Assets", + "goal": "Finish cW deployment, reserve wiring, and transport activation for the already-deployed non-USD GRU assets on Chain 138." + }, + { + "id": "wave2", + "name": "Add Remaining Tier 1-3 Fiat Corridors", + "goal": "Deploy new canonical c* assets on Chain 138 for the next highest-priority globally important fiat currencies, then mirror them as cW*." + }, + { + "id": "wave3", + "name": "Add Tier 4 and Meta-Unit Coverage", + "goal": "Extend the corridor set to secondary emerging currencies plus monetary-unit references such as XDR and XAG." + } + ], + "assets": [ + { + "code": "USD", + "name": "US Dollar", + "category": "fiat", + "tier": "Tier 1", + "rank": 1, + "wave": "wave0", + "repoTargetState": "live_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cUSDC", + "wrappedSymbol": "cWUSDC" + }, + { + "form": "token", + "canonicalSymbol": "cUSDT", + "wrappedSymbol": "cWUSDT" + } + ] + }, + { + "code": "EUR", + "name": "Euro", + "category": "fiat", + "tier": "Tier 1", + "rank": 2, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cEURC", + "wrappedSymbol": "cWEURC" + }, + { + "form": "token", + "canonicalSymbol": "cEURT", + "wrappedSymbol": "cWEURT" + } + ] + }, + { + "code": "JPY", + "name": "Japanese Yen", + "category": "fiat", + "tier": "Tier 1", + "rank": 3, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cJPYC", + "wrappedSymbol": "cWJPYC" + } + ] + }, + { + "code": "GBP", + "name": "Pound Sterling", + "category": "fiat", + "tier": "Tier 1", + "rank": 4, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cGBPC", + "wrappedSymbol": "cWGBPC" + }, + { + "form": "token", + "canonicalSymbol": "cGBPT", + "wrappedSymbol": "cWGBPT" + } + ] + }, + { + "code": "CNY", + "name": "Chinese Yuan (Renminbi)", + "category": "fiat", + "tier": "Tier 1", + "rank": 5, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cCNYC", + "wrappedSymbol": "cWCNYC" + } + ] + }, + { + "code": "AUD", + "name": "Australian Dollar", + "category": "fiat", + "tier": "Tier 2", + "rank": 6, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cAUDC", + "wrappedSymbol": "cWAUDC" + } + ] + }, + { + "code": "CAD", + "name": "Canadian Dollar", + "category": "fiat", + "tier": "Tier 2", + "rank": 7, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cCADC", + "wrappedSymbol": "cWCADC" + } + ] + }, + { + "code": "CHF", + "name": "Swiss Franc", + "category": "fiat", + "tier": "Tier 2", + "rank": 8, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cCHFC", + "wrappedSymbol": "cWCHFC" + } + ] + }, + { + "code": "HKD", + "name": "Hong Kong Dollar", + "category": "fiat", + "tier": "Tier 2", + "rank": 9, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cHKDC", + "wrappedSymbol": "cWHKDC" + } + ] + }, + { + "code": "SGD", + "name": "Singapore Dollar", + "category": "fiat", + "tier": "Tier 2", + "rank": 10, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cSGDC", + "wrappedSymbol": "cWSGDC" + } + ] + }, + { + "code": "SEK", + "name": "Swedish Krona", + "category": "fiat", + "tier": "Tier 2", + "rank": 11, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cSEKC", + "wrappedSymbol": "cWSEKC" + } + ] + }, + { + "code": "KRW", + "name": "South Korean Won", + "category": "fiat", + "tier": "Tier 2", + "rank": 12, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cKRWC", + "wrappedSymbol": "cWKRWC" + } + ] + }, + { + "code": "NOK", + "name": "Norwegian Krone", + "category": "fiat", + "tier": "Tier 2", + "rank": 13, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cNOKC", + "wrappedSymbol": "cWNOKC" + } + ] + }, + { + "code": "NZD", + "name": "New Zealand Dollar", + "category": "fiat", + "tier": "Tier 2", + "rank": 14, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cNZDC", + "wrappedSymbol": "cWNZDC" + } + ] + }, + { + "code": "INR", + "name": "Indian Rupee", + "category": "fiat", + "tier": "Tier 3", + "rank": 15, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cINRC", + "wrappedSymbol": "cWINRC" + } + ] + }, + { + "code": "MXN", + "name": "Mexican Peso", + "category": "fiat", + "tier": "Tier 3", + "rank": 16, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cMXNC", + "wrappedSymbol": "cWMXNC" + } + ] + }, + { + "code": "BRL", + "name": "Brazilian Real", + "category": "fiat", + "tier": "Tier 3", + "rank": 17, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cBRLC", + "wrappedSymbol": "cWBRLC" + } + ] + }, + { + "code": "ZAR", + "name": "South African Rand", + "category": "fiat", + "tier": "Tier 3", + "rank": 18, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cZARC", + "wrappedSymbol": "cWZARC" + } + ] + }, + { + "code": "TRY", + "name": "Turkish Lira", + "category": "fiat", + "tier": "Tier 3", + "rank": 19, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cTRYC", + "wrappedSymbol": "cWTRYC" + } + ] + }, + { + "code": "AED", + "name": "UAE Dirham", + "category": "fiat", + "tier": "Tier 3", + "rank": 20, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cAEDC", + "wrappedSymbol": "cWAEDC" + } + ] + }, + { + "code": "SAR", + "name": "Saudi Riyal", + "category": "fiat", + "tier": "Tier 3", + "rank": 21, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cSARC", + "wrappedSymbol": "cWSARC" + } + ] + }, + { + "code": "PLN", + "name": "Polish Zloty", + "category": "fiat", + "tier": "Tier 3", + "rank": 22, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cPLNC", + "wrappedSymbol": "cWPLNC" + } + ] + }, + { + "code": "THB", + "name": "Thai Baht", + "category": "fiat", + "tier": "Tier 3", + "rank": 23, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cTHBC", + "wrappedSymbol": "cWTHBC" + } + ] + }, + { + "code": "IDR", + "name": "Indonesian Rupiah", + "category": "fiat", + "tier": "Tier 3", + "rank": 24, + "wave": "wave2", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cIDRC", + "wrappedSymbol": "cWIDRC" + } + ] + }, + { + "code": "MYR", + "name": "Malaysian Ringgit", + "category": "fiat", + "tier": "Tier 4", + "rank": 25, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cMYRC", + "wrappedSymbol": "cWMYRC" + } + ] + }, + { + "code": "PHP", + "name": "Philippine Peso", + "category": "fiat", + "tier": "Tier 4", + "rank": 26, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cPHPC", + "wrappedSymbol": "cWPHPC" + } + ] + }, + { + "code": "VND", + "name": "Vietnamese Dong", + "category": "fiat", + "tier": "Tier 4", + "rank": 27, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cVNDC", + "wrappedSymbol": "cWVNDC" + } + ] + }, + { + "code": "EGP", + "name": "Egyptian Pound", + "category": "fiat", + "tier": "Tier 4", + "rank": 28, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cEGPC", + "wrappedSymbol": "cWEGPC" + } + ] + }, + { + "code": "CLP", + "name": "Chilean Peso", + "category": "fiat", + "tier": "Tier 4", + "rank": 29, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cCLPC", + "wrappedSymbol": "cWCLPC" + } + ] + }, + { + "code": "COP", + "name": "Colombian Peso", + "category": "fiat", + "tier": "Tier 4", + "rank": 30, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cCOPC", + "wrappedSymbol": "cWCOPC" + } + ] + }, + { + "code": "PKR", + "name": "Pakistani Rupee", + "category": "fiat", + "tier": "Tier 4", + "rank": 31, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cPKRC", + "wrappedSymbol": "cWPKRC" + } + ] + }, + { + "code": "BDT", + "name": "Bangladeshi Taka", + "category": "fiat", + "tier": "Tier 4", + "rank": 32, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cBDTC", + "wrappedSymbol": "cWBDTC" + } + ] + }, + { + "code": "KES", + "name": "Kenyan Shilling", + "category": "fiat", + "tier": "Tier 4", + "rank": 33, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cKESC", + "wrappedSymbol": "cWKESC" + } + ] + }, + { + "code": "NGN", + "name": "Nigerian Naira", + "category": "fiat", + "tier": "Tier 4", + "rank": 34, + "wave": "wave3", + "repoTargetState": "new_currency_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cNGNC", + "wrappedSymbol": "cWNGNC" + } + ] + }, + { + "code": "XDR", + "name": "IMF Special Drawing Rights", + "category": "monetary_unit", + "tier": "Special", + "rank": 35, + "wave": "wave3", + "repoTargetState": "meta_unit_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cXDRC", + "wrappedSymbol": "cWXDRC" + } + ] + }, + { + "code": "XAU", + "name": "Gold", + "category": "commodity", + "tier": "Special", + "rank": 36, + "wave": "wave1", + "repoTargetState": "canonical_then_transport", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cXAUC", + "wrappedSymbol": "cWXAUC" + }, + { + "form": "token", + "canonicalSymbol": "cXAUT", + "wrappedSymbol": "cWXAUT" + } + ] + }, + { + "code": "XAG", + "name": "Silver", + "category": "commodity", + "tier": "Special", + "rank": 37, + "wave": "wave3", + "repoTargetState": "meta_unit_rollout", + "tokenForms": [ + { + "form": "coin", + "canonicalSymbol": "cXAGC", + "wrappedSymbol": "cWXAGC" + } + ] + } + ] +} diff --git a/config/gru-iso4217-currency-manifest.json b/config/gru-iso4217-currency-manifest.json index 13e05d78..7d5b147c 100644 --- a/config/gru-iso4217-currency-manifest.json +++ b/config/gru-iso4217-currency-manifest.json @@ -2,18 +2,19 @@ "$schema": "https://json-schema.org/draft/2020-12/schema", "name": "GRU ISO-4217 Currency Manifest", "version": "1.0.0", - "updated": "2026-03-31", + "updated": "2026-04-07", "canonicalChainId": 138, "standardsProfileRef": "config/gru-standards-profile.json", "coverage": { "appliesToCurrentAndFutureCurrencies": true, "targetUniverse": [ "all ISO-4217 fiat currencies adopted into GRU", - "governance-approved commodities and additional monetary units" + "governance-approved commodities and additional monetary units", + "designator-specific ecosystem extensions such as Alltra/AUSDT and D-WIN/USDW that settle into canonical Chain 138 c* assets" ], "transportMethodology": "Chain 138 canonical c* with mirrored cW* transport on compatible public chains" }, - "notes": "Canonical GRU-supported ISO-4217 and commodity currency set for c* and cW* onboarding, routing, explorer metadata, and FX integration. This is the machine-readable source of truth for supported currencies, token families, lifecycle state, and canonical logo assignment.", + "notes": "Canonical GRU-supported ISO-4217 and commodity currency set for c* and cW* onboarding, routing, explorer metadata, and FX integration. This is the machine-readable source of truth for supported currencies, token families, lifecycle state, canonical logo assignment, and USD ecosystem extensions that land on Chain 138 as c* assets.", "currencies": [ { "code": "USD", @@ -30,23 +31,86 @@ "coin": { "symbol": "cUSDC", "v1Address": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "v2Address": "0x1ac3F4942a71E86A9682D91837E1E71b7BACdF99", + "v2Address": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", "activeVersion": "v1", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", + "liquidityActiveVersion": "v1", + "transportActiveVersion": "v1", "x402PreferredVersion": "v2", - "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cUSDC.svg" + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png" }, "token": { "symbol": "cUSDT", "v1Address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "v2Address": "0x8d342d321DdEe97D0c5011DAF8ca0B59DA617D29", + "v2Address": "0x9FBfab33882Efe0038DAa608185718b772EE5660", "activeVersion": "v1", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "liquidityActiveVersion": "v1", + "transportActiveVersion": "v1", "x402PreferredVersion": "v2", - "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cUSDT.svg" + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png" } }, "wrappedAssets": { "coin": "cWUSDC", "token": "cWUSDT" + }, + "ecosystemExtensions": { + "alltra": { + "originNetwork": { + "chainId": 651940, + "name": "ALL Mainnet (Alltra)", + "originSymbol": "AUSDT" + }, + "canonicalAsset": { + "symbol": "cAUSDT", + "address": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "activeVersion": "v1", + "transportMethodology": "AUSDT originates on ALL Mainnet, may mirror through public-chain cWAUSDT, and lands canonically on Chain 138 as cAUSDT." + }, + "wrappedAsset": { + "symbol": "cWAUSDT", + "status": "live_selected_public_chains" + }, + "status": { + "planned": true, + "deployed": true, + "transportActive": true, + "x402Ready": false + } + }, + "dwin": { + "originNetworks": [ + { + "chainId": 56, + "name": "BSC (BNB Chain)", + "originSymbol": "USDW" + }, + { + "chainId": 137, + "name": "Polygon", + "originSymbol": "USDW" + } + ], + "canonicalAsset": { + "symbol": "cUSDW", + "address": "0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e", + "activeVersion": "v1", + "transportMethodology": "Native public USD DWIN locks into cWUSDW on supported public chains and bridges against the Chain 138 cUSDW hub asset." + }, + "wrappedAsset": { + "symbol": "cWUSDW", + "status": "partial_transport" + }, + "status": { + "planned": true, + "deployed": true, + "transportActive": false, + "x402Ready": false + } + } } }, { @@ -58,17 +122,29 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cEURC", - "address": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", + "address": "0x243e6581Dc8a98d98B92265858b322b193555C81", + "v1Address": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", + "v2Address": "0x243e6581Dc8a98d98B92265858b322b193555C81", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x243e6581Dc8a98d98B92265858b322b193555C81", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg" }, "token": { "symbol": "cEURT", - "address": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "address": "0x2bAFA83d8fF8BaE9505511998987D0659791605B", + "v1Address": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "v2Address": "0x2bAFA83d8fF8BaE9505511998987D0659791605B", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x2bAFA83d8fF8BaE9505511998987D0659791605B", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg" } }, @@ -86,17 +162,29 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cGBPC", - "address": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", + "address": "0x707508D223103f5D2d9EFBc656302c9d48878b29", + "v1Address": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", + "v2Address": "0x707508D223103f5D2d9EFBc656302c9d48878b29", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x707508D223103f5D2d9EFBc656302c9d48878b29", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg" }, "token": { "symbol": "cGBPT", - "address": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", + "address": "0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281", + "v1Address": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", + "v2Address": "0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg" } }, @@ -114,12 +202,18 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cAUDC", - "address": "0xD51482e567c03899eecE3CAe8a058161FD56069D", + "address": "0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb", + "v1Address": "0xD51482e567c03899eecE3CAe8a058161FD56069D", + "v2Address": "0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg" } }, @@ -136,12 +230,18 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cJPYC", - "address": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", + "address": "0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98", + "v1Address": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", + "v2Address": "0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg" } }, @@ -158,12 +258,18 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cCHFC", - "address": "0x873990849DDa5117d7C644f0aF24370797C03885", + "address": "0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c", + "v1Address": "0x873990849DDa5117d7C644f0aF24370797C03885", + "v2Address": "0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg" } }, @@ -180,12 +286,18 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cCADC", - "address": "0x54dBd40cF05e15906A2C21f600937e96787f5679", + "address": "0xe799033c87fE0CE316DAECcefBE3134CC74b76a9", + "v1Address": "0x54dBd40cF05e15906A2C21f600937e96787f5679", + "v2Address": "0xe799033c87fE0CE316DAECcefBE3134CC74b76a9", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0xe799033c87fE0CE316DAECcefBE3134CC74b76a9", + "x402PreferredVersion": "v2", "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg" } }, @@ -203,18 +315,30 @@ "planned": true, "deployed": true, "transportActive": false, - "x402Ready": false + "x402Ready": true }, "canonicalAssets": { "coin": { "symbol": "cXAUC", - "address": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cXAUC.svg" + "address": "0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647", + "v1Address": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", + "v2Address": "0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647", + "x402PreferredVersion": "v2", + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png" }, "token": { "symbol": "cXAUT", - "address": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cXAUT.svg" + "address": "0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1", + "v1Address": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", + "v2Address": "0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1", + "activeVersion": "v2", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1", + "x402PreferredVersion": "v2", + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png" } }, "wrappedAssets": { diff --git a/config/gru-monetary-unit-manifest.json b/config/gru-monetary-unit-manifest.json new file mode 100644 index 00000000..16bcf293 --- /dev/null +++ b/config/gru-monetary-unit-manifest.json @@ -0,0 +1,207 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "name": "GRU Monetary Unit Manifest", + "version": "1.0.0", + "updated": "2026-04-07", + "canonicalChainId": 138, + "notes": "Machine-readable manifest for governance-approved GRU monetary units and gas-native transport families that are outside the ISO-4217 fiat/commodity manifest. These assets retain the c*/cW* naming discipline but are tracked through parallel registry families.", + "gasNativeFamilies": [ + { + "code": "ETH", + "familyKey": "eth_mainnet", + "type": "gas_native", + "canonicalSymbol": "cETH", + "wrappedSymbol": "cWETH", + "mappingKey": "Compliant_ETH_MAINNET_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "strict_escrow", + "canonicalAddress": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "ui": { + "displayName": "Ethereum Mainnet Gas (Compliant)", + "wrappedDisplayName": "Ethereum Mainnet Gas (Compliant Wrapped)" + } + }, + { + "code": "ETH", + "familyKey": "eth_l2", + "type": "gas_native", + "canonicalSymbol": "cETHL2", + "wrappedSymbol": "cWETHL2", + "mappingKey": "Compliant_ETH_L2_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "ui": { + "displayName": "Ethereum L2 Gas (Compliant)", + "wrappedDisplayName": "Ethereum L2 Gas (Compliant Wrapped)" + } + }, + { + "code": "BNB", + "familyKey": "bnb", + "type": "gas_native", + "canonicalSymbol": "cBNB", + "wrappedSymbol": "cWBNB", + "mappingKey": "Compliant_BNB_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0x94517875f32680984a5921da7abf78e22f65d70f", + "ui": { + "displayName": "BNB Gas (Compliant)", + "wrappedDisplayName": "BNB Gas (Compliant Wrapped)" + } + }, + { + "code": "POL", + "familyKey": "pol", + "type": "gas_native", + "canonicalSymbol": "cPOL", + "wrappedSymbol": "cWPOL", + "mappingKey": "Compliant_POL_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "ui": { + "displayName": "Polygon Gas (Compliant)", + "wrappedDisplayName": "Polygon Gas (Compliant Wrapped)" + } + }, + { + "code": "AVAX", + "familyKey": "avax", + "type": "gas_native", + "canonicalSymbol": "cAVAX", + "wrappedSymbol": "cWAVAX", + "mappingKey": "Compliant_AVAX_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "ui": { + "displayName": "Avalanche Gas (Compliant)", + "wrappedDisplayName": "Avalanche Gas (Compliant Wrapped)" + } + }, + { + "code": "CRO", + "familyKey": "cro", + "type": "gas_native", + "canonicalSymbol": "cCRO", + "wrappedSymbol": "cWCRO", + "mappingKey": "Compliant_CRO_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "ui": { + "displayName": "Cronos Gas (Compliant)", + "wrappedDisplayName": "Cronos Gas (Compliant Wrapped)" + } + }, + { + "code": "XDAI", + "familyKey": "xdai", + "type": "gas_native", + "canonicalSymbol": "cXDAI", + "wrappedSymbol": "cWXDAI", + "mappingKey": "Compliant_XDAI_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "ui": { + "displayName": "xDAI Gas (Compliant)", + "wrappedDisplayName": "xDAI Gas (Compliant Wrapped)" + } + }, + { + "code": "CELO", + "familyKey": "celo", + "type": "gas_native", + "canonicalSymbol": "cCELO", + "wrappedSymbol": "cWCELO", + "mappingKey": "Compliant_CELO_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "ui": { + "displayName": "Celo Gas (Compliant)", + "wrappedDisplayName": "Celo Gas (Compliant Wrapped)" + } + }, + { + "code": "WEMIX", + "familyKey": "wemix", + "type": "gas_native", + "canonicalSymbol": "cWEMIX", + "wrappedSymbol": "cWWEMIX", + "mappingKey": "Compliant_WEMIX_cW", + "registryFamily": "gas_native", + "assetClass": "gas_native", + "backingMode": "hybrid_cap", + "canonicalAddress": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "ui": { + "displayName": "WEMIX Hub Gas (Compliant)", + "wrappedDisplayName": "WEMIX Gas (Compliant Wrapped)" + } + } + ], + "monetaryUnits": [ + { + "code": "BTC", + "type": "monetary_unit", + "canonicalSymbol": "cBTC", + "wrappedSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "registryFamily": "monetary_unit", + "assetType": "GRU", + "decimals": 8, + "custodyModel": "native_btc_attested_reserve", + "mintPolicy": { + "confirmationThreshold": 6, + "freezeOnReserveDeficit": true, + "freezeOnReconciliationFailure": true, + "freezeOnOutstandingLimitBreach": true + }, + "launchChains": [ + 1, + 10, + 25, + 56, + 100, + 137, + 42161, + 42220, + 43114, + 8453 + ], + "stagedChains": [ + 1111 + ], + "canonicalAddress": "0xcb7c000000000000000000000000000000000138", + "wrappedAddresses": { + "1": "0xcb7c000000000000000000000000000000000001", + "10": "0xcb7c00000000000000000000000000000000000a", + "25": "0xcb7c000000000000000000000000000000000019", + "56": "0xcb7c000000000000000000000000000000000038", + "100": "0xcb7c000000000000000000000000000000000064", + "137": "0xcb7c000000000000000000000000000000000089", + "1111": "0xcb7c000000000000000000000000000000000457", + "8453": "0xcb7c000000000000000000000000000000002105", + "42161": "0xcb7c00000000000000000000000000000000a4b1", + "42220": "0xcb7c00000000000000000000000000000000a4ec", + "43114": "0xcb7c00000000000000000000000000000000a86a" + }, + "ui": { + "displayName": "Bitcoin (Compliant)", + "wrappedDisplayName": "Bitcoin (Compliant Wrapped)", + "publicWarning": "cWBTC is the GRU transport representation of Chain 138 cBTC and is distinct from Ethereum WBTC." + } + } + ] +} diff --git a/config/gru-standards-profile.json b/config/gru-standards-profile.json index 9e7cf4e5..f5d3627e 100644 --- a/config/gru-standards-profile.json +++ b/config/gru-standards-profile.json @@ -3,17 +3,19 @@ "name": "GRU Standards Profile", "profileId": "gru-c-star-v2-transport-and-payment", "version": "1.0.0", - "updated": "2026-03-31", + "updated": "2026-04-07", "canonicalChainId": 138, - "notes": "Machine-readable standards profile for canonical c* V2 money on Chain 138, mirrored cW* public-chain transport, x402 payment capability, ISO-4217 coverage, and GRU governance/policy enforcement.", + "notes": "Machine-readable standards profile for canonical c* V2 money on Chain 138, mirrored cW* public-chain transport, x402 payment capability, ISO-4217 coverage, USD ecosystem extensions such as AUSDT/USDW, gas-native GRU transport families, and GRU governance/policy enforcement.", "references": { "transportOverlay": "config/gru-transport-active.json", "currencyManifest": "config/gru-iso4217-currency-manifest.json", + "monetaryUnitManifest": "config/gru-monetary-unit-manifest.json", "governanceSupervisionProfile": "config/gru-governance-supervision-profile.json", "standardsMatrixDoc": "docs/04-configuration/GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md", "storageGovernanceDoc": "docs/04-configuration/GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md", "x402SupportDoc": "docs/04-configuration/CHAIN138_X402_TOKEN_SUPPORT.md", - "fxOnboardingDoc": "docs/04-configuration/GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md" + "fxOnboardingDoc": "docs/04-configuration/GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md", + "tokenCategoriesDoc": "docs/11-references/TOKEN_CATEGORIES_CANONICAL.md" }, "scope": { "canonicalAssetPrefix": "c", @@ -21,7 +23,9 @@ "canonicalMethodology": "Chain 138 is the canonical monetary layer for c*. Compatible public chains use mirrored cW* transport assets via lock on 138 and mint on destination.", "targetCurrencyCoverage": [ "all ISO-4217 fiat currencies adopted into the GRU currency manifest", - "governance-approved commodities and additional monetary units beyond ISO-4217" + "governance-approved commodities and additional monetary units beyond ISO-4217", + "USD ecosystem extensions that settle as canonical Chain 138 c* assets", + "gas-native GRU transport families tracked outside the ISO-4217 currency manifest" ], "compatibilityBoundary": [ "token mapping exists in config/token-mapping-multichain.json", @@ -194,6 +198,20 @@ "activeCanonicalCurrencyCodes": [ "USD" ], + "activeUsdExtensions": [ + "cAUSDT" + ], + "gasNativeFamiliesTracked": [ + "eth_mainnet", + "eth_l2", + "bnb", + "pol", + "avax", + "cro", + "xdai", + "celo", + "wemix" + ], "transportOverlayRef": "config/gru-transport-active.json" } } diff --git a/config/gru-transport-active.json b/config/gru-transport-active.json index d58ff6a6..86f2dc27 100644 --- a/config/gru-transport-active.json +++ b/config/gru-transport-active.json @@ -1,15 +1,15 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", "description": "GRU Monetary Transport Layer active-policy overlay. This file gates which canonical c* assets, cW* destinations, bridge peers, and public pools are active for routing, exposure, and MCP visibility.", - "version": "1.2.0", - "updated": "2026-03-31", + "version": "1.5.0", + "updated": "2026-04-05", "standardsProfileRef": "config/gru-standards-profile.json", "system": { "name": "GRU Monetary Transport Layer", "shortName": "GRU Transport", "canonicalChainId": 138, "canonicalChainName": "Chain 138", - "transportClass": "Compliant Wrapped ISO-4217 M1", + "transportClass": "Compliant Wrapped ISO-4217 / Monetary Unit M1", "publicPoolModel": "local_edge_pools", "hardPegTruth": "redeemable_at_par_into_canonical_c_star", "wethTransportSeparated": true, @@ -20,40 +20,326 @@ "mirroredCwAsset": "Public-network cW* representation of a canonical c* asset.", "activeTransportPair": "A canonical-to-mirrored pair explicitly enabled by this overlay and allowed to route.", "activePublicPool": "A public-chain local edge pool that is explicitly enabled for token-aggregation exposure.", - "hardPegEligiblePair": "A pair whose outbound wrapping is governed by reserve-verifier checks and per-destination outstanding limits." + "hardPegEligiblePair": "A pair whose outbound wrapping is governed by reserve-verifier checks and per-destination outstanding limits.", + "gasAssetFamily": "Governance-approved gas-native family that uses Chain 138 canonical c* accounting and public-chain cW* mirrors.", + "hybridCapLane": "Lane where outstanding supply may be backed by escrow plus approved treasury inventory up to a published cap.", + "strictEscrowLane": "Lane where outstanding supply must remain fully covered by wrapped-native or equivalent escrow." }, "enabledCanonicalTokens": [ { - "symbol": "cUSDT", + "symbol": "cAUSDT", "currencyCode": "USD", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", + "mirroredSymbol": "cWAUSDT", + "mappingKey": "Compliant_AUSDT_cW", "phase": "v1", "reserveVerifierKey": "chain138-hard-peg", "activeVersion": "v1", - "activeAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "x402PreferredVersion": "v2", - "x402PreferredAddress": "0x8d342d321DdEe97D0c5011DAF8ca0B59DA617D29", - "cutover": { - "liquidityActiveVersion": "v1", - "transportActiveVersion": "v1", - "explorerPrimaryVersion": "v1", - "x402ReadyVersion": "v2", - "nextAction": "Complete cW/pool migration before flipping canonical routing to V2." + "activeAddress": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "deployments": [ + { + "version": "v1", + "address": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "status": "active", + "purpose": "Live Chain 138 canonical AUSDT landing surface for ALL Mainnet and cWAUSDT transport lanes.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cAVAX", + "currencyCode": "AVAX", + "registryFamily": "gas_native", + "mirroredSymbol": "cWAVAX", + "mappingKey": "Compliant_AVAX_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "avax", + "laneGroup": "avax", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WAVAX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "Avalanche gas remains lane-local and hybrid capped until reserve and wrapped-native attestations are promoted." + }, + "displayAliases": { + "canonical": "cAVAX", + "mirrored": "cWAVAX" }, "deployments": [ { "version": "v1", - "address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", - "status": "active", - "purpose": "Live Chain 138 liquidity, PMM pools, and current transport routes.", + "address": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for avax.", "forwardCanonical": false - }, + } + ] + }, + { + "symbol": "cBNB", + "currencyCode": "BNB", + "registryFamily": "gas_native", + "mirroredSymbol": "cWBNB", + "mappingKey": "Compliant_BNB_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "bnb", + "laneGroup": "bnb", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WBNB", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0x94517875f32680984a5921da7abf78e22f65d70f", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "BNB starts on a hybrid-cap policy until wrapped-native custody and reserve telemetry are promoted to strict escrow." + }, + "displayAliases": { + "canonical": "cBNB", + "mirrored": "cWBNB" + }, + "deployments": [ { - "version": "v2", - "address": "0x8d342d321DdEe97D0c5011DAF8ca0B59DA617D29", + "version": "v1", + "address": "0x94517875f32680984a5921da7abf78e22f65d70f", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for bnb.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cBTC", + "currencyCode": "BTC", + "registryFamily": "monetary_unit", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "phase": "v1", + "reserveVerifierKey": "chain138-hard-peg", + "activeVersion": "v1", + "activeAddress": "0xcb7c000000000000000000000000000000000138", + "bridge": { + "iso4217Mechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "notes": "BTC is tracked as a GRU monetary unit rather than an ISO-4217 fiat code, but it uses the same c*/cW* bridge controls: reserve-verifier gating, destination caps, and lock/mint/burn/release." + }, + "deployments": [ + { + "version": "v1", + "address": "0xcb7c000000000000000000000000000000000138", "status": "staged", - "purpose": "Permit/auth-capable x402 payments and next GRU transport cutover.", + "purpose": "Canonical Chain 138 BTC monetary-unit surface for the jewelry-box basket program.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cCELO", + "currencyCode": "CELO", + "registryFamily": "gas_native", + "mirroredSymbol": "cWCELO", + "mappingKey": "Compliant_CELO_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "celo", + "laneGroup": "celo", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WCELO", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "Celo gas is modeled as a family-bound hybrid-cap lane with staged promotion to strict escrow." + }, + "displayAliases": { + "canonical": "cCELO", + "mirrored": "cWCELO" + }, + "deployments": [ + { + "version": "v1", + "address": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for celo.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cCRO", + "currencyCode": "CRO", + "registryFamily": "gas_native", + "mirroredSymbol": "cWCRO", + "mappingKey": "Compliant_CRO_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "cro", + "laneGroup": "cro", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WCRO", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "Cronos gas remains family-bound; PMM depth does not override bridge caps or pause controls." + }, + "displayAliases": { + "canonical": "cCRO", + "mirrored": "cWCRO" + }, + "deployments": [ + { + "version": "v1", + "address": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for cro.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cETH", + "currencyCode": "ETH", + "registryFamily": "gas_native", + "mirroredSymbol": "cWETH", + "mappingKey": "Compliant_ETH_MAINNET_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_mainnet", + "laneGroup": "eth_mainnet", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-strict-escrow", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "strict_escrow", + "notes": "Ethereum mainnet ETH uses strict wrapped-native escrow before minting the Chain 138 canonical or public cW mirror." + }, + "displayAliases": { + "canonical": "cETH Mainnet", + "mirrored": "cWETH Mainnet" + }, + "deployments": [ + { + "version": "v1", + "address": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "status": "strict-capable", + "purpose": "Wave 1 canonical Chain 138 gas family for eth_mainnet.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cETHL2", + "currencyCode": "ETH", + "registryFamily": "gas_native", + "mirroredSymbol": "cWETHL2", + "mappingKey": "Compliant_ETH_L2_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "laneGroup": "eth_l2_shared", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "Shared L2 ETH family is fungible across approved Optimism, Arbitrum, and Base lanes when inventory and policy checks pass." + }, + "displayAliases": { + "canonical": "cETHL2", + "mirrored": "cWETHL2" + }, + "deployments": [ + { + "version": "v1", + "address": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for eth_l2.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cPOL", + "currencyCode": "POL", + "registryFamily": "gas_native", + "mirroredSymbol": "cWPOL", + "mappingKey": "Compliant_POL_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "pol", + "laneGroup": "pol", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WPOL", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "Polygon gas is launched as a hybrid-cap lane with promotion to strict escrow without changing token identities or pools." + }, + "displayAliases": { + "canonical": "cPOL", + "mirrored": "cWPOL" + }, + "deployments": [ + { + "version": "v1", + "address": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for pol.", "forwardCanonical": false } ] @@ -67,14 +353,22 @@ "reserveVerifierKey": "chain138-hard-peg", "activeVersion": "v1", "activeAddress": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", "x402PreferredVersion": "v2", - "x402PreferredAddress": "0x1ac3F4942a71E86A9682D91837E1E71b7BACdF99", + "x402PreferredAddress": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", "cutover": { "liquidityActiveVersion": "v1", "transportActiveVersion": "v1", "explorerPrimaryVersion": "v1", "x402ReadyVersion": "v2", - "nextAction": "Complete cW/pool migration before flipping canonical routing to V2." + "nextAction": "Complete cW/pool migration before flipping liquidity and transport routing to V2." + }, + "bridge": { + "iso4217Mechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "notes": "Same GRU transport bridge model as cUSDT; flip both versions to v2 only after cWUSDC v2 exists on each destination and L1/L2 bridge token configs are updated." }, "deployments": [ { @@ -86,89 +380,224 @@ }, { "version": "v2", - "address": "0x1ac3F4942a71E86A9682D91837E1E71b7BACdF99", - "status": "staged", - "purpose": "Permit/auth-capable x402 payments and next GRU transport cutover.", + "address": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", + "status": "x402-canonical", + "purpose": "Permit/auth-capable x402 payments and forward-canonical GRU V2 surface while liquidity remains on V1.", + "forwardCanonical": true + } + ] + }, + { + "symbol": "cUSDT", + "currencyCode": "USD", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "phase": "v1", + "reserveVerifierKey": "chain138-hard-peg", + "activeVersion": "v1", + "activeAddress": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "canonicalForwardVersion": "v2", + "canonicalForwardAddress": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "x402PreferredVersion": "v2", + "x402PreferredAddress": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "cutover": { + "liquidityActiveVersion": "v1", + "transportActiveVersion": "v1", + "explorerPrimaryVersion": "v1", + "x402ReadyVersion": "v2", + "nextAction": "Complete cW/pool migration before flipping liquidity and transport routing to V2." + }, + "bridge": { + "iso4217Mechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "notes": "L1 escrows canonical c* (CWMultiTokenBridgeL1); L2 mints/burns mirrored cW* (CWMultiTokenBridgeL2 + CompliantWrappedToken). End-to-end GRU ISO-4217 v2: set canonicalAssetVersion and mirroredAssetVersion to v2, register v2 canonical on L1 supportedCanonicalToken, wire ICWMintBurnToken cW* v2 with bridge minter/burner roles, then fill gruIso4217Bridge.mirroredV2ByMappingKeyAndChain per destination in token-mapping-multichain.json and update cross-chain-pmm-lps/config/deployment-status.json cwTokens." + }, + "deployments": [ + { + "version": "v1", + "address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "status": "active", + "purpose": "Live Chain 138 liquidity, PMM pools, and current transport routes.", + "forwardCanonical": false + }, + { + "version": "v2", + "address": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "status": "x402-canonical", + "purpose": "Permit/auth-capable x402 payments and forward-canonical GRU V2 surface while liquidity remains on V1.", + "forwardCanonical": true + } + ] + }, + { + "symbol": "cWEMIX", + "currencyCode": "WEMIX", + "active": false, + "status": "deferred", + "registryFamily": "gas_native", + "mirroredSymbol": "cWWEMIX", + "mappingKey": "Compliant_WEMIX_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "wemix", + "laneGroup": "wemix", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WWEMIX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "Wemix remains staged with hybrid-cap accounting and can be promoted without changing symbols or pool identities." + }, + "displayAliases": { + "canonical": "cWEMIX Hub", + "mirrored": "cWWEMIX" + }, + "deployments": [ + { + "version": "v1", + "address": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for wemix.", + "forwardCanonical": false + } + ] + }, + { + "symbol": "cXDAI", + "currencyCode": "XDAI", + "registryFamily": "gas_native", + "mirroredSymbol": "cWXDAI", + "mappingKey": "Compliant_XDAI_cW", + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "xdai", + "laneGroup": "xdai", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "wrappedNativeQuoteSymbol": "WXDAI", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "activeVersion": "v1", + "activeAddress": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "bridge": { + "bridgeMechanism": "lock_mint_burn_release", + "canonicalAssetVersion": "v1", + "mirroredAssetVersion": "v1", + "backingMode": "hybrid_cap", + "notes": "xDAI remains family-bound with capped treasury support until wrapped xDAI custody is promoted to strict mode." + }, + "displayAliases": { + "canonical": "cXDAI", + "mirrored": "cWXDAI" + }, + "deployments": [ + { + "version": "v1", + "address": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "status": "hybrid-cap-staged", + "purpose": "Wave 1 canonical Chain 138 gas family for xdai.", "forwardCanonical": false } ] } ], "enabledDestinationChains": [ + { + "chainId": 1, + "name": "Ethereum Mainnet", + "ccipChainSelector": "5009297550715157269", + "phase": "wave1", + "peerKey": "mainnet" + }, + { + "chainId": 10, + "name": "Optimism", + "ccipChainSelector": "3734403246176062136", + "phase": "wave1", + "peerKey": "optimism" + }, { "chainId": 25, "name": "Cronos", - "phase": "v1", + "ccipChainSelector": "1456215246176062136", + "phase": "wave1", "peerKey": "cronos" }, { "chainId": 56, "name": "BSC", - "phase": "v1", + "ccipChainSelector": "11344663589394136015", + "phase": "wave1", "peerKey": "bsc" }, - { - "chainId": 137, - "name": "Polygon", - "phase": "v1", - "peerKey": "polygon" - }, - { - "chainId": 43114, - "name": "Avalanche C-Chain", - "phase": "v1", - "peerKey": "avalanche" - }, - { - "chainId": 42161, - "name": "Arbitrum One", - "phase": "v1", - "peerKey": "arbitrum" - }, - { - "chainId": 8453, - "name": "Base", - "phase": "v1", - "peerKey": "base" - }, - { - "chainId": 10, - "name": "Optimism", - "phase": "v1", - "peerKey": "optimism" - }, { "chainId": 100, "name": "Gnosis Chain", - "phase": "v1", + "ccipChainSelector": "465200170687744372", + "phase": "wave1", "peerKey": "gnosis" }, { - "chainId": 1, - "name": "Ethereum Mainnet", - "phase": "v1", - "peerKey": "mainnet" + "chainId": 137, + "name": "Polygon", + "ccipChainSelector": "4051577828743386545", + "phase": "wave1", + "peerKey": "polygon" + }, + { + "chainId": 1111, + "name": "Wemix", + "ccipChainSelector": "5142893604156789321", + "phase": "wave1", + "peerKey": "wemix", + "active": false, + "status": "deferred" + }, + { + "chainId": 8453, + "name": "Base", + "ccipChainSelector": "15971525489660198786", + "phase": "wave1", + "peerKey": "base" + }, + { + "chainId": 42161, + "name": "Arbitrum One", + "ccipChainSelector": "4949039107694359620", + "phase": "wave1", + "peerKey": "arbitrum" + }, + { + "chainId": 42220, + "name": "Celo", + "ccipChainSelector": "1346049177634351622", + "phase": "wave1", + "peerKey": "celo" + }, + { + "chainId": 43114, + "name": "Avalanche C-Chain", + "ccipChainSelector": "6433500567565415381", + "phase": "wave1", + "peerKey": "avalanche" } ], "approvedBridgePeers": [ - { - "key": "cronos", - "chainId": 25, - "chainName": "Cronos", - "bridgeKind": "cw_multi_token", - "l1Bridge": { - "env": "CHAIN138_L1_BRIDGE" - }, - "l2Bridge": { - "env": "CW_BRIDGE_CRONOS" - }, - "freezeTokenPairRequired": true, - "freezeDestinationRequired": true - }, { "key": "mainnet", "chainId": 1, "chainName": "Ethereum Mainnet", + "ccipChainSelector": "5009297550715157269", "bridgeKind": "cw_multi_token", "l1Bridge": { "env": "CHAIN138_L1_BRIDGE" @@ -179,80 +608,11 @@ "freezeTokenPairRequired": true, "freezeDestinationRequired": true }, - { - "key": "bsc", - "chainId": 56, - "chainName": "BSC", - "bridgeKind": "cw_multi_token", - "l1Bridge": { - "env": "CHAIN138_L1_BRIDGE" - }, - "l2Bridge": { - "env": "CW_BRIDGE_BSC" - }, - "freezeTokenPairRequired": true, - "freezeDestinationRequired": true - }, - { - "key": "polygon", - "chainId": 137, - "chainName": "Polygon", - "bridgeKind": "cw_multi_token", - "l1Bridge": { - "env": "CHAIN138_L1_BRIDGE" - }, - "l2Bridge": { - "env": "CW_BRIDGE_POLYGON" - }, - "freezeTokenPairRequired": true, - "freezeDestinationRequired": true - }, - { - "key": "avalanche", - "chainId": 43114, - "chainName": "Avalanche C-Chain", - "bridgeKind": "cw_multi_token", - "l1Bridge": { - "env": "CHAIN138_L1_BRIDGE" - }, - "l2Bridge": { - "env": "CW_BRIDGE_AVALANCHE" - }, - "freezeTokenPairRequired": true, - "freezeDestinationRequired": true - }, - { - "key": "arbitrum", - "chainId": 42161, - "chainName": "Arbitrum One", - "bridgeKind": "cw_multi_token", - "l1Bridge": { - "env": "CHAIN138_L1_BRIDGE" - }, - "l2Bridge": { - "env": "CW_BRIDGE_ARBITRUM" - }, - "freezeTokenPairRequired": true, - "freezeDestinationRequired": true - }, - { - "key": "base", - "chainId": 8453, - "chainName": "Base", - "bridgeKind": "cw_multi_token", - "l1Bridge": { - "env": "CHAIN138_L1_BRIDGE" - }, - "l2Bridge": { - "env": "CW_BRIDGE_BASE" - }, - "freezeTokenPairRequired": true, - "freezeDestinationRequired": true - }, { "key": "optimism", "chainId": 10, "chainName": "Optimism", + "ccipChainSelector": "3734403246176062136", "bridgeKind": "cw_multi_token", "l1Bridge": { "env": "CHAIN138_L1_BRIDGE" @@ -263,10 +623,41 @@ "freezeTokenPairRequired": true, "freezeDestinationRequired": true }, + { + "key": "cronos", + "chainId": 25, + "chainName": "Cronos", + "ccipChainSelector": "1456215246176062136", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_CRONOS" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, + { + "key": "bsc", + "chainId": 56, + "chainName": "BSC", + "ccipChainSelector": "11344663589394136015", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_BSC" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, { "key": "gnosis", "chainId": 100, "chainName": "Gnosis Chain", + "ccipChainSelector": "465200170687744372", "bridgeKind": "cw_multi_token", "l1Bridge": { "env": "CHAIN138_L1_BRIDGE" @@ -276,6 +667,98 @@ }, "freezeTokenPairRequired": true, "freezeDestinationRequired": true + }, + { + "key": "polygon", + "chainId": 137, + "chainName": "Polygon", + "ccipChainSelector": "4051577828743386545", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_POLYGON" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, + { + "key": "wemix", + "chainId": 1111, + "chainName": "Wemix", + "ccipChainSelector": "5142893604156789321", + "active": false, + "status": "deferred", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_WEMIX" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, + { + "key": "base", + "chainId": 8453, + "chainName": "Base", + "ccipChainSelector": "15971525489660198786", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_BASE" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, + { + "key": "arbitrum", + "chainId": 42161, + "chainName": "Arbitrum One", + "ccipChainSelector": "4949039107694359620", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_ARBITRUM" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, + { + "key": "celo", + "chainId": 42220, + "chainName": "Celo", + "ccipChainSelector": "1346049177634351622", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_CELO" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true + }, + { + "key": "avalanche", + "chainId": 43114, + "chainName": "Avalanche C-Chain", + "ccipChainSelector": "6433500567565415381", + "bridgeKind": "cw_multi_token", + "l1Bridge": { + "env": "CHAIN138_L1_BRIDGE" + }, + "l2Bridge": { + "env": "CW_BRIDGE_AVALANCHE" + }, + "freezeTokenPairRequired": true, + "freezeDestinationRequired": true } ], "reserveVerifiers": { @@ -296,327 +779,130 @@ "requireVaultBacking": true, "requireReserveSystemBalance": true, "requireTokenOwnerMatchVault": true + }, + "chain138-gas-strict-escrow": { + "chainId": 138, + "bridgeRef": { + "env": "CHAIN138_L1_BRIDGE" + }, + "verifierRef": { + "env": "CW_GAS_STRICT_ESCROW_VERIFIER_CHAIN138" + }, + "vaultRef": { + "env": "CW_GAS_ESCROW_VAULT_CHAIN138" + }, + "requireVaultBacking": true, + "requireReserveSystemBalance": false, + "requireTokenOwnerMatchVault": true + }, + "chain138-gas-hybrid-cap": { + "chainId": 138, + "bridgeRef": { + "env": "CHAIN138_L1_BRIDGE" + }, + "verifierRef": { + "env": "CW_GAS_HYBRID_CAP_VERIFIER_CHAIN138" + }, + "vaultRef": { + "env": "CW_GAS_ESCROW_VAULT_CHAIN138" + }, + "reserveSystemRef": { + "env": "CW_GAS_TREASURY_SYSTEM" + }, + "requireVaultBacking": false, + "requireReserveSystemBalance": true, + "requireTokenOwnerMatchVault": false } }, "transportPairs": [ { - "key": "138-25-cUSDT-cWUSDT", + "key": "138-1-cBTC-cWBTC", "canonicalChainId": 138, - "destinationChainId": 25, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "cronos", + "destinationChainId": 1, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "mainnet", "phase": "v1", "routeDiscoveryEnabled": true, "mcpVisible": true, "reserveVerifierKey": "chain138-hard-peg", "maxOutstanding": { "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_CRONOS" + "env": "CW_MAX_OUTSTANDING_BTC_MAINNET" }, "publicPoolKeys": [ - "25-cWUSDT-USDT" + "1-cWBTC-USDC", + "1-cWBTC-cWXAUC" ] }, { - "key": "138-25-cUSDC-cWUSDC", + "key": "138-1-cETH-cWETH", "canonicalChainId": 138, - "destinationChainId": 25, + "destinationChainId": 1, + "canonicalSymbol": "cETH", + "mirroredSymbol": "cWETH", + "mappingKey": "Compliant_ETH_MAINNET_cW", + "peerKey": "mainnet", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "eth_mainnet", + "laneGroup": "eth_mainnet", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-strict-escrow", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_ETH_MAINNET_MAINNET" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_ETH_MAINNET_MAINNET" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_ETH_MAINNET_MAINNET" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_ETH_MAINNET_MAINNET" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_ETH_MAINNET_MAINNET" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "1-cWETH-WETH", + "1-cWETH-USDC" + ], + "protocolExposureKey": "1-eth_mainnet" + }, + { + "key": "138-1-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 1, "canonicalSymbol": "cUSDC", "mirroredSymbol": "cWUSDC", "mappingKey": "Compliant_USDC_cW", - "peerKey": "cronos", + "peerKey": "mainnet", "phase": "v1", "routeDiscoveryEnabled": true, "mcpVisible": true, "reserveVerifierKey": "chain138-hard-peg", "maxOutstanding": { "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_CRONOS" + "env": "CW_MAX_OUTSTANDING_USDC_MAINNET" }, "publicPoolKeys": [ - "25-cWUSDC-USDT" - ] - }, - { - "key": "138-56-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 56, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "bsc", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_BSC" - }, - "publicPoolKeys": [ - "56-cWUSDT-USDT" - ] - }, - { - "key": "138-56-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 56, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "bsc", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_BSC" - }, - "publicPoolKeys": [ - "56-cWUSDC-USDT" - ] - }, - { - "key": "138-137-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 137, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "polygon", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_POLYGON" - }, - "publicPoolKeys": [ - "137-cWUSDT-USDC" - ] - }, - { - "key": "138-137-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 137, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "polygon", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_POLYGON" - }, - "publicPoolKeys": [ - "137-cWUSDC-USDC" - ] - }, - { - "key": "138-43114-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 43114, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "avalanche", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_AVALANCHE" - }, - "publicPoolKeys": [ - "43114-cWUSDT-USDC" - ] - }, - { - "key": "138-43114-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 43114, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "avalanche", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_AVALANCHE" - }, - "publicPoolKeys": [ - "43114-cWUSDC-USDC" - ] - }, - { - "key": "138-42161-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 42161, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "arbitrum", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_ARBITRUM" - }, - "publicPoolKeys": [ - "42161-cWUSDT-USDC" - ] - }, - { - "key": "138-42161-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 42161, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "arbitrum", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_ARBITRUM" - }, - "publicPoolKeys": [ - "42161-cWUSDC-USDC" - ] - }, - { - "key": "138-8453-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 8453, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "base", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_BASE" - }, - "publicPoolKeys": [ - "8453-cWUSDT-USDC" - ] - }, - { - "key": "138-8453-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 8453, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "base", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_BASE" - }, - "publicPoolKeys": [ - "8453-cWUSDC-USDC" - ] - }, - { - "key": "138-10-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 10, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "optimism", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_OPTIMISM" - }, - "publicPoolKeys": [ - "10-cWUSDT-USDC" - ] - }, - { - "key": "138-10-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 10, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "optimism", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_OPTIMISM" - }, - "publicPoolKeys": [ - "10-cWUSDC-USDC" - ] - }, - { - "key": "138-100-cUSDT-cWUSDT", - "canonicalChainId": 138, - "destinationChainId": 100, - "canonicalSymbol": "cUSDT", - "mirroredSymbol": "cWUSDT", - "mappingKey": "Compliant_USDT_cW", - "peerKey": "gnosis", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDT_GNOSIS" - }, - "publicPoolKeys": [ - "100-cWUSDT-USDC" - ] - }, - { - "key": "138-100-cUSDC-cWUSDC", - "canonicalChainId": 138, - "destinationChainId": 100, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "gnosis", - "phase": "v1", - "routeDiscoveryEnabled": true, - "mcpVisible": true, - "reserveVerifierKey": "chain138-hard-peg", - "maxOutstanding": { - "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_GNOSIS" - }, - "publicPoolKeys": [ - "100-cWUSDC-USDC" + "1-cWUSDC-USDC" ] }, { @@ -640,195 +926,1183 @@ ] }, { - "key": "138-1-cUSDC-cWUSDC", + "key": "138-10-cBTC-cWBTC", "canonicalChainId": 138, - "destinationChainId": 1, - "canonicalSymbol": "cUSDC", - "mirroredSymbol": "cWUSDC", - "mappingKey": "Compliant_USDC_cW", - "peerKey": "mainnet", + "destinationChainId": 10, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "optimism", "phase": "v1", "routeDiscoveryEnabled": true, "mcpVisible": true, "reserveVerifierKey": "chain138-hard-peg", "maxOutstanding": { "required": true, - "env": "CW_MAX_OUTSTANDING_USDC_MAINNET" + "env": "CW_MAX_OUTSTANDING_BTC_OPTIMISM" }, "publicPoolKeys": [ - "1-cWUSDC-USDC" + "10-cWBTC-USDC", + "10-cWBTC-cWXAUC" + ] + }, + { + "key": "138-10-cETHL2-cWETHL2", + "canonicalChainId": 138, + "destinationChainId": 10, + "canonicalSymbol": "cETHL2", + "mirroredSymbol": "cWETHL2", + "mappingKey": "Compliant_ETH_L2_cW", + "peerKey": "optimism", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "eth_l2", + "laneGroup": "eth_l2_shared", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_ETH_L2_OPTIMISM" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_ETH_L2_OPTIMISM" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_ETH_L2_OPTIMISM" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_ETH_L2_OPTIMISM" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_ETH_L2_OPTIMISM" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "10-cWETHL2-WETH", + "10-cWETHL2-USDC" + ], + "protocolExposureKey": "10-eth_l2" + }, + { + "key": "138-10-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 10, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "optimism", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_OPTIMISM" + }, + "publicPoolKeys": [ + "10-cWUSDC-USDC" + ] + }, + { + "key": "138-10-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 10, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "optimism", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_OPTIMISM" + }, + "publicPoolKeys": [ + "10-cWUSDT-USDC" + ] + }, + { + "key": "138-100-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 100, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "gnosis", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_GNOSIS" + }, + "publicPoolKeys": [ + "100-cWBTC-USDC", + "100-cWBTC-cWXAUC" + ] + }, + { + "key": "138-100-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 100, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "gnosis", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_GNOSIS" + }, + "publicPoolKeys": [ + "100-cWUSDC-USDC" + ] + }, + { + "key": "138-100-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 100, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "gnosis", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_GNOSIS" + }, + "publicPoolKeys": [ + "100-cWUSDT-USDC" + ] + }, + { + "key": "138-100-cXDAI-cWXDAI", + "canonicalChainId": 138, + "destinationChainId": 100, + "canonicalSymbol": "cXDAI", + "mirroredSymbol": "cWXDAI", + "mappingKey": "Compliant_XDAI_cW", + "peerKey": "gnosis", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "xdai", + "laneGroup": "xdai", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WXDAI", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_XDAI_GNOSIS" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_XDAI_GNOSIS" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_XDAI_GNOSIS" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_XDAI_GNOSIS" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_XDAI_GNOSIS" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "100-cWXDAI-WXDAI", + "100-cWXDAI-USDC" + ], + "protocolExposureKey": "100-xdai" + }, + { + "key": "138-1111-cWEMIX-cWWEMIX", + "canonicalChainId": 138, + "destinationChainId": 1111, + "active": false, + "status": "deferred", + "canonicalSymbol": "cWEMIX", + "mirroredSymbol": "cWWEMIX", + "mappingKey": "Compliant_WEMIX_cW", + "peerKey": "wemix", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "wemix", + "laneGroup": "wemix", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WWEMIX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_WEMIX_WEMIX" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_WEMIX_WEMIX" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_WEMIX_WEMIX" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_WEMIX_WEMIX" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_WEMIX_WEMIX" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "1111-cWWEMIX-WWEMIX", + "1111-cWWEMIX-USDC" + ], + "protocolExposureKey": "1111-wemix" + }, + { + "key": "138-137-cAUSDT-cWAUSDT", + "canonicalChainId": 138, + "destinationChainId": 137, + "canonicalSymbol": "cAUSDT", + "mirroredSymbol": "cWAUSDT", + "mappingKey": "Compliant_AUSDT_cW", + "peerKey": "polygon", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_AUSDT_POLYGON" + }, + "publicPoolKeys": [ + "137-cWAUSDT-USDC" + ] + }, + { + "key": "138-137-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 137, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "polygon", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_POLYGON" + }, + "publicPoolKeys": [ + "137-cWBTC-USDC", + "137-cWBTC-cWXAUC" + ] + }, + { + "key": "138-137-cPOL-cWPOL", + "canonicalChainId": 138, + "destinationChainId": 137, + "canonicalSymbol": "cPOL", + "mirroredSymbol": "cWPOL", + "mappingKey": "Compliant_POL_cW", + "peerKey": "polygon", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "pol", + "laneGroup": "pol", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WPOL", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_POL_POLYGON" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_POL_POLYGON" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_POL_POLYGON" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_POL_POLYGON" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_POL_POLYGON" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "137-cWPOL-WPOL", + "137-cWPOL-USDC" + ], + "protocolExposureKey": "137-pol" + }, + { + "key": "138-137-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 137, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "polygon", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_POLYGON" + }, + "publicPoolKeys": [ + "137-cWUSDC-USDC" + ] + }, + { + "key": "138-137-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 137, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "polygon", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_POLYGON" + }, + "publicPoolKeys": [ + "137-cWUSDT-USDC" + ] + }, + { + "key": "138-25-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 25, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "cronos", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_CRONOS" + }, + "publicPoolKeys": [ + "25-cWBTC-USDT", + "25-cWBTC-cWXAUC" + ] + }, + { + "key": "138-25-cCRO-cWCRO", + "canonicalChainId": 138, + "destinationChainId": 25, + "canonicalSymbol": "cCRO", + "mirroredSymbol": "cWCRO", + "mappingKey": "Compliant_CRO_cW", + "peerKey": "cronos", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "cro", + "laneGroup": "cro", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WCRO", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_CRO_CRONOS" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_CRO_CRONOS" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_CRO_CRONOS" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_CRO_CRONOS" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_CRO_CRONOS" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "25-cWCRO-WCRO", + "25-cWCRO-USDT" + ], + "protocolExposureKey": "25-cro" + }, + { + "key": "138-25-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 25, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "cronos", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_CRONOS" + }, + "publicPoolKeys": [ + "25-cWUSDC-USDT" + ] + }, + { + "key": "138-25-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 25, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "cronos", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_CRONOS" + }, + "publicPoolKeys": [ + "25-cWUSDT-USDT" + ] + }, + { + "key": "138-42161-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 42161, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "arbitrum", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_ARBITRUM" + }, + "publicPoolKeys": [ + "42161-cWBTC-USDC", + "42161-cWBTC-cWXAUC" + ] + }, + { + "key": "138-42161-cETHL2-cWETHL2", + "canonicalChainId": 138, + "destinationChainId": 42161, + "canonicalSymbol": "cETHL2", + "mirroredSymbol": "cWETHL2", + "mappingKey": "Compliant_ETH_L2_cW", + "peerKey": "arbitrum", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "eth_l2", + "laneGroup": "eth_l2_shared", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_ETH_L2_ARBITRUM" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_ETH_L2_ARBITRUM" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_ETH_L2_ARBITRUM" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_ETH_L2_ARBITRUM" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_ETH_L2_ARBITRUM" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "42161-cWETHL2-WETH", + "42161-cWETHL2-USDC" + ], + "protocolExposureKey": "42161-eth_l2" + }, + { + "key": "138-42161-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 42161, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "arbitrum", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_ARBITRUM" + }, + "publicPoolKeys": [ + "42161-cWUSDC-USDC" + ] + }, + { + "key": "138-42161-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 42161, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "arbitrum", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_ARBITRUM" + }, + "publicPoolKeys": [ + "42161-cWUSDT-USDC" + ] + }, + { + "key": "138-42220-cAUSDT-cWAUSDT", + "canonicalChainId": 138, + "destinationChainId": 42220, + "canonicalSymbol": "cAUSDT", + "mirroredSymbol": "cWAUSDT", + "mappingKey": "Compliant_AUSDT_cW", + "peerKey": "celo", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_AUSDT_CELO" + }, + "publicPoolKeys": [ + "42220-cWAUSDT-USDC" + ] + }, + { + "key": "138-42220-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 42220, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "celo", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_CELO" + }, + "publicPoolKeys": [ + "42220-cWBTC-USDC", + "42220-cWBTC-cWXAUC" + ] + }, + { + "key": "138-42220-cCELO-cWCELO", + "canonicalChainId": 138, + "destinationChainId": 42220, + "canonicalSymbol": "cCELO", + "mirroredSymbol": "cWCELO", + "mappingKey": "Compliant_CELO_cW", + "peerKey": "celo", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "celo", + "laneGroup": "celo", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WCELO", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_CELO_CELO" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_CELO_CELO" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_CELO_CELO" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_CELO_CELO" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_CELO_CELO" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "42220-cWCELO-WCELO", + "42220-cWCELO-USDC" + ], + "protocolExposureKey": "42220-celo" + }, + { + "key": "138-42220-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 42220, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "celo", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_CELO" + }, + "publicPoolKeys": [ + "42220-cWUSDC-USDC" + ] + }, + { + "key": "138-42220-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 42220, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "celo", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_CELO" + }, + "publicPoolKeys": [ + "42220-cWUSDT-USDC" + ] + }, + { + "key": "138-43114-cAUSDT-cWAUSDT", + "canonicalChainId": 138, + "destinationChainId": 43114, + "canonicalSymbol": "cAUSDT", + "mirroredSymbol": "cWAUSDT", + "mappingKey": "Compliant_AUSDT_cW", + "peerKey": "avalanche", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_AUSDT_AVALANCHE" + }, + "publicPoolKeys": [ + "43114-cWAUSDT-USDC" + ] + }, + { + "key": "138-43114-cAVAX-cWAVAX", + "canonicalChainId": 138, + "destinationChainId": 43114, + "canonicalSymbol": "cAVAX", + "mirroredSymbol": "cWAVAX", + "mappingKey": "Compliant_AVAX_cW", + "peerKey": "avalanche", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "avax", + "laneGroup": "avax", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WAVAX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_AVAX_AVALANCHE" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_AVAX_AVALANCHE" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_AVAX_AVALANCHE" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_AVAX_AVALANCHE" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_AVAX_AVALANCHE" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "43114-cWAVAX-WAVAX", + "43114-cWAVAX-USDC" + ], + "protocolExposureKey": "43114-avax" + }, + { + "key": "138-43114-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 43114, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "avalanche", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_AVALANCHE" + }, + "publicPoolKeys": [ + "43114-cWBTC-USDC", + "43114-cWBTC-cWXAUC" + ] + }, + { + "key": "138-43114-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 43114, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "avalanche", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_AVALANCHE" + }, + "publicPoolKeys": [ + "43114-cWUSDC-USDC" + ] + }, + { + "key": "138-43114-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 43114, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "avalanche", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_AVALANCHE" + }, + "publicPoolKeys": [ + "43114-cWUSDT-USDC" + ] + }, + { + "key": "138-56-cAUSDT-cWAUSDT", + "canonicalChainId": 138, + "destinationChainId": 56, + "canonicalSymbol": "cAUSDT", + "mirroredSymbol": "cWAUSDT", + "mappingKey": "Compliant_AUSDT_cW", + "peerKey": "bsc", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_AUSDT_BSC" + }, + "publicPoolKeys": [ + "56-cWAUSDT-USDT" + ] + }, + { + "key": "138-56-cBNB-cWBNB", + "canonicalChainId": 138, + "destinationChainId": 56, + "canonicalSymbol": "cBNB", + "mirroredSymbol": "cWBNB", + "mappingKey": "Compliant_BNB_cW", + "peerKey": "bsc", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "bnb", + "laneGroup": "bnb", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WBNB", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BNB_BSC" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_BNB_BSC" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_BNB_BSC" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_BNB_BSC" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_BNB_BSC" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "56-cWBNB-WBNB", + "56-cWBNB-USDT" + ], + "protocolExposureKey": "56-bnb" + }, + { + "key": "138-56-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 56, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "bsc", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_BSC" + }, + "publicPoolKeys": [ + "56-cWBTC-USDT", + "56-cWBTC-cWXAUC" + ] + }, + { + "key": "138-56-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 56, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "bsc", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_BSC" + }, + "publicPoolKeys": [ + "56-cWUSDC-USDT" + ] + }, + { + "key": "138-56-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 56, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "bsc", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_BSC" + }, + "publicPoolKeys": [ + "56-cWUSDT-USDT" + ] + }, + { + "key": "138-8453-cBTC-cWBTC", + "canonicalChainId": 138, + "destinationChainId": 8453, + "canonicalSymbol": "cBTC", + "mirroredSymbol": "cWBTC", + "mappingKey": "Compliant_BTC_cW", + "peerKey": "base", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_BTC_BASE" + }, + "publicPoolKeys": [ + "8453-cWBTC-USDC", + "8453-cWBTC-cWXAUC" + ] + }, + { + "key": "138-8453-cETHL2-cWETHL2", + "canonicalChainId": 138, + "destinationChainId": 8453, + "canonicalSymbol": "cETHL2", + "mirroredSymbol": "cWETHL2", + "mappingKey": "Compliant_ETH_L2_cW", + "peerKey": "base", + "phase": "wave1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "assetClass": "gas_native", + "familyKey": "eth_l2", + "laneGroup": "eth_l2_shared", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "reserveVerifierKey": "chain138-gas-hybrid-cap", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_ETH_L2_BASE" + }, + "supplyAccounting": { + "outstanding": { + "env": "CW_GAS_OUTSTANDING_ETH_L2_BASE" + }, + "escrowed": { + "env": "CW_GAS_ESCROWED_ETH_L2_BASE" + }, + "treasuryBacked": { + "env": "CW_GAS_TREASURY_BACKED_ETH_L2_BASE" + }, + "treasuryCap": { + "env": "CW_GAS_TREASURY_CAP_ETH_L2_BASE" + } + }, + "oraclePolicy": { + "referenceVenue": "uniswap_v3", + "maxOracleAgeSeconds": 90, + "requireFreshReference": true + }, + "publicPoolKeys": [ + "8453-cWETHL2-WETH", + "8453-cWETHL2-USDC" + ], + "protocolExposureKey": "8453-eth_l2" + }, + { + "key": "138-8453-cUSDC-cWUSDC", + "canonicalChainId": 138, + "destinationChainId": 8453, + "canonicalSymbol": "cUSDC", + "mirroredSymbol": "cWUSDC", + "mappingKey": "Compliant_USDC_cW", + "peerKey": "base", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDC_BASE" + }, + "publicPoolKeys": [ + "8453-cWUSDC-USDC" + ] + }, + { + "key": "138-8453-cUSDT-cWUSDT", + "canonicalChainId": 138, + "destinationChainId": 8453, + "canonicalSymbol": "cUSDT", + "mirroredSymbol": "cWUSDT", + "mappingKey": "Compliant_USDT_cW", + "peerKey": "base", + "phase": "v1", + "routeDiscoveryEnabled": true, + "mcpVisible": true, + "reserveVerifierKey": "chain138-hard-peg", + "maxOutstanding": { + "required": true, + "env": "CW_MAX_OUTSTANDING_USDT_BASE" + }, + "publicPoolKeys": [ + "8453-cWUSDT-USDC" ] } ], "publicPools": [ { - "key": "25-cWUSDT-USDT", - "chainId": 25, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDT", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" + "key": "1-cWBTC-cWXAUC", + "chainId": 1, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb72000000000000000000000000000000000001", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" }, { - "key": "25-cWUSDC-USDT", - "chainId": 25, - "baseSymbol": "cWUSDC", - "quoteSymbol": "USDT", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "56-cWUSDT-USDT", - "chainId": 56, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDT", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "56-cWUSDC-USDT", - "chainId": 56, - "baseSymbol": "cWUSDC", - "quoteSymbol": "USDT", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "137-cWUSDT-USDC", - "chainId": 137, - "baseSymbol": "cWUSDT", + "key": "1-cWBTC-USDC", + "chainId": 1, + "baseSymbol": "cWBTC", "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" + "poolAddress": "0xcb71000000000000000000000000000000000001", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" }, { - "key": "137-cWUSDC-USDC", - "chainId": 137, - "baseSymbol": "cWUSDC", + "key": "1-cWETH-USDC", + "chainId": 1, + "baseSymbol": "cWETH", "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" + "poolAddress": "0xd012000000000000000000000000000000000001", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_mainnet", + "venue": "dodo_pmm", + "poolType": "stable_quote" }, { - "key": "43114-cWUSDT-USDC", - "chainId": 43114, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" + "key": "1-cWETH-WETH", + "chainId": 1, + "baseSymbol": "cWETH", + "quoteSymbol": "WETH", + "poolAddress": "0xd011000000000000000000000000000000000001", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_mainnet", + "venue": "dodo_pmm", + "poolType": "wrapped_native" }, { - "key": "43114-cWUSDC-USDC", - "chainId": 43114, - "baseSymbol": "cWUSDC", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "42161-cWUSDT-USDC", - "chainId": 42161, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "42161-cWUSDC-USDC", - "chainId": 42161, - "baseSymbol": "cWUSDC", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "8453-cWUSDT-USDC", - "chainId": 8453, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "8453-cWUSDC-USDC", - "chainId": 8453, - "baseSymbol": "cWUSDC", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "10-cWUSDT-USDC", - "chainId": 10, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "10-cWUSDC-USDC", - "chainId": 10, - "baseSymbol": "cWUSDC", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "100-cWUSDT-USDC", - "chainId": 100, - "baseSymbol": "cWUSDT", - "quoteSymbol": "USDC", - "poolAddress": null, - "active": false, - "routingEnabled": false, - "mcpVisible": false, - "phase": "v1" - }, - { - "key": "100-cWUSDC-USDC", - "chainId": 100, + "key": "1-cWUSDC-USDC", + "chainId": 1, "baseSymbol": "cWUSDC", "quoteSymbol": "USDC", "poolAddress": null, @@ -849,8 +2123,60 @@ "phase": "v1" }, { - "key": "1-cWUSDC-USDC", - "chainId": 1, + "key": "10-cWBTC-cWXAUC", + "chainId": 10, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb7200000000000000000000000000000000000a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "10-cWBTC-USDC", + "chainId": 10, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb7100000000000000000000000000000000000a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "10-cWETHL2-USDC", + "chainId": 10, + "baseSymbol": "cWETHL2", + "quoteSymbol": "USDC", + "poolAddress": "0xd02200000000000000000000000000000000000a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "10-cWETHL2-WETH", + "chainId": 10, + "baseSymbol": "cWETHL2", + "quoteSymbol": "WETH", + "poolAddress": "0xd02100000000000000000000000000000000000a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "10-cWUSDC-USDC", + "chainId": 10, "baseSymbol": "cWUSDC", "quoteSymbol": "USDC", "poolAddress": null, @@ -858,6 +2184,1568 @@ "routingEnabled": false, "mcpVisible": false, "phase": "v1" + }, + { + "key": "10-cWUSDT-USDC", + "chainId": 10, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "100-cWBTC-cWXAUC", + "chainId": 100, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb72000000000000000000000000000000000064", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "100-cWBTC-USDC", + "chainId": 100, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb71000000000000000000000000000000000064", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "100-cWUSDC-USDC", + "chainId": 100, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "100-cWUSDT-USDC", + "chainId": 100, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "100-cWXDAI-USDC", + "chainId": 100, + "baseSymbol": "cWXDAI", + "quoteSymbol": "USDC", + "poolAddress": "0xd072000000000000000000000000000000000064", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "xdai", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "100-cWXDAI-WXDAI", + "chainId": 100, + "baseSymbol": "cWXDAI", + "quoteSymbol": "WXDAI", + "poolAddress": "0xd071000000000000000000000000000000000064", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "xdai", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "1111-cWWEMIX-USDC", + "chainId": 1111, + "baseSymbol": "cWWEMIX", + "quoteSymbol": "USDC", + "poolAddress": "0xd092000000000000000000000000000000000457", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "wemix", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "1111-cWWEMIX-WWEMIX", + "chainId": 1111, + "baseSymbol": "cWWEMIX", + "quoteSymbol": "WWEMIX", + "poolAddress": "0xd091000000000000000000000000000000000457", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "wemix", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "137-cWAUSDT-USDC", + "chainId": 137, + "baseSymbol": "cWAUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "137-cWBTC-cWXAUC", + "chainId": 137, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb72000000000000000000000000000000000089", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "137-cWBTC-USDC", + "chainId": 137, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb71000000000000000000000000000000000089", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "137-cWPOL-USDC", + "chainId": 137, + "baseSymbol": "cWPOL", + "quoteSymbol": "USDC", + "poolAddress": "0xd042000000000000000000000000000000000089", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "pol", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "137-cWPOL-WPOL", + "chainId": 137, + "baseSymbol": "cWPOL", + "quoteSymbol": "WPOL", + "poolAddress": "0xd041000000000000000000000000000000000089", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "pol", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "137-cWUSDC-USDC", + "chainId": 137, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "137-cWUSDT-USDC", + "chainId": 137, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "25-cWBTC-cWXAUC", + "chainId": 25, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb72000000000000000000000000000000000019", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "25-cWBTC-USDT", + "chainId": 25, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDT", + "poolAddress": "0xcb71000000000000000000000000000000000019", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "25-cWCRO-USDT", + "chainId": 25, + "baseSymbol": "cWCRO", + "quoteSymbol": "USDT", + "poolAddress": "0xd062000000000000000000000000000000000019", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "cro", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "25-cWCRO-WCRO", + "chainId": 25, + "baseSymbol": "cWCRO", + "quoteSymbol": "WCRO", + "poolAddress": "0xd061000000000000000000000000000000000019", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "cro", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "25-cWUSDC-USDT", + "chainId": 25, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDT", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "25-cWUSDT-USDT", + "chainId": 25, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDT", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "42161-cWBTC-cWXAUC", + "chainId": 42161, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb7200000000000000000000000000000000a4b1", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "42161-cWBTC-USDC", + "chainId": 42161, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb7100000000000000000000000000000000a4b1", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "42161-cWETHL2-USDC", + "chainId": 42161, + "baseSymbol": "cWETHL2", + "quoteSymbol": "USDC", + "poolAddress": "0xd02200000000000000000000000000000000a4b1", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "42161-cWETHL2-WETH", + "chainId": 42161, + "baseSymbol": "cWETHL2", + "quoteSymbol": "WETH", + "poolAddress": "0xd02100000000000000000000000000000000a4b1", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "42161-cWUSDC-USDC", + "chainId": 42161, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "42161-cWUSDT-USDC", + "chainId": 42161, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "42220-cWAUSDT-USDC", + "chainId": 42220, + "baseSymbol": "cWAUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "42220-cWBTC-cWXAUC", + "chainId": 42220, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb7200000000000000000000000000000000a4ec", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "42220-cWBTC-USDC", + "chainId": 42220, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb7100000000000000000000000000000000a4ec", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "42220-cWCELO-USDC", + "chainId": 42220, + "baseSymbol": "cWCELO", + "quoteSymbol": "USDC", + "poolAddress": "0xd08200000000000000000000000000000000a4ec", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "celo", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "42220-cWCELO-WCELO", + "chainId": 42220, + "baseSymbol": "cWCELO", + "quoteSymbol": "WCELO", + "poolAddress": "0xd08100000000000000000000000000000000a4ec", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "celo", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "42220-cWUSDC-USDC", + "chainId": 42220, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "42220-cWUSDT-USDC", + "chainId": 42220, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "43114-cWAUSDT-USDC", + "chainId": 43114, + "baseSymbol": "cWAUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "43114-cWAVAX-USDC", + "chainId": 43114, + "baseSymbol": "cWAVAX", + "quoteSymbol": "USDC", + "poolAddress": "0xd05200000000000000000000000000000000a86a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "avax", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "43114-cWAVAX-WAVAX", + "chainId": 43114, + "baseSymbol": "cWAVAX", + "quoteSymbol": "WAVAX", + "poolAddress": "0xd05100000000000000000000000000000000a86a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "avax", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "43114-cWBTC-cWXAUC", + "chainId": 43114, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb7200000000000000000000000000000000a86a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "43114-cWBTC-USDC", + "chainId": 43114, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb7100000000000000000000000000000000a86a", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "43114-cWUSDC-USDC", + "chainId": 43114, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "43114-cWUSDT-USDC", + "chainId": 43114, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "56-cWAUSDT-USDT", + "chainId": 56, + "baseSymbol": "cWAUSDT", + "quoteSymbol": "USDT", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "56-cWBNB-USDT", + "chainId": 56, + "baseSymbol": "cWBNB", + "quoteSymbol": "USDT", + "poolAddress": "0xd032000000000000000000000000000000000038", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "bnb", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "56-cWBNB-WBNB", + "chainId": 56, + "baseSymbol": "cWBNB", + "quoteSymbol": "WBNB", + "poolAddress": "0xd031000000000000000000000000000000000038", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "bnb", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "56-cWBTC-cWXAUC", + "chainId": 56, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb72000000000000000000000000000000000038", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "56-cWBTC-USDT", + "chainId": 56, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDT", + "poolAddress": "0xcb71000000000000000000000000000000000038", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "56-cWUSDC-USDT", + "chainId": 56, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDT", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "56-cWUSDT-USDT", + "chainId": 56, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDT", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "8453-cWBTC-cWXAUC", + "chainId": 8453, + "baseSymbol": "cWBTC", + "quoteSymbol": "cWXAUC", + "poolAddress": "0xcb72000000000000000000000000000000002105", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "8453-cWBTC-USDC", + "chainId": 8453, + "baseSymbol": "cWBTC", + "quoteSymbol": "USDC", + "poolAddress": "0xcb71000000000000000000000000000000002105", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "v1-staged" + }, + { + "key": "8453-cWETHL2-USDC", + "chainId": 8453, + "baseSymbol": "cWETHL2", + "quoteSymbol": "USDC", + "poolAddress": "0xd022000000000000000000000000000000002105", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "venue": "dodo_pmm", + "poolType": "stable_quote" + }, + { + "key": "8453-cWETHL2-WETH", + "chainId": 8453, + "baseSymbol": "cWETHL2", + "quoteSymbol": "WETH", + "poolAddress": "0xd021000000000000000000000000000000002105", + "active": true, + "routingEnabled": true, + "mcpVisible": true, + "phase": "wave1", + "assetClass": "gas_native", + "familyKey": "eth_l2", + "venue": "dodo_pmm", + "poolType": "wrapped_native" + }, + { + "key": "8453-cWUSDC-USDC", + "chainId": 8453, + "baseSymbol": "cWUSDC", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + }, + { + "key": "8453-cWUSDT-USDC", + "chainId": 8453, + "baseSymbol": "cWUSDT", + "quoteSymbol": "USDC", + "poolAddress": null, + "active": false, + "routingEnabled": false, + "mcpVisible": false, + "phase": "v1" + } + ], + "gasAssetFamilies": [ + { + "familyKey": "eth_mainnet", + "mappingKey": "Compliant_ETH_MAINNET_cW", + "canonicalSymbol138": "cETH", + "mirroredSymbol": "cWETH", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 1 + ], + "laneGroup": "eth_mainnet", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "mirroredAddresses": { + "1": "0xf6dc5587e18f27adff60e303fdd98f35b50fa8a5" + }, + "perLaneCaps": { + "1": "500000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cETH Mainnet", + "mirrored": "cWETH Mainnet" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "eth_l2", + "mappingKey": "Compliant_ETH_L2_cW", + "canonicalSymbol138": "cETHL2", + "mirroredSymbol": "cWETHL2", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 10, + 42161, + 8453 + ], + "laneGroup": "eth_l2_shared", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "mirroredAddresses": { + "10": "0x95007ec50d0766162f77848edf7bdc4eba147fb4", + "8453": "0x2a0840e5117683b11682ac46f5cf5621e67269e3", + "42161": "0xe27be001bc55cb2a8ed5ba5a62c834ca135244a3" + }, + "perLaneCaps": { + "10": "1000000000000000000000", + "8453": "1000000000000000000000", + "42161": "1000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cETHL2", + "mirrored": "cWETHL2" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "bnb", + "mappingKey": "Compliant_BNB_cW", + "canonicalSymbol138": "cBNB", + "mirroredSymbol": "cWBNB", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 56 + ], + "laneGroup": "bnb", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WBNB", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x94517875f32680984a5921da7abf78e22f65d70f", + "mirroredAddresses": { + "56": "0x179034a08ac2c9c35d2e41239f68c79dca6f18fa" + }, + "perLaneCaps": { + "56": "3000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cBNB", + "mirrored": "cWBNB" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "pol", + "mappingKey": "Compliant_POL_cW", + "canonicalSymbol138": "cPOL", + "mirroredSymbol": "cWPOL", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 137 + ], + "laneGroup": "pol", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WPOL", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "mirroredAddresses": { + "137": "0x25980244aacecb6d8c4b887261ed27f87cb2fc73" + }, + "perLaneCaps": { + "137": "2000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cPOL", + "mirrored": "cWPOL" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "avax", + "mappingKey": "Compliant_AVAX_cW", + "canonicalSymbol138": "cAVAX", + "mirroredSymbol": "cWAVAX", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 43114 + ], + "laneGroup": "avax", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WAVAX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "mirroredAddresses": { + "43114": "0xe1d4aee2ef8f48a20338935188a8fe7f7c7de7d0" + }, + "perLaneCaps": { + "43114": "200000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cAVAX", + "mirrored": "cWAVAX" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "cro", + "mappingKey": "Compliant_CRO_cW", + "canonicalSymbol138": "cCRO", + "mirroredSymbol": "cWCRO", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 25 + ], + "laneGroup": "cro", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WCRO", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "mirroredAddresses": { + "25": "0x9b10eb0f77c45322dbd1fcb07176fd9a7609c164" + }, + "perLaneCaps": { + "25": "5000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cCRO", + "mirrored": "cWCRO" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "xdai", + "mappingKey": "Compliant_XDAI_cW", + "canonicalSymbol138": "cXDAI", + "mirroredSymbol": "cWXDAI", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 100 + ], + "laneGroup": "xdai", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WXDAI", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "mirroredAddresses": { + "100": "0x9f833b4f1012f52eb3317b09922a79c6edfca77d" + }, + "perLaneCaps": { + "100": "5000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cXDAI", + "mirrored": "cWXDAI" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "celo", + "mappingKey": "Compliant_CELO_cW", + "canonicalSymbol138": "cCELO", + "mirroredSymbol": "cWCELO", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 42220 + ], + "laneGroup": "celo", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WCELO", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "mirroredAddresses": { + "42220": "0xb0fa7ec4123c7c275b3a89d9239569707ea3c66a" + }, + "perLaneCaps": { + "42220": "3000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cCELO", + "mirrored": "cWCELO" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "wemix", + "active": false, + "status": "deferred", + "mappingKey": "Compliant_WEMIX_cW", + "canonicalSymbol138": "cWEMIX", + "mirroredSymbol": "cWWEMIX", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 1111 + ], + "laneGroup": "wemix", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WWEMIX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "mirroredAddresses": { + "1111": "0xc111000000000000000000000000000000000457" + }, + "perLaneCaps": { + "1111": "2000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cWEMIX Hub", + "mirrored": "cWWEMIX" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + } + ], + "gasRedeemGroups": [ + { + "key": "eth-mainnet-local", + "familyKey": "eth_mainnet", + "allowedChains": [ + 1 + ], + "redeemPolicy": "family_only", + "description": "Ethereum mainnet ETH remains isolated from the shared L2 ETH family." + }, + { + "key": "eth-l2-shared", + "familyKey": "eth_l2", + "allowedChains": [ + 10, + 42161, + 8453 + ], + "redeemPolicy": "family_fungible_inventory_gated", + "description": "Optimism, Arbitrum, and Base can redeem across the shared ETH L2 family when inventory and policy checks allow." + }, + { + "key": "bnb-local", + "familyKey": "bnb", + "allowedChains": [ + 56 + ], + "redeemPolicy": "family_only" + }, + { + "key": "pol-local", + "familyKey": "pol", + "allowedChains": [ + 137 + ], + "redeemPolicy": "family_only" + }, + { + "key": "avax-local", + "familyKey": "avax", + "allowedChains": [ + 43114 + ], + "redeemPolicy": "family_only" + }, + { + "key": "cro-local", + "familyKey": "cro", + "allowedChains": [ + 25 + ], + "redeemPolicy": "family_only" + }, + { + "key": "xdai-local", + "familyKey": "xdai", + "allowedChains": [ + 100 + ], + "redeemPolicy": "family_only" + }, + { + "key": "celo-local", + "familyKey": "celo", + "allowedChains": [ + 42220 + ], + "redeemPolicy": "family_only" + }, + { + "key": "wemix-local", + "familyKey": "wemix", + "allowedChains": [ + 1111 + ], + "redeemPolicy": "family_only" + } + ], + "gasProtocolExposure": [ + { + "key": "1-eth_mainnet", + "chainId": 1, + "familyKey": "eth_mainnet", + "mirroredSymbol": "cWETH", + "backingMode": "strict_escrow", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "1-cWETH-WETH", + "1-cWETH-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7111000000000000000000000000000000000001" + }, + "balancer": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xba11000000000000000000000000000000000001" + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc711000000000000000000000000000000000001" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "10-eth_l2", + "chainId": 10, + "familyKey": "eth_l2", + "mirroredSymbol": "cWETHL2", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "10-cWETHL2-WETH", + "10-cWETHL2-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x712100000000000000000000000000000000000a" + }, + "balancer": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xba2100000000000000000000000000000000000a" + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc72100000000000000000000000000000000000a" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "100-xdai", + "chainId": 100, + "familyKey": "xdai", + "mirroredSymbol": "cWXDAI", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "100-cWXDAI-WXDAI", + "100-cWXDAI-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7171000000000000000000000000000000000064" + }, + "balancer": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xba71000000000000000000000000000000000064" + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc771000000000000000000000000000000000064" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "1111-wemix", + "chainId": 1111, + "active": false, + "status": "deferred", + "familyKey": "wemix", + "mirroredSymbol": "cWWEMIX", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "1111-cWWEMIX-WWEMIX", + "1111-cWWEMIX-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7191000000000000000000000000000000000457" + }, + "balancer": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "curve": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "137-pol", + "chainId": 137, + "familyKey": "pol", + "mirroredSymbol": "cWPOL", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "137-cWPOL-WPOL", + "137-cWPOL-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7141000000000000000000000000000000000089" + }, + "balancer": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xba41000000000000000000000000000000000089" + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc741000000000000000000000000000000000089" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "25-cro", + "chainId": 25, + "familyKey": "cro", + "mirroredSymbol": "cWCRO", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "25-cWCRO-WCRO", + "25-cWCRO-USDT" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7161000000000000000000000000000000000019" + }, + "balancer": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "curve": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "42161-eth_l2", + "chainId": 42161, + "familyKey": "eth_l2", + "mirroredSymbol": "cWETHL2", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "42161-cWETHL2-WETH", + "42161-cWETHL2-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x712100000000000000000000000000000000a4b1" + }, + "balancer": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xba2100000000000000000000000000000000a4b1" + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc72100000000000000000000000000000000a4b1" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "42220-celo", + "chainId": 42220, + "familyKey": "celo", + "mirroredSymbol": "cWCELO", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "42220-cWCELO-WCELO", + "42220-cWCELO-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x718100000000000000000000000000000000a4ec" + }, + "balancer": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc78100000000000000000000000000000000a4ec" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "43114-avax", + "chainId": 43114, + "familyKey": "avax", + "mirroredSymbol": "cWAVAX", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "43114-cWAVAX-WAVAX", + "43114-cWAVAX-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x715100000000000000000000000000000000a86a" + }, + "balancer": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc75100000000000000000000000000000000a86a" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "56-bnb", + "chainId": 56, + "familyKey": "bnb", + "mirroredSymbol": "cWBNB", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "56-cWBNB-WBNB", + "56-cWBNB-USDT" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7131000000000000000000000000000000000038" + }, + "balancer": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "curve": { + "supported": false, + "live": false, + "routingVisible": false, + "venueAddress": null + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } + }, + { + "key": "8453-eth_l2", + "chainId": 8453, + "familyKey": "eth_l2", + "mirroredSymbol": "cWETHL2", + "backingMode": "hybrid_cap", + "dodoPmm": { + "active": true, + "routingVisible": true, + "poolKeys": [ + "8453-cWETHL2-WETH", + "8453-cWETHL2-USDC" + ] + }, + "uniswapV3": { + "supported": true, + "live": true, + "routingVisible": true, + "reference": true, + "venueAddress": "0x7121000000000000000000000000000000002105" + }, + "balancer": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xba21000000000000000000000000000000002105" + }, + "curve": { + "supported": true, + "live": true, + "routingVisible": true, + "venueAddress": "0xc721000000000000000000000000000000002105" + }, + "oneInch": { + "supported": true, + "live": false, + "routingVisible": false, + "aggregatorOnly": true, + "activation": "after_underlying_venues_live_and_indexed" + } } ] } diff --git a/config/gru-v2-chain138-wave1-v2-plan.json b/config/gru-v2-chain138-wave1-v2-plan.json new file mode 100644 index 00000000..6bbe256b --- /dev/null +++ b/config/gru-v2-chain138-wave1-v2-plan.json @@ -0,0 +1,148 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "name": "GRU V2 Chain 138 Wave 1 Deployment Plan", + "version": "1.0.0", + "updated": "2026-04-07", + "canonicalChainId": 138, + "notes": [ + "Wave 1 assets were already canonically deployed on Chain 138 as legacy GRU assets and now also have generic GRU V2 deployments for the full V2/x402-capable token base.", + "Broadcast execution completed on April 7, 2026. This file now captures both the legacy canonical addresses and the newly deployed V2 addresses." + ], + "assets": [ + { + "code": "EUR", + "deployments": [ + { + "tokenName": "Euro Coin (Compliant V2)", + "tokenSymbol": "cEURC", + "currencyCode": "EUR", + "metadataKey": "ceurc-v2", + "registryName": "Euro Coin (Compliant V2)", + "registrySymbol": "cEURC.v2", + "currentCanonicalAddress": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", + "deployedV2Address": "0x243e6581Dc8a98d98B92265858b322b193555C81" + }, + { + "tokenName": "Euro Token (Compliant V2)", + "tokenSymbol": "cEURT", + "currencyCode": "EUR", + "metadataKey": "ceurt-v2", + "registryName": "Euro Token (Compliant V2)", + "registrySymbol": "cEURT.v2", + "currentCanonicalAddress": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "deployedV2Address": "0x2bAFA83d8fF8BaE9505511998987D0659791605B" + } + ] + }, + { + "code": "GBP", + "deployments": [ + { + "tokenName": "Pound Sterling Coin (Compliant V2)", + "tokenSymbol": "cGBPC", + "currencyCode": "GBP", + "metadataKey": "cgbpc-v2", + "registryName": "Pound Sterling Coin (Compliant V2)", + "registrySymbol": "cGBPC.v2", + "currentCanonicalAddress": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", + "deployedV2Address": "0x707508D223103f5D2d9EFBc656302c9d48878b29" + }, + { + "tokenName": "Pound Sterling Token (Compliant V2)", + "tokenSymbol": "cGBPT", + "currencyCode": "GBP", + "metadataKey": "cgbpt-v2", + "registryName": "Pound Sterling Token (Compliant V2)", + "registrySymbol": "cGBPT.v2", + "currentCanonicalAddress": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", + "deployedV2Address": "0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281" + } + ] + }, + { + "code": "AUD", + "deployments": [ + { + "tokenName": "Australian Dollar Coin (Compliant V2)", + "tokenSymbol": "cAUDC", + "currencyCode": "AUD", + "metadataKey": "caudc-v2", + "registryName": "Australian Dollar Coin (Compliant V2)", + "registrySymbol": "cAUDC.v2", + "currentCanonicalAddress": "0xD51482e567c03899eecE3CAe8a058161FD56069D", + "deployedV2Address": "0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb" + } + ] + }, + { + "code": "JPY", + "deployments": [ + { + "tokenName": "Japanese Yen Coin (Compliant V2)", + "tokenSymbol": "cJPYC", + "currencyCode": "JPY", + "metadataKey": "cjpyc-v2", + "registryName": "Japanese Yen Coin (Compliant V2)", + "registrySymbol": "cJPYC.v2", + "currentCanonicalAddress": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", + "deployedV2Address": "0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98" + } + ] + }, + { + "code": "CHF", + "deployments": [ + { + "tokenName": "Swiss Franc Coin (Compliant V2)", + "tokenSymbol": "cCHFC", + "currencyCode": "CHF", + "metadataKey": "cchfc-v2", + "registryName": "Swiss Franc Coin (Compliant V2)", + "registrySymbol": "cCHFC.v2", + "currentCanonicalAddress": "0x873990849DDa5117d7C644f0aF24370797C03885", + "deployedV2Address": "0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c" + } + ] + }, + { + "code": "CAD", + "deployments": [ + { + "tokenName": "Canadian Dollar Coin (Compliant V2)", + "tokenSymbol": "cCADC", + "currencyCode": "CAD", + "metadataKey": "ccadc-v2", + "registryName": "Canadian Dollar Coin (Compliant V2)", + "registrySymbol": "cCADC.v2", + "currentCanonicalAddress": "0x54dBd40cF05e15906A2C21f600937e96787f5679", + "deployedV2Address": "0xe799033c87fE0CE316DAECcefBE3134CC74b76a9" + } + ] + }, + { + "code": "XAU", + "deployments": [ + { + "tokenName": "Gold Coin (Compliant V2)", + "tokenSymbol": "cXAUC", + "currencyCode": "XAU", + "metadataKey": "cxauc-v2", + "registryName": "Gold Coin (Compliant V2)", + "registrySymbol": "cXAUC.v2", + "currentCanonicalAddress": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", + "deployedV2Address": "0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647" + }, + { + "tokenName": "Gold Token (Compliant V2)", + "tokenSymbol": "cXAUT", + "currencyCode": "XAU", + "metadataKey": "cxaut-v2", + "registryName": "Gold Token (Compliant V2)", + "registrySymbol": "cXAUT.v2", + "currentCanonicalAddress": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", + "deployedV2Address": "0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1" + } + ] + } + ] +} diff --git a/config/gru-v2-d3mm-network-expansion-plan.json b/config/gru-v2-d3mm-network-expansion-plan.json new file mode 100644 index 00000000..bfb8124e --- /dev/null +++ b/config/gru-v2-d3mm-network-expansion-plan.json @@ -0,0 +1,141 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "name": "GRU V2 / D3MM Public EVM Expansion Plan", + "version": "1.0.0", + "updated": "2026-04-07", + "notes": [ + "This plan defines rollout order and expected next actions. It is not proof that D3MM or GRU v2 public liquidity is already live on every listed chain.", + "Chain 138 remains the canonical D3MM pilot/private venue until the upstream-native public expansion is completed chain-by-chain.", + "Mainnet expansion should coexist with the current DODO PMM public rows first, then migrate traffic only after execution, monitoring, and policy gates pass." + ], + "waves": [ + { + "key": "wave0_mainnet_hardening", + "priority": 0, + "description": "Keep Mainnet as the first public-chain control point while D3MM and GRU v2 public edges become execution-grade.", + "chains": [ + { + "chainId": 1, + "name": "Ethereum Mainnet", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "coexist_then_promote", + "requiredPairs": ["cWUSDT/USDC", "cWUSDC/USDC", "cWUSDT/USDT", "cWUSDC/USDT"], + "successCriteria": [ + "current public DODO PMM rows remain healthy", + "D3MM venue inventory is frozen and published", + "execution-grade routing is proven for approved lanes", + "bot and peg-monitor surfaces remain green" + ] + } + ] + }, + { + "key": "wave1_existing_public_depth", + "priority": 1, + "description": "Chains that already have first-tier public PMM depth should receive D3MM/edge promotion and route visibility next.", + "chains": [ + { + "chainId": 137, + "name": "Polygon", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "promote_existing_pairs", + "requiredPairs": ["cWUSDT/USDT", "cWUSDC/USDC"], + "successCriteria": [ + "existing first-tier public PMM rows stay funded", + "route-matrix visibility is attached", + "token-aggregation exposes the chain publicly", + "D3MM edge decision is recorded" + ] + }, + { + "chainId": 10, + "name": "Optimism", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "promote_existing_pairs", + "requiredPairs": ["cWUSDT/USDT", "cWUSDC/USDC"], + "successCriteria": [ + "existing first-tier public PMM rows stay funded", + "route-matrix visibility is attached", + "token-aggregation exposes the chain publicly", + "D3MM edge decision is recorded" + ] + } + ] + }, + { + "key": "wave2_l2_bootstrap", + "priority": 2, + "description": "Bootstrap first-tier public PMM depth on the highest-leverage L2s before broader EVM rollout.", + "chains": [ + { + "chainId": 42161, + "name": "Arbitrum One", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDC", "cWUSDC/USDC"], + "successCriteria": [ + "hub stable anchor is recorded in deployment-status", + "first-tier public PMM rows are deployed and seeded", + "route visibility is enabled", + "Mainnet-hub bootstrap blockers are cleared" + ] + }, + { + "chainId": 8453, + "name": "Base", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDC", "cWUSDC/USDC"], + "successCriteria": [ + "hub stable anchor is recorded in deployment-status", + "first-tier public PMM rows are deployed and seeded", + "route visibility is enabled", + "public D3MM policy is recorded" + ] + } + ] + }, + { + "key": "wave3_secondary_public_evm", + "priority": 3, + "description": "Secondary public EVM expansion after Mainnet, Polygon, Optimism, Arbitrum, and Base are stable.", + "chains": [ + { + "chainId": 43114, + "name": "Avalanche C-Chain", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDC", "cWUSDC/USDC"] + }, + { + "chainId": 100, + "name": "Gnosis", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDC", "cWUSDC/USDC"] + }, + { + "chainId": 56, + "name": "BSC", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDT", "cWUSDC/USDT"] + }, + { + "chainId": 25, + "name": "Cronos", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDT", "cWUSDC/USDC"] + }, + { + "chainId": 42220, + "name": "Celo", + "targetProtocols": ["dodo_pmm", "dodo_v3_d3mm", "uniswap_v3", "one_inch"], + "rolloutMode": "deploy_first_tier_then_promote", + "requiredPairs": ["cWUSDT/USDC", "cWUSDC/USDC"] + } + ] + } + ] +} diff --git a/config/gru-v2-first-tier-pool-scaffolds.json b/config/gru-v2-first-tier-pool-scaffolds.json new file mode 100644 index 00000000..2956dedd --- /dev/null +++ b/config/gru-v2-first-tier-pool-scaffolds.json @@ -0,0 +1,214 @@ +{ + "version": 1, + "asOfDate": "2026-04-07", + "purpose": "Canonical scaffold inventory for missing first-tier GRU v2 / D3MM public PMM pools.", + "generatedFrom": [ + "config/gru-v2-d3mm-network-expansion-plan.json", + "cross-chain-pmm-lps/config/deployment-status.json", + "cross-chain-pmm-lps/config/pool-matrix.json" + ], + "summary": { + "chainsWithScaffolds": 6, + "scaffoldPoolCount": 12 + }, + "chains": [ + { + "chainId": 8453, + "name": "Base", + "waveKey": "wave2_l2_bootstrap", + "priority": 2, + "rolloutMode": "deploy_first_tier_then_promote", + "hubStable": "USDC", + "bridgeAvailable": true, + "scaffoldPools": [ + { + "pair": "cWUSDT/USDC", + "base": "cWUSDT", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + }, + { + "pair": "cWUSDC/USDC", + "base": "cWUSDC", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + } + ] + }, + { + "chainId": 42161, + "name": "Arbitrum One", + "waveKey": "wave2_l2_bootstrap", + "priority": 2, + "rolloutMode": "deploy_first_tier_then_promote", + "hubStable": "USDC", + "bridgeAvailable": true, + "scaffoldPools": [ + { + "pair": "cWUSDT/USDC", + "base": "cWUSDT", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + }, + { + "pair": "cWUSDC/USDC", + "base": "cWUSDC", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + } + ] + }, + { + "chainId": 56, + "name": "BSC", + "waveKey": "wave3_secondary_public_evm", + "priority": 3, + "rolloutMode": "deploy_first_tier_then_promote", + "hubStable": "USDT", + "bridgeAvailable": true, + "scaffoldPools": [ + { + "pair": "cWUSDT/USDT", + "base": "cWUSDT", + "quote": "USDT", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + }, + { + "pair": "cWUSDC/USDT", + "base": "cWUSDC", + "quote": "USDT", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + } + ] + }, + { + "chainId": 100, + "name": "Gnosis", + "waveKey": "wave3_secondary_public_evm", + "priority": 3, + "rolloutMode": "deploy_first_tier_then_promote", + "hubStable": "USDC", + "bridgeAvailable": true, + "scaffoldPools": [ + { + "pair": "cWUSDT/USDC", + "base": "cWUSDT", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + }, + { + "pair": "cWUSDC/USDC", + "base": "cWUSDC", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + } + ] + }, + { + "chainId": 42220, + "name": "Celo", + "waveKey": "wave3_secondary_public_evm", + "priority": 3, + "rolloutMode": "deploy_first_tier_then_promote", + "hubStable": "USDC", + "bridgeAvailable": true, + "scaffoldPools": [ + { + "pair": "cWUSDT/USDC", + "base": "cWUSDT", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + }, + { + "pair": "cWUSDC/USDC", + "base": "cWUSDC", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + } + ] + }, + { + "chainId": 43114, + "name": "Avalanche C-Chain", + "waveKey": "wave3_secondary_public_evm", + "priority": 3, + "rolloutMode": "deploy_first_tier_then_promote", + "hubStable": "USDC", + "bridgeAvailable": true, + "scaffoldPools": [ + { + "pair": "cWUSDT/USDC", + "base": "cWUSDT", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + }, + { + "pair": "cWUSDC/USDC", + "base": "cWUSDC", + "quote": "USDC", + "poolAddress": "0x0000000000000000000000000000000000000000", + "feeBps": 3, + "k": "500000000000000000", + "role": "public_routing", + "publicRoutingEnabled": false, + "notes": "scaffold only; replace poolAddress and enable routing after live deploy + seed" + } + ] + } + ] +} diff --git a/config/gru-v2-metadata/chain138/caudc-v2/metadata.json b/config/gru-v2-metadata/chain138/caudc-v2/metadata.json new file mode 100644 index 00000000..9907382a --- /dev/null +++ b/config/gru-v2-metadata/chain138/caudc-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Australian Dollar Coin (Compliant V2)", + "symbol": "cAUDC", + "description": "GRU v2 regulated AUD settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "AUD", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cAUDC", + "assetVersionId": "keccak256:GRU:cAUDC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/caudc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/caudc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..023f5a9f --- /dev/null +++ b/config/gru-v2-metadata/chain138/caudc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cAUDC V2 Regulatory Disclosure", + "symbol": "cAUDC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated AUD settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/caudc-v2/reporting.json b/config/gru-v2-metadata/chain138/caudc-v2/reporting.json new file mode 100644 index 00000000..f7ccf34c --- /dev/null +++ b/config/gru-v2-metadata/chain138/caudc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cAUDC V2 Reporting Manifest", + "symbol": "cAUDC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 AUD rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/ccadc-v2/metadata.json b/config/gru-v2-metadata/chain138/ccadc-v2/metadata.json new file mode 100644 index 00000000..e21d7e1f --- /dev/null +++ b/config/gru-v2-metadata/chain138/ccadc-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Canadian Dollar Coin (Compliant V2)", + "symbol": "cCADC", + "description": "GRU v2 regulated CAD settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "CAD", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cCADC", + "assetVersionId": "keccak256:GRU:cCADC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/ccadc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/ccadc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..7a05fb54 --- /dev/null +++ b/config/gru-v2-metadata/chain138/ccadc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cCADC V2 Regulatory Disclosure", + "symbol": "cCADC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated CAD settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/ccadc-v2/reporting.json b/config/gru-v2-metadata/chain138/ccadc-v2/reporting.json new file mode 100644 index 00000000..9665a9e5 --- /dev/null +++ b/config/gru-v2-metadata/chain138/ccadc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cCADC V2 Reporting Manifest", + "symbol": "cCADC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 CAD rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cchfc-v2/metadata.json b/config/gru-v2-metadata/chain138/cchfc-v2/metadata.json new file mode 100644 index 00000000..a84c70a9 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cchfc-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Swiss Franc Coin (Compliant V2)", + "symbol": "cCHFC", + "description": "GRU v2 regulated CHF settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "CHF", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cCHFC", + "assetVersionId": "keccak256:GRU:cCHFC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cchfc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cchfc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..8a296225 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cchfc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cCHFC V2 Regulatory Disclosure", + "symbol": "cCHFC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated CHF settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cchfc-v2/reporting.json b/config/gru-v2-metadata/chain138/cchfc-v2/reporting.json new file mode 100644 index 00000000..f83f578a --- /dev/null +++ b/config/gru-v2-metadata/chain138/cchfc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cCHFC V2 Reporting Manifest", + "symbol": "cCHFC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 CHF rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/ceurc-v2/metadata.json b/config/gru-v2-metadata/chain138/ceurc-v2/metadata.json new file mode 100644 index 00000000..a67118cd --- /dev/null +++ b/config/gru-v2-metadata/chain138/ceurc-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Euro Coin (Compliant V2)", + "symbol": "cEURC", + "description": "GRU v2 regulated EUR settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "EUR", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cEURC", + "assetVersionId": "keccak256:GRU:cEURC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/ceurc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/ceurc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..a7aae669 --- /dev/null +++ b/config/gru-v2-metadata/chain138/ceurc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cEURC V2 Regulatory Disclosure", + "symbol": "cEURC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated EUR settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/ceurc-v2/reporting.json b/config/gru-v2-metadata/chain138/ceurc-v2/reporting.json new file mode 100644 index 00000000..8f3d41e0 --- /dev/null +++ b/config/gru-v2-metadata/chain138/ceurc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cEURC V2 Reporting Manifest", + "symbol": "cEURC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 EUR rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/ceurt-v2/metadata.json b/config/gru-v2-metadata/chain138/ceurt-v2/metadata.json new file mode 100644 index 00000000..f08eb599 --- /dev/null +++ b/config/gru-v2-metadata/chain138/ceurt-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Euro Token (Compliant V2)", + "symbol": "cEURT", + "description": "GRU v2 regulated EUR token-form settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "EUR", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cEURT", + "assetVersionId": "keccak256:GRU:cEURT:2" + } +} diff --git a/config/gru-v2-metadata/chain138/ceurt-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/ceurt-v2/regulatory-disclosure.json new file mode 100644 index 00000000..4b7a162b --- /dev/null +++ b/config/gru-v2-metadata/chain138/ceurt-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cEURT V2 Regulatory Disclosure", + "symbol": "cEURT", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated EUR token-form settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/ceurt-v2/reporting.json b/config/gru-v2-metadata/chain138/ceurt-v2/reporting.json new file mode 100644 index 00000000..460489bf --- /dev/null +++ b/config/gru-v2-metadata/chain138/ceurt-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cEURT V2 Reporting Manifest", + "symbol": "cEURT", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 EUR token-form rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cgbpc-v2/metadata.json b/config/gru-v2-metadata/chain138/cgbpc-v2/metadata.json new file mode 100644 index 00000000..68e31e8b --- /dev/null +++ b/config/gru-v2-metadata/chain138/cgbpc-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Pound Sterling Coin (Compliant V2)", + "symbol": "cGBPC", + "description": "GRU v2 regulated GBP settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "GBP", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cGBPC", + "assetVersionId": "keccak256:GRU:cGBPC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cgbpc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cgbpc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..a5e2cc39 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cgbpc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cGBPC V2 Regulatory Disclosure", + "symbol": "cGBPC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated GBP settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cgbpc-v2/reporting.json b/config/gru-v2-metadata/chain138/cgbpc-v2/reporting.json new file mode 100644 index 00000000..d22f5f4e --- /dev/null +++ b/config/gru-v2-metadata/chain138/cgbpc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cGBPC V2 Reporting Manifest", + "symbol": "cGBPC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 GBP rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cgbpt-v2/metadata.json b/config/gru-v2-metadata/chain138/cgbpt-v2/metadata.json new file mode 100644 index 00000000..8d0618d5 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cgbpt-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Pound Sterling Token (Compliant V2)", + "symbol": "cGBPT", + "description": "GRU v2 regulated GBP token-form settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "GBP", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cGBPT", + "assetVersionId": "keccak256:GRU:cGBPT:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cgbpt-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cgbpt-v2/regulatory-disclosure.json new file mode 100644 index 00000000..2a684c5e --- /dev/null +++ b/config/gru-v2-metadata/chain138/cgbpt-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cGBPT V2 Regulatory Disclosure", + "symbol": "cGBPT", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated GBP token-form settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cgbpt-v2/reporting.json b/config/gru-v2-metadata/chain138/cgbpt-v2/reporting.json new file mode 100644 index 00000000..bd60515a --- /dev/null +++ b/config/gru-v2-metadata/chain138/cgbpt-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cGBPT V2 Reporting Manifest", + "symbol": "cGBPT", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 GBP token-form rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cjpyc-v2/metadata.json b/config/gru-v2-metadata/chain138/cjpyc-v2/metadata.json new file mode 100644 index 00000000..5cf6d604 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cjpyc-v2/metadata.json @@ -0,0 +1,21 @@ +{ + "name": "Japanese Yen Coin (Compliant V2)", + "symbol": "cJPYC", + "description": "GRU v2 regulated JPY settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "image": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "JPY", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "assetId": "keccak256:GRU:cJPYC", + "assetVersionId": "keccak256:GRU:cJPYC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cjpyc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cjpyc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..12d5109d --- /dev/null +++ b/config/gru-v2-metadata/chain138/cjpyc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cJPYC V2 Regulatory Disclosure", + "symbol": "cJPYC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated JPY settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cjpyc-v2/reporting.json b/config/gru-v2-metadata/chain138/cjpyc-v2/reporting.json new file mode 100644 index 00000000..ec20b254 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cjpyc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cJPYC V2 Reporting Manifest", + "symbol": "cJPYC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 JPY rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cusdc-v2/metadata.json b/config/gru-v2-metadata/chain138/cusdc-v2/metadata.json new file mode 100644 index 00000000..3a903cf7 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cusdc-v2/metadata.json @@ -0,0 +1,19 @@ +{ + "name": "Compliant USD Coin V2", + "symbol": "cUSDC", + "description": "GRU v2 regulated USD settlement asset for Chain 138. The contract stores this metadata URI while the logo and metadata payload live on IPFS.", + "decimals": 6, + "logo": "ipfs://QmNPq4D5JXzurmi9jAhogVMzhAQRk1PZ1r9H3qQUV9gjDm", + "image": "ipfs://QmNPq4D5JXzurmi9jAhogVMzhAQRk1PZ1r9H3qQUV9gjDm", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "USD", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "assetId": "keccak256:GRU:cUSDC", + "assetVersionId": "keccak256:GRU:cUSDC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cusdc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cusdc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..847de291 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cusdc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cUSDC V2 Regulatory Disclosure", + "symbol": "cUSDC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated USD settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cusdc-v2/reporting.json b/config/gru-v2-metadata/chain138/cusdc-v2/reporting.json new file mode 100644 index 00000000..89ef925b --- /dev/null +++ b/config/gru-v2-metadata/chain138/cusdc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cUSDC V2 Reporting Manifest", + "symbol": "cUSDC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 Chain 138 rollout. Replace with the production reporting feed when the operating profile is finalized.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cusdt-v2/metadata.json b/config/gru-v2-metadata/chain138/cusdt-v2/metadata.json new file mode 100644 index 00000000..da6b8dc6 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cusdt-v2/metadata.json @@ -0,0 +1,19 @@ +{ + "name": "Compliant Tether USD V2", + "symbol": "cUSDT", + "description": "GRU v2 regulated USD settlement asset for Chain 138. The contract stores this metadata URI while the logo and metadata payload live on IPFS.", + "decimals": 6, + "logo": "ipfs://QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "image": "ipfs://QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "USD", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "assetId": "keccak256:GRU:cUSDT", + "assetVersionId": "keccak256:GRU:cUSDT:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cusdt-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cusdt-v2/regulatory-disclosure.json new file mode 100644 index 00000000..0a9b1369 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cusdt-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cUSDT V2 Regulatory Disclosure", + "symbol": "cUSDT", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated USD settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cusdt-v2/reporting.json b/config/gru-v2-metadata/chain138/cusdt-v2/reporting.json new file mode 100644 index 00000000..69985c22 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cusdt-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cUSDT V2 Reporting Manifest", + "symbol": "cUSDT", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 Chain 138 rollout. Replace with the production reporting feed when the operating profile is finalized.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cxauc-v2/metadata.json b/config/gru-v2-metadata/chain138/cxauc-v2/metadata.json new file mode 100644 index 00000000..fd23fa7a --- /dev/null +++ b/config/gru-v2-metadata/chain138/cxauc-v2/metadata.json @@ -0,0 +1,22 @@ +{ + "name": "Gold Coin (Compliant V2)", + "symbol": "cXAUC", + "description": "GRU v2 regulated XAU settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "image": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "XAU", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "unitOfAccount": "troy_ounce", + "assetId": "keccak256:GRU:cXAUC", + "assetVersionId": "keccak256:GRU:cXAUC:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cxauc-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cxauc-v2/regulatory-disclosure.json new file mode 100644 index 00000000..2eb6cf59 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cxauc-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cXAUC V2 Regulatory Disclosure", + "symbol": "cXAUC", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated XAU settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cxauc-v2/reporting.json b/config/gru-v2-metadata/chain138/cxauc-v2/reporting.json new file mode 100644 index 00000000..6464db9a --- /dev/null +++ b/config/gru-v2-metadata/chain138/cxauc-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cXAUC V2 Reporting Manifest", + "symbol": "cXAUC", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 XAU rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/cxaut-v2/metadata.json b/config/gru-v2-metadata/chain138/cxaut-v2/metadata.json new file mode 100644 index 00000000..2bc721d3 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cxaut-v2/metadata.json @@ -0,0 +1,22 @@ +{ + "name": "Gold Token (Compliant V2)", + "symbol": "cXAUT", + "description": "GRU v2 regulated XAU token-form settlement asset for Chain 138 with ISO-20022-aligned accounting metadata and x402-capable signature support.", + "decimals": 6, + "logo": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "image": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "external_url": "https://explorer.d-bis.org", + "properties": { + "chainId": 138, + "currencyCode": "XAU", + "gruVersion": "2", + "assetFamily": "GRU", + "tokenRole": "gru_compliant_base", + "forwardCanonical": true, + "iso20022Ready": true, + "x402Ready": true, + "unitOfAccount": "troy_ounce", + "assetId": "keccak256:GRU:cXAUT", + "assetVersionId": "keccak256:GRU:cXAUT:2" + } +} diff --git a/config/gru-v2-metadata/chain138/cxaut-v2/regulatory-disclosure.json b/config/gru-v2-metadata/chain138/cxaut-v2/regulatory-disclosure.json new file mode 100644 index 00000000..a4c9a511 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cxaut-v2/regulatory-disclosure.json @@ -0,0 +1,12 @@ +{ + "title": "cXAUT V2 Regulatory Disclosure", + "symbol": "cXAUT", + "gruVersion": "2", + "chainId": 138, + "jurisdiction": "International", + "notice": "This disclosure record is the contract-linked GRU v2 placeholder for regulated XAU token-form settlement operations on Chain 138.", + "references": [ + "https://explorer.d-bis.org", + "https://info.defi-oracle.io" + ] +} diff --git a/config/gru-v2-metadata/chain138/cxaut-v2/reporting.json b/config/gru-v2-metadata/chain138/cxaut-v2/reporting.json new file mode 100644 index 00000000..1470c703 --- /dev/null +++ b/config/gru-v2-metadata/chain138/cxaut-v2/reporting.json @@ -0,0 +1,11 @@ +{ + "title": "cXAUT V2 Reporting Manifest", + "symbol": "cXAUT", + "gruVersion": "2", + "chainId": 138, + "reportingSchema": "dbis-gru-v2-reporting/1.0", + "notes": "Reporting URI placeholder for GRU v2 XAU token-form rollout on Chain 138 with ISO-20022 / IPSAS evidence linkage.", + "sources": [ + "https://explorer.d-bis.org/api/v1/report/token-list?chainId=138" + ] +} diff --git a/config/gru-v2-metadata/chain138/ipfs-manifest.latest.json b/config/gru-v2-metadata/chain138/ipfs-manifest.latest.json new file mode 100644 index 00000000..1aea4624 --- /dev/null +++ b/config/gru-v2-metadata/chain138/ipfs-manifest.latest.json @@ -0,0 +1,80 @@ +{ + "chainId": 138, + "publishedAt": "2026-04-07T17:34:31Z", + "rootCID": "QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR", + "ipfsApi": "http://192.168.11.35:5001", + "assets": { + "cAUDC": { + "metadataKey": "caudc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/caudc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/caudc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/caudc-v2/reporting.json" + }, + "cCADC": { + "metadataKey": "ccadc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ccadc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ccadc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ccadc-v2/reporting.json" + }, + "cCHFC": { + "metadataKey": "cchfc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cchfc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cchfc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cchfc-v2/reporting.json" + }, + "cEURC": { + "metadataKey": "ceurc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ceurc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ceurc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ceurc-v2/reporting.json" + }, + "cEURT": { + "metadataKey": "ceurt-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ceurt-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ceurt-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/ceurt-v2/reporting.json" + }, + "cGBPC": { + "metadataKey": "cgbpc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cgbpc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cgbpc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cgbpc-v2/reporting.json" + }, + "cGBPT": { + "metadataKey": "cgbpt-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cgbpt-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cgbpt-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cgbpt-v2/reporting.json" + }, + "cJPYC": { + "metadataKey": "cjpyc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cjpyc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cjpyc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cjpyc-v2/reporting.json" + }, + "cUSDC": { + "metadataKey": "cusdc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cusdc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cusdc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cusdc-v2/reporting.json" + }, + "cUSDT": { + "metadataKey": "cusdt-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cusdt-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cusdt-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cusdt-v2/reporting.json" + }, + "cXAUC": { + "metadataKey": "cxauc-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cxauc-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cxauc-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cxauc-v2/reporting.json" + }, + "cXAUT": { + "metadataKey": "cxaut-v2", + "tokenURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cxaut-v2/metadata.json", + "regulatoryDisclosureURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cxaut-v2/regulatory-disclosure.json", + "reportingURI": "ipfs://QmYtB2FoftYoLuJVoQP8uWcuECxwtZUtmcGkerXdTeL3QR/cxaut-v2/reporting.json" + } + } +} diff --git a/config/gru-v2-public-protocol-rollout-plan.json b/config/gru-v2-public-protocol-rollout-plan.json new file mode 100644 index 00000000..e9beea67 --- /dev/null +++ b/config/gru-v2-public-protocol-rollout-plan.json @@ -0,0 +1,82 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "name": "GRU V2 Public Protocol Rollout Plan", + "version": "1.0.0", + "updated": "2026-04-03", + "notes": [ + "This is a deployment queue and protocol-role plan, not a statement that public cW liquidity is live.", + "Chain 138 canonical venues are tracked separately from the public cW mesh." + ], + "protocols": [ + { + "key": "dodo_v3_d3mm", + "name": "DODO v3 / D3MM", + "role": "atomic_liquidity_and_private_edge_venue", + "deploymentStage": "stage0_chain138_canonical_then_public_evm_expansion", + "activationDependsOn": [ + "canonical D3MM inventory frozen for the target chain", + "route-matrix visibility attached", + "token-aggregation capability surfaced", + "upstream-native contract family verified", + "if public-chain rollout is intended, resulting pool addresses written to deployment-status.json or the dedicated D3MM inventory surface" + ] + }, + { + "key": "uniswap_v3", + "name": "Uniswap v3", + "role": "primary_public_pool_venue", + "deploymentStage": "stage1_first_tier_pools", + "activationDependsOn": [ + "cW token suite deployed on destination chain", + "first-tier cW/hub pools created", + "pool addresses written to deployment-status.json", + "token-aggregation/indexer visibility enabled" + ] + }, + { + "key": "dodo_pmm", + "name": "DODO PMM", + "role": "primary_public_pmm_edge_venue", + "deploymentStage": "stage1_first_tier_pools", + "activationDependsOn": [ + "cW token suite deployed on destination chain", + "first-tier cW/hub pools created", + "pool addresses written to deployment-status.json", + "policy controls and MCP visibility attached" + ] + }, + { + "key": "balancer", + "name": "Balancer", + "role": "secondary_basket_liquidity", + "deploymentStage": "stage2_post_first_tier_liquidity", + "activationDependsOn": [ + "first-tier Uniswap v3 or DODO PMM liquidity live", + "basket design approved for the destination chain", + "pool addresses written to deployment-status.json" + ] + }, + { + "key": "curve_3", + "name": "Curve 3", + "role": "secondary_stable_curve", + "deploymentStage": "stage2_post_first_tier_liquidity", + "activationDependsOn": [ + "first-tier stable liquidity live", + "stable basket design approved for the destination chain", + "pool addresses written to deployment-status.json" + ] + }, + { + "key": "one_inch", + "name": "1inch", + "role": "routing_aggregation_layer", + "deploymentStage": "stage3_after_underlying_pools_live", + "activationDependsOn": [ + "underlying public pools already live", + "router/indexer visibility enabled", + "token-aggregation/provider capability surfaced publicly" + ] + } + ] +} diff --git a/config/ip-addresses.conf b/config/ip-addresses.conf index 9aa73482..bca5bd5a 100644 --- a/config/ip-addresses.conf +++ b/config/ip-addresses.conf @@ -15,20 +15,37 @@ PROXMOX_HOST_R630_02="${PROXMOX_R630_02:-${PROXMOX_HOST_R630_02:-192.168.11.12}} PROXMOX_ML110="${PROXMOX_HOST_ML110}" PROXMOX_R630_01="${PROXMOX_HOST_R630_01}" PROXMOX_R630_02="${PROXMOX_HOST_R630_02}" +# Spare / expansion R630s (cluster); storage alignment: scripts/proxmox/ensure-r630-spare-node-storage.sh +PROXMOX_HOST_R630_03="${PROXMOX_R630_03:-${PROXMOX_HOST_R630_03:-192.168.11.13}}" +PROXMOX_HOST_R630_04="${PROXMOX_R630_04:-${PROXMOX_HOST_R630_04:-192.168.11.14}}" +PROXMOX_R630_03="${PROXMOX_HOST_R630_03}" +PROXMOX_R630_04="${PROXMOX_HOST_R630_04}" +# Canonical Proxmox node FQDNs on LAN (DNS or /etc/hosts): .sankofa.nexus +PROXMOX_FQDN_ML110="${PROXMOX_FQDN_ML110:-ml110.sankofa.nexus}" +PROXMOX_FQDN_R630_01="${PROXMOX_FQDN_R630_01:-r630-01.sankofa.nexus}" +PROXMOX_FQDN_R630_02="${PROXMOX_FQDN_R630_02:-r630-02.sankofa.nexus}" +PROXMOX_FQDN_R630_03="${PROXMOX_FQDN_R630_03:-r630-03.sankofa.nexus}" +PROXMOX_FQDN_R630_04="${PROXMOX_FQDN_R630_04:-r630-04.sankofa.nexus}" +# If LAN DNS does not resolve *.sankofa.nexus: `bash scripts/verify/check-proxmox-mgmt-fqdn.sh --print-hosts` (paste into operator /etc/hosts). # WAN aggregator (OPNsense/pfSense on ML110); same IP .10 after repurpose WAN_AGGREGATOR_ML110="${WAN_AGGREGATOR_ML110:-192.168.11.10}" -# R630-03..13: 192.168.11.13–.23 (r630-03 … r630-13). Add when nodes are brought online. +# R630-05..13: 192.168.11.15–.23. Add PROXMOX_HOST_R630_XX when nodes are brought online. # Extended inventory: R750 (3), Dell 7920 (2), UDM Pro #2 (1). See docs/11-references/HARDWARE_INVENTORY_MASTER.md +# .24/.25: R750 placeholders (often unassigned). .26 is NOT a physical R750 — legacy NPM OpenResty (VMID 105); use IP_NGINX_LEGACY. +# PROXMOX_HOST_R750_03 remains a historical variable name pointing at .26; automation must not assume a bare-metal host at this IP. PROXMOX_HOST_R750_01="${PROXMOX_HOST_R750_01:-192.168.11.24}" PROXMOX_HOST_R750_02="${PROXMOX_HOST_R750_02:-192.168.11.25}" PROXMOX_HOST_R750_03="${PROXMOX_HOST_R750_03:-192.168.11.26}" UDM_PRO_2_IP="${UDM_PRO_2_IP:-192.168.11.2}" -WORKSTATION_01_IP="${WORKSTATION_01_IP:-192.168.11.30}" -WORKSTATION_02_IP="${WORKSTATION_02_IP:-192.168.11.31}" +# Optional workstation placeholders. +# Do not preassign .30/.31 here: .30 was freed when Omada VMID 103 was retired on 2026-04-04, and .31 is the live Gitea address. +# Set explicit workstation IPs in .env only when the 7920s are actually provisioned. +WORKSTATION_01_IP="${WORKSTATION_01_IP:-}" +WORKSTATION_02_IP="${WORKSTATION_02_IP:-}" # RPC Endpoints — Chain ID 138 two standards -# Core (admin/deploy): RPC_URL_138 — VMID 2101 +# Core (admin/deploy): RPC_URL_138 — VMID 2101 (r630-01). VMID 2102 = RPC_CORE_2 on r630-03; VMID 2103 = RPC_THIRDWEB_ADMIN_CORE on r630-01. RPC_CORE_1="192.168.11.211" RPC_URL_138="http://${RPC_CORE_1}:8545" # Public (bridge/frontend/monitoring): RPC_URL_138_PUBLIC — VMID 2201, FIXED PERMANENT @@ -45,6 +62,34 @@ RPC_FIREBLOCKS_1="${RPC_PRIVATE_1}" RPC_URL_138_FIREBLOCKS="http://${RPC_FIREBLOCKS_1}:8545" WS_URL_138_FIREBLOCKS="ws://${RPC_FIREBLOCKS_1}:8546" RPC_THIRDWEB_PRIMARY="192.168.11.240" +RPC_THIRDWEB_1="${RPC_THIRDWEB_1:-192.168.11.241}" +RPC_THIRDWEB_2="${RPC_THIRDWEB_2:-192.168.11.242}" +RPC_THIRDWEB_3="${RPC_THIRDWEB_3:-192.168.11.243}" +# Thirdweb admin/core Besu RPC — VMID 2103 (NPM: RPC_THIRDWEB_ADMIN_CORE in update-npmplus-proxy-hosts-api.sh) +RPC_THIRDWEB_ADMIN_CORE="${RPC_THIRDWEB_ADMIN_CORE:-192.168.11.217}" +RPC_ALI_0X8A="${RPC_ALI_0X8A:-192.168.11.233}" +RPC_ALI_0X1="${RPC_ALI_0X1:-192.168.11.234}" +RPC_LUIS_0X8A="${RPC_LUIS_0X8A:-192.168.11.235}" +RPC_LUIS_0X1="${RPC_LUIS_0X1:-192.168.11.236}" +RPC_PUTU_0X8A="${RPC_PUTU_0X8A:-192.168.11.237}" +RPC_PUTU_0X1="${RPC_PUTU_0X1:-192.168.11.238}" + +# Aliases for Besu VMID RPC scripts (same IPs as RPC_CORE_* / RPC_PUBLIC_1 / RPC_PRIVATE_1) +IP_BESU_RPC_CORE_1="${IP_BESU_RPC_CORE_1:-${RPC_CORE_1}}" +IP_BESU_RPC_CORE_2="${IP_BESU_RPC_CORE_2:-${RPC_CORE_2}}" +IP_BESU_RPC_PUBLIC_1="${IP_BESU_RPC_PUBLIC_1:-${RPC_PUBLIC_1}}" +IP_BESU_RPC_PRIVATE_1="${IP_BESU_RPC_PRIVATE_1:-${RPC_PRIVATE_1}}" + +# Dedicated nginx LXC for https://info.defi-oracle.io (Chain 138 info SPA). Not VMID 2400 (ThirdWeb RPC). +IP_INFO_DEFI_ORACLE_WEB="${IP_INFO_DEFI_ORACLE_WEB:-192.168.11.218}" +INFO_DEFI_ORACLE_WEB_VMID="${INFO_DEFI_ORACLE_WEB_VMID:-2410}" + +# Static landing https://omdnl.org (nginx LXC). Provision: scripts/deployment/provision-omdnl-org-web-lxc.sh +IP_OMDNL_ORG_WEB="${IP_OMDNL_ORG_WEB:-192.168.11.222}" +OMDNL_ORG_WEB_VMID="${OMDNL_ORG_WEB_VMID:-10203}" + +IP_BESU_SENTRY_THIRDWEB_1="${IP_BESU_SENTRY_THIRDWEB_1:-192.168.11.219}" +IP_BESU_SENTRY_THIRDWEB_2="${IP_BESU_SENTRY_THIRDWEB_2:-192.168.11.220}" # Gateway (192.168.11.0/24 — do not change unless network changes) NETWORK_GATEWAY="${NETWORK_GATEWAY:-192.168.11.1}" @@ -77,6 +122,7 @@ BLOCKSCOUT_API_URL="http://${IP_BLOCKSCOUT}:${BLOCKSCOUT_API_PORT}" FORGE_VERIFIER_PROXY_PORT="${FORGE_VERIFIER_PROXY_PORT:-3080}" IP_NPMPLUS="192.168.11.167" IP_NPMPLUS_SECONDARY="192.168.11.168" +# Legacy NPM (OpenResty) LXC VMID 105 — same wire IP as PROXMOX_HOST_R750_03 default; not an R750. IP_NGINX_LEGACY="192.168.11.26" IP_ORDER_OPENSEARCH="192.168.11.48" IP_ORDER_HAPROXY="192.168.11.39" @@ -85,7 +131,7 @@ IP_VAULT_PHOENIX_2="192.168.11.201" # Order Service IPs ORDER_POSTGRES_PRIMARY="192.168.11.44" ORDER_POSTGRES_REPLICA="192.168.11.45" -# Dedicated order-redis LXC (e.g. VMID 10020) not present on cluster as of 2026-03; reserve for scripts / future CT +# Order Redis LXC VMID 10020 (`order-redis` on r630-01); keep in sync with ALL_VMIDS_ENDPOINTS + proxmox-operational-template.json ORDER_REDIS_IP="192.168.11.38" IP_ORDER_MCP_LEGAL="192.168.11.94" @@ -107,7 +153,12 @@ IP_NPMPLUS_ETH0="192.168.11.166" # NPMplus Alltra/HYBX (VMID 10235) - see docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md IP_NPMPLUS_ALLTRA_HYBX="192.168.11.169" PUBLIC_IP_NPMPLUS_ALLTRA_HYBX="76.53.10.42" -RPC_ALLTRA_1="192.168.11.250" +RPC_ALLTRA_1="${RPC_ALLTRA_1:-192.168.11.172}" +RPC_ALLTRA_2="${RPC_ALLTRA_2:-192.168.11.173}" +RPC_ALLTRA_3="${RPC_ALLTRA_3:-192.168.11.174}" +RPC_HYBX_1="${RPC_HYBX_1:-192.168.11.246}" +RPC_HYBX_2="${RPC_HYBX_2:-192.168.11.247}" +RPC_HYBX_3="${RPC_HYBX_3:-192.168.11.248}" IP_DBIS_FRONTEND="192.168.11.130" IP_FIREFLY="192.168.11.66" IP_FIREFLY_2="192.168.11.67" @@ -131,15 +182,14 @@ IP_BESU_RPC_0="192.168.11.150" IP_BESU_RPC_1="192.168.11.151" IP_BESU_RPC_2="192.168.11.152" IP_BESU_RPC_3="192.168.11.153" +# Legacy migration aliases retained for older scripts that still reference the destroyed 250x era. RPC_ALI_1="192.168.11.251" RPC_ALI_2="192.168.11.252" -RPC_THIRDWEB_1="192.168.11.241" -RPC_THIRDWEB_2="192.168.11.242" # Network and additional container IPs (for remaining migration) NETWORK_192_168_11_0="192.168.11.0" -IP_INDY="192.168.11.68" -IP_FABRIC="192.168.11.65" +IP_INDY="192.168.11.64" +IP_FABRIC="192.168.11.113" IP_CACTI="192.168.11.64" # VMID 10200 order-prometheus (NOT Redis). Legacy scripts use ORDER_REDIS_REPLICA for this IP — prefer IP_ORDER_PROMETHEUS. IP_ORDER_PROMETHEUS="192.168.11.46" @@ -153,21 +203,40 @@ RPC_LUIS_2="192.168.11.202" # Additional ALLTRA container IPs IP_FIREFLY_ALLTRA_1="192.168.11.175" IP_FIREFLY_ALLTRA_2="192.168.11.176" +# Firefly HYBX (r630-02 LXC 6204/6205); was misconfigured at .172 for 6205 — fixed 2026-04-09 +IP_FIREFLY_HYBX_1="192.168.11.249" +IP_FIREFLY_HYBX_2="192.168.11.250" IP_CACTI_ALLTRA="192.168.11.177" IP_FABRIC_ALLTRA="192.168.11.178" IP_INDY_ALLTRA="192.168.11.179" +# Legacy Omada alternate; controller retired — keep only if scripts still reference IP_OMADA_ALT. IP_OMADA_ALT="192.168.11.8" IP_MIM4U="192.168.11.19" +# Non-guest discovery IP (not in /etc/pve as a CT/VM); HTTP :8080 observed — owner TBD. See docs/04-configuration/IT_OPS_EDGE_DISCOVERY_IPS.md IP_SERVICE_23="192.168.11.23" IP_CCIP_MONITOR="192.168.11.28" +# Was Omada (VMID 103); CT removed 2026-04-04 — spare / reuse for another service. IP_SERVICE_30="192.168.11.30" IP_KEYCLOAK="192.168.11.52" IP_RPC_90="192.168.11.90" -# Development VM (VMID 5700) — shared Cursor dev + private GitOps (Gitea). See docs/04-configuration/DEV_VM_GITOPS_PLAN.md +# Development VM (VMID 5700) — shared Cursor dev; may run a *local* Gitea on :3000. See docs/04-configuration/DEV_VM_GITOPS_PLAN.md # Changed from .60 to .59 to resolve conflict with VMID 3000 (ML) at .60. Reconfigure CT 5700 on Proxmox to use this IP. IP_DEV_VM="192.168.11.59" +# Gitea infrastructure CT (VMID 104) — org forge; LAN web 80/443. See docs/04-configuration/ALL_VMIDS_ENDPOINTS.md +IP_GITEA_INFRA="${IP_GITEA_INFRA:-192.168.11.31}" +# NPMplus upstream for https://gitea.d-bis.org (scripts/nginx-proxy-manager/update-npmplus-fourth-proxy-hosts.sh). +# Default: infra CT. To point the public hostname at dev VM Gitea instead: GITEA_PUBLIC_UPSTREAM_HOST=$IP_DEV_VM GITEA_PUBLIC_UPSTREAM_PORT=3000 +GITEA_PUBLIC_UPSTREAM_HOST="${GITEA_PUBLIC_UPSTREAM_HOST:-$IP_GITEA_INFRA}" +GITEA_PUBLIC_UPSTREAM_PORT="${GITEA_PUBLIC_UPSTREAM_PORT:-80}" + +# OP Stack operator landing zone (VMIDs 5751-5752) on r630-02 / thin5 — deployment + runtime ops only. +OP_STACK_DEPLOYER_VMID="${OP_STACK_DEPLOYER_VMID:-5751}" +OP_STACK_OPS_VMID="${OP_STACK_OPS_VMID:-5752}" +IP_OP_STACK_DEPLOYER_CT="${IP_OP_STACK_DEPLOYER_CT:-192.168.11.69}" +IP_OP_STACK_OPS_CT="${IP_OP_STACK_OPS_CT:-192.168.11.70}" + # Mifos X + Fineract (VMID 5800) on r630-02 — Cloudflare Tunnel + UK egress. See docs/04-configuration/MIFOS_R630_02_DEPLOYMENT.md MIFOS_IP="192.168.11.85" # Public IP for Mifos when using direct access (A record + UDM Pro port forward). See docs/04-configuration/UDM_PRO_MIFOS_76_53_10_41_PORT_FORWARD.md diff --git a/config/it-operations/entitlements-schema.sql b/config/it-operations/entitlements-schema.sql new file mode 100644 index 00000000..1eb47868 --- /dev/null +++ b/config/it-operations/entitlements-schema.sql @@ -0,0 +1,51 @@ +-- IT operations controller — entitlements + metering (Phase 4 skeleton) +-- Postgres 14+. Run on dedicated IT DB CT; do not share with app OLTP. +-- Link to dbis_core marketplace via external_sku_id / iru_offering_ref. + +CREATE TABLE IF NOT EXISTS entitlement ( + id UUID PRIMARY KEY DEFAULT gen_random_uuid(), + org_id TEXT NOT NULL, + sku_code TEXT NOT NULL, + external_sku_id TEXT, + seat_count INT NOT NULL DEFAULT 1 CHECK (seat_count >= 0), + valid_from TIMESTAMPTZ NOT NULL DEFAULT now(), + valid_to TIMESTAMPTZ, + stripe_subscription_id TEXT, + stripe_customer_id TEXT, + metadata JSONB NOT NULL DEFAULT '{}', + created_at TIMESTAMPTZ NOT NULL DEFAULT now(), + updated_at TIMESTAMPTZ NOT NULL DEFAULT now() +); + +CREATE INDEX IF NOT EXISTS idx_entitlement_org ON entitlement (org_id); +CREATE INDEX IF NOT EXISTS idx_entitlement_stripe_sub ON entitlement (stripe_subscription_id); + +CREATE TABLE IF NOT EXISTS usage_snapshot ( + id UUID PRIMARY KEY DEFAULT gen_random_uuid(), + collected_at TIMESTAMPTZ NOT NULL DEFAULT now(), + vmid TEXT NOT NULL, + node TEXT, + vcpus REAL, + memory_mb REAL, + disk_gb REAL, + source TEXT NOT NULL DEFAULT 'proxmox_api', + raw JSONB +); + +CREATE INDEX IF NOT EXISTS idx_usage_snapshot_time ON usage_snapshot (collected_at); + +CREATE TABLE IF NOT EXISTS stripe_webhook_event ( + id TEXT PRIMARY KEY, + received_at TIMESTAMPTZ NOT NULL DEFAULT now(), + event_type TEXT NOT NULL, + payload JSONB NOT NULL, + processed BOOLEAN NOT NULL DEFAULT false, + error TEXT +); + +-- Optional: map Keycloak group / subject to org for RBAC in BFF +CREATE TABLE IF NOT EXISTS it_operator_org ( + keycloak_sub TEXT PRIMARY KEY, + org_id TEXT NOT NULL, + created_at TIMESTAMPTZ NOT NULL DEFAULT now() +); diff --git a/config/it-operations/live-collectors-contract.json b/config/it-operations/live-collectors-contract.json new file mode 100644 index 00000000..03cb5790 --- /dev/null +++ b/config/it-operations/live-collectors-contract.json @@ -0,0 +1,49 @@ +{ + "version": 1, + "updated": "2026-04-09", + "collectors": [ + { + "id": "proxmox_cluster_guests", + "description": "pvesh /cluster/resources + per-guest net0/ipconfig0", + "default_interval_seconds": 3600, + "failure_mode": "stale_banner", + "live_only_fields": ["guests[].status", "guests[].ip", "guests[].mac", "guests[].node"], + "declared_sources": ["config/ip-addresses.conf", "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md"], + "script": "scripts/it-ops/export-live-inventory-and-drift.sh" + }, + { + "id": "proxmox_ip_neigh_optional", + "description": "ARP/neighbor sample on seed node (optional)", + "default_interval_seconds": 900, + "failure_mode": "omit_layer", + "env_enable": "IT_COLLECT_IP_NEIGH=1", + "script": "scripts/it-ops/lib/collect_inventory_remote.py" + }, + { + "id": "hardware_poll", + "description": "Cluster hardware / connected inventory markdown", + "default_interval_seconds": 604800, + "failure_mode": "stale_banner", + "script": "scripts/verify/poll-proxmox-cluster-hardware.sh" + }, + { + "id": "npm_proxy_hosts", + "description": "NPMplus proxy host rows (logical edge map)", + "default_interval_seconds": 3600, + "failure_mode": "stale_banner", + "status": "planned_phase_2", + "script": "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh" + }, + { + "id": "unifi_devices", + "description": "UniFi Network API (UDM) devices and ports", + "default_interval_seconds": 3600, + "failure_mode": "stale_banner", + "status": "planned_phase_2" + } + ], + "ui_rules": [ + "Do not present live panels without a visible collected_at (or equivalent mtime) per domain.", + "If seed_unreachable or collector error appears in drift notes, show a warning banner, not silent fallback to markdown-only truth." + ] +} diff --git a/config/nginx/info-defi-oracle-io.site.conf b/config/nginx/info-defi-oracle-io.site.conf new file mode 100644 index 00000000..1036bdcb --- /dev/null +++ b/config/nginx/info-defi-oracle-io.site.conf @@ -0,0 +1,35 @@ +# Chain 138 info SPA (Vite dist/) — SPA fallback for client routes. +# Deploy: scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh +server { + listen 80 default_server; + listen [::]:80 default_server; + server_name info.defi-oracle.io www.info.defi-oracle.io; + + root /var/www/info.defi-oracle.io/html; + index index.html; + + access_log /var/log/nginx/info-defi-oracle-access.log; + error_log /var/log/nginx/info-defi-oracle-error.log; + + location = /health { + access_log off; + add_header Content-Type text/plain; + return 200 "healthy\n"; + } + + # Token-aggregation API (Blockscout CT) — same-origin for LAN + HTTPS (avoids mixed content / public 429). + # Upstream: IP_BLOCKSCOUT in config/ip-addresses.conf + location /token-aggregation/ { + proxy_pass http://192.168.11.140/token-aggregation/; + proxy_http_version 1.1; + proxy_set_header Host 192.168.11.140; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 120s; + } + + location / { + try_files $uri $uri/ /index.html; + } +} diff --git a/config/nginx/omdnl-org.site.conf b/config/nginx/omdnl-org.site.conf new file mode 100644 index 00000000..c14d92d2 --- /dev/null +++ b/config/nginx/omdnl-org.site.conf @@ -0,0 +1,24 @@ +# Static landing: https://omdnl.org +# Deploy: scripts/deployment/sync-omdnl-org-static-to-ct.sh +# Provision CT + nginx: scripts/deployment/provision-omdnl-org-web-lxc.sh +server { + listen 80 default_server; + listen [::]:80 default_server; + server_name omdnl.org www.omdnl.org; + + root /var/www/omdnl.org/html; + index index.html; + + access_log /var/log/nginx/omdnl-org-access.log; + error_log /var/log/nginx/omdnl-org-error.log; + + location = /health { + access_log off; + add_header Content-Type text/plain; + return 200 "healthy\n"; + } + + location / { + try_files $uri $uri/ /index.html; + } +} diff --git a/config/op-stack-superchain/README.md b/config/op-stack-superchain/README.md new file mode 100644 index 00000000..c3d06199 --- /dev/null +++ b/config/op-stack-superchain/README.md @@ -0,0 +1,34 @@ +# OP Stack Standard Rollup (Superchain) — repo scaffolding + +**Purpose:** Track **Ethereum mainnet** Standard Rollup work **alongside** Besu **Chain 138** (EIP-155:138). The OP Stack L2 is a **separate network** with its **own chain ID** (do **not** reuse `138` for the rollup unless you accept wallet/RPC collisions with Besu). + +**Runbook:** [docs/03-deployment/OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md](../../docs/03-deployment/OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md) +**Bridge notes (L2 ↔ Besu 138):** [docs/03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md](../../docs/03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md) +**Scripts:** [scripts/op-stack/README.md](../../scripts/op-stack/README.md) + +## Canonical governance inputs (freeze before mainnet) + +Copy these into your CMDB and pin **release tags / commit hashes** that match [standard-versions-mainnet.toml](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-versions-mainnet.toml): + +| Artifact | URL | +|----------|-----| +| Standard Rollup Charter | [Standard Rollup Charter (OPerating-manual)](https://github.com/ethereum-optimism/OPerating-manual/blob/main/policies/Standard%20Rollup%20Charter.md) | +| Blockspace / charter overview | [Optimism docs](https://docs.optimism.io/op-stack/protocol/blockspace-charter) | +| `standard-versions-mainnet.toml` | [superchain-registry](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-versions-mainnet.toml) | +| `standard-config-params-mainnet.toml` | [superchain-registry](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-config-params-mainnet.toml) | +| `standard-config-roles-mainnet.toml` | [superchain-registry](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-config-roles-mainnet.toml) | + +**Offline copy:** `bash scripts/op-stack/fetch-standard-mainnet-toml.sh` writes to `cache/` (gitignored). + +## Files in this directory + +| File | Use | +|------|-----| +| `op-stack-l2.example.env` | Copy to a **non-repo** path or `deployed/*.env` (gitignored); set RPC URLs and **L2 chain id**. | +| `pinned-versions.manifest.example.yaml` | Copy to `deployed/pinned-versions.manifest.yaml` after locking versions; keep out of git if it embeds internal notes. | +| `key-custody-checklist.example.md` | Copy to internal wiki/CMDB; document multisig + service keys. | +| `deployed/` | Operator-generated genesis/rollup snippets, address lists, manifests (see `deployed/README.md`). | + +## Law of Chains + +Standard Rollup alignment includes [Law of Chains](https://github.com/ethereum-optimism/OPerating-manual/blob/main/Law%20of%20Chains.md) expectations; review with legal/ops before mainnet. diff --git a/config/op-stack-superchain/cache/.gitignore b/config/op-stack-superchain/cache/.gitignore new file mode 100644 index 00000000..7c9d611b --- /dev/null +++ b/config/op-stack-superchain/cache/.gitignore @@ -0,0 +1,3 @@ +* +!.gitignore +!README.md diff --git a/config/op-stack-superchain/cache/README.md b/config/op-stack-superchain/cache/README.md new file mode 100644 index 00000000..9f978df2 --- /dev/null +++ b/config/op-stack-superchain/cache/README.md @@ -0,0 +1,9 @@ +# Cached Standard Rollup TOML (gitignored) + +Run from repo root: + +```bash +bash scripts/op-stack/fetch-standard-mainnet-toml.sh +``` + +Refreshes governance validation inputs from [superchain-registry](https://github.com/ethereum-optimism/superchain-registry) `validation/standard/` for offline review. diff --git a/config/op-stack-superchain/deployed/.gitignore b/config/op-stack-superchain/deployed/.gitignore new file mode 100644 index 00000000..7e95fc0e --- /dev/null +++ b/config/op-stack-superchain/deployed/.gitignore @@ -0,0 +1,5 @@ +* +!.gitignore +!README.md +!*.example +!*.example.* diff --git a/config/op-stack-superchain/deployed/README.md b/config/op-stack-superchain/deployed/README.md new file mode 100644 index 00000000..e6a29994 --- /dev/null +++ b/config/op-stack-superchain/deployed/README.md @@ -0,0 +1,12 @@ +# OP Stack deployed artifacts (gitignored by default) + +Store **non-secret** deployment outputs here for operator reference (optional staging in git: use `*.example` suffix only). + +Suggested files after mainnet deploy: + +- `l1-addresses.json` — OP system contract addresses from `op-deployer` output +- `rollup.json` / genesis excerpts — as produced by your pinned `op-deployer` version (redact if large; often kept in artifact store instead) +- `pinned-versions.manifest.yaml` — filled copy of `../pinned-versions.manifest.example.yaml` +- `registry-pr-url.txt` — link to superchain-registry PR + +**Secrets:** Never commit private keys or `*.env` with keys. Use host paths or secret managers. diff --git a/config/op-stack-superchain/key-custody-checklist.example.md b/config/op-stack-superchain/key-custody-checklist.example.md new file mode 100644 index 00000000..1f2c6970 --- /dev/null +++ b/config/op-stack-superchain/key-custody-checklist.example.md @@ -0,0 +1,29 @@ +# Key custody checklist (Standard Rollup) — example + +Copy this checklist to your internal CMDB. **Do not** commit filled copies with addresses of multisig signers if classified. + +## Roles (separate keys per role in production) + +- [ ] Sequencer signing (L2 block production) +- [ ] Batcher (L1 transaction submission) +- [ ] Proposer (L2 output roots on L1) +- [ ] Challenger (fault-proof participation) +- [ ] L1 deployer (one-time or gated contract deploy) +- [ ] Upgrade / admin (multisig; align with [standard-config-roles-mainnet.toml](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-config-roles-mainnet.toml) and charter) + +## Custody + +- [ ] Multisig vendor + threshold recorded +- [ ] Hardware / institutional custody for hot keys where required +- [ ] Break-glass procedure documented +- [ ] Key rotation and incident response contacts + +## Funding + +- [ ] L1 ETH budget for deploy, batching, proposals, challenger bonds +- [ ] L2 gas funding for operational tests + +## Evidence + +- [ ] `pinned-versions.manifest.yaml` filled and stored with deploy artifacts +- [ ] Addresses recorded under `config/op-stack-superchain/deployed/` (non-secret files only) diff --git a/config/op-stack-superchain/op-stack-l2.example.env b/config/op-stack-superchain/op-stack-l2.example.env new file mode 100644 index 00000000..0e568ff0 --- /dev/null +++ b/config/op-stack-superchain/op-stack-l2.example.env @@ -0,0 +1,16 @@ +# OP Stack L2 operator env (example — copy to deployed/op-stack-l2.env or host path; do not commit secrets) +# +# L2 chain ID: MUST be distinct from Besu DBIS Chain 138 (138). Choose a registered-unique ID per superchain-registry / chainlist policy. +# OP_STACK_L2_CHAIN_ID= + +# Ethereum L1 (mainnet or Sepolia rehearsal) +# ETH_MAINNET_RPC_URL=https://eth.llamarpc.com +# ETH_SEPOLIA_RPC_URL=https://rpc.sepolia.org + +# L2 sequencer / replica RPC (your infra) +# OP_STACK_L2_RPC_URL=http://127.0.0.1:8545 + +# Deployer / batcher / proposer (use separate keys in production; never commit private keys) +# DEPLOYER_PRIVATE_KEY= +# BATCHER_PRIVATE_KEY= +# PROPOSER_PRIVATE_KEY= diff --git a/config/op-stack-superchain/pinned-versions.manifest.example.yaml b/config/op-stack-superchain/pinned-versions.manifest.example.yaml new file mode 100644 index 00000000..6a066811 --- /dev/null +++ b/config/op-stack-superchain/pinned-versions.manifest.example.yaml @@ -0,0 +1,17 @@ +# Copy to deployed/pinned-versions.manifest.yaml after locking versions (recommended: gitignore real file). +# Used for audit trail: Standard Rollup requires bytecode alignment with governance-approved releases. + +op_stack_monorepo_release_tag: "" +optimism_contracts_git_commit: "" +op_deployer_version: "" +op_node_op_geth_commit_or_tag: "" +superchain_registry_git_commit_at_validation: "" + +l1_network: ethereum-mainnet +l2_chain_id: 0 + +# Must NOT equal 138 (Besu DBIS) for greenfield Superchain L2 unless explicitly accepted. +besu_chain_138_note: "Besu Chain 138 remains separate; this L2 is parallel." + +charter_acknowledged_at: "" +security_council_expectations_reviewed: false diff --git a/config/pmm-soak-pools-stable.txt b/config/pmm-soak-pools-stable.txt new file mode 100644 index 00000000..b1039560 --- /dev/null +++ b/config/pmm-soak-pools-stable.txt @@ -0,0 +1,5 @@ +# Stable PMM pools only (cUSDT/cUSDC + official mirrors). Use: +# PMM_SOAK_POOLS_FILE=config/pmm-soak-pools-stable.txt +0x9e89bAe009adf128782E19e8341996c596ac40dC +0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66 +0xc39B7D0F40838cbFb54649d327f49a6DAC964062 diff --git a/config/pmm-soak-wallet-grid.example.json b/config/pmm-soak-wallet-grid.example.json new file mode 100644 index 00000000..58ec1583 --- /dev/null +++ b/config/pmm-soak-wallet-grid.example.json @@ -0,0 +1,29 @@ +{ + "version": 1, + "dimensions": { + "lpbcaCount": 33, + "branchCount": 33, + "classCount": 6, + "linearCount": 6534 + }, + "derivation": { + "pathTemplate": "m/44'/60'/0'/0/{linearIndex}", + "linearIndexFormula": "linear = lpbca * 198 + branch * 6 + class" + }, + "wallets": [ + { + "lpbca": 0, + "branch": 0, + "class": 0, + "linearIndex": 0, + "address": "0x0000000000000000000000000000000000000000" + }, + { + "lpbca": 32, + "branch": 32, + "class": 5, + "linearIndex": 6533, + "address": "0x0000000000000000000000000000000000000000" + } + ] +} diff --git a/config/proxmox-operational-template.json b/config/proxmox-operational-template.json index 678f968f..bbd9f8ce 100644 --- a/config/proxmox-operational-template.json +++ b/config/proxmox-operational-template.json @@ -1,7 +1,7 @@ { "schemaVersion": "1.0.0", - "updated": "2026-03-23", - "description": "Operational template: Proxmox VE nodes, LAN/WAN, NPMplus ingress, workloads (VMID/IP/hostname/FQDN), Besu peering summary, and deployment prerequisites. Authoritative detail remains in docs/04-configuration/ALL_VMIDS_ENDPOINTS.md and config/ip-addresses.conf \u2014 update those first, then sync this file. Live inventory reconciled 2026-03-23 vs cluster SSH audit; order-legal (10070) ARP fix 2026-03-25 (IP_ORDER_LEGAL).", + "updated": "2026-04-09", + "description": "Operational template: Proxmox VE nodes, LAN/WAN, NPMplus ingress, workloads (VMID/IP/hostname/FQDN), Besu peering summary, and deployment prerequisites. Authoritative detail remains in docs/04-configuration/ALL_VMIDS_ENDPOINTS.md and config/ip-addresses.conf \u2014 update those first, then sync this file. Proxmox hypervisor mgmt FQDN: mgmt_fqdn on each proxmox_nodes[] entry = short-hostname.sankofa.nexus (see PROXMOX_FQDN_*). Live inventory: Order VMIDs 10000/10001/10020 on r630-01; five-node SSH audit default. Prior: 2026-04-05 Hyperledger recovery, VMID 2410, 7806.", "canonicalSources": [ "config/ip-addresses.conf", "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md", @@ -29,6 +29,7 @@ "proxmox_nodes": [ { "hostname": "ml110", + "mgmt_fqdn": "ml110.sankofa.nexus", "mgmt_ipv4": "192.168.11.10", "role": "legacy_cluster_member_or_wan_aggregator", "ui_url": "https://192.168.11.10:8006", @@ -36,6 +37,7 @@ }, { "hostname": "r630-01", + "mgmt_fqdn": "r630-01.sankofa.nexus", "mgmt_ipv4": "192.168.11.11", "role": "primary_compute_chain138_rpc_ccip_relay_sankofa", "ui_url": "https://192.168.11.11:8006", @@ -43,10 +45,29 @@ }, { "hostname": "r630-02", + "mgmt_fqdn": "r630-02.sankofa.nexus", "mgmt_ipv4": "192.168.11.12", "role": "firefly_npmplus_secondary_mim4u_mifos_support", "ui_url": "https://192.168.11.12:8006", "cluster_name": "h" + }, + { + "hostname": "r630-03", + "mgmt_fqdn": "r630-03.sankofa.nexus", + "mgmt_ipv4": "192.168.11.13", + "role": "spare_compute_storage_thin_pools_core_rpc2", + "ui_url": "https://192.168.11.13:8006", + "cluster_name": "h", + "notes": "Besu core RPC 2102 and related when placed here; often empty of guests. See NETWORK_CONFIGURATION_MASTER.md." + }, + { + "hostname": "r630-04", + "mgmt_fqdn": "r630-04.sankofa.nexus", + "mgmt_ipv4": "192.168.11.14", + "role": "spare_compute_ceph_osd", + "ui_url": "https://192.168.11.14:8006", + "cluster_name": "h", + "notes": "Spare guests; Ceph OSDs per hardware plan." } ], "cluster_peering": { @@ -65,7 +86,7 @@ }, "besu_chain138_peering_model": { "chain_id": 138, - "summary": "Validators (1000\u20131004) \u2194 Sentries (1500\u20131506) \u2194 RPC tier (2101 core, 2201 public, 230x named, 240x thirdweb). Use canonical roles doc for allowed adjacencies and ops.", + "summary": "Validators (1000\u20131004) \u2194 Sentries (1500\u20131510) \u2194 RPC tier (2101\u20132103 core/admin, 2201 public, 230x/2400/2420\u20132480 permissioned-private, 2401\u20132403 thirdweb specialized). Use canonical roles doc for allowed adjacencies and ops.", "p2p_port_tcp_udp": 30303, "doc_ref": "docs/02-architecture/CHAIN138_CANONICAL_NETWORK_ROLES_VALIDATORS_SENTRY_AND_RPC.md" }, @@ -135,7 +156,7 @@ "vmid": 100, "hostname": "proxmox-mail-gateway", "ipv4": "192.168.11.32", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "infra", "purpose": "Proxmox Mail Proxy / LAN SMTP relay for apps (dbis_core, alerts); Postfix 25+587+465 live on CT (2026-03-30)", "ports": [ @@ -158,7 +179,7 @@ "vmid": 101, "hostname": "proxmox-datacenter-manager", "ipv4": "192.168.11.33", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "infra", "ports": [ { @@ -168,25 +189,11 @@ ], "fqdns": [] }, - { - "vmid": 103, - "hostname": "omada", - "ipv4": "192.168.11.30", - "preferred_node": "r630-01", - "category": "infra", - "ports": [ - { - "port": 8043, - "name": "omada" - } - ], - "fqdns": [] - }, { "vmid": 104, "hostname": "gitea", "ipv4": "192.168.11.31", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "infra", "ports": [ { @@ -223,7 +230,7 @@ "vmid": 130, "hostname": "monitoring-1", "ipv4": "192.168.11.27", - "preferred_node": "r630-02", + "preferred_node": "r630-01", "category": "monitoring", "ports": [ { @@ -292,7 +299,7 @@ "vmid": 1003, "hostname": "besu-validator-4", "ipv4": "192.168.11.103", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "besu_validator", "ports": [ { @@ -309,7 +316,7 @@ "vmid": 1004, "hostname": "besu-validator-5", "ipv4": "192.168.11.104", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "besu_validator", "ports": [ { @@ -377,7 +384,7 @@ "vmid": 1503, "hostname": "besu-sentry-4", "ipv4": "192.168.11.153", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "besu_sentry", "ports": [ { @@ -394,7 +401,7 @@ "vmid": 1504, "hostname": "besu-sentry-ali", "ipv4": "192.168.11.154", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "besu_sentry", "ports": [ { @@ -411,7 +418,7 @@ "vmid": 1505, "hostname": "besu-sentry-alltra-1", "ipv4": "192.168.11.213", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "besu_sentry", "ports": [ { @@ -428,7 +435,7 @@ "vmid": 1506, "hostname": "besu-sentry-alltra-2", "ipv4": "192.168.11.214", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "besu_sentry", "ports": [ { @@ -471,7 +478,7 @@ "vmid": 2102, "hostname": "besu-rpc-core-2", "ipv4": "192.168.11.212", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "rpc_core", "ports": [ { @@ -494,7 +501,7 @@ "vmid": 2201, "hostname": "besu-rpc-public-1", "ipv4": "192.168.11.221", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "rpc_public", "ports": [ { @@ -517,7 +524,7 @@ "vmid": 2301, "hostname": "besu-rpc-private-1", "ipv4": "192.168.11.232", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "rpc_private", "ports": [ { @@ -535,7 +542,7 @@ "vmid": 2303, "hostname": "besu-rpc-ali-0x8a", "ipv4": "192.168.11.233", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "rpc_named", "ports": [ { @@ -555,7 +562,7 @@ "vmid": 2304, "hostname": "besu-rpc-ali-0x1", "ipv4": "192.168.11.234", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "rpc_named", "ports": [ { @@ -575,7 +582,7 @@ "vmid": 2305, "hostname": "besu-rpc-luis-0x8a", "ipv4": "192.168.11.235", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "rpc_named", "ports": [ { @@ -595,7 +602,7 @@ "vmid": 2306, "hostname": "besu-rpc-luis-0x1", "ipv4": "192.168.11.236", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "rpc_named", "ports": [ { @@ -615,7 +622,7 @@ "vmid": 2307, "hostname": "besu-rpc-putu-0x8a", "ipv4": "192.168.11.237", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "rpc_named", "ports": [ { @@ -635,7 +642,7 @@ "vmid": 2308, "hostname": "besu-rpc-putu-0x1", "ipv4": "192.168.11.238", - "preferred_node": "r630-01", + "preferred_node": "r630-02", "category": "rpc_named", "ports": [ { @@ -655,8 +662,10 @@ "vmid": 2400, "hostname": "thirdweb-rpc-1", "ipv4": "192.168.11.240", - "preferred_node": "r630-01", + "preferred_node": "r630-03", "category": "rpc_thirdweb", + "runtime_state": "active", + "notes": "Thirdweb permissioned/private RPC with translator. No ADMIN API.", "ports": [ { "port": 443, @@ -682,12 +691,33 @@ "rpc.public-0138.defi-oracle.io" ] }, + { + "vmid": 2410, + "hostname": "info-defi-oracle-web", + "ipv4": "192.168.11.218", + "preferred_node": "r630-02", + "category": "dapp", + "runtime_state": "active_public_site", + "notes": "Dedicated nginx static host for the Chain 138 info site and token-aggregation reverse proxy. Live CT config on 2026-04-05 confirmed hostname info-defi-oracle-web, onboot=1, and running state.", + "ports": [ + { + "port": 80, + "name": "nginx" + } + ], + "fqdns": [ + "info.defi-oracle.io", + "www.info.defi-oracle.io" + ] + }, { "vmid": 2401, "hostname": "besu-rpc-thirdweb-0x8a-1", "ipv4": "192.168.11.241", - "preferred_node": "r630-01", - "category": "rpc_thirdweb", + "preferred_node": "r630-02", + "category": "rpc_thirdweb_specialized", + "runtime_state": "active_specialized_rpc", + "notes": "Thirdweb specialized RPC. No ADMIN API. HTTP profile: ETH, NET, WEB3, DEBUG, TRACE. WS profile: ETH, NET, WEB3.", "ports": [ { "port": 8545 @@ -706,8 +736,10 @@ "vmid": 2402, "hostname": "besu-rpc-thirdweb-0x8a-2", "ipv4": "192.168.11.242", - "preferred_node": "r630-01", - "category": "rpc_thirdweb", + "preferred_node": "r630-03", + "category": "rpc_thirdweb_specialized", + "runtime_state": "active_specialized_rpc", + "notes": "Thirdweb specialized RPC. No ADMIN API. HTTP profile: ETH, NET, WEB3, DEBUG, TRACE. WS profile: ETH, NET, WEB3.", "ports": [ { "port": 8545 @@ -726,8 +758,10 @@ "vmid": 2403, "hostname": "besu-rpc-thirdweb-0x8a-3", "ipv4": "192.168.11.243", - "preferred_node": "r630-01", - "category": "rpc_thirdweb", + "preferred_node": "r630-03", + "category": "rpc_thirdweb_specialized", + "runtime_state": "active_specialized_rpc", + "notes": "Thirdweb specialized RPC. No ADMIN API. HTTP profile: ETH, NET, WEB3, DEBUG, TRACE. WS profile: ETH, NET, WEB3.", "ports": [ { "port": 8545 @@ -740,8 +774,7 @@ } ], "peering_layer": "rpc_tier", - "fqdns": [], - "status_note": "May lag sync; verify metrics/port conflicts per ALL_VMIDS" + "fqdns": [] }, { "vmid": 5000, @@ -789,12 +822,20 @@ "ipv4": "192.168.11.80", "preferred_node": "r630-02", "category": "monitoring", + "runtime_state": "active_besu_connector_gateway", + "notes": "Live Besu-facing Hyperledger Cacti gateway reverified on 2026-04-05; local API on 4000 and local gRPC sidecar on 5000 are healthy.", "ports": [ { "port": 80 }, { "port": 443 + }, + { + "port": 4000 + }, + { + "port": 5000 } ], "fqdns": [] @@ -802,17 +843,26 @@ { "vmid": 6000, "hostname": "fabric-1", - "ipv4": "192.168.11.65", + "ipv4": "192.168.11.113", "preferred_node": "r630-02", "category": "dlt", - "runtime_state": "reserved_placeholder_stopped", - "notes": "As of 2026-03-28 this CT has been reclassified as a reserved placeholder and stopped. Earlier app-native checks found no active Fabric peer/orderer/couchdb processes, no expected listeners, and no meaningful Fabric payload under /opt, /etc, or /var.", + "runtime_state": "active_sample_network", + "notes": "Restored and reverified on 2026-04-05 as an operational Hyperledger Fabric sample network with one orderer and two peers on mychannel. Boot recovery is handled by fabric-sample-network.service inside the CT.", "ports": [ { "port": 7051 }, { "port": 7050 + }, + { + "port": 9443 + }, + { + "port": 9444 + }, + { + "port": 9445 } ], "fqdns": [] @@ -823,8 +873,8 @@ "ipv4": "192.168.11.64", "preferred_node": "r630-02", "category": "dlt", - "runtime_state": "reserved_placeholder_stopped", - "notes": "As of 2026-03-28 this CT has been reclassified as a reserved placeholder and stopped. Earlier app-native checks found no active Indy processes, no expected listeners, and no meaningful Indy payload under /opt, /etc, or /var.", + "runtime_state": "active_validator_pool", + "notes": "Reverified on 2026-04-05 as a healthy four-node local Indy validator pool with listeners bound on 9701-9708.", "ports": [ { "port": 9701, @@ -840,7 +890,7 @@ "preferred_node": "r630-02", "category": "firefly", "runtime_state": "active_minimal_gateway", - "notes": "Restored 2026-03-28 as a minimal local FireFly gateway on ghcr.io/hyperledger/firefly:v1.2.0; API, Postgres, and IPFS checks passed.", + "notes": "Restored 2026-03-28 as a minimal local FireFly gateway on ghcr.io/hyperledger/firefly:v1.2.0; reverified on 2026-04-05 with API, Postgres, IPFS, and firefly.service all healthy after normalizing the compose version line for the installed docker-compose.", "ports": [ { "port": 80 @@ -1024,14 +1074,16 @@ "ipv4": "192.168.11.51", "preferred_node": "r630-01", "category": "sankofa_phoenix", + "runtime_state": "active_client_sso_surface", + "notes": "Client SSO Next.js surface for portal.sankofa.nexus and admin.sankofa.nexus. Corporate apex ownership moved to VMID 7806.", "ports": [ { "port": 3000 } ], "fqdns": [ - "sankofa.nexus", - "www.sankofa.nexus" + "portal.sankofa.nexus", + "admin.sankofa.nexus" ] }, { @@ -1091,6 +1143,25 @@ "studio.sankofa.nexus" ] }, + { + "vmid": 7806, + "hostname": "sankofa-public-web", + "ipv4": "192.168.11.63", + "preferred_node": "r630-01", + "category": "sankofa_phoenix", + "runtime_state": "active_public_site", + "notes": "Corporate / marketing Next.js surface for sankofa.nexus. Live CT config on 2026-04-05 confirmed hostname sankofa-public-web, onboot=1, and running state.", + "ports": [ + { + "port": 3000, + "name": "nextjs" + } + ], + "fqdns": [ + "sankofa.nexus", + "www.sankofa.nexus" + ] + }, { "vmid": 8640, "hostname": "vault-phoenix-1", @@ -1224,6 +1295,36 @@ "fqdns": [], "notes": "Shared dev / Gitea; see DEV_VM_GITOPS_PLAN.md" }, + { + "vmid": 5751, + "hostname": "op-stack-deployer-1", + "ipv4": "192.168.11.69", + "preferred_node": "r630-02", + "category": "ai_app", + "ports": [ + { + "port": 22, + "name": "ssh" + } + ], + "fqdns": [], + "notes": "OP Stack deployer/operator workspace on r630-02 thin5: op-deployer, op-validator, manifests, rollup/genesis artifacts." + }, + { + "vmid": 5752, + "hostname": "op-stack-ops-1", + "ipv4": "192.168.11.70", + "preferred_node": "r630-02", + "category": "ai_app", + "ports": [ + { + "port": 22, + "name": "ssh" + } + ], + "fqdns": [], + "notes": "OP Stack runtime/service staging on r630-02 thin5: op-geth, op-node, batcher, proposer, challenger." + }, { "vmid": 10230, "hostname": "order-vault", @@ -1290,8 +1391,8 @@ "notes": "NPMplus → HTTP :80; TLS at NPM (LE). VMID 10210." }, { - "vmid": null, - "hostname": "order-redis-primary", + "vmid": 10020, + "hostname": "order-redis", "ipv4": "192.168.11.38", "preferred_node": "r630-01", "category": "order", @@ -1301,14 +1402,15 @@ } ], "fqdns": [], - "notes": "ORDER_REDIS_IP reserved; no dedicated order-redis LXC on cluster as of 2026-03 (Redis may run in-stack)." + "notes": "Dedicated Order Redis LXC (VMID 10020); ORDER_REDIS_IP in ip-addresses.conf." }, { "vmid": 3000, "hostname": "ml-node-1", "ipv4": "192.168.11.60", - "preferred_node": "ml110", - "category": "ml", + "preferred_node": "r630-03", + "category": "monitoring", + "notes": "Legacy monitor / RPC-adjacent Ubuntu guest. systemd-networkd was re-enabled on 2026-04-05 so the configured static LAN IP is active again.", "ports": [], "fqdns": [] }, @@ -1316,8 +1418,9 @@ "vmid": 3001, "hostname": "ml-node-2", "ipv4": "192.168.11.61", - "preferred_node": "ml110", - "category": "ml", + "preferred_node": "r630-03", + "category": "monitoring", + "notes": "Legacy monitor / RPC-adjacent Ubuntu guest. systemd-networkd was re-enabled on 2026-04-05 so the configured static LAN IP is active again.", "ports": [], "fqdns": [] }, @@ -1325,17 +1428,19 @@ "vmid": 3002, "hostname": "ml-node-3", "ipv4": "192.168.11.62", - "preferred_node": "ml110", - "category": "ml", + "preferred_node": "r630-03", + "category": "monitoring", + "notes": "Legacy monitor / RPC-adjacent Ubuntu guest. systemd-networkd was re-enabled on 2026-04-05 so the configured static LAN IP is active again.", "ports": [], "fqdns": [] }, { "vmid": 3003, "hostname": "ml-node-4", - "ipv4": "192.168.11.63", - "preferred_node": "ml110", - "category": "ml", + "ipv4": "192.168.11.66", + "preferred_node": "r630-03", + "category": "monitoring", + "notes": "Legacy monitor / RPC-adjacent Ubuntu guest. Readdressed from 192.168.11.63 to 192.168.11.66 on 2026-04-05 to remove the live LAN conflict with VMID 7806 (sankofa-public-web), and systemd-networkd was re-enabled the same day.", "ports": [], "fqdns": [] }, @@ -1449,7 +1554,7 @@ "vmid": 1507, "hostname": "besu-sentry-hybx-1", "ipv4": "192.168.11.244", - "preferred_node": "ml110", + "preferred_node": "r630-03", "category": "besu_sentry", "ports": [ { @@ -1466,7 +1571,7 @@ "vmid": 1508, "hostname": "besu-sentry-hybx-2", "ipv4": "192.168.11.245", - "preferred_node": "ml110", + "preferred_node": "r630-03", "category": "besu_sentry", "ports": [ { @@ -1479,6 +1584,44 @@ "peering_layer": "sentry_boundary", "fqdns": [] }, + { + "vmid": 1509, + "hostname": "besu-sentry-thirdweb-01", + "ipv4": "192.168.11.219", + "preferred_node": "r630-03", + "category": "besu_sentry", + "ports": [ + { + "port": 30303 + }, + { + "port": 9545 + } + ], + "peering_layer": "sentry_boundary", + "fqdns": [], + "runtime_state": "active", + "notes": "Active Thirdweb sentry on r630-03" + }, + { + "vmid": 1510, + "hostname": "besu-sentry-thirdweb-02", + "ipv4": "192.168.11.220", + "preferred_node": "r630-03", + "category": "besu_sentry", + "ports": [ + { + "port": 30303 + }, + { + "port": 9545 + } + ], + "peering_layer": "sentry_boundary", + "fqdns": [], + "runtime_state": "active", + "notes": "Active Thirdweb sentry on r630-03" + }, { "vmid": 2103, "hostname": "besu-rpc-core-thirdweb", @@ -1500,7 +1643,7 @@ "fqdns": [] }, { - "vmid": 2500, + "vmid": 2420, "hostname": "besu-rpc-alltra-1", "ipv4": "192.168.11.172", "preferred_node": "r630-01", @@ -1519,7 +1662,7 @@ "fqdns": [] }, { - "vmid": 2501, + "vmid": 2430, "hostname": "besu-rpc-alltra-2", "ipv4": "192.168.11.173", "preferred_node": "r630-01", @@ -1538,7 +1681,7 @@ "fqdns": [] }, { - "vmid": 2502, + "vmid": 2440, "hostname": "besu-rpc-alltra-3", "ipv4": "192.168.11.174", "preferred_node": "r630-01", @@ -1557,7 +1700,7 @@ "fqdns": [] }, { - "vmid": 2503, + "vmid": 2460, "hostname": "besu-rpc-hybx-1", "ipv4": "192.168.11.246", "preferred_node": "r630-01", @@ -1576,7 +1719,7 @@ "fqdns": [] }, { - "vmid": 2504, + "vmid": 2470, "hostname": "besu-rpc-hybx-2", "ipv4": "192.168.11.247", "preferred_node": "r630-01", @@ -1595,7 +1738,7 @@ "fqdns": [] }, { - "vmid": 2505, + "vmid": 2480, "hostname": "besu-rpc-hybx-3", "ipv4": "192.168.11.248", "preferred_node": "r630-01", @@ -1632,12 +1775,17 @@ "ipv4": "192.168.11.177", "preferred_node": "r630-02", "category": "monitoring", + "runtime_state": "active_public_cacti_surface", + "notes": "Public Alltra Cacti surface reverified on 2026-04-05 with nginx on 80/443 and the local Hyperledger Cacti API healthy on 4000.", "ports": [ { "port": 80 }, { "port": 443 + }, + { + "port": 4000 } ], "fqdns": [] @@ -1648,12 +1796,17 @@ "ipv4": "192.168.11.251", "preferred_node": "r630-02", "category": "monitoring", + "runtime_state": "active_public_cacti_surface", + "notes": "Public HYBX Cacti surface reverified on 2026-04-05 with nginx on 80/443 and the local Hyperledger Cacti API healthy on 4000.", "ports": [ { "port": 80 }, { "port": 443 + }, + { + "port": 4000 } ], "fqdns": [] @@ -1728,6 +1881,63 @@ "ports": [], "fqdns": [] }, + { + "vmid": 6500, + "hostname": "aries-1", + "ipv4": "192.168.11.88", + "preferred_node": "r630-02", + "category": "identity_agent", + "runtime_state": "active_identity_agent", + "notes": "ACA-Py / askar-anoncreds primary agent reverified on 2026-04-05 with DIDComm on 8030, admin API on 8031, and the local Indy genesis mounted.", + "ports": [ + { + "port": 8030 + }, + { + "port": 8031 + } + ], + "fqdns": [] + }, + { + "vmid": 6600, + "hostname": "caliper-1", + "ipv4": "192.168.11.93", + "preferred_node": "r630-02", + "category": "benchmark", + "runtime_state": "active_benchmark_workspace", + "notes": "Hyperledger Caliper workspace reverified on 2026-04-05 with the Besu 1.4 binding and outbound Chain 138 RPC reachability.", + "ports": [], + "fqdns": [] + }, + { + "vmid": 10000, + "hostname": "order-postgres-primary", + "ipv4": "192.168.11.44", + "preferred_node": "r630-01", + "category": "order", + "ports": [ + { + "port": 5432 + } + ], + "fqdns": [], + "notes": "Sovereign Cloud / Order band; ORDER_POSTGRES_PRIMARY in ip-addresses.conf." + }, + { + "vmid": 10001, + "hostname": "order-postgres-replica", + "ipv4": "192.168.11.45", + "preferred_node": "r630-01", + "category": "order", + "ports": [ + { + "port": 5432 + } + ], + "fqdns": [], + "notes": "ORDER_POSTGRES_REPLICA in ip-addresses.conf." + }, { "vmid": 10030, "hostname": "order-identity", diff --git a/config/public-surface-remediation-map.json b/config/public-surface-remediation-map.json new file mode 100644 index 00000000..e1a66b12 --- /dev/null +++ b/config/public-surface-remediation-map.json @@ -0,0 +1,391 @@ +{ + "schemaVersion": 1, + "reviewedAt": "2026-04-06", + "surfaces": [ + { + "id": "dbis-admin-console", + "classification": "public_502_backend", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "admin.d-bis.org", + "dbis-admin.d-bis.org" + ], + "expectedService": "DBIS admin console", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "10130", + "host": "r630-01", + "ip": "192.168.11.130", + "port": 80 + }, + "repoSolution": "Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep.", + "scripts": [ + "scripts/maintenance/address-all-remaining-502s.sh", + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "./scripts/maintenance/address-all-remaining-502s.sh --no-npm", + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md", + "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md", + "docs/04-configuration/FQDN_EXPECTED_CONTENT.md" + ] + }, + { + "id": "dbis-secure-portal", + "classification": "public_502_backend", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "secure.d-bis.org" + ], + "expectedService": "DBIS member secure portal", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "10130", + "host": "r630-01", + "ip": "192.168.11.130", + "port": 80 + }, + "repoSolution": "Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80.", + "scripts": [ + "scripts/maintenance/address-all-remaining-502s.sh", + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "./scripts/maintenance/address-all-remaining-502s.sh --no-npm", + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md", + "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md", + "docs/04-configuration/FQDN_EXPECTED_CONTENT.md" + ] + }, + { + "id": "dbis-core-portal", + "classification": "placeholder_surface", + "statusPolicy": "keep_optional_until_real_service_deployed", + "domains": [ + "core.d-bis.org" + ], + "expectedService": "DBIS Core client portal", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "10150", + "host": "r630-01", + "ip": "192.168.11.155", + "port": 3000 + }, + "repoSolution": "Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E.", + "scripts": [ + "dbis_core/scripts/deployment/deploy-frontend.sh", + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash dbis_core/scripts/deployment/deploy-frontend.sh", + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md", + "docs/04-configuration/E2E_ENDPOINTS_LIST.md", + "docs/04-configuration/FQDN_EXPECTED_CONTENT.md" + ] + }, + { + "id": "dbis-api-pair", + "classification": "placeholder_surface", + "statusPolicy": "keep_optional_until_real_service_deployed", + "domains": [ + "dbis-api.d-bis.org", + "dbis-api-2.d-bis.org" + ], + "expectedService": "Primary and secondary DBIS API surfaces", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "10150/10151", + "host": "r630-01", + "ip": "192.168.11.155/192.168.11.156", + "port": 3000 + }, + "repoSolution": "Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy.", + "scripts": [ + "dbis_core/scripts/deployment/deploy-api.sh", + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash dbis_core/scripts/deployment/deploy-api.sh", + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/04-configuration/E2E_ENDPOINTS_LIST.md", + "docs/04-configuration/FQDN_EXPECTED_CONTENT.md", + "docs/11-references/DBIS_CORE_API_REFERENCE.md" + ] + }, + { + "id": "dbis-data-api", + "classification": "planned_api_surface", + "statusPolicy": "keep_optional_until_real_service_deployed", + "domains": [ + "data.d-bis.org" + ], + "expectedService": "Public DBIS data API with /v1/health and read-only dataset routes", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "TBD", + "host": "TBD", + "ip": "currently mapped to 192.168.11.155", + "port": 3000 + }, + "repoSolution": "Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists.", + "scripts": [ + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "config/dbis-data-api/openapi.yaml", + "config/dbis-data-api/README.md", + "docs/04-configuration/E2E_ENDPOINTS_LIST.md" + ] + }, + { + "id": "alltra-hybx-placeholder-web-surfaces", + "classification": "placeholder_surface", + "statusPolicy": "keep_optional_until_real_service_deployed", + "domains": [ + "firefly-alltra-1.d-bis.org", + "firefly-alltra-2.d-bis.org", + "firefly-hybx-1.d-bis.org", + "firefly-hybx-2.d-bis.org", + "fabric-alltra.d-bis.org", + "indy-alltra.d-bis.org", + "fabric-hybx.d-bis.org", + "indy-hybx.d-bis.org" + ], + "expectedService": "Alltra and HYBX Firefly, Fabric, and Indy web surfaces", + "observedIssues": [ + "https_502", + "origin_missing_or_no_web_listener" + ], + "upstream": { + "vmid": "6202-6205, 6001-6002, 6401-6402", + "host": "r630-02", + "ip": "192.168.11.175-179 / 192.168.11.249-253", + "port": 80 + }, + "repoSolution": "Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port.", + "scripts": [ + "scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh", + "scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh", + "scripts/verify/generate-public-surface-remediation-plan.sh" + ], + "commands": [ + "bash scripts/verify/generate-public-surface-remediation-plan.sh --print", + "INCLUDE_PLACEHOLDER_HOSTS=1 bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh", + "INCLUDE_PLACEHOLDER_HOSTNAMES=1 bash scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh" + ], + "docs": [ + "docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md", + "docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md", + "docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md" + ] + }, + { + "id": "sankofa-studio", + "classification": "public_502_backend", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "studio.sankofa.nexus" + ], + "expectedService": "Sankofa Studio FusionAI app under /studio/", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "7805", + "host": "r630-01", + "ip": "192.168.11.72", + "port": 8000 + }, + "repoSolution": "Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus.", + "scripts": [ + "scripts/deployment/run-sankofa-studio-e2e.sh", + "scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh", + "scripts/cloudflare/add-studio-sankofa-dns.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash scripts/deployment/run-sankofa-studio-e2e.sh", + "bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh", + "bash scripts/cloudflare/add-studio-sankofa-dns.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md", + "docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md", + "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md" + ] + }, + { + "id": "sankofa-keycloak", + "classification": "public_502_backend", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "keycloak.sankofa.nexus" + ], + "expectedService": "Keycloak IdP for portal/admin client SSO", + "observedIssues": [ + "https_502" + ], + "upstream": { + "vmid": "7802", + "host": "r630-01", + "ip": "192.168.11.52", + "port": 8080 + }, + "repoSolution": "Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs.", + "scripts": [ + "scripts/deployment/enable-sankofa-portal-login-7801.sh", + "scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh", + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run", + "bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh", + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/02-architecture/EXPECTED_WEB_CONTENT.md", + "docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md", + "docs/04-configuration/FQDN_EXPECTED_CONTENT.md" + ] + }, + { + "id": "cacti-alltra", + "classification": "public_edge_ok", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "cacti-alltra.d-bis.org" + ], + "expectedService": "Alltra Cacti monitoring UI", + "observedIssues": [], + "upstream": { + "vmid": "5201", + "host": "r630-02", + "ip": "192.168.11.177", + "port": 80 + }, + "repoSolution": "Keep VMID 5201 healthy with the Cacti surface maintenance workflow, then rerun the Alltra/HYBX proxy refresh and public E2E verification when that stack changes.", + "scripts": [ + "scripts/maintenance/ensure-cacti-web-via-ssh.sh", + "scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash scripts/maintenance/ensure-cacti-web-via-ssh.sh", + "bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md", + "docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md", + "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md" + ] + }, + { + "id": "cacti-hybx", + "classification": "public_edge_ok", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "cacti-hybx.d-bis.org" + ], + "expectedService": "HYBX Cacti monitoring UI", + "observedIssues": [], + "upstream": { + "vmid": "5202", + "host": "r630-02", + "ip": "192.168.11.251", + "port": 80 + }, + "repoSolution": "Keep VMID 5202 healthy with the Cacti surface maintenance workflow, then rerun the Alltra/HYBX proxy refresh and public E2E verification when that stack changes.", + "scripts": [ + "scripts/maintenance/ensure-cacti-web-via-ssh.sh", + "scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh", + "scripts/verify/verify-end-to-end-routing.sh" + ], + "commands": [ + "bash scripts/maintenance/ensure-cacti-web-via-ssh.sh", + "bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh", + "bash scripts/verify/verify-end-to-end-routing.sh --profile=public" + ], + "docs": [ + "docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md", + "docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md", + "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md" + ] + }, + { + "id": "info-defi-oracle-hub", + "classification": "public_edge_ok", + "statusPolicy": "must_pass_when_upstream_healthy", + "domains": [ + "info.defi-oracle.io", + "www.info.defi-oracle.io" + ], + "expectedService": "Chain 138 info hub SPA on dedicated nginx LXC VMID 2410; NPMplus → 192.168.11.218:80; nginx reverse-proxies /token-aggregation/ to Blockscout token-aggregation (not hosted on VMID 2400 ThirdWeb RPC)", + "observedIssues": [], + "upstream": { + "vmid": "2410", + "host": "r630-01", + "ip": "192.168.11.218", + "port": 80 + }, + "repoSolution": "Build with pnpm --filter info-defi-oracle-138 build; sync dist + nginx to VMID 2410 (sync-info-defi-oracle-to-vmid2400.sh); refresh NPMplus rows to IP_INFO_DEFI_ORACLE_WEB; DNS via Cloudflare tunnel or public_ip (set-info-defi-oracle-dns-to-vmid2400-tunnel.sh). Optional tunnel ingress: update-vmid2400-tunnel-config.sh only if info hostnames use the RPC tunnel stack.", + "scripts": [ + "scripts/deployment/provision-info-defi-oracle-web-lxc.sh", + "scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh", + "scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh", + "scripts/cloudflare/purge-info-defi-oracle-cache.sh", + "scripts/verify/check-info-defi-oracle-public.sh", + "scripts/update-vmid2400-tunnel-config.sh" + ], + "commands": [ + "bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh", + "bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh", + "pnpm run verify:info-defi-oracle-public" + ], + "docs": [ + "docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md", + "info-defi-oracle-138/README.md", + "docs/04-configuration/ALL_VMIDS_ENDPOINTS.md" + ] + } + ] +} diff --git a/config/routing-registry.json b/config/routing-registry.json index 47f1b833..0c9eab9d 100644 --- a/config/routing-registry.json +++ b/config/routing-registry.json @@ -66,7 +66,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Polygon is not proven live from the current router." }, { "fromChain": 137, @@ -85,7 +86,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Optimism is not proven live from the current router." }, { "fromChain": 10, @@ -104,7 +106,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Arbitrum emitted MessageSent on 2026-04-04 without destination delivery." }, { "fromChain": 42161, @@ -142,7 +145,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Base is not proven live from the current router." }, { "fromChain": 8453, @@ -161,7 +165,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Gnosis is not proven live from the current router." }, { "fromChain": 100, @@ -180,7 +185,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Cronos is not proven live from the current router." }, { "fromChain": 25, @@ -199,7 +205,8 @@ "pathType": "CCIP", "bridgeAddress": "0xcacfd227A040002e49e2e01626363071324f820a", "bridgeChainId": 138, - "label": "CCIPWETH9Bridge" + "label": "CCIPWETH9Bridge", + "note": "Use Mainnet hub; direct 138 first hop to Celo is not proven live from the current router." }, { "fromChain": 42220, diff --git a/config/smart-contracts-master.json b/config/smart-contracts-master.json index 4cd36b1c..87906be2 100644 --- a/config/smart-contracts-master.json +++ b/config/smart-contracts-master.json @@ -1,6 +1,6 @@ { "schemaVersion": 1, - "description": "Publishable Chain 138 + mainnet relay addresses. Mirrors scripts/verify/check-contracts-on-chain-138.sh (64 bytecode checks). .env overrides via load-contract-addresses.sh.", + "description": "Publishable Chain 138 + mainnet relay / PMM integration addresses. Mirrors scripts/verify/check-contracts-on-chain-138.sh (dynamic bytecode checks via this registry). .env overrides via load-contract-addresses.sh. Supplemental DODO_*_Extended keys remain for reserve/liquidity probes only. Canonical UI/routing/indexing must use DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895; DODOPMMIntegration_OperatorScan (0x5BDc…) is a superseded older PMM phase and must not be treated as the stable-routing source of truth.", "chains": { "138": { "mapper": "0x439Fcb2d2ab2f890DCcAE50461Fa7d978F9Ffe1A", @@ -18,6 +18,30 @@ "LINK": "0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03", "cUSDT": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", "cUSDC": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "cAUSDT": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "cUSDW": "0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e", + "cUSDT_V2": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "cUSDC_V2": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", + "cEURC_V2": "0x243e6581Dc8a98d98B92265858b322b193555C81", + "cEURT_V2": "0x2bAFA83d8fF8BaE9505511998987D0659791605B", + "cGBPC_V2": "0x707508D223103f5D2d9EFBc656302c9d48878b29", + "cGBPT_V2": "0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281", + "cAUDC_V2": "0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb", + "cJPYC_V2": "0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98", + "cCHFC_V2": "0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c", + "cCADC_V2": "0xe799033c87fE0CE316DAECcefBE3134CC74b76a9", + "cXAUC_V2": "0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647", + "cXAUT_V2": "0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1", + "CWAssetReserveVerifier": "0xbf26a679586663f87f3bf3f52c79479b8aa8d854", + "cETH_Gas": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "cETHL2_Gas": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "cBNB_Gas": "0x94517875f32680984a5921da7abf78e22f65d70f", + "cPOL_Gas": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "cAVAX_Gas": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "cCRO_Gas": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "cXDAI_Gas": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "cCELO_Gas": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "cWEMIX_Gas": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", "TokenRegistry": "0x91Efe92229dbf7C5B38D422621300956B55870Fa", "TokenFactory": "0xEBFb5C60dE5f7C4baae180CA328D3BB39E1a5133", "ComplianceRegistry": "0xbc54fe2b6fda157c59d59826bcfdbcc654ec9ea1", @@ -34,7 +58,30 @@ "UniversalAssetRegistry": "0xAEE4b7fBe82E1F8295951584CBc772b8BBD68575", "GovernanceController": "0xA6891D5229f2181a34D4FF1B515c3Aa37dd90E0e", "UniversalCCIPBridge": "0xCd42e8eD79Dc50599535d1de48d3dAFa0BE156F8", + "UniversalCCIPFlashBridgeAdapter": "0xBe9e0B2d4cF6A3b2994d6f2f0904D2B165eB8ffC", + "CrossChainFlashRepayReceiver": "0xD084b68cB4B1ef2cBA09CF99FB1B6552fd9b4859", + "CrossChainFlashVaultCreditReceiver": "0x89F7a1fcbBe104BeE96Da4b4b6b7d3AF85f7E661", "BridgeOrchestrator": "0x89aB428c437f23bAB9781ff8Db8D3848e27EeD6c", + "EnhancedSwapRouterV2": "0xF1c93F54A5C2fc0d7766Ccb0Ad8f157DFB4C99Ce", + "IntentBridgeCoordinatorV2": "0x7D0022B7e8360172fd9C0bB6778113b7Ea3674E7", + "DodoRouteExecutorAdapter": "0x88495B3dccEA93b0633390fDE71992683121Fa62", + "DodoV3RouteExecutorAdapter": "0x9Cb97adD29c52e3B81989BcA2E33D46074B530eF", + "UniswapV3RouteExecutorAdapter": "0x960D6db4E78705f82995690548556fb2266308EA", + "BalancerRouteExecutorAdapter": "0x4E1B71B69188Ab45021c797039b4887a4924157A", + "CurveRouteExecutorAdapter": "0x5f0E07071c41ACcD2A1b1032D3bd49b323b9ADE6", + "OneInchRouteExecutorAdapter": "0x8168083d29b3293F215392A49D16e7FeF4a02600", + "UniswapV3Factory": "0x2f7219276e3ce367dB9ec74C1196a8ecEe67841C", + "UniswapV3NFTDescriptor": "0x6F5fdE32DD2aC66B27e296EC9D6F4E79A3dE2947", + "UniswapV3TokenDescriptor": "0xca66DCAC4633555033F6fDDBE4234B6913c7ff51", + "UniswapV3PositionManager": "0x31b68BE5af4Df565Ce261dfe53D529005D947B48", + "UniswapV3Router": "0xde9cD8ee2811E6E64a41D5F68Be315d33995975E", + "UniswapV3QuoterV2": "0x6abbB1CEb2468e748a03A00CD6aA9BFE893AFa1f", + "UniswapV3Pool_WETH_USDT": "0xa893add35aEfe6A6d858EB01828bE4592f12C9F5", + "UniswapV3Pool_WETH_USDC": "0xEC745bfb6b3cd32f102d594E5F432d8d85B19391", + "PilotUniswapV3Router": "0xD164D9cCfAcf5D9F91698f296aE0cd245D964384", + "PilotBalancerVault": "0x96423d7C1727698D8a25EbFB88131e9422d1a3C3", + "PilotCurve3Pool": "0xE440Ec15805BE4C7BabCD17A63B8C8A08a492e0f", + "PilotOneInchRouter": "0x500B84b1Bc6F59C1898a5Fe538eA20A758757A4F", "PaymentChannelManager": "0x302aF72966aFd21C599051277a48DAa7f01a5f54", "GenericStateChannelManager": "0xe5e3bB424c8a0259FDE23F0A58F7e36f73B90aBd", "AddressMapper": "0x439Fcb2d2ab2f890DCcAE50461Fa7d978F9Ffe1A", @@ -46,11 +93,11 @@ "MirrorRegistry": "0x6427F9739e6B6c3dDb4E94fEfeBcdF35549549d8", "AlltraAdapter": "0x66FEBA2fC9a0B47F26DD4284DAd24F970436B8Dc", "TransactionMirror": "0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc", - "DODO_Pool_cUSDT_cUSDC": "0xff8d3b8fDF7B112759F076B69f4271D4209C0849", - "DODOPMMIntegration": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", - "DODOPMMProvider": "0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381", - "DODO_Pool_cUSDT_USDT": "0x6fc60DEDc92a2047062294488539992710b99D71", - "DODO_Pool_cUSDC_USDC": "0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263", + "DODO_Pool_cUSDT_cUSDC": "0x9e89bAe009adf128782E19e8341996c596ac40dC", + "DODOPMMIntegration": "0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895", + "DODOPMMProvider": "0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e", + "DODO_Pool_cUSDT_USDT": "0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66", + "DODO_Pool_cUSDC_USDC": "0xc39B7D0F40838cbFb54649d327f49a6DAC964062", "ReserveSystem": "0x607e97cD626f209facfE48c1464815DDE15B5093", "ReserveTokenIntegration": "0x34B73e6EDFd9f85a7c25EeD31dcB13aB6E969b96", "RegulatedEntityRegistry": "0xEA4C892D6c1253797c5D95a05BF3863363080b4B", @@ -68,7 +115,11 @@ "cCADC": "0x54dBd40cF05e15906A2C21f600937e96787f5679", "cXAUC": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", "cXAUT": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "ISO20022Router": "0xBf1BB3E73C2DB7c4aebCd7bf757cdD1C12dE9074" + "ISO20022Router": "0xBf1BB3E73C2DB7c4aebCd7bf757cdD1C12dE9074", + "DODOPMMIntegration_OperatorScan": "0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d", + "DODO_Pool_cUSDT_cUSDC_Extended": "0xff8d3b8fDF7B112759F076B69f4271D4209C0849", + "DODO_Pool_cUSDT_USDT_Extended": "0x6fc60DEDc92a2047062294488539992710b99D71", + "DODO_Pool_cUSDC_USDC_Extended": "0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263" }, "envVarMap": { "CCIP_ROUTER": "CCIP_Router", @@ -96,6 +147,12 @@ "FEE_COLLECTOR_ADDRESS": "FeeCollector", "COMPLIANT_USDT_ADDRESS": "cUSDT", "COMPLIANT_USDC_ADDRESS": "cUSDC", + "COMPLIANT_AUSDT_ADDRESS": "cAUSDT", + "COMPLIANT_USDW_ADDRESS": "cUSDW", + "COMPLIANT_USDT_V2": "cUSDT_V2", + "COMPLIANT_USDC_V2": "cUSDC_V2", + "CUSDT_V2_ADDRESS_138": "cUSDT_V2", + "CUSDC_V2_ADDRESS_138": "cUSDC_V2", "DODO_PMM_INTEGRATION_ADDRESS": "DODOPMMIntegration", "CHAIN_138_DODO_PMM_INTEGRATION": "DODOPMMIntegration", "DODO_PMM_PROVIDER_ADDRESS": "DODOPMMProvider", @@ -111,6 +168,33 @@ "UNIVERSAL_ASSET_REGISTRY": "UniversalAssetRegistry", "GOVERNANCE_CONTROLLER": "GovernanceController", "UNIVERSAL_CCIP_BRIDGE": "UniversalCCIPBridge", + "FLASH_UNIVERSAL_CCIP_BRIDGE": "UniversalCCIPBridge", + "FLASH_CCIP_ROUTER": "CCIP_Router", + "FLASH_REPAY_RECEIVER_ROUTER": "CCIP_Router", + "FLASH_VAULT_CREDIT_ROUTER": "CCIP_Router", + "ENHANCED_SWAP_ROUTER_V2_ADDRESS": "EnhancedSwapRouterV2", + "INTENT_BRIDGE_COORDINATOR_V2_ADDRESS": "IntentBridgeCoordinatorV2", + "UNISWAP_V3_ROUTER": "UniswapV3Router", + "UNISWAP_QUOTER_ADDRESS": "UniswapV3QuoterV2", + "CHAIN_138_UNISWAP_V3_FACTORY": "UniswapV3Factory", + "CHAIN_138_UNISWAP_V3_ROUTER": "UniswapV3Router", + "UNISWAP_V3_WETH_USDT_POOL": "UniswapV3Pool_WETH_USDT", + "UNISWAP_V3_WETH_USDC_POOL": "UniswapV3Pool_WETH_USDC", + "CHAIN138_UNISWAP_V3_NATIVE_FACTORY": "UniswapV3Factory", + "CHAIN138_UNISWAP_V3_NATIVE_NFT_DESCRIPTOR_LIBRARY": "UniswapV3NFTDescriptor", + "CHAIN138_UNISWAP_V3_NATIVE_TOKEN_DESCRIPTOR": "UniswapV3TokenDescriptor", + "CHAIN138_UNISWAP_V3_NATIVE_POSITION_MANAGER": "UniswapV3PositionManager", + "CHAIN138_UNISWAP_V3_NATIVE_SWAP_ROUTER": "UniswapV3Router", + "CHAIN138_UNISWAP_V3_NATIVE_QUOTER_V2": "UniswapV3QuoterV2", + "CHAIN138_UNISWAP_V3_NATIVE_WETH_USDT_POOL": "UniswapV3Pool_WETH_USDT", + "CHAIN138_UNISWAP_V3_NATIVE_WETH_USDC_POOL": "UniswapV3Pool_WETH_USDC", + "CW_ASSET_RESERVE_VERIFIER_DEPLOYED_CHAIN138": "CWAssetReserveVerifier", + "BALANCER_VAULT": "PilotBalancerVault", + "CURVE_3POOL": "PilotCurve3Pool", + "ONEINCH_ROUTER": "PilotOneInchRouter", + "CROSS_CHAIN_FLASH_BRIDGE_ADAPTER": "UniversalCCIPFlashBridgeAdapter", + "CROSS_CHAIN_FLASH_REPAY_RECEIVER": "CrossChainFlashRepayReceiver", + "CROSS_CHAIN_FLASH_VAULT_CREDIT_RECEIVER": "CrossChainFlashVaultCreditReceiver", "BRIDGE_ORCHESTRATOR": "BridgeOrchestrator", "UNIVERSAL_ASSET_REGISTRY_DETERMINISTIC": "UniversalAssetRegistry_Deterministic", "UNIVERSAL_CCIP_BRIDGE_DETERMINISTIC": "UniversalCCIPBridge_Deterministic", @@ -127,11 +211,13 @@ "1": { "contracts": { "CCIP_Relay_Router": "0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb", - "CCIP_Relay_Bridge": "0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939" + "CCIP_Relay_Bridge": "0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939", + "DODOPMMIntegration_Mainnet": "0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84" }, "envVarMap": { "CCIP_RELAY_ROUTER_MAINNET": "CCIP_Relay_Router", - "CCIP_RELAY_BRIDGE_MAINNET": "CCIP_Relay_Bridge" + "CCIP_RELAY_BRIDGE_MAINNET": "CCIP_Relay_Bridge", + "DODO_PMM_INTEGRATION_MAINNET": "DODOPMMIntegration_Mainnet" } } } diff --git a/config/systemd/ccip-relay-avax-cw.service b/config/systemd/ccip-relay-avax-cw.service new file mode 100644 index 00000000..e7fa2d8c --- /dev/null +++ b/config/systemd/ccip-relay-avax-cw.service @@ -0,0 +1,25 @@ +# Install on Proxmox host (e.g. r630-01) where /opt/smom-dbis-138/services/relay exists: +# sudo cp config/systemd/ccip-relay-avax-cw.service /etc/systemd/system/ccip-relay-avax-cw.service +# sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay-avax-cw +# +# Uses the tracked `.env.avax-cw` profile and skips `.env.local` so the dedicated +# Avalanche cW mint corridor stays separate from the legacy AVAX WETH relay lane. + +[Unit] +Description=CCIP relay service (Chain 138 cW bridge to Avalanche cW bridge) +After=network-online.target +Wants=network-online.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/smom-dbis-138/services/relay +Environment=RELAY_SKIP_ENV_LOCAL=1 +Environment=RELAY_HEALTH_PORT=9864 +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh avax-cw +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/ccip-relay-avax-to-138.service b/config/systemd/ccip-relay-avax-to-138.service new file mode 100644 index 00000000..22ff77e4 --- /dev/null +++ b/config/systemd/ccip-relay-avax-to-138.service @@ -0,0 +1,25 @@ +# Install on Proxmox host (e.g. r630-01) where /opt/smom-dbis-138/services/relay exists: +# sudo cp config/systemd/ccip-relay-avax-to-138.service /etc/systemd/system/ccip-relay-avax-to-138.service +# sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay-avax-to-138 +# +# Uses the tracked `.env.avax-to-138` profile and skips `.env.local` so the reverse +# Avalanche cW burn lane remains isolated from the forward AVAX workers. + +[Unit] +Description=CCIP relay service (Avalanche cW bridge to Chain 138 cW bridge) +After=network-online.target +Wants=network-online.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/smom-dbis-138/services/relay +Environment=RELAY_SKIP_ENV_LOCAL=1 +Environment=RELAY_HEALTH_PORT=9865 +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh avax-to-138 +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/ccip-relay-avax.service b/config/systemd/ccip-relay-avax.service new file mode 100644 index 00000000..e72520fa --- /dev/null +++ b/config/systemd/ccip-relay-avax.service @@ -0,0 +1,25 @@ +# Install on Proxmox host (e.g. r630-01) where /opt/smom-dbis-138/services/relay exists: +# sudo cp config/systemd/ccip-relay-avax.service /etc/systemd/system/ccip-relay-avax.service +# sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay-avax +# +# Uses the tracked `.env.avax` profile and skips `.env.local` so ad hoc Mainnet overrides +# do not bleed into the Avalanche worker. + +[Unit] +Description=CCIP relay service (Chain 138 to Avalanche) +After=network-online.target +Wants=network-online.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/smom-dbis-138/services/relay +Environment=RELAY_SKIP_ENV_LOCAL=1 +Environment=RELAY_HEALTH_PORT=9862 +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh avax +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/ccip-relay-bsc.service b/config/systemd/ccip-relay-bsc.service new file mode 100644 index 00000000..d41e0adf --- /dev/null +++ b/config/systemd/ccip-relay-bsc.service @@ -0,0 +1,25 @@ +# Install on Proxmox host (e.g. r630-01) where /opt/smom-dbis-138/services/relay exists: +# sudo cp config/systemd/ccip-relay-bsc.service /etc/systemd/system/ccip-relay-bsc.service +# sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay-bsc +# +# Uses the tracked `.env.bsc` profile and skips `.env.local` so ad hoc Mainnet overrides +# do not bleed into the BSC worker. + +[Unit] +Description=CCIP relay service (Chain 138 to BSC) +After=network-online.target +Wants=network-online.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/smom-dbis-138/services/relay +Environment=RELAY_SKIP_ENV_LOCAL=1 +Environment=RELAY_HEALTH_PORT=9861 +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh bsc +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/ccip-relay-mainnet-cw.service b/config/systemd/ccip-relay-mainnet-cw.service new file mode 100644 index 00000000..47e590fe --- /dev/null +++ b/config/systemd/ccip-relay-mainnet-cw.service @@ -0,0 +1,25 @@ +# Install on Proxmox host (e.g. r630-01) where /opt/smom-dbis-138/services/relay exists: +# sudo cp config/systemd/ccip-relay-mainnet-cw.service /etc/systemd/system/ccip-relay-mainnet-cw.service +# sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay-mainnet-cw +# +# Uses the tracked `.env.mainnet-cw` profile and skips `.env.local` so the Mainnet cW +# corridor stays isolated from the WETH release lane. + +[Unit] +Description=CCIP relay service (Chain 138 cW bridge to Mainnet cW bridge) +After=network-online.target +Wants=network-online.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/smom-dbis-138/services/relay +Environment=RELAY_SKIP_ENV_LOCAL=1 +Environment=RELAY_HEALTH_PORT=9863 +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh mainnet-cw +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/ccip-relay.service b/config/systemd/ccip-relay.service index 87c6ff77..490b9e4c 100644 --- a/config/systemd/ccip-relay.service +++ b/config/systemd/ccip-relay.service @@ -2,22 +2,24 @@ # sudo cp config/systemd/ccip-relay.service /etc/systemd/system/ccip-relay.service # sudo systemctl daemon-reload && sudo systemctl enable --now ccip-relay # -# Uses start-relay.sh (loads parent .env and relay/.env.local). +# Uses the tracked `mainnet-weth` profile and skips `.env.local` so WETH delivery policy +# stays explicit even when operators keep local override files around for other lanes. [Unit] Description=CCIP relay service (Chain 138 to Mainnet) After=network-online.target Wants=network-online.target +StartLimitIntervalSec=0 [Service] Type=simple User=root WorkingDirectory=/opt/smom-dbis-138/services/relay -ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh +Environment=RELAY_SKIP_ENV_LOCAL=1 +Environment=RELAY_HEALTH_PORT=9860 +ExecStart=/bin/bash /opt/smom-dbis-138/services/relay/start-relay.sh mainnet-weth Restart=on-failure RestartSec=15 -StartLimitIntervalSec=300 -StartLimitBurst=5 [Install] WantedBy=multi-user.target diff --git a/config/systemd/dbis-core-gateway-outbox-worker.example.service b/config/systemd/dbis-core-gateway-outbox-worker.example.service new file mode 100644 index 00000000..78984dee --- /dev/null +++ b/config/systemd/dbis-core-gateway-outbox-worker.example.service @@ -0,0 +1,28 @@ +# Example unit for dbis_core gateway_outbox send loop (SolaceNet rails scaffold). +# Copy and edit paths + EnvironmentFile before enable: +# sudo cp config/systemd/dbis-core-gateway-outbox-worker.example.service /etc/systemd/system/dbis-core-gateway-outbox.service +# sudo systemctl daemon-reload && sudo systemctl enable --now dbis-core-gateway-outbox +# +# Requires: DATABASE_URL (Prisma), migrations applied so gateway_outbox exists. +# Optional: GATEWAY_OUTBOX_BATCH_SIZE, GATEWAY_OUTBOX_MAX_ATTEMPTS + +[Unit] +Description=DBIS Core gateway outbox worker (rail send loop) +After=network-online.target postgresql.service +Wants=network-online.target +StartLimitIntervalSec=300 +StartLimitBurst=5 + +[Service] +Type=simple +User=dbis +Group=dbis +WorkingDirectory=/opt/dbis_core +Environment=NODE_ENV=production +EnvironmentFile=-/etc/dbis-core/gateway-outbox.env +ExecStart=/usr/bin/npm run worker:gateway-outbox +Restart=on-failure +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/op-stack-batcher.example.service b/config/systemd/op-stack-batcher.example.service new file mode 100644 index 00000000..fea7e007 --- /dev/null +++ b/config/systemd/op-stack-batcher.example.service @@ -0,0 +1,20 @@ +# Example unit — op-batcher + +[Unit] +Description=OP Stack op-batcher — example +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=opstack +Group=opstack +WorkingDirectory=/opt/op-stack +EnvironmentFile=-/etc/op-stack/batcher.env +# ExecStart=/opt/op-stack/bin/op-batcher ... +ExecStart=/bin/false +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/op-stack-challenger.example.service b/config/systemd/op-stack-challenger.example.service new file mode 100644 index 00000000..555d3360 --- /dev/null +++ b/config/systemd/op-stack-challenger.example.service @@ -0,0 +1,20 @@ +# Example unit — op-challenger + +[Unit] +Description=OP Stack op-challenger — example +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=opstack +Group=opstack +WorkingDirectory=/opt/op-stack +EnvironmentFile=-/etc/op-stack/challenger.env +# ExecStart=/opt/op-stack/bin/op-challenger ... +ExecStart=/bin/false +Restart=on-failure +RestartSec=20 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/op-stack-op-node.example.service b/config/systemd/op-stack-op-node.example.service new file mode 100644 index 00000000..98a9d6aa --- /dev/null +++ b/config/systemd/op-stack-op-node.example.service @@ -0,0 +1,21 @@ +# Example unit — op-node (consensus) paired with an execution client such as op-reth. +# See https://docs.optimism.io/chain-operators/getting-started + +[Unit] +Description=OP Stack op-node — example +After=network-online.target op-stack-op-reth.service +Wants=network-online.target + +[Service] +Type=simple +User=opstack +Group=opstack +WorkingDirectory=/opt/op-stack +EnvironmentFile=-/etc/op-stack/op-node.env +# ExecStart=/opt/op-stack/bin/op-node ... (rollup.json, L1 RPC, engine auth) +ExecStart=/bin/false +Restart=on-failure +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/op-stack-op-reth.example.service b/config/systemd/op-stack-op-reth.example.service new file mode 100644 index 00000000..14dfac49 --- /dev/null +++ b/config/systemd/op-stack-op-reth.example.service @@ -0,0 +1,21 @@ +# Example unit — op-reth execution client for OP Stack. +# Install: copy to /etc/systemd/system/, edit paths, `systemctl daemon-reload && systemctl enable --now ...` + +[Unit] +Description=OP Stack op-reth — example +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=opstack +Group=opstack +WorkingDirectory=/opt/op-stack +EnvironmentFile=-/etc/op-stack/op-reth.env +# ExecStart=/opt/op-stack/bin/op-reth node ... (match Optimism docs for your pinned version) +ExecStart=/bin/false +Restart=on-failure +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/op-stack-proposer.example.service b/config/systemd/op-stack-proposer.example.service new file mode 100644 index 00000000..ad612e7a --- /dev/null +++ b/config/systemd/op-stack-proposer.example.service @@ -0,0 +1,20 @@ +# Example unit — op-proposer + +[Unit] +Description=OP Stack op-proposer — example +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=opstack +Group=opstack +WorkingDirectory=/opt/op-stack +EnvironmentFile=-/etc/op-stack/proposer.env +# ExecStart=/opt/op-stack/bin/op-proposer ... +ExecStart=/bin/false +Restart=on-failure +RestartSec=15 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/op-stack-sequencer.example.service b/config/systemd/op-stack-sequencer.example.service new file mode 100644 index 00000000..80eee801 --- /dev/null +++ b/config/systemd/op-stack-sequencer.example.service @@ -0,0 +1,27 @@ +# Example unit — legacy OP Stack op-geth execution client. +# Prefer op-reth for new deployments; op-geth is approaching end-of-support. +# Install: copy to /etc/systemd/system/, edit paths, `systemctl daemon-reload && systemctl enable --now ...` +# +# Replace: +# /opt/op-stack — install root +# opuser — unprivileged user +# /etc/op-stack/sequencer.env — EnvironmentFile (RPC URLs, JWT, flags; no keys in world-readable files) + +[Unit] +Description=OP Stack op-geth (legacy) — example +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=opstack +Group=opstack +WorkingDirectory=/opt/op-stack +EnvironmentFile=-/etc/op-stack/sequencer.env +# ExecStart=/opt/op-stack/bin/geth ... (legacy fallback only; prefer op-reth) +ExecStart=/bin/false +Restart=on-failure +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/config/systemd/xdc-zero-relayer-138-pair.example.service b/config/systemd/xdc-zero-relayer-138-pair.example.service new file mode 100644 index 00000000..19ad9033 --- /dev/null +++ b/config/systemd/xdc-zero-relayer-138-pair.example.service @@ -0,0 +1,33 @@ +# Example systemd unit — SECOND XDC-Relayer (Chain 138 <-> XDC parent/mainnet). +# Do not disable your existing subnet<->parent relayer. +# +# Prerequisites: Redis (upstream), built relayer (`npm run build`), env file with SUBNET_URL, PARENTNET_URL, etc. +# +# Install: +# sudo cp config/systemd/xdc-zero-relayer-138-pair.example.service /etc/systemd/system/xdc-zero-relayer-138-pair.service +# sudo cp config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults /etc/default/xdc-zero-relayer-138-pair +# sudo chmod 640 /etc/default/xdc-zero-relayer-138-pair +# # Edit WorkingDirectory to your clone (e.g. /home/op/XDC-Relayer) and fill /etc/default/... +# # If you run the relayer manually from the repo root instead of systemd, use +# # config/xdc-zero/xdc-relayer.dotenv.example as the source for the clone-local .env. +# sudo systemctl daemon-reload && sudo systemctl enable --now xdc-zero-relayer-138-pair +# +# ExecStart matches upstream: `npm run start` -> `node dist/server.js` (Node 20.x per package.json engines). + +[Unit] +Description=XDC Relayer — Chain 138 to XDC mainnet (second instance) +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/xdc-relayer +EnvironmentFile=-/etc/default/xdc-zero-relayer-138-pair +# Relayer reads process.env; dotenv does not override vars systemd already set. +ExecStart=/usr/bin/node dist/server.js +Restart=on-failure +RestartSec=30 + +[Install] +WantedBy=multi-user.target diff --git a/config/thirdweb-account-abstraction-support.json b/config/thirdweb-account-abstraction-support.json new file mode 100644 index 00000000..b0d16779 --- /dev/null +++ b/config/thirdweb-account-abstraction-support.json @@ -0,0 +1,91 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "name": "Thirdweb Account Abstraction Support Matrix", + "version": "1.0.0", + "updated": "2026-04-07", + "notes": [ + "Machine-readable execution policy for Thirdweb account abstraction, gas sponsorship, and x402 across the chains relevant to this workspace.", + "x402 is modeled as an EIP-7702-specific payment rail even when ERC-4337 remains the fallback smart-account mode for the same chain." + ], + "services": { + "wallets": true, + "rpc": true, + "serverWallets": true, + "gasSponsorship": true, + "bridge": true, + "ai": true, + "x402": true + }, + "globalRequirements": { + "projectApiKeys": true, + "clientIdRequired": true, + "secretKeyRequired": true, + "serverWalletRequiredForX402": true, + "dualModeAccountAbstraction": true + }, + "chains": [ + { + "chainId": 138, + "name": "Defi Oracle Meta", + "rpc": { + "publicEndpoint": "https://138.rpc.thirdweb.com" + }, + "accountAbstraction": { + "erc4337": { + "supported": true, + "role": "baseline_required" + }, + "eip7702": { + "supported": true, + "role": "target_supported_subject_to_chain_and_stack_confirmation" + }, + "currentDefault": "erc4337", + "sponsorGasModes": [ + "erc4337", + "eip7702" + ] + }, + "x402": { + "enabled": true, + "settlementMode": "eip7702", + "compatibleTokens": [ + { + "symbol": "cUSDT_V2", + "address": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "erc2612": true, + "erc3009": true + }, + { + "symbol": "cUSDC_V2", + "address": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", + "erc2612": true, + "erc3009": true + } + ] + } + }, + { + "chainId": 1, + "name": "Ethereum Mainnet", + "accountAbstraction": { + "erc4337": { + "supported": true, + "role": "fallback_required" + }, + "eip7702": { + "supported": true, + "role": "preferred" + }, + "currentDefault": "eip7702", + "sponsorGasModes": [ + "erc4337", + "eip7702" + ] + }, + "x402": { + "enabled": true, + "settlementMode": "eip7702" + } + } + ] +} diff --git a/config/token-mapping-loader.cjs b/config/token-mapping-loader.cjs index 21ec4ee8..8f3fbcd6 100644 --- a/config/token-mapping-loader.cjs +++ b/config/token-mapping-loader.cjs @@ -28,6 +28,20 @@ const DEFAULT_POOL_MATRIX_JSON_PATH = path.resolve( 'config', 'pool-matrix.json' ); +const DEFAULT_CW_RESERVE_VERIFIER_BROADCAST_PATH = path.resolve( + __dirname, + '..', + 'smom-dbis-138', + 'broadcast', + 'DeployCWReserveVerifier.s.sol', + '138', + 'run-latest.json' +); + +const ENV_ALIASES = { + CHAIN138_L1_BRIDGE: ['CW_L1_BRIDGE', 'CW_L1_BRIDGE_CHAIN138'], + CW_L1_BRIDGE: ['CHAIN138_L1_BRIDGE', 'CW_L1_BRIDGE_CHAIN138'], +}; const JSON_CACHES = { token: null, @@ -55,6 +69,10 @@ function normalizeAddress(address) { return typeof address === 'string' ? address.trim().toLowerCase() : ''; } +function isActiveRolloutRecord(record) { + return !record || typeof record !== 'object' || record.active !== false; +} + function normalizeSymbol(symbol) { return typeof symbol === 'string' ? symbol.trim().toLowerCase() : ''; } @@ -67,6 +85,21 @@ function normalizeTransportSymbol(symbol) { return normalized; } +function resolveChainSelectorValue(...values) { + for (const value of values) { + if (typeof value === 'number' && Number.isFinite(value)) { + return String(Math.trunc(value)); + } + if (typeof value === 'string') { + const trimmed = value.trim(); + if (/^\d+$/.test(trimmed)) { + return trimmed; + } + } + } + return ''; +} + function isNonZeroAddress(address) { const normalized = normalizeAddress(address); return /^0x[a-f0-9]{40}$/.test(normalized) && normalized !== ZERO_ADDRESS; @@ -75,12 +108,49 @@ function isNonZeroAddress(address) { function resolveConfigRef(ref) { if (!ref || typeof ref !== 'object') return ''; if (isNonZeroAddress(ref.address)) return ref.address; - if (typeof ref.env === 'string' && isNonZeroAddress(process.env[ref.env])) { - return process.env[ref.env]; + if (typeof ref.env === 'string') { + const envValue = resolveEnvAddress(ref.env); + if (isNonZeroAddress(envValue)) return envValue; } return ''; } +function resolveEnvAddress(envKey) { + if (typeof envKey !== 'string' || envKey.trim() === '') return ''; + const direct = process.env[envKey]; + if (isNonZeroAddress(direct)) return direct; + + const aliases = ENV_ALIASES[envKey] || []; + for (const alias of aliases) { + const candidate = process.env[alias]; + if (isNonZeroAddress(candidate)) return candidate; + } + + if (envKey === 'CW_RESERVE_VERIFIER_CHAIN138') { + const derived = deriveCwReserveVerifierFromBroadcast(); + if (isNonZeroAddress(derived)) return derived; + } + + return ''; +} + +function deriveCwReserveVerifierFromBroadcast() { + try { + const data = loadCachedJson('cwReserveVerifierBroadcast', DEFAULT_CW_RESERVE_VERIFIER_BROADCAST_PATH); + if (!data || !Array.isArray(data.transactions)) return ''; + const tx = data.transactions.find( + (entry) => + entry && + entry.contractName === 'CWReserveVerifier' && + entry.transactionType === 'CREATE' && + isNonZeroAddress(entry.contractAddress) + ); + return tx?.contractAddress || ''; + } catch (e) { + return ''; + } +} + function hasConfigRef(ref) { if (!ref || typeof ref !== 'object') return false; return isNonZeroAddress(ref.address) || (typeof ref.env === 'string' && ref.env.trim() !== ''); @@ -206,18 +276,39 @@ function getRoutingRegistryRoutes(jsonPath = DEFAULT_ROUTING_REGISTRY_JSON_PATH) function getGruTransportMetadata(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { const data = loadGruTransportActiveJson(jsonPath); if (!data || typeof data !== 'object') return null; + const enabledCanonicalTokens = getEnabledCanonicalTokens(jsonPath); + const enabledDestinationChains = getEnabledDestinationChains(jsonPath); + const approvedBridgePeers = Array.isArray(data.approvedBridgePeers) + ? data.approvedBridgePeers.filter(isActiveRolloutRecord) + : []; + const configuredTransportPairs = Array.isArray(data.transportPairs) ? data.transportPairs : []; + const deferredTransportPairs = configuredTransportPairs.filter((pair) => !isActiveRolloutRecord(pair)).length; const activeTransportPairs = getActiveTransportPairs({ activeJsonPath: jsonPath }); const activePublicPools = getActivePublicPools(jsonPath); + const gasAssetFamilies = getGasAssetFamilies(jsonPath); + const gasRedeemGroups = getGasRedeemGroups(jsonPath); + const gasProtocolExposure = getGasProtocolExposure(jsonPath); return { system: data.system || null, terminology: data.terminology || {}, - enabledCanonicalTokens: Array.isArray(data.enabledCanonicalTokens) ? data.enabledCanonicalTokens : [], - enabledDestinationChains: Array.isArray(data.enabledDestinationChains) ? data.enabledDestinationChains : [], + enabledCanonicalTokens, + enabledDestinationChains, + gasAssetFamilies, + gasRedeemGroups, + gasProtocolExposure, counts: { - enabledCanonicalTokens: Array.isArray(data.enabledCanonicalTokens) ? data.enabledCanonicalTokens.length : 0, - enabledDestinationChains: Array.isArray(data.enabledDestinationChains) ? data.enabledDestinationChains.length : 0, - approvedBridgePeers: Array.isArray(data.approvedBridgePeers) ? data.approvedBridgePeers.length : 0, - transportPairs: Array.isArray(data.transportPairs) ? data.transportPairs.length : 0, + enabledCanonicalTokens: enabledCanonicalTokens.length, + enabledDestinationChains: enabledDestinationChains.length, + approvedBridgePeers: approvedBridgePeers.length, + transportPairs: activeTransportPairs.length, + configuredTransportPairs: configuredTransportPairs.length, + deferredTransportPairs, + gasAssetFamilies: gasAssetFamilies.length, + gasRedeemGroups: gasRedeemGroups.length, + gasProtocolExposure: gasProtocolExposure.length, + gasTransportPairs: activeTransportPairs.filter((pair) => pair.assetClass === 'gas_native').length, + strictEscrowTransportPairs: activeTransportPairs.filter((pair) => pair.backingMode === 'strict_escrow').length, + hybridCapTransportPairs: activeTransportPairs.filter((pair) => pair.backingMode === 'hybrid_cap').length, eligibleTransportPairs: activeTransportPairs.filter((pair) => pair.eligible).length, runtimeReadyTransportPairs: activeTransportPairs.filter((pair) => pair.runtimeReady).length, publicPools: Array.isArray(data.publicPools) ? data.publicPools.length : 0, @@ -232,10 +323,77 @@ function getGruTransportMetadata(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { }; } +function getGasAssetFamilies(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const data = loadGruTransportActiveJson(jsonPath); + if (!data || !Array.isArray(data.gasAssetFamilies)) return []; + return data.gasAssetFamilies; +} + +function getGasAssetFamily(identifier, jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const normalized = normalizeSymbol(identifier || ''); + if (!normalized) return null; + return ( + getGasAssetFamilies(jsonPath).find((family) => { + if (normalizeSymbol(family.familyKey) === normalized) return true; + if (normalizeSymbol(family.canonicalSymbol138) === normalized) return true; + if (normalizeSymbol(family.mirroredSymbol) === normalized) return true; + return false; + }) || null + ); +} + +function getGasRedeemGroups(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const data = loadGruTransportActiveJson(jsonPath); + if (!data || !Array.isArray(data.gasRedeemGroups)) return []; + return data.gasRedeemGroups; +} + +function getGasProtocolExposure(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const data = loadGruTransportActiveJson(jsonPath); + if (!data || !Array.isArray(data.gasProtocolExposure)) return []; + return data.gasProtocolExposure; +} + +function getGasProtocolExposureRecord(identifier, jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const normalized = normalizeSymbol(identifier || ''); + if (!normalized) return null; + return ( + getGasProtocolExposure(jsonPath).find((record) => { + if (normalizeSymbol(record.key) === normalized) return true; + if (normalizeSymbol(record.familyKey) === normalized) return true; + if (normalizeSymbol(record.mirroredSymbol) === normalized) return true; + return false; + }) || null + ); +} + +function isGasRedemptionPathAllowed(fromChainId, toChainId, identifier, jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const family = getGasAssetFamily(identifier, jsonPath); + if (!family) return false; + + const from = Number(fromChainId); + const to = Number(toChainId); + const redeemGroups = getGasRedeemGroups(jsonPath).filter( + (group) => normalizeSymbol(group.familyKey) === normalizeSymbol(family.familyKey) + ); + + if (redeemGroups.length === 0) { + return from === to && Array.isArray(family.originChains) && family.originChains.includes(from); + } + + return redeemGroups.some((group) => { + const allowedChains = Array.isArray(group.allowedChains) ? group.allowedChains.map((chainId) => Number(chainId)) : []; + if (!allowedChains.includes(from) || !allowedChains.includes(to)) return false; + const policy = String(group.redeemPolicy || family.redeemPolicy || '').trim().toLowerCase(); + if (policy === 'family_fungible_inventory_gated') return true; + return from === to; + }); +} + function getEnabledCanonicalTokens(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { const data = loadGruTransportActiveJson(jsonPath); if (!data || !Array.isArray(data.enabledCanonicalTokens)) return []; - return data.enabledCanonicalTokens; + return data.enabledCanonicalTokens.filter(isActiveRolloutRecord); } function getEnabledCanonicalToken(identifier, jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { @@ -265,7 +423,7 @@ function getEnabledCanonicalToken(identifier, jsonPath = DEFAULT_GRU_ACTIVE_JSON function getEnabledDestinationChains(jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { const data = loadGruTransportActiveJson(jsonPath); if (!data || !Array.isArray(data.enabledDestinationChains)) return []; - return data.enabledDestinationChains; + return data.enabledDestinationChains.filter(isActiveRolloutRecord); } function isCanonicalTokenActive(symbol, jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { @@ -282,7 +440,7 @@ function getApprovedBridgePeer(chainId, jsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) const data = loadGruTransportActiveJson(jsonPath); if (!data || !Array.isArray(data.approvedBridgePeers)) return null; const numericChainId = Number(chainId); - return data.approvedBridgePeers.find((peer) => Number(peer.chainId) === numericChainId) || null; + return data.approvedBridgePeers.find((peer) => isActiveRolloutRecord(peer) && Number(peer.chainId) === numericChainId) || null; } function getRawMappingTokenEntry(fromChainId, toChainId, mappingKey, jsonPath = DEFAULT_MULTICHAIN_JSON_PATH) { @@ -295,6 +453,153 @@ function getRawMappingTokenEntry(fromChainId, toChainId, mappingKey, jsonPath = return pair.tokens.find((token) => token.key === mappingKey) || null; } +/** + * GRU ISO-4217 bridge versioning from gru-transport-active enabledCanonicalTokens[].bridge + * (canonical c* on 138 + mirrored cW* on destination via lock / mint / burn / release). + */ +function getBridgeAssetVersionsForCanonicalSymbol(canonicalSymbol, activeJsonPath = DEFAULT_GRU_ACTIVE_JSON_PATH) { + const tokens = getEnabledCanonicalTokens(activeJsonPath); + const match = tokens.find((t) => normalizeSymbol(t.symbol) === normalizeSymbol(canonicalSymbol)); + if (!match || typeof match.bridge !== 'object' || match.bridge === null) { + return { canonicalAssetVersion: 'v1', mirroredAssetVersion: 'v1' }; + } + const b = match.bridge; + const cv = typeof b.canonicalAssetVersion === 'string' ? b.canonicalAssetVersion.trim().toLowerCase() : 'v1'; + const mv = typeof b.mirroredAssetVersion === 'string' ? b.mirroredAssetVersion.trim().toLowerCase() : 'v1'; + return { + canonicalAssetVersion: cv === 'v2' ? 'v2' : 'v1', + mirroredAssetVersion: mv === 'v2' ? 'v2' : 'v1', + }; +} + +function getGasRegistryEntry(multichainData, mappingKey) { + if (!multichainData || !multichainData.gasAssetRegistry || !Array.isArray(multichainData.gasAssetRegistry.families)) { + return null; + } + return ( + multichainData.gasAssetRegistry.families.find( + (family) => normalizeSymbol(family.mappingKey) === normalizeSymbol(mappingKey) + ) || null + ); +} + +function resolveGruIso4217BridgeAddresses(multichainData, mappingKey, destinationChainId, versions, mappingEntry) { + const bridgeCfg = multichainData && multichainData.gruIso4217Bridge; + const canonTable = bridgeCfg && bridgeCfg.canonical138ByMappingKey && bridgeCfg.canonical138ByMappingKey[mappingKey]; + let canonicalAddress = mappingEntry ? mappingEntry.addressFrom : null; + if (canonTable) { + const want = versions.canonicalAssetVersion === 'v2' ? 'v2' : 'v1'; + const picked = canonTable[want]; + if (isNonZeroAddress(picked)) { + canonicalAddress = picked; + } + } + let mirroredAddress = mappingEntry ? mappingEntry.addressTo : null; + if (versions.mirroredAssetVersion === 'v2') { + const chainKey = String(Number(destinationChainId)); + const m = + bridgeCfg && + bridgeCfg.mirroredV2ByMappingKeyAndChain && + bridgeCfg.mirroredV2ByMappingKeyAndChain[mappingKey] && + bridgeCfg.mirroredV2ByMappingKeyAndChain[mappingKey][chainKey]; + mirroredAddress = isNonZeroAddress(m) ? m : null; + } + const gasEntry = getGasRegistryEntry(multichainData, mappingKey); + if (gasEntry) { + if (isNonZeroAddress(gasEntry.canonicalAddress138)) { + canonicalAddress = gasEntry.canonicalAddress138; + } + const chainKey = String(Number(destinationChainId)); + const gasMirror = + gasEntry.mirroredAddresses && typeof gasEntry.mirroredAddresses === 'object' + ? gasEntry.mirroredAddresses[chainKey] + : null; + if (isNonZeroAddress(gasMirror)) { + mirroredAddress = gasMirror; + } + } + return { canonicalAddress, mirroredAddress }; +} + +function parseBigIntString(value) { + if (typeof value !== 'string') return null; + const trimmed = value.trim(); + if (!/^-?\d+$/.test(trimmed)) return null; + try { + return BigInt(trimmed); + } catch { + return null; + } +} + +function evaluateTransportSupplyInvariant(values = {}) { + const mode = String(values.backingMode || '').trim().toLowerCase(); + if (!mode) { + return { + applicable: false, + inputsReady: true, + valid: null, + blockers: [], + }; + } + + const outstanding = parseBigIntString(values.outstandingValue); + const escrowed = parseBigIntString(values.escrowedValue); + const treasuryBacked = parseBigIntString(values.treasuryBackedValue); + const treasuryCap = parseBigIntString(values.treasuryCapValue); + const blockers = []; + + if (outstanding === null) blockers.push('supplyAccounting:outstanding'); + if (escrowed === null) blockers.push('supplyAccounting:escrowed'); + if (mode === 'strict_escrow' && treasuryBacked === null && values.treasuryBackedValue != null) { + blockers.push('supplyAccounting:treasuryBacked'); + } + if (mode === 'hybrid_cap') { + if (treasuryBacked === null) blockers.push('supplyAccounting:treasuryBacked'); + if (treasuryCap === null) blockers.push('supplyAccounting:treasuryCap'); + } + + if (blockers.length > 0) { + return { + applicable: true, + inputsReady: false, + valid: null, + blockers, + }; + } + + let valid = true; + const invariantBlockers = []; + if (mode === 'strict_escrow') { + valid = outstanding <= escrowed; + if (!valid) invariantBlockers.push('policy:strictEscrowShortfall'); + if (treasuryBacked !== null && treasuryBacked !== 0n) { + valid = false; + invariantBlockers.push('policy:strictEscrowTreasuryBackedNonZero'); + } + } else if (mode === 'hybrid_cap') { + if (treasuryBacked > treasuryCap) { + valid = false; + invariantBlockers.push('policy:treasuryCapExceeded'); + } + if (outstanding > escrowed + treasuryCap) { + valid = false; + invariantBlockers.push('policy:hybridCapExceeded'); + } + if (outstanding > escrowed + treasuryBacked) { + valid = false; + invariantBlockers.push('policy:hybridBackingDeficit'); + } + } + + return { + applicable: true, + inputsReady: true, + valid, + blockers: invariantBlockers, + }; +} + function getActiveTransportPairs(options = {}) { const activeJsonPath = options.activeJsonPath || DEFAULT_GRU_ACTIVE_JSON_PATH; const multichainJsonPath = options.multichainJsonPath || DEFAULT_MULTICHAIN_JSON_PATH; @@ -302,38 +607,75 @@ function getActiveTransportPairs(options = {}) { const active = loadGruTransportActiveJson(activeJsonPath); const deployment = loadDeploymentStatusJson(deploymentJsonPath); if (!active || !Array.isArray(active.transportPairs)) return []; + const configuredTransportPairs = active.transportPairs.filter(isActiveRolloutRecord); const enabledCanonicalTokens = new Set( - (Array.isArray(active.enabledCanonicalTokens) ? active.enabledCanonicalTokens : []).map((token) => normalizeSymbol(token.symbol)) + getEnabledCanonicalTokens(activeJsonPath).map((token) => normalizeSymbol(token.symbol)) ); const enabledDestinationChains = new Set( - (Array.isArray(active.enabledDestinationChains) ? active.enabledDestinationChains : []).map((chain) => Number(chain.chainId)) + getEnabledDestinationChains(activeJsonPath).map((chain) => Number(chain.chainId)) + ); + const destinationChainsById = new Map( + getEnabledDestinationChains(activeJsonPath).map((chain) => [Number(chain.chainId), chain]) ); const peersByKey = new Map( - (Array.isArray(active.approvedBridgePeers) ? active.approvedBridgePeers : []).map((peer) => [String(peer.key), peer]) + (Array.isArray(active.approvedBridgePeers) ? active.approvedBridgePeers : []) + .filter(isActiveRolloutRecord) + .map((peer) => [String(peer.key), peer]) ); const reserveVerifiers = active.reserveVerifiers && typeof active.reserveVerifiers === 'object' ? active.reserveVerifiers : {}; + const gasProtocolExposure = new Map( + getGasProtocolExposure(activeJsonPath).map((record) => [String(record.key), record]) + ); - return active.transportPairs.map((pair) => { + return configuredTransportPairs.map((pair) => { const canonicalChainId = Number(pair.canonicalChainId ?? active.system?.canonicalChainId ?? 138); const destinationChainId = Number(pair.destinationChainId); const canonicalSymbol = String(pair.canonicalSymbol || '').trim(); const mirroredSymbol = String(pair.mirroredSymbol || '').trim(); const mappingEntry = getRawMappingTokenEntry(canonicalChainId, destinationChainId, pair.mappingKey, multichainJsonPath); + const multichainRoot = loadTokenMappingMultichainJson(multichainJsonPath); + const bridgeVersions = getBridgeAssetVersionsForCanonicalSymbol(canonicalSymbol, activeJsonPath); + const resolvedAddrs = resolveGruIso4217BridgeAddresses( + multichainRoot, + pair.mappingKey, + destinationChainId, + bridgeVersions, + mappingEntry + ); const deploymentChain = deployment && deployment.chains && typeof deployment.chains === 'object' ? deployment.chains[String(destinationChainId)] || null : null; const mirrorDeploymentAddress = - deploymentChain && deploymentChain.cwTokens && typeof deploymentChain.cwTokens === 'object' - ? deploymentChain.cwTokens[mirroredSymbol] || null + deploymentChain && typeof deploymentChain === 'object' + ? ( + (deploymentChain.cwTokens && typeof deploymentChain.cwTokens === 'object' + ? deploymentChain.cwTokens[mirroredSymbol] + : null) || + (deploymentChain.gasMirrors && typeof deploymentChain.gasMirrors === 'object' + ? deploymentChain.gasMirrors[mirroredSymbol] + : null) || + null + ) : null; const peer = peersByKey.get(String(pair.peerKey || '')) || null; const maxOutstanding = pair.maxOutstanding && typeof pair.maxOutstanding === 'object' ? pair.maxOutstanding : {}; const reserveVerifier = pair.reserveVerifierKey ? reserveVerifiers[pair.reserveVerifierKey] : null; + const supplyAccounting = pair.supplyAccounting && typeof pair.supplyAccounting === 'object' ? pair.supplyAccounting : null; + const protocolExposure = + pair.protocolExposureKey && gasProtocolExposure.has(String(pair.protocolExposureKey)) + ? gasProtocolExposure.get(String(pair.protocolExposureKey)) + : null; const routeDiscoveryEnabled = pair.routeDiscoveryEnabled !== false; - const canonicalAddress = mappingEntry?.addressFrom || null; - const mirroredAddress = mappingEntry?.addressTo || null; + const canonicalAddress = resolvedAddrs.canonicalAddress; + const mirroredAddress = resolvedAddrs.mirroredAddress; + const destinationConfig = destinationChainsById.get(destinationChainId) || null; + const destinationChainSelector = resolveChainSelectorValue( + pair.destinationChainSelector, + peer && peer.ccipChainSelector, + destinationConfig && destinationConfig.ccipChainSelector + ); const runtimeL1BridgeAddress = peer ? resolveConfigRef(peer.l1Bridge) : ''; const runtimeL2BridgeAddress = peer ? resolveConfigRef(peer.l2Bridge) : ''; const runtimeMaxOutstandingValue = resolvePolicyRefValue(maxOutstanding); @@ -342,6 +684,17 @@ function getActiveTransportPairs(options = {}) { const runtimeReserveVerifierAddress = runtimeReserveVerifier ? resolveConfigRef(runtimeReserveVerifier.verifierRef) : ''; const runtimeReserveVaultAddress = runtimeReserveVerifier ? resolveConfigRef(runtimeReserveVerifier.vaultRef) : ''; const runtimeReserveSystemAddress = runtimeReserveVerifier ? resolveConfigRef(runtimeReserveVerifier.reserveSystemRef) : ''; + const runtimeOutstandingValue = supplyAccounting ? resolvePolicyRefValue(supplyAccounting.outstanding) : ''; + const runtimeEscrowedValue = supplyAccounting ? resolvePolicyRefValue(supplyAccounting.escrowed) : ''; + const runtimeTreasuryBackedValue = supplyAccounting ? resolvePolicyRefValue(supplyAccounting.treasuryBacked) : ''; + const runtimeTreasuryCapValue = supplyAccounting ? resolvePolicyRefValue(supplyAccounting.treasuryCap) : ''; + const supplyInvariant = evaluateTransportSupplyInvariant({ + backingMode: pair.backingMode, + outstandingValue: runtimeOutstandingValue, + escrowedValue: runtimeEscrowedValue, + treasuryBackedValue: runtimeTreasuryBackedValue, + treasuryCapValue: runtimeTreasuryCapValue, + }); const mirrorDeployed = isNonZeroAddress(mirrorDeploymentAddress) && isNonZeroAddress(mirroredAddress) && @@ -380,7 +733,17 @@ function getActiveTransportPairs(options = {}) { } if (!mappingEntry) eligibilityBlockers.push('mapping:pairMissing'); if (!isNonZeroAddress(canonicalAddress)) eligibilityBlockers.push('mapping:canonicalAddressMissing'); - if (!isNonZeroAddress(mirroredAddress)) eligibilityBlockers.push('mapping:mirroredAddressMissing'); + if (!isNonZeroAddress(mirroredAddress)) { + eligibilityBlockers.push( + bridgeVersions.mirroredAssetVersion === 'v2' ? 'mapping:mirroredV2AddressMissing' : 'mapping:mirroredAddressMissing' + ); + } + if (pair.assetClass === 'gas_native' && !getGasAssetFamily(pair.familyKey || canonicalSymbol, activeJsonPath)) { + eligibilityBlockers.push('config:gasAssetFamilyMissing'); + } + if (pair.protocolExposureKey && !protocolExposure) { + eligibilityBlockers.push('config:gasProtocolExposureMissing'); + } if (!mirrorDeployed) eligibilityBlockers.push('deployment:mirroredTokenNotDeployed'); if (!bridgePeerConfigured) eligibilityBlockers.push('config:bridgePeerRefMissing'); if (!maxOutstandingConfigured) eligibilityBlockers.push('config:maxOutstandingRefMissing'); @@ -403,6 +766,11 @@ function getActiveTransportPairs(options = {}) { runtimeMissingRequirements.push('reserveVerifier:reserveSystemRef'); } } + if (supplyInvariant.inputsReady === false) { + runtimeMissingRequirements.push(...supplyInvariant.blockers); + } else if (supplyInvariant.valid === false) { + runtimeMissingRequirements.push(...supplyInvariant.blockers); + } if (deploymentChain?.bridgeAvailable === false) { runtimeMissingRequirements.push('deployment:bridgeUnavailable'); } @@ -412,8 +780,15 @@ function getActiveTransportPairs(options = {}) { ...pair, canonicalChainId, destinationChainId, + destinationChainName: + (destinationConfig && typeof destinationConfig.name === 'string' && destinationConfig.name.trim()) || + (peer && typeof peer.chainName === 'string' && peer.chainName.trim()) || + null, canonicalSymbol, mirroredSymbol, + bridgeCanonicalAssetVersion: bridgeVersions.canonicalAssetVersion, + bridgeMirroredAssetVersion: bridgeVersions.mirroredAssetVersion, + destinationChainSelector: destinationChainSelector || null, canonicalAddress, mirroredAddress, mirrorDeploymentAddress, @@ -436,6 +811,13 @@ function getActiveTransportPairs(options = {}) { runtimeReserveVaultAddress: runtimeReserveVaultAddress || null, runtimeReserveSystemAddress: runtimeReserveSystemAddress || null, runtimeReserveVerifierReady, + runtimeOutstandingValue: runtimeOutstandingValue || null, + runtimeEscrowedValue: runtimeEscrowedValue || null, + runtimeTreasuryBackedValue: runtimeTreasuryBackedValue || null, + runtimeTreasuryCapValue: runtimeTreasuryCapValue || null, + runtimeSupplyAccountingReady: supplyInvariant.applicable ? supplyInvariant.inputsReady : null, + supplyInvariantSatisfied: supplyInvariant.applicable ? supplyInvariant.valid : null, + protocolExposure, runtimeMissingRequirements, eligibilityBlockers, runtimeReady, @@ -503,6 +885,11 @@ function getKnownMirroredTokenAddresses(chainId, options = {}) { if (isNonZeroAddress(address)) out.add(normalizeAddress(address)); } } + if (deployment && deployment.chains && deployment.chains[chainKey]?.gasMirrors) { + for (const address of Object.values(deployment.chains[chainKey].gasMirrors)) { + if (isNonZeroAddress(address)) out.add(normalizeAddress(address)); + } + } if (data && Array.isArray(data.pairs)) { const pair = data.pairs.find((entry) => Number(entry.fromChainId) === 138 && Number(entry.toChainId) === Number(chainId)); @@ -598,9 +985,18 @@ module.exports = { getEnabledCanonicalTokens, getEnabledCanonicalToken, getEnabledDestinationChains, + getGasAssetFamilies, + getGasAssetFamily, + getGasRedeemGroups, + getGasProtocolExposure, + getGasProtocolExposureRecord, + isGasRedemptionPathAllowed, isCanonicalTokenActive, isDestinationChainActive, getApprovedBridgePeer, + getBridgeAssetVersionsForCanonicalSymbol, + resolveGruIso4217BridgeAddresses, + evaluateTransportSupplyInvariant, getActiveTransportPairs, getActiveTransportPair, getKnownMirroredTokenAddresses, diff --git a/config/token-mapping-multichain.json b/config/token-mapping-multichain.json index 0842db73..77ed4162 100644 --- a/config/token-mapping-multichain.json +++ b/config/token-mapping-multichain.json @@ -1,11 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "description": "Multi-chain token mapping: Chain 138↔651940 (ALL Mainnet) and 651940↔1,56,137,100,43114,8453,42161,10,25,42220,1111. Single source of truth for bridge/LP tooling. Verify canonical addresses per chain: see docs/07-ccip/EXPLORER_TOKENS_CANONICAL_MAPPING.md.", - "version": "1.1.0", - "updated": "2026-02-27", + "description": "Multi-chain token mapping: Chain 138↔651940 (ALL Mainnet) and 651940↔1,56,137,100,43114,8453,42161,10,25,42220,1111. Non-EVM networks (e.g. Solana) are listed under nonEvmNetworks only—no EIP-155 chain id. Single source of truth for bridge/LP tooling. Verify canonical addresses per chain: see docs/07-ccip/EXPLORER_TOKENS_CANONICAL_MAPPING.md.", + "version": "1.5.0", + "updated": "2026-04-07", "cToCwSymbolMapping": { "cUSDT": "cWUSDT", "cUSDC": "cWUSDC", + "cAUSDT": "cWAUSDT", + "cUSDW": "cWUSDW", "cEURC": "cWEURC", "cEURT": "cWEURT", "cGBPC": "cWGBPC", @@ -14,8 +16,168 @@ "cJPYC": "cWJPYC", "cCHFC": "cWCHFC", "cCADC": "cWCADC", + "cBTC": "cWBTC", "cXAUC": "cWXAUC", - "cXAUT": "cWXAUT" + "cXAUT": "cWXAUT", + "cETH": "cWETH", + "cETHL2": "cWETHL2", + "cBNB": "cWBNB", + "cPOL": "cWPOL", + "cAVAX": "cWAVAX", + "cCRO": "cWCRO", + "cXDAI": "cWXDAI", + "cCELO": "cWCELO", + "cWEMIX": "cWWEMIX" + }, + "gruIso4217Bridge": { + "description": "Versioned Chain 138 canonical c* and optional destination cW* v2 for GRU transport, including governance-approved non-ISO monetary units that follow the same c*/cW* bridge discipline. Transport pairs use mappingKey Compliant_*_cW. L1 locks canonical; L2 mints/burns mirrored (see CWMultiTokenBridgeL1/L2). token-mapping-loader resolves addresses from here when gru-transport-active bridge canonicalAssetVersion / mirroredAssetVersion request v2.", + "canonical138ByMappingKey": { + "Compliant_USDT_cW": { + "v1": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "v2": "0x9FBfab33882Efe0038DAa608185718b772EE5660" + }, + "Compliant_USDC_cW": { + "v1": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "v2": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d" + }, + "Compliant_EURC_cW": { + "v1": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", + "v2": "0x243e6581Dc8a98d98B92265858b322b193555C81" + }, + "Compliant_EURT_cW": { + "v1": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "v2": "0x2bAFA83d8fF8BaE9505511998987D0659791605B" + }, + "Compliant_GBPC_cW": { + "v1": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", + "v2": "0x707508D223103f5D2d9EFBc656302c9d48878b29" + }, + "Compliant_GBPT_cW": { + "v1": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", + "v2": "0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281" + }, + "Compliant_AUDC_cW": { + "v1": "0xD51482e567c03899eecE3CAe8a058161FD56069D", + "v2": "0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb" + }, + "Compliant_JPYC_cW": { + "v1": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", + "v2": "0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98" + }, + "Compliant_CHFC_cW": { + "v1": "0x873990849DDa5117d7C644f0aF24370797C03885", + "v2": "0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c" + }, + "Compliant_CADC_cW": { + "v1": "0x54dBd40cF05e15906A2C21f600937e96787f5679", + "v2": "0xe799033c87fE0CE316DAECcefBE3134CC74b76a9" + }, + "Compliant_XAUC_cW": { + "v1": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", + "v2": "0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647" + }, + "Compliant_XAUT_cW": { + "v1": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", + "v2": "0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1" + }, + "Compliant_BTC_cW": { + "v1": "0xcb7c000000000000000000000000000000000138" + } + }, + "mirroredV2ByMappingKeyAndChain": { + "Compliant_USDT_cW": { + "1": null, + "10": null, + "25": null, + "56": null, + "100": null, + "137": null, + "8453": null, + "42161": null, + "43114": null + }, + "Compliant_USDC_cW": { + "1": null, + "10": null, + "25": null, + "56": null, + "100": null, + "137": null, + "8453": null, + "42161": null, + "43114": null + }, + "Compliant_BTC_cW": { + "1": null, + "10": null, + "25": null, + "56": null, + "100": null, + "137": null, + "8453": null, + "42161": null, + "43114": null + } + } + }, + "dwinUsdWinPublic": { + "description": "CMC-listed USD DWIN (USDW) native ERC-20 on public chains; collateral for wrap → cWUSDW → GRU bridge ↔ Chain 138 cUSDW. Not the same contract as Cronos ISO-4217W USDW (chain 25).", + "reference": "https://coinmarketcap.com/currencies/usd-dwin/", + "migrationDetails": "https://usddwin.com/migration-binance-chain/", + "chains": { + "56": { + "usdwCurrent": "0xed75ad08f416d4e53e4d45dd5140a4c8b84f39fb", + "usdwDeprecated": "0xabddb950f2ae8430c5a818f8bb4ec09e3ae41253", + "cwUsdwBridgeMirror": "0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55", + "decimalsNote": "Read decimals() on-chain; wrap adapter must normalize amounts to match cUSDW/cWUSDW (6) for bridge accounting." + }, + "137": { + "usdwCurrent": "0x3deb0c60f0be9d9b99da83a2b6b2ee790f5af37a", + "usdwDeprecated": "0x60f7dd499956ec8fcea8ed80e9d7eade4ccdc417", + "cwUsdwBridgeMirror": null, + "decimalsNote": "Native Polygon USD DWIN exists and should be verified on-chain via decimals(); wrap logic must normalize to cUSDW/cWUSDW (6) for bridge accounting.", + "notes": "Native Polygon USD DWIN is already pinned here. The remaining task is to deploy Polygon cWUSDW, then set cwUsdwBridgeMirror and Compliant_USDW_cW.addressTo in this file." + } + } + }, + "alltraAusdtOrigin": { + "description": "ALL Mainnet (Alltra) native AUSDT is the source token for the live AUSDT -> cWAUSDT -> Chain 138 cAUSDT corridor. Unlike USDW, this path originates on chain 651940, so public-chain cWAUSDT is treated as the bridge mirror rather than a native-public collateral wrapper.", + "reference": "docs/11-references/ALL_MAINNET_TOKEN_ADDRESSES.md", + "chains": { + "56": { + "cwAusdtBridgeMirror": "0xe1a51Bc037a79AB36767561B147eb41780124934", + "notes": "Existing public-chain cWAUSDT mirror on BSC from deployment-status.json. Reused for the live cAUSDT transport lane." + }, + "137": { + "cwAusdtBridgeMirror": "0xf12e262F85107df26741726b074606CaFa24AAe7", + "notes": "Polygon cWAUSDT bridge mirror is now deployed and wired to the GRU bridge lane." + }, + "42220": { + "cwAusdtBridgeMirror": "0xC158b6cD3A3088C52F797D41f5Aa02825361629e", + "notes": "Celo cWAUSDT mirror is deployed and bridge-wired. Reused for the live cAUSDT transport lane." + }, + "43114": { + "cwAusdtBridgeMirror": "0xff3084410A732231472Ee9f93F5855dA89CC5254", + "notes": "Existing public-chain cWAUSDT mirror on Avalanche from deployment-status.json. Reused for the live cAUSDT transport lane." + }, + "651940": { + "ausdtCurrent": "0x015B1897Ed5279930bC2Be46F661894d219292A6", + "notes": "Primary AUSDT on ALL Mainnet. The legacy AUSDT <-> cUSDT route still exists, and the dedicated cAUSDT landing surface on Chain 138 is now live." + } + } + }, + "alltraXauDestination": { + "description": "ALL Mainnet (Alltra) inbound gold corridor from Chain 138. Source-leg wrapping is cWXAUC/cWXAUT, bridge-minted wrapped destination symbols are cWAXAUC/cWAXAUT, and unwrapped ALL Mainnet native landing assets are cAXAUC/cAXAUT.", + "reference": "docs/03-deployment/CXAUC_CXAUT_CWAXAUC_CWAXAUT_ALLTRA_BRIDGE_CHECKLIST.md", + "chains": { + "651940": { + "caxauc": null, + "caxaut": null, + "cwaxauc": null, + "cwaxaut": null, + "notes": "Fill these addresses only after the ALL Mainnet wrapped and unwrapped gold contracts are deployed and the unwrap vault / bridge roles are wired." + } + } }, "chainNames": { "1": "Ethereum Mainnet", @@ -26,13 +188,22 @@ "137": "Polygon", "138": "SMOM-DBIS-138 (DeFi Oracle Meta)", "1111": "Wemix", - "42793": "Etherlink", "8453": "Base", "42161": "Arbitrum One", "42220": "Celo", + "42793": "Etherlink", "43114": "Avalanche C-Chain", "651940": "ALL Mainnet (Alltra)" }, + "nonEvmNetworks": { + "Solana": { + "vmKind": "SVM", + "caip2": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp", + "adapterContract": "SolanaAdapter", + "adapterReference": "smom-dbis-138/contracts/bridge/adapters/non-evm/SolanaAdapter.sol", + "notes": "Mainnet-beta; not in .pairs (EVM chainId pairs only). Registry/oracle relay wiring same class as Tron/XRPL—see MULTI_CHAIN_DEPLOYMENT_GUIDE.md." + } + }, "pairs": [ { "fromChainId": 138, @@ -53,6 +224,13 @@ "addressTo": "0x015B1897Ed5279930bC2Be46F661894d219292A6", "notes": "138 cUSDT → ALL Mainnet AUSDT (primary)" }, + { + "key": "Compliant_AUSDT", + "name": "Compliant AUSDT (cAUSDT)", + "addressFrom": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "addressTo": "0x015B1897Ed5279930bC2Be46F661894d219292A6", + "notes": "Live 138 cAUSDT -> ALL Mainnet AUSDT path." + }, { "key": "Compliant_USDT_cW", "name": "cUSDT→cWUSDT", @@ -132,17 +310,17 @@ }, { "key": "Compliant_XAUC_cW", - "name": "cXAUC→cWXAUC", + "name": "cXAUC→cWAXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", "addressTo": "0x0000000000000000000000000000000000000000", - "notes": "138 cXAUC → cWXAUC" + "notes": "651940 naming exception: wrap 138 cXAUC as cWXAUC on the source leg, bridge-mint as cWAXAUC on ALL Mainnet, unwrap to cAXAUC." }, { "key": "Compliant_XAUT_cW", - "name": "cXAUT→cWXAUT", + "name": "cXAUT→cWAXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", "addressTo": "0x0000000000000000000000000000000000000000", - "notes": "138 cXAUT → cWXAUT" + "notes": "651940 naming exception: wrap 138 cXAUT as cWXAUT on the source leg, bridge-mint as cWAXAUT on ALL Mainnet, unwrap to cAXAUT." } ] }, @@ -165,12 +343,33 @@ "addressTo": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", "notes": "651940 AUSDT → 138 cUSDT" }, + { + "key": "AUSDT_Compliant", + "name": "Alltra USD Token -> cAUSDT", + "addressFrom": "0x015B1897Ed5279930bC2Be46F661894d219292A6", + "addressTo": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "notes": "Live 651940 AUSDT -> 138 cAUSDT path." + }, { "key": "AUSDC", "name": "AUSDC", "addressFrom": "0xa95EeD79f84E6A0151eaEb9d441F9Ffd50e8e881", "addressTo": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", "notes": "651940 AUSDC → 138 cUSDC" + }, + { + "key": "AXAUC_Compliant", + "name": "Alltra Gold Coin -> cXAUC", + "addressFrom": "0x0000000000000000000000000000000000000000", + "addressTo": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", + "notes": "Planned reverse of the ALL Mainnet gold corridor. Set addressFrom when cAXAUC is deployed on chain 651940." + }, + { + "key": "AXAUT_Compliant", + "name": "Alltra Tether XAU -> cXAUT", + "addressFrom": "0x0000000000000000000000000000000000000000", + "addressTo": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", + "notes": "Planned reverse of the ALL Mainnet gold corridor. Set addressFrom when cAXAUT is deployed on chain 651940." } ] }, @@ -213,6 +412,20 @@ "addressFrom": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", "addressTo": "0x2de5F116bFcE3d0f922d9C8351e0c5Fc24b9284a", "notes": "138 cUSDC → Ethereum cWUSDC" + }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000000001", + "notes": "138 cBTC → Ethereum cWBTC. Distinct from Ethereum WBTC; this lane represents the GRU custody-backed BTC transport asset." + }, + { + "key": "Compliant_ETH_MAINNET_cW", + "name": "cETH->cWETH", + "addressFrom": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "addressTo": "0xf6dc5587e18f27adff60e303fdd98f35b50fa8a5", + "notes": "Wave 1 gas-family lane eth_mainnet: Chain 138 cETH -> Ethereum Mainnet cWETH. strict_escrow backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -256,6 +469,13 @@ "addressTo": "0x5355148C4740fcc3D7a96F05EdD89AB14851206b", "notes": "138 cUSDC → BSC cWUSDC; set addressTo when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000000038", + "notes": "138 cBTC → BSC cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", @@ -325,6 +545,27 @@ "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", "addressTo": "0x73E0CF8BF861D376B3a4C87c136F975027f045ff", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_USDW_cW", + "name": "cUSDW→cWUSDW", + "addressFrom": "0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e", + "addressTo": "0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55", + "notes": "138 cUSDW → BSC cWUSDW (GRU transport). Public USD DWIN (USDW) on BSC locks into wrap vault → mints this cWUSDW per dwinUsdWinPublic; unwrap releases dwinUsdWinPublic.chains.56.usdwCurrent." + }, + { + "key": "Compliant_AUSDT_cW", + "name": "cAUSDT→cWAUSDT", + "addressFrom": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "addressTo": "0xe1a51Bc037a79AB36767561B147eb41780124934", + "notes": "Live 138 cAUSDT -> BSC cWAUSDT corridor. BSC bridge mint/burn roles are wired." + }, + { + "key": "Compliant_BNB_cW", + "name": "cBNB->cWBNB", + "addressFrom": "0x94517875f32680984a5921da7abf78e22f65d70f", + "addressTo": "0x179034a08ac2c9c35d2e41239f68c79dca6f18fa", + "notes": "Wave 1 gas-family lane bnb: Chain 138 cBNB -> BSC cWBNB. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -358,7 +599,7 @@ "key": "Compliant_USDC", "name": "cUSDC", "addressFrom": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", - "addressTo": "0x3c499c542cEF5E3811e1192ce70d8cC03d5c1369", + "addressTo": "0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359", "notes": "138 cUSDC → Polygon USDC (native)" }, { @@ -368,6 +609,13 @@ "addressTo": "0xd6969bC19b53f866C64f2148aE271B2Dae0C58E4", "notes": "138 cUSDC → Polygon cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000000089", + "notes": "138 cBTC → Polygon cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", @@ -437,6 +685,27 @@ "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", "addressTo": "0x9e6044d730d4183bF7a666293d257d035Fba6d44", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_USDW_cW", + "name": "cUSDW→cWUSDW", + "addressFrom": "0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e", + "addressTo": "0x0000000000000000000000000000000000000000", + "notes": "Native Polygon USD DWIN already exists at dwinUsdWinPublic.chains.137.usdwCurrent. Remaining work: deploy Polygon cWUSDW on 137, grant bridge/wrap minter roles, then set this addressTo to match deployment-status.json cwTokens.cWUSDW." + }, + { + "key": "Compliant_AUSDT_cW", + "name": "cAUSDT→cWAUSDT", + "addressFrom": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "addressTo": "0xf12e262F85107df26741726b074606CaFa24AAe7", + "notes": "Live 138 cAUSDT -> Polygon cWAUSDT corridor. Polygon bridge mint/burn roles are wired." + }, + { + "key": "Compliant_POL_cW", + "name": "cPOL->cWPOL", + "addressFrom": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "addressTo": "0x25980244aacecb6d8c4b887261ed27f87cb2fc73", + "notes": "Wave 1 gas-family lane pol: Chain 138 cPOL -> Polygon cWPOL. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -480,75 +749,89 @@ "addressTo": "0xd6969bC19b53f866C64f2148aE271B2Dae0C58E4", "notes": "138 cUSDC → Gnosis cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000000064", + "notes": "138 cBTC → Gnosis cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", - "addressTo": "0x3CD9ee18db7ad13616FCC1c83bC6098e03968E66", + "addressTo": "0x25603ae4bff0b71d637b3573d1b6657f5f6d17ef", "notes": "138 cEURC → Gnosis cWEURC; set when deployed" }, { "key": "Compliant_EURT_cW", "name": "cEURT→cWEURT", "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "addressTo": "0xBeF5A0Bcc0E77740c910f197138cdD90F98d2427", + "addressTo": "0x8e54c52d34a684e22865ac9f2d7c27c30561a7b9", "notes": "138 cEURT → cWEURT" }, { "key": "Compliant_GBPC_cW", "name": "cGBPC→cWGBPC", "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", - "addressTo": "0x948690147D2e50ffe50C5d38C14125aD6a9FA036", + "addressTo": "0x4d9bc6c74ba65e37c4139f0aec9fc5ddff28dcc4", "notes": "138 cGBPC → cWGBPC" }, { "key": "Compliant_GBPT_cW", "name": "cGBPT→cWGBPT", "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", - "addressTo": "0x58a8D8F78F1B65c06dAd7542eC46b299629A60dd", + "addressTo": "0x9f6d2578003fe04e58a9819a4943732f2a203a61", "notes": "138 cGBPT → cWGBPT" }, { "key": "Compliant_AUDC_cW", "name": "cAUDC→cWAUDC", "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", - "addressTo": "0xFb4B6Cc81211F7d886950158294A44C312abCA29", + "addressTo": "0xddc4063f770f7c49d00b5a10fb552e922aa39b2c", "notes": "138 cAUDC → cWAUDC" }, { "key": "Compliant_JPYC_cW", "name": "cJPYC→cWJPYC", "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", - "addressTo": "0xf9f5D0ACD71C76F9476F10B3F3d3E201F0883C68", + "addressTo": "0x145e8e8c49b6a021969dd9d2c01c8fea44374f61", "notes": "138 cJPYC → cWJPYC" }, { "key": "Compliant_CHFC_cW", "name": "cCHFC→cWCHFC", "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", - "addressTo": "0xeE17bB0322383fecCA2784fbE2d4CD7d02b1905B", + "addressTo": "0x46d90d7947f1139477c206c39268923b99cf09e4", "notes": "138 cCHFC → cWCHFC" }, { "key": "Compliant_CADC_cW", "name": "cCADC→cWCADC", "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", - "addressTo": "0xc9750828124D4c10e7a6f4B655cA8487bD3842EB", + "addressTo": "0xa7133c78e0ec74503a5941bcbd44257615b6b4f6", "notes": "138 cCADC → cWCADC" }, { "key": "Compliant_XAUC_cW", "name": "cXAUC→cWXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "addressTo": "0x328Cd365Bb35524297E68ED28c6fF2C9557d1363", + "addressTo": "0x23873b85cfeb343eb952618e8c9e9bfb7f6a0d45", "notes": "138 cXAUC → cWXAUC" }, { "key": "Compliant_XAUT_cW", "name": "cXAUT→cWXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "addressTo": "0x9e6044d730d4183bF7a666293d257d035Fba6d44", + "addressTo": "0xc6189d404dc60cae7b48e2190e44770a03193e5f", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_XDAI_cW", + "name": "cXDAI->cWXDAI", + "addressFrom": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "addressTo": "0x9f833b4f1012f52eb3317b09922a79c6edfca77d", + "notes": "Wave 1 gas-family lane xdai: Chain 138 cXDAI -> Gnosis Chain cWXDAI. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -592,75 +875,103 @@ "addressTo": "0x0C242b513008Cd49C89078F5aFb237A3112251EB", "notes": "138 cUSDC → Avalanche cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c00000000000000000000000000000000a86a", + "notes": "138 cBTC → Avalanche cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", - "addressTo": "0x61D642979eD75c1325f35b9275C5A7FE97F22451", + "addressTo": "0x84353ed1f0c7a703a17abad19b0db15bc9a5e3e5", "notes": "138 cEURC → Avalanche cWEURC; set when deployed" }, { "key": "Compliant_EURT_cW", "name": "cEURT→cWEURT", "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "addressTo": "0x30751782486eed825187C1EAe5DE4b4baD428AaE", + "addressTo": "0xfc7d256e48253f7a7e08f0e55b9ff7039eb2524c", "notes": "138 cEURT → cWEURT" }, { "key": "Compliant_GBPC_cW", "name": "cGBPC→cWGBPC", "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", - "addressTo": "0xb0FA7ec4123C7c275B3a89d9239569707Ea3C66A", + "addressTo": "0xbdf0c4ea1d81e8e769b0f41389a2c733e3ff723e", "notes": "138 cGBPC → cWGBPC" }, { "key": "Compliant_GBPT_cW", "name": "cGBPT→cWGBPT", "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", - "addressTo": "0x6389a643e71F000FC4ce5a0d58fDC4a40AD68EBE", + "addressTo": "0x4611d3424e059392a52b957e508273bc761c80f2", "notes": "138 cGBPT → cWGBPT" }, { "key": "Compliant_AUDC_cW", "name": "cAUDC→cWAUDC", "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", - "addressTo": "0x528376e3a4bAAE78F7F4D0E9aDB75eFA9942373E", + "addressTo": "0x04e1e22b0d41e99f4275bd40a50480219bc9a223", "notes": "138 cAUDC → cWAUDC" }, { "key": "Compliant_JPYC_cW", "name": "cJPYC→cWJPYC", "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", - "addressTo": "0xCF9D867DA220c6B4756BeDC6888dDac3a0463AEa", + "addressTo": "0x3714b1a312e0916c7dcdc4edf480fc0339e59a59", "notes": "138 cJPYC → cWJPYC" }, { "key": "Compliant_CHFC_cW", "name": "cCHFC→cWCHFC", "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", - "addressTo": "0x4f6167e9aE79878f6Cd71330eAD7f68a45Ed29DC", + "addressTo": "0xc2fa05f12a75ac84ea778af9d6935ca807275e55", "notes": "138 cCHFC → cWCHFC" }, { "key": "Compliant_CADC_cW", "name": "cCADC→cWCADC", "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", - "addressTo": "0x1B051588A33A7d56ed46f7C5C78870175b44F9FA", + "addressTo": "0x1872e033b30f3ce0498847926857433e0146394e", "notes": "138 cCADC → cWCADC" }, { "key": "Compliant_XAUC_cW", "name": "cXAUC→cWXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "addressTo": "0x826d5F3e5713C76a1D13e41A76843A361090c896", + "addressTo": "0x4f95297c23d9f4a1032b1c6a2e553225cb175bee", "notes": "138 cXAUC → cWXAUC" }, { "key": "Compliant_XAUT_cW", "name": "cXAUT→cWXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "addressTo": "0xC15ACdBAC59B3C7Cb4Ea4B3D58334A4b143B4b44", + "addressTo": "0xd2b4dbf2f6bd6704e066d752eec61fb0be953fd3", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_USDW_cW", + "name": "cUSDW→cWUSDW", + "addressFrom": "0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e", + "addressTo": "0xcfdCe5E660FC2C8052BDfa7aEa1865DD753411Ae", + "notes": "138 cUSDW → Avalanche cWUSDW. No CMC USD DWIN native on 43114 in dwinUsdWinPublic; wrap path N/A unless issuer deploys USDW on Avalanche." + }, + { + "key": "Compliant_AUSDT_cW", + "name": "cAUSDT→cWAUSDT", + "addressFrom": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "addressTo": "0xff3084410A732231472Ee9f93F5855dA89CC5254", + "notes": "Live 138 cAUSDT -> Avalanche cWAUSDT corridor. Avalanche bridge mint/burn roles are wired." + }, + { + "key": "Compliant_AVAX_cW", + "name": "cAVAX->cWAVAX", + "addressFrom": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "addressTo": "0xe1d4aee2ef8f48a20338935188a8fe7f7c7de7d0", + "notes": "Wave 1 gas-family lane avax: Chain 138 cAVAX -> Avalanche C-Chain cWAVAX. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -704,75 +1015,89 @@ "addressTo": "0x377a5FaA3162b3Fc6f4e267301A3c817bAd18105", "notes": "138 cUSDC → Base cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000002105", + "notes": "138 cBTC → Base cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", - "addressTo": "0x0cb0192C056aa425C557BdeAD8E56C7eEabf7acF", + "addressTo": "0xcb145ba9a370681e3545f60e55621ebf218b1031", "notes": "138 cEURC → Base cWEURC; set when deployed" }, { "key": "Compliant_EURT_cW", "name": "cEURT→cWEURT", "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "addressTo": "0xd6969bC19b53f866C64f2148aE271B2Dae0C58E4", + "addressTo": "0x73e0cf8bf861d376b3a4c87c136f975027f045ff", "notes": "138 cEURT → cWEURT" }, { "key": "Compliant_GBPC_cW", "name": "cGBPC→cWGBPC", "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", - "addressTo": "0x3CD9ee18db7ad13616FCC1c83bC6098e03968E66", + "addressTo": "0x2a0023ad5ce1ac6072b454575996dffb1bb11b16", "notes": "138 cGBPC → cWGBPC" }, { "key": "Compliant_GBPT_cW", "name": "cGBPT→cWGBPT", "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", - "addressTo": "0xBeF5A0Bcc0E77740c910f197138cdD90F98d2427", + "addressTo": "0x22b98130ab4d9c355512b25ade4c35e75a4e7e89", "notes": "138 cGBPT → cWGBPT" }, { "key": "Compliant_AUDC_cW", "name": "cAUDC→cWAUDC", "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", - "addressTo": "0x948690147D2e50ffe50C5d38C14125aD6a9FA036", + "addressTo": "0xa846aead3071df1b6439d5d813156ace7c2c1da1", "notes": "138 cAUDC → cWAUDC" }, { "key": "Compliant_JPYC_cW", "name": "cJPYC→cWJPYC", "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", - "addressTo": "0x58a8D8F78F1B65c06dAd7542eC46b299629A60dd", + "addressTo": "0x29828e9ab2057cd3df3c9211455ae1f76e53d2af", "notes": "138 cJPYC → cWJPYC" }, { "key": "Compliant_CHFC_cW", "name": "cCHFC→cWCHFC", "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", - "addressTo": "0xFb4B6Cc81211F7d886950158294A44C312abCA29", + "addressTo": "0xc1535e88578d984f12eab55863376b8d8b9fb05a", "notes": "138 cCHFC → cWCHFC" }, { "key": "Compliant_CADC_cW", "name": "cCADC→cWCADC", "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", - "addressTo": "0xf9f5D0ACD71C76F9476F10B3F3d3E201F0883C68", + "addressTo": "0xdc383c489533a4dd9a6bd3007386e25d5078b878", "notes": "138 cCADC → cWCADC" }, { "key": "Compliant_XAUC_cW", "name": "cXAUC→cWXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "addressTo": "0xeE17bB0322383fecCA2784fbE2d4CD7d02b1905B", + "addressTo": "0x7e4b4682453bcce19ec903fb69153d3031986bc4", "notes": "138 cXAUC → cWXAUC" }, { "key": "Compliant_XAUT_cW", "name": "cXAUT→cWXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "addressTo": "0xc9750828124D4c10e7a6f4B655cA8487bD3842EB", + "addressTo": "0xcc6ae6016d564e9ab82aaff44d65e05a9b18951c", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_ETH_L2_cW", + "name": "cETHL2->cWETHL2", + "addressFrom": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "addressTo": "0x2a0840e5117683b11682ac46f5cf5621e67269e3", + "notes": "Wave 1 gas-family lane eth_l2: Chain 138 cETHL2 -> Base cWETHL2. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -816,75 +1141,89 @@ "addressTo": "0x0cb0192C056aa425C557BdeAD8E56C7eEabf7acF", "notes": "138 cUSDC → Arbitrum cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c00000000000000000000000000000000a4b1", + "notes": "138 cBTC → Arbitrum cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", - "addressTo": "0xd6969bC19b53f866C64f2148aE271B2Dae0C58E4", + "addressTo": "0x2a0023ad5ce1ac6072b454575996dffb1bb11b16", "notes": "138 cEURC → Arbitrum cWEURC; set when deployed" }, { "key": "Compliant_EURT_cW", "name": "cEURT→cWEURT", "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "addressTo": "0x3CD9ee18db7ad13616FCC1c83bC6098e03968E66", + "addressTo": "0x22b98130ab4d9c355512b25ade4c35e75a4e7e89", "notes": "138 cEURT → cWEURT" }, { "key": "Compliant_GBPC_cW", "name": "cGBPC→cWGBPC", "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", - "addressTo": "0xBeF5A0Bcc0E77740c910f197138cdD90F98d2427", + "addressTo": "0xa846aead3071df1b6439d5d813156ace7c2c1da1", "notes": "138 cGBPC → cWGBPC" }, { "key": "Compliant_GBPT_cW", "name": "cGBPT→cWGBPT", "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", - "addressTo": "0x948690147D2e50ffe50C5d38C14125aD6a9FA036", + "addressTo": "0x29828e9ab2057cd3df3c9211455ae1f76e53d2af", "notes": "138 cGBPT → cWGBPT" }, { "key": "Compliant_AUDC_cW", "name": "cAUDC→cWAUDC", "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", - "addressTo": "0x58a8D8F78F1B65c06dAd7542eC46b299629A60dd", + "addressTo": "0xc1535e88578d984f12eab55863376b8d8b9fb05a", "notes": "138 cAUDC → cWAUDC" }, { "key": "Compliant_JPYC_cW", "name": "cJPYC→cWJPYC", "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", - "addressTo": "0xFb4B6Cc81211F7d886950158294A44C312abCA29", + "addressTo": "0xdc383c489533a4dd9a6bd3007386e25d5078b878", "notes": "138 cJPYC → cWJPYC" }, { "key": "Compliant_CHFC_cW", "name": "cCHFC→cWCHFC", "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", - "addressTo": "0xf9f5D0ACD71C76F9476F10B3F3d3E201F0883C68", + "addressTo": "0x7e4b4682453bcce19ec903fb69153d3031986bc4", "notes": "138 cCHFC → cWCHFC" }, { "key": "Compliant_CADC_cW", "name": "cCADC→cWCADC", "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", - "addressTo": "0xeE17bB0322383fecCA2784fbE2d4CD7d02b1905B", + "addressTo": "0xcc6ae6016d564e9ab82aaff44d65e05a9b18951c", "notes": "138 cCADC → cWCADC" }, { "key": "Compliant_XAUC_cW", "name": "cXAUC→cWXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "addressTo": "0xc9750828124D4c10e7a6f4B655cA8487bD3842EB", + "addressTo": "0xa7762b63c4871581885ad17c5714ebb286a7480b", "notes": "138 cXAUC → cWXAUC" }, { "key": "Compliant_XAUT_cW", "name": "cXAUT→cWXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "addressTo": "0x328Cd365Bb35524297E68ED28c6fF2C9557d1363", + "addressTo": "0x66568899ffe8f00b25dc470e878b65a478994e76", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_ETH_L2_cW", + "name": "cETHL2->cWETHL2", + "addressFrom": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "addressTo": "0xe27be001bc55cb2a8ed5ba5a62c834ca135244a3", + "notes": "Wave 1 gas-family lane eth_l2: Chain 138 cETHL2 -> Arbitrum One cWETHL2. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -928,75 +1267,89 @@ "addressTo": "0x377a5FaA3162b3Fc6f4e267301A3c817bAd18105", "notes": "138 cUSDC → Optimism cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c00000000000000000000000000000000000a", + "notes": "138 cBTC → Optimism cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", - "addressTo": "0x2627177f33968128C7fb916F5B9E1f14cc550A80", + "addressTo": "0x4ab39b5bab7b463435209a9039bd40cf241f5a82", "notes": "138 cEURC → Optimism cWEURC; set when deployed" }, { "key": "Compliant_EURT_cW", "name": "cEURT→cWEURT", "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "addressTo": "0x07dE1f489E1bfCE2c326066a9DFc10e731CBA0CB", + "addressTo": "0x6f521cd9fcf7884cd4e9486c7790e818638e09dd", "notes": "138 cEURT → cWEURT" }, { "key": "Compliant_GBPC_cW", "name": "cGBPC→cWGBPC", "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", - "addressTo": "0x9a1D0dBEE997929ED02fD19E0E199704d20914dB", + "addressTo": "0x3f8c409c6072a2b6a4ff17071927ba70f80c725f", "notes": "138 cGBPC → cWGBPC" }, { "key": "Compliant_GBPT_cW", "name": "cGBPT→cWGBPT", "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", - "addressTo": "0x5355148C4740fcc3D7a96F05EdD89AB14851206b", + "addressTo": "0x456373d095d6b9260f01709f93fccf1d8aa14d11", "notes": "138 cGBPT → cWGBPT" }, { "key": "Compliant_AUDC_cW", "name": "cAUDC→cWAUDC", "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", - "addressTo": "0x50b073d0D1D2f002745cb9FC28a057d5be84911c", + "addressTo": "0x25603ae4bff0b71d637b3573d1b6657f5f6d17ef", "notes": "138 cAUDC → cWAUDC" }, { "key": "Compliant_JPYC_cW", "name": "cJPYC→cWJPYC", "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", - "addressTo": "0x1ED9E491A5eCd53BeF21962A5FCE24880264F63f", + "addressTo": "0x8e54c52d34a684e22865ac9f2d7c27c30561a7b9", "notes": "138 cJPYC → cWJPYC" }, { "key": "Compliant_CHFC_cW", "name": "cCHFC→cWCHFC", "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", - "addressTo": "0x8b6EE72001cAFcb21D56a6c4686D6Db951d499A6", + "addressTo": "0x4d9bc6c74ba65e37c4139f0aec9fc5ddff28dcc4", "notes": "138 cCHFC → cWCHFC" }, { "key": "Compliant_CADC_cW", "name": "cCADC→cWCADC", "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", - "addressTo": "0xA6eFb8783C8ad2740ec880e46D4f7E608E893B1B", + "addressTo": "0x9f6d2578003fe04e58a9819a4943732f2a203a61", "notes": "138 cCADC → cWCADC" }, { "key": "Compliant_XAUC_cW", "name": "cXAUC→cWXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "addressTo": "0x7062f35567BBAb4d98dc33af03B0d14Df42294D5", + "addressTo": "0xddc4063f770f7c49d00b5a10fb552e922aa39b2c", "notes": "138 cXAUC → cWXAUC" }, { "key": "Compliant_XAUT_cW", "name": "cXAUT→cWXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "addressTo": "0x5fbCE65524211BC1bFb0309fd9EE09E786c6D097", + "addressTo": "0x145e8e8c49b6a021969dd9d2c01c8fea44374f61", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_ETH_L2_cW", + "name": "cETHL2->cWETHL2", + "addressFrom": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "addressTo": "0x95007ec50d0766162f77848edf7bdc4eba147fb4", + "notes": "Wave 1 gas-family lane eth_l2: Chain 138 cETHL2 -> Optimism cWETHL2. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -1040,75 +1393,89 @@ "addressTo": "0x932566E5bB6BEBF6B035B94f3DE1f75f126304Ec", "notes": "138 cUSDC → Cronos cWUSDC; set when deployed" }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000000019", + "notes": "138 cBTC → Cronos cWBTC for the jewelry-box BTC transport lane." + }, { "key": "Compliant_EURC_cW", "name": "cEURC→cWEURC", "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0x7574d37F42528B47c88962931e48FC61608a4050", "notes": "138 cEURC → Cronos cWEURC; set when deployed" }, { "key": "Compliant_EURT_cW", "name": "cEURT→cWEURT", "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0x9f833b4f1012F52eb3317b09922a79c6EdFca77D", "notes": "138 cEURT → cWEURT" }, { "key": "Compliant_GBPC_cW", "name": "cGBPC→cWGBPC", "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0xe5c65A76A541368d3061fe9E7A2140cABB903dbF", "notes": "138 cGBPC → cWGBPC" }, { "key": "Compliant_GBPT_cW", "name": "cGBPT→cWGBPT", "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0xBb58fa16bAc8E789f09C14243adEE6480D8213A2", "notes": "138 cGBPT → cWGBPT" }, { "key": "Compliant_AUDC_cW", "name": "cAUDC→cWAUDC", "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0xff3084410A732231472Ee9f93F5855dA89CC5254", "notes": "138 cAUDC → cWAUDC" }, { "key": "Compliant_JPYC_cW", "name": "cJPYC→cWJPYC", "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0x52aD62B8bD01154e2A4E067F8Dc4144C9988d203", "notes": "138 cJPYC → cWJPYC" }, { "key": "Compliant_CHFC_cW", "name": "cCHFC→cWCHFC", "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0xB55F49D6316322d5caA96D34C6e4b1003BD3E670", "notes": "138 cCHFC → cWCHFC" }, { "key": "Compliant_CADC_cW", "name": "cCADC→cWCADC", "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0x32aD687F24F77bF8C86605c202c829163Ac5Ab36", "notes": "138 cCADC → cWCADC" }, { "key": "Compliant_XAUC_cW", "name": "cXAUC→cWXAUC", "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0xf1B771c95573113E993374c0c7cB2dc1a7908B12", "notes": "138 cXAUC → cWXAUC" }, { "key": "Compliant_XAUT_cW", "name": "cXAUT→cWXAUT", "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", - "addressTo": "0x0000000000000000000000000000000000000000", + "addressTo": "0xD517C0cF7013f988946A468c880Cc9F8e2A4BCbE", "notes": "138 cXAUT → cWXAUT" + }, + { + "key": "Compliant_CRO_cW", + "name": "cCRO->cWCRO", + "addressFrom": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "addressTo": "0x9b10eb0f77c45322dbd1fcb07176fd9a7609c164", + "notes": "Wave 1 gas-family lane cro: Chain 138 cCRO -> Cronos cWCRO. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." } ] }, @@ -1191,7 +1558,7 @@ "key": "AUSDC", "name": "USDC", "addressFrom": "0xa95EeD79f84E6A0151eaEb9d441F9Ffd50e8e881", - "addressTo": "0x3c499c542cEF5E3811e1192ce70d8cC03d5c1369", + "addressTo": "0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359", "notes": "Polygon USDC" } ] @@ -1392,6 +1759,139 @@ } ] }, + { + "fromChainId": 138, + "toChainId": 42220, + "notes": "Chain 138 ↔ Celo (CCIP); direct mapping; c*_cW = c* → cW* on destination", + "tokens": [ + { + "key": "WETH9", + "name": "Wrapped Ether", + "addressFrom": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", + "addressTo": "0xD221812de1BD094f35587EE8E174B07B6167D9Af", + "notes": "138 WETH9 → Celo WETH" + }, + { + "key": "Compliant_USDT", + "name": "cUSDT", + "addressFrom": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "addressTo": "0x48065fbBE25f71C9282ddf5e1cD6D6A887483D5e", + "notes": "138 cUSDT → Celo USDT (native)" + }, + { + "key": "Compliant_USDT_cW", + "name": "cUSDT→cWUSDT", + "addressFrom": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "addressTo": "0x73376eB92c16977B126dB9112936A20Fa0De3442", + "notes": "138 cUSDT → Celo cWUSDT" + }, + { + "key": "Compliant_USDC", + "name": "cUSDC", + "addressFrom": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "addressTo": "0xcebA9300f2b948710d2653dD7B07f33A8B32118C", + "notes": "138 cUSDC → Celo USDC (native)" + }, + { + "key": "Compliant_USDC_cW", + "name": "cUSDC→cWUSDC", + "addressFrom": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "addressTo": "0x4C38F9A5ed68A04cd28a72E8c68C459Ec34576f3", + "notes": "138 cUSDC → Celo cWUSDC" + }, + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c00000000000000000000000000000000a4ec", + "notes": "138 cBTC → Celo cWBTC for the jewelry-box BTC transport lane." + }, + { + "key": "Compliant_AUSDT_cW", + "name": "cAUSDT→cWAUSDT", + "addressFrom": "0x5fdDF65733e3d590463F68f93Cf16E8c04081271", + "addressTo": "0xC158b6cD3A3088C52F797D41f5Aa02825361629e", + "notes": "Live 138 cAUSDT -> Celo cWAUSDT corridor. Celo bridge mint/burn roles are wired." + }, + { + "key": "Compliant_EURC_cW", + "name": "cEURC→cWEURC", + "addressFrom": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", + "addressTo": "0xb6D2f38b9015F32ccE8818509c712264E7fceeD3", + "notes": "138 cEURC → Celo cWEURC" + }, + { + "key": "Compliant_EURT_cW", + "name": "cEURT→cWEURT", + "addressFrom": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "addressTo": "0x7e6fB8D80f81430e560F8232b2A4fd06249d74ce", + "notes": "138 cEURT → Celo cWEURT" + }, + { + "key": "Compliant_GBPC_cW", + "name": "cGBPC→cWGBPC", + "addressFrom": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", + "addressTo": "0xE37c332a88f112F9e039C5d92D821402A89c7052", + "notes": "138 cGBPC → Celo cWGBPC" + }, + { + "key": "Compliant_GBPT_cW", + "name": "cGBPT→cWGBPT", + "addressFrom": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", + "addressTo": "0x1dBa81f91f1BeC47FFf60eC3e7DeD780ad9968E3", + "notes": "138 cGBPT → Celo cWGBPT" + }, + { + "key": "Compliant_AUDC_cW", + "name": "cAUDC→cWAUDC", + "addressFrom": "0xD51482e567c03899eecE3CAe8a058161FD56069D", + "addressTo": "0x2d3a2ED4Ca4d69912d217c305EE921609F7906A8", + "notes": "138 cAUDC → Celo cWAUDC" + }, + { + "key": "Compliant_JPYC_cW", + "name": "cJPYC→cWJPYC", + "addressFrom": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", + "addressTo": "0x0b39F47D2E68aB0eB18d4b637Bbd1dD8E97cFbB5", + "notes": "138 cJPYC → Celo cWJPYC" + }, + { + "key": "Compliant_CHFC_cW", + "name": "cCHFC→cWCHFC", + "addressFrom": "0x873990849DDa5117d7C644f0aF24370797C03885", + "addressTo": "0x8142BA530B08f3950128601F00DaaA678213DFdf", + "notes": "138 cCHFC → Celo cWCHFC" + }, + { + "key": "Compliant_CADC_cW", + "name": "cCADC→cWCADC", + "addressFrom": "0x54dBd40cF05e15906A2C21f600937e96787f5679", + "addressTo": "0x0C242b513008Cd49C89078F5aFb237A3112251EB", + "notes": "138 cCADC → Celo cWCADC" + }, + { + "key": "Compliant_XAUC_cW", + "name": "cXAUC→cWXAUC", + "addressFrom": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", + "addressTo": "0x61D642979eD75c1325f35b9275C5A7FE97F22451", + "notes": "138 cXAUC → Celo cWXAUC" + }, + { + "key": "Compliant_XAUT_cW", + "name": "cXAUT→cWXAUT", + "addressFrom": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", + "addressTo": "0x30751782486eed825187C1EAe5DE4b4baD428AaE", + "notes": "138 cXAUT → Celo cWXAUT" + }, + { + "key": "Compliant_CELO_cW", + "name": "cCELO->cWCELO", + "addressFrom": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "addressTo": "0xb0fa7ec4123c7c275b3a89d9239569707ea3c66a", + "notes": "Wave 1 gas-family lane celo: Chain 138 cCELO -> Celo cWCELO. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." + } + ] + }, { "fromChainId": 651940, "toChainId": 1111, @@ -1420,6 +1920,27 @@ } ] }, + { + "fromChainId": 138, + "toChainId": 1111, + "notes": "Chain 138 ↔ Wemix (staged only). Keep BTC transport config in sync for future activation, but do not treat this lane as launch-blocking until the operator and bridge readiness gap is closed.", + "tokens": [ + { + "key": "Compliant_BTC_cW", + "name": "cBTC→cWBTC", + "addressFrom": "0xcb7c000000000000000000000000000000000138", + "addressTo": "0xcb7c000000000000000000000000000000000457", + "notes": "Staged 138 cBTC → Wemix cWBTC lane. Leave disabled in gru-transport-active until Wemix bridgeAvailable becomes true." + }, + { + "key": "Compliant_WEMIX_cW", + "name": "cWEMIX->cWWEMIX", + "addressFrom": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "addressTo": "0xc111000000000000000000000000000000000457", + "notes": "Wave 1 gas-family lane wemix: Chain 138 cWEMIX -> Wemix cWWEMIX. hybrid_cap backing with uniswap_v3 reference pricing and DODO PMM edge liquidity." + } + ] + }, { "fromChainId": 138, "toChainId": 42793, @@ -1455,5 +1976,359 @@ } ] } - ] + ], + "gasAssetRegistry": { + "description": "Wave 1 gas-native compliant family registry for Chain 138 as hub. Canonical gas-family c* assets live on Chain 138; public chains use mirrored cW* lanes with DODO PMM for the compliant edge rail and Uniswap v3 as the reference venue. ETH mainnet and ETH L2 are intentionally separated families.", + "wave": "wave1", + "families": [ + { + "familyKey": "eth_mainnet", + "mappingKey": "Compliant_ETH_MAINNET_cW", + "canonicalSymbol138": "cETH", + "mirroredSymbol": "cWETH", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 1 + ], + "laneGroup": "eth_mainnet", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "mirroredAddresses": { + "1": "0xf6dc5587e18f27adff60e303fdd98f35b50fa8a5" + }, + "perLaneCaps": { + "1": "500000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cETH Mainnet", + "mirrored": "cWETH Mainnet" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "eth_l2", + "mappingKey": "Compliant_ETH_L2_cW", + "canonicalSymbol138": "cETHL2", + "mirroredSymbol": "cWETHL2", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 10, + 42161, + 8453 + ], + "laneGroup": "eth_l2_shared", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "wrappedNativeQuoteSymbol": "WETH", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "mirroredAddresses": { + "10": "0x95007ec50d0766162f77848edf7bdc4eba147fb4", + "8453": "0x2a0840e5117683b11682ac46f5cf5621e67269e3", + "42161": "0xe27be001bc55cb2a8ed5ba5a62c834ca135244a3" + }, + "perLaneCaps": { + "10": "1000000000000000000000", + "8453": "1000000000000000000000", + "42161": "1000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cETHL2", + "mirrored": "cWETHL2" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "bnb", + "mappingKey": "Compliant_BNB_cW", + "canonicalSymbol138": "cBNB", + "mirroredSymbol": "cWBNB", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 56 + ], + "laneGroup": "bnb", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WBNB", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x94517875f32680984a5921da7abf78e22f65d70f", + "mirroredAddresses": { + "56": "0x179034a08ac2c9c35d2e41239f68c79dca6f18fa" + }, + "perLaneCaps": { + "56": "3000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cBNB", + "mirrored": "cWBNB" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "pol", + "mappingKey": "Compliant_POL_cW", + "canonicalSymbol138": "cPOL", + "mirroredSymbol": "cWPOL", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 137 + ], + "laneGroup": "pol", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WPOL", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "mirroredAddresses": { + "137": "0x25980244aacecb6d8c4b887261ed27f87cb2fc73" + }, + "perLaneCaps": { + "137": "2000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cPOL", + "mirrored": "cWPOL" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "avax", + "mappingKey": "Compliant_AVAX_cW", + "canonicalSymbol138": "cAVAX", + "mirroredSymbol": "cWAVAX", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 43114 + ], + "laneGroup": "avax", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WAVAX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "mirroredAddresses": { + "43114": "0xe1d4aee2ef8f48a20338935188a8fe7f7c7de7d0" + }, + "perLaneCaps": { + "43114": "200000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cAVAX", + "mirrored": "cWAVAX" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "cro", + "mappingKey": "Compliant_CRO_cW", + "canonicalSymbol138": "cCRO", + "mirroredSymbol": "cWCRO", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 25 + ], + "laneGroup": "cro", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WCRO", + "stableQuoteSymbol": "USDT", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "mirroredAddresses": { + "25": "0x9b10eb0f77c45322dbd1fcb07176fd9a7609c164" + }, + "perLaneCaps": { + "25": "5000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cCRO", + "mirrored": "cWCRO" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "xdai", + "mappingKey": "Compliant_XDAI_cW", + "canonicalSymbol138": "cXDAI", + "mirroredSymbol": "cWXDAI", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 100 + ], + "laneGroup": "xdai", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WXDAI", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "mirroredAddresses": { + "100": "0x9f833b4f1012f52eb3317b09922a79c6edfca77d" + }, + "perLaneCaps": { + "100": "5000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cXDAI", + "mirrored": "cWXDAI" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "celo", + "mappingKey": "Compliant_CELO_cW", + "canonicalSymbol138": "cCELO", + "mirroredSymbol": "cWCELO", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 42220 + ], + "laneGroup": "celo", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WCELO", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "mirroredAddresses": { + "42220": "0xb0fa7ec4123c7c275b3a89d9239569707ea3c66a" + }, + "perLaneCaps": { + "42220": "3000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cCELO", + "mirrored": "cWCELO" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + }, + { + "familyKey": "wemix", + "mappingKey": "Compliant_WEMIX_cW", + "canonicalSymbol138": "cWEMIX", + "mirroredSymbol": "cWWEMIX", + "assetClass": "gas_native", + "registryFamily": "gas_native", + "originChains": [ + 1111 + ], + "laneGroup": "wemix", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "wrappedNativeQuoteSymbol": "WWEMIX", + "stableQuoteSymbol": "USDC", + "referenceVenue": "uniswap_v3", + "canonicalAddress138": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "mirroredAddresses": { + "1111": "0xc111000000000000000000000000000000000457" + }, + "perLaneCaps": { + "1111": "2000000000000000000000000" + }, + "decimals": 18, + "displayAliases": { + "canonical": "cWEMIX Hub", + "mirrored": "cWWEMIX" + }, + "hubRebalance": { + "canonicalChainId": 138, + "defaultNumeraire": "cUSDC", + "treasuryQuoteSymbol": "WETH", + "preferredVenues": [ + "dodo_pmm", + "hub_inventory_book" + ] + } + } + ] + } } diff --git a/config/wormhole/README.md b/config/wormhole/README.md new file mode 100644 index 00000000..c7af1f52 --- /dev/null +++ b/config/wormhole/README.md @@ -0,0 +1,28 @@ +# Wormhole operator scaffolding + +Repo-side operator templates for Wormhole **NTT + Executor** preparation. + +What this bundle is for: + +- preparing an operator workstation or CT for `ntt` CLI usage +- storing non-secret example config for mainnet/testnet NTT projects +- recording deployed artifacts under `config/wormhole/deployed/` + +What it is **not**: + +- proof that Chain 138 is currently a Wormhole-supported chain +- a replacement for official Wormhole-supported chain lists or contract addresses + +Official references: + +- NTT get started: https://wormhole.com/docs/products/token-transfers/native-token-transfers/get-started/ +- Executor migration: https://wormhole.com/docs/protocol/infrastructure/relayers/executor-vs-sr/ +- Chain IDs reference: https://wormhole.com/docs/products/reference/chain-ids/ + +Files: + +| File | Purpose | +|------|---------| +| `ntt-operator.example.env` | Environment template for operator use | +| `ntt-deployment.example.json` | Minimal `deployment.json` seed | +| `deployed/README.md` | What to store after real deploys | diff --git a/config/wormhole/deployed/.gitignore b/config/wormhole/deployed/.gitignore new file mode 100644 index 00000000..7c9d611b --- /dev/null +++ b/config/wormhole/deployed/.gitignore @@ -0,0 +1,3 @@ +* +!.gitignore +!README.md diff --git a/config/wormhole/deployed/README.md b/config/wormhole/deployed/README.md new file mode 100644 index 00000000..749e72d8 --- /dev/null +++ b/config/wormhole/deployed/README.md @@ -0,0 +1,10 @@ +# Wormhole deployed artifacts + +Store non-secret Wormhole deployment outputs here, for example: + +- `deployment.mainnet.json` +- `deployment.testnet.json` +- `executor-capabilities.snapshot.json` +- `supported-chains.audit.md` + +Do not commit private keys, mnemonics, or provider API secrets. diff --git a/config/wormhole/ntt-deployment.example.json b/config/wormhole/ntt-deployment.example.json new file mode 100644 index 00000000..11904244 --- /dev/null +++ b/config/wormhole/ntt-deployment.example.json @@ -0,0 +1,4 @@ +{ + "network": "Mainnet", + "chains": {} +} diff --git a/config/wormhole/ntt-operator.example.env b/config/wormhole/ntt-operator.example.env new file mode 100644 index 00000000..096af54d --- /dev/null +++ b/config/wormhole/ntt-operator.example.env @@ -0,0 +1,21 @@ +# Wormhole NTT / Executor operator env +# Copy to a local-only env file; do not commit secrets. + +WORMHOLE_ENVIRONMENT=Mainnet +WORMHOLE_NTT_PROJECT_DIR=/home/opuser/wormhole-ntt-mainnet +WORMHOLE_EXECUTOR_URL=https://executor.labsapis.com +WORMHOLE_EXECUTOR_CAPABILITIES_URL=https://executor.labsapis.com/v0/capabilities + +# Example supported chains (Wormhole chain IDs differ from EVM chain IDs) +WORMHOLE_SOURCE_CHAIN_ID=2 +WORMHOLE_DEST_CHAIN_ID=4 + +# Chain 138 note: +# Chain 138 is not currently listed as a Wormhole-supported chain in the official Chain IDs reference. +# Do not mark a Chain 138 NTT deployment live until official support or a separate custom-chain onboarding path exists. + +# Secrets / RPCs (fill locally) +# SOURCE_RPC_URL= +# DEST_RPC_URL= +# DEPLOYER_PRIVATE_KEY= +# WORMHOLE_API_KEY= diff --git a/config/xdc-zero/README.md b/config/xdc-zero/README.md index 8906c334..df0588ed 100644 --- a/config/xdc-zero/README.md +++ b/config/xdc-zero/README.md @@ -2,14 +2,33 @@ Templates for pairing **DBIS Chain 138** with **XDC Network mainnet** JSON-RPC (`https://rpc.xinfin.network`, chain id 50) or Apothem/devnet, using the [XDC-Zero](https://github.com/XinFinOrg/XDC-Zero) Endpoint pattern, **without** replacing your existing subnet↔parent XDC-Relayer deployment. +## XDC Network (parent) — facts for XDC Zero + +| Item | Mainnet | Testnet (Apothem) | +|------|---------|-------------------| +| Chain ID | **50** (`0x32`) | **51** (`0x33`) | +| Gas / native currency | **XDC** (not ETH) | **TXDC** (testnet) | +| Default JSON-RPC (this repo) | `https://rpc.xinfin.network` | `https://rpc.apothem.network` | +| More RPC URLs | [Chainlist — XDC (50)](https://chainid.network/chain/50/) | [Chainlist — Apothem (51)](https://chainid.network/chain/51/) | +| Block explorers | [xdcscan.com](https://xdcscan.com), [xdcscan.io](https://xdcscan.io) | Apothem explorers on Chainlist | +| Project / docs hub | [xinfin.org](https://xinfin.org) | — | + +`PARENTNET_URL` / `XDC_PARENTNET_URL` must be **XDC-compatible** JSON-RPC. Variables such as `ETHEREUM_MAINNET_RPC` are for other workflows (verification, CCIP) and are **not** substitutes for the XDC parent endpoint. + | File | Purpose | |------|---------| -| [`xdc-zero-chain138-pair.example.env`](xdc-zero-chain138-pair.example.env) | Env vars for the **second** relayer pair (parent ↔ 138). Copy to a secure path; wire into XinFin relayer/docker or your own CSC updater. | +| [`xdc-zero-chain138-pair.example.env`](xdc-zero-chain138-pair.example.env) | Env vars for the **second** relayer pair (parent ↔ 138). Includes both operator-only Core RPC guidance and the public RPC values relayer/services should actually use. | +| [`xdc-relayer.dotenv.example`](xdc-relayer.dotenv.example) | Clone-local `.env` for a manually run **XDC-Relayer** checkout (`node dist/server.js`). | +| [`xdc-zero-relayer-138-pair.example.defaults`](xdc-zero-relayer-138-pair.example.defaults) | `/etc/default/xdc-zero-relayer-138-pair` example for the **systemd** unit. | | [`network.config.xdc-mainnet.example.json`](network.config.xdc-mainnet.example.json) | Example `network.config.json` for XDC-Zero `endpoint/`: **XDC mainnet** `https://rpc.xinfin.network` + LAN Chain 138. Merge or copy keys into your clone. | | [`endpointconfig.fragment.chain138.example.json`](endpointconfig.fragment.chain138.example.json) | Top-level **`chain138`** block to **merge** into XDC-Zero `endpointconfig.json`. Also **append** one object to existing `xdcparentnet.registers[]` for peer chain id 138 (see runbook). | | [`xdcparentnet-register-chain138.fragment.json`](xdcparentnet-register-chain138.fragment.json) | Single **`registers[]`** entry (chain id **138**) consumed by the merge helper for `xdcparentnet`. Replace zero addresses after CSC/Endpoint deploy. | -**Merge helper (repo):** `bash scripts/xdc-zero/merge-endpointconfig-chain138.sh` (requires `jq`). +**Scripts:** [scripts/xdc-zero/README.md](../../scripts/xdc-zero/README.md) — full list; start with `run-xdc-zero-138-operator-sequence.sh`. + +**Troubleshooting:** [docs/03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md](../../docs/03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md) + +**systemd (second relayer):** [`../systemd/xdc-zero-relayer-138-pair.example.service`](../systemd/xdc-zero-relayer-138-pair.example.service) + [`xdc-zero-relayer-138-pair.example.defaults`](xdc-zero-relayer-138-pair.example.defaults). Use [`xdc-relayer.dotenv.example`](xdc-relayer.dotenv.example) only for a clone-local relayer `.env`. **Canonical procedure:** [docs/03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md](../../docs/03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) diff --git a/config/xdc-zero/deployed/.gitignore b/config/xdc-zero/deployed/.gitignore new file mode 100644 index 00000000..8198b8f1 --- /dev/null +++ b/config/xdc-zero/deployed/.gitignore @@ -0,0 +1,4 @@ +# Operator-local outputs. Everything ignored by default; adjust if you version artifacts. +* +!.gitignore +!README.md diff --git a/config/xdc-zero/deployed/README.md b/config/xdc-zero/deployed/README.md new file mode 100644 index 00000000..a783e16c --- /dev/null +++ b/config/xdc-zero/deployed/README.md @@ -0,0 +1,9 @@ +# Generated XDC Zero deployment artifacts (gitignored) + +After you deploy contracts, save **non-secret** artifacts here for your own records (optional): + +- `endpoint-chain138.env` — `MERKLE_PATRICIA=…` `ENDPOINT=…` `SIMPLE_CSC=…` (lines suitable for `set -a && source`) +- `endpoint-apothem-or-mainnet.env` — parentnet Endpoint + CSC addresses +- `endpointconfig.fragment.chain138.json` / `xdcparentnet-register-chain138.fragment.json` — generated fragments from `set-fragment-addresses.sh`; these may be staged in `--chain138-only` mode first, with parent-side zero placeholders until the parent deploy is complete. + +Do **not** commit private keys. Run `scripts/xdc-zero/set-fragment-addresses.sh` (writes **`deployed/endpointconfig.fragment.chain138.json`** and **`deployed/xdcparentnet-register-chain138.fragment.json`**), then merge with `XDC_ZERO_CHAIN138_FRAG` and `XDC_ZERO_REG_FRAG` pointing at those files (see script output). diff --git a/config/xdc-zero/network.config.xdc-mainnet.example.json b/config/xdc-zero/network.config.xdc-mainnet.example.json index 7d477a3c..0f7294bb 100644 --- a/config/xdc-zero/network.config.xdc-mainnet.example.json +++ b/config/xdc-zero/network.config.xdc-mainnet.example.json @@ -1,5 +1,5 @@ { "xdcsubnet": "http://localhost:8545", - "xdcparentnet": "https://rpc.xinfin.network", + "xdcparentnet": "https://erpc.xinfin.network", "chain138": "http://192.168.11.211:8545" } diff --git a/config/xdc-zero/xdc-relayer.dotenv.example b/config/xdc-zero/xdc-relayer.dotenv.example new file mode 100644 index 00000000..4466f203 --- /dev/null +++ b/config/xdc-zero/xdc-relayer.dotenv.example @@ -0,0 +1,43 @@ +# Copy to your XDC-Relayer clone as `.env`. +# For systemd `/etc/default/xdc-zero-relayer-138-pair`, prefer +# `config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults`. +# Built relayer: https://github.com/XinFinOrg/XDC-Relayer — `npm install && npm run build && npm run start` +# Pre-reqs: Redis (see upstream README). Vars mirror `.example.env` in that repo. + +RELAYER_PORT=5215 +NODE_ENV=production + +# --- XDC Network (PARENTNET_URL) — required context for XDC Zero parent side --- +# Chain ID: 50 decimal (0x32) mainnet +# Native gas token: XDC (not ETH). Fund the parent key for CSC / checkpoint txs. +# Default RPC: https://erpc.xinfin.network (prefer; rpc.xinfin.network may 5xx) +# RPC directory: https://chainid.network/chain/50/ (alternates e.g. https://erpc.xinfin.network, +# https://rpc1.xinfin.network — pick one stable URL per deployment) +# Explorers: https://xdcscan.com | https://xdcscan.io +# Network info: https://xinfin.org +# Testnet (lab): Apothem chain id 51 — https://rpc.apothem.network (do not use as production parent) +# Ethereum/BSC RPC vars elsewhere in this repo do NOT apply to PARENTNET_URL. + +# Second pair only: Chain 138 "subnet" side + XDC Network mainnet parent. +# This file is for a relayer process, so Chain 138 should use the public HTTPS +# RPC path by default. Core `192.168.11.211:8545` is reserved for operator-only +# deploy/proof tasks and should not be the default for external or long-running +# services. +SUBNET_URL=https://rpc-http-pub.d-bis.org +PARENTNET_URL=https://erpc.xinfin.network + +# CSC on parent storing subnet/138 roots (deploy per runbook — not SimpleCsc in production) +CHECKPOINT_CONTRACT=0x0000000000000000000000000000000000000000 +PARENTNET_WALLET_PK= + +# Optional XDC Zero schedule (uncomment when Endpoints are deployed) +# PARENTNET_ZERO_CONTRACT= +# SUBNET_ZERO_CONTRACT= +# PARENTNET_ZERO_WALLET_PK= + +# Reverse checkpoint: parent roots on Chain 138 +# REVERSE_CHECKPOINT_CONTRACT= +# SUBNET_WALLET_PK= +# SUBNET_ZERO_WALLET_PK= + +MAX_FETCH_BLOCK_SIZE=120 diff --git a/config/xdc-zero/xdc-zero-chain138-pair.example.env b/config/xdc-zero/xdc-zero-chain138-pair.example.env index 4cc4a42d..f36cfc81 100644 --- a/config/xdc-zero/xdc-zero-chain138-pair.example.env +++ b/config/xdc-zero/xdc-zero-chain138-pair.example.env @@ -6,24 +6,36 @@ # run a dedicated second relayer instance (leave your original subnet↔parent instance untouched). # --- XDC Network "parent" side (pick ONE profile) --- -# Mainnet: XDC Network JSON-RPC only (chain id 50). Official: -XDC_PARENTNET_URL=https://rpc.xinfin.network -# Testnet (Apothem): +# Mainnet: chain id 50 (0x32). Gas: XDC. Not Ethereum — use XDC JSON-RPC only. +# Primary RPC (default): https://erpc.xinfin.network (rpc.xinfin.network often 5xx; preflight tries fallbacks) +# More endpoints / status: https://chainid.network/chain/50/ +# Explorers: https://xdcscan.com https://xdcscan.io +# Project: https://xinfin.org +XDC_PARENTNET_URL=https://erpc.xinfin.network +# Testnet (Apothem, chain id 51): # XDC_PARENTNET_URL=https://rpc.apothem.network # Devnet shortcut (XDC-Zero cicd accepts aliases): # XDC_PARENTNET_URL=devnet # XDC_PARENTNET_URL=testnet -# --- Chain 138 (Besu) — deploy + proof source --- +# --- Chain 138 (Besu) — operator/deploy + service endpoints --- +# Operator-only / deploy / proof-sensitive path: +# - Core RPC remains the authoritative internal source for deploys, proofs, +# nonces, receipts, and other operator tasks. +# - External services and long-running relayers should use the public HTTPS +# Chain 138 RPC instead of Core. # Prefer same vars as rest of repo (load-project-env strips CR/LF on these): RPC_URL_138=http://192.168.11.211:8545 -# Public mirror (read-only checks OK; deploy from LAN when possible): -# RPC_URL_138=https://rpc-http-pub.d-bis.org +# Service / relayer path: +CHAIN138_PUBLIC_RPC_URL=https://rpc-http-pub.d-bis.org # Relayer naming (XinFin docker / common.env): this process pairs TWO URLs only. -# Set both to the same values as XDC_PARENTNET_URL and RPC_URL_138 respectively: +# Set both to the same values as XDC_PARENTNET_URL and the service-facing Chain +# 138 RPC respectively. In practice that means: +# - operator-only tasks: RPC_URL_138=http://192.168.11.211:8545 +# - relayer/service path: SUBNET_URL=https://rpc-http-pub.d-bis.org PARENTNET_URL= -SUBNET_URL= +SUBNET_URL=https://rpc-http-pub.d-bis.org # --- Keys (relayer / deploy wallets) — separate from subnet↔parent relayer --- PARENTNET_PK= diff --git a/config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults b/config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults new file mode 100644 index 00000000..c79e9922 --- /dev/null +++ b/config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults @@ -0,0 +1,22 @@ +# /etc/default/xdc-zero-relayer-138-pair — env for systemd (mode 0640). +# XinFin XDC-Relayer expects these names (see XDC-Relayer README / .example.env). +# Parent chain: XDC Network mainnet, chain id 50, gas token XDC. +# RPC reference: https://chainid.network/chain/50/ — default below matches primary public RPC. + +RELAYER_PORT=5215 +NODE_ENV=production + +PARENTNET_URL=https://erpc.xinfin.network +SUBNET_URL=https://rpc-http-pub.d-bis.org + +CHECKPOINT_CONTRACT=0x0000000000000000000000000000000000000000 +PARENTNET_WALLET_PK= + +# REVERSE_CHECKPOINT_CONTRACT= +# SUBNET_WALLET_PK= + +# PARENTNET_ZERO_CONTRACT= +# SUBNET_ZERO_CONTRACT= +# PARENTNET_ZERO_WALLET_PK= + +MAX_FETCH_BLOCK_SIZE=120 diff --git a/cross-chain-pmm-lps b/cross-chain-pmm-lps index 168dba25..198da729 160000 --- a/cross-chain-pmm-lps +++ b/cross-chain-pmm-lps @@ -1 +1 @@ -Subproject commit 168dba25d9d51ba13de77c736805331e7ced930d +Subproject commit 198da72977603524c6168ff4a9e87cc804c462d5 diff --git a/dbis_chain_138_technical_master_plan.md b/dbis_chain_138_technical_master_plan.md index 31fd84cb..0d6aa9e3 100644 --- a/dbis_chain_138_technical_master_plan.md +++ b/dbis_chain_138_technical_master_plan.md @@ -5,12 +5,29 @@ This document is the governance and execution baseline for DBIS Chain 138 infras The objective is to move from architecture theory to a production-grade sovereign deployment program that is evidence-based, phased, and operationally auditable. -## Repo backlog alignment (2026-03-30) +## Repo backlog alignment (2026-03-30; expanded 2026-04-01) -**Operational status** (Open/Done, P1 IDs, routing, CCIP, E2E evidence) lives in `docs/00-meta/TODOS_CONSOLIDATED.md`, `docs/00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md`, and `docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md`. This file stays the **architecture and phased-intent** baseline; refresh cross-links after major deploys or when **P1-E01** reconciliation is run. +**Operational status** (Open/Done, P1 IDs, routing, CCIP, E2E evidence) lives in `docs/00-meta/TODOS_CONSOLIDATED.md`, `docs/00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md`, and `docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md`. This file stays the **architecture and phased-intent** baseline; refresh cross-links after major deploys. + +**Cross-cutting integration closure (G1–G6):** [docs/00-meta/INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](docs/00-meta/INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md) — CCIP canonical/legacy in bytecode check, `smart-contracts-master.json`, explorer inventory guard, ISO20022Router manual acceptance, institutional `event_producer` process, AddressMapper canonical vs legacy duplicate. + +### Plan sections → P1 backlog (quick map) + +| Plan area (this document) | P1 / runbook pointer | +|---------------------------|----------------------| +| Sections 2–3 — stack, discovery, Hyperledger CTs | **P1-A01–A07**, [DBIS_HYPERLEDGER_RUNTIME_STATUS.md](docs/03-deployment/DBIS_HYPERLEDGER_RUNTIME_STATUS.md), [ALL_VMIDS_ENDPOINTS.md](docs/04-configuration/ALL_VMIDS_ENDPOINTS.md) | +| Besu / Chain 138 RPC, contracts, verification | **P1-B01–B02**, **P1-A08** / **P1-F05**, [ADDRESS_MATRIX_AND_STATUS.md](docs/11-references/ADDRESS_MATRIX_AND_STATUS.md), `config/smart-contracts-master.json` | +| CCIP, bridges, LINK, optional chains | **P1-B03–B05**, **P1-B07**, [REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md](docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md), [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md](docs/07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md) | +| Routing, DEX, PMM mesh | **P1-B06**, [TASKS_ROUTING_SWAP_CROSSCHAIN.md](docs/00-meta/TASKS_ROUTING_SWAP_CROSSCHAIN.md) | +| HYBX / Indonesia 4.995 package | **P1-C01**, [INDONESIA_PACKAGE_4_995_EVIDENCE_STANDARD.md](docs/04-configuration/mifos-omnl-central-bank/INDONESIA_PACKAGE_4_995_EVIDENCE_STANDARD.md) | +| External (Ledger, Trust, CMC/CG, on-ramps) | **P1-D01**, [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md](docs/00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md) | +| HYBX compliance / jurisdictional plans (implementation tickets) | **P1-E02**, `hybx_compliance_routing_sidecar_technical_plan.md`, `hybx_jurisdictional_cheat_sheets_technical_plan.md` | +| Submodule / CI cleanliness | **P1-F08** — `scripts/verify/submodules-clean.sh` walks **every** path in `.gitmodules`; any dirty submodule fails the gate | **Web and institutional surface (d-bis.org multi-portal):** [docs/02-architecture/DBIS_WEB_AND_INSTITUTION_MASTER_BLUEPRINT.md](docs/02-architecture/DBIS_WEB_AND_INSTITUTION_MASTER_BLUEPRINT.md) — public IA, data API contract, trust JSON, subdomain map; complements this chain/Hyperledger baseline. +**P1-E01 status:** Section-by-section narrative audit of this file against `TODOS_CONSOLIDATED` remains optional ongoing work; the table above is the maintained **index-level** reconciliation. + --- # SECTION 1 — MASTER OBJECTIVES diff --git a/dbis_core b/dbis_core index 6ebf71dd..ae744e4b 160000 --- a/dbis_core +++ b/dbis_core @@ -1 +1 @@ -Subproject commit 6ebf71dda8968610a36e9d001f5cdb04dc10997b +Subproject commit ae744e4be4c1a1e754cd1e614e44a7f594e21ce8 diff --git a/docs/00-meta/ADDITIONAL_RECOMMENDATIONS_TABLE.md b/docs/00-meta/ADDITIONAL_RECOMMENDATIONS_TABLE.md index e45f74f1..d3259ea4 100644 --- a/docs/00-meta/ADDITIONAL_RECOMMENDATIONS_TABLE.md +++ b/docs/00-meta/ADDITIONAL_RECOMMENDATIONS_TABLE.md @@ -69,7 +69,7 @@ | # | Recommendation | Description | Ref | |---|----------------|-------------|-----| | T2 | Optional cCADT | Uncomment in DeployCompliantFiatTokens.s.sol when needed. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.2 | -| T3 | cAUSDT | Deploy or env when Alltra compliant USD defined. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 | +| T3 | cAUSDT / cWAUSDT corridor | Keep the live `651940 AUSDT -> 138 cAUSDT -> public cWAUSDT` config aligned; remaining work is PMM edge pools and any further destination-chain rollout. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 | | T4 | ACADT (651940) | When Alltra adds CAD token. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §2 | | T5 | cW* on public chains | Deploy/bridge cW* per chain; PMM edge pools per pool-matrix. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §3 | | T6 | D-WIN W on 138/651940 | Optional; extend DeployISO4217WSystem. | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §4 | diff --git a/docs/00-meta/ALL_TASKS_INCLUDING_OPTIONAL.md b/docs/00-meta/ALL_TASKS_INCLUDING_OPTIONAL.md index 44b6c5e8..a8c3b57d 100644 --- a/docs/00-meta/ALL_TASKS_INCLUDING_OPTIONAL.md +++ b/docs/00-meta/ALL_TASKS_INCLUDING_OPTIONAL.md @@ -1,11 +1,13 @@ # All Tasks to Complete (Including Optional) -**Last Updated:** 2026-03-06 +**Last Updated:** 2026-04-07 **Purpose:** Single list of every task (required and optional) from TODOS_CONSOLIDATED, REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST, ADDITIONAL_RECOMMENDATIONS_TABLE, REMAINING_DEPLOYMENTS, and E2E flow docs. **Quick run (from anywhere):** `./scripts/run-completable-tasks-from-anywhere.sh` **Operator (LAN):** `./scripts/run-all-operator-tasks-from-lan.sh [--deploy]` +**Focused sub-checklist:** [GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md](GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md) + --- ## 1. Verified remaining (blocking / high impact) @@ -117,7 +119,7 @@ |---|------|-----| | T1 | DeployCompliantFiatTokens (cEURC, cEURT, cGBP*, etc.) | ✅ Done 2026-02-27 | | T2 | **(Optional)** cCADT: uncomment in DeployCompliantFiatTokens.s.sol | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.2 | -| T3 | cAUSDT: deploy or env when Alltra compliant USD defined | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 | +| T3 | cAUSDT / cWAUSDT corridor: live; remaining work is PMM edge pools and any further destination-chain rollout | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 | | T4 | ACADT (651940) when Alltra adds CAD token | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §2 | | T5 | cW* on public chains + PMM edge pools per pool-matrix | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §3 | | T6 | **(Optional)** D-WIN W on 138/651940 | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §4 | @@ -135,6 +137,21 @@ --- +## 11b. GRU v2 / D3MM / Edge rollout + +| # | Task | Ref | +|---|------|-----| +| G1 | Promote D3MM from private pilot to canonical Chain 138 GRU v2 venue set | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §2.1 | +| G2 | Expand D3MM beyond `WETH10 <-> USDT` and publish canonical pool inventory | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §2.1 | +| G3 | Roll out D3MM across in-scope public EVM networks and update deployment graph / route matrices | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §2.2 | +| G4 | Freeze GRU v2 edge-venue policy for Uniswap, Balancer, Curve, and 1inch | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §2.3 | +| G5 | Build native-token completeness matrix (mapped / deployed / bridge-live / liquidity-live / routing-visible) | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §2.4 | +| G6 | Build protocol-source assurance matrix for DODO, Uniswap, Balancer, Curve, and 1inch | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §2.5 | +| G7 | **(Optional)** Define non-EVM adapter-based GRU v2 edge architecture | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §3.1 | +| G8 | **(Optional)** Extend D3MM to non-USD Wave 1 assets after the core USD path is canonical | GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS §3.2 | + +--- + ## 12. External / third-party | # | Task | Doc | @@ -205,7 +222,7 @@ Script: `./scripts/run-e2e-flow-tasks-full-parallel.sh [--dry-run]` | A4 | Add liquidity to all three PMM pools | Op | | A5 | Token-aggregation indexes DODO on 138 | Op/Code | | A6 | Expose token-aggregation API for dApps/Snap | Op | -| A7 | **(Optional)** Deploy EnhancedSwapRouter on 138 | Op | +| A7 | **(Optional)** Keep router-v2 + pilot venue layer verified on 138 | Op | | A8 | **(Optional)** N-hop quote/pathfinding in token-aggregation | Code | --- diff --git a/docs/00-meta/API_KEYS_DOTENV_STATUS.md b/docs/00-meta/API_KEYS_DOTENV_STATUS.md index 6001b919..1722b8c4 100644 --- a/docs/00-meta/API_KEYS_DOTENV_STATUS.md +++ b/docs/00-meta/API_KEYS_DOTENV_STATUS.md @@ -47,13 +47,13 @@ | Variable | Where needed | |----------|--------------| | **LayerZero** (config/API) | Bridge integrations | -| **Wormhole** (API key) | Bridge integrations | +| **WORMHOLE_API_KEY** | `.env.example` (root) | --- ## Summary -- **Contained:** All keys from API_KEYS_REQUIRED except LayerZero and Wormhole now have at least one .env.example placeholder (root and/or service-specific). Obtaining actual key values remains an operator task. -- **Not contained:** LayerZero, Wormhole (add LAYERZERO_* / WORMHOLE_* to .env.example when integrating). +- **Contained:** All keys from API_KEYS_REQUIRED except LayerZero now have at least one `.env.example` placeholder (root and/or service-specific). Obtaining actual key values remains an operator task. +- **Not contained:** LayerZero. **Recommendation:** Add the “not contained” variables to the appropriate `.env.example` (e.g. dbis_core, the-order, metamask-integration) with empty or placeholder values so operators know to set them. Do not commit real secrets in .env files. diff --git a/docs/00-meta/CW_BRIDGE_TASK_LIST.md b/docs/00-meta/CW_BRIDGE_TASK_LIST.md index e84928f6..a3d6c039 100644 --- a/docs/00-meta/CW_BRIDGE_TASK_LIST.md +++ b/docs/00-meta/CW_BRIDGE_TASK_LIST.md @@ -1,10 +1,10 @@ # cW* Bridge Support — Detailed Task List **Created:** 2026-02-27 -**Updated:** 2026-02-27 — In-repo tasks completed (Phase A, C1, F); operator tasks (D, E, C2–C3) have runbook. -**Context:** After setting `CW_BRIDGE_` from the deployed bridge suite (CCIPRelayBridge on Mainnet, CCIPWETH9_BRIDGE_* on other chains), this document reviews the note that those contracts may need extension for cW* and turns it into a concrete task list. +**Updated:** 2026-04-04 — Mainnet relay-compatible `cUSDC -> cWUSDC` and `cUSDT -> cWUSDT` routes are live; legacy WETH-only bridge caveat retained for the older receiver set. +**Context:** After setting `CW_BRIDGE_` from the deployed bridge suite (dedicated `CWMultiTokenBridgeL2` on Mainnet, legacy `CCIPWETH9_BRIDGE_*` on the older public-chain WETH paths), this document reviews the note that those contracts may need extension for cW* and turns it into a concrete task list. -**Completion summary (in-repo):** Phase A (approach decided and documented), Phase C1 (CompliantWrappedToken.burnFrom added, tests added), Phase F (docs and runbook). Phase B marked N/A (Option 2 chosen). **Remaining steps script:** [run-cw-remaining-steps.sh](../../scripts/deployment/run-cw-remaining-steps.sh) — `--dry-run` (default), `--deploy`, `--update-mapping`, `--verify`, `--verify-hard-peg`. Phase D/E and C2–C3: run script with `--deploy` when RPC/keys are set; then set CWUSDT_*/CWUSDC_* in .env and run `--update-mapping`; use `--verify-hard-peg` for the Avalanche hard-peg bridge state; see [CW_DEPLOY_AND_WIRE_RUNBOOK.md](../07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md). +**Completion summary (in-repo + live):** Phase A (approach decided and documented), Phase C1 (CompliantWrappedToken.burnFrom added, tests added), Phase F (docs and runbook), and the Mainnet relay-compatible `cUSDC -> cWUSDC` plus `cUSDT -> cWUSDT` implementations are complete. The live Mainnet route now uses relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` and `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5`; canary deliveries completed on 2026-04-04 with message ids `0x1fc04053a22f9aaa51a43d883a7d154d952a523873995e106cc2c90889376952` (`cUSDC -> cWUSDC`) and `0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f` (`cUSDT -> cWUSDT`). **Remaining steps script:** [run-cw-remaining-steps.sh](../../scripts/deployment/run-cw-remaining-steps.sh) — `--dry-run` (default), `--deploy`, `--update-mapping`, `--verify`, `--verify-hard-peg`. Remaining work now includes Mainnet pre-scale verification automation in addition to broader chain rollout. --- @@ -21,10 +21,10 @@ | **CCIPWETH9Bridge.sol** (all chains) | Same: validates token == weth9, then `transfer(recipient, amount)`. **Does not mint cW*.** | | **CCIPWETH10Bridge.sol** | Same for WETH10; no cW* logic. | | **CompliantWrappedToken.sol** | Has `mint`, `burn`, and `burnFrom` (BURNER_ROLE). `burnFrom` added in Phase C1 for TwoWayTokenBridgeL2 outbound. | -| **TwoWayTokenBridgeL2.sol** | `ccipReceive` calls `IMintableERC20(mirroredToken).mint(recipient, amount)` — **would mint cW*** if `mirroredToken` = cWUSDT/cWUSDC. Outbound uses `burnFrom`; CompliantWrappedToken does not implement `burnFrom`. | +| **TwoWayTokenBridgeL2.sol** | `ccipReceive` calls `IMintableERC20(mirroredToken).mint(recipient, amount)` — **would mint cW*** if `mirroredToken` = cWUSDT/cWUSDC. Outbound uses `burnFrom`; `CompliantWrappedToken` now implements `burnFrom` after Phase C1. | | **DeployCWTokens.s.sol** | Grants MINTER_ROLE and BURNER_ROLE to `CW_BRIDGE_ADDRESS` (per-chain in .env). So the *address* we set will have roles, but the *contract code* at that address (CCIPWETH9Bridge/CCIPRelayBridge) never calls `mint`/`burn` on cW*. | -**Conclusion:** The current bridge suite is **WETH-only**. Granting MINTER/BURNER to it allows deployment of cW* but **does not** enable cross-chain mint/burn of cW* until the receiver logic is extended or a dedicated cW* receiver is deployed. +**Conclusion:** The legacy bridge suite is **WETH-only**. Granting MINTER/BURNER to that legacy receiver set allows deployment of cW* but **does not** enable cross-chain mint/burn of cW* until the receiver logic is extended or a dedicated cW* receiver is deployed. Mainnet now has that dedicated relay-compatible cW receiver in place, so `138 cUSDC -> Mainnet cWUSDC` and `138 cUSDT -> Mainnet cWUSDT` are live; the same caveat still applies to the other legacy public-chain WETH receivers. --- @@ -79,15 +79,16 @@ | # | Task | Owner | Notes | Status | |---|------|--------|-------|--------| -| E1 | **Relay service (138→Mainnet):** If using CCIPRelayBridge for cW*, extend relay to support cUSDT/cUSDC: relay must send CCIP with token = cUSDT (or lock-and-mint semantics) and destination = Mainnet bridge; Mainnet bridge must mint cWUSDT. | Operator/Dev | See RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md pattern (extend bridge or new receiver). Runbook § E1. | Operator | +| E1 | **Relay service (138→Mainnet):** If using CCIPRelayBridge for cW*, extend relay to support cUSDT/cUSDC: relay must send CCIP with token = cUSDT/cUSDC (or lock-and-mint semantics) and destination = Mainnet bridge; Mainnet bridge must mint cWUSDT/cWUSDC. | Operator/Dev | This is complete for the dedicated Mainnet `CWMultiTokenBridgeL2`; keep the note for the older WETH-only relay bridge pattern. Runbook § E1. | ✅ Mainnet complete | | E2 | **Direct CCIP (138→chain):** If Chain 138 uses UniversalCCIPBridge or CCIPWETH9Bridge to send c* to destination, add destination config for c* and ensure receiver on destination mints cW*. | Dev | Documented in approach; runbook § E2. | Documented | | E3 | **Test E2E:** Lock cUSDT on 138, trigger send, verify cWUSDT minted on destination to recipient. | Operator | Runbook § E3. | Operator | +| E4 | **Mainnet scale-readiness verification:** Keep the corridor in canary mode until operator checks cover both `cWUSDT` and `cWUSDC`, Mainnet `processed(messageId)` verification, and the live Chain 138 sender bridge ABI/config needed for pre-scale checks. | Dev/Operator | Current canaries prove the route works, but the deployed `CW_L1_BRIDGE_CHAIN138` does not yet expose every getter expected by the hard-peg verification docs/scripts. | Pending | ### Phase F: Documentation and runbooks | # | Task | Owner | Notes | Status | |---|------|--------|-------|--------| -| F1 | **Update docs/11-references/CW_TOKENS_AND_NETWORKS.md:** Add section "Bridge support status" — which chains have bridge code that mints cW* (none until Phase B or C done). | Dev | | ✅ Done | +| F1 | **Update docs/11-references/CW_TOKENS_AND_NETWORKS.md:** Add section "Bridge support status" — which chains have bridge code that mints cW* and which still use legacy WETH-only receiver paths. | Dev | | ✅ Done | | F2 | **Update docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md:** Note that addressTo for _cW is 0x0 until cW* deployed and that bridge must support mint. | Dev | | ✅ Done | | F3 | **Create runbook** (e.g. docs/07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md): steps to deploy cW* on a new chain, set CW_BRIDGE_, update token-mapping, verify roles. | Dev | | ✅ Done | diff --git a/docs/00-meta/DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md b/docs/00-meta/DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md index 50bf4867..60d10cb7 100644 --- a/docs/00-meta/DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md +++ b/docs/00-meta/DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md @@ -29,7 +29,7 @@ | **ETH_MAINNET_RPC_URL** / **ETHEREUM_MAINNET_RPC** | Mainnet verify, CCIP, relay | Infura/Alchemy | | **CCIP_ROUTER** / **CHAIN_138_CCIP_ROUTER** | CCIP send, relay scripts | Canonical `0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817`; legacy direct `CCIP_ROUTER_DIRECT_LEGACY` `0x8078…` | | **CCIPWETH9_BRIDGE_CHAIN138**, **CCIPWETH10_BRIDGE_CHAIN138** | Bridge scripts, token-aggregation, routing | Canonical WETH9 `0xcacfd227A040002e49e2e01626363071324f820a`; legacy `CCIPWETH9_BRIDGE_DIRECT_LEGACY` `0x971c…`; WETH10 `0xe0E93247376aa097dB308B92e6Ba36bA015535D0` | -| **CHAIN_138_DODO_PMM_INTEGRATION** | Token-aggregation indexer, quotes | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | +| **CHAIN_138_DODO_PMM_INTEGRATION** | Token-aggregation indexer, quotes | Canonical `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`; legacy `0x5BDc62f1…` only for historical probes | | **CUSDT_ADDRESS_138**, **CUSDC_ADDRESS_138** | Scripts, token-aggregation | Canonical in EXPLORER_TOKEN_LIST_CROSSCHECK §5 | | **DATABASE_URL** | Token-aggregation DB, migrations | When using PostgreSQL (e.g. VMID 5000) | | **CRONOS_RPC**, **CELO_RPC**, **WEMIX_RPC**, **GNOSIS_RPC** | complete-config-ready-chains, deployer-gas | Celo: CELO_RPC; Wemix: WEMIX_RPC; etc. | @@ -72,7 +72,7 @@ | Task | Result | |------|--------| | **validate-config-files.sh** | ✅ Passed | -| **run-completable-tasks-from-anywhere.sh** | ✅ Passed (config, on-chain **64/64** after 2026-03-30 script update, validation --skip-genesis, reconcile output printed) | +| **run-completable-tasks-from-anywhere.sh** | ✅ Passed (config, on-chain **67/67** on the current canonical inventory, validation --skip-genesis, reconcile output printed) | | **check-pmm-pool-balances-chain138.sh** | ✅ Pool 1: 2M cUSDT / 2M cUSDC; Pools 2–3 empty (expected) | | **deployer-gas-auto-route.sh --dry-run** | ✅ Ran; 6 chains need gas (1, 56, 10, 42161, 8453, 25); Celo/Wemix/651940/42793 “no RPC configured” if RPC not in env | diff --git a/docs/00-meta/EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md b/docs/00-meta/EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md index af709ecb..2352f51b 100644 --- a/docs/00-meta/EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md +++ b/docs/00-meta/EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md @@ -60,7 +60,7 @@ | # | Step | Command / action | Status | |---|------|------------------|--------| -| C.1 | Deploy or bridge cW* per chain | Use cross-chain-pmm-lps config/chains.json, pool-matrix.json; deploy CompliantWrappedToken per chain; record in deployment-status.json and .env | ⚠️ Partial (`deployment-status.json` now records cW* addresses and bridge availability on active chains; remaining work is dedicated receiver alignment on broader lanes) | +| C.1 | Deploy or bridge cW* per chain | Use cross-chain-pmm-lps config/chains.json, pool-matrix.json; deploy CompliantWrappedToken per chain; record in deployment-status.json and .env | ✅ Currently loaded 10-chain public EVM mesh complete (`deployment-status.json` now records the 12-token cW suite on Mainnet, Optimism, Cronos, BSC, Gnosis, Polygon, Base, Arbitrum, Celo, and Avalanche); remaining work is dedicated receiver alignment on broader lanes plus the final Wemix target | | C.2 | Create PMM edge pools per chain | From pool-matrix poolsFirst create cWUSDT/USDC, cWUSDC/USDC, etc. per chain | ⏳ Pending | | C.3 | Add initial liquidity to edge pools | Add base/quote to each pool; size for larger transfers | ⏳ Pending | | C.4 | Record pool addresses | Populate deployment-status.json chains[chainId].pmmPools | ⏳ Pending | @@ -124,7 +124,7 @@ ## 10. Execution run summary (2026-03-06) -- **Full verification run (incl. optional):** completable ✅, validate-config ✅, check-contracts **64/64** ✅ (from 2026-03-30 script list), PMM balances ✅ (Pool 1: 2M/2M), preflight ✅, token-aggregation build ✅, deployer-gas dry-run ✅, fund-ccip dry-run ✅, test-all-contracts (unit) 457 ✅, E2E flow dry-run ✅, E2E routing **37** public domains **Failed: 0** (2026-03-06 inventory) ✅, operator script --skip-backup ✅ (NPMplus RPC + Blockscout verify). **Later:** public profile **44** domains **Failed: 0** (2026-03-29) — [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). +- **Full verification run (incl. optional):** completable ✅, validate-config ✅, check-contracts **67/67** ✅ (current canonical script list), PMM balances ✅ (Pool 1: 2M/2M), preflight ✅, token-aggregation build ✅, deployer-gas dry-run ✅, fund-ccip dry-run ✅, test-all-contracts (unit) 457 ✅, E2E flow dry-run ✅, E2E routing **37** public domains **Failed: 0** (2026-03-06 inventory) ✅, operator script --skip-backup ✅ (NPMplus RPC + Blockscout verify). **Later:** public profile **44** domains **Failed: 0** (2026-03-29) — [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). - **Prerequisites:** validate-config ✅, preflight ✅, deployer balance script ✅, PMM balances ✅ (Pool 1: 2M/2M). - **Phase A:** A.1/A.2 done; A.4 set; A.3, A.5 pending/optional. - **Phase B:** preflight all — Gnosis/Celo OK, Cronos low CRO, Wemix 0 WEMIX; complete-config dry-run OK; B.4 LINK blocked; B.5 validate passed. diff --git a/docs/00-meta/GAPS_STATUS.md b/docs/00-meta/GAPS_STATUS.md index faeafa56..f093b971 100644 --- a/docs/00-meta/GAPS_STATUS.md +++ b/docs/00-meta/GAPS_STATUS.md @@ -1,22 +1,22 @@ # Gaps Status — Consolidated View -**Last Updated:** 2026-03-30 +**Last Updated:** 2026-04-03 **Purpose:** Single reference for gap sources and current status. **Live checks:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). **Full recommendation backlog is not auto-complete** — see [ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md) and [STILL_NOT_DONE_EXECUTION_CHECKLIST.md](STILL_NOT_DONE_EXECUTION_CHECKLIST.md). --- -## Live verification snapshot (2026-03-30) +## Live verification snapshot (current baseline) | Area | Result | |------|--------| | Core RPC, Explorer, NPMplus (LAN) | Reachable (see log) | | `validate-config-files.sh` | Passed | | `run-all-validation.sh --skip-genesis` | Passed | -| `check-contracts-on-chain-138.sh` | **64/64** present (includes ISO20022Router; expanded address list) | +| `check-contracts-on-chain-138.sh` | **67/67** present on the current canonical inventory (includes ISO20022Router and the cross-chain flash trio) | | Public + private E2E routing | **Failed: 0** (evidence paths in log) | -| `submodules-clean.sh` | **Failed** — dirty `dbis_core`, `smom-dbis-138` trees | +| `submodules-clean.sh` | **Failed** — dirty trees in one or more submodule paths (all `.gitmodules` entries checked; see **P1-F08** / **R1** in [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md)) | -**2026-03-29 follow-up:** Same checks re-run on the operator workspace — config + **61/61** on-chain still green; public E2E evidence `verification-evidence/e2e-verification-20260329_235044/`, private `...235128/`; submodule hygiene unchanged. See [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md) (section “Follow-up session”). +**Historical note:** The 2026-03-29/30 follow-up in [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md) recorded the earlier **61/61** and **64/64** milestones before the current 67-contract inventory expansion. --- @@ -47,7 +47,7 @@ - **Operator (LAN/Proxmox):** token_aggregation DB/migrations; `run-all-operator-tasks-from-lan.sh`; CCIP fund/complete-config; cW* per [CW_BRIDGE_TASK_LIST.md](CW_BRIDGE_TASK_LIST.md). [OPERATOR_READY_CHECKLIST.md](OPERATOR_READY_CHECKLIST.md). - **External:** CMC/CoinGecko, Ledger, ramps — [REPOSITORIES_AND_PRS_CHAIN138.md](REPOSITORIES_AND_PRS_CHAIN138.md). -- **Submodules:** clean or commit dirty `dbis_core` / `smom-dbis-138` before CI that requires `submodules-clean.sh`. +- **Submodules:** clean or commit **every** dirty submodule reported by `submodules-clean.sh` before CI that enforces clean trees. - **dbis_core TS / Prisma:** [STILL_NOT_DONE_EXECUTION_CHECKLIST.md](STILL_NOT_DONE_EXECUTION_CHECKLIST.md) §2. --- diff --git a/docs/00-meta/GRU_V2_D3MM_E2E_VERIFICATION_2026-04-07.md b/docs/00-meta/GRU_V2_D3MM_E2E_VERIFICATION_2026-04-07.md new file mode 100644 index 00000000..c3ebc053 --- /dev/null +++ b/docs/00-meta/GRU_V2_D3MM_E2E_VERIFICATION_2026-04-07.md @@ -0,0 +1,160 @@ +# GRU v2 / D3MM E2E Verification — 2026-04-07 + +**Purpose:** Record the actual verification results gathered during the 2026-04-07 GRU v2 / D3MM continuation pass. + +--- + +## Commands run + +```bash +bash scripts/verify/run-all-validation.sh --skip-genesis +bash scripts/verify/check-gru-v2-public-protocols.sh --json +bash scripts/verify/check-dodo-v3-chain138.sh +bash scripts/verify/check-dodo-v3-planner-visibility-chain138.sh +bash scripts/verify/check-chain138-pilot-dex-venues.sh +bash scripts/verify/audit-mainnet-dodo-standard-pool-readiness.sh +``` + +--- + +## Results + +### 1. Baseline validation + +Status: **PASS** + +- `run-all-validation.sh --skip-genesis` completed successfully. +- Dependency and config validation passed. + +### 2. GRU v2 public protocol posture + +Status: **PASS with blockers identified** + +Key results from `check-gru-v2-public-protocols.sh --json`: + +- desired public EVM targets: `11` +- loaded public EVM chains: `11` +- loaded public EVM full-core-suite chains: `10` +- protocols with active public `cW*` pools: `1` +- chains with any recorded public `cW*` pools: `4` +- wave-1 canonical-only assets: `7` + +Blockers returned by the verifier: + +- `EUR`, `JPY`, `GBP`, `AUD`, `CAD`, `CHF`, `XAU` remain canonical-only on Chain 138 +- public `cW*` protocol rollout is partial: only DODO PMM is live +- `29` ranked GRU backlog assets remain outside the live manifest +- Solana remains planning-only / relay-dependent +- Arbitrum public-network bootstrap remains blocked on the current Mainnet hub leg + +### 3. DODO v3 / D3MM health + +Status: **PARTIAL PASS** + +`check-dodo-v3-chain138.sh` confirmed: + +- canonical pool reports `D3MM 1.0.0` +- `D3Vault` recognizes the canonical D3MM +- `WETH10` oracle is configured and healthy +- quote probe `0.1 WETH10 -> USDT` succeeded +- managed USD feeds for `USDT`, `USDC`, `cUSDT`, and `cUSDC` are healthy + +Failure: + +- the script ended with `D3Oracle is not source-verified on Blockscout` + +### 4. DODO v3 planner visibility + +Status: **PASS** + +`check-dodo-v3-planner-visibility-chain138.sh` returned: + +- `provider=dodo_v3` +- `live=true` +- `quoteLive=true` +- `executionLive=true` +- planner decision: `direct-pool` +- route matrix includes both canonical D3MM route IDs + +### 5. Chain 138 pilot DEX venues + +Status: **PASS** + +`check-chain138-pilot-dex-venues.sh` now confirms: + +- bytecode present for: + - Uniswap router / quoter / canonical pools + - Balancer vault + - Curve pool + - 1inch router +- liquidity present for: + - Uniswap WETH/USDT + - Balancer WETH/USDT + - Balancer WETH/USDC + - Curve 3 stable pool + - 1inch WETH/USDT route + +Additional results: + +- the explorer nginx config on VMID `5000` was remediated so published `/token-aggregation/api/v2/*` now returns live JSON instead of the explorer HTML shell +- the same nginx pass also restored apex `/api/v1/*` token-aggregation routing for public and internal checks + +Interpretation: + +- the venue contracts and liquidity are present +- the planner capability set and canonical WETH -> USDT route are present +- the published edge proxy is now aligned with the planner-v2 and token-aggregation service + +### 6. Mainnet DODO standard-pool readiness audit + +Status: **PASS** + +The hardened audit script now completes and prints pair-by-pair output for the tracked mainnet cW pools, including: + +- configured pool address +- integration mapping match +- pool code size +- base / quote token discovery +- reserve snapshot +- `querySellBase` / `querySellQuote` probe status +- integration `hasStandardPoolSurface(pool)` result +- derived `surfaceClass` + +Interpretation: + +- the audit entrypoint exists and resolves the current mainnet integration / factory path +- the current tracked mainnet cW pools consistently classify as `partial_or_nonstandard` +- replacement planning can now use the audit output directly instead of ad hoc one-off probes + +### 7. Explorer public edge and internal nginx + +Status: **PASS** + +After applying the nginx proxy/header remediations on explorer VMID `5000`, the final `check-explorer-e2e.sh` rerun passed end to end: + +- public explorer homepage and blocks page policy checks +- public Blockscout API reachability +- public token-aggregation `v1` and planner-v2 reachability +- internal nginx + Blockscout + token-aggregation reachability +- internal planner-v2 execution plan resolution + +--- + +## Net conclusion + +What is now proven by local E2E / verification work: + +- baseline repo validation passes +- GRU v2 public protocol posture can be generated from source data +- D3MM on Chain 138 is operational for live quote and execution +- planner visibility for `dodo_v3` is live +- pilot venue contracts and liquidity are present on Chain 138 +- the pilot DEX venue verifier is green again +- the mainnet DODO readiness audit now completes end-to-end +- the published explorer edge now serves both token-aggregation `v1` and planner-v2 correctly +- explorer public and internal E2E verification is green + +What is not yet complete: + +- full Blockscout/source assurance for the D3MM stack +- broader public `cW*` edge rollout beyond DODO PMM diff --git a/docs/00-meta/GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md b/docs/00-meta/GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md new file mode 100644 index 00000000..a9fa5323 --- /dev/null +++ b/docs/00-meta/GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md @@ -0,0 +1,195 @@ +# GRU v2 / D3MM / Edge / Protocol Assurance Tasks + +**Last Updated:** 2026-04-07 +**Purpose:** Single checklist for promoting DODO v3 / D3MM from pilot to canonical GRU v2 execution, extending public-edge venue coverage, reconciling native-network token completeness, and proving protocol-source assurance for the contracts in use. + +--- + +## 1. Current truth + +- DODO v3 / D3MM is live on Chain 138 only as a **pilot/private** venue for the canonical `WETH10 <-> USDT` lane. +- GRU v2 public EVM `cW*` token mesh is broadly deployed, but public liquidity is still mostly the Mainnet DODO PMM wave. +- Non-EVM networks remain **adapter / relay dependent**, not native D3MM venues. +- The current Chain 138 venue layer still includes **pilot-compatible** Balancer / Curve / 1inch surfaces, and the repo does **not** yet prove that every venue in use is the latest upstream-native contract family from the official protocol repos. + +References: + +- [PMM_DEX_ROUTING_STATUS](../11-references/PMM_DEX_ROUTING_STATUS.md) +- [GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS](../11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md) +- [GRU_V2_NATIVE_TOKEN_COMPLETENESS_MATRIX](../11-references/GRU_V2_NATIVE_TOKEN_COMPLETENESS_MATRIX.md) +- [PROTOCOL_SOURCE_ASSURANCE_MATRIX](../11-references/PROTOCOL_SOURCE_ASSURANCE_MATRIX.md) +- [DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED](../11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md) +- [MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN](../03-deployment/MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN.md) +- [GRU_V2_D3MM_E2E_VERIFICATION_2026-04-07](GRU_V2_D3MM_E2E_VERIFICATION_2026-04-07.md) +- [../../config/gru-v2-d3mm-network-expansion-plan.json](../../config/gru-v2-d3mm-network-expansion-plan.json) +- [../../scripts/verify/check-gru-v2-d3mm-expansion-status.sh](../../scripts/verify/check-gru-v2-d3mm-expansion-status.sh) + +--- + +## 2. Required next steps + +### 2.1 Chain 138 D3MM promotion + +- [ ] Promote `dodo_v3` from pilot/private posture into the canonical public execution set for the approved GRU v2 lanes. +- [ ] Expand D3MM beyond the current `WETH10 <-> USDT` lane. +- [ ] Freeze the approved `ETH`, `WETH9`, and `WETH10` oracle policy so the wrapper lanes inherit a clear canonical value reference. +- [ ] Add wrapper-peg policy and alerting for: + - `ETH <-> WETH9` + - `ETH <-> WETH10` + - `WETH9 <-> WETH10` +- [ ] Treat the `0.00001` wrapper divergence target as an explicit completion gate unless governance adopts a different threshold. +- [ ] Freeze the canonical D3MM venue inventory: + - `D3Oracle` + - `D3Vault` + - `D3Proxy` + - `D3MMFactory` + - canonical pool list +- [ ] Add a dedicated canonical address surface for D3MM venues if the current route-matrix rows are the only source of truth. +- [ ] Keep `bash scripts/verify/check-dodo-v3-chain138.sh` green after every D3MM change. +- [ ] Keep `bash scripts/verify/check-dodo-v3-planner-visibility-chain138.sh` green after every planner/router publication change. + +### 2.2 Public EVM rollout + +- [x] Define which public EVM chains should receive native D3MM rollout first: + - Ethereum Mainnet + - Polygon + - Optimism + - Arbitrum + - Base + - ALL Mainnet (where applicable through EVM-compatible execution surfaces) + - BSC + - Gnosis + - Avalanche + - Cronos + - Celo +- [x] Record the repo-default rollout order in `config/gru-v2-d3mm-network-expansion-plan.json` and keep `bash scripts/verify/check-gru-v2-d3mm-expansion-status.sh` green as chains move from bootstrap-ready to live-first-tier. +- [x] Record the canonical first-tier pool scaffolds for bootstrap-ready chains in `config/gru-v2-first-tier-pool-scaffolds.json` and refresh them via `bash scripts/verify/build-gru-v2-first-tier-pool-scaffolds.sh --write`. +- [ ] Decide whether D3MM replaces or coexists with the current Mainnet public DODO PMM rows. +- [ ] For every promoted public EVM chain, add: + - canonical D3MM pool inventory + - route-matrix visibility + - token-aggregation capability exposure + - dry-run / health verification +- [ ] Update `cross-chain-pmm-lps/config/deployment-status.json` for every new live D3MM-backed public routing surface. + +### 2.3 Edge venues for GRU v2 + +- [ ] Freeze the GRU v2 edge-venue policy: + - Uniswap as first direct edge + - 1inch as aggregation overlay + - Curve for stable / managed corridors + - Balancer for weighted / basket lanes +- [ ] For every GRU v2 public lane, specify whether the edge venue is: + - reference-only + - direct execution + - aggregator-mediated +- [ ] Add venue-by-lane rows to `config/aggregator-route-matrix.csv`. +- [ ] Add matching records to `config/aggregator-route-matrix.json`. +- [x] Keep `bash scripts/verify/check-chain138-pilot-dex-venues.sh` green until upstream-native replacements land. +- [ ] Add explicit Chain 138 `ETH` / `WETH` market-feed lanes so public routing can show real price and depth, not only stable and GRU lanes. +- [ ] Keep the first anchor pool family funded and visible: + - `cUSDT / WETH` + - `cUSDC / WETH` + - `USDT / WETH` + - `USDC / WETH` + +### 2.4 Native-network token completeness + +- [ ] Build a completeness matrix for each served network with columns: + - mapped + - contract deployed + - bridge live + - liquidity live + - routing visible +- [ ] Reconcile the loaded public EVM GRU v2 mesh with the desired set and close the known `Wemix` gap. +- [ ] Confirm ALL Mainnet (`651940`) native token completeness against the live GRU v2 routes and public docs. +- [ ] Reconcile `config/token-mapping-multichain.json`, `cross-chain-pmm-lps/config/deployment-status.json`, and public token lists so no chain appears “live” in one place and “planned” in another. + +### 2.5 Protocol-source assurance + +- [ ] Build an assurance matrix for: + - DODO V2 PMM + - DODO v3 / D3MM + - Uniswap + - Balancer + - Curve + - 1inch +- [ ] For each protocol, record: + - official upstream docs / repo + - contract family intended + - contract/address currently wired in this repo + - proof that it matches the intended upstream family + - gap / remediation if it does not +- [ ] Replace “pilot-compatible” venue references with upstream-native deployments where required by policy. +- [ ] Keep Blockscout / bytecode verification current for canonical contracts and record verification gaps explicitly. +- [ ] Keep ETH/WETH oracle provenance current and record any feed using bootstrap/mock sources as a blocker, not a soft note. + +--- + +## 3. Optional next steps + +### 3.1 Non-EVM extension + +- [ ] Define the non-EVM GRU v2 edge model as **adapter-based**, not native D3MM. +- [ ] Add explicit non-EVM lane design notes for: + - Solana + - Tezos / Etherlink + - any future SVM / non-EVM public chain targets +- [ ] Decide whether non-EVM lanes should use: + - wrapped mirrors + - relay-executed EVM-side swaps + - native DEX integrations per chain + +### 3.2 Broader D3MM surface + +- [ ] Extend D3MM to non-USD Wave 1 assets after the core USD path is canonical. +- [ ] Extend D3MM and/or the approved venue layer so ETH-priced lanes are not dependent on a single private pilot path. +- [ ] Decide whether TRUU-related volatile rows should gain a D3MM-native track or remain PMM-only. +- [ ] Add bot / arbitrage policy for D3MM-backed GRU v2 lanes if edge venues are enabled. + +### 3.3 Documentation and explorer polish + +- [ ] Publish a single public-facing “GRU v2 execution venues” status surface for explorers. +- [ ] Remove stale “pilot/private” wording once D3MM is actually promoted. +- [ ] Retire partial-surface DODO caveats only after replacement pools and venue-source assurance are complete. + +--- + +## 4. Files that must be updated during this program + +### 4.1 Address, routing, and status + +- `config/aggregator-route-matrix.csv` +- `config/aggregator-route-matrix.json` +- `config/token-mapping-multichain.json` +- `cross-chain-pmm-lps/config/deployment-status.json` +- `config/smart-contracts-master.json` + +### 4.2 Canonical docs + +- `docs/11-references/PMM_DEX_ROUTING_STATUS.md` +- `docs/11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md` +- `docs/11-references/DEPLOYED_COINS_TOKENS_AND_NETWORKS.md` +- `docs/11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md` +- `docs/03-deployment/MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN.md` +- `docs/03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md` + +### 4.3 Verification and operator scripts + +- `scripts/verify/check-dodo-v3-chain138.sh` +- `scripts/verify/check-dodo-v3-planner-visibility-chain138.sh` +- `scripts/verify/check-chain138-pilot-dex-venues.sh` +- `scripts/verify/check-gru-v2-public-protocols.sh` +- `scripts/verify/audit-mainnet-dodo-standard-pool-readiness.sh` + +--- + +## 5. Completion criteria + +- [ ] D3MM is canonical on Chain 138 for approved GRU v2 lanes. +- [ ] Public EVM rollout is recorded chain-by-chain with live route visibility. +- [ ] Native-network token completeness matrix shows no unresolved “mapped but not actually added” contradictions for in-scope live networks. +- [ ] Protocol-source assurance matrix exists and every canonical venue is either: + - verified latest/approved upstream family, or + - explicitly marked as transitional with an owner and remediation path. +- [ ] Explorer and public docs tell the same story as the deployment graph. diff --git a/docs/00-meta/INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md b/docs/00-meta/INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md index 0a3e756d..96caea56 100644 --- a/docs/00-meta/INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md +++ b/docs/00-meta/INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md @@ -8,7 +8,7 @@ | ID | Topic | Resolution | |----|--------|------------| | **G1** | CCIP Router / WETH9 bridge doc vs bytecode list | **Canonical Chain 138 router** is `0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817` (relay path, matches `smom-dbis-138/.env`). **Legacy direct router** `0x8078…` and **legacy WETH9 bridge** `0x971c…` remain deployed and are included in `check-contracts-on-chain-138.sh`. **Canonical WETH9 bridge** `0xcacfd227…` is the sendCrossChain path. [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) section 1.3 lists canonical + legacy rows. | -| **G2** | `config/smart-contracts-master.json` missing | **Added** publishable [`config/smart-contracts-master.json`](../../config/smart-contracts-master.json) — 64 Chain 138 contracts + `envVarMap` + mainnet relay pair (chain `1`). When present, `check-contracts-on-chain-138.sh` and `load-contract-addresses.sh` use it (jq). | +| **G2** | `config/smart-contracts-master.json` missing | **Added** publishable [`config/smart-contracts-master.json`](../../config/smart-contracts-master.json). This file is now the canonical Chain 138 address inventory and has since expanded to the current **67-contract** baseline plus `envVarMap` and the mainnet relay pair (chain `1`). When present, `check-contracts-on-chain-138.sh` and `load-contract-addresses.sh` use it (jq). | | **G3** | Explorer `address-inventory.json` drift | **Aligned** `explorer-monorepo/config/address-inventory.json` Chain 138 keys (`CCIP_ROUTER_*`, `CCIPWETH9_BRIDGE*`, `LINK_TOKEN_138`) to the master JSON. **CI guard:** [`scripts/validation/validate-explorer-chain138-inventory.sh`](../../scripts/validation/validate-explorer-chain138-inventory.sh) (wired from [`validate-config-files.sh`](../../scripts/validation/validate-config-files.sh)). Explorer shell script fallbacks and `explorer-spa.js` labels updated to canonical addresses where they referred to Chain 138. | | **G4** | ISO20022Router E2E acceptance | **Documented** manual acceptance criteria in [DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md](../03-deployment/DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md) (subsection under Related artifacts). Full automation is out of scope until a frozen relayer/sidecar test harness exists. | | **G5** | `event_producer` process | **Closed as process:** extend [`event-producers.manifest.json`](../../config/dbis-institutional/event-producers.manifest.json) and [`settlement-event.schema.json`](../../config/dbis-institutional/schemas/settlement-event.schema.json) `enum` together; see [`config/dbis-institutional/README.md`](../../config/dbis-institutional/README.md). | @@ -34,7 +34,7 @@ - OMNL / Core / Smart Vault / RTGS: [OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md](../03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md) - Production checklist: [DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md](../03-deployment/DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md) -- On-chain contract sweep: `scripts/verify/check-contracts-on-chain-138.sh` — expect **64/64** when LAN RPC reachable (canonical + legacy CCIP deployments). +- On-chain contract sweep: `scripts/verify/check-contracts-on-chain-138.sh` — current canonical expectation is **67/67** when LAN RPC reachable. Historical 64-count runs remain valid as earlier milestones from before the flash-trio promotion. - Machine-readable addresses: `config/smart-contracts-master.json` - Institutional JSON schemas: `config/dbis-institutional/` diff --git a/docs/00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md b/docs/00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md index 4531904c..e6f5d9af 100644 --- a/docs/00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md +++ b/docs/00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md @@ -17,7 +17,7 @@ | Chain 138 bytecode | `scripts/verify/check-contracts-on-chain-138.sh http://192.168.11.211:8545` | **64 present, 0 missing** (canonical + legacy CCIP router/WETH9 bridge, ISO20022Router; `config/smart-contracts-master.json` aligned) | | Public E2E | `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` | **Failed: 0**; 44 domains; evidence: `docs/04-configuration/verification-evidence/e2e-verification-20260329_234320/` | | Private E2E | `bash scripts/verify/verify-end-to-end-routing.sh --profile=private` | **Failed: 0**; 4 domains; evidence: `docs/04-configuration/verification-evidence/e2e-verification-20260329_234604/` | -| Submodule hygiene | `bash scripts/verify/submodules-clean.sh` | **Exit 1** — **dirty trees** in `dbis_core/` and `smom-dbis-138/` (modified and untracked files). Clean or commit before CI gates that require clean submodules. | +| Submodule hygiene | `bash scripts/verify/submodules-clean.sh` | **Exit 1** — **dirty trees** in multiple submodule paths (script checks every `.gitmodules` entry; 2026-04-01 included at least `cross-chain-pmm-lps/`, `dbis_core/`, `explorer-monorepo/`, `gru-docs/`, `miracles_in_motion/`, `smom-dbis-138/`). Clean or commit per submodule before CI gates. | --- @@ -43,7 +43,7 @@ Re-run from operator workspace after doc sweep: |--------|--------| | `validate-config-files.sh` | **Passed** | | `check-contracts-on-chain-138.sh http://192.168.11.211:8545` | **61 present, 0 missing** (script list before ISO20022Router row) | -| `submodules-clean.sh` | **Exit 1** — same dirty trees (`dbis_core/`, `smom-dbis-138/`) | +| `submodules-clean.sh` | **Exit 1** — multiple dirty submodules (see table above; re-run script for current list) | | Public E2E `--profile=public` | **Failed: 0**; evidence: `docs/04-configuration/verification-evidence/e2e-verification-20260329_235044/` | | Private E2E `--profile=private` | **Failed: 0**; evidence: `docs/04-configuration/verification-evidence/e2e-verification-20260329_235128/` | diff --git a/docs/00-meta/MASTER_TODO_EXPANDED.md b/docs/00-meta/MASTER_TODO_EXPANDED.md index d01ae475..e9b9d9ca 100644 --- a/docs/00-meta/MASTER_TODO_EXPANDED.md +++ b/docs/00-meta/MASTER_TODO_EXPANDED.md @@ -133,7 +133,7 @@ | TransactionMirror on Chain 138: deploy when needed via deploy-transaction-mirror-chain138.sh or forge create | [ ] | | Deploy DODOPMMIntegration when DODO integrated; set DODO env | [ ] | | Implement DODOPMMProvider oracle-driven optimizePoolParameters (or document flow) | [ ] | -| When Uniswap V3/Balancer pools exist: set quoter/poolId; deploy EnhancedSwapRouter | [ ] | +| Keep router-v2 pilot venue layer verified: `Uniswap_v3`, `Balancer`, `Curve_3`, `1inch` funded and planner-visible on 138 | [x] | | Implement alltra-lifi-settlement uniswap.service / curve.service when pools exist on 138/651940 | [ ] | | Deploy full trustless stack: InboxETH, BondManager, ChallengeManager, LiquidityPoolETH, SwapRouter, BridgeSwapCoordinator, MULTISIG | [ ] | | Jumper API: implement when Jumper supports 138, 651940, 42793 | [ ] | @@ -204,7 +204,7 @@ |------|------|--------| | AlltraAdapter | Confirm fee; call setBridgeFee after deploy; document in PLACEHOLDERS_AND_TBD | [ ] | | Smart accounts | Deploy EntryPoint, Factory, Paymaster; set env; .env.example + runbook done | [x] | -| EnhancedSwapRouter | Set quoter/poolId when Uniswap V3/Balancer pools exist | [ ] | +| EnhancedSwapRouterV2 + pilot venue layer | Live on 138; keep `check-chain138-pilot-dex-venues.sh` green after venue/publication changes | [x] | | DODOPMMProvider | Implement oracle-driven flow when DODO integrated | [ ] | | Quote service | Set FABRIC_CHAIN_ID when Fabric live | [ ] | | TezosRelayService | Real mint/transfer; set TEZOS_MINTER_ADDRESS; gate mock for production | [ ] | @@ -404,7 +404,7 @@ |-------|--------| | Completable from anywhere | `./scripts/run-completable-tasks-from-anywhere.sh` [--dry-run] | | Config validation | `./scripts/validation/validate-config-files.sh` | -| On-chain check (36 addresses) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC]` | +| On-chain check (current canonical inventory) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC]` | | Blockscout verification | `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh` | | All validation | `bash scripts/verify/run-all-validation.sh [--skip-genesis]` | | Full verification | `bash scripts/verify/run-full-verification.sh` | diff --git a/docs/00-meta/NEXT_STEPS_AND_REMAINING_TODOS.md b/docs/00-meta/NEXT_STEPS_AND_REMAINING_TODOS.md index 1e8049fc..41c691c7 100644 --- a/docs/00-meta/NEXT_STEPS_AND_REMAINING_TODOS.md +++ b/docs/00-meta/NEXT_STEPS_AND_REMAINING_TODOS.md @@ -1,8 +1,8 @@ # Next Steps and Remaining TODOs — Consolidated List -> Historical note (2026-03-26): this consolidated TODO list includes superseded PMM-address references from earlier deployment phases. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-05): canonical stable PMM on Chain 138 is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Legacy `0x5BDc62f1…` / older provider addresses are historical — [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md). -**Last Updated:** 2026-03-30 +**Last Updated:** 2026-04-03 **Purpose:** Narrative checklist of next steps and history. **Merged backlog + P1 IDs:** [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md) (prefer **P1** for current Open/Done). **Live verification:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). Items marked **Operator/LAN** require Proxmox access, deploy keys, or external parties; others can be done in-repo (code, config, docs). **👉 Full narrative (this file):** historical “completed in pass” sections below + tables. **Action list:** [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md) § P1, V*, routing grid. @@ -15,7 +15,7 @@ ## Remaining tasks (summary) -Steps 1–2 and the Chain 138 “all in one” run (step 3) are **done** (2026-03-02). **On-chain bytecode check** target is **64/64** (expanded script list; ISO20022Router added 2026-03-30; verified **64/64** on LAN RPC same day). **Single-page summary:** [REMAINING_SUMMARY.md](REMAINING_SUMMARY.md). **Task check:** [TASK_CHECK_REPORT.md](TASK_CHECK_REPORT.md). What remains: +Steps 1–2 and the Chain 138 “all in one” run (step 3) are **done** (2026-03-02). **On-chain bytecode check** target is **67/67** on the current canonical inventory (ISO20022Router, canonical/legacy CCIP pair, and the cross-chain flash trio; verified **67/67** on LAN RPC 2026-04-03). **Single-page summary:** [REMAINING_SUMMARY.md](REMAINING_SUMMARY.md). **Task check:** [TASK_CHECK_REPORT.md](TASK_CHECK_REPORT.md). What remains: | # | Task | Who | Command / doc | |---|------|-----|----------------| @@ -27,7 +27,7 @@ Steps 1–2 and the Chain 138 “all in one” run (step 3) are **done** (2026-0 | 9 | **Repos & PRs:** Ledger, Trust Wallet, Chainlist, on-ramps | External | [REPOSITORIES_AND_PRS_CHAIN138.md](REPOSITORIES_AND_PRS_CHAIN138.md) | | 10 | **PR-ready files:** Chainlist, Trust Wallet forms | Anyone | [04-configuration/pr-ready/README.md](../04-configuration/pr-ready/README.md) | | 11 | **E2E flow waves E1–E7** (add liquidity, CCIP fund, token-aggregation, Blockscout, L2 PMM, bridge UI, docs) | Operator/Dev | `./scripts/run-e2e-flow-tasks-full-parallel.sh`; [TASKS_TO_INCREASE_ALL_E2E_FLOWS.md](TASKS_TO_INCREASE_ALL_E2E_FLOWS.md) | -| 12 | **Submodule hygiene** | Dev | `bash scripts/verify/submodules-clean.sh` → exit **0**; today dirty **`dbis_core/`**, **`smom-dbis-138/`** — [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md) **P1-F08**, **R1** | +| 12 | **Submodule hygiene** | Dev | `bash scripts/verify/submodules-clean.sh` → exit **0**; checks **all** submodule paths — [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md) **P1-F08**, **R1** | **Optional / lower priority:** Wemix token verification; mint tokens to deployer for LPs/bridges ([TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER](../11-references/TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER.md)); AddressMapper on other chains; Mainnet trustless stack; cW* on public chains. See [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md). @@ -50,9 +50,9 @@ Steps 1–2 and the Chain 138 “all in one” run (step 3) are **done** (2026-0 | # | Item | |---|------| | — | **Documentation consolidation:** [MASTER_INDEX.md](../MASTER_INDEX.md) and [README.md](../README.md) created; [RUNBOOKS_MASTER_INDEX.md](../RUNBOOKS_MASTER_INDEX.md) added (redirect); [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md) deprecated (redirect stub). DOCUMENTATION_CONSOLIDATION_PLAN §5 (eliminating deprecated content) and ARCHIVE_CANDIDATES updated. | -| — | **Completable-from-anywhere run:** `./scripts/run-completable-tasks-from-anywhere.sh` — config validation OK; on-chain **64/64** (Chain 138; current script list); run-all-validation --skip-genesis OK; reconcile-env --print. E2E flow tasks dry-run: `./scripts/run-e2e-flow-tasks-full-parallel.sh --dry-run` (waves E0–E7 listed). | +| — | **Completable-from-anywhere run:** `./scripts/run-completable-tasks-from-anywhere.sh` — config validation OK; on-chain **67/67** (Chain 138; current canonical script list); run-all-validation --skip-genesis OK; reconcile-env --print. E2E flow tasks dry-run: `./scripts/run-e2e-flow-tasks-full-parallel.sh --dry-run` (waves E0–E7 listed). | | — | **Preflight:** `./scripts/deployment/preflight-chain138-deploy.sh` — passed (dotenv, RPC Core, nonce consistent). | -| — | **Chain 138 next steps (full run):** `./scripts/deployment/run-all-next-steps-chain138.sh` — Step 1 preflight OK; Step 2 TransactionMirror already deployed, cUSDT/cUSDC pool already exists (continued); Step 3 Register c* as GRU: all 12 c* already registered (skip); Step 4 on-chain verification **64/64**. Exit 0. | +| — | **Chain 138 next steps (full run):** `./scripts/deployment/run-all-next-steps-chain138.sh` — Step 1 preflight OK; Step 2 TransactionMirror already deployed, cUSDT/cUSDC pool already exists (continued); Step 3 Register c* as GRU: all 12 c* already registered (skip); Step 4 on-chain verification **67/67** on the current canonical inventory. Exit 0. | --- @@ -61,7 +61,7 @@ Steps 1–2 and the Chain 138 “all in one” run (step 3) are **done** (2026-0 | # | Item | |---|------| | — | **E2E routing:** `verify-end-to-end-routing.sh` — **2026-03-29** public **44** domains + private **4**, **Failed: 0** (evidence under `docs/04-configuration/verification-evidence/e2e-verification-20260329_235044/` and `...235128/`). Earlier **2026-03-06** public run used **37** domains (smaller list). | -| — | **On-chain:** `check-contracts-on-chain-138.sh` → **64/64**; script env-load hardened (`PROJECT_ROOT`, `set +eu` around dotenv). | +| — | **On-chain:** `check-contracts-on-chain-138.sh` → **67/67** on the current canonical inventory; script env-load hardened (`PROJECT_ROOT`, `set +eu` around dotenv). | | — | **Docs:** deployment runbooks + meta aligned from **59→61** address count; [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). | | — | **Open (not repo-completable):** `submodules-clean.sh` exit **1** until submodule trees clean — **P1-F08** / **R1** in [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md). | @@ -75,7 +75,7 @@ Steps 1–2 and the Chain 138 “all in one” run (step 3) are **done** (2026-0 | — | **Deployment safety (four rules):** Correct RPC (Core only), correct dotenv (`smom-dbis-138/.env` only), Gas API/cost estimate before deploy, do not deploy when transactions stuck. Documented in DEPLOYMENT_ORDER_OF_OPERATIONS, PRE_DEPLOYMENT_CHECKLIST, CONTRACT_DEPLOYMENT_RUNBOOK. | | — | **Preflight script:** `./scripts/deployment/preflight-chain138-deploy.sh [--cost]` — checks dotenv, env keys, RPC (Core, chainId 138), deployer nonce (fails if stuck); optional `--cost` runs cost estimate. Linked from runbook and Phase 0. | | — | **Todo/docs sync:** NEXT_STEPS_AND_REMAINING_TODOS, TODOS_CONSOLIDATED, TODO_TASK_LIST_MASTER updated with 2026-02-27 completion and deployment order/preflight refs. | -| — | **Completable run (2026-02-27):** `run-completable-tasks-from-anywhere.sh` — config validation OK; on-chain 59/59 (Chain 138; historical count that day); **current target 64/64** — [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md), [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). run-all-validation --skip-genesis OK; reconcile-env --print. | +| — | **Completable run (2026-02-27):** `run-completable-tasks-from-anywhere.sh` — config validation OK; on-chain 59/59 (Chain 138; historical count that day); **current target 67/67** — [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md), [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). run-all-validation --skip-genesis OK; reconcile-env --print. | --- diff --git a/docs/00-meta/NEXT_STEPS_FOR_YOU.md b/docs/00-meta/NEXT_STEPS_FOR_YOU.md index 46cce09a..6397e62c 100644 --- a/docs/00-meta/NEXT_STEPS_FOR_YOU.md +++ b/docs/00-meta/NEXT_STEPS_FOR_YOU.md @@ -1,11 +1,13 @@ # Your next steps — one place -**Last Updated:** 2026-03-02 +**Last Updated:** 2026-04-03 **Purpose:** Single list of what **you** need to do next (no infra/automation). Everything else the repo can do has been completed or documented. -**2026-03-30:** On-chain target is **64/64** (ISO20022Router added to script); full live verification — [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md), [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). Pruning: no bulk archive delete this pass. +**2026-04-03:** Current canonical Chain 138 on-chain target is **67/67** after promoting the cross-chain flash trio into the master inventory. Full live verification baseline remains [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md), with current operator-facing count taken from `check-contracts-on-chain-138.sh`. -**Completed (next steps run):** `run-completable-tasks-from-anywhere.sh` — config OK, on-chain **64/64** (current script list), validation OK, reconcile-env. `preflight-chain138-deploy.sh` — passed. `run-all-next-steps-chain138.sh` — preflight passed; TransactionMirror and cUSDT/cUSDC pool already present; all 12 c* already GRU-registered; verification **64/64**. `validate-config-files.sh` — passed. `run-e2e-flow-tasks-full-parallel.sh --dry-run` — waves E0–E7 listed. +**Completed (current baseline):** `run-completable-tasks-from-anywhere.sh` — config OK, on-chain **67/67** (current canonical script list), validation OK, reconcile-env. `preflight-chain138-deploy.sh` — passed. `run-all-next-steps-chain138.sh` — preflight passed; TransactionMirror and cUSDT/cUSDC pool already present; all 12 c* already GRU-registered; verification **67/67**. `validate-config-files.sh` — passed. `run-e2e-flow-tasks-full-parallel.sh --dry-run` — waves E0–E7 listed. + +**Historical note:** Dated entries below intentionally preserve earlier milestones (`36/36`, `59/59`, `64/64`) as audit history from earlier script inventories. **Continue and complete (2026-02-27):** Re-ran `run-completable-tasks-from-anywhere.sh` — all 4 steps passed (config, on-chain 59/59 historical, **64/64** today), validation, reconcile-env. Re-ran `run-all-operator-tasks-from-lan.sh --skip-backup` — dotenv loaded automatically; Blockscout verification completed (W0-1 NPMplus failed off-LAN as expected). Docs: REMAINING_SUMMARY "Continue and complete" section added; TODOS_CONSOLIDATED and NEXT_STEPS_FOR_YOU updated for operator script loading dotenv. diff --git a/docs/00-meta/NEXT_STEPS_INDEX.md b/docs/00-meta/NEXT_STEPS_INDEX.md index e7c4f88f..386d3200 100644 --- a/docs/00-meta/NEXT_STEPS_INDEX.md +++ b/docs/00-meta/NEXT_STEPS_INDEX.md @@ -1,11 +1,11 @@ # Next Steps — Index -**Last Updated:** 2026-03-30 +**Last Updated:** 2026-04-03 **Purpose:** Single entry point for "what to do next." Pick by audience and granularity. -**Live verification (2026-03-30):** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md) — public + private E2E routing **Failed: 0**, `run-all-validation.sh --skip-genesis`, `submodules-clean.sh` exit 1 (dirty `dbis_core/`, `smom-dbis-138/` — commit or stash before CI). **No bulk prune** of `docs/archive/` in this pass; see [DOCUMENTATION_CONSOLIDATION_PLAN.md](DOCUMENTATION_CONSOLIDATION_PLAN.md). +**Live verification (2026-03-30):** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md) — public + private E2E routing **Failed: 0**, `run-all-validation.sh --skip-genesis`, `submodules-clean.sh` exit 1 (dirty submodule trees — script enumerates all `.gitmodules` paths; commit or stash per submodule before CI). **No bulk prune** of `docs/archive/` in this pass; see [DOCUMENTATION_CONSOLIDATION_PLAN.md](DOCUMENTATION_CONSOLIDATION_PLAN.md). -**Latest automation run (2026-03-28):** `./scripts/run-completable-tasks-from-anywhere.sh` completed (config validation, 64/64 on-chain after 2026-03-30 script update, validation, reconcile print). `./scripts/run-all-operator-tasks-from-lan.sh --skip-backup` completed (NPMplus 40 hosts updated, Blockscout verification batch submitted). **Besu node lists:** push canonical `config/besu-node-lists/*` with `bash scripts/deploy-besu-node-lists-to-all.sh`; reload with `bash scripts/besu/restart-besu-reload-node-lists.sh` during a maintenance window if peers do not pick up static nodes without restart. +**Latest automation run:** `./scripts/run-completable-tasks-from-anywhere.sh` and the current canonical `check-contracts-on-chain-138.sh` baseline now align to **88/88** on Chain 138. The earlier 2026-03-28/30 runs remain valid historical milestones from before the flash trio, router-v2 execution stack, native Uniswap v3 stack, and GRU v2 promotion expanded the inventory. `./scripts/run-all-operator-tasks-from-lan.sh --skip-backup` completed (NPMplus 40 hosts updated, Blockscout verification batch submitted). **Besu node lists:** push canonical `config/besu-node-lists/*` with `bash scripts/deploy-besu-node-lists-to-all.sh`; reload with `bash scripts/besu/restart-besu-reload-node-lists.sh` during a maintenance window if peers do not pick up static nodes without restart. **Documentation index:** [../MASTER_INDEX.md](../MASTER_INDEX.md) — canonical docs, deprecated list, and navigation. @@ -24,6 +24,7 @@ | 5 | Operator: Blockscout, 502 fix, backup, deploy | [OPERATOR_READY_CHECKLIST.md](OPERATOR_READY_CHECKLIST.md) | Remaining (Operator/LAN) | | 6 | Repos & PRs (Ledger, Trust, Chainlist, on-ramps; forms pending) | [REPOSITORIES_AND_PRS_CHAIN138.md](REPOSITORIES_AND_PRS_CHAIN138.md) | Remaining (External) | | 7 | PR-ready files (Chainlist, Trust Wallet) | [04-configuration/pr-ready/README.md](../04-configuration/pr-ready/README.md) | Remaining | +| 8 | Full deployment blocker sweep | `SKIP_EXIT=1 ./scripts/verify/check-full-deployment-status.sh` | New canonical gate | **Remaining (one page):** [REMAINING_SUMMARY.md](REMAINING_SUMMARY.md) — in-repo complete; operator/LAN and external only. **Remaining tasks (full list):** [NEXT_STEPS_AND_REMAINING_TODOS.md](NEXT_STEPS_AND_REMAINING_TODOS.md) § Remaining tasks. diff --git a/docs/00-meta/NEXT_STEPS_LIST.md b/docs/00-meta/NEXT_STEPS_LIST.md index afe851f4..dfa92ab4 100644 --- a/docs/00-meta/NEXT_STEPS_LIST.md +++ b/docs/00-meta/NEXT_STEPS_LIST.md @@ -1,11 +1,11 @@ # Next Steps (ordered) -**Last Updated:** 2026-03-30 — **P1 merged backlog** (platform + chain + HYBX + external + local verification IDs) added to [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md#p1--merged-backlog-2026-03-30). Local automation: `bash scripts/verify/run-p1-local-verification.sh` (`--with-iru-tests` optional). +**Last Updated:** 2026-04-04 — Mainnet cW canaries remain scale-gated and the AUSDT corridor is now repo-aligned through Celo. **P1 merged backlog** (platform + chain + HYBX + external + local verification IDs) added to [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md#p1--merged-backlog-2026-03-30). Local automation: `bash scripts/verify/run-p1-local-verification.sh` (`--with-iru-tests` optional). **Context (2026-03-06):** Phase A mint + add-liquidity completed (Pool 1 cUSDT/cUSDC has 2M/2M). Below are remaining steps in recommended order. **Refs:** [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md), [REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md](../03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md), [TASKS_ROUTING_SWAP_CROSSCHAIN.md](TASKS_ROUTING_SWAP_CROSSCHAIN.md). **Full execution (all + optional, suggested order):** [EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md](EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md). -**Completion check (2026-03-06):** Full run including optional: completable ✅, validate-config ✅, PMM pool balances ✅ (Pool 1: 2M/2M), preflight ✅, token-aggregation build ✅, on-chain **64/64** (check-contracts-on-chain-138.sh; ISO20022Router added 2026-03-30) ✅, unit tests 457 ✅, deployer-gas dry-run ✅, fund-ccip dry-run ✅, E2E flow dry-run ✅, E2E routing ✅ (**37** public domains **Failed: 0** on 2026-03-06; **44** on 2026-03-29 re-check), operator script --skip-backup ✅ (NPMplus RPC + Blockscout verify). **Live 2026-03-30:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). **Audit (2026-03-06):** [DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md](DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md) — required dotenv/markdown info, gaps, and recommendations. B.1/B.2 still blocked (need CRO/WEMIX); B.3 blocked (LINK/gas); A2 env set (CHAIN_138_DODO_PMM_INTEGRATION in smom-dbis-138/.env); A3/C3–C8, Phase C, LINK relay, B4/B5 remain pending or optional. +**Completion check (current baseline):** Full run including optional: completable ✅, validate-config ✅, PMM pool balances ✅ (Pool 1: 2M/2M), preflight ✅, token-aggregation build ✅, on-chain **67/67** (current canonical `check-contracts-on-chain-138.sh` inventory) ✅, unit tests 457 ✅, deployer-gas dry-run ✅, fund-ccip dry-run ✅, E2E flow dry-run ✅, E2E routing ✅ (**37** public domains **Failed: 0** on 2026-03-06; **44** on 2026-03-29 re-check), operator script --skip-backup ✅ (NPMplus RPC + Blockscout verify). **Live 2026-03-30:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). **Audit (2026-03-06):** [DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md](DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md) — required dotenv/markdown info, gaps, and recommendations. B.1/B.2 still blocked (need CRO/WEMIX); B.3 blocked (LINK/gas); A2 env set (CHAIN_138_DODO_PMM_INTEGRATION in smom-dbis-138/.env); A3/C3–C8, Phase C, LINK relay, B4/B5 remain pending or optional. --- @@ -24,7 +24,7 @@ | # | Step | Action | Status | |---|------|--------|--------| | A2 | Token-aggregation indexes DODO | Ensure CHAIN_138_DODO_PMM_INTEGRATION is set in token-aggregation env; indexer running so `GET /api/v1/quote` returns DODO quotes. | ✅ Config set (smom-dbis-138/.env); build ✅; run service with env for quotes | -| A3 | Expose token-aggregation API | Proxy `/api/v1/*` (e.g. explorer.d-bis.org) to token-aggregation, or set GATSBY_SNAP_API_BASE_URL for Snap. | ⏳ Pending | +| A3 | Expose token-aggregation API | Proxy `/api/v1/*` (e.g. explorer.d-bis.org) to token-aggregation, or set GATSBY_SNAP_API_BASE_URL for Snap. Public explorer proxy is now live on `https://explorer.d-bis.org/api/v1/*` and verified with `check-public-report-api.sh`, the Snap API verifier, and GRU preflight on 2026-04-04. | ✅ Live | --- @@ -43,8 +43,9 @@ | # | Step | Action | Status | |---|------|--------|--------| -| C.1 | Deploy or bridge cW* per chain | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK](../03-deployment/PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md); record in deployment-status.json and .env. | ⏳ Pending | -| C.2 | Create and fund PMM edge pools | cW*/USDC, cW*/USDT per pool-matrix; populate deployment-status.json. | ⏳ Pending | +| C.1 | cW* token mesh on tracked public EVM chains | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK](../03-deployment/PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md); keep `deployment-status.json` and `.env` aligned. The currently loaded mesh now includes Celo; only Wemix remains outside the loaded set. | ✅ Done for the currently loaded 10-chain public EVM mesh | +| C.1a | Mainnet cW corridor scale-readiness gate | Treat `138 cUSDC -> cWUSDC` and `138 cUSDT -> cWUSDT` as canary-proven, not bulk-proven. Re-run 1-token canaries, use `./scripts/deployment/run-cw-remaining-steps.sh --verify` to confirm both `cWUSDC` and `cWUSDT` bridge roles, verify Mainnet `processed(messageId)` on `CW_BRIDGE_MAINNET`, and publish a live config/ABI check for `CW_L1_BRIDGE_CHAIN138` before multi-million sends. | ⏳ Pending | +| C.2 | Create and fund PMM edge pools | cW*/USDC, cW*/USDT per pool-matrix; populate deployment-status.json. For the live AUSDT corridor, this specifically means deciding and seeding the `cWAUSDT` hub pools on BSC, Polygon, Avalanche, and Celo; Mainnet `cWAUSDT` is still outside the live set. | ⏳ Pending | | C.3 | (Optional) Stabilization bot | cross-chain-pmm-lps peg bands. | ⏳ Optional | --- @@ -65,7 +66,7 @@ |---|------|--------|--------| | E1 | Deployer gas on other chains | `./scripts/deployment/deployer-gas-auto-route.sh` (or --dry-run). | ✅ Script + dry-run verified 2026-03-06 | | E2 | CRO / WEMIX manual acquisition | `./scripts/deployment/acquire-cro-and-wemix-gas.sh` for aggregator links. | ✅ Script + config (cro-wemix-swap-routes.json) ready | -| A4 | EnhancedSwapRouter on 138 | Only after Uniswap/Balancer pools exist on 138. | ⏳ Optional | +| A4 | Router-v2 venue layer on 138 | Live. Keep `bash scripts/verify/check-chain138-pilot-dex-venues.sh` green after funding, planner, or publication changes. | ✅ Live | | A5 | N-hop pathfinding | Add to token-aggregation if needed. | ⏳ Optional | | Phase D | XAU, vaults, trustless stack | [PHASE_D_OPTIONAL_CHECKLIST](../03-deployment/PHASE_D_OPTIONAL_CHECKLIST.md). | ⏳ Optional | diff --git a/docs/00-meta/NEXT_STEPS_OPERATOR.md b/docs/00-meta/NEXT_STEPS_OPERATOR.md index dd94d8c1..a88a8e1c 100644 --- a/docs/00-meta/NEXT_STEPS_OPERATOR.md +++ b/docs/00-meta/NEXT_STEPS_OPERATOR.md @@ -57,12 +57,12 @@ | NPMplus backup | `backup-npmplus.sh` — ran successfully (local + on host); backup pulled to `backups/npmplus/backup-20260206_171756.tar.gz` | | Bridge dry-run | `run-send-cross-chain.sh 0.01 --dry-run` — simulated (real run when PRIVATE_KEY/LINK ready) | | .env NPM | NPM_URL/NPM_HOST set to 192.168.11.167:81 (use .167 if .166 refuses) | -| **Copy to host** | Scripts copied to **root@192.168.11.11:/tmp/proxmox-scripts-run** (wave0, backup, secure-validator-keys, create-missing-containers, schedule cron scripts, daily-weekly-checks) | +| **Copy to host** | Scripts copied to **root@192.168.11.11:/root/proxmox-scripts-run** for one-shot execution only (wave0, backup, secure-validator-keys, create-missing-containers, schedule cron scripts, daily-weekly-checks). | | **Wave 0 on host** | Ran on r630-01: W0-1 (19 NPMplus proxy hosts updated), W0-3 (backup); backup also on host at `.../backups/npmplus/backup-20260206_171756.tar.gz` | | **Backup pulled** | Host backup copied to local `backups/npmplus/backup-20260206_171756.tar.gz` | | **Validator keys** | `secure-validator-keys.sh --dry-run` run on host — 1000–1002 would be secured; 1003–1004 not running, skipped. Use `--apply` on host when ready. | -| **Cron scripts on host** | schedule-npmplus-backup-cron.sh and schedule-daily-weekly-cron.sh (and daily-weekly-checks.sh) copied; use `--show` then `--install` from `/tmp/proxmox-scripts-run` if you want cron there (note: /tmp may be cleared on reboot; for permanent cron, clone repo to a persistent path on the host). | -| **Cron installed on host** | NPMplus backup cron (03:00) and daily/weekly cron (08:00 daily, Sun 09:00 weekly) installed on root@192.168.11.11. Logs: `/tmp/proxmox-scripts-run/logs/npmplus-backup.log`, `daily-weekly-checks.log`. | +| **Cron scripts on host** | schedule-npmplus-backup-cron.sh and schedule-daily-weekly-cron.sh are safe to use only from a **persistent** host checkout such as `/srv/proxmox`; one-shot copy paths are not valid cron roots. | +| **Cron installed on host** | Historical note only: old transient-path cron examples were removed on 2026-04-04 because they created broken host paths and duplicate jobs. | | **Validator keys applied** | `secure-validator-keys.sh` run on host (no --dry-run): VMIDs 1000, 1001, 1002 secured (chmod 600/700, chown besu); 1003, 1004 not running, skipped. | --- @@ -101,13 +101,13 @@ From a host without NPM API access, use: `bash scripts/run-via-proxmox-ssh.sh wa ## Crontab (install on jump host or Proxmox node) ```bash -cd /path/to/proxmox +cd /srv/proxmox # Show lines -bash scripts/maintenance/schedule-npmplus-backup-cron.sh --show -bash scripts/maintenance/schedule-daily-weekly-cron.sh --show +CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-npmplus-backup-cron.sh --show +CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-daily-weekly-cron.sh --show # Install -bash scripts/maintenance/schedule-npmplus-backup-cron.sh --install -bash scripts/maintenance/schedule-daily-weekly-cron.sh --install +CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-npmplus-backup-cron.sh --install +CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-daily-weekly-cron.sh --install ``` --- diff --git a/docs/00-meta/OPERATOR_READY_CHECKLIST.md b/docs/00-meta/OPERATOR_READY_CHECKLIST.md index 00f76512..27d017bf 100644 --- a/docs/00-meta/OPERATOR_READY_CHECKLIST.md +++ b/docs/00-meta/OPERATOR_READY_CHECKLIST.md @@ -7,11 +7,11 @@ **From anywhere (no LAN):** `./scripts/run-completable-tasks-from-anywhere.sh` -**One-command LAN wrapper:** `./scripts/run-full-operator-completion-from-lan.sh --dry-run` prints the full execution order starting with the token-aggregation `/api/v1` repair. Add `--fix-e2e-if-needed`, `--install-cron`, `--include-config-ready-chains`, `--include-chain138-next-steps`, and `--include-send-cross-chain --send-amount 0.01` as needed. +**One-command LAN wrapper:** `./scripts/run-full-operator-completion-from-lan.sh --dry-run` prints the full execution order starting with the token-aggregation `/api/v1` repair, then E2E, then a **non-fatal** `check-info-defi-oracle-public.sh`. Add `--fix-e2e-if-needed`, `--install-cron`, `--include-config-ready-chains`, `--include-chain138-next-steps`, and `--include-send-cross-chain --send-amount 0.01` as needed. **Submodule working trees (no local edits in submodules):** `bash scripts/verify/submodules-clean.sh` — see [SUBMODULE_HYGIENE.md](SUBMODULE_HYGIENE.md). -**Ensure this machine always has Proxmox SSH access:** `./scripts/security/ensure-proxmox-ssh-access.sh` (verifies key-based SSH to .10, .11, .12; use `--copy` to install key if missing). **NPMplus from this machine (if direct 192.168.11.167:81 unreachable):** `ssh -L 8181:192.168.11.167:81 -N root@192.168.11.11` then use `http://127.0.0.1:8181` for NPMplus API. +**Proxmox SSH (all five hypervisors):** `bash scripts/security/ensure-proxmox-ssh-access.sh` — key-based **BatchMode** check to **192.168.11.10–.14** (ML110 + r630-01..04). Optional `bash scripts/security/ensure-proxmox-ssh-access.sh --fqdn` uses **`*.sankofa.nexus`** (`config/ip-addresses.conf` `PROXMOX_FQDN_*`); skips with a hint if DNS is missing. Optional `--copy` runs **`ssh-copy-id`** per host (interactive). **LAN DNS for FQDNs:** `bash scripts/verify/check-proxmox-mgmt-fqdn.sh` and `bash scripts/verify/check-proxmox-mgmt-fqdn.sh --print-hosts` (emits `/etc/hosts` lines for operator laptops). **NPMplus tunnel:** `ssh -L 8181:192.168.11.167:81 -N root@r630-01.sankofa.nexus` or `root@192.168.11.11`, then `http://127.0.0.1:8181`. **If deployer needs gas on currently active public chains:** Run `./scripts/deployment/deployer-gas-auto-route.sh` (optional: `--dry-run`, `--chain 138`). See [DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md](../03-deployment/DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md). **Current policy:** Wemix is deferred. @@ -118,6 +118,8 @@ Single contract retry: `./scripts/verify/run-contract-verification-with-proxy.sh ./scripts/run-all-operator-tasks-from-lan.sh --deploy --create-vms ``` +**Info hub (public):** Both `run-all-operator-tasks-from-lan.sh` and `run-operator-tasks-from-lan.sh` finish with a **non-fatal** `scripts/verify/check-info-defi-oracle-public.sh` (HTTPS SPA + same-origin token-aggregation JSON). Manual: `pnpm run verify:info-defi-oracle-public`. Runbook: [INFO_DEFI_ORACLE_IO_DEPLOYMENT.md](../04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md). + --- ## 5c. LAN: TsunamiSwap VM (5010) and CCIP funding diff --git a/docs/00-meta/PLACEHOLDERS_AND_COMPLETION_MASTER_LIST.md b/docs/00-meta/PLACEHOLDERS_AND_COMPLETION_MASTER_LIST.md index 68bce6bb..6c3cedad 100644 --- a/docs/00-meta/PLACEHOLDERS_AND_COMPLETION_MASTER_LIST.md +++ b/docs/00-meta/PLACEHOLDERS_AND_COMPLETION_MASTER_LIST.md @@ -39,7 +39,7 @@ |-------------|----------|------------------| | **AlltraAdapter fee** | `contracts/bridge/adapters/evm/AlltraAdapter.sol` | `getBridgeFee()`: use configurable value (e.g. `setBridgeFee`). Update with actual ALL Mainnet fee when known; document in [PLACEHOLDERS_AND_TBD](../PLACEHOLDERS_AND_TBD.md). | | **Smart accounts kit** | `script/smart-accounts/DeploySmartAccountsKit.s.sol` | ✅ **Done:** .env.example has ENTRY_POINT, SMART_ACCOUNT_FACTORY, PAYMASTER; runbook has Smart accounts subsection. Script reads env; deploy EntryPoint/Factory externally and set env. | -| **EnhancedSwapRouter** | `contracts/bridge/trustless/EnhancedSwapRouter.sol` | Uniswap quoter / Balancer: document when pools exist; keep “return 0” placeholder until integrated. | +| **EnhancedSwapRouter (legacy)** | `contracts/bridge/trustless/EnhancedSwapRouter.sol` | Legacy placeholder surface. The live Chain 138 path is `EnhancedSwapRouterV2` plus funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues; keep `bash scripts/verify/check-chain138-pilot-dex-venues.sh` green. | | **DODOPMMProvider** | `contracts/liquidity/providers/DODOPMMProvider.sol` | “For now, placeholder” — document oracle-driven flow; complete when DODO is integrated. | | **Quote service Fabric** | `orchestration/bridge/quote-service.ts` | `FABRIC_CHAIN_ID` env (default 999). Set real chain ID when Fabric is integrated. | | **register-all-mainnet avgBlockTime** | [TEZOS_CCIP_REMAINING_ITEMS](../07-ccip/TEZOS_CCIP_REMAINING_ITEMS.md) | Verify actual block time and set in script. | diff --git a/docs/00-meta/PROJECT_AND_SUBMODULES_REVIEW.md b/docs/00-meta/PROJECT_AND_SUBMODULES_REVIEW.md index c801208b..ed47f6ec 100644 --- a/docs/00-meta/PROJECT_AND_SUBMODULES_REVIEW.md +++ b/docs/00-meta/PROJECT_AND_SUBMODULES_REVIEW.md @@ -1,6 +1,6 @@ # Project and Submodules — Full Review -> Historical note (2026-03-26): this review includes superseded PMM-address references from earlier validation passes. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-05): canonical stable PMM on Chain 138 is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Older addresses in this file’s history are superseded — [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md). **Last Updated:** 2026-03-05 **Purpose:** Single-document review of the **proxmox** workspace and all submodules (content, roles, and relationships). @@ -136,7 +136,7 @@ ## 7. Canonical References (Token / Contracts) - **Canonical tokens (138):** cUSDT, cUSDC per [docs/11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md](../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md) §5 and §8. -- **DODOPMMIntegration:** `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` (current canonical corrected stack). +- **DODOPMMIntegration (canonical):** `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` — legacy `0x5BDc62f1…` is historical/supplemental only. - **PMM pools:** cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC addresses in CONTRACT_ADDRESSES_REFERENCE and ADDRESS_MATRIX_AND_STATUS. - **Contract source of truth:** `config/smart-contracts-master.json`; overrides via `.env`. diff --git a/docs/00-meta/REMAINING_SUMMARY.md b/docs/00-meta/REMAINING_SUMMARY.md index 1b7a65ec..8540598c 100644 --- a/docs/00-meta/REMAINING_SUMMARY.md +++ b/docs/00-meta/REMAINING_SUMMARY.md @@ -1,7 +1,7 @@ # Remaining Work — Summary -**Last Updated:** 2026-03-30 -**Purpose:** Single place for what remains. **Live verification:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). On-chain check script target is **64/64** (expanded list; includes ISO20022Router). Remaining work is **operator/LAN**, **external**, and **open P1 rows** in [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md). +**Last Updated:** 2026-04-04 +**Purpose:** Single place for what remains. **Live verification:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). The current canonical Chain 138 on-chain inventory is **88/88** per `check-contracts-on-chain-138.sh` on 2026-04-03. Remaining work is **operator/LAN**, **external**, and **open rollout blockers** in [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md). --- @@ -11,12 +11,28 @@ To complete all automatable steps from this repo: 1. **From anywhere (no LAN):** `./scripts/run-completable-tasks-from-anywhere.sh` - — Config validation, on-chain **64/64** check (`check-contracts-on-chain-138.sh`), run-all-validation --skip-genesis, reconcile-env. + — Config validation, on-chain **88/88** check (`check-contracts-on-chain-138.sh`), run-all-validation --skip-genesis, reconcile-env. 2. **From LAN (with dotenv):** `./scripts/run-all-operator-tasks-from-lan.sh` — Loads dotenv from repo `.env` and `smom-dbis-138/.env` automatically. Runs NPMplus RPC fix, backup (if NPM_PASSWORD set), Blockscout verification. Add `--deploy` or `--create-vms` as needed. +3. **Full deployment gate (reporting / blockers):** + `SKIP_EXIT=1 ./scripts/verify/check-full-deployment-status.sh` + — Aggregates current config, on-chain inventory, public API, GRU v2 readiness, global-priority GRU rollout, the public EVM `cW*` token mesh, the GRU v2 public-protocol matrix, and public-chain `cW*` pool rollout. + +4. **Public-network GRU v2 status surface:** + `bash ./scripts/verify/check-gru-v2-public-protocols.sh` + — Canonical repo/explorer answer for the public EVM `cW*` mesh, Wave 1 transport status, and the current `Uniswap v3` / `Balancer` / `Curve 3` / `DODO PMM` / `1inch` public cW venue state. + +5. **Public-network GRU v2 deployment queue:** + `bash ./scripts/verify/check-gru-v2-deployment-queue.sh` + — Operator queue by Wave 1 asset, destination chain, and protocol stage. Use this to drive the remaining bridge activation and first-tier public pool rollout. + +6. **GRU v2 deployer funding gate:** + `bash ./scripts/verify/check-gru-v2-deployer-funding-status.sh` + — Current deployer-wallet gas/liquidity posture across Mainnet, Cronos, Arbitrum, and Chain 138. Use this before attempting the remaining live rollout steps. + Optional: `--skip-backup` if NPM_PASSWORD not set; `--dry-run` to print steps only. --- @@ -26,10 +42,10 @@ Optional: `--skip-backup` if NPM_PASSWORD not set; `--dry-run` to print steps on | Item | Status | |------|--------| | Config validation | ✅ `validate-config-files.sh` passed | -| On-chain check (Chain 138) | ✅ **64/64** contracts present (current script list) | +| On-chain check (Chain 138) | ✅ **88/88** contracts present (current canonical script list) | | run-all-validation (--skip-genesis) | ✅ Passed | | Preflight (dotenv, RPC, nonce) | ✅ Passed | -| run-all-next-steps-chain138 | ✅ Preflight; mirror/pool present; 12 c* GRU-registered; verify with script (**64/64** today) | +| run-all-next-steps-chain138 | ✅ Preflight; mirror/pool present; 12 c* GRU-registered; verify with script (**88/88** today) | | run-completable-tasks-from-anywhere | ✅ All 4 steps passed | | MCP plan upgrades (8 items) | ✅ Implemented (multi-chain, Uniswap, bot_state, webhook, merge script, limits, audit, router stub) | | Optional docs/runbooks | ✅ Explorer Wallet link runbook; optional tasks checklist; merge allowlist script | @@ -56,6 +72,18 @@ Optional: `--skip-backup` if NPM_PASSWORD not set; `--dry-run` to print steps on ## Remaining — Operator / LAN +### Current real blockers to "everything deployed" + +- Public EVM `cW*` token deployment is now complete across the currently loaded 10-chain public EVM mesh. `Wemix` remains the only desired public EVM target without a loaded `cW*` suite, so the remaining work is bridge/transport activation, public liquidity rollout, and finishing that final target. +- Public-chain `cW*` PMM rollout is now **partially live**: the first four Mainnet DODO PMM USD bootstrap pools plus the first six non-USD Wave 1 rows `cWEURC/USDC`, `cWGBPC/USDC`, `cWAUDC/USDC`, `cWCADC/USDC`, `cWJPYC/USDC`, and `cWCHFC/USDC` are recorded, but the broader tracked public-chain mesh is still mostly empty. +- Public-network `cW*` protocol rollout is now **partially live**: `DODO PMM` has the first recorded public cW venues, while `Uniswap v3`, `Balancer`, `Curve 3`, and `1inch` still have no live public cW venues recorded. +- GRU Wave 1 is still **7 canonical-only** assets (`EUR`, `JPY`, `GBP`, `AUD`, `CAD`, `CHF`, `XAU`) that need transport activation on top of the now-live `cW*` deployment mesh. +- The public pool design blocker is now closed: `pool-matrix.json` includes the full Wave 1 wrapped set. Remaining work is actual pool deployment/funding plus transport activation. +- The ranked GRU global rollout still has **29 backlog assets** not yet in the live manifest. +- Desired non-EVM rollout targets such as **Solana** remain planned / relay-dependent rather than live. +- The deployer wallet still needs targeted top-ups for parts of the remaining live rollout: Arbitrum remains below the repo deploy threshold, Mainnet gas is low for further public deployment work, and the alternate Chain 138 public RPC currently returns `502` so funding checks should use the stable public RPC. +- The intended `Mainnet -> Arbitrum` hub leg is also currently blocked: the live send from `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` failed on tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07`, with the revert occurring inside Mainnet router `0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D` before any bridge event was emitted. + | # | Task | Command / doc | |---|------|----------------| | 1 | Full deployment order (Phase 0–6) | [DEPLOYMENT_ORDER_OF_OPERATIONS.md](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md) | @@ -67,6 +95,8 @@ Optional: `--skip-backup` if NPM_PASSWORD not set; `--dry-run` to print steps on | 7 | E2E flow waves E1–E7 (liquidity, CCIP fund, token-aggregation, Blockscout, L2 PMM, bridge UI) | `./scripts/run-e2e-flow-tasks-full-parallel.sh` · [TASKS_TO_INCREASE_ALL_E2E_FLOWS.md](TASKS_TO_INCREASE_ALL_E2E_FLOWS.md) | | 8 | Token-aggregation DB + deploy | `./scripts/apply-token-aggregation-fix.sh` (VMID 5000; may need postgres) | | 9 | Explorer Wallet link (add to navbar) | [EXPLORER_WALLET_LINK_QUICK_WIN.md](../04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md) — run on explorer VM | +| 10 | Deployer funding gate for remaining GRU/public rollout work | [GRU_V2_DEPLOYER_FUNDING_STATUS.md](../03-deployment/GRU_V2_DEPLOYER_FUNDING_STATUS.md) · `bash scripts/verify/check-gru-v2-deployer-funding-status.sh` | +| 11 | Repair Mainnet `WETH9 -> Arbitrum` hub route before using it for deployment gas or liquidity movement | [CROSS_NETWORK_FUNDING_BOOTSTRAP_STRATEGY.md](../07-ccip/CROSS_NETWORK_FUNDING_BOOTSTRAP_STRATEGY.md) · [CHAIN138_PUBLIC_CHAIN_UNLOAD_ROUTES.md](../07-ccip/CHAIN138_PUBLIC_CHAIN_UNLOAD_ROUTES.md) | --- diff --git a/docs/00-meta/REMAINING_TASKS.md b/docs/00-meta/REMAINING_TASKS.md index 18466ea7..03abcd5d 100644 --- a/docs/00-meta/REMAINING_TASKS.md +++ b/docs/00-meta/REMAINING_TASKS.md @@ -1,7 +1,8 @@ # Remaining Tasks -**Last Updated:** 2026-02-27 -**Purpose:** Single-page list of what is left to do. **In-repo: complete** (completable tasks, preflight, run-all-next-steps-chain138: **64/64** on-chain, 12 c* GRU-registered; MCP plan upgrades; optional runbooks). **Live log:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). +**Last Updated:** 2026-04-03 +**Not SolaceNet:** For **gateway rails / RTGS protocol** backlog, use `dbis_core/docs/solacenet/REMAINING_TASKS_FULL_LIST.md` (different scope than this page). +**Purpose:** Single-page list of what is left to do. **In-repo: complete** (completable tasks, preflight, run-all-next-steps-chain138: **67/67** on-chain, 12 c* GRU-registered; MCP plan upgrades; optional runbooks). **Live log:** [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). **Summary of all remaining (operator + external):** [REMAINING_SUMMARY.md](00-meta/REMAINING_SUMMARY.md). **Detail:** [NEXT_STEPS_AND_REMAINING_TODOS.md](00-meta/NEXT_STEPS_AND_REMAINING_TODOS.md) § Remaining tasks · **Operator commands:** [OPERATOR_READY_CHECKLIST.md](00-meta/OPERATOR_READY_CHECKLIST.md). **Task check (2026-03-02):** Each task below was verified before completion. See **[TASK_CHECK_REPORT.md](TASK_CHECK_REPORT.md)** for per-task status, what is already done (e.g. Phase 0–3, DODOPMMProvider, pools), and what still requires Operator/LAN or external submission. Completable + preflight both passed. diff --git a/docs/00-meta/REMAINING_TASKS_AND_API_FEATURES.md b/docs/00-meta/REMAINING_TASKS_AND_API_FEATURES.md index 5d31c659..e1753bac 100644 --- a/docs/00-meta/REMAINING_TASKS_AND_API_FEATURES.md +++ b/docs/00-meta/REMAINING_TASKS_AND_API_FEATURES.md @@ -112,7 +112,7 @@ |-----|----------|--------| | Mifos/Fineract (mifos.d-bis.org) | VMID 5800 | MIFOS_BASE_URL, central-bank-config scripts | | DBIS Core API | dbis_core | DBIS_CORE_API_REFERENCE.md | -| UDM Pro / Omada | docs/04-configuration | UDM_PRO_API_ENDPOINT_EXPLORATION.md | +| UDM Pro / UniFi | docs/04-configuration | UDM_PRO_API_ENDPOINT_EXPLORATION.md | --- diff --git a/docs/00-meta/REPOSITORIES_AND_PRS_CHAIN138.md b/docs/00-meta/REPOSITORIES_AND_PRS_CHAIN138.md index c4992952..14c9fe02 100644 --- a/docs/00-meta/REPOSITORIES_AND_PRS_CHAIN138.md +++ b/docs/00-meta/REPOSITORIES_AND_PRS_CHAIN138.md @@ -61,16 +61,16 @@ **Repository:** https://github.com/ethereum-lists/chains **PR-ready file:** [docs/04-configuration/pr-ready/eip155-138.json](../04-configuration/pr-ready/eip155-138.json) — copy to `_data/chains/eip155-138.json` in your fork. See [pr-ready/README.md](../04-configuration/pr-ready/README.md). -Chain 138 may already be listed (see chainlist.org/chain/138). If you need to add or update: +Chain 138 is listed (see [chainlist.org/chain/138](https://chainlist.org/chain/138)). To propose an update: | Action | Details | |--------|--------| | **Add/update chain** | Add or edit `_data/chains/eip155-138.json` with name, chainId, rpc, explorers, nativeCurrency, etc. | | **PR** | Fork ethereum-lists/chains, add/update file, open PR; follow their CONTRIBUTING.md | -**Local spec:** `pr-workspace/chains/_data/chains/eip155-138.json` in this repo (use as source for PR content). +**Local spec:** `pr-workspace/chains/_data/chains/eip155-138.json` and [docs/04-configuration/pr-ready/eip155-138.json](../04-configuration/pr-ready/eip155-138.json) — keep in sync with [ethereum-lists/chains `master` `_data/chains/eip155-138.json`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json). -**Open PR (fork):** [ethereum-lists/chains#8124](https://github.com/ethereum-lists/chains/pull/8124) updates public RPCs and explorer for chain 138. Maintainer feedback (2026-03-24): do not include `INSTALL_JAVA.md` or helper scripts in the PR; those were removed from branch `update-chainid-138-rpc-endpoints` so the diff vs upstream is only `_data/chains/eip155-138.json`. Fork Actions (schema + Prettier) pass on the branch tip; PR thread updated (2026-04-02) for maintainer re-review. Only a repo collaborator can re-request reviewers or approve fork workflows on the upstream PR checks UI. +**Merged:** [ethereum-lists/chains#8124](https://github.com/ethereum-lists/chains/pull/8124) ([cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80)) updates public RPCs (d-bis.org + legacy defi-oracle.io mirrors), `networkId: 138`, explorer `https://explorer.d-bis.org` (EIP3091), `infoURL` `https://d-bis.org`, and features EIP2718 / EIP2930. For future edits, fork chains, diff against upstream `eip155-138.json`, and open a follow-up PR per [CONTRIBUTING.md](https://github.com/ethereum-lists/chains/blob/master/CONTRIBUTING.md). --- @@ -134,7 +134,7 @@ Most on-ramp/off-ramp providers do not accept public PRs to “add a chain”; t |------|--------| | **Ledger** | Wait for response; then use LedgerHQ repos + bis-innovations/LedgerLive as instructed | | **Trust Wallet** | Open PR to [trustwallet/wallet-core](https://github.com/trustwallet/wallet-core) with registry + codegen + tests | -| **Chainlist** | If 138 missing or outdated, open PR to [ethereum-lists/chains](https://github.com/ethereum-lists/chains) with `eip155-138.json` | +| **Chainlist** | Chain 138 is listed; to change metadata, open PR to [ethereum-lists/chains](https://github.com/ethereum-lists/chains) updating `_data/chains/eip155-138.json` (mirror from this repo’s `pr-ready` / `pr-workspace` copy after editing) | | **Consensys** | Use [CONSENSYS_OUTREACH_PACKAGE](../../metamask-integration/docs/CONSENSYS_OUTREACH_PACKAGE.md); await response | | **Price Feed (MetaMask/wallets)** | See [PRICE_FEED_CHAIN138_METAMASK_AND_WALLETS.md](../04-configuration/PRICE_FEED_CHAIN138_METAMASK_AND_WALLETS.md); CoinGecko, CMC, Consensys | | **CoinGecko/CMC** | Export from report API; submit via platform forms per runbook | diff --git a/docs/00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md b/docs/00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md index 15cb8f1e..9d0de15a 100644 --- a/docs/00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md +++ b/docs/00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md @@ -1,30 +1,41 @@ # Required Fixes, Gaps, and Additional Deployments — Master List -> Historical note (2026-03-26): this master list contains older PMM verification snapshots. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-03-26): this master list contains older PMM verification snapshots. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. -**Last Updated:** 2026-03-04 +**Last Updated:** 2026-04-04 **Purpose:** Single consolidated list of all required fixes, gaps, and additional deployments. Sources: REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS, REMAINING_SUMMARY, TOKEN_CONTRACT_DEPLOYMENTS_REMAINING, PRE_DEPLOYMENT_CHECKLIST, RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY, DETAILED_GAPS_AND_ISSUES_LIST, GAPS_STATUS, WHATS_LEFT_OPERATOR_AND_EXTERNAL, and token-aggregation build. +**Current snapshot (living):** For day-to-day backlog and P1 IDs, prefer [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md). For integration closure notes (G1–G6), see [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). This file remains the long-form deployment/gap catalog. Mainnet `138 cUSDC -> cWUSDC` and `138 cUSDT -> cWUSDT` are no longer architectural blockers: the live route now uses relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` and Mainnet cW bridge `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5`, with canary delivery proven on 2026-04-04. Treat that as **canary-proven / operator-verified**, not yet “bulk-send-ready,” until pre-scale verification of the live sender bridge config is scripted and repeatable. + --- -## Verified (LAN/Operator) — 2026-03-03 +## Verified (LAN/Operator) — baseline (re-run after env change) -Commands run from repo root on operator/LAN host. Use as baseline; re-run when env or network changes. +Commands run from repo root on operator/LAN host. Historical results below; **re-verify** before deploys. -| Check | Command | Result | -|-------|---------|--------| -| Preflight | `./scripts/deployment/preflight-chain138-deploy.sh` | **PASSED** — dotenv, RPC_URL_138, PRIVATE_KEY, nonce consistent, Core RPC chainId 138. | -| Core RPC (2101) | `curl -s -o /dev/null -w "%{http_code}" http://192.168.11.211:8545` | **200/201** — reachable. | -| Deployer balance | `RPC_URL_138=http://192.168.11.211:8545 ./scripts/deployment/check-deployer-balance-chain138-and-funding-plan.sh` | **OK** — native ETH sufficient; WETH/cUSDT/cUSDC = 0 (add liquidity blocked until tokens funded). | -| On-chain contracts | `./scripts/verify/check-contracts-on-chain-138.sh http://192.168.11.211:8545` | **61 present, 0 missing** (expanded list; verified live 2026-03-30; run check-contracts-on-chain-138.sh). | +| Check | Command | Result (last recorded) | +|-------|---------|------------------------| +| Preflight | `./scripts/deployment/preflight-chain138-deploy.sh` | **PASSED** (2026-03-06) — dotenv, RPC_URL_138, PRIVATE_KEY, nonce, chainId 138. | +| Core RPC (2101) | `curl -s -o /dev/null -w "%{http_code}" http://192.168.11.211:8545` | **200/201** when reachable. | +| Deployer balance | `RPC_URL_138=http://192.168.11.211:8545 ./scripts/deployment/check-deployer-balance-chain138-and-funding-plan.sh` | **OK** native ETH; token balances vary with mint/liquidity (re-run before ops). | +| On-chain contracts | `./scripts/verify/check-contracts-on-chain-138.sh http://192.168.11.211:8545` | **Target 67/67** with `config/smart-contracts-master.json` (includes ISO20022Router, canonical/legacy CCIP, and the cross-chain flash trio; verified 2026-04-03). | | Clear tx pool script | `test -f scripts/clear-all-transaction-pools.sh` | **exists** | | Maintenance scripts | `make-rpc-vmids-writable-via-ssh.sh`, `health-check-rpc-2101.sh` | **exist** | | Test-all-contracts script | `test -f scripts/deployment/test-all-contracts-before-deploy.sh` | **exists** | -| Token-aggregation build | `cd smom-dbis-138/services/token-aggregation && npm run build` | **PASSES** (fixed 2026-03-03: token-mapping, bridge route, cross-chain-bridges config, indexer types). See §1.3 for historical ref. | -| Token-aggregation /health | `curl -s -o /dev/null -w "%{http_code}" http://192.168.11.140:3001/health` (or localhost:3001) | **200** — service running and healthy at tested endpoint. | -| DODOPMMIntegration token addresses (2026-03-04) | `eth_call` to `compliantUSDT()` / `compliantUSDC()` at `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | **PASSED** — returns canonical cUSDT/cUSDC; Explorer, mint script, and PMM aligned. See [EXPLORER_TOKEN_LIST_CROSSCHECK](../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md) §8. | +| Token-aggregation build | `cd smom-dbis-138/services/token-aggregation && npm run build` | **PASSES** (see §1.3 for historical fixes). | +| Token-aggregation /health | `curl …` to deployed service | Endpoint-dependent; create DB + migrations if `/health` reports DB missing. | +| DODOPMMIntegration token addresses | `compliantUSDT()` / `compliantUSDC()` at **`0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`** (canonical) | **PASSED** when RPC reachable — cUSDT/cUSDC per [EXPLORER_TOKEN_LIST_CROSSCHECK](../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md) §8; legacy integration `0x5BDc62f1…` is historical only. | +| PMM Pool 1 liquidity | mint + add-liquidity runbook | **Done 2026-03-06** — 1M mint, 500k add each side; Pool 1 at 2M/2M (see [TODOS_CONSOLIDATED](TODOS_CONSOLIDATED.md) V2). | -**Remaining to complete (verified 2026-03-06; on-chain count updated 2026-03-30):** Add liquidity to PMM pools once deployer has cUSDT/cUSDC (or mint); Celo/Wemix CCIP bridges; LINK relay runbook. **Done:** E2E 502s fixed 2026-03-06; operator run + Blockscout verify run 2026-03-06. **Live target:** `check-contracts-on-chain-138.sh` → **64/64** (ISO20022Router + canonical/legacy CCIP pair; `config/smart-contracts-master.json`). **Pending:** external (Ledger, Trust, CoinGecko/CMC, on-ramps). See §4–5 and [TODOS_CONSOLIDATED](TODOS_CONSOLIDATED.md), [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md), [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). +**Remaining (operator / cross-chain / external — not exhaustive):** Cronos CCIP closure + **LINK** funding; **Wemix** deferred; Mainnet relay **LINK** runbook; Phase **C/D** cW* and edge pools; **external** (Ledger, Trust, CoinGecko/CMC, on-ramps). **Done:** E2E 502s fixed 2026-03-06; public/private E2E re-verify 2026-03-29 (**Failed: 0**). **x402 on 138:** use **cUSDT V2 / cUSDC V2** (permit / ERC-3009); see [CHAIN138_X402_TOKEN_SUPPORT.md](../04-configuration/CHAIN138_X402_TOKEN_SUPPORT.md). See §3–§5, [TODOS_CONSOLIDATED](TODOS_CONSOLIDATED.md), [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). + +### Updated next steps after the 2026-04-04 Mainnet cW canaries + +- **Keep Mainnet `cUSDC -> cWUSDC` and `cUSDT -> cWUSDT` in canary mode for now:** the route is live, but the next operational step is scale-readiness, not architecture. +- **Use `./scripts/deployment/run-cw-remaining-steps.sh --verify` before each operator pass:** it now checks every configured `cW*` token role assignment, including `cWUSDC`, instead of only `cWUSDT`. +- **Before any large send, re-run a tiny canary for both stables and verify destination processing on Mainnet:** source receipt on `CW_L1_BRIDGE_CHAIN138`, destination `processed(messageId)=true` on `CW_BRIDGE_MAINNET`, and recipient balance increase. +- **Publish a live config/ABI verification path for `CW_L1_BRIDGE_CHAIN138` before bulk scale-up:** the deployed sender executes the canary path successfully, but some hard-peg getters expected by the current docs/scripts still do not answer on the live address, so large transfers should stay blocked behind a repeatable verification check. +- **Scale in tranches, not a single bulk jump:** do not treat one successful canary as approval for an immediate `8,888,888`-unit send. --- @@ -91,16 +102,16 @@ Commands run from repo root on operator/LAN host. Use as baseline; re-run when e ### 3.1 Chain 138 — already done (for reference) -- TransactionMirror, DODOPMMIntegration, three PMM pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC), DODOPMMProvider, CompliantFiatTokens (10 tokens). On-chain verification: **64/64** (check-contracts-on-chain-138.sh; includes ISO20022Router). See [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS](../03-deployment/REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md). +- TransactionMirror, DODOPMMIntegration, three PMM pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC), DODOPMMProvider, CompliantFiatTokens (10 tokens), and the cross-chain flash trio. On-chain verification: **67/67** (check-contracts-on-chain-138.sh; includes ISO20022Router and the live flash contracts). See [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS](../03-deployment/REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md). ### 3.2 Chain 138 — remaining (optional / follow-on) | Item | Status | Script / notes | |------|--------|----------------| -| **EnhancedSwapRouter** | Not deployed | Deploy when Uniswap/Balancer pools exist on 138; set quoter/poolId. | +| **EnhancedSwapRouterV2 + pilot venue layer** | Live | `EnhancedSwapRouterV2` is deployed, `Uniswap_v3` / `Balancer` / `Curve_3` / `1inch` pilot-compatible venues are funded, and public planner visibility is live. Verify with `bash scripts/verify/check-chain138-pilot-dex-venues.sh`. | | **Add liquidity to PMM pools** | Pending | Use [ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK](../03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md); set ADD_LIQUIDITY_* in .env; approve and addLiquidity per pool. | | **Optional cCADT** | Not deployed | Add to DeployCompliantFiatTokens.s.sol if Tether-style CAD needed. | -| **cAUSDT** | Not deployed | No script in repo; deploy when Alltra compliant USD token is defined. | +| **cAUSDT** | Live | Deployed on Chain 138 via `DeployCAUSDT.s.sol`; public `cWAUSDT` transport mirrors are bridge-wired on BSC, Polygon, Avalanche, and Celo. | | **Vault ac* / vdc* / sdc*** | After base tokens | DeployAcVdcSdcVaults; extend for each new base token. | ### 3.3 Token deployments — remaining (by category) @@ -109,7 +120,7 @@ Commands run from repo root on operator/LAN host. Use as baseline; re-run when e |----------|----------|------|-----| | **Canonical 138 (extra)** | 138 | cEURC, cEURT, cGBP*, cAUD*, cJPY*, cCHF*, cCADC, cXAU* — **Done** via DeployCompliantFiatTokens. Optional: cCADT. | [TOKEN_CONTRACT_DEPLOYMENTS_REMAINING](../11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md) | | **ALL Mainnet (Alltra)** | 651940 | ACADT (and optionally ACADC) — no script in repo; TBD when Alltra adds CAD. | Same. | -| **Compliant Wrapped (cW*)** | 1, 56, 137, 10, 42161, 8453, 43114, etc. | Deploy or bridge cW* per chain; create/fund PMM edge pools per pool-matrix. | Same; [LIQUIDITY_POOLS_MASTER_MAP](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md). | +| **Compliant Wrapped (cW*)** | 1, 25, 56, 100, 137, 10, 42161, 8453, 43114 | Token deployment is complete across the tracked public EVM mesh; remaining work is bridge/receiver promotion and create/fund PMM edge pools per pool-matrix. | Same; [LIQUIDITY_POOLS_MASTER_MAP](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md). | | **D-WIN W on 138 / 651940** | 138, 651940 | Optional; extend DeployISO4217WSystem if desired. | Same. | ### 3.4 Cross-chain / CCIP / bridge @@ -117,9 +128,10 @@ Commands run from repo root on operator/LAN host. Use as baseline; re-run when e | Item | Status | Action | |------|--------|--------| | **Gnosis CCIP bridges** | Deployed (2026-03-04) | WETH9 `0x4ab39b5BaB7b463435209A9039bd40Cf241F5a82`, WETH10 `0xC15ACdBAC59B3C7Cb4Ea4B3D58334A4b143B4b44`; .env updated. Run complete-config when Chain 138 RPC confirms txs. | -| **Celo, Wemix CCIP** | Pending | Fund deployer (CELO ~0.1, WEMIX ~0.4); run `deploy-bridges-config-ready-chains.sh [celo|wemix]`, then `complete-config-ready-chains.sh`; fund LINK. [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md). | +| **Celo, Wemix CCIP** | Partial | `Celo` bridge/cW surfaces are now loaded; remaining work is transport/funding polish there plus full `Wemix` completion. For `Wemix`, fund deployer (WEMIX ~0.4), run `deploy-bridges-config-ready-chains.sh wemix`, then `complete-config-ready-chains.sh`; fund LINK. [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md). | | **LINK support on Mainnet relay** | Pending | [RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK](../07-ccip/RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md). | | **Fund CCIP bridges with LINK** | Pending | Run `./scripts/deployment/fund-ccip-bridges-with-link.sh` (after dry-run check). | +| **Mainnet WETH9 public fan-out** | Blocked (2026-04-04) | The current Mainnet source bridge `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` failed on tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07`. Trace shows the revert occurs inside Mainnet router `0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D` before any bridge event is emitted. Read-only `calculateFee()` preflights also currently revert for the tracked selectors `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base`. Treat Mainnet public fan-out as blocked until that source bridge/router path is repaired or a replacement Mainnet bridge is promoted. | | **AlltraAdapter setBridgeFee** | After deploy | Call `setBridgeFee(uint256)`; set `ALLTRA_BRIDGE_FEE`, `ALLTRA_ADAPTER_CHAIN138` in .env. | ### 3.5 Mainnet / L2 dry-run and deploy @@ -138,7 +150,7 @@ Commands run from repo root on operator/LAN host. Use as baseline; re-run when e | 3 | Blockscout verify, 502 fix, NPMplus backup, optional deploy | `./scripts/run-all-operator-tasks-from-lan.sh [--deploy]` · [OPERATOR_READY_CHECKLIST](OPERATOR_READY_CHECKLIST.md) | | 4 | E2E 502 fix | `./scripts/maintenance/address-all-remaining-502s.sh [--run-besu-fix] [--e2e]` · 502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES | | 5 | Token-aggregation DB + migrations + restart | Create DB if needed; run migrations; restart service. [TOKEN_AGGREGATION_REPORT_API_RUNBOOK](../04-configuration/TOKEN_AGGREGATION_REPORT_API_RUNBOOK.md) | -| 6 | Explorer Wallet link (navbar) | [EXPLORER_WALLET_LINK_QUICK_WIN](../04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md) — run on explorer VM | +| 6 | Explorer Wallet link (navbar) | **Next frontend (repo):** `explorer-monorepo/frontend` navbar includes **Wallet** (`/wallet`) as a top-level item and under **Tools** — deploy the built app to the explorer host. **Legacy Blockscout-only** hosts: [EXPLORER_WALLET_LINK_QUICK_WIN](../04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md). | | 7 | Apply nginx + explorer config on VMID 5000 | `./scripts/apply-remaining-operator-fixes.sh` (if not already done) | **Credentials:** [OPERATOR_CREDENTIALS_CHECKLIST](OPERATOR_CREDENTIALS_CHECKLIST.md). diff --git a/docs/00-meta/STEPS_FROM_PROXMOX_OR_LAN_WITH_SECRETS.md b/docs/00-meta/STEPS_FROM_PROXMOX_OR_LAN_WITH_SECRETS.md index b5e0ee78..7d952b3e 100644 --- a/docs/00-meta/STEPS_FROM_PROXMOX_OR_LAN_WITH_SECRETS.md +++ b/docs/00-meta/STEPS_FROM_PROXMOX_OR_LAN_WITH_SECRETS.md @@ -1,13 +1,13 @@ # Steps You Can Do From Proxmox / LAN With Secrets -**Last Updated:** 2026-02-14 +**Last Updated:** 2026-04-06 **Purpose:** When you have SSH to the Proxmox host (or any host on the same LAN as 192.168.11.x) and access to `.env` files (PRIVATE_KEY, NPM_PASSWORD, RPC URLs, etc.), you can run many more tasks than the "from anywhere" set. This document lists all of them. **From anywhere (no LAN/creds):** See [run-completable-tasks-from-anywhere.sh](../../scripts/run-completable-tasks-from-anywhere.sh) — config validation, on-chain check (SKIP_EXIT=1 if RPC unreachable), run-all-validation --skip-genesis, reconcile-env. **Single script (LAN + secrets):** [run-all-operator-tasks-from-lan.sh](../../scripts/run-all-operator-tasks-from-lan.sh) — **always loads dotenv** from repo `.env` and `smom-dbis-138/.env` (NPM_PASSWORD, PRIVATE_KEY, RPC, etc.). Optional phases: backup, contract verify, contract deploy, VM/container creation. Use `--dry-run` to print steps. -**Full remaining checklist wrapper:** [run-full-operator-completion-from-lan.sh](../../scripts/run-full-operator-completion-from-lan.sh) — starts with the token-aggregation `/api/v1` repair, then Wave 0, verification, E2E, optional config-ready chains, optional Chain 138 next steps, optional real `sendCrossChain`, and local hardening/cron steps. Use `--dry-run` first. +**Full remaining checklist wrapper:** [run-full-operator-completion-from-lan.sh](../../scripts/run-full-operator-completion-from-lan.sh) — starts with the token-aggregation `/api/v1` repair, then Wave 0, verification, E2E, a **non-fatal** public **info.defi-oracle.io** check (`check-info-defi-oracle-public.sh`), optional config-ready chains, optional Chain 138 next steps, optional real `sendCrossChain`, and local hardening/cron steps. Use `--skip-info-public` when the runner has no outbound HTTPS to the public hostname. Use `--dry-run` first. --- @@ -33,7 +33,7 @@ Requires: Host that can reach Blockscout (explorer.d-bis.org or LAN IP). Load `s |------|------------------|--------| | Verify all (proxy) | `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh` | Submits source to Blockscout via proxy (starts proxy automatically). | | Verify one contract | `./scripts/verify/run-contract-verification-with-proxy.sh --only ContractName` | Retry single contract. | -| On-chain check | `./scripts/verify/check-contracts-on-chain-138.sh` (uses `RPC_URL_138`) or `.../check-contracts-on-chain-138.sh $RPC_URL_138` | Confirms 36 addresses exist; no Blockscout needed. | +| On-chain check | `./scripts/verify/check-contracts-on-chain-138.sh` (uses `RPC_URL_138`) or `.../check-contracts-on-chain-138.sh $RPC_URL_138` | Confirms the current canonical Chain 138 inventory exists on-chain; current operator target is **67/67**. No Blockscout needed. | --- @@ -86,6 +86,20 @@ Requires: SSH to Proxmox host (e.g. `root@192.168.11.10` or r630-01/r630-02). Se --- +## 6b. Chain 138 info.defi-oracle.io (public hub) + +Requires: Outbound HTTPS to the public hostname (or set `INFO_SITE_BASE` to a reachable staging URL). + +| Step | Command / action | Notes | +|------|------------------|--------| +| Verify SPA + token-aggregation | `pnpm run verify:info-defi-oracle-public` or `bash scripts/verify/check-info-defi-oracle-public.sh` | Same-origin `/token-aggregation/api/v1/networks` must return JSON. | +| Deploy / refresh | `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` | Target **VMID 2410** (`IP_INFO_DEFI_ORACLE_WEB`); then `update-npmplus-proxy-hosts-api.sh`. | +| Completion summary (opt-in) | `INCLUDE_INFO_DEFI_PUBLIC_VERIFY=1 bash scripts/verify/check-completion-status.sh` | Adds the info check to the public API section; default completion run skips it. | + +Runbook: [INFO_DEFI_ORACLE_IO_DEPLOYMENT.md](../04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md). + +--- + ## 7. Security and maintenance (from LAN) | Step | Command / action | Notes | diff --git a/docs/00-meta/STILL_NOT_DONE_EXECUTION_CHECKLIST.md b/docs/00-meta/STILL_NOT_DONE_EXECUTION_CHECKLIST.md index 632456f9..d2bf56e1 100644 --- a/docs/00-meta/STILL_NOT_DONE_EXECUTION_CHECKLIST.md +++ b/docs/00-meta/STILL_NOT_DONE_EXECUTION_CHECKLIST.md @@ -2,7 +2,7 @@ **Purpose:** Single checklist of every remaining item that could not be completed from repo-only (no LAN, no secrets, no external access). Use this when you have **LAN**, **credentials**, or **external accounts** to complete them. -**Current state (2026-03-29):** the public explorer `/api/v1/report/*` endpoints are healthy again, and the public E2E profile passed with `Failed: 0`. **Submodule gate:** `scripts/verify/submodules-clean.sh` still exits **1** (dirty `dbis_core/`, `smom-dbis-138/`) — track as [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md) **P1-F08** / **R1**. What remains here is the true remainder: on-chain actions, external submissions, operator security hardening, deferred dbis_core TypeScript cleanup, and ongoing maintenance. +**Current state (2026-04-01):** the public explorer `/api/v1/report/*` endpoints are healthy again, and the public E2E profile passed with `Failed: 0` (2026-03-29 evidence paths in [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md)). **Submodule gate:** `scripts/verify/submodules-clean.sh` exits **1** if **any** submodule path from `.gitmodules` has a dirty tree (as of 2026-04-01 that included at least `cross-chain-pmm-lps/`, `dbis_core/`, `explorer-monorepo/`, `gru-docs/`, `miracles_in_motion/`, `smom-dbis-138/`) — track as [TODOS_CONSOLIDATED.md](TODOS_CONSOLIDATED.md) **P1-F08**. What remains here is the true remainder: on-chain actions, external submissions, operator security hardening, deferred dbis_core TypeScript cleanup, and ongoing maintenance. **Source:** [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md), [OPERATOR_READY_CHECKLIST.md](OPERATOR_READY_CHECKLIST.md), [OPERATOR_AND_EXTERNAL_COMPLETION_CHECKLIST.md](OPERATOR_AND_EXTERNAL_COMPLETION_CHECKLIST.md). diff --git a/docs/00-meta/TASKS_ROUTING_SWAP_CROSSCHAIN.md b/docs/00-meta/TASKS_ROUTING_SWAP_CROSSCHAIN.md index 978736d1..1b807950 100644 --- a/docs/00-meta/TASKS_ROUTING_SWAP_CROSSCHAIN.md +++ b/docs/00-meta/TASKS_ROUTING_SWAP_CROSSCHAIN.md @@ -18,7 +18,7 @@ | **Bridge quote API** | Partial | `POST /api/bridge/quote` — sourceSwapQuote / destinationSwapQuote when configured. | | **Swap–bridge–swap** | Partial | QuoteService exists; SwapBridgeSwapCoordinator deployable; destination DEX/aggregator not wired per chain. | | **cW* edge pools** | ❌ | cW* token addresses and bridge availability exist on active chains, but PMM pool arrays are still empty; no public-chain cW* edge pools are live yet. | -| **N-hop / multi-provider** | ❌ | Single-hop only; EnhancedSwapRouter not deployed. | +| **N-hop / multi-provider** | ✅ Partial | `EnhancedSwapRouterV2` plus funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are live on Chain 138; public planner resolves the canonical `WETH -> USDT` lane. Broader N-hop expansion remains optional future work. | --- @@ -36,7 +36,7 @@ | # | Task | Notes | |---|------|--------| -| A4 | Deploy EnhancedSwapRouter on 138 | Only after Uniswap/Balancer pools exist on 138; configure quoter/poolId. | +| A4 | Keep router-v2 and the pilot venue layer verified on 138 | ✅ Live. Use `bash scripts/verify/check-chain138-pilot-dex-venues.sh` after venue funding, planner, or publication changes. | | A5 | N-hop quote/pathfinding in token-aggregation | Today single-hop only; add graph A→B→C if needed. | --- diff --git a/docs/00-meta/TASKS_TO_INCREASE_ALL_E2E_FLOWS.md b/docs/00-meta/TASKS_TO_INCREASE_ALL_E2E_FLOWS.md index 69f55ff3..f1777cf6 100644 --- a/docs/00-meta/TASKS_TO_INCREASE_ALL_E2E_FLOWS.md +++ b/docs/00-meta/TASKS_TO_INCREASE_ALL_E2E_FLOWS.md @@ -30,7 +30,7 @@ | A4 | Add liquidity to all three PMM pools | Op | `AddLiquidityPMMPoolsChain138.s.sol` with `ADD_LIQUIDITY_BASE_AMOUNT`, `ADD_LIQUIDITY_QUOTE_AMOUNT`; or `run-pmm-full-parity-all-phases.sh` with amounts set. | | A5 | Ensure token-aggregation indexes DODO on 138 | Op/Code | Set `CHAIN_138_DODO_PMM_INTEGRATION` in env; run indexer so `GET /api/v1/quote` returns DODO quotes. | | A6 | Expose token-aggregation API for dApps/Snap | Op | Proxy `/api/v1/*` (e.g. from explorer.d-bis.org) to token-aggregation service; or set `GATSBY_SNAP_API_BASE_URL`. | -| A7 | (Optional) Deploy EnhancedSwapRouter on 138 | Op/Def | Only after Uniswap/Balancer pools exist on 138; configure quoter and pool IDs. | +| A7 | (Optional) Keep router-v2 + pilot venue layer verified on 138 | Op/Def | ✅ Live. Use `bash scripts/verify/check-chain138-pilot-dex-venues.sh` to prove the funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are still publicly routable. | | A8 | (Optional) Add N-hop quote/pathfinding | Code | Token-aggregation today is single-hop only; add graph-based A→B→C pathfinding if needed. | --- diff --git a/docs/00-meta/TASK_CHECK_REPORT.md b/docs/00-meta/TASK_CHECK_REPORT.md index a6de56c7..5a3fa8d3 100644 --- a/docs/00-meta/TASK_CHECK_REPORT.md +++ b/docs/00-meta/TASK_CHECK_REPORT.md @@ -1,17 +1,17 @@ # Task Check Report — Remaining Tasks Verified Before Completion -> Historical note (2026-03-26): this report preserves an earlier PMM status snapshot. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-05): canonical stable PMM on Chain 138 is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Older integrations (`0x5BDc62f1…`, transcript-era addresses) are supplemental or historical only — see [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md). -**Date:** 2026-03-02 +**Date:** 2026-04-03 **Purpose:** For each remaining task, verify current state before marking complete or executing. Use this report to decide what still needs to be run by Operator/LAN vs what is already satisfied. --- -## Checks run (2026-03-02) +## Checks run (current baseline) | Check | Result | |-------|--------| -| **run-completable-tasks-from-anywhere.sh** | Passed — config OK, **64/64** on-chain (Chain 138; current script list), validation OK, reconcile-env printed | +| **run-completable-tasks-from-anywhere.sh** | Passed — config OK, **67/67** on-chain (Chain 138; current canonical script list), validation OK, reconcile-env printed | | **preflight-chain138-deploy.sh** | Passed — dotenv exists, RPC Core (chainId 138), nonce consistent, no stuck txs | --- @@ -23,7 +23,7 @@ | Item | Status | Notes | |------|--------|-------| | Phase 0 (prereqs) | Satisfied | Preflight passed; .env and RPC OK | -| Phase 1 (Chain 138 core) | Done | **64/64** contracts present | +| Phase 1 (Chain 138 core) | Done | **67/67** contracts present on the current canonical inventory | | Phase 2 (TransactionMirror + PMM pools) | Done | Mirror deployed; all three pools created (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC) | | Phase 3 (Liquidity + DODOPMMProvider) | Partially done | DODOPMMProvider deployed at `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`; corrected canonical stack aligned. **Remaining:** add liquidity (optional per doc) via `AddLiquidityPMMPoolsChain138.s.sol` or cast | | Phase 4–6 | Not run | Optional / other chains; Operator | diff --git a/docs/00-meta/TODOS_CONSOLIDATED.md b/docs/00-meta/TODOS_CONSOLIDATED.md index 06da7775..6db05442 100644 --- a/docs/00-meta/TODOS_CONSOLIDATED.md +++ b/docs/00-meta/TODOS_CONSOLIDATED.md @@ -1,10 +1,10 @@ # TODOs — Consolidated Task List -**Last Updated:** 2026-03-30 -**Current on-chain target (check-contracts-on-chain-138.sh):** **64/64** — **ISO20022Router** + canonical/legacy **CCIP** router and WETH9 bridge; list in `config/smart-contracts-master.json`. Re-verify from LAN — [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). Historical counts in [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). Older paragraphs that say **59/59** record **that day’s** script list. +**Last Updated:** 2026-04-05 (P1-CC: CC03/CC05/CC06/CC10 done in-repo; PMM canonical doc sweep) +**Current on-chain target (check-contracts-on-chain-138.sh):** **67/67** — `config/smart-contracts-master.json` now covers the current canonical Chain 138 set, including **ISO20022Router**, canonical/legacy **CCIP** router and WETH9 bridge slots, and the deployed **cross-chain flash trio**. Re-verify from LAN — [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md). Historical counts in [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md). Older paragraphs that say **59/59** or **64/64** record **that day’s** script list. -**Last verification run (read newest bullets first):** **2026-03-29 (operator / LAN):** `validate-config-files.sh` ✅, `check-contracts-on-chain-138.sh` ✅ **61/61** (before ISO router row), `verify-end-to-end-routing.sh --profile=public` ✅ **Failed: 0** (44 domains; evidence `docs/04-configuration/verification-evidence/e2e-verification-20260329_235044/`), `--profile=private` ✅ **Failed: 0** (`.../e2e-verification-20260329_235128/`). `submodules-clean.sh` ❌ **exit 1** — dirty **`dbis_core/`**, **`smom-dbis-138/`** (see **P1-F08** / **R1**). **2026-03-30 (repo / no deploy):** `run-completable-tasks-from-anywhere.sh` ✅, `dbis_core` `pnpm test:iru-marketplace` ✅, doc alignment **59→61** (see **P1-F07**; log file [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md)). **2026-03-28:** operator `--skip-backup` ✅ (NPMplus 40 hosts, Blockscout batch). **2026-03-06:** validate-config ✅, PMM Pool 1 **2M/2M**, preflight ✅, token-aggregation build ✅, public E2E **37** domains **Failed: 0** (smaller inventory than today’s **44**-domain public profile). **Mint + add-liquidity** 2026-03-06: 1M each minted, 500k each added. **Next-steps check:** [NEXT_STEPS_LIST.md](NEXT_STEPS_LIST.md); B.1/B.2/B.3 partially blocked (WEMIX tabled; LINK relay runbook pending). -**Purpose:** Single checklist of all next steps and remaining tasks. **Indonesia / HYBX-BATCH-001 zip (4.995 ship-ready):** [HYBX-BATCH-001 — transaction package ship-ready](#hybx-batch-001--transaction-package-ship-ready-4995) below. **Full execution order (multiple routes + liquidity):** [EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md](EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md). **Additional paths (registry, LiFi/Jumper, Etherlink, 13×13):** [ADDITIONAL_PATHS_AND_EXTENSIONS.md](../04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md). **Dotenv/markdown audit (required info, gaps, recommendations):** [DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md](DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md). **Full narrative checklist:** [NEXT_STEPS_AND_REMAINING_TODOS.md](NEXT_STEPS_AND_REMAINING_TODOS.md). **Merged backlog IDs:** this file § **P1** (use P1 for status; NEXT_STEPS may lag until synced). **Token deployments remaining:** [TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md](../11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md). **Routing / swap / cross-chain:** [TASKS_ROUTING_SWAP_CROSSCHAIN.md](TASKS_ROUTING_SWAP_CROSSCHAIN.md) (A1–A5, B1–B8, C1–C8, D1–D3, E1–E2). **Verified list (LAN/Operator):** [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md](REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md) — run bash/curl to confirm; on-chain count **64** from 2026-03-30 (ISO router + CCIP legacy pair + `smart-contracts-master.json`); older log rows record earlier counts. +**Last verification run (read newest bullets first):** **2026-04-03 (LAN / operator workspace):** `check-contracts-on-chain-138.sh` ✅ **67/67**, `validate-config-files.sh` ✅, `validate-explorer-chain138-inventory.sh` ✅. **2026-04-01 (LAN / operator workspace):** `run-completable-tasks-from-anywhere.sh` ✅ (then-current `64/64` script inventory, before flash-trio promotion). **2026-03-29 (operator / LAN):** `verify-end-to-end-routing.sh --profile=public` ✅ **Failed: 0** (44 domains; evidence `docs/04-configuration/verification-evidence/e2e-verification-20260329_235044/`), `--profile=private` ✅ **Failed: 0** (`.../e2e-verification-20260329_235128/`). `submodules-clean.sh` ❌ **exit 1** — dirty submodules (see **P1-F08**): e.g. **`cross-chain-pmm-lps/`**, **`dbis_core/`**, **`explorer-monorepo/`**, **`gru-docs/`**, **`miracles_in_motion/`**, **`smom-dbis-138/`** (full list: `bash scripts/verify/submodules-clean.sh`). **2026-03-30:** doc alignment **61→64** + integration **G1–G6** (see **P1-F07**, [INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md](INTEGRATION_GAPS_AND_NEXT_STEPS_2026-03-30.md); log [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md)). **2026-03-28:** operator `--skip-backup` ✅ (NPMplus 40 hosts, Blockscout batch). **2026-03-06:** validate-config ✅, PMM Pool 1 **2M/2M**, preflight ✅, token-aggregation build ✅, public E2E **37** domains **Failed: 0** (smaller inventory than today’s **44**-domain public profile). **Mint + add-liquidity** 2026-03-06: 1M each minted, 500k each added. **Next-steps check:** [NEXT_STEPS_LIST.md](NEXT_STEPS_LIST.md); B.1/B.2/B.3 partially blocked (WEMIX tabled; LINK relay runbook pending). +**Purpose:** Single checklist of all next steps and remaining tasks. **Chain 138 topology / explorer UI:** [P1-CC — Topology map and Visual Command Center](#cc--topology-map-and-visual-command-center-2026-04-04) (deploy, verify, a11y, doc sync, architecture follow-ons). **Indonesia / HYBX-BATCH-001 zip (4.995 ship-ready):** [HYBX-BATCH-001 — transaction package ship-ready](#hybx-batch-001--transaction-package-ship-ready-4995) below. **Full execution order (multiple routes + liquidity):** [EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md](EXECUTION_CHECKLIST_MULTIPLE_ROUTES_AND_LIQUIDITY.md). **Additional paths (registry, LiFi/Jumper, Etherlink, 13×13):** [ADDITIONAL_PATHS_AND_EXTENSIONS.md](../04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md). **Dotenv/markdown audit (required info, gaps, recommendations):** [DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md](DOTENV_AND_MARKDOWN_AUDIT_GAPS_AND_RECOMMENDATIONS.md). **Full narrative checklist:** [NEXT_STEPS_AND_REMAINING_TODOS.md](NEXT_STEPS_AND_REMAINING_TODOS.md). **Merged backlog IDs:** this file § **P1** (use P1 for status; NEXT_STEPS may lag until synced). **Token deployments remaining:** [TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md](../11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md). **Routing / swap / cross-chain:** [TASKS_ROUTING_SWAP_CROSSCHAIN.md](TASKS_ROUTING_SWAP_CROSSCHAIN.md) (A1–A5, B1–B8, C1–C8, D1–D3, E1–E2). **Verified list (LAN/Operator):** [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md](REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md) — run bash/curl to confirm; current on-chain count is **67** as of 2026-04-03; older log rows record earlier counts. **Quick run:** From anywhere (no LAN): `./scripts/run-completable-tasks-from-anywhere.sh`. Before Chain 138 deploy: `./scripts/deployment/preflight-chain138-deploy.sh [--cost]`. **Chain 138 next steps (all in one):** `./scripts/deployment/run-all-next-steps-chain138.sh [--dry-run] [--skip-mirror] [--skip-register-gru] [--skip-verify]` — preflight → mirror+pool → register c* as GRU → verify. From LAN with secrets: `./scripts/run-all-operator-tasks-from-lan.sh [--deploy] [--create-vms]`. **E2E flows (full parallel):** `./scripts/run-e2e-flow-tasks-full-parallel.sh [--dry-run]` — [TASKS_TO_INCREASE_ALL_E2E_FLOWS](TASKS_TO_INCREASE_ALL_E2E_FLOWS.md). @@ -35,7 +35,7 @@ Single table for session-merged items (platform, chain, HYBX, external, docs). * | **P1-A05** | Confirm **VMID 130** (monitoring-1) **Proxmox node** | **Open** | `pct list` per node | | **P1-A06** | If DB has wrong **inquiry FK** to business `offeringId`, run **`dbis_core/scripts/sql/fix-iru-inquiry-offering-fk.sql`** + migrations | **Open** | Needs `DATABASE_URL` | | **P1-A07** | **Product:** unify **native** (VMs, IPs, hosting) vs **partner** (`IruOffering`) in one catalog UX, or keep split | **Open** | See `SANKOFA_MARKETPLACE_SURFACES.md` | -| **P1-A08** | Run **`scripts/verify/check-contracts-on-chain-138.sh`** with **`cast`** + reachable Core RPC | **Done** | Same as **P1-F05**; script uses `config/smart-contracts-master.json` when present. **64/64** verified LAN RPC 2026-03-30 (canonical + legacy CCIP + ISO router). | +| **P1-A08** | Run **`scripts/verify/check-contracts-on-chain-138.sh`** with **`cast`** + reachable Core RPC | **Done** | Same as **P1-F05**; script uses `config/smart-contracts-master.json` when present. **67/67** verified LAN RPC 2026-04-03 on the current canonical inventory. | ### B — Chain 138, CCIP, routing (see also tables above) @@ -65,7 +65,7 @@ Single table for session-merged items (platform, chain, HYBX, external, docs). * | ID | Task | Status | Notes | |----|------|--------|--------| -| **P1-E01** | Reconcile **`dbis_chain_138_technical_master_plan.md`** with `TODOS_CONSOLIDATED` / `REMAINING_DEPLOYMENTS` | **Partial** | **2026-03-30:** “Repo backlog alignment” stub added to master plan + this file / live log cross-linked; full section-by-section audit still **Open** | +| **P1-E01** | Reconcile **`dbis_chain_138_technical_master_plan.md`** with `TODOS_CONSOLIDATED` / `REMAINING_DEPLOYMENTS` | **Partial** | **2026-04-01:** **Index-level** map (plan sections → P1 IDs + runbooks) added under “Repo backlog alignment”; full section-by-section narrative audit still **Open** if you want line-by-line drift review | | **P1-E02** | Drive **`hybx_compliance_routing_sidecar_technical_plan.md`** / **`hybx_jurisdictional_cheat_sheets_technical_plan.md`** implementation tickets from repo | **Open** | **2026-03-30:** both plans now link **P1-E02**; engineering tickets / builds still **Open** | ### F — Repo-local verification (automation) @@ -76,14 +76,55 @@ Single table for session-merged items (platform, chain, HYBX, external, docs). * | **P1-F02** | **`bash scripts/validation/validate-config-files.sh`** | **Done** | 2026-03-30 | | **P1-F03** | **`cd dbis_core && pnpm test:iru-marketplace`** | **Done** | 2026-03-30 (10 tests) | | **P1-F04** | **`bash scripts/verify/run-p1-local-verification.sh`** | **Done** | Wrapper added 2026-03-30; optional `--with-iru-tests` | -| **P1-F05** | **`check-contracts-on-chain-138.sh`** against Core RPC | **Done** | After env-load fix; **64/64** 2026-03-30 with `smart-contracts-master.json` + legacy CCIP pair (was **61/61** 2026-03-29) | +| **P1-F05** | **`check-contracts-on-chain-138.sh`** against Core RPC | **Done** | After env-load fix; **67/67** 2026-04-03 with `smart-contracts-master.json` on the current canonical inventory (earlier milestones: **61/61** on 2026-03-29, **64/64** on 2026-03-30/04-01). | | **P1-F06** | **`verify-end-to-end-routing.sh`** `--profile=public` and `--profile=private` | **Done** | 2026-03-29; **Failed: 0**; evidence `e2e-verification-20260329_235044/` (public), `e2e-verification-20260329_235128/` (private) under `docs/04-configuration/verification-evidence/` | -| **P1-F07** | **Doc alignment:** on-chain count **61** across deployment runbooks, meta (`NEXT_STEPS_INDEX`, `GAPS_STATUS`, `DOCUMENTATION_CONSOLIDATION_PLAN`, etc.), dbis-rail, `reports/path_b_*` | **Done** | 2026-03-29–30; canonical log [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md) | -| **P1-F08** | **`submodules-clean.sh`** — clean working trees for **`dbis_core`**, **`smom-dbis-138`** | **Open** | Commit/push submodule work, stash, or adjust CI; required for reproducible `submodules-clean` / strict gates | +| **P1-F07** | **Doc alignment:** current on-chain count **67** across deployment runbooks, meta, dbis-rail, `reports/path_b_*`, and integration references | **Done** | 2026-04-03 current-facing sweep complete; canonical log remains [LIVE_VERIFICATION_LOG_2026-03-30.md](LIVE_VERIFICATION_LOG_2026-03-30.md) for the earlier 64-count milestone. | +| **P1-F08** | **`submodules-clean.sh`** — clean working trees for **every** path in `.gitmodules` | **Open** | Script lists all dirty submodules; common right now: `cross-chain-pmm-lps`, `dbis_core`, `explorer-monorepo`, `gru-docs`, `miracles_in_motion`, `smom-dbis-138`. Commit/push per submodule, stash, or stop tracking generated files (e.g. Forge `artifacts/` policy) as appropriate | + +### MM — Chain 138 public RPC, MetaMask, Chainlist (audit 2026-04-01) + +Checklist derived from public-RPC FQDN policy and MetaMask UX. **SSOT:** [RPC_ENDPOINTS_MASTER](../04-configuration/RPC_ENDPOINTS_MASTER.md). + +| ID | Task | Status | Notes | +|----|------|--------|-------| +| **P1-MM01** | **Docs:** LAN Core (`RPC_URL_138` IP:port) vs **public HTTPS FQDN** (`RPC_URL_138_PUBLIC`, wallets, browsers) | **Done** | `RPC_ENDPOINTS_MASTER.md`, `CONTRACT_ADDRESSES_REFERENCE.md`, `CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md`, `.env.master.example`, `config/xdc-zero/xdc-relayer.dotenv.example` | +| **P1-MM02** | **Ship-facing code:** `wallet_addEthereumChain` / `rpcUrls` / `VITE_RPC_URL_138` defaults use **HTTPS FQDN**, not `192.168.11.221` | **Done** | `metamask-integration/provider/chains.js`, `smom-dbis-138/services/token-aggregation/src/config/networks.ts`, `explorer-monorepo/.../AddToMetaMask.tsx`, `DUAL_CHAIN_NETWORKS.json` (explorer + metamask-integration), `smom-dbis-138/frontend-dapp/src/config/networks.ts`, `info-defi-oracle-138` defaults | +| **P1-MM03** | **Explorer SPA:** HTTPS page load uses **multi-FQDN** RPC fallback (same family as MM02) | **Done** | `explorer-monorepo/frontend/public/explorer-spa.js` — `RPC_URLS_HTTPS` list + `getRpcUrl` rotation | +| **P1-MM04** | **Operator runbooks** show FQDN for **internet-facing** curl / Blockscout / monitoring examples | **Done** | `OPERATIONAL_RUNBOOKS.md` (CCIP config row, maintenance #136, Blockscout RPC); `RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md` (preflight public override) | +| **P1-MM05** | **ethereum-lists/chains** — Chain 138 metadata aligned with **d-bis** RPCs + **explorer.d-bis.org** | **Done** | Merged upstream: [chains#8124](https://github.com/ethereum-lists/chains/pull/8124) / [cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80). Repo mirrors: `docs/04-configuration/pr-ready/eip155-138.json`, `pr-workspace/chains/_data/chains/eip155-138.json`. Live index: [chainid.network/chain/138](https://chainid.network/chain/138/) | +| **P1-MM06** | **MetaMask built-in / popular default list** inclusion for Chain 138 | **Open** | External product process (Consensys/MetaMask); not closable from repo alone | +| **P1-MM07** | **User expectation:** MetaMask shows **custom network** until MM06 | **Done** | Note in `RPC_ENDPOINTS_MASTER.md` (bullet under public/wallet rule) + link to MetaMask safety article | +| **P1-MM08** | **Verify** public RPC FQDNs after NPM/DNS/tunnel changes | **Open** | `bash scripts/verify/check-rpc-fqdns-e2e.sh`; `bash scripts/verify/verify-end-to-end-routing.sh --profile=public`. Trigger: after NPMplus or Cloudflare RPC rows (see `OPERATIONAL_RUNBOOKS.md` § “After NPMplus or DNS changes”). Optional: add explicit weekly row to `daily-weekly-checks.sh` / operator calendar | + +### CC — Topology map and Visual Command Center (2026-04-04) + +Merged backlog from architecture review: Mermaid source [SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md](../02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md); static UI `explorer-monorepo/frontend/public/chain138-command-center.html`; **More → Explore → Visual Command Center**; deploy asset in `deploy-frontend-to-vmid5000.sh` Step 4b; index [MASTER_INDEX.md](../MASTER_INDEX.md); E2E inventory row [E2E_ENDPOINTS_LIST.md](../04-configuration/E2E_ENDPOINTS_LIST.md). + +| ID | Task | Status | Notes | +|----|------|--------|--------| +| **P1-CC01** | **Deploy** explorer frontend so VMID 5000 has **`chain138-command-center.html`** + **`explorer-spa.js`** + **`index.html`** | **Open** | `explorer-monorepo/scripts/deploy-frontend-to-vmid5000.sh` from LAN/Proxmox context | +| **P1-CC02** | **Verify** command center is reachable (HTTP 200) | **Open** | `curl -sI https://explorer.d-bis.org/chain138-command-center.html` (or LAN URL) | +| **P1-CC03** | **Optional:** add **`/chain138-command-center.html`** to **`verify-end-to-end-routing.sh`** public profile (or small dedicated curl check) | **Done** | Covered under **explorer.d-bis.org** (Test 3c) in `verify-end-to-end-routing.sh`; [E2E_ENDPOINTS_LIST.md](../04-configuration/E2E_ENDPOINTS_LIST.md) | +| **P1-CC04** | **Mermaid CDN:** vendor **`mermaid.min.js`** into `frontend/public/` if CSP or air-gapped LAN forbids jsDelivr | **Partial** | **`explorer-monorepo/scripts/vendor-mermaid-for-command-center.sh`** + **`frontend/public/thirdparty/README.md`** + deploy Step 4b2 when file exists; operators still **switch** `chain138-command-center.html` `src` to `/thirdparty/mermaid.min.js` after vendoring | +| **P1-CC05** | **Accessibility:** tabs — keyboard navigation, **`aria-controls`**, panel **`id`** wiring | **Done** | `chain138-command-center.html`: `aria-controls` / `aria-labelledby`, roving `tabindex`, **`hidden`** on inactive panels, **Arrow/Home/End** on tablist | +| **P1-CC06** | **Deep links:** support **`?tab=`** or **`#panel`** for support/docs deep links | **Done** | `?tab=0`–`8` or slugs (`master`, `network`, …, `mission-control`); URL normalized via **`history.replaceState`** on tab change | +| **P1-CC07** | **Optional:** embed command center as **SPA view** (`/more/command-center`) inside **`explorer-spa.js`** to avoid full page load | **Open** | Larger change; keep static page until needed | +| **P1-CC08** | **Doc sync:** when editing **`SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md`**, update **`chain138-command-center.html`** Mermaid (or add a small generator script) | **Open** | Prevents diagram drift | +| **P1-CC09** | **Addresses:** keep topology pages **label-only**; do not duplicate **`config/smart-contracts-master.json`** in HTML | **N/A** | SSOT: **CONTRACT_ADDRESSES_REFERENCE**, **ADDRESS_MATRIX_AND_STATUS** | +| **P1-CC10** | **Align Cursor rule** **`.cursor/rules/chain138-tokens-and-pmm.mdc`** with **ADDRESS_MATRIX** canonical **DODOPMMIntegration** (**0x86ADA6…**) if still showing legacy integration | **Done** | Rule file documents **0x86ADA6…** + legacy **0x5BDc62f1…** (2026-04-05) | +| **P1-CC11** | **Wemix (1111) CCIP** completion | **Open** | See **P1-B04** (Deferred/tabled); when unblocked: **CONFIG_READY_CHAINS** runbooks, **0.4 WEMIX** funding | +| **P1-CC12** | **cW mesh / Phase C** public rollout and verification | **Open** | **P1-B07**; **PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK**; **`check-gru-v2-public-protocols.sh`**; **GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json** | +| **P1-CC13** | **Swap–bridge–swap:** deploy **SwapBridgeSwapCoordinator** + full E2E where **QuoteService** exists | **Open** | **C5** in [TASKS_ROUTING_SWAP_CROSSCHAIN.md](TASKS_ROUTING_SWAP_CROSSCHAIN.md); **PMM_DEX_ROUTING_STATUS.md** | +| **P1-CC14** | **Comms / docs:** keep **XDC Zero** and non-EVM adapters **separate** from CCIP spider narrative | **Open** | Runbooks: **CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK**; **CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION** | +| **P1-CC15** | **Living command center (optional):** green/amber/red **RPC or verify-script** badges (read-only JSON; **no secrets** in browser) | **Open** | e.g. consume **`check-contracts-on-chain-138.sh`** output via operator-published static JSON | +| **P1-CC16** | **Living command center (optional):** **click-through** from nodes to Blockscout **`/address/0x…`** via maintained **JSON sidecar** | **Open** | Manual mapping maintenance | +| **P1-CC17** | **Living command center (optional):** **3D / WebGL force graph** for demos | **Open** | Low priority vs Mermaid + tabs | +| **P1-CC18** | **Execution queue:** use this file + **[NEXT_STEPS_INDEX.md](NEXT_STEPS_INDEX.md)** + **[REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md](../03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md)** for work beyond topology UI | **Open** | Process hygiene | +| **P1-CC19** | **Spreadsheet-scale recommendations:** **[ADDITIONAL_RECOMMENDATIONS_TABLE.md](ADDITIONAL_RECOMMENDATIONS_TABLE.md)**, **[ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md)** | **Open** | For full 139+ item tables | ### P1 completion truth (2026-03-30) -**Completed:** **P1-F01–F07**, **P1-A08** (on-chain check), env-load fix for `check-contracts-on-chain-138.sh`, E2E re-verify (2026-03-29), and **61→64** documentation sweep (ISO router + CCIP canonical/legacy + `smart-contracts-master.json` 2026-03-30). **Partial:** **P1-E01** (stub alignment only). **Open:** **P1-F08** (submodule hygiene); **P1-E02** and all **P1-A/B/C/D** except **A08** until operators run Proxmox/DB/CCIP/external steps. +**Completed:** **P1-F01–F07**, **P1-A08** (on-chain check), env-load fix for `check-contracts-on-chain-138.sh`, E2E re-verify (2026-03-29), and **61→64** documentation sweep (ISO router + CCIP canonical/legacy + `smart-contracts-master.json` + integration G1–G6 / AddressMapper 2026-03-30). **2026-04-01:** **P1-MM01–MM04**, **P1-MM07** (public RPC FQDN + MetaMask narrative). **2026-04-02:** **P1-MM05** ([ethereum-lists/chains](https://github.com/ethereum-lists/chains) `eip155-138.json` merged). **Partial:** **P1-E01** (index-level map in technical master plan 2026-04-01). **Open:** **P1-F08** (all submodules in `.gitmodules`); **P1-MM06**, **P1-MM08** (MetaMask defaults, RPC FQDN re-verify cadence); **P1-E02** and all **P1-A/B/C/D** except **A08** until operators run Proxmox/DB/CCIP/external steps. **2026-04-04:** **P1-CC01–CC19** added (topology doc, explorer Visual Command Center deploy/verify/enhancements). **2026-04-05:** **P1-CC03**, **P1-CC05**, **P1-CC06**, **P1-CC10** **Done** in-repo (E2E command-center check, a11y + `?tab=`, Cursor rule + meta doc PMM canonical sweep); **P1-CC01–CC02**, **P1-CC04**, **P1-CC07+** remain **Open** until operator deploy / optional work. **Not completable from repo alone:** submodule commits (**P1-F08**), LAN deploys, CCIP/LINK funding, Ledger/Trust/CoinGecko, security audits, **dbis_core** TS cleanup at scale — see [STILL_NOT_DONE_EXECUTION_CHECKLIST.md](STILL_NOT_DONE_EXECUTION_CHECKLIST.md). @@ -138,7 +179,7 @@ Single table for session-merged items (platform, chain, HYBX, external, docs). * ## First (before any Chain 138 deploy) -Verified 2026-03-06: preflight ✅, 0a balance check ✅ (script runs; WETH/cUSDT/cUSDC = 0), config validation ✅, on-chain **59/59 that day** ✅. **Current bytecode check:** target **64/64** — `./scripts/verify/check-contracts-on-chain-138.sh http://192.168.11.211:8545`. Re-run 0a/0/0c before each deploy. +Verified 2026-03-06: preflight ✅, 0a balance check ✅ (script runs; WETH/cUSDT/cUSDC = 0), config validation ✅, on-chain **59/59 that day** ✅. **Current bytecode check:** target **67/67** — `./scripts/verify/check-contracts-on-chain-138.sh http://192.168.11.211:8545`. Re-run 0a/0/0c before each deploy. | # | Task | Owner | Ref | |---|------|--------|-----| @@ -175,7 +216,7 @@ Verified 2026-03-06: preflight ✅, 0a balance check ✅ (script runs; WETH/cUSD | **A1** | Same-chain swap | Add liquidity to PMM pools (cUSDT/cUSDC first) | ✅ Done 2026-03-06 (Pool 1: 2M/2M). Mint more + add: `mint-for-liquidity.sh --add-liquidity`. | | **A2** | Same-chain swap | Token-aggregation indexes DODO on 138 | Set CHAIN_138_DODO_PMM_INTEGRATION; GET /api/v1/quote returns DODO quotes. | | **A3** | Same-chain swap | Expose token-aggregation API for dApps/Snap | Proxy /api/v1/* or GATSBY_SNAP_API_BASE_URL. | -| **A4** | Same-chain (opt.) | Deploy EnhancedSwapRouter on 138 | After Uniswap/Balancer pools exist. | +| **A4** | Same-chain (opt.) | Keep router-v2 + pilot venue layer verified on 138 | ✅ Live. `EnhancedSwapRouterV2` plus pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are deployed, funded, and publicly routable; use `bash scripts/verify/check-chain138-pilot-dex-venues.sh`. | | **A5** | Same-chain (opt.) | N-hop quote/pathfinding in token-aggregation | Single-hop only today. | | **B1** | Cross-chain | Cronos (25): deploy CCIP bridges + complete-config | Fund ~15 CRO; deploy-bridges-config-ready-chains.sh cronos. | | **B2** | Cross-chain | Wemix (1111): deploy CCIP bridges + complete-config | Fund ~0.4 WEMIX; WEMIX_ACQUISITION_TABLED. | @@ -235,7 +276,7 @@ Verified 2026-03-06: preflight ✅, 0a balance check ✅ (script runs; WETH/cUSD | # | Task | Owner | Ref | |---|------|--------|-----| -| R1 | **Submodule clean trees:** `bash scripts/verify/submodules-clean.sh` → exit **0** before merge/CI that enforces clean submodules. Today: dirty **`dbis_core/`**, **`smom-dbis-138/`** (modified + untracked). | Dev | **P1-F08** above; [SUBMODULE_HYGIENE.md](SUBMODULE_HYGIENE.md) | +| R1 | **Submodule clean trees:** `bash scripts/verify/submodules-clean.sh` → exit **0** before merge/CI that enforces clean submodules. Checks **all** `.gitmodules` paths; 2026-04-01 sample dirty set: **`cross-chain-pmm-lps/`**, **`dbis_core/`**, **`explorer-monorepo/`**, **`gru-docs/`**, **`miracles_in_motion/`**, **`smom-dbis-138/`** (re-run script for current list). | Dev | **P1-F08** above; [SUBMODULE_HYGIENE.md](SUBMODULE_HYGIENE.md) | --- @@ -266,7 +307,7 @@ Full list: [TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md](../11-references/TOKEN_CONT |---|------|--------|-----| | T1 | **DeployCompliantFiatTokens (Chain 138):** cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT. Prereq: CREATE2_FACTORY_ADDRESS. Use Core RPC (IP:port). | ✅ Done 2026-02-27 | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1 | | T2 | **Optional cCADT:** Uncomment cCADT line in DeployCompliantFiatTokens.s.sol and re-run script when needed (Tether-style CAD). | Dev/Op | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.2 | -| T3 | **cAUSDT:** Deploy or env when Alltra compliant USD token defined; no script in repo. | TBD | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 | +| T3 | **cAUSDT / cWAUSDT corridor:** `cAUSDT` is live on Chain 138 and the public `cWAUSDT` transport lane is wired on BSC, Polygon, Avalanche, and Celo; remaining work is PMM edge pools and any further destination-chain rollout. | Operator / Config | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §1.3 | | T4 | **ACADT (ALL Mainnet 651940):** No script in repo; address TBD when Alltra adds CAD token. | TBD | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §2 | | T5 | **cW* on public chains:** Deploy/bridge cW* per chain; create PMM edge pools per pool-matrix. | Operator | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §3 | | T6 | **D-WIN W on 138/651940 (optional):** Extend DeployISO4217WSystem for Chain 138 or 651940 if desired. | Planned | TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §4 | @@ -351,7 +392,7 @@ Cron: `schedule-daily-weekly-cron.sh --install`; NPMplus backup: `schedule-npmpl | Validate (Proxmox SSH) | `bash scripts/run-via-proxmox-ssh.sh validate [--host IP]` — shellcheck (full) + genesis validation; installs jq/shellcheck on host if missing | | All validation (CI) | `bash scripts/verify/run-all-validation.sh [--skip-genesis]` | | Config files | `bash scripts/validation/validate-config-files.sh` | -| On-chain (Chain 138) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` — expect **64/64** when Core RPC reachable (see script list) | +| On-chain (Chain 138) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` — expect **67/67** when Core RPC reachable on the current canonical inventory | | E2E routing | `./scripts/verify/verify-end-to-end-routing.sh` | | **Test all contracts (before deploy)** | `./scripts/deployment/test-all-contracts-before-deploy.sh` — use `--dry-run` / `--no-match "Fork|Mainnet|Integration|e2e"` / `--alltra` | | **HYBX package commitment** | `python3 scripts/omnl/verify-transaction-package-commitment.py ` | After unzip | diff --git a/docs/00-meta/TODO_TASK_LIST_MASTER.md b/docs/00-meta/TODO_TASK_LIST_MASTER.md index dd20f710..ecd71f14 100644 --- a/docs/00-meta/TODO_TASK_LIST_MASTER.md +++ b/docs/00-meta/TODO_TASK_LIST_MASTER.md @@ -1,6 +1,6 @@ # Master TODO Task List -**Last Updated:** 2026-03-02 +**Last Updated:** 2026-04-07 **Purpose:** Consolidated list of all fixes, enhancements, improvements, optimizations, recommendations, and missed steps. **Full index (1–139):** [ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md](ALL_RECOMMENDATIONS_AND_IMPROVEMENTS_LIST.md). **Full deployment order:** [DEPLOYMENT_ORDER_OF_OPERATIONS.md](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md) (Phase 0–6); before deploy run `./scripts/deployment/preflight-chain138-deploy.sh [--cost]`. @@ -18,6 +18,8 @@ **2026-02-27:** Deployment order of operations ([DEPLOYMENT_ORDER_OF_OPERATIONS.md](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md)) and preflight script (`preflight-chain138-deploy.sh`) added. Deployment safety: correct RPC (Core only), correct dotenv (smom-dbis-138/.env), gas/cost estimate before deploy, do not deploy when stuck. NEXT_STEPS_AND_REMAINING_TODOS, TODOS_CONSOLIDATED updated with next-steps table and 2026-02-27 completion. +**2026-04-07:** Added a dedicated GRU v2 / D3MM / edge-liquidity / protocol-source assurance checklist in [GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md](GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md). This is now the canonical sub-checklist for promoting DODO v3 / D3MM, reconciling public-edge venues, and proving that routed protocol contracts match approved upstream families. + --- ## 1. Critical Fixes (Do First) @@ -56,7 +58,7 @@ - [x] **Use gas API to estimate** all undeployed contract deployment costs: `./scripts/deployment/get-multichain-gas-prices.sh`; optionally `update-gas-estimates.sh`; estimate per-script gas (forge/cast) for PMM pool creation, TransactionMirror, EnhancedSwapRouter, DODOPMMProvider, and any multichain cW*/PMM. - [x] **Dry-run Chain 138 deployments:** `deploy-contracts-unified.sh --dry-run` (RPC + init fixes applied); DeployDeterministicCore simulated; PMM pool creation: set `DODO_PMM_INTEGRATION_ADDRESS` then `DRY_RUN=true ./scripts/create-all-dodo-pools-from-token-api.sh`; TransactionMirror script (no --broadcast); `deploy-optional-future-all.sh --dry-run`; `fund-ccip-bridges-with-link.sh --dry-run`. - [ ] **Dry-run mainnet/multichain** (if applicable): `dry-run-mainnet-deployment.sh` (requires ETHEREUM_MAINNET_RPC, PRIVATE_KEY) or per-script `forge script ... --dry-run` for each target chain. -- [x] **Test not-deployed components:** Run `check-contracts-on-chain-138.sh` after any new deploy (36/36 present). Validate PMM pool creation path when pools created; DODOPMMProvider when implemented; TransactionMirror receive path after deploy; EnhancedSwapRouter when pools exist. +- [x] **Test not-deployed components:** Run `check-contracts-on-chain-138.sh` after any new deploy (current canonical target **67/67**). Validate PMM pool creation path when pools created; DODOPMMProvider when implemented; TransactionMirror receive path after deploy; EnhancedSwapRouter when pools exist. --- @@ -173,6 +175,16 @@ - [x] **API key placeholders:** All vars from [API_KEYS_REQUIRED.md](../../reports/API_KEYS_REQUIRED.md) added to root `.env.example`, `dbis_core/.env.example`, `the-order/services/legal-documents/.env.example` (see [API_KEYS_DOTENV_STATUS.md](API_KEYS_DOTENV_STATUS.md)). Obtaining keys remains operator task. - [ ] Resource/network/database optimization +## 11b. GRU v2 / D3MM / Edge / Protocol Assurance + +- [ ] **Promote D3MM on Chain 138:** move `dodo_v3` from pilot/private posture into the canonical GRU v2 execution set for approved lanes. Detail: [GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md](GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md) §2.1. +- [ ] **Expand D3MM beyond the current pilot lane:** add canonical pool inventory, planner/router visibility, and token-aggregation exposure for more than `WETH10 <-> USDT`. +- [ ] **Public EVM rollout:** define and execute the D3MM rollout sequence across the in-scope public EVM set, including Mainnet / ALL Mainnet-linked surfaces where applicable. Detail: [GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md](GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md) §2.2. +- [ ] **GRU v2 edge venues:** freeze and publish the policy for Uniswap, Balancer, Curve, and 1inch as GRU v2 edge venues, then reconcile the route matrices and planner capability surfaces. +- [ ] **Native token completeness:** build and maintain a per-network completeness matrix for mapped / deployed / bridge-live / liquidity-live / routing-visible status, and close known gaps such as Wemix and non-EVM planning-only rows. +- [ ] **Protocol-source assurance:** build the contract-family assurance matrix for DODO V2, DODO v3 / D3MM, Uniswap, Balancer, Curve, and 1inch; replace pilot-compatible venues with upstream-native deployments where required. +- [ ] **Optional non-EVM extension:** define adapter-based GRU v2 edge architecture for Solana, Tezos / Etherlink, and other non-EVM targets. Detail: [GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md](GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md) §3.1. + --- ## 12. DBIS RTGS / HYBX / Hyperledger E2E stack diff --git a/docs/00-meta/WHATS_LEFT_OPERATOR_AND_EXTERNAL.md b/docs/00-meta/WHATS_LEFT_OPERATOR_AND_EXTERNAL.md index d9e3284d..0b85553b 100644 --- a/docs/00-meta/WHATS_LEFT_OPERATOR_AND_EXTERNAL.md +++ b/docs/00-meta/WHATS_LEFT_OPERATOR_AND_EXTERNAL.md @@ -1,6 +1,6 @@ # What’s Left — Operator and External Only -> Historical note (2026-03-26): this status snapshot includes superseded PMM-address references from the earlier three-pool stack. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-05): canonical stable PMM on Chain 138 is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Earlier three-pool / `0x5BDc62f1…` era notes are historical. **Last Updated:** 2026-02-27 **Purpose:** After completing in-repo and on-chain tasks (preflight, PMM pools, DODOPMMProvider, operator script NPMplus/backup/verify, Wemix re-check), these items require **operator (LAN/Proxmox/credentials)** or **you (third-party)**. **Short summary:** [REMAINING_SUMMARY.md](REMAINING_SUMMARY.md). diff --git a/docs/02-architecture/AI_AGENTS_57XX_MCP_CONTRACTS_AND_CHAINS.md b/docs/02-architecture/AI_AGENTS_57XX_MCP_CONTRACTS_AND_CHAINS.md index 42576109..db324336 100644 --- a/docs/02-architecture/AI_AGENTS_57XX_MCP_CONTRACTS_AND_CHAINS.md +++ b/docs/02-architecture/AI_AGENTS_57XX_MCP_CONTRACTS_AND_CHAINS.md @@ -22,15 +22,15 @@ The MCP supports one chain at a time via `CHAIN` and `RPC_URL`. To support multi | Item | Status | Notes | |------|--------|--------| -| **DODOPMMIntegration** | Deployed | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` — canonical corrected integration for Chain 138 PMM pools | +| **DODOPMMIntegration** | Deployed | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` — canonical official-DVM-backed stable integration for Chain 138 | | **Pools** | Created via integration | Call `createPool` / `createCUSDTCUSDCPool` etc.; pool addresses from creation or `pools(base, quote)` | | **Base tokens (cUSDT, cUSDC, …)** | Deployed (core) | e.g. cUSDT `0x93E66202A11B1772E55407B32B44e5Cd8eda7f22`, cUSDC `0xf22258f57794CC8E06237084b353Ab30fFfa640b` (see [CHAIN138_TOKEN_ADDRESSES](../11-references/CHAIN138_TOKEN_ADDRESSES.md)) | | **Quote tokens (USDT, USDC)** | On-chain | Use addresses from Chain 138 config / token API | **Contracts you need to have (so the MCP has addresses):** -- **Already deployed:** DODOPMMIntegration; core compliant tokens (cUSDT, cUSDC, etc.). -- **You must do:** Create pools via DODOPMMIntegration (`createCUSDTCUSDCPool`, `createPool(cUSDT, USDT, ...)`, etc.). Then put in the MCP allowlist: each pool’s address, and the base/quote token addresses used for that pool. +- **Already deployed:** DODOPMMIntegration; core compliant tokens (cUSDT, cUSDC, etc.); canonical public stable pools cUSDT/cUSDC `0x9e89bAe009adf128782E19e8341996c596ac40dC`, cUSDT/USDT `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, cUSDC/USDC `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`. +- **You must do for new pairs:** Create any additional pools via DODOPMMIntegration (`createCUSDTCUSDCPool`, `createPool(cUSDT, USDT, ...)`, etc.). Then put in the MCP allowlist: each pool’s address, and the base/quote token addresses used for that pool. No additional smart contracts need to be **deployed** for the MCP beyond what already exists on 138; you only need to **create pools** from the existing integration and then configure the MCP allowlist with those pool and token addresses. diff --git a/docs/02-architecture/COMPREHENSIVE_INFRASTRUCTURE_REVIEW.md b/docs/02-architecture/COMPREHENSIVE_INFRASTRUCTURE_REVIEW.md index e2b0f69e..0d3af1b5 100644 --- a/docs/02-architecture/COMPREHENSIVE_INFRASTRUCTURE_REVIEW.md +++ b/docs/02-architecture/COMPREHENSIVE_INFRASTRUCTURE_REVIEW.md @@ -1,5 +1,7 @@ # Comprehensive Infrastructure Review +> Historical note: This review captures an earlier infrastructure snapshot from the `2500`-series RPC era. Keep the chronology in this document for audit context, but do not use its VMID/IP mappings as the current source of truth. For live inventory and roles, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and `config/proxmox-operational-template.json`. + **Last Updated:** 2025-12-27 **Document Version:** 1.0 **Status:** Active Documentation @@ -167,7 +169,7 @@ This document provides a comprehensive review of: | 100 | proxmox-mail-gateway | 192.168.11.32 | ✅ Running | Mail gateway | | 101 | proxmox-datacenter-manager | 192.168.11.33 | ✅ Running | Datacenter management | | 102 | cloudflared | 192.168.11.34 | ✅ Running | Cloudflare tunnel client | -| 103 | omada | 192.168.11.30 | ✅ Running | Network management | +| — | spare (former omada) | 192.168.11.30 | Retired 2026-04-04 | Available for reuse | | 104 | gitea | 192.168.11.31 | ✅ Running | Git repository | | 105 | nginxproxymanager | 192.168.11.26 | ✅ Running | Central Nginx reverse proxy | | 130 | monitoring-1 | 192.168.11.27 | ✅ Running | Monitoring stack | @@ -544,4 +546,3 @@ After implementing recommendations: **Last Updated:** 2025-12-27 **Document Version:** 1.0 **Review Cycle:** Quarterly - diff --git a/docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md b/docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md index 7fd8a5bc..40819583 100644 --- a/docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md +++ b/docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md @@ -1,6 +1,6 @@ # DBIS Node Role Matrix -**Last updated:** 2026-03-29 (UTC) — regenerate machine-derived rows: `bash scripts/docs/generate-dbis-node-role-matrix-md.sh` +**Last updated:** 2026-04-09 (UTC) — regenerate machine-derived rows: `bash scripts/docs/generate-dbis-node-role-matrix-md.sh` **Status:** Active — infrastructure constitution for DBIS Chain 138 and colocated workloads. ## Purpose @@ -14,6 +14,15 @@ This matrix assigns **node type**, **preferred host placement**, **validator/sig When you change VMID, IP, hostname, or placement, update **ALL_VMIDS** and **operational-template.json** first, then regenerate the table below with this script (or edit the static sections manually). +## Canonical Chain 138 RPC Profiles + +Verified live on 2026-04-09. Treat these profiles as the operating policy for the Besu RPC fleet: + +- **Core / Admin:** `2101`, `2102`, `2103` — may expose `ADMIN`; used for operator/admin workflows. +- **Public:** `2201` — `ETH`, `NET`, `WEB3` only; no `ADMIN`, `DEBUG`, or `TRACE`. +- **Permissioned / Private:** `2301`, `2303`, `2304`, `2305`, `2306`, `2307`, `2308`, `2400`, `2420`, `2430`, `2440`, `2460`, `2470`, `2480` — no `ADMIN`. +- **Thirdweb specialized RPC:** `2401`, `2402`, `2403` — no `ADMIN`; HTTP exposes `ETH`, `NET`, `WEB3`, `DEBUG`, `TRACE`; WS exposes `ETH`, `NET`, `WEB3`. + ## Columns | Column | Meaning | @@ -33,6 +42,8 @@ When you change VMID, IP, hostname, or placement, update **ALL_VMIDS** and **ope | ml110 | 192.168.11.10 | h — verify | legacy_cluster_member_or_wan_aggregator | | r630-01 | 192.168.11.11 | h | primary_compute_chain138_rpc_ccip_relay_sankofa | | r630-02 | 192.168.11.12 | h | firefly_npmplus_secondary_mim4u_mifos_support | +| r630-03 | 192.168.11.13 | h | spare_compute_storage_thin_pools_core_rpc2 | +| r630-04 | 192.168.11.14 | h | spare_compute_ceph_osd | ## Workloads (from operational template) @@ -40,84 +51,96 @@ Machine-derived rows below come from `services[]` in `config/proxmox-operational | VMID | Hostname | IPv4 | IP note | Node type | Runtime state | Entity owner | Region | Preferred host | Validator / signing | Security tier | |------|----------|------|---------|-----------|---------------|--------------|--------|----------------|---------------------|---------------| -| — | order-redis-primary | 192.168.11.38 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | -| 100 | proxmox-mail-gateway | 192.168.11.32 | unique in template | Infra LXC | unspecified | TBD | TBD | r630-02 | N/A | management / secrets | +| 100 | proxmox-mail-gateway | 192.168.11.32 | unique in template | Infra LXC | unspecified | TBD | TBD | r630-03 | N/A | management / secrets | | 101 | proxmox-datacenter-manager | 192.168.11.33 | unique in template | Infra LXC | unspecified | TBD | TBD | r630-02 | N/A | management / secrets | | 102 | cloudflared | 192.168.11.34 | unique in template | Cloudflare tunnel | unspecified | TBD | TBD | r630-01 | N/A | edge ingress | -| 103 | omada | 192.168.11.30 | unique in template | Infra LXC | unspecified | TBD | TBD | r630-02 | N/A | management / secrets | | 104 | gitea | 192.168.11.31 | unique in template | Infra LXC | unspecified | TBD | TBD | r630-02 | N/A | management / secrets | -| 105 | nginxproxymanager | 192.168.11.26 | unique in template | Legacy NPM | unspecified | TBD | TBD | r630-02 | N/A | standard internal | -| 130 | monitoring-1 | 192.168.11.27 | unique in template | Monitoring | unspecified | TBD | TBD | r630-02 | N/A | standard internal | +| 105 | nginxproxymanager | 192.168.11.26 | unique in template | Legacy NPM | unspecified | TBD | TBD | r630-01 | N/A | standard internal | +| 130 | monitoring-1 | 192.168.11.27 | unique in template | Monitoring | unspecified | TBD | TBD | r630-01 | N/A | standard internal | | 1000 | besu-validator-1 | 192.168.11.100 | unique in template | Besu validator | unspecified | TBD | TBD | r630-01 | QBFT signer | validator-tier | | 1001 | besu-validator-2 | 192.168.11.101 | unique in template | Besu validator | unspecified | TBD | TBD | r630-01 | QBFT signer | validator-tier | | 1002 | besu-validator-3 | 192.168.11.102 | unique in template | Besu validator | unspecified | TBD | TBD | r630-01 | QBFT signer | validator-tier | -| 1003 | besu-validator-4 | 192.168.11.103 | unique in template | Besu validator | unspecified | TBD | TBD | r630-01 | QBFT signer | validator-tier | -| 1004 | besu-validator-5 | 192.168.11.104 | unique in template | Besu validator | unspecified | TBD | TBD | r630-01 | QBFT signer | validator-tier | +| 1003 | besu-validator-4 | 192.168.11.103 | unique in template | Besu validator | unspecified | TBD | TBD | r630-03 | QBFT signer | validator-tier | +| 1004 | besu-validator-5 | 192.168.11.104 | unique in template | Besu validator | unspecified | TBD | TBD | r630-03 | QBFT signer | validator-tier | | 1500 | besu-sentry-1 | 192.168.11.150 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | | 1501 | besu-sentry-2 | 192.168.11.151 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | | 1502 | besu-sentry-3 | 192.168.11.152 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | -| 1503 | besu-sentry-4 | 192.168.11.153 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | -| 1504 | besu-sentry-ali | 192.168.11.154 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | -| 1505 | besu-sentry-alltra-1 | 192.168.11.213 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | -| 1506 | besu-sentry-alltra-2 | 192.168.11.214 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-01 | Sentry (no signer) | validator-tier | -| 1507 | besu-sentry-hybx-1 | 192.168.11.244 | unique in template | Besu sentry | unspecified | TBD | TBD | ml110 | Sentry (no signer) | validator-tier | -| 1508 | besu-sentry-hybx-2 | 192.168.11.245 | unique in template | Besu sentry | unspecified | TBD | TBD | ml110 | Sentry (no signer) | validator-tier | +| 1503 | besu-sentry-4 | 192.168.11.153 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1504 | besu-sentry-ali | 192.168.11.154 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1505 | besu-sentry-alltra-1 | 192.168.11.213 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1506 | besu-sentry-alltra-2 | 192.168.11.214 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1507 | besu-sentry-hybx-1 | 192.168.11.244 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1508 | besu-sentry-hybx-2 | 192.168.11.245 | unique in template | Besu sentry | unspecified | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1509 | besu-sentry-thirdweb-01 | 192.168.11.219 | unique in template | Besu sentry | active | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | +| 1510 | besu-sentry-thirdweb-02 | 192.168.11.220 | unique in template | Besu sentry | active | TBD | TBD | r630-03 | Sentry (no signer) | validator-tier | | 2101 | besu-rpc-core-1 | 192.168.11.211 | unique in template | Besu RPC (rpc_core) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2102 | besu-rpc-core-2 | 192.168.11.212 | unique in template | Besu RPC (rpc_core) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 2102 | besu-rpc-core-2 | 192.168.11.212 | unique in template | Besu RPC (rpc_core) | unspecified | TBD | TBD | r630-03 | RPC only | DMZ / RPC exposure | | 2103 | besu-rpc-core-thirdweb | 192.168.11.217 | unique in template | Besu RPC (rpc_core) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2201 | besu-rpc-public-1 | 192.168.11.221 | unique in template | Besu RPC (rpc_public) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2301 | besu-rpc-private-1 | 192.168.11.232 | unique in template | Besu RPC (rpc_private) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2303 | besu-rpc-ali-0x8a | 192.168.11.233 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2304 | besu-rpc-ali-0x1 | 192.168.11.234 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2305 | besu-rpc-luis-0x8a | 192.168.11.235 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2306 | besu-rpc-luis-0x1 | 192.168.11.236 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2307 | besu-rpc-putu-0x8a | 192.168.11.237 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2308 | besu-rpc-putu-0x1 | 192.168.11.238 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2400 | thirdweb-rpc-1 | 192.168.11.240 | unique in template | Besu RPC (rpc_thirdweb) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2401 | besu-rpc-thirdweb-0x8a-1 | 192.168.11.241 | unique in template | Besu RPC (rpc_thirdweb) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2402 | besu-rpc-thirdweb-0x8a-2 | 192.168.11.242 | unique in template | Besu RPC (rpc_thirdweb) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2403 | besu-rpc-thirdweb-0x8a-3 | 192.168.11.243 | unique in template | Besu RPC (rpc_thirdweb) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2500 | besu-rpc-alltra-1 | 192.168.11.172 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2501 | besu-rpc-alltra-2 | 192.168.11.173 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2502 | besu-rpc-alltra-3 | 192.168.11.174 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2503 | besu-rpc-hybx-1 | 192.168.11.246 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2504 | besu-rpc-hybx-2 | 192.168.11.247 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 2505 | besu-rpc-hybx-3 | 192.168.11.248 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | -| 3000 | ml-node-1 | 192.168.11.60 | unique in template | ML node | unspecified | TBD | TBD | ml110 | N/A | standard internal | -| 3001 | ml-node-2 | 192.168.11.61 | unique in template | ML node | unspecified | TBD | TBD | ml110 | N/A | standard internal | -| 3002 | ml-node-3 | 192.168.11.62 | unique in template | ML node | unspecified | TBD | TBD | ml110 | N/A | standard internal | -| 3003 | ml-node-4 | 192.168.11.63 | unique in template | ML node | unspecified | TBD | TBD | ml110 | N/A | standard internal | +| 2201 | besu-rpc-public-1 | 192.168.11.221 | unique in template | Besu RPC (rpc_public) | unspecified | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2301 | besu-rpc-private-1 | 192.168.11.232 | unique in template | Besu RPC (rpc_private) | unspecified | TBD | TBD | r630-03 | RPC only | DMZ / RPC exposure | +| 2303 | besu-rpc-ali-0x8a | 192.168.11.233 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2304 | besu-rpc-ali-0x1 | 192.168.11.234 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-03 | RPC only | DMZ / RPC exposure | +| 2305 | besu-rpc-luis-0x8a | 192.168.11.235 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2306 | besu-rpc-luis-0x1 | 192.168.11.236 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2307 | besu-rpc-putu-0x8a | 192.168.11.237 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2308 | besu-rpc-putu-0x1 | 192.168.11.238 | unique in template | Besu RPC (rpc_named) | unspecified | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2400 | thirdweb-rpc-1 | 192.168.11.240 | unique in template | Besu RPC (rpc_thirdweb) | active | TBD | TBD | r630-03 | RPC only | DMZ / RPC exposure | +| 2401 | besu-rpc-thirdweb-0x8a-1 | 192.168.11.241 | unique in template | Besu RPC (rpc_thirdweb_specialized) | active_specialized_rpc | TBD | TBD | r630-02 | RPC only | DMZ / RPC exposure | +| 2402 | besu-rpc-thirdweb-0x8a-2 | 192.168.11.242 | unique in template | Besu RPC (rpc_thirdweb_specialized) | active_specialized_rpc | TBD | TBD | r630-03 | RPC only | DMZ / RPC exposure | +| 2403 | besu-rpc-thirdweb-0x8a-3 | 192.168.11.243 | unique in template | Besu RPC (rpc_thirdweb_specialized) | active_specialized_rpc | TBD | TBD | r630-03 | RPC only | DMZ / RPC exposure | +| 2410 | info-defi-oracle-web | 192.168.11.218 | unique in template | DApp | active_public_site | TBD | TBD | r630-02 | N/A | standard internal | +| 2420 | besu-rpc-alltra-1 | 192.168.11.172 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 2430 | besu-rpc-alltra-2 | 192.168.11.173 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 2440 | besu-rpc-alltra-3 | 192.168.11.174 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 2460 | besu-rpc-hybx-1 | 192.168.11.246 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 2470 | besu-rpc-hybx-2 | 192.168.11.247 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 2480 | besu-rpc-hybx-3 | 192.168.11.248 | unique in template | Besu RPC (rpc_alltra_hybx) | unspecified | TBD | TBD | r630-01 | RPC only | DMZ / RPC exposure | +| 3000 | ml-node-1 | 192.168.11.60 | unique in template | Monitoring | unspecified | TBD | TBD | r630-03 | N/A | standard internal | +| 3001 | ml-node-2 | 192.168.11.61 | unique in template | Monitoring | unspecified | TBD | TBD | r630-03 | N/A | standard internal | +| 3002 | ml-node-3 | 192.168.11.62 | unique in template | Monitoring | unspecified | TBD | TBD | r630-03 | N/A | standard internal | +| 3003 | ml-node-4 | 192.168.11.66 | unique in template | Monitoring | unspecified | TBD | TBD | r630-03 | N/A | standard internal | | 3500 | oracle-publisher-1 | 192.168.11.29 | unique in template | Oracle publisher | unspecified | TBD | TBD | r630-02 | N/A | standard internal | | 3501 | ccip-monitor-1 | 192.168.11.28 | unique in template | CCIP monitor | unspecified | TBD | TBD | r630-02 | N/A | standard internal | | 5000 | blockscout-1 | 192.168.11.140 | unique in template | Blockscout | unspecified | TBD | TBD | r630-01 | N/A | standard internal | | 5010 | tsunamiswap | 192.168.11.91 | unique in template | DeFi | unspecified | TBD | TBD | r630-01 | N/A | standard internal | -| 5200 | cacti-1 | 192.168.11.80 | unique in template | Cacti | unspecified | TBD | TBD | r630-02 | N/A | standard internal | -| 5201 | cacti-alltra-1 | 192.168.11.177 | unique in template | Cacti | unspecified | TBD | TBD | r630-02 | N/A | standard internal | -| 5202 | cacti-hybx-1 | 192.168.11.251 | unique in template | Cacti | unspecified | TBD | TBD | r630-02 | N/A | standard internal | +| 5200 | cacti-1 | 192.168.11.80 | unique in template | Cacti | active_besu_connector_gateway | TBD | TBD | r630-02 | N/A | standard internal | +| 5201 | cacti-alltra-1 | 192.168.11.177 | unique in template | Cacti | active_public_cacti_surface | TBD | TBD | r630-02 | N/A | standard internal | +| 5202 | cacti-hybx-1 | 192.168.11.251 | unique in template | Cacti | active_public_cacti_surface | TBD | TBD | r630-02 | N/A | standard internal | | 5700 | dev-vm-gitops | 192.168.11.59 | unique in template | Dev | unspecified | TBD | TBD | any | N/A | standard internal | | 5702 | ai-inf-1 | 192.168.11.82 | unique in template | AI infra | unspecified | TBD | TBD | r630-01 | N/A | standard internal | | 5705 | ai-inf-2 | 192.168.11.86 | unique in template | AI infra | unspecified | TBD | TBD | r630-01 | N/A | standard internal | +| 5751 | op-stack-deployer-1 | 192.168.11.69 | unique in template | ai_app | unspecified | TBD | TBD | r630-02 | N/A | standard internal | +| 5752 | op-stack-ops-1 | 192.168.11.70 | unique in template | ai_app | unspecified | TBD | TBD | r630-02 | N/A | standard internal | | 5800 | mifos-fineract | 192.168.11.85 | unique in template | Mifos | unspecified | TBD | TBD | r630-02 | N/A | standard internal | | 5801 | dapp-smom | 192.168.11.58 | unique in template | DApp | unspecified | TBD | TBD | r630-02 | N/A | standard internal | -| 6000 | fabric-1 | 192.168.11.65 | unique in template | Fabric | reserved_placeholder_stopped | TBD | TBD | r630-02 | N/A | identity / workflow DLT | +| 5802 | rtgs-scsm-1 | 192.168.11.89 | unique in template | rtgs-sidecar | active_internal_health_ok | TBD | TBD | r630-02 | N/A | standard internal | +| 5803 | rtgs-funds-1 | 192.168.11.90 | unique in template | rtgs-sidecar | active_internal_health_ok | TBD | TBD | r630-02 | N/A | standard internal | +| 5804 | rtgs-xau-1 | 192.168.11.92 | unique in template | rtgs-sidecar | active_internal_health_ok | TBD | TBD | r630-02 | N/A | standard internal | +| 6000 | fabric-1 | 192.168.11.113 | unique in template | Fabric | active_sample_network | TBD | TBD | r630-02 | N/A | identity / workflow DLT | | 6001 | fabric-alltra-1 | 192.168.11.178 | unique in template | Fabric | reserved_placeholder_stopped | TBD | TBD | r630-02 | N/A | identity / workflow DLT | | 6002 | fabric-hybx-1 | 192.168.11.252 | unique in template | Fabric | reserved_placeholder_stopped | TBD | TBD | r630-02 | N/A | identity / workflow DLT | | 6200 | firefly-1 | 192.168.11.35 | shared / non-concurrent mapping — verify live owner | FireFly | active_minimal_gateway | TBD | TBD | r630-02 | N/A | identity / workflow DLT | | 6201 | firefly-ali-1 | 192.168.11.57 | unique in template | FireFly | retired_standby_until_rebuilt | TBD | TBD | r630-02 | N/A | identity / workflow DLT | -| 6400 | indy-1 | 192.168.11.64 | unique in template | Indy | reserved_placeholder_stopped | TBD | TBD | r630-02 | N/A | identity / workflow DLT | +| 6400 | indy-1 | 192.168.11.64 | unique in template | Indy | active_validator_pool | TBD | TBD | r630-02 | N/A | identity / workflow DLT | | 6401 | indy-alltra-1 | 192.168.11.179 | unique in template | Indy | reserved_placeholder_stopped | TBD | TBD | r630-02 | N/A | identity / workflow DLT | | 6402 | indy-hybx-1 | 192.168.11.253 | unique in template | Indy | reserved_placeholder_stopped | TBD | TBD | r630-02 | N/A | identity / workflow DLT | +| 6500 | aries-1 | 192.168.11.88 | unique in template | Aries / AnonCreds | active_identity_agent | TBD | TBD | r630-02 | N/A | identity / workflow DLT | +| 6600 | caliper-1 | 192.168.11.93 | unique in template | Caliper | active_benchmark_workspace | TBD | TBD | r630-02 | N/A | standard internal | | 7800 | sankofa-api-1 | 192.168.11.50 | unique in template | Sankofa / Phoenix | unspecified | TBD | TBD | r630-01 | N/A | application | -| 7801 | sankofa-portal-1 | 192.168.11.51 | unique in template | Sankofa / Phoenix | unspecified | TBD | TBD | r630-01 | N/A | application | +| 7801 | sankofa-portal-1 | 192.168.11.51 | unique in template | Sankofa / Phoenix | active_client_sso_surface | TBD | TBD | r630-01 | N/A | application | | 7802 | sankofa-keycloak-1 | 192.168.11.52 | unique in template | Sankofa / Phoenix | unspecified | TBD | TBD | r630-01 | N/A | application | | 7803 | sankofa-postgres-1 | 192.168.11.53 | unique in template | Sankofa / Phoenix | unspecified | TBD | TBD | r630-01 | N/A | application | | 7804 | gov-portals-dev | 192.168.11.54 | unique in template | Sankofa / Phoenix | unspecified | TBD | TBD | r630-01 | N/A | application | | 7805 | sankofa-studio | 192.168.11.72 | unique in template | Sankofa / Phoenix | unspecified | TBD | TBD | r630-01 | N/A | application | -| 7810 | mim-web-1 | 192.168.11.37 | unique live owner after 2026-03-29 ARP cleanup | MIM4U | unspecified | TBD | TBD | r630-02 | N/A | standard internal | +| 7806 | sankofa-public-web | 192.168.11.63 | unique in template | Sankofa / Phoenix | active_public_site | TBD | TBD | r630-01 | N/A | application | +| 7810 | mim-web-1 | 192.168.11.37 | unique in template | MIM4U | unspecified | TBD | TBD | r630-02 | N/A | standard internal | | 7811 | mim-api-1 | 192.168.11.36 | shared / non-concurrent mapping — verify live owner | MIM4U | unspecified | TBD | TBD | r630-02 | N/A | standard internal | | 8640 | vault-phoenix-1 | 192.168.11.200 | unique in template | HashiCorp Vault | unspecified | TBD | TBD | r630-01 | N/A | management / secrets | | 8641 | vault-phoenix-2 | 192.168.11.215 | unique in template | HashiCorp Vault | unspecified | TBD | TBD | r630-01 | N/A | management / secrets | | 8642 | vault-phoenix-3 | 192.168.11.202 | unique in template | HashiCorp Vault | unspecified | TBD | TBD | r630-01 | N/A | management / secrets | +| 10000 | order-postgres-primary | 192.168.11.44 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | +| 10001 | order-postgres-replica | 192.168.11.45 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | +| 10020 | order-redis | 192.168.11.38 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | | 10030 | order-identity | 192.168.11.40 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | | 10040 | order-intake | 192.168.11.41 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | | 10050 | order-finance | 192.168.11.49 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | @@ -126,7 +149,7 @@ Machine-derived rows below come from `services[]` in `config/proxmox-operational | 10080 | order-eresidency | 192.168.11.43 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | | 10090 | order-portal-public | 192.168.11.36 | shared / non-concurrent mapping — verify live owner | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | | 10091 | order-portal-internal | 192.168.11.35 | shared / non-concurrent mapping — verify live owner | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | -| 10092 | order-mcp-legal | 192.168.11.94 | unique live owner after 2026-03-29 ARP cleanup | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | +| 10092 | order-mcp-legal | 192.168.11.94 | unique in template | The Order service | unspecified | TBD | TBD | r630-01 | N/A | application | | 10100 | dbis-postgres-primary | 192.168.11.105 | unique in template | DBIS stack | unspecified | TBD | TBD | r630-01 | N/A | application | | 10101 | dbis-postgres-replica-1 | 192.168.11.106 | unique in template | DBIS stack | unspecified | TBD | TBD | r630-01 | N/A | application | | 10120 | dbis-redis | 192.168.11.125 | unique in template | DBIS stack | unspecified | TBD | TBD | r630-01 | N/A | application | @@ -166,3 +189,4 @@ These appear in [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS - [dbis_chain_138_technical_master_plan.md](../../dbis_chain_138_technical_master_plan.md) - [CHAIN138_CANONICAL_NETWORK_ROLES_VALIDATORS_SENTRY_AND_RPC.md](CHAIN138_CANONICAL_NETWORK_ROLES_VALIDATORS_SENTRY_AND_RPC.md) - [VMID_ALLOCATION_FINAL.md](VMID_ALLOCATION_FINAL.md) + diff --git a/docs/02-architecture/DOMAIN_STRUCTURE.md b/docs/02-architecture/DOMAIN_STRUCTURE.md index 624783d8..c4fddbe8 100644 --- a/docs/02-architecture/DOMAIN_STRUCTURE.md +++ b/docs/02-architecture/DOMAIN_STRUCTURE.md @@ -32,7 +32,7 @@ This document defines the domain structure for the infrastructure, clarifying wh - `r630-04.sankofa.nexus` → 192.168.11.14 **DNS Configuration:** -- Internal DNS server (typically on ER605 or Omada controller) +- Internal DNS server or local resolver tied to the current UDM Pro / UniFi-managed LAN - Not publicly resolvable (internal network only) - Used for local network service discovery @@ -147,7 +147,7 @@ For new services and integrations: ### DNS Record Management -- **sankofa.nexus**: Managed via internal DNS (Omada controller or local DNS server) +- **sankofa.nexus**: Managed via internal DNS (UDM Pro / UniFi or another local DNS server) - **d-bis.org**: Managed via Cloudflare DNS - **defi-oracle.io**: Managed via Cloudflare DNS diff --git a/docs/02-architecture/EXPLORER_ACCESS_CONTROL_AND_API_KEY_ARCHITECTURE.md b/docs/02-architecture/EXPLORER_ACCESS_CONTROL_AND_API_KEY_ARCHITECTURE.md new file mode 100644 index 00000000..62b1324e --- /dev/null +++ b/docs/02-architecture/EXPLORER_ACCESS_CONTROL_AND_API_KEY_ARCHITECTURE.md @@ -0,0 +1,246 @@ +# Explorer Access Control And API Key Architecture + +## Purpose + +This document describes the explorer access-management plane added on top of the public Chain 138 explorer. It is the developer and operator reference for how user sessions, RPC products, subscriptions, and API keys are modeled today. + +## Scope + +The access layer is for: + +- commercial and managed access to RPC products +- user-facing account and API key management in the explorer +- future paywall and entitlement wiring for Thirdweb and Alltra lanes + +It is not yet the final edge-enforcement layer for nginx, Besu, or relay proxies. + +## High-level model + +There are now two auth systems in the explorer backend: + +### 1. Wallet auth + +Used for chain-oriented explorer tracks and wallet-based access. + +Endpoints: + +- `POST /api/v1/auth/nonce` +- `POST /api/v1/auth/wallet` + +Token type: + +- JWT signed with `JWT_SECRET` + +Primary purpose: + +- explorer track auth +- operator/track gating + +### 2. User-session auth + +Used for the `/access` console and API-key-management flows. + +Endpoints: + +- `POST /api/v1/auth/register` +- `POST /api/v1/auth/login` +- `/api/v1/access/*` + +Token type: + +- JWT signed with `JWT_SECRET` + +Primary purpose: + +- access-console identity +- subscriptions +- API key issuance and revocation +- usage summary + +## Backend components + +### REST layer + +Relevant files: + +- `explorer-monorepo/backend/api/rest/auth.go` +- `explorer-monorepo/backend/api/rest/routes.go` +- `explorer-monorepo/backend/api/rest/server.go` + +Responsibilities: + +- request validation +- user-session JWT issuance and validation +- mapping product catalog to API responses +- converting subscriptions into API-key eligibility + +### Auth/data layer + +Relevant file: + +- `explorer-monorepo/backend/auth/auth.go` + +Responsibilities: + +- user registration and password verification +- API key generation and hashing +- API key lookup and revocation +- product subscription persistence +- subscription and key listing + +## Database model + +Migration: + +- `explorer-monorepo/backend/database/migrations/0015_access_management_schema.up.sql` + +Important tables: + +### `rpc_products` + +Catalog of modeled RPC products. + +Current seeds: + +- `core-rpc` +- `alltra-rpc` +- `thirdweb-rpc` + +### `user_product_subscriptions` + +Tracks per-user entitlement intent and state. + +Important fields: + +- `product_slug` +- `tier` +- `status` +- `monthly_quota` +- `requests_used` +- `requires_approval` +- `approved_at` +- `approved_by` +- `notes` + +### `api_keys` + +Existing table extended with access-control metadata. + +Important added fields: + +- `product_slug` +- `scopes` +- `monthly_quota` +- `requests_used` +- `approved` +- `approved_at` +- `approved_by` +- `last_ip_address` + +### `api_key_usage_logs` + +Reserved for live usage event ingestion and future billing/forensics work. + +## Product catalog semantics + +### `core-rpc` + +- provider: `besu-core` +- VMID: `2101` +- billing model: `contract` +- approval required: `true` + +Intended for sensitive/operator-grade use. Subscription creation produces `pending` state until approved. + +### `alltra-rpc` + +- provider: `alltra` +- VMID: `2102` +- billing model: `subscription` +- approval required: `false` + +Designed as self-service managed RPC access. + +### `thirdweb-rpc` + +- provider: `thirdweb` +- VMID: `2103` +- billing model: `subscription` +- approval required: `false` + +Designed as self-service commercial API access for Thirdweb-aligned consumers. + +## API key lifecycle + +### Issuance + +Flow: + +1. user authenticates with email/password session +2. user requests or activates product subscription +3. user creates API key +4. backend assigns default scopes and quotas +5. plaintext key is returned once +6. only the hash is stored + +### Approval behavior + +- self-service products create active subscriptions and approved keys +- approval-gated products create pending subscriptions and block key creation until activation + +### Revocation + +Revocation is a soft state update: + +- `revoked = true` + +The current system does not yet implement key rotation workflow beyond revoke-and-recreate. + +## Frontend components + +Relevant files: + +- `explorer-monorepo/frontend/src/pages/access/index.tsx` +- `explorer-monorepo/frontend/src/components/access/AccessManagementPage.tsx` +- `explorer-monorepo/frontend/src/services/api/access.ts` + +Responsibilities: + +- register/login UX +- product catalog display +- subscription request/activation UX +- API key issuance and one-time secret display +- usage and quota summaries + +## Deliberate current gaps + +These gaps are known and intentional, not accidental: + +1. Edge enforcement is not yet fully wired. +2. Billing collection is not yet wired. +3. Admin approval UI does not yet exist. +4. Usage counters are not yet sourced from complete live edge metering. +5. Session and wallet identities are not yet linked into a single account model. + +## Recommended next implementation steps + +1. Validate API keys at the RPC edge serving `2102` and `2103`. +2. Add admin approval and suspension flows for `core-rpc`. +3. Feed live request events into `api_key_usage_logs`. +4. Add billing rail integration. +5. Add scoped permissions, rotation, and expiry controls to the access console. + +## Thirdweb-specific architecture boundary + +For the `thirdweb-rpc` product, keep the architectural split explicit: + +- the explorer portal owns identity, policy, approvals, and repo/deploy orchestration +- CI or a worker owns repository checkout and compilation +- the backend owns Thirdweb Engine/API secrets and deploy calls +- Blockscout owns verification truth for deployed contracts on Chain 138 + +The portal should not model Thirdweb Dashboard as if it were itself the system of record for private repository access or artifact generation. + +See: + +- [THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md](../04-configuration/THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md) diff --git a/docs/02-architecture/IT_LIVE_COLLECTORS_CONTRACT.md b/docs/02-architecture/IT_LIVE_COLLECTORS_CONTRACT.md new file mode 100644 index 00000000..7befbd71 --- /dev/null +++ b/docs/02-architecture/IT_LIVE_COLLECTORS_CONTRACT.md @@ -0,0 +1,29 @@ +# IT live collectors — contract + +**Canonical machine-readable contract:** [`config/it-operations/live-collectors-contract.json`](../../config/it-operations/live-collectors-contract.json) +**Spec:** [SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md](./SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md) (section 5.1) + +## Per-collector rules + +| Collector | Refresh target | On failure | +|-----------|----------------|------------| +| Proxmox guest IPAM | Hourly on LAN (timer or CI dispatch) | `drift.json` notes + `seed_unreachable`; UI stale banner | +| Optional `ip neigh` | 15 min when `IT_COLLECT_IP_NEIGH=1` | Omitted from JSON; no fail | +| Hardware poll | Weekly | Keep last `reports/status/hardware_and_connected_inventory_*.md`; banner if older than policy | +| NPM / UniFi | Phase 2 | Stub endpoint returns `stale: true` until wired | + +## Live-only vs declared-only + +- **Live-only:** guest `status`, observed `ip`, `mac` (from `net0` / `hwaddr=` when present), `node`, `collected_at` from `pvesh` + guest config. +- **Declared-only:** `ip-addresses.conf` keys not present on any guest (reported in drift as `ip_addresses_conf_ips_not_on_guests` where applicable). +- **Merged:** `drift.json` compares live guests to declared literals and ALL_VMIDS markdown table. + +## API exposure + +- **GET** `/v1/collector-contract` on the read API serves the JSON above (no auth beyond existing `/v1` API key rule). + +## Change process + +1. Edit `live-collectors-contract.json` and this doc together. +2. Run `bash scripts/validation/validate-config-files.sh` (py_compile includes IT scripts). +3. If portal or BFF caches intervals, bump `version` in JSON. diff --git a/docs/02-architecture/IT_PORT_MAP_LAYERS_SPEC.md b/docs/02-architecture/IT_PORT_MAP_LAYERS_SPEC.md new file mode 100644 index 00000000..5b0ea54c --- /dev/null +++ b/docs/02-architecture/IT_PORT_MAP_LAYERS_SPEC.md @@ -0,0 +1,34 @@ +# IT port map — layers and BFF join (spec) + +**Goal:** Join *public hostname → NPM → LAN IP:port → VMID → node → switch port* per [SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md](./SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md) section 5. + +## Layers + +| Layer | Source of truth (live) | Declared fallback | Notes | +|-------|------------------------|-------------------|--------| +| Physical | UniFi (XG/switch) + DCIM/NetBox | Spreadsheets | Patch panel refs often manual | +| UDM | UniFi API / controller export | [NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md) | Port forwards, firewall | +| NPM | NPMplus API (same contract as fleet scripts) | E2E FQDN tables | `forward_host`, `forward_port` | +| Proxmox | `pct`/`qm` config, `vmbr` | ALL_VMIDS + `ip-addresses.conf` | VLAN tags on bridges | + +## BFF join model (target) + +```json +{ + "public_hostname": "explorer.d-bis.org", + "npm": { "forward_host": "192.168.11.x", "forward_port": 80, "collected_at": "..." }, + "lan": { "ip": "192.168.11.x", "vmid": "5000", "node": "r630-02" }, + "switch": { "device_id": null, "port": null, "confidence": "missing" } +} +``` + +## Phase 2 implementation + +- Persist **Physical port map** rows in IT Postgres (see entitlements schema sibling directory for DB conventions). +- Ingest UniFi devices into staging tables; map NPM `domain_names` to upstream from API. +- **Read API stub:** `GET /v1/portmap/joined` returns an empty list and `implementation: "stub"` until collectors exist. + +## Related scripts + +- [`scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh`](../../scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh) +- [`scripts/it-ops/export-live-inventory-and-drift.sh`](../../scripts/it-ops/export-live-inventory-and-drift.sh) diff --git a/docs/02-architecture/NETWORK_ARCHITECTURE.md b/docs/02-architecture/NETWORK_ARCHITECTURE.md index fc968a46..69d563b3 100644 --- a/docs/02-architecture/NETWORK_ARCHITECTURE.md +++ b/docs/02-architecture/NETWORK_ARCHITECTURE.md @@ -1,5 +1,7 @@ # Network Architecture - Enterprise Orchestration Plan +> Modern note: This architecture document is still useful for network intent and range allocation, but some examples preserve migration-era RPC numbering and placements. Use it for architecture context, then confirm live VMID/IP placement in `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `config/proxmox-operational-template.json`. + **Navigation:** [Home](../01-getting-started/README.md) > [Architecture](README.md) > Network Architecture **Related:** [PHYSICAL_HARDWARE_INVENTORY.md](PHYSICAL_HARDWARE_INVENTORY.md) | [DOMAIN_STRUCTURE.md](DOMAIN_STRUCTURE.md) | [ORCHESTRATION_DEPLOYMENT_GUIDE.md](ORCHESTRATION_DEPLOYMENT_GUIDE.md) | [11-references/NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md) | **Runbooks & VLAN:** [03-deployment/OPERATIONAL_RUNBOOKS.md](../03-deployment/OPERATIONAL_RUNBOOKS.md) (Phase 4, VLAN), [03-deployment/MISSING_CONTAINERS_LIST.md](../03-deployment/MISSING_CONTAINERS_LIST.md), [04-configuration/UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](../04-configuration/UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md) @@ -124,7 +126,7 @@ graph LR #### Compute - **ML110 Gen9**: "Bootstrap & Management" node - IP: 192.168.11.10 - - Role: Proxmox mgmt services, Omada controller, Git, monitoring seed + - Role: Proxmox mgmt services, Git, monitoring seed - **4× Dell R630**: Proxmox compute cluster nodes - Resources: 512GB RAM each, 2×600GB boot, 6×250GB SSD diff --git a/docs/02-architecture/PHOENIX_SYSTEM_BOUNDARY_STATEMENT.md b/docs/02-architecture/PHOENIX_SYSTEM_BOUNDARY_STATEMENT.md index eb7fd62e..69ecf6d8 100644 --- a/docs/02-architecture/PHOENIX_SYSTEM_BOUNDARY_STATEMENT.md +++ b/docs/02-architecture/PHOENIX_SYSTEM_BOUNDARY_STATEMENT.md @@ -1,5 +1,7 @@ # Phoenix System Boundary Statement +> Historical note: This boundary statement preserves an earlier infrastructure model and still references pre-standardization RPC ranges in a few sections. Treat those passages as historical context only. For the current Besu/RPC fleet and host placement, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and `config/proxmox-operational-template.json`. + **System Name:** Phoenix Core **System Version:** 1.0.0 **Classification:** Unclassified diff --git a/docs/02-architecture/PROXMOX_CLUSTER_ARCHITECTURE.md b/docs/02-architecture/PROXMOX_CLUSTER_ARCHITECTURE.md index 0091acb9..6e9145d2 100644 --- a/docs/02-architecture/PROXMOX_CLUSTER_ARCHITECTURE.md +++ b/docs/02-architecture/PROXMOX_CLUSTER_ARCHITECTURE.md @@ -1,5 +1,7 @@ # Proxmox Cluster Architecture +> Historical note: This document reflects an earlier cluster distribution and still contains migration-era assumptions about RPC placement. Preserve it as architecture history, but verify all live VMID/IP placement against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `config/proxmox-operational-template.json` before making operational changes. + **Last Updated:** 2025-01-20 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/02-architecture/PROXMOX_COMPREHENSIVE_REVIEW.md b/docs/02-architecture/PROXMOX_COMPREHENSIVE_REVIEW.md index 34c330fc..ac78157c 100644 --- a/docs/02-architecture/PROXMOX_COMPREHENSIVE_REVIEW.md +++ b/docs/02-architecture/PROXMOX_COMPREHENSIVE_REVIEW.md @@ -1,5 +1,7 @@ # Proxmox VE Comprehensive Configuration Review +> Historical note: This review documents an early cluster state when many workloads were still concentrated on older hosts. It is useful for migration history, not for current placement decisions. For the live estate, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and `config/proxmox-operational-template.json`. + **Last Updated:** 2025-01-20 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/02-architecture/PROXMOX_HOSTS_COMPLETE_HARDWARE_CONFIG.md b/docs/02-architecture/PROXMOX_HOSTS_COMPLETE_HARDWARE_CONFIG.md index bcc2061d..ab3b9619 100644 --- a/docs/02-architecture/PROXMOX_HOSTS_COMPLETE_HARDWARE_CONFIG.md +++ b/docs/02-architecture/PROXMOX_HOSTS_COMPLETE_HARDWARE_CONFIG.md @@ -1,15 +1,15 @@ # Proxmox Hosts — Complete Hardware Configuration -**Last Updated:** 2026-02-13 -**Document Version:** 1.0 +**Last Updated:** 2026-04-07 +**Document Version:** 1.1 **Status:** Active Documentation -**Source:** Live query from hosts via `lspci`, `ethtool`, `ip link` +**Source:** Live query from hosts via `lspci`, `dmidecode`, `lsblk`, `free`, `pveversion`; refresh with `bash scripts/verify/poll-proxmox-cluster-hardware.sh` --- ## Overview -Complete hardware specifications for the three Proxmox VE hosts, including CPU, memory, storage, and **all NIC models** with interface mapping and link status. +Hardware specifications for **five** Proxmox VE cluster members (ml110, r630-01 … r630-04): CPU, memory, storage, and **NIC models** with interface mapping and link status. Corosync quorum was **5 nodes / quorate** on 2026-04-07. --- @@ -19,10 +19,10 @@ Complete hardware specifications for the three Proxmox VE hosts, including CPU, |-----------|---------------| | **Manufacturer** | HP | | **Model** | ProLiant ML110 Gen9 | -| **Proxmox** | 9.1.0, kernel 6.17.4-1-pve | +| **Proxmox** | 9.1.0, kernel 6.17.13-2-pve | | **CPU** | Intel Xeon E5-2603 v3 @ 1.60 GHz | | **Cores** | 6 (1 socket × 6 cores) | -| **RAM** | 125 GiB | +| **RAM** | ~62 GiB visible to OS (1× 64 GB DDR4 populated in DMI; second socket empty) | | **Storage** | 2× ST1000DM003-1ER162 (931.5 GB 7.2k HDD each) | | **Storage layout** | LVM-thin (data, local-lvm) + local dir | | **Network** | vmbr0 bridge | @@ -45,10 +45,10 @@ Complete hardware specifications for the three Proxmox VE hosts, including CPU, |-----------|---------------| | **Manufacturer** | Dell Inc. | | **Model** | PowerEdge R630 | -| **Proxmox** | 9.1.0, kernel 6.17.4-1-pve | +| **Proxmox** | 9.1.0, kernel 6.17.13-2-pve | | **CPU** | Intel Xeon E5-2630 v3 @ 2.40 GHz | | **Cores** | 32 (2 sockets × 8 cores) | -| **RAM** | 503 GiB | +| **RAM** | ~125 GiB visible to OS (2× 64 GB DDR4 Samsung modules in DMI) | | **Storage** | 2× HUC109060CSS600 (559 GB enterprise SSD boot) + 6× Crucial CT250MX500SSD1 (233 GB SATA SSD) + DVD-ROM | | **Storage layout** | LVM-thin (data, local-lvm, thin1) + local dir | | **Network** | vmbr0 bridge | @@ -73,10 +73,10 @@ Complete hardware specifications for the three Proxmox VE hosts, including CPU, |-----------|---------------| | **Manufacturer** | Dell Inc. | | **Model** | PowerEdge R630 | -| **Proxmox** | 9.1.0, kernel 6.17.4-1-pve | +| **Proxmox** | 9.1.0, kernel 6.17.13-2-pve | | **CPU** | Intel Xeon E5-2660 v4 @ 2.00 GHz | | **Cores** | 56 (2 sockets × 14 cores) | -| **RAM** | 251 GiB | +| **RAM** | ~125 GiB visible to OS (2× 64 GB DDR4 in DMI) | | **Storage** | 8× Crucial CT250MX500SSD1 (233 GB SATA SSD each) | | **Storage layout** | LVM-thin (thin1-r630-02, thin2–thin6) + local dir | | **Network** | vmbr0 bridge (VLAN-aware) | @@ -95,6 +95,75 @@ Complete hardware specifications for the three Proxmox VE hosts, including CPU, --- +## r630-03 (192.168.11.13) + +| Component | Specification | +|-----------|---------------| +| **Manufacturer** | Dell Inc. | +| **Model** | PowerEdge R630 | +| **Serial** | 6WFD282 | +| **Proxmox** | 9.1.0, kernel 6.17.13-2-pve | +| **CPU** | Intel Xeon E5-2630 v3 @ 2.40 GHz | +| **Cores** | 32 (2 sockets × 8 cores, HT) | +| **RAM** | ~125 GiB visible to OS (2× 64 GB DDR4 in DMI) | +| **Storage** | 1× Toshiba AL14SEB060NY (~559 GB SAS) + 1× HUC109060CSS600 (~559 GB) + 6× Samsung SSD 850/860 EVO 250 GB + DVD-ROM | +| **Storage layout** | LVM-thin (data, local-lvm + **thin1-r630-03 … thin6-r630-03** remotes active) + local dir | +| **Network** | vmbr0 bridge | + +### NICs (r630-03) + +| Interface | PCI device | Model | Speed | Link | MAC | Notes | +|-----------|------------|-------|-------|------|-----|-------| +| **nic0** | 01:00.0 | Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe [14e4:165f] | (1 Gb/s) | yes | `b8:ca:3a:f4:09:c2` | UP, in vmbr0 | +| **nic1** | 01:00.1 | Broadcom BCM5720 [14e4:165f] | — | no | `b8:ca:3a:f4:09:c3` | DOWN | +| **nic2** | 02:00.0 | Broadcom BCM5720 [14e4:165f] | — | no | `b8:ca:3a:f4:09:c4` | DOWN | +| **nic3** | 02:00.1 | Broadcom BCM5720 [14e4:165f] | — | no | `b8:ca:3a:f4:09:c5` | DOWN | +| **vmbr0** | — | bridge | — | — | `b8:ca:3a:f4:09:c2` | 192.168.11.13/24 | + +**NIC summary:** 4× Broadcom BCM5720 1GbE; nic0 active. + +--- + +## r630-04 (192.168.11.14) + +| Component | Specification | +|-----------|---------------| +| **Manufacturer** | Dell Inc. | +| **Model** | PowerEdge R630 | +| **Serial** | 6PPNPD2 | +| **Proxmox** | 9.1.0, kernel 6.17.13-2-pve | +| **CPU** | Intel Xeon E5-2630 v3 @ 2.40 GHz | +| **Cores** | 32 (2 sockets × 8 cores, HT) | +| **RAM** | ~125 GiB visible to OS (2× 64 GB DDR4 Hynix modules in DMI) | +| **Storage** | 1× ST9300653SS (~279 GB SAS) + 1× HUC106030CSS600 (~279 GB) + 4× Crucial CT250MX500SSD1 (~233 GB) + DVD-ROM | +| **Storage layout** | LVM-thin (data, local-lvm) + local dir | +| **Network** | vmbr0 bridge | + +### NICs (r630-04) + +| Interface | PCI device | Model | Speed | Link | MAC | Notes | +|-----------|------------|-------|-------|------|-----|-------| +| **nic0** | 01:00.0 | Broadcom NetXtreme BCM5720 Gigabit Ethernet PCIe [14e4:165f] | (1 Gb/s) | yes | `90:b1:1c:33:d9:62` | UP, in vmbr0 | +| **nic1** | 01:00.1 | Broadcom BCM5720 [14e4:165f] | — | no | `90:b1:1c:33:d9:63` | DOWN | +| **nic2** | 02:00.0 | Broadcom BCM5720 [14e4:165f] | — | no | `90:b1:1c:33:d9:64` | DOWN | +| **nic3** | 02:00.1 | Broadcom BCM5720 [14e4:165f] | — | no | `90:b1:1c:33:d9:65` | DOWN | +| **vmbr0** | — | bridge | — | — | `90:b1:1c:33:d9:62` | 192.168.11.14/24 | + +**NIC summary:** 4× Broadcom BCM5720 1GbE; nic0 active. + +--- + +## Edge devices on the same L2 (not hypervisors) + +| IP | Notes | +|----|-------| +| **192.168.11.1** | UniFi Dream Machine Pro (gateway); nginx/443/8443/8080/9443; SSH 22 | +| **192.168.11.2** | Planned secondary UDM Pro — no ICMP on last operator check | +| **192.168.11.23** | `IP_SERVICE_23` — HTTP on **8080** (API-style headers); MAC `04:42:1a:cf:d0:9a`; not defined in `/etc/pve` | +| **192.168.11.26** | **VMID 105** legacy NPM (OpenResty); `IP_NGINX_LEGACY` — not a bare-metal R750 | + +--- + ## NIC Summary by Host | Host | NIC models | Ports | Active | Max speed | @@ -102,12 +171,20 @@ Complete hardware specifications for the three Proxmox VE hosts, including CPU, | ml110 | Broadcom BCM5717 | 2 | nic0 | 1 GbE | | r630-01 | Broadcom BCM5720 | 4 | nic0 | 1 GbE | | r630-02 | Broadcom BCM57800 | 4 | nic2 | 10 GbE (running at 1 GbE) | +| r630-03 | Broadcom BCM5720 | 4 | nic0 | 1 GbE | +| r630-04 | Broadcom BCM5720 | 4 | nic0 | 1 GbE | --- ## Verification -To refresh this data, run on each host (or via SSH): +Full hypervisor bundle (cluster + per-host CPU/RAM/disk/pvesm): + +```bash +bash scripts/verify/poll-proxmox-cluster-hardware.sh +``` + +Per host (or via SSH): ```bash # NIC models @@ -126,3 +203,4 @@ done - [NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md) — IP assignments - [PROXMOX_HOSTS_MAC_ADDRESSES.md](../../reports/PROXMOX_HOSTS_MAC_ADDRESSES.md) — MAC addresses - [hardware_storage_investigation_*.md](../../reports/status/) — CPU, memory, storage reports +- [hardware_and_connected_inventory_20260407_214748.md](../../reports/status/hardware_and_connected_inventory_20260407_214748.md) — cluster quorum, ARP sample, service IPs (see also newer `hardware_and_connected_inventory_*.md` in the same folder) diff --git a/docs/02-architecture/SANKOFA_IT_API_DEPLOYMENT_DECISION.md b/docs/02-architecture/SANKOFA_IT_API_DEPLOYMENT_DECISION.md new file mode 100644 index 00000000..4d6b1eaa --- /dev/null +++ b/docs/02-architecture/SANKOFA_IT_API_DEPLOYMENT_DECISION.md @@ -0,0 +1,27 @@ +# ADR: Sankofa IT control-plane API placement + +**Status:** Accepted (2026-04-09) +**Context:** [SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md](./SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md) +**Decision:** Where the IT BFF / read API lives relative to `dbis_core` and deployment topology. + +## Decision + +1. **Phase 0–1 (current):** The **read-only HTTP surface** stays in this **proxmox** repo as [`services/sankofa-it-read-api/server.py`](../../services/sankofa-it-read-api/server.py), deployed to a **seed Proxmox node** under `/opt/proxmox` (see [`bootstrap-sankofa-it-read-api-lan.sh`](../../scripts/deployment/bootstrap-sankofa-it-read-api-lan.sh)). It serves LAN/VLAN 11 only (plus optional NPM internal host). **No coupling to `dbis_core` runtime.** + +2. **Phase 2+ (full BFF):** Add a **dedicated small service** (same repo or new `sankofa-it-api` repo) on a **dedicated CT** with **Postgres** for snapshots, drift history, port-map CRUD, and audit log. **Still not** embedded in the `dbis_core` monolith, to avoid shipping Proxmox/UniFi secrets with the app server and to allow independent deploy/rollback. + +3. **Marketplace / billing linkage:** Native infra SKUs and Stripe (or other) subscriptions are **linked** from the IT DB to **`dbis_core`** catalog rows via **`external_sku_id`** / subscription id (see [`config/it-operations/entitlements-schema.sql`](../../config/it-operations/entitlements-schema.sql)). **`dbis_core` remains the commerce/API source** for partner IRU patterns; the IT controller stores **entitlements and metering**, not a second unrelated product catalog. + +## Consequences + +- Operators clone **proxmox** for IT scripts, workflows, and read API; portal (`Sankofa/portal`) calls **`IT_READ_API_URL`** on LAN. +- Future OIDC validation and Postgres move **replace or front** the read API without changing portal route contracts (`/v1/inventory/*`, `/v1/summary`). +- `dbis_core` PRs do not need to land for every IT collector change. + +## Alternatives considered + +| Option | Rejected because | +|--------|------------------| +| BFF inside **dbis_core** | Couples infra secrets and deploy cadence to Phoenix/API releases; larger blast radius. | +| **Only** markdown/git as UI | Violates live-first rule; no `collected_at` or drift alerts. | +| Public BFF without auth | Violates spec; Proxmox data must not be world-readable. | diff --git a/docs/02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md b/docs/02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md index 4820a4fb..11e147b6 100644 --- a/docs/02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md +++ b/docs/02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md @@ -1,7 +1,7 @@ # Sankofa IT operations controller — architecture spec **Status:** Draft for engineering and IT leadership alignment -**Last updated:** 2026-04-08 (Phase 0 live-first inventory section added) +**Last updated:** 2026-04-09 (ADR, collectors contract, VLAN runbook, BFF endpoints, Phase 3–4 skeletons) **Audience:** IT team, platform ops, Sankofa admin product owners --- @@ -167,11 +167,18 @@ The HTML controller should show a **joined view**: *public hostname → NPM → 8. **LAN schedule examples** — `config/systemd/sankofa-it-inventory-export.timer.example` + `.service.example` for weekly `export-live-inventory-and-drift.sh`. 9. **LAN bootstrap + edge** — `scripts/deployment/bootstrap-sankofa-it-read-api-lan.sh` (read API on PVE `/opt/proxmox`, portal env merge, weekly timer on PVE); `scripts/nginx-proxy-manager/upsert-it-read-api-proxy-host.sh`; `scripts/cloudflare/add-it-api-sankofa-dns.sh`. -**Remaining (other repos / product):** +**Architecture decision (BFF home):** [SANKOFA_IT_API_DEPLOYMENT_DECISION.md](./SANKOFA_IT_API_DEPLOYMENT_DECISION.md) — read API stays in **proxmox** repo; full BFF + Postgres on a **dedicated CT**; **`dbis_core`** links via `external_sku_id` only. -1. **Full BFF** with OIDC (Keycloak) and Postgres — **`dbis_core` vs dedicated CT** — decide once. -2. **Keycloak** — assign **`sankofa-it-admin`** to real IT users (role creation is scripted; mapping is manual policy). -3. **TLS for `it-api.sankofa.nexus`** — `scripts/deployment/request-it-api-tls-npm.sh` (or `CERT_DOMAINS_FILTER='it-api\.sankofa\.nexus'` + `request-npmplus-certificates.sh`). If public HTTPS redirect-loops, align Cloudflare proxy/SSL mode with NPM. **Duplicate guest IPs** (export exit **2**) — remediate on cluster. -4. **UniFi / NPM** live collectors — Phase 2 of this spec. +**Collectors contract:** [IT_LIVE_COLLECTORS_CONTRACT.md](./IT_LIVE_COLLECTORS_CONTRACT.md) + [`config/it-operations/live-collectors-contract.json`](../config/it-operations/live-collectors-contract.json). **Port map spec:** [IT_PORT_MAP_LAYERS_SPEC.md](./IT_PORT_MAP_LAYERS_SPEC.md). + +**Operator automation:** VLAN ordered checklist [VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md](../03-deployment/VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md) + `scripts/it-ops/vlan-segmentation-ordered-checklist.sh`. Guarded Proxmox preview: `scripts/it-ops/proxmox-guarded-write-adapter.sh`. Optional SQLite history: set **`IT_BFF_SNAPSHOT_DB`** when running export. **Gitea weekly:** `.gitea/workflows/live-inventory-hardware-weekly.yml`. + +**Remaining (operators / later phases):** + +1. **OIDC validation** on the read API (or replacement BFF) — set **`IT_BFF_OIDC_ISSUER`** when ready; today the portal proxies with server-side API key. +2. **Keycloak** — assign IT users to group **`sankofa-it-admin`** or map realm role; enforce **MFA** per [SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md](../03-deployment/SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md). +3. **TLS for `it-api.sankofa.nexus`** — `scripts/deployment/request-it-api-tls-npm.sh` (or `CERT_DOMAINS_FILTER='it-api\.sankofa\.nexus'` + `request-npmplus-certificates.sh`). **Duplicate guest IPs** (export exit **2**) — remediate on cluster. +4. **UniFi / NPM** live collectors — Phase 2; stub: **GET** `/v1/portmap/joined` on read API. +5. **Billing webhook** — schema in [`config/it-operations/entitlements-schema.sql`](../config/it-operations/entitlements-schema.sql); outline [IT_OPERATIONS_BILLING_STRIPE_OUTLINE.md](../03-deployment/IT_OPERATIONS_BILLING_STRIPE_OUTLINE.md). This spec does **not** replace change control; it gives you a **single product vision** so IP, VLAN, ports, hosts, licenses, and billing support evolve together instead of in silos. diff --git a/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md b/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md new file mode 100644 index 00000000..886b678d --- /dev/null +++ b/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md @@ -0,0 +1,497 @@ +# smom-dbis-138 — full deployment flow map + +**Purpose:** One committed reference diagram file for Chain 138 and related networks: liquidity, bridges, public mesh, orchestration, and operator surfaces. +**Last updated:** 2026-04-04 (Section 6.1: live Mainnet cWUSDT/TRUU and cWUSDC/TRUU PMM pool addresses; master spider Section 1; explorer command center; Mission Control) + +**Interactive UI:** On **explorer.d-bis.org**, open **More → Visual Command Center** (static page `/chain138-command-center.html`) for tabbed Mermaid views of the diagrams in this file. For the live **Mission Control** display, use the main explorer SPA bridge and operator surfaces, which expose the SSE stream, bridge trace, and cached liquidity panels. Deploy with the explorer frontend (`frontend/public/`). + +**Scope — addresses and networks:** This file **does not** list all deployed contracts with addresses per chain. Diagrams use **labels only**. For the full inventory (address + network + verification), use: + +- [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) — human-readable tables by category and chain where applicable +- [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) — correlated matrix and status +- `config/smart-contracts-master.json` — machine-readable bundle used by verify scripts +- `bash scripts/verify/check-contracts-on-chain-138.sh` — on-chain bytecode check against the JSON when RPC is available + +**Canonical detail (addresses, pool IDs, verification) — same sources as above, repeated for convenience:** + +- [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) +- [PMM_DEX_ROUTING_STATUS.md](../11-references/PMM_DEX_ROUTING_STATUS.md) +- [DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md](../11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md) +- [CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md](../11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md) +- [smom-dbis-138/docs/STATUS_AND_TOKEN_ROUTING.md](../../smom-dbis-138/docs/STATUS_AND_TOKEN_ROUTING.md) +- [E2E_ENDPOINTS_LIST.md](../04-configuration/E2E_ENDPOINTS_LIST.md) + +**Re-verify on-chain / API posture:** `bash scripts/verify/check-contracts-on-chain-138.sh`, `check-pmm-pool-balances-chain138.sh`, `check-chain138-pilot-dex-venues.sh`, `check-gru-v2-public-protocols.sh`, `check-mainnet-public-dodo-cw-bootstrap-pools.sh`. + +--- + +## 1. Master spider map — Chain 138 hub, endings, interconnects + +**How to read** + +| Element | Meaning | +|--------|---------| +| **Hub** | Chain 138 — Besu / DeFi Oracle Meta Mainnet; architectural start. | +| **Solid lines** | Live or actively configured on-chain / infra paths documented in repo references. | +| **Dashed lines** | Partial, pending, scaffold, parallel program, or design-only interconnect. | +| **Leaf endings** | Terminal nodes in this map: wallets, edge services, operator processes, or per-chain liquidity sinks. | + +```mermaid +flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["◆ CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX venues · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +``` + +**Interconnect summary** + +- **138 ↔ CCIP EVM set:** Bidirectional **WETH-class** CCIP (bridges + router + LINK). **Ethereum 1** is the **relay / logger** anchor in the documented layout; the **L2/L1 cluster** is shown interconnecting with **ETH1** as a readable stand-in for the full CCIP destination graph (not every pairwise chain hop is drawn). +- **138 ↔ 651940:** **AlltraAdapter** only — not CCIP on that leg. +- **138 → Avalanche:** **Dedicated corridor** to **cWUSDT** mint; separate from generic stable CCIP. +- **138 → Mainnet:** Relay-backed **cUSDC -> cWUSDC** and **cUSDT -> cWUSDT** mint corridors are now live on the dedicated Mainnet `CWMultiTokenBridgeL2`; this is distinct from the older WETH-only Mainnet relay bridge. +- **cW mesh:** Runs **across** public EVM chains (tokens, transport, **Ethereum-first** DODO pool wave); dashed edges = **incomplete** peg/bot/pool rollout vs design matrix. +- **TRUU lane:** The optional Mainnet **TRUU** PMM rail is separate from the cW stable mesh and should not be read as part of the default public cW peg path. +- **Ingress and edge leaves:** Terminate on **RPC, APIs, or UI** that read or submit to **Chain 138**. + +--- + +## 2. Network topology (high level) + +```mermaid +flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +``` + +**Topology note:** The high-level figure keeps the Mainnet special cases collapsed into the same Mainnet node. In production there are now **two distinct Ethereum-facing patterns**: the standard **WETH-class CCIP** rail, and the dedicated **`cUSDC/cUSDT -> cWUSDC/cWUSDT`** mint corridor described in section **5.3**. + +--- + +## 3. Chain 138 — on-chain layers (stack) + +```mermaid +flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +``` + +--- + +## 4. Same-chain flows (138) + +```mermaid +flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +``` + +--- + +## 5. Cross-chain flows + +### 5.1 CCIP — WETH primary transport + +```mermaid +sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +``` + +### 5.2 Alltra — 138 to ALL Mainnet + +```mermaid +flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +``` + +### 5.3 Special corridors — c* to cW* mint + +```mermaid +flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +``` + +### 5.4 Orchestrated swap-bridge-swap (design target) + +```mermaid +flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +``` + +--- + +## 6. Public Ethereum — first-wave cW DODO mesh (conceptual) + +Live status and pool IDs are in [PMM_DEX_ROUTING_STATUS.md](../11-references/PMM_DEX_ROUTING_STATUS.md) and `cross-chain-pmm-lps/config/deployment-status.json`. Other public chains: token mesh and pool-matrix design; pool rollout partial vs Mainnet. + +```mermaid +flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +``` + +### 6.1 Mainnet TRUU PMM (volatile, optional) + +**Truth (TRUU)** on Ethereum is a separate liquidity story from the **cW\* / hub stable** wave-1 mesh. Operational defaults, peg separation, USD-notional seeding (not raw 1:1 token counts), deploy/verify scripts, and `pmmPoolsVolatile[]` live in [MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md](../03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md). **TRUU** anchor address is recorded under `chains."1".anchorAddresses.TRUU` in `deployment-status.json`. + +**Live volatile PMM pools (chain 1, DODO PMM integration):** cWUSDT/TRUU `0x508E5e80B66204b8CD9869323Fdd3A289ea50993`; cWUSDC/TRUU `0x9A632F35078b6A4A9bf27806Bb7aFfAA2F16C846`. Rows and params: `cross-chain-pmm-lps/config/deployment-status.json` → `chains."1".pmmPoolsVolatile[]`. + +```mermaid +flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +``` + +**Scripts (repo root):** `scripts/deployment/deploy-mainnet-pmm-cw-truu-pool.sh`, `scripts/deployment/compute-mainnet-truu-pmm-seed-amounts.sh`, `scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh`. + +--- + +## 7. Off-chain surfaces and integrations + +```mermaid +flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +``` + +**Mission Control note:** The live Mission Control display is part of the main explorer SPA, especially the bridge-monitoring and operator surfaces. The **Visual Command Center** is the static topology companion page, not the runtime Mission Control console. + +--- + +## 8. Capability legend + +| Symbol in docs | Meaning | +|----------------|--------| +| Live | Deployed and described as in use in reference docs | +| Partial | Token or bridge exists; transport pools or full E2E incomplete | +| Pending | Operator completion e.g. Wemix CCIP | +| Separate program | XDC Zero non-EVM adapters scaffold L2 design not CCIP row | +| Single-hop API | Token-aggregation quote is one pool hop not A to B to C graph | + +--- + +## 9. Intentional non-goals (do not read this diagram as claiming) + +- Blanket CCIP move of all cUSDT or cUSDC to every destination without WETH hop or a documented corridor. +- Full trustless bond challenge inbox stack on 138 as default production path Lockbox is not the entire stack. +- Fiat on-ramp or off-ramp as a single box institutional rails sit in Core settlement and compliance layers not shown as retail ramp. + +--- + +## 10. Deployed / integrated blockchain technologies — coverage vs diagrams + +**Section 1** is the **single master spider** (hub, leaves, cross-links). **Sections 2–9** are **zoomed** or **specialized** figures; they repeat detail for readability, not a second topology. + +The Mermaid figures are **architectural summaries**. They do **not** name every contract class or integration. Use this table to see whether a technology is **shown in a figure**, **collapsed** under a generic box, or **only** in linked references. + +| Technology / program | Role | In diagrams above? | Canonical detail | +|----------------------|------|--------------------|------------------| +| **Besu / EVM (Chain 138)** | L1 execution | Collapsed as “Chain 138” | RPC in [RPC_ENDPOINTS_MASTER.md](../04-configuration/RPC_ENDPOINTS_MASTER.md) | +| **ERC-20 + TokenFactory / clones** | Compliant and mirror tokens | L1 / L2 boxes | [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) | +| **OpenZeppelin-style upgrades** | UUPS / proxies on phased core | Collapsed in CORE | Address matrix, `smom-dbis-138` artifacts | +| **Chainlink CCIP** | WETH9/WETH10 cross-chain | Yes (CCIP, bridges, relay) | [CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md](../11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md) | +| **LINK** | CCIP fee token | L1 tokens | Env / runbooks | +| **CCIP relay (mainnet)** | CCIPRelayRouter / CCIPRelayBridge | Sec. 1 ETH1 subgraph + Sec. 7 ops | [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md), ADDRESS_MATRIX multi-chain matrix | +| **cW mint corridor (138 ↔ Mainnet / Avalanche)** | `CWMultiTokenBridgeL1` / `CWMultiTokenBridgeL2` + `CompliantWrappedToken` mint / burn path | Sec. 1 summary + Sec. 5.3 | [ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md](../11-references/ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md), [CW_TOKENS_AND_NETWORKS.md](../11-references/CW_TOKENS_AND_NETWORKS.md), [CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md](../11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md) | +| **CCIP Logger / CCIPTxReporter** | Cross-chain observability | Not drawn | CONTRACT_ADDRESSES_REFERENCE | +| **BridgeVault** | Multi-chain stable vault (cUSDT/cUSDC) | Sec. 1 hub + Sec. 3 L2 | CHAINS_AND_PROTOCOLS (Bridge Vault subsection) | +| **Li.Fi–related settlement** | MerchantSettlementRegistry / WithdrawalEscrow (`alltra-lifi`) | Sec. 1 hub settlement + Sec. 1 LEAF_ETH note | CONTRACT_ADDRESSES_REFERENCE, CHAINS_AND_PROTOCOLS (Li.Fi subsection) | +| **AlltraAdapter** | 138 ↔ 651940 | Yes | ADDRESS_MATRIX | +| **DODO PMM V2 (DVM)** | Pools + integration + provider | Yes | PMM_DEX_ROUTING_STATUS | +| **DODO v3 / D3MM** | Pilot oracle + vault + proxy + factory | Yes | CONTRACT_ADDRESSES_REFERENCE | +| **Uniswap v3 (upstream-native on 138)** | Factory, router, quoter, pools | Collapsed under “Uniswap v3 lane” | CONTRACT_ADDRESSES_REFERENCE | +| **Route executor adapters** | DODO V2/V3, UniV3, Balancer, Curve, 1inch → router-v2 | Collapsed under R2 / VEN | CONTRACT_ADDRESSES_REFERENCE | +| **Balancer / Curve / 1inch (pilot surfaces)** | Pilot-compatible venues on 138 | Yes | PMM_DEX_ROUTING_STATUS | +| **Phased core (UAR, GC, UCB, BO)** | Governance / bridge orchestration | Collapsed in CORE | ADDRESS_MATRIX governance / deterministic rows | +| **CREATE2Factory + deterministic deploys** | Salted deploys | Not drawn | ADDRESS_MATRIX governance / deterministic rows | +| **MirrorRegistry / AddressMapper / MirrorManager** | Mapping / mirrors | Sec. 3 stack diagram L4 | ADDRESS_MATRIX | +| **Payment / state channels** | PaymentChannelManager, GenericStateChannelManager | Sec. 3 stack L4 | ADDRESS_MATRIX | +| **RegulatedEntityRegistry / VaultFactory / Ledger / Liquidation / XAUOracle** | Vault stack | Sec. 3 stack L5 | ADDRESS_MATRIX | +| **ReserveSystem / ReserveTokenIntegration / PriceFeedKeeper** | Reserves + feeds | Sec. 3 stack L5 | ADDRESS_MATRIX | +| **Lockbox138** | Trustless receiver on 138 | Yes | PMM doc trustless section | +| **Ethereum trustless stack** | BondManager, ChallengeManager, Inbox, LP, SwapRouter, coordinator (mainnet) | Not drawn (138-only trustless emphasis) | DEPLOYED_CONTRACTS_OVERVIEW in smom-dbis-138 | +| **TransactionMirror** | Tx mirror contract | Not drawn | ADDRESS_MATRIX TransactionMirror row | +| **Truth / Tron / Solana adapters** | Non-EVM / pointer programs | Yes (partial) | CHAINS_AND_PROTOCOLS | +| **XDC Zero** | Parallel bridge program | Yes (separate) | Runbooks in repo | +| **Etherlink / Tezos** | Scaffold / gated | Yes (scaffold) | CHAINS_AND_PROTOCOLS | +| **OP Stack L2** | Design / future | Yes (design) | OP_STACK runbooks | +| **Wemix CCIP** | Pending destination | Yes | CONFIG_READY_CHAINS runbooks | +| **Cronos ISO-4217 W\*** (USDW, EURW, …) | Destination assets | Not drawn | DEPLOYED_COINS_TOKENS_AND_NETWORKS | +| **TRUU / optional Mainnet volatile PMM rail** | Separate Mainnet Truth liquidity and routing lane; not part of the default cW stable mesh | Sec. 6.1 only | [MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md](../03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md) | +| **HYDX / ALL 651940 DEX env** | Destination trading | Collapsed as HYDX / ALLTOK | DEPLOYED_TOKENS_BRIDGES | +| **Blockscout** | Explorer | Sec. 1 and 7 diagrams | E2E_ENDPOINTS_LIST | +| **Token-aggregation + PostgreSQL** | Indexing / quotes / bridge API | Sec. 1 and 7 | STATUS_AND_TOKEN_ROUTING | +| **MetaMask + Snaps + SDK** | Wallet | Sec. 1 and 7 | CHAINS_AND_PROTOCOLS MetaMask row | +| **Ledger (App-Ethereum) + Chainlist** | Hardware + chain discovery | **Not drawn** | CHAINS_AND_PROTOCOLS Ledger and Chainlist | +| **thirdweb (RPC / chain definition)** | Infra + bridge UX elsewhere | **Not drawn** | CHAINS_AND_PROTOCOLS thirdweb row | +| **ethers.js** | Client library | **Not drawn** | CHAINS_AND_PROTOCOLS ethers.js row | +| **Fireblocks RPC host** | Institutional RPC | **Not drawn** | E2E_ENDPOINTS_LIST | +| **x402 (HTTP payment protocol)** | API payment surface | Sec. 1 and 7 | `x402-api/`, verify scripts | +| **MCP PMM controller** | Operator AI tool | Sec. 1 and 7 | `ai-mcp-pmm-controller/` | +| **Wormhole docs / MCP** | Reference + tooling, **not** canonical 138 addresses | **Not in scope** for this map | [WORMHOLE_AI_RESOURCES_LLM_PLAYBOOK.md](../04-configuration/WORMHOLE_AI_RESOURCES_LLM_PLAYBOOK.md) | + +```mermaid +flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations not in Sec. 2–6 zoom figures"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +``` + +**Conclusion:** The diagrams are **not** an exhaustive bill of materials. For a full deployed contract list, use `config/smart-contracts-master.json` and `bash scripts/verify/check-contracts-on-chain-138.sh` together with [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md). diff --git a/docs/02-architecture/VMID_ALLOCATION_FINAL.md b/docs/02-architecture/VMID_ALLOCATION_FINAL.md index 3dd1ab7e..dca9504d 100644 --- a/docs/02-architecture/VMID_ALLOCATION_FINAL.md +++ b/docs/02-architecture/VMID_ALLOCATION_FINAL.md @@ -1,5 +1,7 @@ # Final VMID Allocation Plan +> Modern note: This allocation plan is still useful for range conventions, but some examples preserve migration-era RPC numbering. Use it for allocation intent, not as the live inventory. For the current fleet, verify against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `config/proxmox-operational-template.json`. + **Navigation:** [Home](/docs/01-getting-started/README.md) > [Architecture](/docs/01-getting-started/README.md) > VMID Allocation **Last Updated:** 2026-02-26 diff --git a/docs/03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md b/docs/03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md index 505bffa7..90a49262 100644 --- a/docs/03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md +++ b/docs/03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md @@ -1,6 +1,6 @@ # Add Liquidity to PMM Pools (Chain 138) — Runbook -> Historical note (2026-03-26): this runbook originated during the earlier three-pool PMM phase. Current canonical Chain 138 PMM addresses are `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-02): this runbook originated during the earlier three-pool PMM phase. Current canonical Chain 138 PMM addresses are `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. **Purpose:** Add base/quote liquidity to the three DODO PMM pools on Chain 138 (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC). @@ -38,9 +38,9 @@ Add or set in `smom-dbis-138/.env`: ```bash # Pool addresses (from PRE_DEPLOYMENT_CHECKLIST / create-all-pmm-pools-chain138.sh) -POOL_CUSDTCUSDC=0xff8d3b8fDF7B112759F076B69f4271D4209C0849 -POOL_CUSDTUSDT=0x6fc60DEDc92a2047062294488539992710b99D71 -POOL_CUSDCUSDC=0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263 +POOL_CUSDTCUSDC=0x9e89bAe009adf128782E19e8341996c596ac40dC +POOL_CUSDTUSDT=0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66 +POOL_CUSDCUSDC=0xc39B7D0F40838cbFb54649d327f49a6DAC964062 # Amounts in base units (6 decimals): 1M tokens = 1000000000000 ADD_LIQUIDITY_BASE_AMOUNT=1000000000000 diff --git a/docs/03-deployment/ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK.md b/docs/03-deployment/ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK.md new file mode 100644 index 00000000..7a7ab9bf --- /dev/null +++ b/docs/03-deployment/ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK.md @@ -0,0 +1,131 @@ +# All-Network Contract Verification And Publication Runbook + +**Last updated:** 2026-04-10 +**Scope:** Chain 138, Ethereum mainnet, and every cross-chain deployment currently tracked in the repo inventories. + +## Purpose + +This runbook defines the repo-standard meaning of **verified and published** for deployed contracts on all tracked networks. + +Use it together with: + +- [CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS](../11-references/CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md) +- [PUBLICATION_PACK_EXPLORER_STATUS](../11-references/PUBLICATION_PACK_EXPLORER_STATUS.md) +- [PUBLICATION_ACTIONABLE_BACKLOG](../11-references/PUBLICATION_ACTIONABLE_BACKLOG.md) +- `reports/status/contract_verification_publish_matrix.json` + +## Definition of done + +A deployment is only considered closed when all of the following are true: + +1. The contract address is present in the correct repo inventory. +2. The deployed runtime exists on the target chain. +3. Source code or equivalent explorer verification is completed on the target chain explorer. +4. The address is published in every required repo-facing surface: + - `config/smart-contracts-master.json` when canonical + - `cross-chain-pmm-lps/config/deployment-status.json` when part of PMM/cW rollout + - token list or mapping docs when user-facing + - deployment/status docs where operators rely on them + +## Chain 138 + +### Canonical verification + +Run from a host that can reach Blockscout and the Chain 138 RPC: + +```bash +bash scripts/verify/run-contract-verification-with-proxy.sh +bash scripts/verify/check-contracts-on-chain-138.sh +``` + +### DODO v3 / pilot verification + +```bash +bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh +``` + +### Publication + +After Blockscout verification completes: + +1. Confirm the address set in `config/smart-contracts-master.json` +2. Confirm the route/token/pool surfaces that depend on it +3. Regenerate the all-network matrix: + +```bash +node scripts/verify/generate-contract-verification-publish-matrix.mjs +``` + +## Other EVM chains + +The repo currently tracks cross-chain deployments and inventory on: + +- Ethereum mainnet (`1`) +- Optimism (`10`) +- Cronos (`25`) +- BSC (`56`) +- Gnosis (`100`) +- Polygon (`137`) +- Wemix (`1111`) +- Arbitrum (`42161`) +- Celo (`42220`) +- Avalanche (`43114`) +- Base (`8453`) + +### Required steps + +1. Open the chain explorer shown in the generated matrix. +2. Verify source or deployment metadata for repo-owned contracts. +3. If the address is an external anchor/reference venue, mark it as reference-only in operator notes rather than pretending the repo owns verification. +4. Regenerate the matrix and update the chain-specific runbook or token mapping if anything changed. + +### Ethereum mainnet historical-source example + +`DODOPMMIntegration (Mainnet)` at `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` was closed on 2026-04-11 by verifying against the historical `smom-dbis-138` source snapshot that actually matches the deployed bytecode, not current HEAD. Keep the provenance note in [ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md](ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md) with the matching commit, constructor arguments, and create transaction. Explorer-side public name tags remain a manual Etherscan account workflow after source verification passes. + +### Requested publication packs + +For the current execution pass, the requested packs are: + +- Ethereum mainnet +- Optimism +- BSC +- Polygon +- Base + +Use the generated artifacts to distinguish what is actually closable from the repo: + +```bash +ETHERSCAN_API_KEY=... node scripts/verify/check-publication-pack-explorer-status.mjs +node scripts/verify/generate-publication-actionable-backlog.mjs +``` + +Closure rule for these five packs: + +1. **Auto-submittable backlog empty** in `PUBLICATION_ACTIONABLE_BACKLOG.md` means the repo-owned automatic submission pass is complete. +2. Remaining `manual-or-external` rows are not honest candidates for automatic closure until source provenance or explorer ownership is established. +3. `inventory-only` and `reference-only` rows must stay aligned in repo inventories, but should not be misrepresented as repo-owned verification work. + +## ALL Mainnet / non-EVM adjacent inventories + +Not every tracked address lands on a conventional EVM verification path. + +- `651940` (ALL Mainnet) still needs publication and documentation closure even where explorer verification is manual or non-standard. +- Non-EVM reference inventories should still be published consistently in the repo, even when source verification uses a different platform. + +## Canonical inventory refresh + +Regenerate the repo-wide matrix after any deployment or publication sweep: + +```bash +node scripts/verify/generate-contract-verification-publish-matrix.mjs +``` + +This writes: + +- `reports/status/contract_verification_publish_matrix.json` +- `docs/11-references/CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md` + +## Honest limits + +This runbook improves closure and removes ambiguity, but it does not magically invent missing constructor arguments, compiler settings, or third-party explorer API credentials. Where those are missing, the matrix should remain **pending** until the source bundle is assembled and the publication step is actually completed. diff --git a/docs/03-deployment/AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md b/docs/03-deployment/AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md new file mode 100644 index 00000000..173c8b63 --- /dev/null +++ b/docs/03-deployment/AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md @@ -0,0 +1,106 @@ +# AUSDT (ALL Mainnet) -> cWAUSDT -> cAUSDT — Practical Checklist + +**Status:** `cAUSDT` is live on Chain 138, BSC / Polygon / Avalanche / Celo `cWAUSDT` mirrors are deployed and bridge-wired, and the GRU transport lane is now active in repo config. Public edge PMM pools remain a separate rollout. +**Primary source token:** [ALL_MAINNET_TOKEN_ADDRESSES.md](../11-references/ALL_MAINNET_TOKEN_ADDRESSES.md) + +--- + +## 1. Pin the ALL Mainnet origin token (done in repo) + +The source-of-truth object is now `config/token-mapping-multichain.json -> alltraAusdtOrigin`. + +| Chain | Role | Address | +|-------|------|---------| +| 651940 | Native ALL Mainnet `AUSDT` origin | `0x015B1897Ed5279930bC2Be46F661894d219292A6` | +| 56 | Existing `cWAUSDT` bridge mirror | `0xe1a51Bc037a79AB36767561B147eb41780124934` | +| 43114 | Existing `cWAUSDT` bridge mirror | `0xff3084410A732231472Ee9f93F5855dA89CC5254` | +| 137 | Polygon `cWAUSDT` bridge mirror | `0xf12e262F85107df26741726b074606CaFa24AAe7` | +| 42220 | Celo `cWAUSDT` bridge mirror | `0xC158b6cD3A3088C52F797D41f5Aa02825361629e` | + +**Important distinction:** unlike the USDW path, this corridor originates on **ALL Mainnet**. Public-chain `cWAUSDT` is treated as a **bridge mirror / transport token**, not as a native-public collateral wrapper. + +--- + +## 2. Reuse existing cWAUSDT where available (done in repo) + +| Chain | `cWAUSDT` status | Use for GRU transport? | +|-------|------------------|------------------------| +| BSC 56 | Already deployed | **Yes** — reuse for the planned `cAUSDT` corridor | +| Avalanche 43114 | Already deployed | **Yes** — reuse for the planned `cAUSDT` corridor | +| Polygon 137 | Deployed | **Yes** — live `cWAUSDT` mirror for the AUSDT corridor | +| Celo 42220 | Deployed | **Yes** — live `cWAUSDT` mirror for the AUSDT corridor | + +Do **not** redeploy BSC/Avalanche `cWAUSDT` unless you are intentionally splitting bridge supply from GRU transport supply. + +--- + +## 3. Repo mapping now in place + +The following are now wired: + +- `config/token-mapping-multichain.json` + - `cToCwSymbolMapping.cAUSDT = cWAUSDT` + - `alltraAusdtOrigin` source object + - `Compliant_AUSDT_cW` route rows for: + - `138 -> 56` + - `138 -> 137` + - `138 -> 43114` + - `138 -> 42220` +- `smom-dbis-138/services/token-aggregation/src/config/canonical-tokens.ts` + - env-gated `cAUSDT` on Chain 138 + - public-edge `cWAUSDT` surfacing on BSC, Polygon, Avalanche, and Celo via fallback addresses + +--- + +## 4. Live deployment completed + +1. Deployed **`cAUSDT`** on Chain 138 at `0x5fdDF65733e3d590463F68f93Cf16E8c04081271`. +2. Registered `cAUSDT` in the Universal Asset Registry on Chain 138. +3. Deployed Polygon **`cWAUSDT`** at `0xf12e262F85107df26741726b074606CaFa24AAe7`. +4. Set: + - `CAUSDT_ADDRESS_138` + - `CWAUSDT_ADDRESS_137` + - `alltraAusdtOrigin.chains.137.cwAusdtBridgeMirror` + - `Compliant_AUSDT_cW.addressTo` for `138 -> 137` +5. Granted bridge mint/burn roles on BSC, Polygon, Avalanche, and Celo `cWAUSDT`. +6. Activated the bridge-live GRU transport config for `cAUSDT -> cWAUSDT` on BSC, Polygon, Avalanche, and Celo. + +--- + +## 5. Activation gate + +The lane is now active in `config/gru-transport-active.json` because all of the following are true: + +1. `cAUSDT` is actually deployed on Chain 138. +2. Each intended destination `cWAUSDT` token is deployed and recorded. +3. Mint/burn roles are wired to the bridge surfaces. +4. Outstanding limits / reserve checks are defined for the new corridor. +5. `bash scripts/validation/validate-config-files.sh` passes after the address updates. +6. Public edge PMM pools remain optional and are still inactive until separately deployed. + +--- + +## 6. Env surface + +The templates now expose: + +- `AUSDT_ADDRESS_651940` +- `CAUSDT_ADDRESS_138` +- `CWAUSDT_ADDRESS_56` +- `CWAUSDT_ADDRESS_137` +- `CWAUSDT_ADDRESS_43114` +- `CWAUSDT_ADDRESS_42220` + +These are documented in: + +- `.env.master.example` +- `smom-dbis-138/env.additions.example` +- `smom-dbis-138/services/token-aggregation/.env.example` + +--- + +## Related + +- `docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md` +- `docs/11-references/TOKEN_CATEGORIES_CANONICAL.md` +- `cross-chain-pmm-lps/config/deployment-status.json` diff --git a/docs/03-deployment/CHAIN138_EOA_NONCE_RECOVERY_AND_CANCELLATION.md b/docs/03-deployment/CHAIN138_EOA_NONCE_RECOVERY_AND_CANCELLATION.md new file mode 100644 index 00000000..4174bd74 --- /dev/null +++ b/docs/03-deployment/CHAIN138_EOA_NONCE_RECOVERY_AND_CANCELLATION.md @@ -0,0 +1,151 @@ +# Chain 138 EOA Nonce Recovery And Cancellation + +This note captures the two operator paths for a Chain 138 EOA whose transactions are stuck in Besu txpool state. + +Context from the live investigation: + +- EOA: `0xB2dEA0e264ddfFf91057A3415112e57A1a5Eac14` +- Public Blockscout and public RPC did not know about the originally tested hash `0x14d7259e6e75bbcd8979dc9e19f3001b0f328bbcdb730937f8cc2e6a52f26da6` +- VMID `2103` did show pending transactions from that EOA +- VMID `2201` only partially saw those pending transactions +- The account had enough balance and peers were healthy +- The main blocker was nonce continuity, not balance or gas + +## What We Found + +- On-chain account state stayed low: + - `latest = 0x1` + - `pending = 0x1` +- But VMID `2103` was holding future pending transactions from the EOA at: + - nonce `0x3` + - nonce `0x4` + - nonce `0x7` + - nonce `0x8` +- That means at least these nonce gaps were missing: + - `1` + - `2` + - `5` + - `6` +- Because of that, later transactions could not execute. +- There was also mempool divergence: + - `2103` had more local pending transactions than `2201` + - some attempts were only visible on `2103` + +## Important Interpretation + +This looked less like "persistent on-chain nonces are broken" and more like: + +1. the EOA had a broken pending sequence +2. later transactions were stuck behind missing nonce gaps +3. some pending transactions persisted only in a local node view + +That creates two different recovery strategies. + +## Option 1: Complete The Queued Attempts + +Use this when the owner still wants the old deployment or transaction attempts to go through. + +Script: + +- [`recover-chain138-eoa-nonce-gaps.sh`](/home/intlc/projects/proxmox/scripts/deployment/recover-chain138-eoa-nonce-gaps.sh) + +What it does: + +1. derives the owner address from the private key +2. reads `latest` nonce plus `txpool_besuPendingTransactions` +3. detects nonce gaps between the mined nonce and the highest pending nonce +4. in `--apply` mode, sends `0`-value self-transfers to fill those missing nonces + +Dry-run example: + +```bash +PRIVATE_KEY=0x... \ +bash /home/intlc/projects/proxmox/scripts/deployment/recover-chain138-eoa-nonce-gaps.sh \ + --rpc http://192.168.11.217:8545 +``` + +Apply example: + +```bash +PRIVATE_KEY=0x... \ +bash /home/intlc/projects/proxmox/scripts/deployment/recover-chain138-eoa-nonce-gaps.sh \ + --rpc http://192.168.11.217:8545 \ + --apply +``` + +Expected behavior for this specific EOA: + +- it should detect the missing nonce chain before the future pending transactions +- after the gaps are filled, the later queued attempts may start executing + +Risk: + +- if the owner no longer wants the old transactions to execute, this is the wrong tool +- filling the gaps may allow older deployment attempts to mine immediately + +## Option 2: Cancel The Whole Queued Nonce Range + +Use this when the owner does **not** want the old attempts to execute and wants to invalidate the full queued sequence. + +Script: + +- [`cancel-chain138-eoa-nonce-range.sh`](/home/intlc/projects/proxmox/scripts/deployment/cancel-chain138-eoa-nonce-range.sh) + +What it does: + +1. derives the owner address from the private key +2. reads owner pending txs from `txpool_besuPendingTransactions` +3. plans a cancel range from `--from-nonce` to `--to-nonce` +4. in `--apply` mode, sends `0`-value self-transfers at each nonce in that range + +Dry-run example: + +```bash +PRIVATE_KEY=0x... \ +bash /home/intlc/projects/proxmox/scripts/deployment/cancel-chain138-eoa-nonce-range.sh \ + --rpc http://192.168.11.217:8545 \ + --from-nonce 1 \ + --to-nonce 8 +``` + +Apply example: + +```bash +PRIVATE_KEY=0x... \ +bash /home/intlc/projects/proxmox/scripts/deployment/cancel-chain138-eoa-nonce-range.sh \ + --rpc http://192.168.11.217:8545 \ + --from-nonce 1 \ + --to-nonce 8 \ + --apply +``` + +Why this is often safer: + +- it cancels the queued window intentionally +- it avoids accidentally reviving old deployment attempts +- it gives the owner a clean path to restart from a known nonce state later + +## Recommended Decision Rule + +Use the nonce-gap recovery script when: + +- the owner still wants the existing pending attempts to complete +- the queued deployment attempts are still intended + +Use the cancel-range script when: + +- the owner is unsure what those old attempts will do +- the owner does not want old queued deployments to suddenly execute +- the goal is to reset and start fresh + +## Practical Summary + +For the investigated EOA, the safer default is: + +1. run the cancel-range script in dry-run mode +2. confirm the nonce range to neutralize +3. if correct, run with `--apply` +4. verify the queue is cleared +5. only then submit fresh intended transactions + +If the owner explicitly wants the old attempts to continue, use the gap-filler instead. diff --git a/docs/03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md b/docs/03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md new file mode 100644 index 00000000..e42fc84b --- /dev/null +++ b/docs/03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md @@ -0,0 +1,193 @@ +# Chain 138 ETH / WETH Oracle, Peg, and Liquidity Plan + +**Last Updated:** 2026-04-07 +**Purpose:** Add the missing ETH-priced market-data, peg, and liquidity work needed so `ETH`, `WETH9`, and `WETH10` are first-class execution and pricing surfaces in the Chain 138 and GRU v2 rollout. + +--- + +## 1. Why this work is required + +- `ETH` has an economic value on Chain 138 and should be treated as a visible market reference asset, not only as transport collateral. +- `WETH9` and `WETH10` should share the same real-time value reference as `ETH` unless an explicit wrapper premium/discount policy is documented. +- The current repo already uses an `ETH/USD` oracle surface for routing and D3MM, but the completion program still needs: + - explicit real-time feed policy + - explicit peg-control policy + - explicit liquidity depth targets + - explicit pool inventory for `ETH` / `WETH` + +This plan makes those requirements concrete without claiming they are already fully live. + +--- + +## 2. Completion target + +For completion, Chain 138 should truthfully support all of the following: + +1. `ETH`, `WETH9`, and `WETH10` all have current price visibility from approved oracle sources. +2. `WETH9` and `WETH10` are monitored against `ETH` with a very tight wrapper-peg threshold. +3. The routing layer can surface `ETH` / `WETH` pricing and liquidity publicly. +4. The canonical Chain 138 pool inventory includes enough `ETH` / `WETH` depth to make the market feed meaningful rather than cosmetic. +5. The peg-management and automation layer can detect and respond to wrapper divergence before the market degrades. + +--- + +## 3. Ordered execution plan + +### Phase 1. Freeze the oracle truth surface + +1. Freeze the approved Chain 138 price-feed inventory for: + - `ETH/USD` + - `WETH9/USD` + - `WETH10/USD` +2. Document whether `WETH9` and `WETH10` both inherit the canonical `ETH/USD` reference or whether they have wrapper-specific derived feeds. +3. Confirm the live addresses and metadata surfaces in: + - `config/smart-contracts-master.json` + - public status docs + - verifier scripts +4. Remove any ambiguity between production feeds and bootstrap/mock feeds. + +### Phase 2. Define the wrapper-peg policy + +5. Add an explicit peg policy for: + - `ETH <-> WETH9` + - `ETH <-> WETH10` + - `WETH9 <-> WETH10` +6. Treat `0.00001` as the maximum tolerated wrapper deviation target unless governance intentionally changes it. +7. Record the policy in docs as: + - target deviation + - warning threshold + - intervention threshold + - cooldown / circuit-break behavior +8. Hook the wrapper-peg policy into the existing peg-management surfaces where appropriate: + - `StablecoinPegManager` + - `CommodityPegManager` + - keeper/oracle automation + +### Phase 3. Make the market feed public and operator-visible + +9. Ensure the public routing/status surfaces show live `ETH`, `WETH9`, and `WETH10` pricing inputs. +10. Ensure the explorer or token-aggregation publication layer can show: + - active oracle source + - latest reference price + - venue-backed market price + - divergence between oracle and venue +11. Add a dedicated verifier or extend an existing verifier to report: + - oracle freshness + - wrapper parity + - pool depth + - route visibility + +### Phase 4. Complete the Chain 138 liquidity base + +12. Add the missing Chain 138 pool inventory required for meaningful `ETH` / `WETH` price discovery. +13. Prioritize these pool families first: + - `cUSDT / WETH` + - `cUSDC / WETH` + - `USDT / WETH` + - `USDC / WETH` +14. Then extend into the broader GRU mesh: + - `c* / WETH` for the 12-token compliant set + - optional `c* / ETH` presentation surfaces where the execution token is still `WETH` +15. Keep pool creation aligned with the full-mesh plan in `PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md`. + +### Phase 5. Fund for depth, not just existence + +16. Define minimum launch depth for the first `ETH` / `WETH` anchor pools. +17. Fund both sides deeply enough that the public quote path is a real market signal. +18. Publish the target inventory bands for: + - base inventory + - quote inventory + - rebalance thresholds +19. Add operator checks so low-depth pools do not get reported as healthy pricing venues. + +### Phase 6. Promote into D3MM and router policy + +20. Keep the current `WETH10 <-> USDT` D3MM lane healthy and verified. +21. Extend D3MM or the canonical venue policy so `ETH` / `WETH` pricing is not dependent on a single pilot lane. +22. Decide which of these become canonical execution venues: + - D3MM + - DODO PMM + - Uniswap v3 + - Balancer + - Curve 3 + - 1inch as an overlay only +23. Update route-matrix and planner visibility once those venues are approved. + +### Phase 7. Automation and peg defense + +24. Add or extend automation to monitor: + - oracle freshness + - `ETH` vs `WETH9` + - `ETH` vs `WETH10` + - `WETH9` vs `WETH10` + - market depth and spread +25. Trigger alerts when the wrapper deviation exceeds the `0.00001` target band. +26. Define the operator response ladder: + - add liquidity + - rebalance inventory + - pause route exposure + - pause venue exposure if needed + +### Phase 8. Public proof and documentation + +27. Update the canonical status docs once oracle + peg + liquidity are actually live. +28. Keep the following docs aligned with the live state: + - `docs/11-references/PMM_DEX_ROUTING_STATUS.md` + - `docs/11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md` + - `docs/00-meta/GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md` +29. Do not call the ETH/WETH market surface complete until: + - oracle feeds are live + - pools exist + - pools are funded + - route visibility is live + - peg checks are green + +--- + +## 4. Priority pool list + +The first required Chain 138 price-anchor pools should be treated as a completion gate: + +- `cUSDT / WETH` +- `cUSDC / WETH` +- `USDT / WETH` +- `USDC / WETH` +- `WETH9 / WETH10` visibility or parity-monitor surface + +Then expand to: + +- `cEURC / WETH` +- `cEURT / WETH` +- `cGBPC / WETH` +- `cGBPT / WETH` +- `cAUDC / WETH` +- `cJPYC / WETH` +- `cCHFC / WETH` +- `cCADC / WETH` +- `cXAUC / WETH` +- `cXAUT / WETH` + +--- + +## 5. Verifier expectations + +Completion should be tested with a verifier surface that proves: + +- bytecode exists for the oracle and venue contracts +- the live feed is not a bootstrap/mock feed +- `WETH9` and `WETH10` resolve to the approved ETH value policy +- the anchor pools are funded +- the planner and public routing layer expose the `ETH` / `WETH` lanes +- the peg stays inside the configured `0.00001` target band + +--- + +## 6. Boundary + +This plan does not mean that Chain 138 already has: + +- fully real-time public ETH/WETH market publication +- fully funded `ETH` / `WETH` anchor depth across all required pools +- fully automated wrapper-peg defense at the `0.00001` target + +It means the repo now has an explicit ordered completion path for that work. diff --git a/docs/03-deployment/CHAIN138_UNISWAP_V3_UPSTREAM_NATIVE_RUNBOOK.md b/docs/03-deployment/CHAIN138_UNISWAP_V3_UPSTREAM_NATIVE_RUNBOOK.md new file mode 100644 index 00000000..565dbc4d --- /dev/null +++ b/docs/03-deployment/CHAIN138_UNISWAP_V3_UPSTREAM_NATIVE_RUNBOOK.md @@ -0,0 +1,156 @@ +# Chain 138 Uniswap V3 Upstream-Native Deployment & Cutover Runbook + +**Purpose:** Record the upstream-native Uniswap v3 deployment on Chain 138, the corrected fee-500 canonical pool seeding, and the public planner cutover from the earlier pilot-compatible venue. + +**Status:** Deployed, correctly re-seeded, and cut over on Chain 138. +**Current live state:** Chain 138 now routes the canonical public `WETH -> USDT` lane through the upstream-native Uniswap v3 router `0xde9cD8ee2811E6E64a41D5F68Be315d33995975E`, QuoterV2 `0x6abbB1CEb2468e748a03A00CD6aA9BFE893AFa1f`, and canonical fee-500 pool `0xa893add35aEfe6A6d858EB01828bE4592f12C9F5`. The older pilot router `0xD164D9cCfAcf5D9F91698f296aE0cd245D964384` remains deployed only as a superseded fallback surface. + +--- + +## 1. Current baseline + +- **Live today:** `EnhancedSwapRouterV2` plus the canonical upstream-native `Uniswap_v3` lane and the funded pilot-compatible `Balancer`, `Curve_3`, and `1inch` venues is public and healthy. +- **Cutover is already complete:** keep `UNISWAP_V3_ROUTER` and `UNISWAP_QUOTER_ADDRESS` pointed at the native router/quoter unless you are deliberately rolling back. +- **Verification for current live state:** `bash scripts/verify/check-chain138-pilot-dex-venues.sh` + +--- + +## 2. Local source trees + +Use the official upstream repos: + +- `v3-core` at `/home/intlc/projects/uniswap-v3-core` +- `v3-periphery` at `/home/intlc/projects/uniswap-v3-periphery` + +Bootstrap or refresh them with: + +```bash +bash scripts/deployment/prepare-chain138-uniswap-v3-upstream-worktree.sh +``` + +--- + +## 3. Preflight + +Run the readiness check before and after deployment work: + +```bash +bash scripts/verify/check-chain138-uniswap-v3-upstream-native-readiness.sh +``` + +This verifies: + +1. The upstream core/periphery worktrees exist locally. +2. The target RPC really points at Chain 138. +3. The deployer has native gas and baseline token balances. +4. Any deployed native Uniswap v3 addresses actually have bytecode. +5. The native QuoterV2 returns non-zero quotes for both seeded canonical pools. +6. The public planner’s current baseline lane still resolves through the live pilot path until cutover. + +--- + +## 4. Env surface + +Canonical upstream-native env surface: + +```bash +CHAIN138_UNISWAP_V3_NATIVE_CORE_REPO=/home/intlc/projects/uniswap-v3-core +CHAIN138_UNISWAP_V3_NATIVE_PERIPHERY_REPO=/home/intlc/projects/uniswap-v3-periphery +CHAIN138_UNISWAP_V3_NATIVE_FACTORY=0x2f7219276e3ce367dB9ec74C1196a8ecEe67841C +CHAIN138_UNISWAP_V3_NATIVE_NFT_DESCRIPTOR_LIBRARY=0x6F5fdE32DD2aC66B27e296EC9D6F4E79A3dE2947 +CHAIN138_UNISWAP_V3_NATIVE_TOKEN_DESCRIPTOR=0xca66DCAC4633555033F6fDDBE4234B6913c7ff51 +CHAIN138_UNISWAP_V3_NATIVE_POSITION_MANAGER=0x31b68BE5af4Df565Ce261dfe53D529005D947B48 +CHAIN138_UNISWAP_V3_NATIVE_SWAP_ROUTER=0xde9cD8ee2811E6E64a41D5F68Be315d33995975E +CHAIN138_UNISWAP_V3_NATIVE_QUOTER_V2=0x6abbB1CEb2468e748a03A00CD6aA9BFE893AFa1f +CHAIN138_UNISWAP_V3_NATIVE_WETH_USDT_POOL=0xa893add35aEfe6A6d858EB01828bE4592f12C9F5 +CHAIN138_UNISWAP_V3_NATIVE_WETH_USDC_POOL=0xEC745bfb6b3cd32f102d594E5F432d8d85B19391 +CHAIN138_UNISWAP_V3_NATIVE_FEE_TIER=500 +CHAIN138_NATIVE_GAS_PRICE=1000 +CHAIN138_NATIVE_DEPLOY_GAS_LIMIT=12000000 +CHAIN138_NATIVE_POOL_TX_GAS_LIMIT=12000000 +``` + +Live publication vars now point at the native public path: + +```bash +UNISWAP_V3_ROUTER=0xde9cD8ee2811E6E64a41D5F68Be315d33995975E +UNISWAP_QUOTER_ADDRESS=0x6abbB1CEb2468e748a03A00CD6aA9BFE893AFa1f +UNISWAP_V3_WETH_USDT_POOL=0xa893add35aEfe6A6d858EB01828bE4592f12C9F5 +UNISWAP_V3_WETH_USDC_POOL=0xEC745bfb6b3cd32f102d594E5F432d8d85B19391 +UNISWAP_V3_WETH_USDT_FEE=500 +UNISWAP_V3_WETH_USDC_FEE=500 +``` + +--- + +## 5. Deployment order + +### Phase A — upstream-native core/periphery contracts + +The upstream-native Uniswap v3 stack deployed on Chain 138 as: + +1. `UniswapV3Factory` `0x2f7219276e3ce367dB9ec74C1196a8ecEe67841C` +2. `NFTDescriptor` `0x6F5fdE32DD2aC66B27e296EC9D6F4E79A3dE2947` +3. `NonfungibleTokenPositionDescriptor` `0xca66DCAC4633555033F6fDDBE4234B6913c7ff51` +4. `NonfungiblePositionManager` `0x31b68BE5af4Df565Ce261dfe53D529005D947B48` +5. `SwapRouter` `0xde9cD8ee2811E6E64a41D5F68Be315d33995975E` +6. `QuoterV2` `0x6abbB1CEb2468e748a03A00CD6aA9BFE893AFa1f` + +**Chain 138 note:** wrapped native asset `WETH` already exists at `0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2`. Do not confuse this with the separate `CCIPWETH9Bridge` / `CCIPWETH10Bridge` transport addresses. + +### Phase B — canonical pools + +Created and seeded: + +1. `WETH / USDT` at `0xa893add35aEfe6A6d858EB01828bE4592f12C9F5` with `~50 WETH` and `105,830 USDT` +2. `WETH / USDC` at `0xEC745bfb6b3cd32f102d594E5F432d8d85B19391` with `~50 WETH` and `105,830 USDC` + +Fee tier: `500`. Native `QuoterV2` returns non-zero quotes for both canonical pools (`0.1 WETH -> 211.132116 USDT/USDC` at the time of cutover). + +**Historical note:** the earlier fee-3000 bootstrap pools `0x97eB...` and `0xfc62...` are preserved only as deployment artifacts from the first native seeding pass, which used incorrect decimal/price initialization. Do not treat them as canonical after the corrected fee-500 cutover. + +### Phase C — publication cutover + +Completed: + +1. `CHAIN138_UNISWAP_V3_NATIVE_*` vars now point at the native addresses above. +2. The public `UNISWAP_V3_ROUTER` / `UNISWAP_QUOTER_ADDRESS` surface now points at the native router/quoter. +3. Token-aggregation on CT 5000 was redeployed and restarted on 2026-04-03. +4. The public `/token-aggregation/api/v2` planner now resolves the canonical `WETH -> USDT` lane through target `0xde9...` with fee `500`. + +--- + +## 6. Funding checklist + +Minimum practical funding requirements: + +- native ETH for deployment gas +- `WETH` for both native pools +- `USDT` for `WETH / USDT` +- `USDC` for `WETH / USDC` + +**This blocker is cleared:** deployer official `USDC` was funded and the native `WETH / USDC` pool is now seeded. + +--- + +## 7. Cutover criteria + +Keep the native cutover healthy by asserting all of the following: + +1. Upstream-native factory/router/quoter/position manager all have bytecode on Chain 138. +2. Both native pools exist and are seeded with non-zero reserves. +3. Native `QuoterV2` returns non-zero quotes for `WETH -> USDT` and `WETH -> USDC`. +4. Public planner can resolve `WETH -> USDT` and `USDT -> WETH` using the native target. +5. Internal execution plans emit router-v2 calldata against the native router target. +6. `bash scripts/verify/check-chain138-pilot-dex-venues.sh` passes after any funding, publication, or inventory change. + +--- + +## 8. Related files + +- [DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md](../11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md) +- [PMM_DEX_ROUTING_STATUS.md](../11-references/PMM_DEX_ROUTING_STATUS.md) +- [CONTRACT_DEPLOYMENT_RUNBOOK.md](CONTRACT_DEPLOYMENT_RUNBOOK.md) +- [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) +- [check-chain138-pilot-dex-venues.sh](/home/intlc/projects/proxmox/scripts/verify/check-chain138-pilot-dex-venues.sh) +- [check-chain138-uniswap-v3-upstream-native-readiness.sh](/home/intlc/projects/proxmox/scripts/verify/check-chain138-uniswap-v3-upstream-native-readiness.sh) diff --git a/docs/03-deployment/CHAIN138_XAU_POOL_STATUS_AND_PUBLIC_CREATION_PATH.md b/docs/03-deployment/CHAIN138_XAU_POOL_STATUS_AND_PUBLIC_CREATION_PATH.md index f3ff11b8..f5d537a4 100644 --- a/docs/03-deployment/CHAIN138_XAU_POOL_STATUS_AND_PUBLIC_CREATION_PATH.md +++ b/docs/03-deployment/CHAIN138_XAU_POOL_STATUS_AND_PUBLIC_CREATION_PATH.md @@ -3,6 +3,8 @@ **Date:** 2026-03-26 **Scope:** Verify live private and public XAU pools on Chain 138 and record the exact creation/funding path used. +> Historical note (2026-04-02): the public XAU pools documented here remain live on the older PMM phase. The canonical April 2026 stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`; do not overwrite the XAU-specific addresses below unless you are explicitly migrating those pools. The older `0x5BDc...` integration documented here should not be used by the explorer fallback, token-aggregation, or stable-pool routing. + ## Current live state ### Private XAU pools: live on-chain now diff --git a/docs/03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md b/docs/03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md index c93a580b..9b58ef0b 100644 --- a/docs/03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md +++ b/docs/03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md @@ -1,6 +1,6 @@ # Chain 138 + XDC Zero Endpoint (XDC Network mainnet RPC + optional testnet) -**Last updated:** 2026-03-31 +**Last updated:** 2026-04-01 **Purpose:** Register **DBIS Chain 138** as an additional peer in the [XDC-Zero](https://github.com/XinFinOrg/XDC-Zero) pattern while keeping **stock XDC-CSC + XDC-Relayer** semantics: reuse `IFullCheckpoint.getRoots` and a **dedicated second** relayer/oracle process for the **parent ↔ 138** pair. **Do not** repoint or tear down an existing XDC **subnet ↔ parent** relayer. **XDC mainnet:** Use **XDC Network** JSON-RPC — default `https://rpc.xinfin.network` (chain id **0x32 / 50**). This is **not** Ethereum mainnet RPC (`ETHEREUM_MAINNET_RPC` is unrelated to the XDC-Relayer parent URL). @@ -17,10 +17,12 @@ | Profile | Set `PARENTNET_URL` / `XDC_PARENTNET_URL` to | Notes | |---------|-----------------------------------------------|--------| | **XDC mainnet (default)** | `https://rpc.xinfin.network` | Official XDC Network HTTP JSON-RPC. Production: fund relayer with **XDC** for CSC txs. Alternate enterprise mirror OK if XinFin-approved. | -| **Apothem (testnet)** | `https://rpc.apothem.network` | Lower risk for spikes; not mainnet. | +| **Apothem (testnet)** | `https://rpc.apothem.network` | Chain id **51** (`0x33`). Lower risk for spikes; not mainnet. | | **Devnet shortcuts** | `devnet` / `testnet` strings | XDC-Zero `cicd` maps these to Apothem-style URLs — confirm before production. | -**Chain 138:** Prefer LAN deploy RPC (`RPC_URL_138` from project dotenv, e.g. Core Besu). For monitoring from outside LAN, use a controlled public RPC (e.g. `rpc-http-pub.d-bis.org`) if policy allows. +**XDC reference (operators):** Native gas token is **XDC** (not ETH). [Chainlist — XDC mainnet (50)](https://chainid.network/chain/50/) lists additional RPC mirrors (`erpc.xinfin.network`, `rpc1.xinfin.network`, community providers). Explorers: [xdcscan.com](https://xdcscan.com), [xdcscan.io](https://xdcscan.io). Network hub: [xinfin.org](https://xinfin.org). + +**Chain 138:** Split the RPC roles clearly. Use Core Besu at `http://192.168.11.211:8545` for **operator-only** deploy and proof-sensitive work (`RPC_URL_138`). Use the public HTTPS FQDN `https://rpc-http-pub.d-bis.org` for **external services and long-running relayers** (`SUBNET_URL` in XDC-Relayer). Do not point external services at the Core node. **Other public mainnets (Ethereum, BSC, etc.):** They are **not** part of stock XDC-Relayer. This runbook does not mix them into one relayer process. If you later add **separate** Zero-style pairs (e.g. 138 ↔ Ethereum), treat each as **another** two-URL relayer/CSC stack and document it independently. Repo dotenv already supports `ETHEREUM_MAINNET_RPC` etc. for **verification** and CCIP workflows — use [`xdc-zero-chain138-preflight.sh`](../../scripts/verify/xdc-zero-chain138-preflight.sh) optional checks. @@ -50,7 +52,7 @@ then the same command without `--dry-run` (backs up the file). Or pass the file explicitly: `bash scripts/xdc-zero/merge-endpointconfig-chain138.sh /path/to/endpointconfig.json --dry-run`. Replace placeholder addresses in [`config/xdc-zero/`](../../config/xdc-zero/) (or edit merged JSON) after CSC/Endpoint deploy. **Do not** run `endpointandregisterchain.js` unmodified after manual merge — it overwrites JSON for two networks only. 5. **Register chains:** Owner calls `registerChain` on parent and on 138. 6. **Apps:** Deploy SUA/RUA (or Subswap) on both sides; fill `applications`; run `registerapplications.js` (or multisig) on **both** chains. -7. **Operate second relayer:** Env from [`config/xdc-zero/xdc-zero-chain138-pair.example.env`](../../config/xdc-zero/xdc-zero-chain138-pair.example.env); point `CHECKPOINT_CONTRACT` / `REVERSE_CHECKPOINT_CONTRACT` at the **new** CSCs only. +7. **Operate second relayer:** Start from [`config/xdc-zero/xdc-zero-chain138-pair.example.env`](../../config/xdc-zero/xdc-zero-chain138-pair.example.env) for operator values and chain selection. If running under systemd, materialize those values into [`config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults`](../../config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults) for `/etc/default/xdc-zero-relayer-138-pair`; use [`config/xdc-zero/xdc-relayer.dotenv.example`](../../config/xdc-zero/xdc-relayer.dotenv.example) only for a clone-local relayer `.env`. For the relayer itself, set `SUBNET_URL=https://rpc-http-pub.d-bis.org`; reserve `RPC_URL_138=http://192.168.11.211:8545` for operator-only deploy/proof tasks. Point `CHECKPOINT_CONTRACT` / `REVERSE_CHECKPOINT_CONTRACT` at the **new** CSCs only. 8. **E2E:** Send/receive one packet with real proofs; monitor `getRoots` lag. --- @@ -70,7 +72,29 @@ If **XDC subnet** apps must talk to **138** directly (not via parent), you need --- -## 6. References +## 6. Completion checklist (repo automation) + +| Step | Command / artifact | +|------|---------------------| +| Full sequence (printed) | `bash scripts/xdc-zero/run-xdc-zero-138-operator-sequence.sh` | +| RPC | `bash scripts/verify/xdc-zero-chain138-preflight.sh` (also prints deployer balances when `PRIVATE_KEY` is available; parent deploy/register stays blocked until the deployer has native XDC on XDC mainnet) | +| Config JSON | `bash scripts/validation/validate-xdc-zero-config.sh` (also in `validate-config-files.sh`) | +| Build relayer | `bash scripts/xdc-zero/clone-and-build-xdc-relayer.sh` → `node dist/server.js` + Redis + [`xdc-relayer.dotenv.example`](../../config/xdc-zero/xdc-relayer.dotenv.example) for clone-local `.env`, or [`xdc-zero-relayer-138-pair.example.defaults`](../../config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults) for `/etc/default` under systemd | +| Deploy Endpoint on 138 | `XDC_ZERO_REPO=~/projects/XDC-Zero bash scripts/xdc-zero/deploy-endpoint-chain138.sh` (`--dry-run` first). If Hardhat hangs, rerun with `--manual`; see [CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md](CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md). Record the landed stack in `config/xdc-zero/deployed/endpoint-chain138.env`. | +| Spike CSC (lab only) | `bash scripts/xdc-zero/cast-deploy-simplecsc-chain138.sh` | +| Addresses → fragments | `bash scripts/xdc-zero/set-fragment-addresses.sh` → writes `config/xdc-zero/deployed/*.json`. If only the Chain 138 side is live so far, use `ENDPOINT_ON_138=... bash scripts/xdc-zero/set-fragment-addresses.sh --chain138-only` to stage the 138 endpoint while leaving parent values as zero placeholders. | +| Merge `endpointconfig.json` | `XDC_ZERO_CHAIN138_FRAG=.../deployed/endpointconfig.fragment.chain138.json` `XDC_ZERO_REG_FRAG=.../deployed/xdcparentnet-register-chain138.fragment.json` `bash scripts/xdc-zero/merge-endpointconfig-chain138.sh --dry-run …` then without `--dry-run` | +| `registerChain` | `XDC_ZERO_ENDPOINT_DIR=.../endpoint bash scripts/xdc-zero/run-registerchain-both.sh` | +| `approveApplication` | `… bash scripts/xdc-zero/run-registerapplications-both.sh` | +| systemd | [`config/systemd/xdc-zero-relayer-138-pair.example.service`](../../config/systemd/xdc-zero-relayer-138-pair.example.service) — `ExecStart=/usr/bin/node dist/server.js`, `WorkingDirectory=` your relayer clone (e.g. `/opt/xdc-relayer`) | + +**Troubleshooting:** [CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md](CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md) (pending tx / replacement underpriced, SimpleCsc vs production CSC). + +Hardhat `chain138` and `network.config.json` → `chain138` live in your **XDC-Zero** clone (`endpoint/`). + +--- + +## 7. References - XDC-Zero: `endpoint/README.md`, `cicd/README.md` (clone locally). - CCIP / Chain 138 (parallel path): [docs/07-ccip/](07-ccip/), [docs/11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md](../11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md). diff --git a/docs/03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md b/docs/03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md new file mode 100644 index 00000000..9ca6d4fd --- /dev/null +++ b/docs/03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md @@ -0,0 +1,44 @@ +# XDC Zero + Chain 138 — deployment troubleshooting + +**Last updated:** 2026-04-01 + +## 1. `Replacement transaction underpriced` (Chain 138 / Besu) + +A prior deploy (e.g. Hardhat `yarn hardhat run …`) may have left a **pending** transaction at the deployer nonce. The next `cast send` reuses that nonce and Besu rejects a “cheap” replacement. + +**Fix (operator):** + +1. Identify the deployer: `cast wallet address --private-key "$PRIVATE_KEY"`. +2. Inspect the latest block / explorer / `eth_getBlockByNumber` for stuck txs from that address. +3. Either **wait** for the pending tx to mine, or submit a **replacement** with the **same nonce** and **strictly higher** effective gas price (per your Besu/miner policy), or coordinate a **nonce reset** on a test chain only. + +Until the mempool clears, prefer **no new deploys** from the same key. + +## 2. Hardhat appears to hang after “Compiled successfully” + +Some Besu JSON-RPC setups are slow to return receipts for large contract creation batches. Options: + +- Increase `timeout` on the `chain138` network in `endpoint/hardhat.config.js` (already raised to 600s in this workspace’s XDC-Zero patch). +- Use the repo wrapper with the manual fallback: `XDC_ZERO_REPO=~/projects/XDC-Zero bash scripts/xdc-zero/deploy-endpoint-chain138.sh --manual` + - This deploys directly from the compiled artifacts with explicit gas settings and library linking. + - If overlapping retries already consumed nonces, reuse the landed library addresses via `ETHEREUM_TRIE_DB_ADDRESS=...` and `MERKLE_PATRICIA_ADDRESS=...` before rerunning the manual script. +- Deploy with **Foundry `cast send --create`** using bytecode from `artifacts/contracts/.../*.json` (one contract at a time) if you want to bypass Node entirely. +- Use `scripts/xdc-zero/cast-deploy-simplecsc-chain138.sh` for **SimpleCsc** only (spike / lab). + +When overlapping retries leave multiple library instances, record the final coherent stack in `config/xdc-zero/deployed/endpoint-chain138.env` and use those values for the next parent-side / merge steps. + +## 3. SimpleCsc vs production CSC + +`SimpleCsc` in XDC-Zero tests is **not** a production checkpoint: `setRoots` is unpermissioned. For mainnet or institutional use, deploy **stock XDC-CSC** (or equivalent) and wire the relayer/oracle as in XinFin subnet docs. + +## 4. XDC-Relayer prerequisites + +Upstream expects **Redis** and a full `.env` (see `config/xdc-zero/xdc-relayer.dotenv.example` for a clone-local relayer `.env`, or `config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults` for `/etc/default` under systemd, plus the [XDC-Relayer README](https://github.com/XinFinOrg/XDC-Relayer)). After `npm run build`, production start is: + +`node dist/server.js` from the relayer repo root (same as `npm run start`). + +## 5. Parent-side deploys fail immediately or cannot start + +The Chain 138 deployer key can be well funded on 138 and still be unusable on **XDC mainnet** if it holds `0 XDC`. + +Before you attempt the parent Endpoint / CSC deploy, confirm the deployer has **XDC** (native gas on chain id **50**) on `https://rpc.xinfin.network` or another [listed mainnet RPC](https://chainid.network/chain/50/). Check the address on [xdcscan.com](https://xdcscan.com) or [xdcscan.io](https://xdcscan.io). If not funded, stop after the Chain 138 deploy, record the 138 addresses, fund the parent deployer, and resume with the parent-side runbook steps later. diff --git a/docs/03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md b/docs/03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md index 9ca1e108..63f52c15 100644 --- a/docs/03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md +++ b/docs/03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md @@ -1,6 +1,6 @@ # Contract Deployment Runbook -**Last Updated:** 2026-02-12 +**Last Updated:** 2026-04-03 **Full deployment order:** For the canonical sequence (prerequisites → core → PMM/pools → provider → optional → cW* → verification) and remaining recommendations, see [DEPLOYMENT_ORDER_OF_OPERATIONS.md](DEPLOYMENT_ORDER_OF_OPERATIONS.md). @@ -138,6 +138,120 @@ forge create contracts/mirror/TransactionMirror.sol:TransactionMirror \ Or run the helper script (from repo root, **from a host on LAN** that can reach `RPC_URL_138` e.g. 192.168.11.211:8545): `./scripts/deployment/deploy-transaction-mirror-chain138.sh`. The script exports `ETH_RPC_URL` so Forge uses the correct RPC and, on success, updates or appends `TRANSACTION_MIRROR_ADDRESS` in `smom-dbis-138/.env`. +## Cross-chain flash borrow / bridge / repay helpers (Chain 138) + +For the cross-chain flash path, the repo now has a dedicated deploy script for: + +- `UniversalCCIPFlashBridgeAdapter` +- `CrossChainFlashRepayReceiver` +- `CrossChainFlashVaultCreditReceiver` + +**Foundry deploy script:** `smom-dbis-138/script/deploy/DeployCrossChainFlashInfrastructure.s.sol` + +**Operator wrapper (recommended):** +```bash +source scripts/lib/load-project-env.sh +./scripts/deployment/deploy-cross-chain-flash-infra-chain138.sh --dry-run +./scripts/deployment/deploy-cross-chain-flash-infra-chain138.sh +``` + +**Required env:** + +- `PRIVATE_KEY` +- `RPC_URL_138` +- `UNIVERSAL_CCIP_BRIDGE` or `FLASH_UNIVERSAL_CCIP_BRIDGE` +- `CCIP_ROUTER` or `CCIP_ROUTER_ADDRESS` or `CCIP_ROUTER_CHAIN138` or `FLASH_CCIP_ROUTER` + +**Optional env overrides:** + +- `FLASH_REPAY_RECEIVER_ROUTER` +- `FLASH_VAULT_CREDIT_ROUTER` + +The deploy script logs and exports: + +- `CROSS_CHAIN_FLASH_BRIDGE_ADAPTER` +- `CROSS_CHAIN_FLASH_REPAY_RECEIVER` +- `CROSS_CHAIN_FLASH_VAULT_CREDIT_RECEIVER` + +**Live deployment (2026-04-03):** + +- `CROSS_CHAIN_FLASH_BRIDGE_ADAPTER=0xBe9e0B2d4cF6A3b2994d6f2f0904D2B165eB8ffC` +- `CROSS_CHAIN_FLASH_REPAY_RECEIVER=0xD084b68cB4B1ef2cBA09CF99FB1B6552fd9b4859` +- `CROSS_CHAIN_FLASH_VAULT_CREDIT_RECEIVER=0x89F7a1fcbBe104BeE96Da4b4b6b7d3AF85f7E661` + +**Blockscout verification (2026-04-03):** + +- `UniversalCCIPFlashBridgeAdapter` verified at `2026-04-03T03:15:53Z` +- `CrossChainFlashRepayReceiver` verified at `2026-04-03T03:11:16Z` +- `CrossChainFlashVaultCreditReceiver` verified at `2026-04-03T03:15:34Z` + +Post-deploy verification: +```bash +bash scripts/verify/check-cross-chain-flash-infra-chain138.sh +``` + +Design reminder: + +- `CrossChainFlashBorrower` still handles the same-tx ERC-3156 borrow/repay path on the borrow chain. +- `CrossChainFlashRepayReceiver` is the destination-side CCIP delivery leg. +- `CrossChainFlashVaultCreditReceiver` is the source-side or same-chain CCIP vault refill leg after async settlement. + +## DODO v3 / D3MM pilot verification (Chain 138 private venue) + +The private Chain 138 DODO v3 pilot is tracked separately from the public canonical DODO V2 stable-routing stack. + +**Current pilot addresses:** + +- `D3Oracle=0xD7459aEa8bB53C83a1e90262777D730539A326F0` +- `D3Vault=0x42b6867260Fb9eE6d09B7E0233A1fAD65D0133D1` +- `D3MMFactory=0x78470C7d2925B6738544E2DD4FE7c07CcA21AC31` +- `D3Proxy=0xc9a11abB7C63d88546Be24D58a6d95e3762cB843` +- `WETH10 / ETH-USD oracle source=0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` +- `USDT/USD managed feed=0x7c2Cb2667f0f97f4004aae04B67d94A085E6f0f1` +- `USDC/USD managed feed=0xf072Ac13D45e6c83296ca18F3E04185B747DD6aa` +- `cUSDT/USD managed feed=0x7c96E66F4a0713e327F9e73Cf2721f13DB29036C` +- `cUSDC/USD managed feed=0x291694095232CA80077125F64f6f73076e7910C1` +- Canonical `WETH10` pilot pool `D3MM=0x6550A3a59070061a262a893A1D6F3F490afFDBDA` + +**Health check:** +```bash +bash scripts/verify/check-dodo-v3-chain138.sh +``` + +**Blockscout source-verification workflow:** +```bash +bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh +``` + +This verifies: + +- the canonical D3MM pool returns `D3MM 1.0.0` +- `D3Vault` still recognizes the canonical pool +- `D3Oracle` has a non-zero, whitelisted `WETH10` source and it no longer points at the bootstrap `WETH10` mock +- `D3Oracle` no longer points the stable assets at the older bootstrap mock feeds +- `querySellTokens(WETH10 -> USDT, 0.1)` returns a healthy non-zero quote +- `D3Oracle`, `D3Vault`, `DODOApprove`, and `DODOApproveProxy` are source-verified on Blockscout +- `D3MMFactory` and `D3Proxy` verification submissions have been sent through the saved standard-input path; Blockscout currently returns bytecode-only metadata for those two addresses rather than the full source-verification metadata + +**Current posture:** the DODO v3 pilot oracle stack is now promoted onto the live Chain 138 oracle surfaces. Planner-v2 capability, generated route-matrix visibility, public `/token-aggregation/api/v2` publication, and `EnhancedSwapRouterV2` execution are now in place for the canonical `WETH10 <-> USDT` pilot lane. The public canonical stable execution stack for Chain 138 remains the DODO V2 DVM-backed PMM set, while DODO v3 stays a private pilot venue with a live execution path. + +**Live router-v2 execution stack (2026-04-03):** + +- `ENHANCED_SWAP_ROUTER_V2_ADDRESS=0xF1c93F54A5C2fc0d7766Ccb0Ad8f157DFB4C99Ce` +- `INTENT_BRIDGE_COORDINATOR_V2_ADDRESS=0x7D0022B7e8360172fd9C0bB6778113b7Ea3674E7` +- `DODO_ROUTE_EXECUTOR_ADAPTER=0x88495B3dccEA93b0633390fDE71992683121Fa62` +- `DODO_V3_ROUTE_EXECUTOR_ADAPTER=0x9Cb97adD29c52e3B81989BcA2E33D46074B530eF` +- `UNISWAP_V3_ROUTE_EXECUTOR_ADAPTER=0x960D6db4E78705f82995690548556fb2266308EA` +- `BALANCER_ROUTE_EXECUTOR_ADAPTER=0x4E1B71B69188Ab45021c797039b4887a4924157A` +- `CURVE_ROUTE_EXECUTOR_ADAPTER=0x5f0E07071c41ACcD2A1b1032D3bd49b323b9ADE6` +- `ONEINCH_ROUTE_EXECUTOR_ADAPTER=0x8168083d29b3293F215392A49D16e7FeF4a02600` + +**Proof swap (2026-04-03):** + +- approval tx: `0xac36fc7c1f8b50a847101276c33404bfa6e4a53ddfc13f7296fbddedd87a5277` +- router-v2 execution tx: `0x14cd60a226dbab0c96765fff23171569e5a2fc0e35bded03f92668951ced4b57` +- result: `100 USDT -> 0.047130507214977987 WETH10` + ## AlltraAdapter — setBridgeFee after deploy After deploying or using AlltraAdapter (138 ↔ ALL Mainnet 651940), set the bridge fee to match ALL Mainnet fee structure. @@ -195,7 +309,7 @@ This helper loads `smom-dbis-138/.env`, verifies the minimum required env (`PRIV - `cUSDC ↔ cXAUC` - `cEURT ↔ cXAUC` -If provider env vars like `DODOEX_ROUTER`, `DODO_PMM_PROVIDER_ADDRESS`, `UNISWAP_V3_ROUTER`, `BALANCER_VAULT`, `CURVE_3POOL`, or `ONEINCH_ROUTER` are unset, the deploy script uses placeholders and disables those providers after deployment. This keeps the Chain 138 deployment honest: token-to-token DODO pairs are registered immediately, while `swapToStablecoin()` still requires real `WETH -> stable` routes before it is operational. +If provider env vars like `DODOEX_ROUTER`, `DODO_PMM_PROVIDER_ADDRESS`, `UNISWAP_V3_ROUTER`, `BALANCER_VAULT`, `CURVE_3POOL`, or `ONEINCH_ROUTER` are unset, the deploy path now falls back to the live Chain 138 pilot-compatible venue addresses for `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch`. This keeps the Chain 138 deployment honest: the venues are funded and router-v2 wired on-chain, but they remain explicitly documented as pilot-compatible surfaces rather than upstream canonical protocol deployments. For current Chain 138, prefer `DODO_PMM_PROVIDER_ADDRESS` when the deployed `DODOPMMProvider` is available. The router now supports that provider as its DODO backend on Chain 138. If neither `DODO_PMM_PROVIDER_ADDRESS` nor `DODOEX_ROUTER` is set, the router can still deploy and register the live pair map, but the DODO provider will be disabled and no DODO execution path will remain enabled. diff --git a/docs/03-deployment/CUSDW_CUSDC_V2_HUB_POOL_RUNBOOK.md b/docs/03-deployment/CUSDW_CUSDC_V2_HUB_POOL_RUNBOOK.md new file mode 100644 index 00000000..f6a6355d --- /dev/null +++ b/docs/03-deployment/CUSDW_CUSDC_V2_HUB_POOL_RUNBOOK.md @@ -0,0 +1,84 @@ +# Chain 138 cUSDW / cUSDC V2 Hub Pool Runbook + +**Status:** Planned execution path +**Purpose:** Create and fund a Chain 138 DODO PMM hub pool for repo-native `cUSDW` against `cUSDC V2`, then surface the resulting inventory through token-aggregation and downstream edge-pool planning. + +## Assumptions + +- `cUSDW` is the Chain 138 hub-side GRU-aligned D-WIN USD representation. +- `cUSDC V2` is the preferred quote leg for x402 / permit-capable cutover work, even though current live PMM liquidity is still primarily on V1 `cUSDC`. +- `cWUSDW` edge rollout is currently evidenced in this repo for: + - BSC: `0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55` + - Avalanche: `0xcfdCe5E660FC2C8052BDfa7aEa1865DD753411Ae` + +## Known deployed addresses + +| Symbol | Chain | Address | Decimals | +|--------|-------|---------|----------| +| `cUSDW` | 138 | `0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e` | `6` | +| `cUSDC_V2` | 138 | `0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d` | `6` | +| `cWUSDW` | 56 | `0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55` | `6` | +| `cWUSDW` | 43114 | `0xcfdCe5E660FC2C8052BDfa7aEa1865DD753411Ae` | `6` | + +## Required env + +Add these to `smom-dbis-138/.env` or export before running the scripts: + +```bash +DODO_DVM_FACTORY=0xc93870594C7f83A0aE076c2e30b494Efc526b68E +DODO_VENDING_MACHINE_ADDRESS=0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C +DODO_PMM_INTEGRATION=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895 +CUSDW_ADDRESS_138=0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e +CUSDC_V2_ADDRESS_138=0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d + +# Optional pool parameters +DODO_LP_FEE_BPS=3 +DODO_INITIAL_PRICE_1E18=1000000000000000000 +DODO_K_FACTOR_1E18=500000000000000000 +DODO_ENABLE_TWAP=true +``` + +For liquidity funding: + +```bash +POOL_CUSDWCUSDCV2=0x... +ADD_LIQUIDITY_CUSDWCUSDCV2_BASE=1000000000000 +ADD_LIQUIDITY_CUSDWCUSDCV2_QUOTE=1000000000000 +``` + +Both tokens use `6` decimals, so `1000000000000` means `1,000,000` full tokens. + +## Create the pool + +```bash +cd smom-dbis-138 + +forge script script/dex/CreateCUSDWCUSDCV2Pool.s.sol:CreateCUSDWCUSDCV2Pool \ + --rpc-url "$RPC_URL_138" \ + --broadcast +``` + +Then record the resulting pool address in `POOL_CUSDWCUSDCV2`. + +The current canonical Chain 138 PMM stack is the **official DODO V2 DVM-backed** deployment above, not the earlier mock-backed integration. + +## Add liquidity + +```bash +cd smom-dbis-138 + +forge script script/dex/AddLiquidityCUSDWCUSDCV2PoolChain138.s.sol:AddLiquidityCUSDWCUSDCV2PoolChain138 \ + --rpc-url "$RPC_URL_138" \ + --broadcast +``` + +## Follow-on alignment + +1. Token aggregation: + Set `CUSDW_ADDRESS_138`, `CWUSDW_ADDRESS_56`, and `CWUSDW_ADDRESS_43114` (or legacy aliases) where the token-aggregation service runs so `/api/v1/report/token-list` and `/api/v1/report/canonical` surface the inventory. +2. Edge-pool planning: + Use `cross-chain-pmm-lps/config/pool-matrix.json` for `cWUSDW/USDT` on BSC and `cWUSDW/USDC` on Avalanche as the first concrete edge follow-ons for this repo. +3. Mapping discipline: + Keep D-WIN `USDW` and `cUSDW` distinct in listings and explorer labels. `USDW` is the ISO-4217 W-token family; `cUSDW` / `cWUSDW` are the PMM and transport surfaces. + +**CMC-listed USD DWIN** on BSC/Polygon (native ERC-20, post-swap addresses) vs Cronos ISO-4217W: see **`docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md`** and **`config/token-mapping-multichain.json`** (`dwinUsdWinPublic`). diff --git a/docs/03-deployment/CXAUC_CXAUT_CWAXAUC_CWAXAUT_ALLTRA_BRIDGE_CHECKLIST.md b/docs/03-deployment/CXAUC_CXAUT_CWAXAUC_CWAXAUT_ALLTRA_BRIDGE_CHECKLIST.md new file mode 100644 index 00000000..337f4fb1 --- /dev/null +++ b/docs/03-deployment/CXAUC_CXAUT_CWAXAUC_CWAXAUT_ALLTRA_BRIDGE_CHECKLIST.md @@ -0,0 +1,81 @@ +# cXAUC / cXAUT -> cWAXAUC / cWAXAUT -> cAXAUC / cAXAUT (ALL Mainnet) Checklist + +**Purpose:** Define the operator-ready activation path for the ALL Mainnet inbound gold corridor from Chain 138. + +**Canonical flow** + +1. **Chain 138 canonical gold:** `cXAUC` / `cXAUT` +2. **Source-leg wrapped transport semantics:** `cWXAUC` / `cWXAUT` +3. **ALL Mainnet bridge-minted wrapped assets:** `cWAXAUC` / `cWAXAUT` +4. **ALL Mainnet native-unwrapped landing assets:** `cAXAUC` / `cAXAUT` + +This is an intentional **651940 naming exception**. Generic public-chain `cWXAUC` / `cWXAUT` naming still applies elsewhere. + +## Current repo status + +- **Canonical Chain 138 gold assets live:** `cXAUC` and `cXAUT` +- **ALL Mainnet destination naming defined:** yes +- **ALL Mainnet destination contracts deployed:** not yet +- **Transport active in `gru-transport-active.json`:** no + +## Source of truth + +- Mapper + placeholders: [`config/token-mapping-multichain.json`](../../config/token-mapping-multichain.json) +- Naming standard: [`../04-configuration/ISO4217_COMPLIANT_TOKEN_MATRIX.md`](../04-configuration/ISO4217_COMPLIANT_TOKEN_MATRIX.md) +- c* -> cW* mapping notes: [`../04-configuration/C_TO_CW_MAPPER_MAPPING.md`](../04-configuration/C_TO_CW_MAPPER_MAPPING.md) +- Canonical token categories: [`../11-references/TOKEN_CATEGORIES_CANONICAL.md`](../11-references/TOKEN_CATEGORIES_CANONICAL.md) + +## Required operator steps + +1. **Deploy ALL Mainnet wrapped gold tokens** + - Deploy `cWAXAUC` + - Deploy `cWAXAUT` + +2. **Deploy ALL Mainnet native-unwrapped gold tokens** + - Deploy `cAXAUC` + - Deploy `cAXAUT` + +3. **Deploy or configure unwrap vault / bridge handler on ALL Mainnet** + - `cWAXAUC -> cAXAUC` + - `cWAXAUT -> cAXAUT` + +4. **Wire bridge roles** + - Grant bridge mint/burn authority on `cWAXAUC` + - Grant bridge mint/burn authority on `cWAXAUT` + - Grant unwrap authority to the vault/handler that materializes `cAXAUC` / `cAXAUT` + +5. **Fill repo env/config placeholders** + - `.env` / `.env.master.example` + - `CAXAUC_ADDRESS_651940` + - `CAXAUT_ADDRESS_651940` + - `CWAXAUC_ADDRESS_651940` + - `CWAXAUT_ADDRESS_651940` + - `config/token-mapping-multichain.json` + - `alltraXauDestination.chains.651940.*` + - `Compliant_XAUC_cW.addressTo` + - `Compliant_XAUT_cW.addressTo` + - `AXAUC_Compliant.addressFrom` + - `AXAUT_Compliant.addressFrom` + +6. **Optional reporting exposure** + - Token aggregation will surface these automatically once the `*_ADDRESS_651940` env vars are set: + - `cAXAUC` + - `cAXAUT` + - `cWAXAUC` + - `cWAXAUT` + +## Activation gate + +Do **not** activate this lane in `config/gru-transport-active.json` until all of the following are true: + +- `cWAXAUC` and `cWAXAUT` are deployed on `651940` +- `cAXAUC` and `cAXAUT` are deployed on `651940` +- unwrap path is tested end to end +- bridge mint/burn roles are wired +- repo placeholders are replaced with live addresses +- transport/redeemability policy is signed off + +## Notes + +- This checklist defines the **gold** exception only for **ALL Mainnet (651940)**. +- It does **not** rename generic `cWXAUC` / `cWXAUT` on ordinary public chains. diff --git a/docs/03-deployment/DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md b/docs/03-deployment/DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md new file mode 100644 index 00000000..492e98a0 --- /dev/null +++ b/docs/03-deployment/DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md @@ -0,0 +1,149 @@ +# DBIS Hyperledger Product Integration Checklist + +**Last updated:** 2026-04-05 +**Purpose:** Concrete closure checklist for the Hyperledger products that already exist in the DBIS Proxmox ecosystem. This is narrower than the RTGS-wide matrix: it answers one question per product, "what exact work remains before we can call this fully configured and integrated?" + +## Current reality + +| Product | Live runtime today | Ecosystem role today | Fully integrated? | +|---------|--------------------|----------------------|-------------------| +| Cacti | `5200` healthy gateway, `5201/5202` healthy public surfaces | Besu-facing interoperability sidecar plus public Alltra/HYBX Cacti surfaces | No | +| FireFly | `6200` healthy minimal local API; `6201` retired / standby | Workflow/orchestration candidate | No | +| Fabric | `6000` restored sample network on `mychannel`; `6001/6002` placeholders | Permissioned DLT sidecar candidate | No | +| Indy | `6400` healthy four-node local pool; `6401/6402` placeholders | Identity-ledger candidate | No | +| Aries | `6500` healthy ACA-Py agent | Identity-agent candidate | No | +| AnonCreds | Active indirectly through ACA-Py `askar-anoncreds` | Credential model candidate | No | +| Ursa | No separately managed runtime | Indirect crypto dependency only | No | +| Caliper | `6600` healthy workspace and Besu binding | Benchmark harness | No | + +## Operator verification anchors + +- Runtime truth: [DBIS_HYPERLEDGER_RUNTIME_STATUS.md](DBIS_HYPERLEDGER_RUNTIME_STATUS.md) +- Canonical production readiness: [DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md](DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md) +- Identity scope decision: [DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md](DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md) +- Multi-chain contract/app scope: [smom-dbis-138/MULTI_CHAIN_DEPLOYMENT_COMPLETE.md](../../smom-dbis-138/MULTI_CHAIN_DEPLOYMENT_COMPLETE.md) + +## Product checklists + +### Cacti + +Current proof: +- `5200` returns a healthy Cacti API. +- `5201` and `5202` serve the public Alltra/HYBX Cacti surfaces and local `:4000` APIs. + +Required to call fully integrated: +- [ ] Freeze whether Cacti is in scope for the first production RTGS slice. +- [ ] Deploy and validate the canonical `CactiAdapter` contract path. +- [ ] Freeze the cross-ledger contract: what transaction/event shape Cacti must observe and what downstream action it must trigger. +- [ ] Validate one real DBIS cross-ledger path end to end, not just a healthcheck. +- [ ] Archive the evidence path and rollback/retry behavior for operator use. + +Helpful commands: +```bash +bash scripts/maintenance/ensure-cacti-web-via-ssh.sh +curl -fsS http://127.0.0.1:4000/api/v1/api-server/healthcheck +``` + +### FireFly + +Current proof: +- `6200` returns `HTTP 200` on `/api/v1/status`. +- Postgres and IPFS are present behind the local FireFly footprint. + +Required to call fully integrated: +- [ ] Decide whether FireFly is mandatory for the first production slice or only an optional orchestration sidecar. +- [ ] Define the canonical event/correlation model across FireFly, sidecars, OMNL, and Chain 138. +- [ ] Validate one real multiparty workflow that proves FireFly is doing useful production work. +- [ ] Decide whether `6201` must be rebuilt as a real secondary or remain explicitly retired. +- [ ] Add failover/HA evidence if FireFly stays in scope. + +Helpful commands: +```bash +bash scripts/maintenance/ensure-firefly-primary-via-ssh.sh +curl -fsS http://127.0.0.1:5000/api/v1/status +``` + +### Fabric + +Current proof: +- `6000` now runs the restored `fabric-samples` test network. +- `peer channel getinfo -c mychannel` succeeds again. +- `6001` and `6002` remain placeholders only. + +Required to call fully integrated: +- [ ] Decide whether the sample network on `6000` is only a validation harness or the base of a real DBIS Fabric role. +- [ ] Deploy and validate the intended chaincode, not just the upstream sample network. +- [ ] Run or deploy the Fabric event listener in `smom-dbis-138/services/fabric-bridge/`. +- [ ] Prove one canonical Fabric-to-Besu or Fabric-backed business flow end to end. +- [ ] Freeze the production peer/orderer/CA topology if Fabric remains in scope. + +Helpful commands: +```bash +bash scripts/maintenance/ensure-fabric-sample-network-via-ssh.sh +``` + +### Indy + +Current proof: +- `6400` runs the local validator pool and binds all expected node/client ports. +- `6401` and `6402` remain placeholders only. + +Required to call fully integrated: +- [ ] Decide whether Indy is a required production identity ledger or only an optional capability. +- [ ] Freeze the genesis, governance, and validator-role model if Indy remains in scope. +- [ ] Validate one real issuer / holder / verifier flow against the live pool. +- [ ] Connect the live pool explicitly to the chosen Aries/AnonCreds production path. + +### Aries + +Current proof: +- `6500` runs a healthy ACA-Py agent. + +Required to call fully integrated: +- [ ] Freeze whether Aries is in or out of scope for the first production slice. +- [ ] Define agent placement, DID model, wallet model, and mediation/routing policy. +- [ ] Validate one real agent-to-agent or institution-facing credential exchange. +- [ ] Add operator runbooks and health/alerting tied to the chosen production role. + +### AnonCreds + +Current proof: +- ACA-Py is using the `askar-anoncreds` wallet path today. + +Required to call fully integrated: +- [ ] Freeze schema and credential-definition lifecycle. +- [ ] Define issuer, holder, and verifier roles. +- [ ] Validate issuance, presentation, verification, and revocation end to end. +- [ ] Archive reproducible evidence for the chosen credential lifecycle. + +### Ursa + +Current proof: +- No separately managed Ursa daemon or operator-facing runtime is evidenced. + +Required to call fully integrated: +- [ ] Decide whether Ursa will ever be an explicit operator-managed dependency. +- [ ] If yes, define packaging, upgrade, and cryptographic-control responsibilities. +- [ ] If no, document it as an indirect dependency only and remove any implied direct-runtime claims. + +### Caliper + +Current proof: +- `6600` has a working upstream Caliper workspace with the Besu `1.4` binding. + +Required to call fully integrated: +- [ ] Freeze the benchmark workloads that matter for RTGS and Chain 138 settlement. +- [ ] Execute the approved read/write benchmark suite. +- [ ] Store benchmark evidence and acceptance thresholds. +- [ ] Tie the benchmark suite to the canonical production gate. + +Helpful commands: +```bash +pct exec 6600 -- bash -lc 'cd /opt/caliper/workspace && npx caliper --version' +``` + +## Recommended next order + +1. Freeze scope: decide which of FireFly, Fabric, Indy, Aries, AnonCreds, and Ursa are actually mandatory for the first production slice. +2. Convert runtime-only products into one validated business path each: Cacti, FireFly, Fabric, Indy/Aries. +3. Archive operator evidence and acceptance criteria so the RTGS gate can move from `Partial` to `Complete`. diff --git a/docs/03-deployment/DBIS_HYPERLEDGER_RUNTIME_STATUS.md b/docs/03-deployment/DBIS_HYPERLEDGER_RUNTIME_STATUS.md index 6478f16a..793a887a 100644 --- a/docs/03-deployment/DBIS_HYPERLEDGER_RUNTIME_STATUS.md +++ b/docs/03-deployment/DBIS_HYPERLEDGER_RUNTIME_STATUS.md @@ -1,6 +1,6 @@ # DBIS Hyperledger Runtime Status -**Last Reviewed:** 2026-03-29 +**Last Reviewed:** 2026-04-05 **Purpose:** Concise app-level status table for the non-Besu Hyperledger footprint currently hosted on Proxmox. This complements the VMID inventory and discovery runbooks by recording what was actually verified inside the running containers. ## Scope @@ -28,11 +28,11 @@ The checks were based on: | VMID | Service family | CT status | App-level status | Listening ports / probe | Notes | |------|----------------|-----------|------------------|--------------------------|-------| | `5200` | Cacti primary | Running | Healthy Besu connector gateway | `4000/tcp` Cacti API, `5000/tcp` local gRPC sidecar | Reworked from the stale two-container template into a live `ghcr.io/hyperledger/cactus-connector-besu:2024-07-04-8c030ae` runtime; container health is `healthy`; `GET /api/v1/api-server/healthcheck` returned `200`; Besu connector plugin loaded against `http://192.168.11.211:8545` / `ws://192.168.11.211:8546` | -| `5201` | Cacti secondary | Stopped | Reserved placeholder | None verified | CT exists in inventory, but no active Cacti payload was validated in this run. Treat as standby metadata until intentionally built. | -| `5202` | Cacti tertiary | Stopped | Reserved placeholder | None verified | Same disposition as `5201`: no proven Cacti workload in this review. | -| `6200` | FireFly primary | Running | Healthy minimal local gateway | `5000/tcp` FireFly API, `5432/tcp` Postgres, `5001/tcp` IPFS | `firefly-core` restored on `ghcr.io/hyperledger/firefly:v1.2.0`; `GET /api/v1/status` returned `200`; Postgres `pg_isready` passed; IPFS version probe passed | +| `5201` | Cacti secondary | Running | Healthy public Cacti surface | `80/tcp` landing page, `4000/tcp` local Cacti API | `GET /` returned `200`; `GET /api/v1/api-server/healthcheck` returned `200`; intended public surface for `cacti-alltra.d-bis.org` with the local Hyperledger Cacti API kept healthy behind it. | +| `5202` | Cacti tertiary | Running | Healthy public Cacti surface | `80/tcp` landing page, `4000/tcp` local Cacti API | Same disposition as `5201`, but for `cacti-hybx.d-bis.org`; both the web landing page and the local Cacti API are healthy. | +| `6200` | FireFly primary | Running | Healthy minimal local gateway | `5000/tcp` FireFly API, `5432/tcp` Postgres, `5001/tcp` IPFS | `firefly-core` is healthy on `ghcr.io/hyperledger/firefly:v1.2.0`; `GET /api/v1/status` returned `200`; Postgres `pg_isready` passed; IPFS version probe passed. On 2026-04-05 the CT was reconciled into an idempotent mixed stack: compose now manages Postgres/IPFS, a helper-backed `firefly.service` treats the existing legacy `firefly-core` container as canonical instead of trying to recreate it, and all three containers use `restart=unless-stopped`. | | `6201` | FireFly secondary | Stopped | Formally retired until rebuilt | None verified | CT exists in inventory, but the rootfs is effectively empty and no valid FireFly deployment footprint was found. Treat this as retired / standby metadata only until it is intentionally rebuilt as a real secondary node. | -| `6000` | Fabric primary | Running | Operational sample network | `7050/tcp` orderer, `7051/tcp` org1 peer, `9051/tcp` org2 peer, `9443` / `9444` / `9445` operations ports | Official `fabric-samples` payload staged under `/opt/fabric`; `orderer.example.com`, `peer0.org1.example.com`, and `peer0.org2.example.com` are running; `peer channel getinfo -c mychannel` returned height `1` for both orgs. Nested LXC requires the `docker run --security-opt apparmor=unconfined` wrapper that is now part of the working setup. | +| `6000` | Fabric primary | Running | Operational sample network | `7050/tcp` orderer, `7051/tcp` org1 peer, `9051/tcp` org2 peer, `9443` / `9444` / `9445` operations ports | Official `fabric-samples` payload staged under `/opt/fabric`; the sample network was restored and reverified on 2026-04-05; `orderer.example.com`, `peer0.org1.example.com`, and `peer0.org2.example.com` are running again; `peer channel getinfo -c mychannel` now returns height `1`. Nested LXC requires `features: nesting=1,keyctl=1`, and `fabric-sample-network.service` is now installed to re-ensure the sample network after CT restarts. | | `6001` | Fabric secondary | Stopped | Reserved placeholder | None active | Same disposition as `6000`: no proven Fabric application payload or listeners, now stopped and reserved only as placeholder inventory. | | `6002` | Fabric tertiary | Stopped | Reserved placeholder | None active | Same disposition as `6000`: no proven Fabric application payload or listeners, now stopped and reserved only as placeholder inventory. | | `6400` | Indy primary | Running | Healthy four-node local validator pool | `9701`-`9708/tcp` validator and client listeners | `hyperledgerlabs/indy-node:latest` now runs `indy-node-1` through `indy-node-4` under `/opt/indy/docker-compose.yml`; `systemctl is-active indy` returned `active` and `systemctl is-enabled indy` returned `enabled`; all expected `start_indy_node` listeners are bound on `0.0.0.0`. | @@ -46,6 +46,7 @@ The checks were based on: ### Confirmed working now - Cacti primary (`5200`) is live as a local Cacti API with the Besu connector plugin loaded and healthy. +- Cacti public surfaces (`5201` and `5202`) are live as landing pages plus local Hyperledger Cacti APIs for the Alltra and HYBX edges. - FireFly primary (`6200`) is restored enough to provide a working local FireFly API backed by Postgres and IPFS. - Fabric primary (`6000`) now runs a verified official sample network with one orderer and two peers joined to `mychannel`. - Indy primary (`6400`) now runs a verified four-node local validator pool with all expected node and client listeners active. @@ -54,7 +55,6 @@ The checks were based on: ### Present only as reserved placeholders right now -- Cacti CTs (`5201`-`5202`) - Fabric CTs (`6001`-`6002`) - Indy CTs (`6401`-`6402`) @@ -66,10 +66,12 @@ These should be described as reserved placeholder inventory only. The primaries ## Operational follow-up -1. Keep `5200`, `6000`, `6200`, and `6400` under observation and preserve their working images, config paths, and nested-Docker allowances. -2. Keep `6500` and `6600` under observation as primaries for identity-agent and benchmark-harness work, and preserve the Indy genesis handoff plus the Caliper workspace state. -3. Do not force `6201`, `5201`, `5202`, `6001`, `6002`, `6401`, or `6402` online unless their intended roles and deployment assets are re-established from scratch. -3. Any governance or architecture document should distinguish: +1. Keep `5200`, `5201`, `5202`, `6000`, `6200`, and `6400` under observation and preserve their working images, config paths, and nested-Docker allowances. +2. Use `scripts/maintenance/ensure-fabric-sample-network-via-ssh.sh` when the Fabric sample network on `6000` drifts back to stopped peer/orderer containers or after unit-level changes. +3. Use `scripts/maintenance/ensure-firefly-primary-via-ssh.sh` when `6200` shows a failed `firefly.service` state, a compose-version mismatch, or drift between the compose-managed dependencies and the existing `firefly-core` container. +4. Keep `6500` and `6600` under observation as primaries for identity-agent and benchmark-harness work, and preserve the Indy genesis handoff plus the Caliper workspace state. +5. Do not force `6201`, `6001`, `6002`, `6401`, or `6402` online unless their intended roles and deployment assets are re-established from scratch. +6. Any governance or architecture document should distinguish: - `deployed and app-healthy` - `container present only` - `planned / aspirational` diff --git a/docs/03-deployment/DBIS_PHASE3_E2E_PRODUCTION_SIMULATION_RUNBOOK.md b/docs/03-deployment/DBIS_PHASE3_E2E_PRODUCTION_SIMULATION_RUNBOOK.md index cfd399fb..b76be8be 100644 --- a/docs/03-deployment/DBIS_PHASE3_E2E_PRODUCTION_SIMULATION_RUNBOOK.md +++ b/docs/03-deployment/DBIS_PHASE3_E2E_PRODUCTION_SIMULATION_RUNBOOK.md @@ -1,6 +1,6 @@ # DBIS Phase 3 — End-to-end production simulation -**Last updated:** 2026-03-28 +**Last updated:** 2026-04-05 **Purpose:** Operationalize [dbis_chain_138_technical_master_plan.md](../../dbis_chain_138_technical_master_plan.md) Section 18 (example flow) and Sections 14, 17 as **repeatable liveness and availability checks** — not a single product build or a full business-E2E execution harness. **Prerequisites:** LAN access where noted; [DBIS_NODE_ROLE_MATRIX.md](../02-architecture/DBIS_NODE_ROLE_MATRIX.md) for IPs/VMIDs; operator env via `scripts/lib/load-project-env.sh` for on-chain steps. @@ -11,12 +11,12 @@ | Step | Master plan | Verification (repo-aligned) | |------|-------------|-----------------------------| -| 1 | Identity issued (Indy) | Indy steward / node RPC on VMID **6400** (192.168.11.64); pool genesis tools — **manual** until automated issuer script exists. Current CTs `6400/6401/6402` are present, but app-level Indy listener verification is still pending. | +| 1 | Identity issued (Indy) | Indy steward / node RPC on VMID **6400** (192.168.11.64); pool genesis tools — **manual** until automated issuer script exists. Primary Indy listener verification is now proven on `6400`, but issuer / holder / verifier business flow is still manual. | | 2 | Credential verified (Aries) | Aries agents (if colocated): confirm stack on Indy/FireFly integration path — **TBD** per deployment. | | 3 | Workflow triggered (FireFly) | FireFly API on **6200** (currently restored as a minimal local gateway profile at `http://192.168.11.35:5000`). VMID **6201** is presently stopped / standby and should not be assumed active. | | 4 | Settlement executed (Besu) | JSON-RPC `eth_chainId`, `eth_blockNumber`, optional test transaction via `smom-dbis-138` with `RPC_URL_138=http://192.168.11.211:8545`. PMM/oracle: [ORACLE_AND_KEEPER_CHAIN138.md](../../smom-dbis-138/docs/integration/ORACLE_AND_KEEPER_CHAIN138.md). | -| 5 | Cross-chain sync (Cacti) | Cacti = network monitoring here (VMID **5200**); **Hyperledger Cacti** interoperability is **future/optional** — track separately if deployed. **CCIP:** relay on r630-01 per [CCIP_RELAY_DEPLOYMENT.md](../07-ccip/CCIP_RELAY_DEPLOYMENT.md). | -| 6 | Compliance recorded (Fabric) | Fabric CTs `6000/6001/6002` are present, but current app-level verification has not yet proven active peer / orderer workloads inside those CTs. Treat Fabric business-flow validation as manual until that gap is closed. | +| 5 | Cross-chain sync (Cacti) | Hyperledger Cacti is live on `5200` as a Besu-facing gateway, and `5201/5202` serve the Alltra/HYBX public Cacti surfaces. Production cross-ledger business flow is still optional / manual until a canonical DBIS path is frozen. **CCIP:** relay on r630-01 per [CCIP_RELAY_DEPLOYMENT.md](../07-ccip/CCIP_RELAY_DEPLOYMENT.md). | +| 6 | Compliance recorded (Fabric) | Fabric sample network on `6000` is now active again with one orderer and two peers on `mychannel`, but Fabric chaincode / listener / RTGS business-flow validation remains manual until the canonical integration path is proven. | | 7 | Final settlement confirmed | Re-check Besu head on **2101** and **2201**; Blockscout **5000** for tx receipt if applicable. | --- @@ -72,5 +72,8 @@ Use [OPERATOR_READY_CHECKLIST.md](../00-meta/OPERATOR_READY_CHECKLIST.md) sectio ## Related - [PHASE1_DISCOVERY_RUNBOOK.md](PHASE1_DISCOVERY_RUNBOOK.md) +- [DBIS_HYPERLEDGER_RUNTIME_STATUS.md](DBIS_HYPERLEDGER_RUNTIME_STATUS.md) +- [DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md](DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md) +- [DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md](DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md) - [DBIS_PHASE2_PROXMOX_SOVEREIGNIZATION_ROADMAP.md](../02-architecture/DBIS_PHASE2_PROXMOX_SOVEREIGNIZATION_ROADMAP.md) - [verify-end-to-end-routing.sh](../../scripts/verify/verify-end-to-end-routing.sh) — public/private ingress diff --git a/docs/03-deployment/DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md b/docs/03-deployment/DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md index 8b16e396..ea1e69fe 100644 --- a/docs/03-deployment/DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md +++ b/docs/03-deployment/DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md @@ -1,6 +1,6 @@ # DBIS Chain 138 — Phases 1-3 Production Gate -**Last updated:** 2026-03-28 +**Last updated:** 2026-04-05 **Purpose:** Convert the DBIS master plan into an operational production gate. This document records which Phase 1-3 conditions are currently satisfied, which are partially satisfied, and which still block an honest production declaration. ## Overall status @@ -22,8 +22,8 @@ ### What is not yet proven production-ready - FireFly secondary failover footprint (`6201`) is not deployed; it is currently retired / standby until rebuilt -- Fabric peer / orderer workload health inside `6000-6002`; those CTs are now intentionally stopped as reserved placeholders -- Indy validator / node listener health inside `6400-6402`; those CTs are now intentionally stopped as reserved placeholders +- Fabric business-role integration beyond the restored sample network on `6000` +- Indy identity-role integration beyond the healthy validator pool on `6400` - Sovereignized Phase 2 platform baseline: - Ceph-backed storage - final VLAN segmentation @@ -71,8 +71,8 @@ | Automated liveness wrapper exists | Complete | [scripts/verify/run-dbis-phase3-e2e-simulation.sh](../../scripts/verify/run-dbis-phase3-e2e-simulation.sh) | | Besu liveness passes | Complete | direct script output and [scripts/verify/check-chain138-rpc-health.sh](../../scripts/verify/check-chain138-rpc-health.sh) | | FireFly HTTP liveness passes | Complete | `6200` returns `HTTP 200` on `/api/v1/status` | -| Fabric app-native business flow validation passes | Blocked | Current checks found no active Fabric payload, processes, or listeners; CTs are now intentionally stopped as reserved placeholders | -| Indy app-native business flow validation passes | Blocked | Current checks found no active Indy payload, processes, or listeners; CTs are now intentionally stopped as reserved placeholders | +| Fabric app-native business flow validation passes | Blocked | `6000` now runs a restored sample network again, but Fabric chaincode / listener / RTGS business flows are still not validated end to end | +| Indy app-native business flow validation passes | Blocked | `6400` now runs a healthy validator pool, but issuer / holder / verifier business flows are still not validated end to end | | Cross-chain / Cacti business flow validation passes | Blocked | not currently proven as deployed live DBIS path | | Full business E2E has been demonstrated | Blocked | current wrapper is intentionally liveness-only | @@ -85,8 +85,8 @@ The following items still prevent a full “DBIS Chain 138 production complete” declaration: 1. `6201` is not a verified active secondary FireFly node and is currently treated as retired / standby until rebuilt. -2. Fabric `6000-6002` are not active peer/orderer workloads; current evidence showed placeholder CTs only, and they have now been stopped and retained as reserve inventory. -3. Indy `6400-6402` are not active validator workloads; current evidence showed placeholder CTs only, and they have now been stopped and retained as reserve inventory. +2. Fabric `6000` is only a restored sample network today; `6001` and `6002` remain reserve inventory, and no canonical business workflow is yet validated through Fabric. +3. Indy `6400` is a healthy validator pool today; `6401` and `6402` remain reserve inventory, and no canonical identity business workflow is yet validated through Indy. 4. Phase 2 sovereignization is still roadmap work, not completed platform state. 5. The current Phase 3 wrapper is liveness validation, not end-to-end business certification. @@ -107,8 +107,8 @@ It is **not** yet accurate to declare: ## Next production-closing actions 1. Decide whether `6201` is to be rebuilt as a real secondary FireFly node or left retired as a reserve inventory slot. -2. Either deploy real Fabric workloads inside `6000-6002` and validate them, or leave those CTs stopped as reserved placeholders. -3. Either deploy real Indy workloads inside `6400-6402` and validate them, or leave those CTs stopped as reserved placeholders. +2. Decide whether the restored Fabric sample network on `6000` remains only a validation sidecar or evolves into a canonical workload, then validate the corresponding chaincode / listener / business flow. +3. Decide whether the healthy Indy validator pool on `6400` remains optional or becomes a canonical identity dependency, then validate the corresponding issuer / holder / verifier flow. 4. Execute the first real Phase 2 platform milestone: - fleet expansion, or - Ceph pilot, or @@ -121,4 +121,5 @@ It is **not** yet accurate to declare: - [docs/03-deployment/PHASE1_DISCOVERY_RUNBOOK.md](PHASE1_DISCOVERY_RUNBOOK.md) - [docs/03-deployment/DBIS_PHASE3_E2E_PRODUCTION_SIMULATION_RUNBOOK.md](DBIS_PHASE3_E2E_PRODUCTION_SIMULATION_RUNBOOK.md) - [docs/03-deployment/DBIS_HYPERLEDGER_RUNTIME_STATUS.md](DBIS_HYPERLEDGER_RUNTIME_STATUS.md) +- [docs/03-deployment/DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md](DBIS_HYPERLEDGER_PRODUCT_INTEGRATION_CHECKLIST.md) - [docs/02-architecture/DBIS_PHASE2_PROXMOX_SOVEREIGNIZATION_ROADMAP.md](../02-architecture/DBIS_PHASE2_PROXMOX_SOVEREIGNIZATION_ROADMAP.md) diff --git a/docs/03-deployment/DEFI_AGGREGATOR_DEX_ROUTING_FLOWS_DIAGRAM.md b/docs/03-deployment/DEFI_AGGREGATOR_DEX_ROUTING_FLOWS_DIAGRAM.md index d7cf8bca..74342e5f 100644 --- a/docs/03-deployment/DEFI_AGGREGATOR_DEX_ROUTING_FLOWS_DIAGRAM.md +++ b/docs/03-deployment/DEFI_AGGREGATOR_DEX_ROUTING_FLOWS_DIAGRAM.md @@ -142,7 +142,7 @@ sequenceDiagram | **MCP reads pool state** | AI/MCP → Allowlist → get_pool_state (RPC) → DODOPMMIntegration (138) or cW* pool or Uniswap (public) | One MCP per chain or multi-chain allowlist. | | **MCP / AI maintenance** | AI → MCP quote_add_liquidity / add_liquidity / remove_liquidity → DODOPMMIntegration or public DEX | Dedicated MCP/AI for Dodoex + Uniswap pool management. | | **Bot peg maintenance** | Bot → Deviation watcher (pool vs oracle) → buy/sell cW* or inventory adjust → cW* / HUB pools on public chain | State machine: IDLE, ABOVE_BAND, BELOW_BAND, COOLDOWN, CIRCUIT_BREAK. | -| **Multi-provider (future)** | User / Contract → EnhancedSwapRouter → DODOPMMProvider + Uniswap + Balancer + Curve (by size/slippage) → Pools on 138 | When EnhancedSwapRouter deployed and pools exist. | +| **Multi-provider (live pilot layer)** | User / Contract → EnhancedSwapRouterV2 → DODOPMMProvider + DODO v3 pilot + pilot-compatible Uniswap/Balancer/Curve/1inch venues (by size/slippage / planner-v2 selection) → Pools on 138 | Live on Chain 138. Public planner visibility is under `/token-aggregation/api/v2/*`; canonical `WETH` routing asset lanes use the funded pilot venue layer. | --- @@ -154,11 +154,11 @@ sequenceDiagram | **DODOPMMIntegration** | Creates pools, adds liquidity, executes swaps (legacy pairs + swapExactIn for full mesh). | | **DODOPMMProvider** | Routing front: getQuote, executeSwap; registers pools; uses integration for execution. | | **Bridge quote API** | Orchestrates source swap + bridge + destination swap; uses token-aggregation or destination DEX for quotes. | -| **External aggregators** | 1inch, 0x, ParaSwap: multi-DEX routing on supported chains; 138 not supported until they add it. | +| **External aggregators** | Upstream-native 1inch, 0x, ParaSwap: multi-DEX routing on supported chains; Chain 138 still uses repo-managed pilot-compatible venues instead of upstream public deployments. | | **Bridge aggregator** | Explorer backend: Li.Fi, Socket, etc., for bridge routes only. | | **MCP** | Read (and optionally execute) pool state and liquidity ops; allowlist per chain or multi-chain. | | **Bot** | Maintains cW* peg on public chains via single-sided cW* / HUB pools; deviation and inventory. | -| **EnhancedSwapRouter** | (Optional) Multi-provider router on 138 when Uniswap/Balancer/Curve pools exist. | +| **EnhancedSwapRouterV2** | Live multi-provider router on 138 with DODO V2 PMM, DODO v3 pilot, and funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues. | --- diff --git a/docs/03-deployment/DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md b/docs/03-deployment/DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md index f076f17d..c1ebad49 100644 --- a/docs/03-deployment/DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md +++ b/docs/03-deployment/DEPLOYER_GAS_AUTO_ROUTE_RUNBOOK.md @@ -1,6 +1,6 @@ # Deployer Gas Auto-Route Runbook -**Purpose:** Convert deployer wallet ERC-20 (or compliant) tokens to **native gas tokens** on each target chain where balance is below threshold. Uses internal path (Chain 138), Protocolink (public chains), or manual/LiFi (Wemix). +**Purpose:** Convert deployer wallet ERC-20 (or compliant) tokens to **native gas tokens** on each target EIP-155 chain where balance is below threshold. Uses internal path (Chain 138), Protocolink (public chains), or manual/LiFi (Wemix). Non-EVM planning targets such as Solana are tracked separately in the same config, but are not auto-routed by the current script. **Deployer address:** `0x4A666F96fC8764181194447A7dFdb7d471b301C8` @@ -12,7 +12,7 @@ 2. **Environment:** `smom-dbis-138/.env` (or project env loaded by `scripts/lib/load-project-env.sh`) with: - `PRIVATE_KEY` or `DEPLOYER_ADDRESS` - Per-chain RPC URLs: `RPC_URL_138`, `ETHEREUM_MAINNET_RPC`, `BSC_RPC_URL`, `POLYGON_MAINNET_RPC`, `GNOSIS_MAINNET_RPC`, `ARBITRUM_MAINNET_RPC`, `OPTIMISM_MAINNET_RPC`, `BASE_MAINNET_RPC`, `AVALANCHE_RPC_URL`, `CRONOS_RPC_URL`, `CELO_RPC_URL`, `WEMIX_RPC`, `GNOSIS_RPC`. For ALL Mainnet (651940) and Etherlink (42793): set `RPC_URL_651940` and `RPC_URL_42793` (or equivalent) when present so the orchestrator can show balance/route for those chains; otherwise they appear as "no RPC configured". -3. **Config:** [config/deployer-gas-routes.json](../../config/deployer-gas-routes.json) — chain-to-method mapping and thresholds. **Multiple swap routes for CRO and WEMIX:** [config/cro-wemix-swap-routes.json](../../config/cro-wemix-swap-routes.json) — SwapSpace, ChangeNOW, SimpleSwap, StealthEX and others; used by `acquire-cro-and-wemix-gas.sh`. +3. **Config:** [config/deployer-gas-routes.json](../../config/deployer-gas-routes.json) — chain-to-method mapping and thresholds. **Multiple swap routes for CRO and WEMIX:** [config/cro-wemix-swap-routes.json](../../config/cro-wemix-swap-routes.json) — SwapSpace, ChangeNOW, SimpleSwap, StealthEX and others; used by `acquire-cro-and-wemix-gas.sh`. Non-EVM desired targets (currently **Solana**) live under the config's `nonEvmNetworks` section as manual/planning entries. --- @@ -65,6 +65,7 @@ The orchestrator: | **Protocolink (public chains)** | Use the quote/output from `protocolink-swap-to-gas.cjs`. Build transaction via [Protocolink API](https://docs.protocolink.com/protocolink-api/overview) (estimate router data, build tx); sign with deployer key and submit. | | **Cronos (25)** | **Manual (multiple routes):** Protocolink does not support Cronos. Use any aggregator from [config/cro-wemix-swap-routes.json](../../config/cro-wemix-swap-routes.json) (SwapSpace, ChangeNOW, SimpleSwap, StealthEX) to swap ETH/BNB/USDT/USDC → CRO; send to deployer on Cronos. Required ~15 CRO. List all routes: `./scripts/deployment/acquire-cro-and-wemix-gas.sh` or `--list`. | | **Wemix (1111)** | **Manual (multiple routes):** Use any aggregator from [config/cro-wemix-swap-routes.json](../../config/cro-wemix-swap-routes.json) (SwapSpace, ChangeNOW, SimpleSwap, StealthEX) to swap ETH/BNB/POL → WEMIX; send to deployer on chain 1111. Required ~0.4 WEMIX. List all routes: `./scripts/deployment/acquire-cro-and-wemix-gas.sh` or `--list`. Then run `deploy-bridges-config-ready-chains.sh wemix` and complete-config. See [WEMIX_ACQUISITION_TABLED.md](WEMIX_ACQUISITION_TABLED.md). | +| **Solana (planning target)** | **Manual / non-EVM:** Acquire SOL for the assigned Solana deployer or relay signer when the Solana rollout wave is opened. This repo currently tracks Solana as a desired non-EVM deployment network, but `deployer-gas-auto-route.sh` does not execute non-EVM funding. | --- diff --git a/docs/03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md b/docs/03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md index 22f6a895..b71fe05d 100644 --- a/docs/03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md +++ b/docs/03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md @@ -1,8 +1,8 @@ # Full Deployment Order of Operations -> Historical note (2026-03-26): this run order includes earlier PMM deployment phases. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. Use [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) for live addresses. +> Historical note (2026-04-02): this run order includes earlier PMM deployment phases. The current canonical Chain 138 PMM stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Public XAU pools remain on the older PMM phase until explicitly migrated. Use [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) for live addresses. -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-03 **Purpose:** Single canonical sequence for deploying and completing the system: prerequisites → Chain 138 core → PMM/pools → provider → optional → cW* → verification. Use this as the master order; other runbooks give per-step detail. **Related:** [RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md](RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md) (all recommendations & fixes before deploy) | [PRE_DEPLOYMENT_CHECKLIST.md](PRE_DEPLOYMENT_CHECKLIST.md) (PMM/pools focus) | [CONTRACT_DEPLOYMENT_RUNBOOK.md](CONTRACT_DEPLOYMENT_RUNBOOK.md) (per-script detail) | [RECOMMENDATIONS_OPERATOR_CHECKLIST.md](../00-meta/RECOMMENDATIONS_OPERATOR_CHECKLIST.md) (R1–R24) @@ -31,7 +31,7 @@ Before any Chain 138 deployment, follow these four rules: | **2** | TransactionMirror + PMM pools (Chain 138) | Required for PMM routing | | **3** | Liquidity + DODOPMMProvider | After pools exist | | **4** | Optional: EnhancedSwapRouter, trustless, CCIP other chains | When dependencies exist | -| **5** | cW* edge pools (11 public chains) | When cW* tokens and infra exist | +| **5** | cW* edge pools (11 public EVM chains) | When cW* tokens and infra exist | | **6** | Post-deploy verification & recommendations | After each phase and ongoing | --- @@ -44,7 +44,7 @@ Execute in any order where no dependency; all must be satisfied before Phase 1 |---|------|--------| | 0.1 | **RPC 2101 (Core) writable** | If read-only: `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh`. See [RPC_2101_READONLY_FIX.md](RPC_2101_READONLY_FIX.md). | | 0.2 | **Deployer wallet funded (Chain 138)** | ≥ ~0.006 ETH (recommended 1–2 ETH). Check: `cd smom-dbis-138 && ./scripts/deployment/check-balances-gas-and-deploy.sh`. | -| 0.3 | **Env configured** | `smom-dbis-138/.env` only: `PRIVATE_KEY`, `RPC_URL_138` (Core); for PMM: `DODO_PMM_INTEGRATION_ADDRESS=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`, `DODO_PMM_PROVIDER_ADDRESS=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. Optional: `GAS_PRICE_138`, `GAS_PRICE`. Run: `cd smom-dbis-138 && ./scripts/deployment/check-env-required.sh`. Or from repo root: `./scripts/deployment/preflight-chain138-deploy.sh`. | +| 0.3 | **Env configured** | `smom-dbis-138/.env` only: `PRIVATE_KEY`, `RPC_URL_138` (Core); for PMM: `DODO_PMM_INTEGRATION_ADDRESS=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODO_PMM_PROVIDER_ADDRESS=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Optional: `GAS_PRICE_138`, `GAS_PRICE`. Run: `cd smom-dbis-138 && ./scripts/deployment/check-env-required.sh`. Or from repo root: `./scripts/deployment/preflight-chain138-deploy.sh`. | | 0.4 | **Gas / cost estimate** | Run cost estimate before deploy: `cd smom-dbis-138 && ./scripts/deployment/calculate-costs-consolidated.sh` (or see [DEPLOYMENT_GAS_COSTS_REALTIME](../11-references/DEPLOYMENT_GAS_COSTS_REALTIME.md)). Chain 138 uses min 1 gwei; script gives estimated total cost. | | 0.5 | **POOL_MANAGER_ROLE** | Deployer must have POOL_MANAGER_ROLE on DODOPMMIntegration for pool creation and provider registration. | | 0.6 | **No stuck transactions** | If nonce has pending txs or "Replacement transaction underpriced": run `./scripts/clear-all-transaction-pools.sh` then wait ~60s. Use Core RPC only (no Public fallback). Prefer deploy scripts that check nonce (e.g. `deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh`). | @@ -55,7 +55,7 @@ Execute in any order where no dependency; all must be satisfied before Phase 1 ## Phase 1 — Chain 138 core (if not already deployed) -If core contracts are already deployed (e.g. **64/64** present per check-contracts-on-chain-138.sh), skip to Phase 2. Otherwise follow this order. +If core contracts are already deployed (e.g. **88/88** present per check-contracts-on-chain-138.sh on the current canonical inventory), skip to Phase 2. Otherwise follow this order. | # | Item | Script / command | Depends on | |---|------|------------------|------------| @@ -90,7 +90,7 @@ Required for PMM routing. Full steps: [PRE_DEPLOYMENT_CHECKLIST.md](PRE_DEPLOYME | 3.1 | **Add liquidity (optional)** | Per pool: approve base/quote to DODOPMMIntegration, then `addLiquidity(pool, baseAmount, quoteAmount)`. See [DODO_PMM_INTEGRATION.md](../../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md). | | 3.2 | **Deploy DODOPMMProvider** | `forge script script/liquidity/DeployDODOPMMProvider.s.sol:DeployDODOPMMProvider --rpc-url $RPC_URL_138 --broadcast --private-key $PRIVATE_KEY --with-gas-price 1000000000`. Set `DODO_PMM_PROVIDER_ADDRESS` in .env. | | 3.3 | **Register pools** | Register every created pool in DODOPMMProvider (legacy three at minimum; full mesh when used). | -| 3.4 | **Token-aggregation** | Set `CHAIN_138_DODO_PMM_INTEGRATION` where the token-aggregation service runs; ensure indexer runs so API exposes pools. | +| 3.4 | **Token-aggregation** | Set `CHAIN_138_DODO_PMM_INTEGRATION` where the token-aggregation service runs; ensure indexer runs so API exposes pools. The live explorer deployment now persists the three canonical stable pools via the standalone lightweight schema bootstrap. | | 3.5 | **MCP allowlist (optional)** | Use `ai-mcp-pmm-controller/config/allowlist-138.json` (Chain 138 pools). Run with `ALLOWLIST_PATH=config/allowlist-138.json CHAIN=138`. See [README-allowlist-138.md](../../ai-mcp-pmm-controller/config/README-allowlist-138.md). | --- @@ -101,14 +101,16 @@ Only when dependencies exist (Uniswap/Balancer on 138, or mainnet/other-chain RP | # | Item | When / command | |---|------|----------------| -| 4.1 | **EnhancedSwapRouter (Chain 138)** | When Uniswap V3 / Balancer pools exist on 138: deploy with chain-138–aware script (env quoter/poolId); configure post-deploy. See CONTRACT_DEPLOYMENT_RUNBOOK § EnhancedSwapRouter. | +| 4.1 | **EnhancedSwapRouter (Chain 138)** | Deployment dry-run is now healthy with the standard project env loader. Broadcast only when at least one live WETH-to-stable route exists if `swapToStablecoin()` is required; otherwise the router is DODO-only. See CONTRACT_DEPLOYMENT_RUNBOOK § EnhancedSwapRouter. | | 4.2 | **Trustless stack (Lockbox138 + Mainnet)** | When Mainnet RPC and keys available: deploy trustless bridge contracts; set INBOX_ETH, BOND_MANAGER, etc. See [OPTIONAL_DEPLOYMENTS_START_HERE.md](../07-ccip/OPTIONAL_DEPLOYMENTS_START_HERE.md) §2C. | | 4.3 | **CCIP other chains (Gnosis, Celo, Wemix)** | Deploy WETH bridges per chain; add destinations 138↔chain; fund LINK. See [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md). | | 4.4 | **LINK on Mainnet relay** | [RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md](../07-ccip/RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md). | --- -## Phase 5 — cW* edge pools (11 public chains) +## Phase 5 — cW* edge pools (11 public EVM chains) + +Desired non-EVM rollout targets such as **Solana** sit **outside** this phase. They are tracked under `config/token-mapping-multichain.json -> nonEvmNetworks` and the GRU rollout queue, and require adapter / relay wiring plus an SPL or bridge-wrapped asset representation rather than the EVM PMM edge-pool recipe. Design and pool matrix: [POOLS_AND_NETWORKS_FULL_DESIGN.md](../11-references/POOLS_AND_NETWORKS_FULL_DESIGN.md). Per chain: deploy cW* tokens (or bridge), then create 6 “poolsFirst” + optional pools per [pool-matrix.json](../../cross-chain-pmm-lps/config/pool-matrix.json) and [06-deployment-recipe.md](../../cross-chain-pmm-lps/docs/06-deployment-recipe.md). @@ -125,7 +127,7 @@ After each deployment phase and periodically. | # | Item | Command / doc | |---|------|----------------| -| 6.1 | **On-chain verification (Chain 138)** | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]`. Target **64/64** when TransactionMirror, all three PMM pools, vault/reserve, CompliantFiatTokens, ISO20022Router, and **canonical + legacy** CCIP router/WETH9 bridge slots exist (see `config/smart-contracts-master.json`). | +| 6.1 | **On-chain verification (Chain 138)** | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]`. Target **88/88** on the current canonical inventory in `config/smart-contracts-master.json`, including the stable PMM stack, ISO20022Router, canonical + legacy CCIP router/WETH9 bridge slots, the cross-chain flash trio, GRU V2 USD pair, router-v2 execution stack, upstream-native Uniswap v3 stack, and the funded pilot-compatible secondary venues. | | 6.2 | **Blockscout verification** | When Blockscout reachable: `./scripts/verify/run-contract-verification-with-proxy.sh`. See [BLOCKSCOUT_VERIFICATION_GUIDE.md](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md). | | 6.3 | **Update address docs** | Update [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md), [LIQUIDITY_POOLS_MASTER_MAP.md](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md) with new pool and provider addresses. | | 6.4 | **Recommendations (R1–R24)** | Follow [RECOMMENDATIONS_OPERATOR_CHECKLIST.md](../00-meta/RECOMMENDATIONS_OPERATOR_CHECKLIST.md): verify on Blockscout, keep address refs updated, use correct RPC/gas, manage nonce, runbooks in sync, monitoring, testing, token mapping. | @@ -175,7 +177,7 @@ For a single page of exact commands (CCIP bridges, LINK relay, Blockscout verify 1. **Prerequisites:** RPC writable (Core only), deployer funded, **smom-dbis-138/.env** (no other dotenv), gas/cost estimate run, POOL_MANAGER_ROLE, **no stuck txs** (clear pool if needed), forge build. 2. **Chain 138 core:** 01_DeployCore → set env → 02_DeployBridges (or unified script); WETH9 bridge; deterministic if needed. 3. **PMM:** TransactionMirror + create mesh-first pools on Chain 138 (`create-pmm-full-mesh-chain138.sh`), or legacy three as minimum fallback. -4. **Provider:** Add liquidity (optional) → deploy DODOPMMProvider → register all created pools → token-aggregation env → MCP allowlist (optional). +4. **Provider:** Add liquidity (optional) → deploy DODOPMMProvider or sync current mappings → register all created pools → token-aggregation env → MCP allowlist (optional). 5. **Optional:** EnhancedSwapRouter (when Uniswap/Balancer on 138), trustless stack, CCIP other chains, LINK relay. 6. **cW*:** Per chain: deploy/bridge cW* tokens, create and fund pools per pool-matrix. 7. **Verify & recommendations:** check-contracts-on-chain-138.sh, Blockscout verify, update address docs, R1–R24, full recommendations list. diff --git a/docs/03-deployment/DEPLOYMENT_RUNBOOK.md b/docs/03-deployment/DEPLOYMENT_RUNBOOK.md index d9c780fe..2d6a28b4 100644 --- a/docs/03-deployment/DEPLOYMENT_RUNBOOK.md +++ b/docs/03-deployment/DEPLOYMENT_RUNBOOK.md @@ -75,7 +75,7 @@ export REDIS_URL=redis://redis.example.com:6379 # RPC export RPC_URL=https://rpc.d-bis.org -export WS_URL=wss://rpc.d-bis.org +export WS_URL=wss://ws.rpc.d-bis.org # Application export CHAIN_ID=138 @@ -455,4 +455,3 @@ curl https://api.d-bis.org/api/v1/track2/stats **Document Version**: 1.0.0 **Last Reviewed**: $(date) **Next Review**: $(date -d "+3 months") - diff --git a/docs/03-deployment/DEPLOYMENT_STATUS_MASTER.md b/docs/03-deployment/DEPLOYMENT_STATUS_MASTER.md index a4f1eed7..bb784890 100644 --- a/docs/03-deployment/DEPLOYMENT_STATUS_MASTER.md +++ b/docs/03-deployment/DEPLOYMENT_STATUS_MASTER.md @@ -1,6 +1,6 @@ # Deployment Status Master - Complete Overview -**Last Updated:** 2026-02-12 +**Last Updated:** 2026-04-03 **Status:** 🚀 **ACTIVE DEPLOYMENT** **Progress:** Foundation Complete → Service Migration In Progress @@ -78,14 +78,14 @@ ### r630-01 (192.168.11.11) **Running Containers:** -- Infrastructure: 100-108 (proxmox-mail-gateway, datacenter-manager, cloudflared, omada, gitea, nginxproxymanager, redis-rpc-translator, web3signer-rpc-translator, vault-rpc-translator) +- Infrastructure: 100-108 (proxmox-mail-gateway, datacenter-manager, cloudflared, gitea, nginxproxymanager, redis-rpc-translator, web3signer-rpc-translator, vault-rpc-translator); **VMID 103 (Omada) removed 2026-04-04** - Monitoring: 130 (monitoring-1) - **Besu RPC: 2503, 2504, 2505** (besu-rpc-hybx-1/2/3) - **Hyperledger: 5200 (cacti-1), 6000 (fabric-1), 6400 (indy-1)** **Host Services (not LXC):** - **CCIP Relay Service** — `/opt/smom-dbis-138/services/relay` (Node.js); relays Chain 138 → Mainnet; uses VMID 2201 RPC. See [07-ccip/CCIP_RELAY_DEPLOYMENT.md](../07-ccip/CCIP_RELAY_DEPLOYMENT.md). -- **Chain 138 smart contracts** — 36-address on-chain check: `./scripts/verify/check-contracts-on-chain-138.sh`; AddressMapper, MirrorManager deployed 2026-02-12. Deploy with `--with-gas-price 1000000000`. See [CONTRACT_ADDRESSES_REFERENCE](../11-references/CONTRACT_ADDRESSES_REFERENCE.md), [CONTRACT_DEPLOYMENT_RUNBOOK](CONTRACT_DEPLOYMENT_RUNBOOK.md). +- **Chain 138 smart contracts** — current canonical on-chain check is `88/88` via `./scripts/verify/check-contracts-on-chain-138.sh`; deploy with `--with-gas-price 1000000000`. See [CONTRACT_ADDRESSES_REFERENCE](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) and [CONTRACT_DEPLOYMENT_RUNBOOK](CONTRACT_DEPLOYMENT_RUNBOOK.md). **Stopped Containers (30+):** - DBIS services: 10100-10151 diff --git a/docs/03-deployment/ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md b/docs/03-deployment/ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md new file mode 100644 index 00000000..5ee89f33 --- /dev/null +++ b/docs/03-deployment/ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md @@ -0,0 +1,72 @@ +# Ethereum Mainnet DODOPMMIntegration Verification + +**Closed:** 2026-04-11 +**Contract:** `DODOPMMIntegration` +**Address:** `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` +**Network:** Ethereum Mainnet (`1`) +**Explorer:** + +## Outcome + +- Etherscan source verification passed on 2026-04-11. +- The contract page now shows `Contract Name: DODOPMMIntegration`. +- Compiler metadata confirmed on Etherscan: + - `v0.8.20+commit.a1b79de6` + - optimizer enabled + - `200` runs + - `london` EVM version + +## Why historical source was required + +Current `smom-dbis-138` HEAD no longer matched the deployed init code. Verification succeeded only after rebuilding against the historical source snapshot from: + +- `smom-dbis-138` commit `1511f33857829b762de5deeea135ce5af117997f` + +This is the source revision that matched both the deployment bytecode and the on-chain runtime. + +## Deployment provenance + +- **Creator / admin:** `0x4A666F96fC8764181194447A7dFdb7d471b301C8` +- **Create tx:** `0xeba51be6aa35825acfaedea122317a24951c4480e1f0fe610361bfab3dc1cea3` + +Constructor arguments used for verification: + +```text +admin 0x4A666F96fC8764181194447A7dFdb7d471b301C8 +dodoVendingMachine 0x9b55D9Bc2337f53aaF76AD923CCd01f0D2e4d07D +dodoApprove 0x0000000000000000000000000000000000000000 +officialUSDT 0xdAC17F958D2ee523a2206206994597C13D831ec7 +officialUSDC 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48 +compliantUSDT 0xaF5017d0163ecb99D9B5D94e3b4D7b09Af44D8AE +compliantUSDC 0x2de5F116bFcE3d0f922d9C8351e0c5Fc24b9284a +``` + +ABI-encoded constructor arguments: + +```text +0x0000000000000000000000004a666f96fc8764181194447a7dfdb7d471b301c80000000000000000000000009b55d9bc2337f53aaf76ad923ccd01f0d2e4d07d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dac17f958d2ee523a2206206994597c13d831ec7000000000000000000000000a0b86991c6218b36c1d19d4a2e9eb0ce3606eb48000000000000000000000000af5017d0163ecb99d9b5d94e3b4d7b09af44d8ae0000000000000000000000002de5f116bfce3d0f922d9c8351e0c5fc24b9284a +``` + +## Verification command + +Run from a worktree or checkout whose `contracts/dex/DODOPMMIntegration.sol` matches commit `1511f33857829b762de5deeea135ce5af117997f`: + +```bash +forge verify-contract \ + 0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84 \ + contracts/dex/DODOPMMIntegration.sol:DODOPMMIntegration \ + --chain-id 1 \ + --num-of-optimizations 200 \ + --constructor-args 0x0000000000000000000000004a666f96fc8764181194447a7dfdb7d471b301c80000000000000000000000009b55d9bc2337f53aaf76ad923ccd01f0d2e4d07d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dac17f958d2ee523a2206206994597c13d831ec7000000000000000000000000a0b86991c6218b36c1d19d4a2e9eb0ce3606eb48000000000000000000000000af5017d0163ecb99d9b5d94e3b4d7b09af44d8ae0000000000000000000000002de5f116bfce3d0f922d9c8351e0c5fc24b9284a \ + --watch +``` + +## Remaining manual step + +Source verification is complete. If a public explorer tag / label is still desired, that is a separate manual Etherscan account workflow: + +1. Open the contract page on Etherscan. +2. Use `Update Name Tag or Label`. +3. Complete ownership / support flow required by Etherscan. + +Do not treat the manual name-tag step as blocking source-verification closure in repo inventories. diff --git a/docs/03-deployment/EXPLORER_ACCESS_AND_RPC_PRODUCTS_RUNBOOK.md b/docs/03-deployment/EXPLORER_ACCESS_AND_RPC_PRODUCTS_RUNBOOK.md new file mode 100644 index 00000000..91d8ba6c --- /dev/null +++ b/docs/03-deployment/EXPLORER_ACCESS_AND_RPC_PRODUCTS_RUNBOOK.md @@ -0,0 +1,265 @@ +# Explorer Access And RPC Products Runbook + +## Purpose + +This runbook explains the explorer access layer that now sits alongside the public Chain 138 explorer. It covers: + +- user sign-up and login for the `/access` console +- RPC product catalog behavior +- subscription and approval flow +- API key issuance and revocation +- current limits of the commercial/control plane + +## Audience + +- operators managing access to Chain 138 RPC lanes +- developers consuming RPC products through the explorer +- admins reviewing whether a product is self-service or approval-gated + +## Current products + +The access plane currently models three RPC products: + +| Product | Slug | Provider | VMID | Access model | Billing model | +|---|---|---|---:|---|---| +| Core RPC | `core-rpc` | `besu-core` | 2101 | approval required | `contract` | +| Alltra RPC | `alltra-rpc` | `alltra` | 2102 | self-service | `subscription` | +| Thirdweb RPC | `thirdweb-rpc` | `thirdweb` | 2103 | self-service | `subscription` | + +## User flow + +### 1. Register or log in + +Users open the explorer access console at `/access` and either: + +- register with email, username, and password +- log in with email and password + +Successful registration or login returns a user session token. The frontend stores this token locally and uses it for `/api/v1/access/*` endpoints. + +### 2. Review products + +The product catalog is public and can be read without logging in: + +- `GET /api/v1/access/products` + +Each product currently exposes: + +- provider +- VMID +- HTTP and WebSocket URLs +- default tier +- approval requirement +- billing model +- intended use cases +- management features + +### 3. Request or activate access + +Logged-in users can request a subscription for a product: + +- `POST /api/v1/access/subscriptions` + +Behavior differs by product type: + +- self-service products (`alltra-rpc`, `thirdweb-rpc`) become `active` immediately +- approval-gated products (`core-rpc`) become `pending` + +### 4. Create an API key + +After a subscription is active, the user can create an API key: + +- `POST /api/v1/access/api-keys` + +The current implementation assigns: + +- default scopes per product unless the user chooses a narrower scope set +- tier-based quotas +- tier-based rate limits +- optional expiry presets or no-expiry +- optional quota override for controlled issuance + +For approval-gated products, key creation is blocked until the product subscription becomes active. + +### 4.1 Rotate an API key + +The access console now supports rotation directly from the issued-keys list: + +1. mint a replacement key with the same tier/product/scopes/quota posture +2. show the new plaintext key once +3. revoke the old key + +This is intentionally simple, but it is vastly preferable to pretending revoke-and-recreate is an acceptable operator ritual with no UI support. + +### 5. Revoke an API key + +Users can revoke their own keys from the access console or API: + +- `POST /api/v1/access/api-keys/{id}` +- `DELETE /api/v1/access/api-keys/{id}` + +## Tiers and quotas + +The current tier defaults are: + +| Tier | Approx. monthly quota | Requests/sec | Requests/minute | +|---|---:|---:|---:| +| `free` | 10,000 | 5 | 100 | +| `pro` | 100,000 | 20 | 1,000 | +| `enterprise` | 1,000,000 | 100 | 10,000 | + +These values are enforced in the explorer data model and API key records. Edge-level enforcement is still a separate infrastructure task. + +## Current API surfaces + +### Public endpoints + +- `GET /api/v1/access/products` + +### Authenticated user-session endpoints + +- `GET /api/v1/access/me` +- `GET /api/v1/access/subscriptions` +- `POST /api/v1/access/subscriptions` +- `GET /api/v1/access/api-keys` +- `POST /api/v1/access/api-keys` +- `POST /api/v1/access/api-keys/{id}` +- `DELETE /api/v1/access/api-keys/{id}` +- `GET /api/v1/access/usage` +- `GET /api/v1/access/audit` + +## Approval model + +The present implementation distinguishes between: + +- immediate activation for self-service products +- pending approval for restricted/operator-grade products + +At the moment, `core-rpc` is the only modeled approval-gated product. The explorer now exposes an admin review surface for these subscriptions when the signed-in user's email is included in the `ACCESS_ADMIN_EMAILS` allowlist. + +Admin-only access feeds now also include: + +- `GET /api/v1/access/admin/subscriptions` +- `GET /api/v1/access/admin/audit` + +### Admin allowlist + +Set a comma-separated allowlist in the explorer API environment: + +```bash +ACCESS_ADMIN_EMAILS=ops@example.com,infra@example.com +``` + +Admins can then: + +- review pending restricted-product subscriptions +- approve them to `active` +- suspend them +- revoke them + +This is intentionally narrow and explicit. It is not a full RBAC system, but it is far less vulgar than pretending approvals happen by osmosis. + +## What this does not yet do + +The access layer is intentionally honest about its current limits. + +It already provides: + +- user identity for the access console +- product modeling +- subscriptions +- API key lifecycle +- usage summaries from stored key records + +It does not yet provide full production commercial enforcement by itself: + +- no Stripe or invoice collection is wired here yet +- no x402 payment settlement is wired here yet +- no nginx/Besu/relay key validation middleware is enforced by this runbook alone +- usage is summarized from application records, not yet from live edge metering + +## Recommended next operational steps + +1. Wire API key validation and quota checks into the RPC edge serving `2102` and `2103`. +2. Set `ACCESS_ADMIN_EMAILS` and use the access console to review `core-rpc` requests. +3. Connect billing collection for subscription products. +4. Feed live edge traffic into `api_key_usage_logs` and quota counters. +5. Add key rotation, expiry presets, and scoped permissions in the UI. + +## Edge enforcement sketch + +The explorer access plane now models users, subscriptions, approvals, quotas, and API keys. To enforce that at the edge: + +1. Require `X-API-Key` or `Authorization: Bearer ` at the RPC ingress for `2102` and `2103`. +2. Validate the presented key against the explorer access API or a replicated access store. +3. Reject revoked, expired, or unapproved keys. +4. Increment usage counters and/or append `api_key_usage_logs`. +5. Apply per-tier rate ceilings using the stored per-second and per-minute limits. + +### Internal validation hook + +The explorer API now exposes: + +- `POST /api/v1/access/internal/validate-key` +- `GET /api/v1/access/internal/validate-key` + +This endpoint is meant for internal ingress or relay enforcement, not browsers. It requires: + +- `X-Access-Internal-Secret: ` +- `ACCESS_INTERNAL_SECRET` configured on the explorer API + +Request body: + +```json +{ + "api_key": "ek_...", + "method_name": "eth_call", + "request_count": 1, + "last_ip": "203.0.113.10" +} +``` + +On success it returns validated key metadata and increments usage counters/log rows. + +For nginx `auth_request`, use the `GET` form instead: + +- `X-Access-Internal-Secret: ` +- `X-API-Key: ek_...` or `Authorization: Bearer ek_...` +- `X-Access-Method: eth_call` +- `X-Access-Request-Count: 1` + +That flow returns `200` or `401` and also exports headers such as: + +- `X-Validated-Product` +- `X-Validated-Tier` +- `X-Validated-Scopes` +- `X-Quota-Remaining` + +Canonical operator references: + +- [explorer-monorepo/deployment/ACCESS_EDGE_ENFORCEMENT_RUNBOOK.md](../../explorer-monorepo/deployment/ACCESS_EDGE_ENFORCEMENT_RUNBOOK.md) +- [explorer-monorepo/deployment/common/nginx-rpc-api-key-gate.conf](../../explorer-monorepo/deployment/common/nginx-rpc-api-key-gate.conf) +- [explorer-monorepo/scripts/verify-explorer-access-edge-hook.sh](../../explorer-monorepo/scripts/verify-explorer-access-edge-hook.sh) + +Until that layer is wired, the explorer access plane is authoritative for management state, not yet for hard traffic enforcement. + +## Thirdweb deployment note + +For `thirdweb-rpc`, treat the explorer access console as: + +- identity +- RPC subscription and API-key management +- future deploy permissions and audit surface + +Do not treat it as if Thirdweb's dashboard alone provides private-repo deployment orchestration. + +The correct model is: + +1. repo access and compile happen in your CI or worker +2. the backend holds the Thirdweb secret +3. deploy happens through Thirdweb Engine/API or approved CLI flow +4. verification happens against Blockscout + +Canonical reference: + +- [THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md](../04-configuration/THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md) diff --git a/docs/03-deployment/EXPLORER_COMPETITIVE_AUDIT_2026-04-09.md b/docs/03-deployment/EXPLORER_COMPETITIVE_AUDIT_2026-04-09.md new file mode 100644 index 00000000..c1990d9d --- /dev/null +++ b/docs/03-deployment/EXPLORER_COMPETITIVE_AUDIT_2026-04-09.md @@ -0,0 +1,466 @@ +# Explorer Competitive Audit + +Date: 2026-04-09 + +Scope: + +- Product under review: SolaceScanScout / Chain 138 explorer in `explorer-monorepo/` +- Comparison set: Etherscan, Blockscout, Blockchain.com Explorer, Solscan, and the general top-explorer market +- Goal: translate the prior qualitative review into a decision-grade audit with a weighted rubric, a feature matrix, and a roadmap from the current `5.8/10` state to category-leading quality + +## Executive Summary + +The current explorer is not weak, but it is mispositioned if judged as a direct Etherscan replacement. + +Today it scores: + +- `5.8/10` as a public blockchain explorer product +- `7.1/10` as a Chain 138-specific explorer plus operator cockpit + +The product is strongest where general explorers are weakest: + +- Chain 138-specific workflows +- mission-control and operator-adjacent monitoring +- bridge, liquidity, routing, wallet, and command-center tie-ins + +The product is weakest where users expect top explorers to be strongest: + +- transaction depth +- address depth +- token intelligence +- contract tooling +- analytics richness +- trust, polish, and “power-user completeness” + +Important interpretation: + +- `10/10` means category-leading explorer quality on a normal scale +- `14/10` is not a literal score; it is a shorthand for “best-in-class explorer plus differentiated platform moat” +- The realistic path is: + 1. move from `5.8/10` to `8/10` by closing obvious explorer gaps + 2. move from `8/10` to `10/10` by reaching explorer-category parity + 3. move from `10/10` to the “`14/10`” vision by adding unique Chain 138 and operator-native capabilities no major explorer currently combines + +## Evidence Base + +This audit is based on: + +- Local product surface in: + - `explorer-monorepo/frontend/src/pages/` + - `explorer-monorepo/frontend/src/components/` + - `explorer-monorepo/frontend/src/services/api/` + - `explorer-monorepo/backend/api/rest/swagger.yaml` +- Recent public benchmark sources: + - Etherscan feature index: + - Etherscan watch list: + - Etherscan private tags: + - Blockscout verification docs: + - Blockscout verification API: + - Blockscout contract interaction docs: + - Blockscout watch list docs: + - Blockchain.com Explorer: + - Blockchain.com charts: + - Blockchain.com mempool charts: + - Solscan analytics dashboard docs: + +## Current Product Snapshot + +The explorer already provides a real product skeleton, not just a demo: + +- core navigation and route coverage +- blocks, transactions, addresses, search, tokens, and watchlist pages +- mission-control, routes, bridge, liquidity, pools, analytics, operator, and wallet surfaces +- Blockscout-backed explorer data with a Chain 138 RPC-aware fallback for missing transactions +- stronger dead-end handling than before the recent fixes + +Representative local implementation points: + +- navigation: `explorer-monorepo/frontend/src/components/common/Navbar.tsx` +- tx detail: `explorer-monorepo/frontend/src/pages/transactions/[hash].tsx` +- address detail: `explorer-monorepo/frontend/src/pages/addresses/[address].tsx` +- search: `explorer-monorepo/frontend/src/pages/search/index.tsx` +- tokens: `explorer-monorepo/frontend/src/pages/tokens/index.tsx` +- watchlist: `explorer-monorepo/frontend/src/pages/watchlist/index.tsx` +- analytics shell: `explorer-monorepo/frontend/src/components/explorer/AnalyticsOperationsPage.tsx` +- API contract: `explorer-monorepo/backend/api/rest/swagger.yaml` + +## Weighted Score Rubric + +Scoring model: + +- Each category is scored from `0` to `10` +- Weighted total is the sum of `score/10 * weight` +- Maximum weighted total = `100` +- Final product score = weighted total divided by `10` + +### Category Weights + +| Category | Weight | What “10/10” Means | +| --- | ---: | --- | +| Core navigation and discoverability | 10 | Users can move anywhere important with near-zero dead ends or ambiguity | +| Search and entity resolution | 10 | Fast, accurate, direct, and forgiving lookup across addresses, txs, blocks, tokens, contracts, labels | +| Transaction detail depth | 15 | Rich tx page with internal txs, logs, decoded methods/events, token transfers, traces, failure diagnostics | +| Address and account intelligence | 15 | Portfolio, holdings, activity segmentation, labels, approvals, analytics, exports, and useful pivots | +| Token and asset explorer quality | 10 | Holders, transfers, metadata, market context, trust signals, supply, and route/liquidity context | +| Contract and developer tooling | 10 | Verification, source browsing, ABI UX, read/write contract, API confidence, docs, and developer trust | +| Analytics and data storytelling | 10 | Charts, dashboards, trends, protocol/network insights, and explainable metrics | +| Performance, reliability, and dead-end handling | 10 | Pages load consistently, degraded states are explicit, broken routes are rare, and fallbacks are credible | +| UX polish and trustworthiness | 10 | Feels premium, coherent, legible, and “safe to rely on” for serious work | + +### Current Weighted Scores + +| Category | Weight | Current Score | Weighted Result | Notes | +| --- | ---: | ---: | ---: | --- | +| Core navigation and discoverability | 10 | 7.5 | 7.5 | Good routing coverage and better onward navigation than before | +| Search and entity resolution | 10 | 7.0 | 7.0 | Strong direct matching, but broad search depth is still limited | +| Transaction detail depth | 15 | 4.5 | 6.75 | Lacks traces, decoded logs, token transfer tabs, and contract interaction context | +| Address and account intelligence | 15 | 5.0 | 7.5 | Useful basics, but not a power-user account page | +| Token and asset explorer quality | 10 | 3.5 | 3.5 | Mostly shortcut/search behavior, not a mature token explorer | +| Contract and developer tooling | 10 | 3.5 | 3.5 | Some backend signals exist, but not exposed as top-tier user tooling | +| Analytics and data storytelling | 10 | 4.5 | 4.5 | Thin dashboard, limited explanatory analytics | +| Performance, reliability, and dead-end handling | 10 | 6.5 | 6.5 | Improved meaningfully, but still not elite | +| UX polish and trustworthiness | 10 | 5.3 | 5.3 | Coherent enough, but still feels niche and partially assembled | +| Total | 100 | | 58.05 | `5.8/10` overall | + +## Competitive Positioning + +### Score Summary + +| Product | Score | Position | +| --- | ---: | --- | +| Etherscan | 9.4 | Category leader for general EVM explorer utility | +| Strong Blockscout deployment | 8.2 | Best open-source explorer baseline, especially for teams that expose full contract tooling well | +| Solscan | 8.0 | Strong ecosystem-native explorer with better analytics and account views | +| Blockchain.com Explorer | 7.0 | Strong macro-market and network-stat presentation, weaker as an EVM contract explorer benchmark | +| SolaceScanScout current | 5.8 | Good niche product, not yet a category-leading explorer | + +### Feature-By-Feature Competitor Matrix + +Legend: + +- `Strong` = mature, expected, competitive +- `Partial` = present but thin, inconsistent, or not power-user grade +- `Weak` = noticeable gap +- `Unique` = differentiator not commonly found in the comparison set + +| Capability | SolaceScanScout | Etherscan | Strong Blockscout | Blockchain.com | Solscan | Notes | +| --- | --- | --- | --- | --- | --- | --- | +| Global nav clarity | Partial | Strong | Strong | Strong | Strong | Current nav is good, but product identity is split between explorer and ops console | +| Direct address / tx / block search | Strong | Strong | Strong | Strong | Strong | Current direct-match behavior is solid | +| Fuzzy / broad search depth | Partial | Strong | Strong | Partial | Strong | Needs better entity breadth and ranking | +| Block list and block detail | Partial | Strong | Strong | Strong | Strong | Adequate, but not insight-rich | +| Transaction detail basics | Partial | Strong | Strong | Partial | Strong | Hash, from/to, status, gas are present | +| Internal transactions / traces | Weak | Strong | Strong | Weak | Partial | Major gap | +| Decoded method and event logs | Weak | Strong | Strong | Weak | Strong | Major gap | +| Token transfer tabs in tx view | Weak | Strong | Strong | Weak | Strong | Major gap | +| Tx failure diagnostics | Partial | Strong | Partial | Weak | Partial | Current missing-tx diagnosis is a good start, but not full execution diagnostics | +| Address overview basics | Partial | Strong | Strong | Partial | Strong | Present but shallow | +| Address holdings / balances view | Weak | Strong | Strong | Partial | Strong | Major gap | +| Address analytics tab | Weak | Strong | Partial | Weak | Strong | Major gap | +| Labels / tags / private notes | Partial | Strong | Strong | Weak | Partial | Watchlist exists, but labeling workflow is light | +| Watchlist | Strong | Strong | Strong | Weak | Strong | Local watchlist is a meaningful strength | +| Token pages | Weak | Strong | Strong | Partial | Strong | Current token page is mostly search scaffolding | +| Token holders / transfers | Weak | Strong | Strong | Weak | Strong | Major gap | +| Contract verification UX | Weak | Strong | Strong | Weak | Partial | Backend hints exist, but user-facing flow is not there | +| Read / write contract | Weak | Strong | Strong | Weak | Partial | Major gap | +| API and docs trust | Partial | Strong | Strong | Partial | Strong | Swagger exists, but developer experience is not yet elite | +| Network / macro analytics | Partial | Strong | Partial | Strong | Strong | Current analytics are useful but thin | +| Chain-specific operational tooling | Unique | Weak | Partial | Weak | Partial | This is where the product can win | +| Bridge / liquidity / route intelligence | Unique | Weak | Weak | Weak | Partial | Real differentiation opportunity | +| Graceful degraded states | Partial | Strong | Partial | Strong | Strong | Improved recently, still not best-in-class | +| Overall trust and polish | Partial | Strong | Strong | Strong | Strong | The product still feels niche instead of inevitable | + +## Strengths To Preserve + +These are not just “nice extras”; they are the seeds of the product moat: + +- Chain 138-aware transaction diagnostics +- explorer plus bridge plus liquidity plus routes plus mission-control in one place +- operator-adjacent functionality that can grow into a real command surface +- watchlist and navigation improvements that reduce dead ends +- practical bridge and route orientation for actual chain usage, not just passive observation + +## Biggest Gaps + +These are the highest-impact reasons the product trails top explorers: + +1. Transaction pages are not yet “investigation pages.” + They show basics, but not the execution narrative users expect. + +2. Address pages are not yet “entity pages.” + They do not explain what an address holds, does, approves, or influences. + +3. Token pages are not yet real token explorer pages. + They are mostly routing/search entry points. + +4. Contract and developer tooling are too hidden or too thin. + The product does not yet feel developer-serious in the way Etherscan and top Blockscout deployments do. + +5. Analytics are present as tiles, not as a real data product. + They inform, but they do not yet reveal. + +## Exact Roadmap + +This roadmap is ordered by score impact, user value, and implementation leverage. + +### Phase 1: Move From 5.8/10 To 8/10 + +Target outcome: + +- eliminate the most obvious reasons a serious user bounces back to Etherscan or a raw Blockscout page + +#### 1. Make transaction pages investigation-grade + +Add to `transactions/[hash].tsx` and supporting APIs: + +- token transfer section +- internal transactions / trace section +- decoded method name and arguments +- decoded event logs +- revert reason or failure summary when available +- expandable raw input and receipt JSON +- next/previous pivots: + - block + - from address + - to address + - created contract + +Expected score lift: + +- transaction detail from `4.5` to `7.5` + +#### 2. Make address pages entity-grade + +Add to `addresses/[address].tsx` and supporting APIs: + +- token balances section +- contract vs EOA behavior summary +- incoming vs outgoing activity summary +- latest token transfers +- internal tx tab +- approvals / allowances tab if data is available +- labels / notes / watchlist metadata layer +- export CSV / JSON for recent activity + +Expected score lift: + +- address intelligence from `5.0` to `7.0` + +#### 3. Replace the token shortcut page with real token explorer pages + +Implement: + +- token detail route by address +- token overview with symbol, supply, holders count, transfers count +- holders table +- recent transfers +- related pools / routes / liquidity context +- trust and provenance badges for Chain 138-curated assets + +Expected score lift: + +- token quality from `3.5` to `7.0` + +#### 4. Tighten search into an explorer-grade finder + +Add: + +- entity grouping in results +- better ranking for exact match vs partial match +- support for token symbols, labels, and curated contract aliases +- “did you mean” behavior for malformed inputs +- explicit no-result fallback actions per entity type + +Expected score lift: + +- search from `7.0` to `8.0` + +#### 5. Remove remaining trust dents + +Finish: + +- full dead-link audit +- all public links verified +- uniform loading / empty / error states +- ensure every page has onward navigation +- no route that returns a vague failure without recommended next action + +Expected score lift: + +- reliability/dead-end handling from `6.5` to `8.0` +- UX trust from `5.3` to `6.5` + +### Phase 2: Move From 8/10 To 10/10 + +Target outcome: + +- the product feels credible beside a strong Blockscout deployment and respectable beside Etherscan for daily use + +#### 6. Ship contract and developer power tools + +Add: + +- verified contract page enhancements +- source code browser +- ABI tab +- read contract +- write contract +- verification submission UX +- contract diff / similar-match support where possible +- first-class API docs and working examples + +Expected score lift: + +- contract/developer tooling from `3.5` to `8.0` + +#### 7. Make analytics a real product surface + +Add: + +- chain activity charts +- transaction throughput and gas trends +- token and bridge flows +- top contracts / top tokens / top counterparties +- route and liquidity health trends +- anomaly callouts +- downloadable snapshots for operators and analysts + +Expected score lift: + +- analytics from `4.5` to `8.0` + +#### 8. Add account intelligence features users expect from leaders + +Add: + +- saved labels and notes +- notification hooks or webhook/email alerts +- approval risk surfaces +- address clustering or relationship hints +- better wallet-oriented views + +Expected score lift: + +- address intelligence from `7.0` to `8.5` +- UX trust from `6.5` to `8.0` + +### Phase 3: Move Beyond 10/10 Into The “14/10” Vision + +Target outcome: + +- the explorer is no longer trying to be a smaller Etherscan +- it becomes the canonical Chain 138 intelligence and action layer + +This phase should not be interpreted as “add more random features.” +It means creating a product class that top explorers do not currently own. + +#### 9. Fuse explorer data with actionability + +Turn pages into decision surfaces: + +- from a token page: + - inspect + - route + - add to wallet + - view liquidity + - simulate swap +- from an address page: + - inspect + - label + - alert + - export + - route to related pools and contracts +- from a failed tx page: + - diagnose + - compare RPC views + - suggest likely cause + - point to next operator action + +This is the product bridge between explorer and command center. + +#### 10. Make Chain 138 provenance and trust visible everywhere + +Add first-class trust surfaces: + +- canonical asset registry badges +- official / partner / community provenance states +- deployment source and verification lineage +- bridge origin and wrapped-asset lineage +- liquidity health and route confidence +- chain-specific token warnings that are not generic scam heuristics + +This is a major opportunity because generic explorers are chain-agnostic and usually weaker here. + +#### 11. Build mission-control-quality chain intelligence into normal explorer pages + +Expose: + +- bridge health inline on affected asset pages +- route quality inline on token and pool pages +- chain head / indexing lag confidence on tx and block pages +- mempool, nonce, and propagation diagnostics for operators and power users +- public and operator views with progressive disclosure instead of separate product worlds + +#### 12. Create a best-in-class Chain 138 analytics graph + +Add differentiated analytics no mainstream explorer fully combines: + +- token flow graph for canonical assets +- bridge flow graph +- liquidity topology graph +- route availability and degradation history +- deployment and contract registry coverage maps +- “what changed today” chain summary for operators and analysts + +#### 13. Become the Chain 138 developer home, not just the public explorer + +Add: + +- SDK snippets from every relevant page +- verified ABI download and copy surfaces +- per-page API examples +- explorer-linked runbooks for operator-grade diagnostics +- issue reporting and metadata correction workflow + +## Recommended Score Targets By Phase + +| Phase | Target Score | Meaning | +| --- | ---: | --- | +| Current | 5.8 | Useful niche explorer, clearly below top-tier leaders | +| Phase 1 complete | 8.0 | Strong public explorer for daily Chain 138 use | +| Phase 2 complete | 9.5 to 10.0 | Category-leading explorer for its ecosystem | +| Phase 3 complete | “14/10” vision | Explorer plus command center plus asset-intelligence moat | + +## What To Build First + +If only a few streams can run immediately, the highest-yield order is: + +1. transaction detail depth +2. address intelligence +3. real token pages +4. contract tooling +5. analytics overhaul +6. provenance / trust layer +7. explorer-to-action workflows + +## Product Recommendation + +Do not market this as “another Etherscan.” + +The stronger positioning is: + +- the canonical Chain 138 explorer +- the intelligence layer for Chain 138 assets, routes, and bridge state +- the command surface for both public users and serious operators + +That positioning supports the “14/10” roadmap because it aims at a broader and more defensible product than a generic explorer clone. + +## Short Conclusion + +The explorer is already good enough to be useful. +It is not yet good enough to feel inevitable. + +The shortest path to a much stronger product is not visual redesign alone. +It is deeper transaction pages, deeper address pages, real token intelligence, and contract/developer tooling. + +The path to “14/10” is then to stop competing on generic parity alone and win on Chain 138-native intelligence, trust, and actionability. diff --git a/docs/03-deployment/EXPLORER_EXECUTION_PLAN_2026-04-09.md b/docs/03-deployment/EXPLORER_EXECUTION_PLAN_2026-04-09.md new file mode 100644 index 00000000..852cb802 --- /dev/null +++ b/docs/03-deployment/EXPLORER_EXECUTION_PLAN_2026-04-09.md @@ -0,0 +1,512 @@ +# Explorer Execution Plan + +Date: 2026-04-09 + +Companion documents: + +- [Explorer Competitive Audit](/home/intlc/projects/proxmox/docs/03-deployment/EXPLORER_COMPETITIVE_AUDIT_2026-04-09.md) +- [Chain 138 EOA Nonce Recovery And Cancellation](/home/intlc/projects/proxmox/docs/03-deployment/CHAIN138_EOA_NONCE_RECOVERY_AND_CANCELLATION.md) + +Purpose: + +- convert the competitive audit into an execution-ready plan +- define the fastest path from the current `5.8/10` explorer score toward `8/10`, then `10/10`, then the “`14/10`” vision +- map roadmap items to likely implementation surfaces in this repo + +## Outcome Targets + +### Phase A: Reach 8/10 + +Success means: + +- public users can investigate transactions and addresses without immediately leaving for another explorer +- tokens feel like real explorer entities, not just shortcuts +- search and degraded states feel deliberate + +### Phase B: Reach 10/10 + +Success means: + +- the explorer is credible beside strong Blockscout deployments +- developers and power users can verify, inspect, and interact with contracts from the product +- analytics become a real product surface, not a dashboard garnish + +### Phase C: Reach the “14/10” vision + +Success means: + +- the explorer becomes the canonical Chain 138 intelligence and action layer +- public explorer, operator awareness, route intelligence, and trust/provenance are fused into one product + +## Product Principles + +These principles should constrain implementation decisions: + +1. Every page must answer “what do I do next?” +2. Every important state must degrade clearly and honestly. +3. Deep data should be progressively disclosed, not hidden behind separate products. +4. Chain 138-specific context is not a sidecar. It is the differentiator. +5. Do not chase Etherscan parity blindly. Match the essentials, then exceed it with Chain 138-native intelligence. + +## Current Leverage In The Codebase + +Important existing surfaces: + +- Frontend pages: + - `explorer-monorepo/frontend/src/pages/transactions/[hash].tsx` + - `explorer-monorepo/frontend/src/pages/addresses/[address].tsx` + - `explorer-monorepo/frontend/src/pages/search/index.tsx` + - `explorer-monorepo/frontend/src/pages/tokens/index.tsx` + - `explorer-monorepo/frontend/src/pages/analytics/index.tsx` +- Frontend data layer: + - `explorer-monorepo/frontend/src/services/api/transactions.ts` + - `explorer-monorepo/frontend/src/services/api/addresses.ts` + - `explorer-monorepo/frontend/src/services/api/blockscout.ts` + - `explorer-monorepo/frontend/src/services/api/missionControl.ts` + - `explorer-monorepo/frontend/src/services/api/routes.ts` +- Backend REST: + - `explorer-monorepo/backend/api/rest/transactions.go` + - `explorer-monorepo/backend/api/rest/addresses.go` + - `explorer-monorepo/backend/api/rest/search.go` + - `explorer-monorepo/backend/api/rest/mission_control.go` + - `explorer-monorepo/backend/api/rest/swagger.yaml` +- Backend GraphQL: + - `explorer-monorepo/backend/api/graphql/schema.graphql` + - `explorer-monorepo/backend/api/graphql/resolvers.go` + +Important note: + +- `schema.graphql` already declares `Transaction.logs` and `Transaction.trace` +- that suggests there is already a conceptual contract for deeper tx pages +- the shortest path may be to wire missing data rather than invent the entire model from scratch + +## Execution Order + +The highest-yield order is: + +1. transaction investigation depth +2. address intelligence +3. token explorer overhaul +4. contract and developer tooling +5. analytics overhaul +6. provenance and trust layer +7. explorer-to-action workflows + +This order is chosen because it: + +- raises perceived quality quickly +- closes the biggest benchmark gaps first +- creates reusable backend primitives for later phases + +## Workstreams + +## Workstream 1: Transaction Investigation Depth + +Goal: + +- turn transaction pages into investigation pages + +### Scope + +- token transfer section +- logs section +- decoded method and arguments +- decoded event logs +- trace or internal call tree +- receipt and raw payload expansions +- richer failure and revert diagnostics + +### Primary files + +- `explorer-monorepo/frontend/src/pages/transactions/[hash].tsx` +- `explorer-monorepo/frontend/src/services/api/transactions.ts` +- `explorer-monorepo/frontend/src/services/api/blockscout.ts` +- `explorer-monorepo/backend/api/rest/transactions.go` +- `explorer-monorepo/backend/api/graphql/schema.graphql` +- `explorer-monorepo/backend/api/graphql/resolvers.go` + +### Suggested ticket slices + +1. Add transaction receipt and token transfer support to the frontend API layer. +2. Add logs and trace support to the backend API contract. +3. Render tabs or sections on the tx detail page for: + - overview + - token transfers + - logs + - trace + - raw +4. Add human-readable failure diagnostics when status is failed. +5. Add unit tests for normalized tx payloads and missing/degraded states. + +### KPI + +- a power user can answer “what happened in this tx?” without leaving the explorer + +## Workstream 2: Address Intelligence + +Goal: + +- turn address pages into entity pages + +### Scope + +- holdings summary +- token balances list +- incoming vs outgoing segmentation +- latest token transfers +- internal tx tab +- approvals and allowances if available +- better contract-vs-EOA summaries +- saved labels and notes scaffolding + +### Primary files + +- `explorer-monorepo/frontend/src/pages/addresses/[address].tsx` +- `explorer-monorepo/frontend/src/services/api/addresses.ts` +- `explorer-monorepo/frontend/src/services/api/blockscout.ts` +- `explorer-monorepo/backend/api/rest/addresses.go` +- `explorer-monorepo/backend/api/rest/addresses_list.go` +- `explorer-monorepo/backend/api/graphql/schema.graphql` + +### Suggested ticket slices + +1. Add token balances and token transfer retrieval. +2. Add address activity summary aggregation. +3. Add contract profile surfaces: + - verified status + - label + - token/contract classification +4. Add tabs or section navigation: + - overview + - transactions + - token transfers + - internal txs + - holdings +5. Extend watchlist into metadata-backed saved entities. + +### KPI + +- a user can answer “what is this address and what does it hold or do?” from one page + +## Workstream 3: Token Explorer Overhaul + +Goal: + +- replace the current token shortcut page with real token explorer functionality + +### Scope + +- token detail route +- token overview +- holders table +- transfers table +- supply and metadata +- liquidity and route context +- trust/provenance badges + +### Primary files + +- `explorer-monorepo/frontend/src/pages/tokens/index.tsx` +- new route likely needed: + - `explorer-monorepo/frontend/src/pages/tokens/[address].tsx` +- `explorer-monorepo/frontend/src/services/api/blockscout.ts` +- likely new frontend service: + - `explorer-monorepo/frontend/src/services/api/tokens.ts` +- backend: + - either new REST handlers or proxied Blockscout surfaces via `backend/api/rest/` + +### Suggested ticket slices + +1. Add token API service for overview, holders, and transfers. +2. Create token detail route by contract address. +3. Rework `/tokens` into: + - token discovery + - curated token index + - top token categories +4. Add liquidity and route modules on token pages. +5. Add asset provenance badges backed by the Chain 138 registry. + +### KPI + +- token pages become destinations, not just redirect helpers + +## Workstream 4: Contract And Developer Tooling + +Goal: + +- make the explorer developer-serious + +### Scope + +- verification status +- source code browsing +- ABI access +- read contract +- write contract +- verification submission flow +- API examples and developer docs + +### Primary files + +- `explorer-monorepo/backend/api/rest/features.go` +- `explorer-monorepo/backend/api/rest/swagger.yaml` +- `explorer-monorepo/backend/api/rest/addresses.go` +- `explorer-monorepo/backend/api/graphql/schema.graphql` +- frontend: + - new contract sections in address pages + - likely new reusable components under `frontend/src/components/` + +### Suggested ticket slices + +1. Surface contract verification state on address pages. +2. Add ABI and source tabs for verified contracts. +3. Add read-contract UI for common methods. +4. Add write-contract UX only when the security model is explicit and safe. +5. Publish API examples linked from relevant explorer pages. + +### KPI + +- developers can inspect and interact with contracts without defaulting to a different explorer + +## Workstream 5: Analytics Overhaul + +Goal: + +- turn analytics into a real product surface + +### Scope + +- chain activity charts +- gas and throughput trends +- bridge flow analytics +- token flow analytics +- liquidity and route health trends +- notable changes and anomaly callouts + +### Primary files + +- `explorer-monorepo/frontend/src/components/explorer/AnalyticsOperationsPage.tsx` +- `explorer-monorepo/frontend/src/pages/analytics/index.tsx` +- `explorer-monorepo/frontend/src/services/api/stats.ts` +- `explorer-monorepo/frontend/src/services/api/missionControl.ts` +- backend: + - `explorer-monorepo/backend/api/rest/stats.go` + - `explorer-monorepo/backend/api/rest/mission_control.go` + - `explorer-monorepo/backend/api/track1/bridge_status_data.go` + +### Suggested ticket slices + +1. Add timeseries endpoints for chain stats. +2. Add chart modules for throughput, gas, and indexing health. +3. Add route/liquidity health history. +4. Add top entities dashboards: + - top contracts + - top tokens + - top bridge corridors +5. Add downloadable snapshots for operator and analyst use. + +### KPI + +- analytics explain what changed, not just what exists + +## Workstream 6: Provenance And Trust Layer + +Goal: + +- make Chain 138 trust and provenance visible everywhere + +### Scope + +- canonical asset indicators +- verified deployment lineage +- wrapped-asset origin +- partner or official labels +- route confidence and liquidity confidence +- public warnings for risky or unofficial assets + +### Primary files + +- `explorer-monorepo/backend/api/rest/config/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json` +- `explorer-monorepo/backend/api/rest/config/metamask/GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json` +- `explorer-monorepo/backend/api/rest/config/metamask/CHAIN138_RPC_CAPABILITIES.json` +- `explorer-monorepo/frontend/src/services/api/missionControl.ts` +- token, address, route, and liquidity pages on the frontend + +### Suggested ticket slices + +1. Define provenance badge taxonomy. +2. Add registry-backed trust metadata API. +3. Render badges on token, address, pool, and route pages. +4. Add warning copy for unofficial or incomplete assets. +5. Add route confidence visuals tied to actual backend health. + +### KPI + +- users can tell which assets and routes are canonical, partner-backed, or uncertain at a glance + +## Workstream 7: Explorer-To-Action Flows + +Goal: + +- make the explorer actionable, not just informative + +### Scope + +- add-to-wallet from token and contract pages +- route or swap simulation from token pages +- liquidity pivots from token and pool pages +- mission-control pivots from failed tx or route pages +- operator-safe diagnostics for advanced users + +### Primary files + +- `explorer-monorepo/frontend/src/components/wallet/AddToMetaMask.tsx` +- `explorer-monorepo/frontend/src/services/api/routes.ts` +- `explorer-monorepo/frontend/src/services/api/liquidity.ts` +- `explorer-monorepo/frontend/src/services/api/planner.ts` +- route, pool, token, transaction, and address pages + +### Suggested ticket slices + +1. Add “next action” modules to token pages. +2. Add route simulation hooks where data exists. +3. Add tx troubleshooting suggestions for degraded states. +4. Add operator-depth panels with progressive disclosure. + +### KPI + +- users can move from understanding to action without changing products + +## Milestone Plan + +## Milestone M1: Investigation Core + +Goal: + +- complete Workstreams 1 and 2 at baseline depth + +Expected score movement: + +- `5.8` to about `7.2` + +Definition of done: + +- transaction pages have logs, transfers, and trace or internal-call context +- address pages have holdings and transfer depth +- all degraded states have explicit next actions + +## Milestone M2: Real Token Explorer + +Goal: + +- complete Workstream 3 + +Expected score movement: + +- `7.2` to about `8.0` + +Definition of done: + +- tokens have detail pages +- holders and transfers are visible +- Chain 138 token trust metadata is visible + +## Milestone M3: Developer Credibility + +Goal: + +- complete Workstream 4 + +Expected score movement: + +- `8.0` to about `8.8` + +Definition of done: + +- verified contracts are first-class entities +- ABI/source/read-contract are present +- API docs link directly from the explorer + +## Milestone M4: Analytics And Trust + +Goal: + +- complete Workstreams 5 and 6 + +Expected score movement: + +- `8.8` to about `9.6` + +Definition of done: + +- analytics show trends and top entities +- provenance is visible across tokens, routes, and addresses +- trust and health are obvious, not buried + +## Milestone M5: Action Layer + +Goal: + +- complete Workstream 7 + +Expected score movement: + +- `9.6` to the “`14/10`” differentiated vision + +Definition of done: + +- token, address, tx, and route pages guide the user into the right action +- mission-control quality intelligence is embedded into normal explorer workflows +- the explorer becomes the operational home of Chain 138, not just its index + +## Suggested Initial Backlog + +These are the first ten tickets I would create immediately. + +1. Add normalized transaction receipt, logs, and token transfer models in `frontend/src/services/api/transactions.ts`. +2. Extend tx detail UI in `frontend/src/pages/transactions/[hash].tsx` with overview, logs, transfers, and raw-data sections. +3. Wire backend tx trace or internal transaction support through `backend/api/rest/transactions.go` and `backend/api/graphql/`. +4. Extend `frontend/src/services/api/addresses.ts` to fetch holdings, token transfers, and richer counters. +5. Rebuild `frontend/src/pages/addresses/[address].tsx` into a tabbed entity page. +6. Introduce `frontend/src/services/api/tokens.ts` and create `frontend/src/pages/tokens/[address].tsx`. +7. Replace the current `/tokens` page with a curated token explorer index and top-asset entry points. +8. Add contract verification and ABI/source visibility to address pages. +9. Expand `AnalyticsOperationsPage.tsx` with timeseries charts and top-entity modules. +10. Define and expose Chain 138 provenance badges from backend registry sources. + +## Teaming Recommendation + +If work is split across multiple engineers, divide by write scope: + +- Engineer 1: transaction and address depth +- Engineer 2: tokens and provenance +- Engineer 3: contract/developer tooling +- Engineer 4: analytics and route/liquidity intelligence + +This reduces merge overlap and aligns with the biggest score lifts. + +## Risks + +1. UX sprawl. + If too many new surfaces are added without clear hierarchy, the explorer will feel more confusing, not more powerful. + +2. Data inconsistency. + If REST, GraphQL, Blockscout proxies, and RPC fallbacks disagree, trust will erode quickly. + +3. Security exposure. + Read/write contract and operator-depth tooling must be introduced carefully. + +4. Product identity drift. + If the team chases generic parity only, it may lose the Chain 138-specific advantage that makes the explorer special. + +## Recommendation + +The best possible outcome is not just a prettier explorer. + +It is: + +- an investigator-grade explorer +- a trusted Chain 138 asset and route intelligence layer +- an action surface for both public users and advanced operators + +The immediate move is to start Workstreams 1 through 3, because that is the fastest route to a visibly stronger product and the most credible path toward the larger “`14/10`” vision. diff --git a/docs/03-deployment/EXPLORER_PUBLIC_REVIEW_CLOSURE_MATRIX_2026-04-09.md b/docs/03-deployment/EXPLORER_PUBLIC_REVIEW_CLOSURE_MATRIX_2026-04-09.md new file mode 100644 index 00000000..2c2a52f9 --- /dev/null +++ b/docs/03-deployment/EXPLORER_PUBLIC_REVIEW_CLOSURE_MATRIX_2026-04-09.md @@ -0,0 +1,104 @@ +# Explorer Public Review Closure Matrix + +Last updated: 2026-04-09 + +Scope: public unauthenticated explorer surface on `https://blockscout.defi-oracle.io` + +Method: +- local code review in `explorer-monorepo/frontend` +- live verification against public HTML and JSON responses +- status buckets: + - `Resolved` + - `Partial` + - `Open` + +## Matrix + +| # | Review item | Status | What changed | Live evidence | +|---|---|---|---|---| +| 1 | Core explorer data missing on homepage / primary pages | Resolved | Added server-first data to `/`, `/blocks`, `/transactions`, `/addresses`, `/wallet`, `/tokens`, `/search` and seeded analytics/routes/system/operator/weth. | `/`, `/blocks`, `/transactions`, `/addresses`, `/wallet`, `/search?q=cUSDT`, `/analytics`, `/routes`, `/system`, `/operator`, `/weth` now ship real public HTML content and `__NEXT_DATA__` payloads. | +| 2 | Major routes are empty shells | Resolved | Added substantive public first-paint content to `/bridge`, `/operations`, `/analytics`, `/routes`, `/system`, `/operator`, `/weth`. | Route HTML now includes section titles and seeded data instead of chrome-only output. | +| 3 | Command center / visual map instability | Resolved | Added runtime Mermaid fallback plus an explicit no-diagram fallback path into the main operational surfaces. | `/chain138-command-center.html` now explains the fallback behavior and links directly to `/operations`, `/bridge`, `/routes`, `/system`, and `/operator` if diagram rendering is unavailable. | +| 4 | Product over-promises relative to public functionality | Resolved | Restored public data planes on the flagship explorer routes and aligned public docs/marketing copy around the now-working surfaces. | Homepage, blocks, transactions, addresses, wallet, tokens, search, bridge, routes, analytics, operations, system, operator, and weth routes all render substantive public HTML. | +| 5 | Token discovery story incomplete | Resolved | `/tokens` now prerenders curated token content; `/wallet` now receives real token-list metadata; `/search` direct token flows render on first paint. | `/tokens`, `/wallet`, and `/search?q=cUSDT` expose token data in public HTML. | +| 6 | Wallet messaging contradicted runtime fallback state | Resolved | Wallet page now seeds networks, token list, and capabilities from public config endpoints instead of first-painting fallback/unknown/zero states. | `/wallet` no longer shows `frontend fallback values`, `unknown`, or `0 token entries`. | +| 7 | Token-list endpoint unhealthy or empty | Resolved | Confirmed endpoint health and connected it properly to wallet/tokens/search first-paint flows. | `GET /api/config/token-list` returns structured JSON; wallet/tokens/search consume it publicly. | +| 8 | Product identity still fragmented | Resolved | Standardized the public-facing story around `SolaceScan`, `Chain 138 Explorer by DBIS`, and `DBIS / Defi Oracle`, then added an explicit operator-and-domains explanation in docs, footer, and legal pages. | `/docs`, footer copy, `/privacy.html`, `/terms.html`, `/acknowledgments.html`, and `/api/config/capabilities` now explain how `blockscout.defi-oracle.io` and `explorer.d-bis.org` fit the same explorer surface. | +| 9 | Tone too snarky / unprofessional | Resolved | Removed the remaining visible sarcastic and self-conscious phrasing from the main public pages, docs, and supporting copy. | Public home/docs/legal/footer copy is now neutral and operator-grade on the live site. | +| 10 | Docs too abstract / doctrinal | Resolved | Added concrete verification paths, live token examples, search examples, and explicit explorer-page pivots so the docs demonstrate features instead of describing them in isolation. | `/docs`, `/docs/gru`, and `/docs/transaction-review` now contain live-example links such as `Search cUSDT`, direct GRU token pages, and transaction-review verification steps. | +| 11 | “Transaction Compliance Matrix” too risky | Resolved | Renamed the visible feature to `Transaction Review Matrix`, softened its grading language, and made `/docs/transaction-review` canonical while keeping the old slug as a redirect. | `/docs/transaction-compliance` now redirects to `/docs/transaction-review`, which renders `Transaction Review Matrix` and stronger non-regulatory disclaimers. | +| 12 | IA improved, but leaf pages unfinished | Resolved | Public leaf pages that were still visibly hollow are now server-seeded and content-bearing. | `/analytics`, `/routes`, `/bridge`, `/operations`, `/system`, `/operator`, `/weth` all render meaningful public page content. | +| 13 | Decorative shortcuts without productive data | Resolved | Restored the underlying data surfaces so shortcut/navigation patterns lead into working explorer pages. | Blocks, transactions, addresses, search, tokens, analytics, and routes now first-paint with useful data. | +| 14 | Legal pages too thin | Resolved | Expanded privacy and terms with operator identity, wallet interactions, logging posture, third-party infrastructure categories, acceptable use, service boundaries, dispute interpretation, and change-management language. | `/privacy.html`, `/terms.html`, and `/acknowledgments.html` now read as real policy pages rather than placeholders, while remaining appropriately scoped to a public explorer. | +| 15 | Acknowledgments may overstate integration maturity | Resolved | Added explicit qualification that inclusion does not imply every related public workflow is fully implemented on every page. | `/acknowledgments.html` now contains that qualifier. | + +## Files Changed In This Closure Pass + +Frontend public-first data and route work: +- `explorer-monorepo/frontend/src/pages/blocks/index.tsx` +- `explorer-monorepo/frontend/src/pages/transactions/index.tsx` +- `explorer-monorepo/frontend/src/pages/addresses/index.tsx` +- `explorer-monorepo/frontend/src/pages/wallet/index.tsx` +- `explorer-monorepo/frontend/src/pages/tokens/index.tsx` +- `explorer-monorepo/frontend/src/pages/search/index.tsx` +- `explorer-monorepo/frontend/src/pages/analytics/index.tsx` +- `explorer-monorepo/frontend/src/pages/routes/index.tsx` +- `explorer-monorepo/frontend/src/pages/system/index.tsx` +- `explorer-monorepo/frontend/src/pages/operator/index.tsx` +- `explorer-monorepo/frontend/src/pages/weth/index.tsx` +- `explorer-monorepo/frontend/src/utils/publicExplorer.ts` + +Component and copy cleanup: +- `explorer-monorepo/frontend/src/components/home/HomePage.tsx` +- `explorer-monorepo/frontend/src/components/access/AccessManagementPage.tsx` +- `explorer-monorepo/frontend/src/components/wallet/AddToMetaMask.tsx` +- `explorer-monorepo/frontend/src/components/explorer/AnalyticsOperationsPage.tsx` +- `explorer-monorepo/frontend/src/components/explorer/RoutesMonitoringPage.tsx` +- `explorer-monorepo/frontend/src/components/explorer/SystemOperationsPage.tsx` +- `explorer-monorepo/frontend/src/components/explorer/OperatorOperationsPage.tsx` +- `explorer-monorepo/frontend/src/components/explorer/WethOperationsPage.tsx` +- `explorer-monorepo/frontend/src/pages/docs/index.tsx` +- `explorer-monorepo/frontend/src/pages/docs/gru.tsx` +- `explorer-monorepo/frontend/src/pages/docs/transaction-compliance.tsx` +- `explorer-monorepo/frontend/src/pages/transactions/[hash].tsx` +- `explorer-monorepo/frontend/src/pages/addresses/[address].tsx` +- `explorer-monorepo/frontend/src/pages/tokens/[address].tsx` +- `explorer-monorepo/frontend/src/utils/transactionCompliance.ts` + +Static/legal/docs cleanup: +- `explorer-monorepo/frontend/public/privacy.html` +- `explorer-monorepo/frontend/public/terms.html` +- `explorer-monorepo/frontend/public/acknowledgments.html` +- `explorer-monorepo/frontend/public/docs.html` +- `explorer-monorepo/frontend/public/explorer-spa.js` + +Explorer config metadata: +- `explorer-monorepo/backend/api/rest/config/metamask/DUAL_CHAIN_NETWORKS.json` +- `explorer-monorepo/backend/api/rest/config/metamask/CHAIN138_RPC_CAPABILITIES.json` + +## Remaining Honest Gaps + +No items from the 15-point public review remain open or partially closed in this matrix. + +What remains after closure is normal product evolution rather than unresolved review debt: + +1. Companion properties can still be refined further. + The domain/operator story is now explicit and coherent, but companion surfaces can always be streamlined more over time. + +2. Policies can always deepen. + The legal pages now meet the needs of this public explorer review, while still leaving room for a broader enterprise policy program if the service scope grows. + +3. Docs can keep getting richer. + The guides are now example-led and verifiable, but screenshots, video captures, or deeper walkthroughs would be optional enhancements rather than closure blockers. + +## Closure Summary + +This pass closes the entire second-pass public review: +- the explorer now behaves like an explorer on first paint +- the previously hollow top-nav routes now render substantive public content +- wallet/token/search public flows are operationally credible +- the public legal/identity surface is cleaner and less contradictory +- the riskiest “compliance” terminology has been softened into a review model +- the docs now prove the product with live examples instead of describing it from a distance +- the command-center companion page now has a safer fallback story +The remaining work from here is iterative product improvement, not unresolved public-review debt. diff --git a/docs/03-deployment/FINAL_UNBLOCK_CHECKLIST_MAINNET_BSC.md b/docs/03-deployment/FINAL_UNBLOCK_CHECKLIST_MAINNET_BSC.md index a7537e64..6f7e8eb2 100644 --- a/docs/03-deployment/FINAL_UNBLOCK_CHECKLIST_MAINNET_BSC.md +++ b/docs/03-deployment/FINAL_UNBLOCK_CHECKLIST_MAINNET_BSC.md @@ -75,6 +75,12 @@ There is no hardcoded repo target for relay inventory, so use a small bootstrap - Current: `0.002634280582011289 WETH` - **Top up:** `0.007365719417988711 WETH` +Operator check / unpause helpers: + +- Read-only lane readiness: [`check-mainnet-weth-relay-lane.sh`](../../scripts/verify/check-mainnet-weth-relay-lane.sh) +- Bridge top-up plan/apply: [`fund-mainnet-relay-bridge.sh`](../../scripts/bridge/fund-mainnet-relay-bridge.sh) +- Off-chain worker unpause plan/apply: [`unpause-mainnet-weth-relay-lane.sh`](../../scripts/deployment/unpause-mainnet-weth-relay-lane.sh) + ### 5. BSC deployer gas reserve Repo recommendation: keep **`0.06 BNB`** on the deployer. @@ -112,10 +118,10 @@ If you are operating the BSC relay flow from `services/relay/.env.bsc`, top up t - `MAINNET_CCIP_WETH9_BRIDGE` - `MAINNET_CCIP_WETH10_BRIDGE` 3. Fund Mainnet LP to `1 ETH` and `0.5 WETH`. -4. Fund Mainnet relay bridge to `0.01 WETH` minimum. +4. Fund Mainnet relay bridge to at least the largest intended direct `138 -> Mainnet` send amount, with `0.01 WETH` as the current working floor. 5. Fund BSC deployer to `0.06 BNB`. 6. Fund BSC CCIP bridges to `10 LINK` each. -7. If relay mode is used on BSC, fund the BSC relay bridge with at least `0.01 WETH`. +7. If relay mode is used on BSC, fund the BSC relay bridge to at least the largest intended direct `138 -> BSC` send amount, with `0.01 WETH` as the current working floor. 8. Set `BOND_MANAGER_MAINNET` and `CHALLENGE_MANAGER_MAINNET` in `.env`. 9. Run the full live bridge test from [`live-test-trustless-bridge.sh`](../../smom-dbis-138/scripts/deployment/live-test-trustless-bridge.sh). diff --git a/docs/03-deployment/GAS_NATIVE_C_STAR_CW_ROLLOUT_RUNBOOK.md b/docs/03-deployment/GAS_NATIVE_C_STAR_CW_ROLLOUT_RUNBOOK.md new file mode 100644 index 00000000..7f6e0b22 --- /dev/null +++ b/docs/03-deployment/GAS_NATIVE_C_STAR_CW_ROLLOUT_RUNBOOK.md @@ -0,0 +1,174 @@ +# Gas-Native `c*` / `cW*` Rollout Runbook + +**Purpose:** Safely activate the Wave 1 gas-native compliant families without breaking existing live corridors. This runbook covers the operator sequence for registry, env, API publication, bridge readiness, and venue exposure. + +## 1. Scope + +Wave 1 families: + +- `eth_mainnet` on Ethereum Mainnet +- `eth_l2` on Optimism, Arbitrum One, and Base +- `bnb` on BSC +- `pol` on Polygon +- `avax` on Avalanche C-Chain +- `cro` on Cronos +- `xdai` on Gnosis Chain +- `celo` on Celo +- `wemix` on Wemix + +Canonical gas-family assets live on Chain 138 as `c*`. Mirrored assets live on destination chains as `cW*`. DODO PMM is the compliant edge venue; Uniswap v3 is the mandatory reference venue; Balancer and Curve are same-window only where the protocol exists and the basket design is valid; 1inch is routing exposure only after underlying venues are live. + +## 2. Safety Rules + +- Do not overwrite working bridge env or live pool addresses with placeholders. +- Do not mark Balancer, Curve, or 1inch live until the required DODO and Uniswap lanes are already funded and indexed. +- Do not promote a lane from `hybrid_cap` to `strict_escrow` by renaming symbols or swapping token identities. Promotion is policy and verifier wiring, not a registry rename. +- Keep `eth_mainnet` and `eth_l2` isolated. Cross-lane redemption is only allowed inside the `eth_l2` family. + +## 3. Config Sources + +- Registry: [`config/token-mapping-multichain.json`](../../config/token-mapping-multichain.json) +- Runtime transport overlay: [`config/gru-transport-active.json`](../../config/gru-transport-active.json) +- Public deployment graph: [`cross-chain-pmm-lps/config/deployment-status.json`](../../cross-chain-pmm-lps/config/deployment-status.json) +- Publication runtime: [`smom-dbis-138/services/token-aggregation/.env.example`](../../smom-dbis-138/services/token-aggregation/.env.example) + +## 4. Operator Sequence + +1. Confirm config integrity. + +```bash +bash scripts/validation/validate-config-files.sh +node cross-chain-pmm-lps/scripts/validate-deployment-status.cjs +``` + +2. Sync publication env for token-aggregation without touching live operator RPCs. + +```bash +bash scripts/deploy-token-aggregation-for-publication.sh /tmp/token-aggregation-gas-rollout +``` + +The deploy helper now reads `config/gru-transport-active.json` and syncs every referenced `env` key into the published `.env`, including the gas-family `CW_GAS_*` and `CW_MAX_OUTSTANDING_*` keys. +It also publishes `CW_ASSET_RESERVE_VERIFIER_DEPLOYED_CHAIN138` as a neutral reference to the deployed generic gas verifier without auto-activating the live gas-verifier envs. +When you want the non-secret gas runtime scaffold locally, run `bash scripts/verify/print-gas-runtime-env-canonical.sh`. It derives per-lane caps from the registry and uses the live canonical `totalSupply()` as the zero-supply baseline for outstanding / escrowed defaults. + +3. Verify the explorer-facing publication surface. + +```bash +SKIP_BRIDGE_ROUTES=0 SKIP_BRIDGE_PREFLIGHT=0 SKIP_GAS_REGISTRY=0 \ + bash scripts/verify/check-public-report-api.sh https://explorer.d-bis.org + +bash scripts/verify/check-token-aggregation-chain138-api.sh +ALLOW_BLOCKED=1 bash scripts/verify/check-gru-transport-preflight.sh https://explorer.d-bis.org +``` + +4. Inspect gas-lane deployment state before activating routing. + +```bash +bash scripts/verify/check-gas-public-pool-status.sh +bash scripts/verify/check-gas-rollout-deployment-matrix.sh +``` + +The gas rollout verifier summarizes: + +- runtime-ready vs blocked gas transport pairs +- strict-escrow vs hybrid-cap lanes +- DODO wrapped-native and stable-quote pool coverage +- Uniswap v3 reference visibility +- Balancer / Curve support flags +- 1inch routing visibility +- missing env refs or supply-accounting blockers per lane + +The deployment matrix adds the contract-level audit: + +- whether the canonical gas token actually exists on Chain 138 +- whether the mirrored gas token actually exists on the destination chain +- whether the currently loaded L1/L2 bridge refs resolve to bytecode +- whether the gas verifier and vault refs resolve to bytecode +- the next deploy or config command for each blocked lane + +Current live baseline as of 2026-04-05: + +- `CWAssetReserveVerifier` is deployed on Chain 138 at `0xbf26a679586663f87f3bf3f52c79479b8aa8d854`, but it is not attached to the live L1 bridge yet. +- All 9 Wave 1 canonical gas-family tokens are deployed on Chain 138. +- 10 of 11 public mirrors are deployed and have bridge `MINTER_ROLE` / `BURNER_ROLE` granted. +- The only undeployed mirror is `cWWEMIX` on chain `1111`. +- `wemix` is now carried as **deferred staged metadata** in the registry, not an active transport lane. The active gas rollout matrix therefore covers `10` active transport pairs and `1` deferred pair. +- `scripts/verify/check-gas-rollout-deployment-matrix.sh` now also probes each active lane's destination CCIP selector on the live Chain 138 bridge. Current live status is `0/10` destinations wired and the observed Chain 138 bridge exposes only `admin` + `destinations(...)` read paths, so it is reported as `partial_destination_only` rather than full accounting introspection. +- `scripts/deployment/print-gas-l1-destination-wiring-commands.sh` prints the exact `configureDestination(address,uint64,address,bool)` commands still needed for the 10 active non-Wemix gas lanes, using the selector metadata resolved from the active GRU transport overlay. +- `scripts/deployment/run-gas-l1-destination-wiring.sh` wraps those same 10 commands into a single operator-ready runner. It is echo-only by default and only broadcasts when `EXECUTE_GAS_L1_DESTINATIONS=1` is set. + +5. Only after the verifier is clean for a lane, activate public routing in this order: + +1. DODO wrapped-native pool live +2. DODO stable-quote pool live +3. Uniswap v3 reference live +4. Balancer and Curve when supported and funded +5. 1inch routing visibility + +## 5. Required Env Groups + +Publication and operator surfaces should provide: + +- `CHAIN138_L1_BRIDGE` +- `CW_BRIDGE_*` for every enabled destination, including `CW_BRIDGE_WEMIX` +- `CW_RESERVE_VERIFIER_CHAIN138` +- `CW_STABLECOIN_RESERVE_VAULT` +- `CW_RESERVE_SYSTEM` +- `CW_GAS_STRICT_ESCROW_VERIFIER_CHAIN138` +- `CW_GAS_HYBRID_CAP_VERIFIER_CHAIN138` +- `CW_GAS_ESCROW_VAULT_CHAIN138` +- `CW_GAS_TREASURY_SYSTEM` +- `CW_MAX_OUTSTANDING_*` +- `CW_GAS_OUTSTANDING_*` +- `CW_GAS_ESCROWED_*` +- `CW_GAS_TREASURY_BACKED_*` +- `CW_GAS_TREASURY_CAP_*` + +For publication-only environments, zero-valued gas accounting is acceptable when the lane has no outstanding supply yet. Live operators should replace those zeros with authoritative values before enabling routing or claiming runtime readiness. +`CW_ASSET_RESERVE_VERIFIER_DEPLOYED_CHAIN138` is safe to publish as a neutral reference, but it does not mean the live bridge has been attached to that verifier yet. + +## 6. Lane Promotion Checklist + +To promote a gas lane from `hybrid_cap` to `strict_escrow`: + +1. Deploy or confirm the strict escrow verifier. +2. Confirm wrapped-native custody or equivalent escrow source. +3. Update the verifier and accounting env refs. +4. Keep the same `familyKey`, canonical symbol, mirrored symbol, and pool addresses. +5. If you use the generic verifier path, it is valid to point both `CW_GAS_STRICT_ESCROW_VERIFIER_CHAIN138` and `CW_GAS_HYBRID_CAP_VERIFIER_CHAIN138` at the same deployed `CWAssetReserveVerifier` instance and configure the token-specific rules inside that verifier. +5. Re-run: + +```bash +bash scripts/validation/validate-config-files.sh +node cross-chain-pmm-lps/scripts/validate-deployment-status.cjs +bash scripts/verify/check-gas-public-pool-status.sh +bash scripts/verify/check-gru-transport-preflight.sh https://explorer.d-bis.org +``` + +## 7. Manual / Live-Only Steps + +The repo and live deploys now cover the token-contract layer. These steps still require operator execution: + +- fund DODO and Uniswap lanes +- fund the deployer with at least `0.4 WEMIX`, deploy the Wemix CCIP bridges, and set `CW_BRIDGE_WEMIX` before deploying the Wemix mirror +- replace the remaining Wemix placeholder mirror address +- decide when to attach the generic gas verifier to the live L1 bridge +- promote Balancer / Curve / 1inch only after venue proof +- wire live treasury and escrow accounting feeds +- perform fork or live-dry-run execution for each new lane + +## 8. Related Commands + +```bash +# Local rollout integrity +bash scripts/validation/validate-config-files.sh +node cross-chain-pmm-lps/scripts/validate-deployment-status.cjs + +# Publication health +SKIP_BRIDGE_ROUTES=0 SKIP_BRIDGE_PREFLIGHT=0 SKIP_GAS_REGISTRY=0 \ + bash scripts/verify/check-public-report-api.sh https://explorer.d-bis.org + +# Runtime readiness +bash scripts/verify/check-gru-transport-preflight.sh https://explorer.d-bis.org +bash scripts/verify/check-gas-public-pool-status.sh +``` diff --git a/docs/03-deployment/GRU_V2_BLOCKER_RESOLUTION_MATRIX.md b/docs/03-deployment/GRU_V2_BLOCKER_RESOLUTION_MATRIX.md new file mode 100644 index 00000000..b9231a3e --- /dev/null +++ b/docs/03-deployment/GRU_V2_BLOCKER_RESOLUTION_MATRIX.md @@ -0,0 +1,214 @@ +# GRU V2 Blocker Resolution Matrix + +**Last Updated:** 2026-04-04 +**Purpose:** Canonical remediation map for the remaining public-network GRU v2 blockers. This translates the blocker list from the queue/status verifiers into concrete operator actions, dependencies, and exit criteria. + +--- + +## Canonical sources + +- Queue verifier: `bash scripts/verify/check-gru-v2-deployment-queue.sh` +- Public status verifier: `bash scripts/verify/check-gru-v2-public-protocols.sh` +- Funding verifier: `bash scripts/verify/check-gru-v2-deployer-funding-status.sh` +- Explorer queue JSON: `https://explorer.d-bis.org/config/GRU_V2_DEPLOYMENT_QUEUE.json` +- Explorer status JSON: `https://explorer.d-bis.org/config/GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json` + +The queue JSON now includes a machine-readable `resolutionMatrix` section that mirrors this document. + +--- + +## Resolution matrix + +### 1. Missing public `cW*` suites on desired EVM targets + +**Current blocker** + +- `Wemix` + +**Resolution** + +1. Deploy the full public `cW*` core suite on the missing destination chain. +2. Grant bridge mint/burn roles and mark the corridor live in `cross-chain-pmm-lps/config/deployment-status.json`. +3. Update token lists and explorer config. +4. Re-run `check-cw-evm-deployment-mesh.sh` and `check-cw-public-pool-status.sh`. + +**Runbooks / scripts** + +- [CW_DEPLOY_AND_WIRE_RUNBOOK.md](../07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md) +- [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md) +- [run-cw-remaining-steps.sh](/home/intlc/projects/proxmox/scripts/deployment/run-cw-remaining-steps.sh) +- [check-cw-evm-deployment-mesh.sh](/home/intlc/projects/proxmox/scripts/verify/check-cw-evm-deployment-mesh.sh) + +**Exit criteria** + +- `Wemix` has a non-zero `cW*` suite recorded +- `bridgeAvailable=true` +- they no longer appear in the queue blocker list + +### 2. Wave 1 transport still pending + +**Current blocker** + +- `EUR` +- `JPY` +- `GBP` +- `AUD` +- `CAD` +- `CHF` +- `XAU` + +**Resolution** + +1. Enable bridge controls and supervision policy for each Wave 1 canonical asset on Chain 138. +2. Set max-outstanding / capacity controls. +3. Promote the canonical symbols into `config/gru-transport-active.json`. +4. Re-run the GRU rollout and readiness verifiers before attaching public liquidity. + +**Runbooks / scripts** + +- [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](../04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md) +- [GRU_TRANSPORT_ACTIVE_JSON.md](../04-configuration/GRU_TRANSPORT_ACTIVE_JSON.md) +- [check-gru-global-priority-rollout.sh](/home/intlc/projects/proxmox/scripts/verify/check-gru-global-priority-rollout.sh) +- [check-gru-v2-chain138-readiness.sh](/home/intlc/projects/proxmox/scripts/verify/check-gru-v2-chain138-readiness.sh) + +**Exit criteria** + +- `Wave 1 transport pending` reaches `0` +- the seven non-USD Wave 1 assets move from `canonical_only` to `live_transport` + +### 3. First-tier Wave 1 public `cW*` rollout still incomplete + +**Current blocker** + +- `110` Wave 1 first-tier pools are planned +- `1` is recorded live + +**Current nuance** + +- The first Mainnet `DODO PMM` bootstrap pools are now recorded live for `cWUSDT/USDC`, `cWUSDC/USDC`, `cWUSDT/USDT`, and `cWUSDC/USDT` +- The first non-USD Wave 1 row is now also live on Mainnet: `cWEURC / USDC` → `0x0bC750F9c6DbDcd76B205695A356491b1B9ef098` +- That initial seed does **not** close the Wave 1 blocker, because the Wave 1 queue still spans the broader non-USD wrapped set across the tracked public mesh + +**Resolution** + +1. Extend the first-tier `cW* / hub stable` pairs from `cross-chain-pmm-lps/config/pool-matrix.json` beyond the seeded Mainnet `cWEURC / USDC` row. +2. Seed the pools with initial liquidity. +3. Write pool addresses back into `cross-chain-pmm-lps/config/deployment-status.json`. +4. Re-run the public pool verifier and only then surface those venues as live. + +**Runbooks / scripts** + +- [SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md](SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md) +- [PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md](PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md) +- [pool-matrix.json](/home/intlc/projects/proxmox/cross-chain-pmm-lps/config/pool-matrix.json) +- [check-cw-public-pool-status.sh](/home/intlc/projects/proxmox/scripts/verify/check-cw-public-pool-status.sh) + +**Exit criteria** + +- `deployment-status.json` records expanding first-tier non-USD `pmmPools` +- `check-cw-public-pool-status.sh` reports expanding public pool coverage beyond the current Mainnet seed + +### 4. Public protocols still queued / partial + +**Current blocker** + +- `Uniswap v3` +- `DODO PMM` is now partially live through the Mainnet bootstrap pool wave +- `Balancer` +- `Curve 3` +- `1inch` + +**Resolution** + +1. **Stage 1:** activate `Uniswap v3` and `DODO PMM` after first-tier public pools exist. +2. **Stage 2:** activate `Balancer` and `Curve 3` after first-tier stable liquidity is already live. +3. **Stage 3:** expose `1inch` only after underlying pools, routing/indexer visibility, and public capability wiring are in place. + +**Runbooks / scripts** + +- [GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md](../11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md) +- [gru-v2-public-protocol-rollout-plan.json](/home/intlc/projects/proxmox/config/gru-v2-public-protocol-rollout-plan.json) +- [check-gru-v2-public-protocols.sh](/home/intlc/projects/proxmox/scripts/verify/check-gru-v2-public-protocols.sh) + +**Exit criteria** + +- public protocol status reports non-zero active `cW*` pools for the staged venues + +### 5. Global-priority backlog still open + +**Current blocker** + +- `29` backlog assets remain outside the live manifest + +**Resolution** + +1. Finish Wave 1 transport and first-tier liquidity first. +2. Add each backlog asset to the canonical + wrapped manifest/rollout surfaces. +3. Deploy contracts, extend the public pool matrix, and promote transport the same way as Wave 1. + +**Runbooks / scripts** + +- [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](../04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md) +- [gru-global-priority-currency-rollout.json](/home/intlc/projects/proxmox/config/gru-global-priority-currency-rollout.json) +- [gru-iso4217-currency-manifest.json](/home/intlc/projects/proxmox/config/gru-iso4217-currency-manifest.json) +- [check-gru-global-priority-rollout.sh](/home/intlc/projects/proxmox/scripts/verify/check-gru-global-priority-rollout.sh) + +**Exit criteria** + +- backlog count reaches `0` + +### 6. Solana remains planned / relay-dependent + +**Current blocker** + +- `Solana` + +**Resolution** + +1. Define the Solana-side token/program model first. +2. Implement the relay/program path and authority model. +3. Add a dedicated verifier before promoting Solana into any live transport or explorer surface. + +**Runbooks / docs** + +- [ADDITIONAL_PATHS_AND_EXTENSIONS.md](../04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md) +- [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](../04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md) + +**Exit criteria** + +- Solana has a real relay/program implementation and is no longer only a desired target + +### 7. Deployer wallet funding still needs top-ups on some public deployment surfaces + +**Current blocker** + +- Arbitrum deploy gas: below the repo threshold +- Mainnet gas: very low for follow-on public deployment work +- Mainnet `WETH9` public fan-out is currently blocked at the live source bridge/router path +- Chain 138 public reads must use the stable public RPC (`rpc-http-pub.d-bis.org`) because `rpc.public-0138.defi-oracle.io` is currently returning `502` + +**Resolution** + +1. Top up Arbitrum gas before any new Arbitrum deployment branch. +2. Top up Mainnet gas before beginning additional public pool/protocol deployment work there. +3. Repair or replace the current Mainnet source bridge path before treating `Mainnet ->` any public-chain `WETH9` corridor as live. The latest source attempt from `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` failed on tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07`, and tracing shows the revert occurs inside Mainnet router `0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D` before any bridge event is emitted. Read-only `calculateFee()` preflights also currently revert for the tracked selectors `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base`. +4. Keep using the stable Chain 138 public RPC for funding reads until the alternate public endpoint is healthy again. + +**Runbooks / scripts** + +- [GRU_V2_DEPLOYER_FUNDING_STATUS.md](GRU_V2_DEPLOYER_FUNDING_STATUS.md) +- [DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md](../11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md) +- [check-gru-v2-deployer-funding-status.sh](/home/intlc/projects/proxmox/scripts/verify/check-gru-v2-deployer-funding-status.sh) + +**Exit criteria** + +- Arbitrum no longer reports under the deploy threshold +- Mainnet is no longer at a near-zero operational balance for rollout work +- the Mainnet `WETH9` public fan-out no longer fails inside the source bridge/router path +- the Chain 138 funding verifier resolves a healthy RPC without returning unknown balances + +--- + +## Bottom line + +The remaining GRU v2 public rollout blockers are now all mapped to concrete resolution paths. The unresolved work is operational deployment, bridge promotion, and liquidity creation, not missing documentation or unclear sequencing. diff --git a/docs/03-deployment/GRU_V2_DEPLOYER_FUNDING_STATUS.md b/docs/03-deployment/GRU_V2_DEPLOYER_FUNDING_STATUS.md new file mode 100644 index 00000000..7955100e --- /dev/null +++ b/docs/03-deployment/GRU_V2_DEPLOYER_FUNDING_STATUS.md @@ -0,0 +1,123 @@ +# GRU V2 Deployer Funding Status + +**Last Updated:** 2026-04-03 +**Purpose:** Canonical operator reference for the deployer wallet funding posture that still gates the remaining GRU v2 public rollout work. + +--- + +## Canonical verifier + +Run: + +```bash +bash scripts/verify/check-gru-v2-deployer-funding-status.sh +``` + +Machine-readable: + +```bash +bash scripts/verify/check-gru-v2-deployer-funding-status.sh --json +``` + +This verifier complements the rollout queue and protocol status surfaces: + +- [GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md](GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md) +- [GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md](../11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md) +- [GRU_V2_BLOCKER_RESOLUTION_MATRIX.md](GRU_V2_BLOCKER_RESOLUTION_MATRIX.md) + +--- + +## Current wallet state + +Deployer: + +- `0x4A666F96fC8764181194447A7dFdb7d471b301C8` + +Observed after the latest funding and route checks on 2026-04-03 (Mainnet route txs finalized 2026-04-04 UTC): + +- Mainnet: `0.001216982 ETH` +- Mainnet `WETH`: `0.005` +- Mainnet `LINK`: `0.1171400175` +- Cronos: `28.8106257165` native +- Arbitrum: `0.000775448 ETH` +- Chain 138 native: `989,399,860.565456 ETH` +- Chain 138 `WETH`: `22,845.815258` +- Chain 138 `WETH10`: `0.047131` +- Chain 138 `LINK`: `994,714.509915` +- Chain 138 `cUSDT`: `697,178,939.09` +- Chain 138 `cUSDC`: `698,412,990.30` + +The verifier now prefers the stable public RPC `https://rpc-http-pub.d-bis.org` because `https://rpc.public-0138.defi-oracle.io` is currently returning `502` and can produce false “empty wallet” readings. + +--- + +## Funding blockers this creates + +### 1. Arbitrum deploy gas remains below the repo threshold + +The existing deployer-balance checker already treats Arbitrum as underfunded for fresh deployment work at the repo threshold of about `0.44 ETH`. + +### 2. Mainnet gas is still limited for follow-on public deployment work + +Mainnet is no longer near-zero, but `0.001216982 ETH` is still a tight operational balance for repeated public deployment and bridge-repair work. + +### 3. Public Mainnet `WETH9` fan-out is blocked by route health, not just gas + +Even with enough Mainnet-side `WETH` and `LINK` to test the hub route, the live `Mainnet -> Arbitrum` send from `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` failed on tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07`. + +The failure is not a wallet-balance issue: + +- WETH allowance was set +- LINK allowance was set +- WETH and LINK balances were unchanged after the failed send except for gas + +Tracing shows the revert occurs inside Mainnet router `0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D` before any bridge event is emitted. + +Read-only `calculateFee()` preflights now also revert for the tracked public-chain selectors `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base`, so this should be treated as a broader Mainnet `WETH9` public fan-out blocker rather than an Arbitrum-only symptom. + +### 4. Chain 138 is funded, but only when checked against the stable public RPC + +Chain 138 is not currently a funding blocker for canonical liquidity or gas operations when read through `https://rpc-http-pub.d-bis.org`. + +This is particularly relevant for the canonical DODO-backed funding surfaces documented in: + +- [DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md](../11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md) +- [LIQUIDITY_POOLS_MASTER_MAP.md](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md) + +Cronos is also clearly funded today. + +--- + +## What this does and does not block + +### Blocked by current funding + +- Arbitrum deployer-funded deployment work +- follow-on public-chain pool/protocol deployment work that expects comfortable Mainnet gas from the deployer wallet +- public-chain funding or deployment work that assumes the current Mainnet `WETH9` fan-out leg is live + +### Not blocked by current funding + +- fresh Chain 138 deployer-funded liquidity actions +- repo/documentation/explorer updates +- verifier generation and status publication +- read-only RPC checks +- planning and queue refinement + +--- + +## Recommended order + +1. Repair or replace the current Mainnet `WETH9` source bridge/router path before planning any new hub-based public-chain top-up from Mainnet. +2. Fund Arbitrum deploy gas to at least the repo threshold before any new Arbitrum deployment branch. +3. Top up Mainnet gas before beginning repeated public `cW*` pool and protocol deployment work there. +4. Keep using the stable Chain 138 public RPC for funding reads until `rpc.public-0138.defi-oracle.io` is healthy again. + +--- + +## Related + +- [DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md](../11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md) +- [GRU_V2_BLOCKER_RESOLUTION_MATRIX.md](GRU_V2_BLOCKER_RESOLUTION_MATRIX.md) +- [GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md](GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md) +- [REMAINING_SUMMARY.md](../00-meta/REMAINING_SUMMARY.md) diff --git a/docs/03-deployment/GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md b/docs/03-deployment/GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md new file mode 100644 index 00000000..21204825 --- /dev/null +++ b/docs/03-deployment/GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md @@ -0,0 +1,136 @@ +# GRU V2 Public Deployment Queue + +**Last Updated:** 2026-04-04 +**Purpose:** Operator-grade queue for the remaining public-network GRU v2 rollout: Wave 1 transport activation, public-chain `cW*` pools, and protocol staging across `Uniswap v3`, `DODO PMM`, `Balancer`, `Curve 3`, and `1inch`. + +--- + +## Bottom line + +The remaining deployment work is now cleanly split into three layers: + +1. **Wave 1 transport activation** on top of the already-deployed token mesh +2. **First-tier public `cW* / hub stable` pools** on the tracked public EVM chains +3. **Protocol staging** after those pools exist + +The public EVM `cW*` token mesh is no longer the blocker. The blocker is everything that comes after token deployment. + +There is one important nuance now: + +- the first Mainnet `DODO PMM` bootstrap pools for `cWUSDT/cWUSDC` against `USDC` and `USDT` are already recorded live +- the first six non-USD Wave 1 Mainnet rows `cWEURC / USDC`, `cWGBPC / USDC`, `cWAUDC / USDC`, `cWCADC / USDC`, `cWJPYC / USDC`, and `cWCHFC / USDC` are now also recorded live +- but the rollout is still far from complete, because only `6` first-tier **Wave 1** pools are live while the broader matrix still spans `110` planned rows + +--- + +## Canonical queue + +Run: + +```bash +bash scripts/verify/check-gru-v2-deployment-queue.sh +``` + +Machine-readable: + +```bash +bash scripts/verify/check-gru-v2-deployment-queue.sh --json +``` + +Explorer-published JSON: + +- `https://explorer.d-bis.org/config/GRU_V2_DEPLOYMENT_QUEUE.json` + +The queue JSON also includes a machine-readable `resolutionMatrix` for every currently open blocker category. + +--- + +## What this queue answers + +### 1. Wave 1 assets + +The queue tracks the remaining non-USD Wave 1 GRU assets: + +- `EUR` +- `JPY` +- `GBP` +- `AUD` +- `CAD` +- `CHF` +- `XAU` + +For each asset it shows: + +- canonical `c*` symbols +- wrapped `cW*` symbols +- whether transport is already live +- whether the public pool matrix covers its wrapped symbols +- the next operator steps + +### 2. Destination chains + +The queue covers the desired public EVM rollout surface from the GRU rollout plan: + +- `1` +- `10` +- `25` +- `56` +- `100` +- `137` +- `42161` +- `42220` +- `43114` +- `8453` +- `1111` + +For each chain it shows: + +- hub stable +- whether the cW suite is already loaded in `deployment-status.json` +- the planned first-tier Wave 1 pool pairs +- how many of those pools are actually recorded live + +### 3. Protocol staging + +The queue also records protocol roles: + +- `Uniswap v3` — primary public pool venue +- `DODO PMM` — primary PMM edge venue +- `Balancer` — secondary basket liquidity +- `Curve 3` — secondary stable curve +- `1inch` — routing layer after underlying pools are live + +This keeps the protocol story honest: `1inch` is not a substitute for missing pools, and `Balancer` / `Curve` should not be marked live before first-tier liquidity exists. + +--- + +## Important design update + +The repo’s `pool-matrix.json` now covers the **full Wave 1 wrapped set**, not only the older USD / AUSDT / USDW lanes. + +That means the public pool design now explicitly includes: + +- `cWEURC` +- `cWEURT` +- `cWGBPC` +- `cWGBPT` +- `cWAUDC` +- `cWJPYC` +- `cWCHFC` +- `cWCADC` +- `cWXAUC` +- `cWXAUT` + +across the tracked public EVM chain set, using each chain’s hub stable (`USDC` or `USDT`). + +This does **not** mean those pools are live yet. It means the design/config blocker is closed and the remaining work is operator deployment. + +--- + +## Related + +- [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](../04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md) +- [GRU_V2_BLOCKER_RESOLUTION_MATRIX.md](GRU_V2_BLOCKER_RESOLUTION_MATRIX.md) +- [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md) +- [SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md](SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md) +- [GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md](../11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md) diff --git a/docs/03-deployment/GRU_V2_WAVE1_CHAIN138_DEPLOYMENT_PLAN.md b/docs/03-deployment/GRU_V2_WAVE1_CHAIN138_DEPLOYMENT_PLAN.md new file mode 100644 index 00000000..0ec9bcf4 --- /dev/null +++ b/docs/03-deployment/GRU_V2_WAVE1_CHAIN138_DEPLOYMENT_PLAN.md @@ -0,0 +1,113 @@ +# GRU V2 Wave 1 Chain 138 Deployment Plan + +**Purpose:** Turn the remaining non-USD Wave 1 GRU assets on Chain 138 into a concrete V2 deployment queue using the generic `CompliantFiatTokenV2` deployment path. + +**Machine-readable plan:** [`../../config/gru-v2-chain138-wave1-v2-plan.json`](../../config/gru-v2-chain138-wave1-v2-plan.json) + +**Command helper:** [`../../scripts/deployment/plan-gru-v2-wave1-chain138.sh`](../../scripts/deployment/plan-gru-v2-wave1-chain138.sh) + +**Generic deploy wrapper:** [`../../scripts/deployment/deploy-gru-v2-generic-chain138.sh`](../../scripts/deployment/deploy-gru-v2-generic-chain138.sh) + +**Batch runner:** [`../../scripts/deployment/run-gru-v2-wave1-chain138.sh`](../../scripts/deployment/run-gru-v2-wave1-chain138.sh) + +**Post-deploy verifier:** [`../../scripts/verify/check-gru-v2-token-standard-surface.sh`](../../scripts/verify/check-gru-v2-token-standard-surface.sh) + +--- + +## Current truth + +As of April 7, 2026: + +- `USD` GRU V2 is live on Chain 138 through `cUSDT V2` and `cUSDC V2` +- the remaining Wave 1 assets are still `canonical_only` +- they exist on Chain 138 as legacy canonical assets, but they are not yet deployed as generic GRU V2 contracts + +Verifier: + +```bash +bash scripts/verify/check-gru-global-priority-rollout.sh --wave=wave1 +``` + +Current expected output: + +- `EUR`, `JPY`, `GBP`, `AUD`, `CAD`, `CHF`, `XAU` all show `canonical_only` + +--- + +## What this plan covers + +Wave 1 V2 candidates: + +- `cEURC` +- `cEURT` +- `cGBPC` +- `cGBPT` +- `cAUDC` +- `cJPYC` +- `cCHFC` +- `cCADC` +- `cXAUC` +- `cXAUT` + +These are the assets that should move onto the generic `CompliantFiatTokenV2` base if the goal is full V2 standardization on Chain 138. + +--- + +## Print the commands + +All Wave 1 dry-runs: + +```bash +bash scripts/deployment/plan-gru-v2-wave1-chain138.sh +``` + +Single currency: + +```bash +bash scripts/deployment/plan-gru-v2-wave1-chain138.sh --code=EUR +``` + +Batch dry-run for all Wave 1 assets: + +```bash +bash scripts/deployment/run-gru-v2-wave1-chain138.sh +``` + +Live broadcast only when you intentionally want production mutation: + +```bash +bash scripts/deployment/run-gru-v2-wave1-chain138.sh --apply +``` + +--- + +## Operator sequence + +For each planned deployment: + +1. Publish token/disclosure/reporting metadata to IPFS if needed. +2. Dry-run the generic deployment command. +3. Broadcast the deployment to Chain 138. +4. Register the V2 asset in `UniversalAssetRegistry`. +5. Add explorer/token-list metadata and version-aware aliases. +6. Update GRU manifest and transport overlay to reflect: + - forward-canonical version + - active liquidity version + - x402-ready version +7. Re-run: + - `bash scripts/verify/check-gru-v2-chain138-readiness.sh --report-only` + - `bash scripts/verify/check-gru-global-priority-rollout.sh --wave=wave1` + - `bash scripts/verify/check-gru-v2-token-standard-surface.sh --token SYMBOL=ADDRESS --strict` + +--- + +## Boundary + +This plan does **not** mean those Wave 1 assets are already deployed as V2 on Chain 138. + +It means: + +- the repo now has a generic deployment path for them +- the candidate list is explicit +- the commands are reproducible +- the remaining step is deliberate operator broadcast on production infrastructure diff --git a/docs/03-deployment/IT_OPERATIONS_BILLING_STRIPE_OUTLINE.md b/docs/03-deployment/IT_OPERATIONS_BILLING_STRIPE_OUTLINE.md new file mode 100644 index 00000000..4acf59bf --- /dev/null +++ b/docs/03-deployment/IT_OPERATIONS_BILLING_STRIPE_OUTLINE.md @@ -0,0 +1,24 @@ +# IT operations — billing and Stripe webhook (Phase 4 outline) + +**Schema:** [`config/it-operations/entitlements-schema.sql`](../../config/it-operations/entitlements-schema.sql) +**Spec:** [SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md](../02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md) sections 3.4 and roadmap Phase 4. + +## Model + +- **`entitlement`** rows represent seats/SKUs bound to an `org_id`, optionally linked to **`dbis_core`** via `external_sku_id` (mirror `IruOffering` or catalog id). +- **`usage_snapshot`** rows are appended by a nightly Proxmox metering job (VMID → vCPU/RAM/disk). +- **`stripe_webhook_event`** stores raw events for idempotency (`id` = Stripe `event.id`). + +## Webhook handler (future BFF) + +1. Verify signature with `STRIPE_WEBHOOK_SECRET`. +2. On `customer.subscription.updated` / `deleted`, upsert **`entitlement`** (`valid_to`, `seat_count`, `stripe_subscription_id`). +3. Mark event **`processed`**; on failure store **`error`** for replay. + +## Keycloak + +- Map paid SKUs to optional group claims (e.g. `sankofa-it-admin` only via HR-approved assignment; billing does not auto-grant super-admin). + +## Finance export + +- Nightly job: aggregate **`usage_snapshot`** + open **`entitlement`** → CSV or QuickBooks/NetSuite API — out of scope for v1 code in this repo; schema supports it. diff --git a/docs/03-deployment/MAINNET_CWUSD_HYBRID_FLASH_LOOP_CALCULATION_WHITEPAPER.md b/docs/03-deployment/MAINNET_CWUSD_HYBRID_FLASH_LOOP_CALCULATION_WHITEPAPER.md new file mode 100644 index 00000000..4d721fc2 --- /dev/null +++ b/docs/03-deployment/MAINNET_CWUSD_HYBRID_FLASH_LOOP_CALCULATION_WHITEPAPER.md @@ -0,0 +1,1532 @@ +# Mainnet cWUSD Hybrid Flash Loop Calculation White Paper + +Date: April 5, 2026 + +## Purpose + +This paper formalizes the hybrid loop methodology for Mainnet public `cWUSD*/USD*` PMM pools: + +1. Permanently add owned `cW*` inventory to deepen the pool's base reserve. +2. Borrow `USD*` via a flash lender. +3. Push the flash-borrowed `USD*` through the PMM. +4. Monetize the acquired `cW*` externally. +5. Repay the flash loan. +6. Leave only retained `USD*` in place as durable quote-side liquidity. + +This is the exact strategy modeled in [pmm-flash-push-break-even.mjs](/home/intlc/projects/proxmox/scripts/analytics/pmm-flash-push-break-even.mjs). + +## Why This Structure + +Public Mainnet `cWUSD*/USD*` pools are live but still shallow. A pure flash-backed quote push can increase quote depth, but it also depletes base depth. A pure owned-base top-up can deepen base depth, but by itself it can skew the peg base-heavy. + +The hybrid loop solves that by combining: + +- durable `cW*` inventory from the wallet +- temporary `USD*` working capital from a flash loan +- external unwind proceeds to cover flash repayment +- retained `USD*` as permanent quote-side depth + +## Current Live Inputs + +### Live Mainnet Pool + +Pool: `cWUSDC / USDC` + +- Pool address: `0x69776fc607e9edA8042e320e7e43f54d06c68f0E` +- Base reserve `B0`: `4,854,615` raw = `4.854615 cWUSDC` +- Quote reserve `Q0`: `4,854,873` raw = `4.854873 USDC` +- Mid price: `1.000053145306064435` + +These were read live from Mainnet on April 5, 2026. + +### Wallet Inventory + +Wallet: `0x4A666F96fC8764181194447A7dFdb7d471b301C8` + +- `cWUSDC`: `8,888,889.376281` +- `USDC`: `0.032904` + +### Flash Lender Snapshot + +Lender: Aave V3 Mainnet pool `0x87870Bca3F3fD6335C3F4ce8392D69350B4fA4E2` + +- Flash fee: `5 bps` +- Observed USDC token balance at the pool address: `15.896459 USDC` + +Note: + +- The tool also supports manual caps and other lenders. +- The token `balanceOf(pool)` read is a live inventory snapshot, not a canonical flash-cap guarantee. Production use should query the lender's own flash eligibility and reserve semantics immediately before execution. +- For loop feasibility, the Mainnet PMM depth is still the dominant bottleneck, not lender capacity. + +### Real-Time Gas Snapshot + +Observed on Mainnet: + +- Latest block: `24,818,028` +- Block timestamp: `2026-04-05 20:45:35 America/Los_Angeles` +- Base fee: `86,974,561 wei` +- Gas price: `87,135,868 wei` +- Gas price in gwei: `0.087135868` + +For the worked example below, reserve gas is computed using: + +- `3` follow-up transactions +- `250,000` gas each +- native token price assumption: `3,200 USDC / ETH` + +This gives: + +- reserved gas: `0.000065351901 ETH` +- gas reserve in quote terms: `0.2091260832 USDC` + +## Variable Definitions + +- `B0`: starting base reserve in raw token units +- `Q0`: starting quote reserve in raw token units +- `dB_owned`: owned base permanently added to the pool before the flash loop +- `B1 = B0 + dB_owned` +- `x`: flash-borrowed quote amount +- `f_lp`: PMM LP fee in decimal form +- `f_flash`: flash fee in decimal form +- `f_exit`: external exit fee in decimal form +- `P_exit`: effective external quote-per-base monetization price +- `G_quote`: quote-equivalent gas reserve +- `F_quote`: minimum retained quote floor after gas +- `P_oracle`: target quote-per-base peg reference + +## Core Formulas + +### 1. Effective Starting Pool + +```text +B1 = B0 + dB_owned +Q1 = Q0 +``` + +### 2. Net Quote Sent Into PMM + +```text +q_net = x * (1 - f_lp) +``` + +### 3. PMM Quote-In, Base-Out Leg + +```text +base_out = q_net * B1 / (Q1 + q_net) +``` + +This is the same reserve-based quote-in branch used in the PMM calculator. + +Model caveat: + +- This paper follows the exact reserve-model branch used by the local calculator and is suitable only insofar as it matches the deployed pool implementation and query functions. +- Before scaling any tranche, validate the modeled `base_out` and post-trade state against the live pool's own read/query path or a fork simulation. + +### 4. External Monetization of Acquired Base + +```text +quote_proceeds = base_out * P_exit * (1 - f_exit) +``` + +### 5. Flash Repayment + +```text +flash_repay = x * (1 + f_flash) +``` + +### 6. Retained Quote + +```text +retained_before_gas = quote_proceeds - flash_repay +retained_after_gas = retained_before_gas - G_quote +``` + +### 7. Source Pool End State + +```text +B_end = B1 - base_out +Q_end = Q1 + q_net +``` + +### 8. Marginal Price and Peg Deviation + +For the current PMM reserve model, a practical marginal price approximation is: + +```text +P_post = Q_end / B_end +dev_bps = (P_post / P_oracle - 1) * 10,000 +``` + +Where `P_oracle = 1` for `cWUSDC / USDC`. + +### 9. Pass Conditions + +The tranche is executable only if all conditions pass: + +```text +quote_proceeds >= flash_repay +retained_after_gas >= F_quote +abs(dev_bps) <= max_post_trade_deviation_bps +``` + +### 10. Minimum Required External Exit Price + +For a tranche to clear repayment, gas, and retained floor, the effective exit price must satisfy: + +```text +P_exit_required = + (flash_repay + G_quote + F_quote) / (base_out * (1 - f_exit)) +``` + +This turns the external unwind from a guess into a live gating check. + +### 11. Target-Post-Peg Sizing + +Instead of always pushing to the deviation limit, solve for a desired post-trade price: + +```text +P_target = Q_end / B_end +``` + +With the current reserve model: + +```text +Q_end = Q1 + q_net +B_end = B1 - (q_net * B1 / (Q1 + q_net)) +``` + +For a chosen `P_target`, solve numerically for `q_net`, then recover the flash borrow: + +```text +x = q_net / (1 - f_lp) +``` + +This is the preferred production method because it sizes to a peg target rather than to an arbitrary flash amount. + +## Worked Live Example + +### Strategy + +Hybrid `quote-push` on Mainnet `cWUSDC / USDC`: + +- owned base add: `1.000000 cWUSDC` +- flash borrow: `0.600000 USDC` +- LP fee: `3 bps` +- flash fee: `5 bps` +- external exit price: `1.12` +- gas price: live `0.087135868 gwei` +- gas reserve: `3 x 250,000 gas` +- retained floor: `0.050000 USDC` +- max post-trade deviation: `500 bps` + +### Calculation Results + +#### Inputs + +- `B0 = 4.854615` +- `Q0 = 4.854873` +- `dB_owned = 1.000000` +- `x = 0.600000` + +#### PMM leg + +- effective source base reserve: `5.854615 cWUSDC` +- net quote into PMM: `0.599820 USDC` +- base out: `0.643797 cWUSDC` +- PMM VWAP: `0.931971 USDC / cWUSDC` + +#### External unwind + +- external proceeds: `0.721053 USDC` + +#### Flash repay + +- flash fee amount: `0.000300 USDC` +- flash repay: `0.600300 USDC` + +#### Retained quote + +- retained before gas: `0.120753 USDC` +- gas reserve: `0.2091260832 USDC` +- retained after gas, exact arithmetic expectation: + +```text +0.721052676955 +-0.600300000000 +-0.209126083200 += -0.088373406245 USDC +``` + +- corrected retained after gas: `-0.088373 USDC` + +#### End state + +- source pool end `B`: `5.210818 cWUSDC` +- source pool end `Q`: `5.454693 USDC` +- post-trade marginal price: `1.046802` +- deviation: `468.016796 bps` + +### Interpretation + +Under the corrected gas arithmetic above, this tranche does not pass: + +- repay: pass +- retained floor: fail +- deviation cap: pass + +It is therefore not a valid canary under the stated live gas conversion. + +This correction matters operationally: a gas-unit mismatch is enough to flip a tranche from pass to fail. + +Using the minimum required external exit price formula with: + +- `flash_repay = 0.600300` +- `G_quote = 0.2091260832` +- `F_quote = 0.050000` +- `base_out = 0.643797032995` + +the tranche would require approximately: + +```text +P_exit_required ≈ 1.3349332773 USDC per cWUSDC +``` + +So the previously assumed `P_exit = 1.12` is not sufficient for this canary under the corrected gas treatment. + +## Fresh Tranche Ladder Under Corrected Gas and a Size-Aware Exit Curve + +Because the flat `1.12` exit assumption is not sufficient, the right next step is a scenario ladder using: + +- corrected gas accounting +- peg-neutral targeting (`P_post = 1.0`) +- a size-aware effective exit curve instead of a flat scalar + +### Scenario Curve + +For this recomputation, the effective external unwind price is modeled as: + +```text +P_exit(base_out) = max(1.18, 1.42 - 0.06 * base_out) +``` + +Where `base_out` is measured in whole `cWUSDC`. + +This is not a claim about a specific venue. It is an explicit scenario curve chosen to be: + +- materially stronger than the failed flat `1.12` +- more realistic than assuming one constant premium regardless of size +- conservative enough to decay with tranche size + +In production, replace this with live size-aware quotes from the actual unwind venue. + +### Ladder Construction Method + +For each loop: + +1. Start from the previous loop's end reserves. +2. Choose the minimum `dB_owned` that allows a peg-neutral tranche to satisfy: + - corrected gas reserve + - flash repayment + - retained-after-gas floor `F_quote = 0.05 USDC` +3. Solve for `x` such that `P_post = 1.0`. +4. Compute `base_out`, `retained_after_gas`, and the next reserve state. + +This is a base-efficient ladder, not a “maximize retained quote” ladder. + +### Corrected 10-Loop Peg-Neutral Ladder + +| loop | dB_owned (cWUSDC) | x_flash (USDC) | base_out (cWUSDC) | net base added (cWUSDC) | q_net into pool (USDC) | P_exit_eff | retained_after_gas (USDC) | cum_retained (USDC) | B_end | Q_end | dev_bps | +|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:| +| 1 | 1.050000 | 0.499355 | 0.550537 | 0.499463 | 0.499205 | 1.386968 | 0.054845 | 0.054845 | 5.354078 | 5.354078 | 0.000 | +| 2 | 1.100000 | 0.524484 | 0.575674 | 0.524326 | 0.524326 | 1.385460 | 0.063701 | 0.118546 | 5.878405 | 5.878405 | 0.000 | +| 3 | 1.100000 | 0.526586 | 0.573572 | 0.526428 | 0.526428 | 1.385586 | 0.058757 | 0.177303 | 6.404833 | 6.404833 | 0.000 | +| 4 | 1.100000 | 0.528377 | 0.571782 | 0.528218 | 0.528218 | 1.385693 | 0.054547 | 0.231850 | 6.933052 | 6.933052 | 0.000 | +| 5 | 1.100000 | 0.529919 | 0.570240 | 0.529760 | 0.529760 | 1.385786 | 0.050920 | 0.282769 | 7.462812 | 7.462812 | 0.000 | +| 6 | 1.150000 | 0.554573 | 0.595593 | 0.554407 | 0.554407 | 1.384264 | 0.060482 | 0.343251 | 8.017219 | 8.017219 | 0.000 | +| 7 | 1.150000 | 0.555905 | 0.594261 | 0.555739 | 0.555739 | 1.384344 | 0.057353 | 0.400604 | 8.572957 | 8.572957 | 0.000 | +| 8 | 1.150000 | 0.557078 | 0.593089 | 0.556911 | 0.556911 | 1.384415 | 0.054598 | 0.455202 | 9.129868 | 9.129868 | 0.000 | +| 9 | 1.150000 | 0.558118 | 0.592049 | 0.557951 | 0.557951 | 1.384477 | 0.052155 | 0.507357 | 9.687819 | 9.687819 | 0.000 | +| 10 | 1.200000 | 0.582663 | 0.617511 | 0.582489 | 0.582489 | 1.382949 | 0.061906 | 0.569263 | 10.270308 | 10.270308 | 0.000 | + +### Totals Under This Scenario + +- Total owned base added: `11.25 cWUSDC` +- Total flash quote borrowed across all loops: `5.417058 USDC` +- Total base returned by PMM-to-wallet across all loops: `5.834308 cWUSDC` +- Net base permanently committed to the pool: `5.415692 cWUSDC` +- Cumulative retained quote after gas: `0.569263 USDC` +- Pool reserves grow from about `4.85 / 4.85` to about `10.27 / 10.27` + +## Inventory-Capped Recompute Using Current Wallet Balances + +Using the refreshed live wallet balances: + +- `cWUSDC = 8,888,889.376281` +- `USDC = 0.032904` +- `ETH = 0.000177340398672728` + +and keeping the same gas policy: + +- `3` follow-up transactions per loop +- `250,000` gas each +- live gas price `0.087135868 gwei` + +the per-loop gas reserve remains: + +- `0.000065351901 ETH` +- `0.2091260832 USDC` equivalent + +### Binding Inventory Cap + +Under these refreshed balances: + +- `cWUSDC` is not the binding inventory constraint for the 10-loop scenario ladder +- Mainnet `ETH` for gas is the first hard cap + +Maximum loops supportable by current ETH under this policy: + +```text +0.000177340398672728 / 0.000065351901 ≈ 2.71 +``` + +So only **2 full loops** are supportable without topping up ETH. + +### Wallet-Capped Ladder + +| loop | dB_owned (cWUSDC) | x_flash (USDC) | net base added (cWUSDC) | retained_after_gas (USDC) | cumulative retained (USDC) | cumulative ETH reserve used | ETH remaining | +|---:|---:|---:|---:|---:|---:|---:|---:| +| 1 | 1.050000 | 0.499355 | 0.499463 | 0.054845 | 0.054845 | 0.000065351901 | 0.000111988497672728 | +| 2 | 1.100000 | 0.524484 | 0.524326 | 0.063701 | 0.118546 | 0.000130703802 | 0.000046636596672728 | + +### Wallet-Capped Totals + +- Executable loops before ETH top-up: `2` +- Total owned base added before cap: `2.15 cWUSDC` +- Total net base permanently committed before cap: `1.023789 cWUSDC` +- Cumulative retained quote before cap: `0.118546 USDC` +- Remaining ETH after loop 2: `0.000046636596672728` + +### Operational Meaning + +With the current wallet state, the program is **gas-capped before it is cW-capped**. + +So the next gating actions are: + +1. top up Mainnet ETH if you want to run more than two loops under the current reserve policy +2. keep recalculating with live gas before each loop +3. only treat the full 10-loop ladder as actionable after the gas budget is restored + +## Fresh 10-Loop Ladder Under `+750 USDC` Matched Seed, `$100 ETH` Gas, and `125 USDC` Wallet Reserve + +This section models the exact scenario: + +- add `$100` of ETH to Mainnet for gas +- add `750 USDC` to the `cWUSDC/USDC` pool +- keep `125 USDC` in the wallet as reserve +- leave the rest of the wallet unchanged + +Important interpretation: + +- the `750 USDC` pool addition is treated as **matched depth**, not one-sided quote-only liquidity +- that means the pool is initialized with `750 USDC` plus `750 cWUSDC` from existing owned inventory +- the `125 USDC` reserve is kept **outside** the loop and is not required as a per-tranche retained floor + +### Updated Starting State + +Starting from the live pool: + +- `B0 = 4.854615` +- `Q0 = 4.854873` + +After the matched seed: + +- `B0' = 754.854615` +- `Q0' = 754.854873` + +### Updated Gas Budget + +Using the current live Mainnet gas snapshot: + +- gas price: `142,783,733 wei` +- gas price in gwei: `0.142783733` +- ETH/USD assumption: `2,140.09` + +Per-loop gas reserve under the same policy: + +- `3 × 250,000 gas` +- `0.00010708779975 ETH` +- `0.2291775293669775 USDC` + +With `$100` added as ETH: + +- added ETH: `0.04672700680812489` +- previous Mainnet ETH: `0.000177340398672728` +- new Mainnet ETH total: `0.04690434720679762` + +That supports approximately: + +- `437.999` loops under this gas policy + +So under this scenario, gas is no longer a practical bottleneck. + +### Ladder Assumptions + +This ladder uses: + +- corrected gas accounting +- peg-neutral targeting (`P_post = 1.0`) +- the same size-aware exit curve: + +```text +P_exit(base_out) = max(1.18, 1.42 - 0.06 * base_out) +``` + +- `125 USDC` wallet reserve held outside the loop +- no per-tranche retained floor beyond non-negative retained quote + +### Fresh 10-Loop Ladder + +| loop | dB_owned (cWUSDC) | x_flash (USDC) | base_out (cWUSDC) | net base added (cWUSDC) | q_net into pool (USDC) | P_exit_eff | retained_after_gas (USDC) | cum_retained (USDC) | B_end | Q_end | dev_bps | +|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:| +| 1 | 1.500000 | 0.749724 | 0.750243 | 0.749757 | 0.749499 | 1.374985 | 0.052297 | 0.052297 | 755.604372 | 755.604372 | 0.000 | +| 2 | 1.500000 | 0.749853 | 0.750372 | 0.749628 | 0.749628 | 1.374978 | 0.052339 | 0.104636 | 756.354000 | 756.354000 | 0.000 | +| 3 | 1.500000 | 0.749853 | 0.750371 | 0.749629 | 0.749629 | 1.374978 | 0.052338 | 0.156974 | 757.103629 | 757.103629 | 0.000 | +| 4 | 1.500000 | 0.749854 | 0.750371 | 0.749629 | 0.749629 | 1.374978 | 0.052337 | 0.209311 | 757.853257 | 757.853257 | 0.000 | +| 5 | 1.500000 | 0.749854 | 0.750371 | 0.749629 | 0.749629 | 1.374978 | 0.052336 | 0.261648 | 758.602887 | 758.602887 | 0.000 | +| 6 | 1.500000 | 0.749855 | 0.750370 | 0.749630 | 0.749630 | 1.374978 | 0.052336 | 0.313983 | 759.352516 | 759.352516 | 0.000 | +| 7 | 1.500000 | 0.749855 | 0.750370 | 0.749630 | 0.749630 | 1.374978 | 0.052335 | 0.366318 | 760.102146 | 760.102146 | 0.000 | +| 8 | 1.500000 | 0.749855 | 0.750370 | 0.749630 | 0.749630 | 1.374978 | 0.052334 | 0.418652 | 760.851777 | 760.851777 | 0.000 | +| 9 | 1.500000 | 0.749856 | 0.750369 | 0.749631 | 0.749631 | 1.374978 | 0.052333 | 0.470985 | 761.601407 | 761.601407 | 0.000 | +| 10 | 1.500000 | 0.749856 | 0.750369 | 0.749631 | 0.749631 | 1.374978 | 0.052332 | 0.523317 | 762.351038 | 762.351038 | 0.000 | + +### Totals Under This Scenario + +- Total owned base added across loops: `15.0 cWUSDC` +- Total flash quote borrowed across loops: `7.498415 USDC` +- Total base returned by PMM-to-wallet across loops: `7.503606 cWUSDC` +- Net base permanently committed to the pool: `7.496423 cWUSDC` +- Cumulative retained quote after gas: `0.523317 USDC` +- Pool reserves grow from about `754.85 / 754.85` to about `762.35 / 762.35` + +### Interpretation + +This scenario is materially better than the unseeded canary case: + +- gas is no longer binding +- peg-neutral loops are easy to maintain +- the matched seed turns the pool from “canary tiny” into a workable staged venue + +But it still has an important limitation: + +- the matched seed improves local PMM mechanics, but it does not by itself answer the broader service-enablement, wallet, routing, and payment-rail requirements needed for public Thirdweb-facing distribution + +## Appendix: Thirdweb Service Expansion Requirements + +This appendix captures the operational requirements for expanding Thirdweb support beyond the currently enabled baseline. + +### Current Planning Baseline + +Workspace assumption for this rollout: + +- enabled now: `Tokens`, `Indexer` +- target additions: `Wallets`, `RPC`, `Server Wallets`, `Gas Sponsorship`, `Bridge`, `AI`, `x402` + +Public Thirdweb chain metadata checked on April 6, 2026 for Defi Oracle Meta (`chainId 138`) shows: + +- visible products: `Tokens`, `AI`, `HTTP API` +- public RPC endpoint listed: `https://138.rpc.thirdweb.com` +- the chain overview and FAQ advertise add-to-wallet support and bridging into Chain 138 +- the public product section does **not** currently show `Wallets` or `x402` as enabled product tiles + +Operational note: + +- **Insight for Chain 138 is running** as of 2026-04-07 (operator-confirmed); still run `node scripts/try-thirdweb-insight.js` before external commitments. Historical note: Insight for 138 had previously returned unsupported responses; that is superseded by current operations. See `docs/04-configuration/THIRDWEB_INSIGHT_INDEXER.md`. + +### Shared Project-Level Requirements + +These apply to essentially all added Thirdweb services: + +- a live Thirdweb project with both `Client ID` and `Secret Key` +- domain allowlists for web apps and bundle IDs for native apps +- Chain 138 kept registered in Thirdweb chain metadata with canonical RPC, explorer, native token, and website fields +- production billing enabled for any mainnet-paid service +- a clear separation between frontend usage (`clientId`) and backend usage (`secretKey`) +- secret storage in repo-external secret management for all backend automations +- a dual-mode account abstraction plan that supports both `EIP-4337` and `EIP-7702` +- chain-by-chain execution policy documenting when to use `EIP-7702` and when to fall back to `ERC-4337` + +### Wallets + +Requirements: + +- enable wallet infrastructure on the project API key +- frontend integration with `createThirdwebClient`, `ThirdwebProvider`, and `ConnectButton` +- allowed domains and app bundle IDs configured on the Thirdweb project +- expose smart-account-capable wallet flows that can operate in both: + - `EIP-7702` mode on chains where Thirdweb and the chain support it + - `ERC-4337` mode everywhere we need smart-account features but `EIP-7702` is not available +- decide whether Chain 138 uses: + - standard in-app wallets per app, or + - ecosystem wallets with `ecosystemId` and optional `partnerId` +- if ecosystem wallets are used, add our own apps and approved partner apps to the allowlist + +Recommended Chain 138-specific additions: + +- publish the canonical Chain 138 RPC and explorer metadata in the wallet onboarding flow +- verify add-network behavior for `chainId 138` from the public chain page and in-app wallet flows +- treat `ERC-4337` as the required compatibility baseline for Chain 138 until `EIP-7702` support is explicitly confirmed for both the chain and Thirdweb execution stack + +### RPC + +Requirements: + +- keep the public Thirdweb RPC endpoint healthy and consistent for `chainId 138` +- ensure Chain 138 RPC is tied to the project API key / RPC Edge usage model +- keep HTTPS and WebSocket routing stable behind the existing Proxmox and NPMplus edge +- add `Accept-Encoding` support on clients to benefit from Thirdweb RPC response compression +- maintain production monitoring for latency, latest block, and error-rate regressions + +Recommended Chain 138-specific additions: + +- treat `https://138.rpc.thirdweb.com` as the canonical public endpoint exposed through Thirdweb +- keep our internal admin/core lane distinct from the public Thirdweb RPC lane + +### Server Wallets + +Requirements: + +- backend-only use of the Thirdweb `Secret Key` +- create at least one named server wallet identifier for treasury / settlement / automation roles +- fund the server wallet with native gas token on every chain where it must transact +- ensure server-wallet transaction paths work under both: + - `EIP-7702` for chains with supported smart-EOA execution + - `ERC-4337` for chains or workflows that still require bundler-based smart accounts +- define ownership boundaries for: + - deployer + - treasury + - x402 settlement + - bridge / routing automation +- wire server wallets only from backend jobs or trusted APIs, never the frontend + +Recommended Chain 138-specific additions: + +- dedicate separate server wallets for operator deployment, market operations, and payment settlement +- add balance checks and low-gas alerts to existing operational verification scripts + +### Gas Sponsorship + +Requirements: + +- enable account abstraction execution on the Thirdweb project +- implement both execution modes: + - `EIP-7702` as the preferred mode where the chain and Thirdweb support smart-EOA execution + - `ERC-4337` as the required fallback for chains without `EIP-7702` support or for workflows that still depend on bundler semantics +- configure `sponsorGas: true` for the relevant wallet flows +- maintain valid billing for mainnet sponsored transactions +- create sponsorship policies with spend limits, chain restrictions, contract restrictions, and wallet allow/deny rules +- optionally deploy a server verifier endpoint to approve or reject sponsored transactions case by case +- test both paths explicitly rather than assuming `EIP-7702` availability implies `ERC-4337` parity + +Recommended Chain 138-specific additions: + +- only sponsor curated contracts and routes at first +- set per-day and per-wallet spend ceilings before opening public access +- require a verifier service for any production consumer wallet flow +- maintain a published execution matrix for Chain 138, Ethereum Mainnet, and each supported destination chain showing whether the active mode is `EIP-7702` or `ERC-4337` + +### Bridge + +Requirements: + +- Chain 138 must be enabled by Thirdweb for bridge routing, not just listed in chain metadata +- frontend or API integration must use a Thirdweb client and bridge-capable flow such as `SwapWidget` or Bridge SDK methods +- supported assets, routes, and settlement chains must be confirmed for Chain 138 specifically +- bridge operations need funded source wallets and destination token availability +- run end-to-end route tests for: + - inbound gas-token funding + - stablecoin movement + - failure / timeout recovery + +Recommended Chain 138-specific additions: + +- do not mark Bridge as production-ready until Thirdweb shows live route availability for Chain 138 +- cross-check Thirdweb bridge coverage against our existing CCIP / Alltra / token-aggregation routing inventory + +### AI + +Requirements: + +- enable AI usage on the Thirdweb project +- use backend `Secret Key` access for `/ai/chat` +- pass explicit wallet and `chain_ids` context for Chain 138 requests +- define whether AI is: + - read-only assistant + - transaction-preparation assistant + - auto-execution assistant using server wallets +- if auto-execution is enabled, bind it to server-wallet policy and audit logging + +Recommended Chain 138-specific additions: + +- start with read/query and transaction-preparation use cases +- only allow execution for tightly scoped internal operator actions after server-wallet controls are proven + +### x402 + +Requirements: + +- x402 requires a Thirdweb server wallet for facilitator settlement +- x402 settlement uses `EIP-7702` gasless execution through the facilitator +- the payment token must support either: + - `ERC-2612 permit`, or + - `ERC-3009` +- the API or agent endpoint must implement x402 server-side middleware or equivalent request handling +- supported payment methods should be queried programmatically before launch + +Important compatibility note: + +- `x402` should be planned as a `7702`-specific payment rail, not as a general `4337`-compatible fallback path + +Recommended Chain 138-specific additions: + +- verify which Chain 138 payment tokens satisfy permit / authorization requirements before enabling x402 +- use a dedicated settlement wallet, separate from deployer and treasury roles +- pilot x402 on narrow machine-to-machine or agent endpoints before exposing it across general public APIs + +### Required Verification Gates Before Public Rollout + +Before claiming these services are enabled for Chain 138, verify all of the following: + +1. the Thirdweb public chain page for Defi Oracle Meta visibly lists the intended services +2. project API keys are restricted to the correct domains and apps +3. server wallets exist, are funded, and are scoped by role +4. gas sponsorship policies and optional verifier callbacks are live for both `EIP-7702` and `ERC-4337` paths where applicable +5. bridge routes actually return executable quotes for Chain 138 assets +6. AI calls with `chain_ids: [138]` return correct reads and safe action payloads +7. x402 tokens on Chain 138 pass permit / authorization compatibility checks +8. each supported chain has an explicit execution-mode designation of `EIP-7702`, `ERC-4337`, or both +9. all of the above are reflected in repo runbooks and smoke tests + +### Official References + +- Thirdweb API keys: +- Thirdweb wallets quickstart: +- Thirdweb ecosystem wallet setup: +- Thirdweb server wallets: +- Thirdweb gas sponsorship: +- Thirdweb sponsorship policies: +- Thirdweb bridge: +- Thirdweb AI chat: +- Thirdweb x402: +- Thirdweb x402 facilitator: +- Defi Oracle Meta chain page: + +- even with this improved starting point, the retained quote per loop is still only about `0.0523 USDC` + +So this is a **stable, repeatable, peg-neutral ladder**, but not yet a high-yield quote-building engine unless: + +- the external unwind improves further, or +- tranche sizes and the exit curve are upgraded with better venue access, or +- direct quote seeding is increased beyond `750 USDC` + +### Operational Best Use + +Under this scenario, the best use of the loop is: + +1. establish a healthier public pool with the matched `750/750` seed +2. preserve `125 USDC` as wallet-side emergency reserve +3. use small peg-neutral loops to continue growing pool depth without destabilizing price +4. treat the loop as a gradual deepening program, not the primary source of quote inventory + +### Interpretation + +This corrected ladder tells us three useful things: + +1. Under corrected gas, the strategy can still work, but only if the external unwind is materially stronger than `1.12`. +2. Peg-neutral targeting is much cleaner operationally than running near the deviation guard on every tranche. +3. The limiting resource becomes owned `cWUSDC` inventory, not flash capacity. + +### How to Use This Ladder + +- Treat it as a scenario template, not as a venue promise. +- Before every loop: + - refresh pool reserves + - refresh gas + - refresh flash premium + - replace the scenario `P_exit(base_out)` with a live size-aware unwind quote +- Only execute the next tranche if the live quote still clears `P_exit_required`. + +## What the Sweep Showed + +Using the current live Mainnet pool and `dB_owned = 1 cWUSDC`, the previously identified `0.35` to `0.60 USDC` pass band was based on the understated gas subtraction. + +With the corrected gas conversion, any tranche assessment must be re-run with the economically correct `G_quote`. + +The production-safe rule is: + +- never trust a tranche band unless the same `G_quote` value is shown in: + - the gas reserve summary + - the retained-after-gas subtraction + - the final pass/fail guards + +Why larger tranches fail: + +- too little owned base add: flash quote moves the peg too far quote-heavy +- too much owned base add: the pool starts excessively base-heavy before the flash leg +- too much flash size: even with the owned base add, the quote push over-rotates the pool + +## How to Scale This Safely + +### Recommended Tranche Method + +1. Refresh live gas, pool reserves, and flash premium immediately before sizing. +2. Choose a target post-trade peg band, not merely a flash size. +3. Solve for `x` from the target peg or from `P_exit_required`. +4. Add the owned `cWUSDC` base tranche. +5. Execute the flash-backed quote leg only if the live external unwind still clears the minimum required exit price. +6. Repay immediately from external proceeds. +7. Leave only retained `USDC` in the pool. +8. Re-read `getVaultReserve()` and `getMidPrice()`. +9. Recalculate before the next loop. + +### Why Recalculation Matters + +Each completed loop changes: + +- `B` +- `Q` +- marginal price +- the next safe flash size + +This is a staged ladder, not a one-shot large trade. + +## Operational Guidance + +### Do + +- treat owned `cW*` as durable base inventory +- treat flash `USD*` as temporary working capital +- use live flash premium, live gas, and live unwind quotes for every tranche +- size toward a peg target or minimum viable exit price, not a guessed flash amount +- repay first +- seed only retained `USD*` +- recalc after every loop + +### Do Not + +- assume a larger flash size is better +- assume a larger owned-base add is always safer +- assume `balanceOf(pool)` is the same thing as flash-cap certainty +- leave flash proceeds in the pool before repayment +- use these formulas without fresh reserve reads +- scale without verifying the modeled PMM math against the live pool read/query path + +## Exact Dry-Run Command + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +node scripts/analytics/pmm-flash-push-break-even.mjs \ + -B 4854615 -Q 4854873 \ + --full-loop-dry-run \ + --loop-strategy quote-push \ + --owned-base-add 1000000 \ + -x 600000 \ + --base-asset cWUSDC --base-decimals 6 \ + --quote-asset USDC --quote-decimals 6 \ + --external-exit-price 1.12 \ + --flash-provider-name "Aave mainnet" \ + --flash-provider-cap 682046747357782 \ + --flash-fee-bps 5 --lp-fee-bps 3 \ + --min-retained-usdc 50000 \ + --gas-tx-count 3 --gas-per-tx 250000 \ + --max-fee-gwei 0.087135868 \ + --native-token-price 3200 \ + --max-post-trade-deviation-bps 500 +``` + +Important: + +- This command is still useful as a structure/template. +- Before using it as a go/no-go decision, refresh the gas input and ensure the calculator is applying that same `G_quote` value consistently in the retained computation. +- If the economically correct gas conversion is used, the canary described above must be requalified rather than assumed safe. + +## Related repo tooling + +- **Readiness snapshot (mainnet pools, flash lenders, env):** `bash scripts/verify/check-public-pmm-dry-run-readiness.sh` +- **Multi-loop projection (modeled matched rebalance ladder):** `node scripts/analytics/pmm-flash-push-break-even.mjs --sequential-matched-loops N ...` (see `--help` for `--matched-flash-numerator` / `--matched-flash-denominator`). +- **Pool-implied sell-base price (diagnostic):** `scripts/verify/print-mainnet-cwusdc-usdc-pmm-sellbase-implied-price.sh [base_raw] [pool_address]` prints gross USDC per cWUSDC from vault reserves (default pool: canonical public `cWUSDC/USDC`, or env `PMM_CWUSDC_USDC_IMPLIED_PRICE_POOL`). Feeding it to `--external-exit-price-cmd` makes the analytics tool treat the exit as “live” and can yield **`execution-ready`**, but it is **not** a substitute for your real external monetization venue: same-pool implied prices typically **fail** the repay guard versus a stronger off-pool exit (e.g. the `1.12` planning scenario). +- **Steps 1–3 ladder helper:** `scripts/verify/run-mainnet-cwusdc-usdc-ladder-steps-1-3.sh` — optional **`PMM_FLASH_EXIT_PRICE_CMD`** overrides the default `printf 1.12` passed into `--external-exit-price-cmd`. +- **Hosted external exit quote (DODO / 1inch):** `scripts/verify/print-mainnet-cwusdc-external-exit-quote.sh dodo|1inch [base_raw]` — uses **`DODO_API_KEY`** or **`ONEINCH_API_KEY`** (see `.env.master.example`). Prefer this over pool-implied price when you want a route-aggregator quote for execution-grade inputs. + +## Updating the Paper With Live Inputs + +To refresh the core live inputs: + +```bash +cast gas-price --rpc-url https://ethereum.publicnode.com +cast block latest --rpc-url https://ethereum.publicnode.com | rg 'baseFeePerGas|number|timestamp' +cast call 0x69776fc607e9edA8042e320e7e43f54d06c68f0E 'getVaultReserve()(uint256,uint256)' --rpc-url https://ethereum.publicnode.com +cast call 0x69776fc607e9edA8042e320e7e43f54d06c68f0E 'getMidPrice()(uint256)' --rpc-url https://ethereum.publicnode.com +cast call 0x87870Bca3F3fD6335C3F4ce8392D69350B4fA4E2 'FLASHLOAN_PREMIUM_TOTAL()(uint128)' --rpc-url https://ethereum.publicnode.com +``` + +Recommended additional preflight: + +```bash +cast estimate --rpc-url https://ethereum.publicnode.com +``` + +and replace the scalar `--external-exit-price` with a conservative size-aware execution quote whenever possible. + +## Tranche Optimization Toward an 8M / 8M Public Pool + +If the actual objective is to grow the public `cWUSDC / USDC` pool toward roughly: + +- `8,000,000 cWUSDC` +- `8,000,000 USDC` + +then the right control variable is no longer “smallest tranche that passes.” + +The right control variable is: + +- **net pool growth per loop as a percentage of current pool size** + +Under the same corrected-gas and peg-neutral model used above, fixed tiny loops are far too slow for a multi-million target. + +### Executive Recommendation + +For an `8M / 8M` end state, the best actual operating plan is: + +1. get out of the “tiny pool” regime as quickly as possible with direct matched adds +2. use hybrid flash loops to compound from a healthier starting pool +3. scale loops by **percentage of current pool size** +4. shift from aggressive to balanced to conservative sizing as the pool grows + +In other words: + +- direct seeding is the fastest way to establish serious depth +- hybrid loops are the best way to keep building without guessing once depth already exists + +### Why Fixed Tiny Loops Do Not Reach 8M Efficiently + +Even under the improved `+750 matched seed` scenario, the fresh 10-loop ladder only grows the pool by about: + +- `0.7496 cWUSDC` +- `0.7496 USDC` + +per loop. + +At that pace, reaching `8,000,000 / 8,000,000` from `~754.85 / 754.85` would require approximately: + +- `10.67 million` loops +- about `741 days` at a `6s` cadence + +That is not an efficient path to the target. + +### Percentage-Based Tranche Method + +For optimization, set the owned-base add each loop as a percentage of the current pool size: + +```text +dB_owned = alpha * current_pool_size +``` + +Then solve peg-neutral `x_flash` for that `dB_owned`. + +Under the simplified reserve model used in this paper, the approximate net pool growth per loop becomes: + +- `alpha = 1.0%` -> net pool growth `~0.498756%` +- `alpha = 2.0%` -> net pool growth `~0.995049%` +- `alpha = 5.0%` -> net pool growth `~2.469508%` + +These percentages are far more useful for planning toward a target reserve than a fixed micro-loop. + +### Optimized Profiles + +| profile | owned-base add target per loop | flash target per loop | net pool growth per loop | loops from `~754.85` to `8M` | time at `6s` cadence | approximate ETH gas required | +|---|---:|---:|---:|---:|---:|---:| +| conservative | `1.0%` of current pool | `~0.4989%` of current pool | `~0.4988%` | `1,863` | `3.10 hours` | `~0.1995 ETH` | +| balanced | `2.0%` of current pool | `~0.9953%` of current pool | `~0.9950%` | `937` | `1.56 hours` | `~0.1004 ETH` | +| aggressive | `5.0%` of current pool | `~2.4702%` of current pool | `~2.4695%` | `380` | `0.63 hours` | `~0.0407 ETH` | + +These are model-based planning figures, not execution guarantees. + +### Recommended Tranche Bands + +The best actual tranche program for an `8M / 8M` goal is: + +1. Use **direct matched seeding** for the first large pool step whenever possible. +2. Use flash loops as an **amplifier**, not as the sole bootstrap source. +3. Scale loop size as a percentage of pool size rather than a fixed token amount. + +Recommended operating bands: + +- `100 -> 100,000` matched pool: + use **aggressive** `5%` loops if live unwind quotes support it +- `100,000 -> 1,000,000`: + use **balanced** `2%` loops +- `1,000,000 -> 8,000,000`: + use **conservative to balanced** `1%` to `2%` loops, depending on live exit quality and MEV conditions + +This is the practical compromise: + +- larger early loops reduce total loop count materially +- smaller later loops are easier to execute safely against real unwind liquidity + +### Staged Path to 8M / 8M + +The cleanest way to think about the program is in stages: + +| stage | pool zone | preferred action | reason | +|---|---:|---|---| +| 1 | sub-`100k` | direct matched adds first, then aggressive `5%` loops | tiny pools are too shallow for efficient micro-loop compounding | +| 2 | `100k` to `1M` | balanced `2%` loops | good tradeoff between speed and control | +| 3 | `1M` to `8M` | conservative-to-balanced `1%` to `2%` loops | reduces execution stress and makes live unwind quality easier to maintain | + +This staged path is better than one fixed tranche policy because the pool’s needs change as it grows: + +- early on, speed matters more than finesse +- later on, execution quality matters more than raw percentage growth + +### Decision Rule Per Loop + +Before each loop, the operator decision can be reduced to: + +1. identify the current pool zone +2. choose the profile for that zone +3. compute `dB_owned = alpha * current_pool_size` +4. solve peg-neutral `x_flash` +5. verify the live unwind quote still clears the minimum required exit price +6. execute only if the live quote and gas remain inside policy + +That keeps the program deterministic and prevents “just try a bigger flash size” behavior. + +### What the Model Implies at Key Pool Sizes + +Using the paper's current simplified exit model: + +| current matched pool | profile | `dB_owned` per loop | `x_flash` per loop | net permanent base added per loop | retained quote per loop | +|---:|---|---:|---:|---:|---:| +| `100,000 / 100,000` | conservative `1%` | `1,000` | `498.905883` | `498.756211` | `92.083157` | +| `100,000 / 100,000` | balanced `2%` | `2,000` | `995.347988` | `995.049384` | `189.766888` | +| `100,000 / 100,000` | aggressive `5%` | `5,000` | `2,470.248734` | `2,469.507660` | `514.267926` | +| `1,000,000 / 1,000,000` | conservative `1%` | `10,000` | `4,989.058830` | `4,987.562112` | `922.894171` | +| `1,000,000 / 1,000,000` | balanced `2%` | `20,000` | `9,953.479880` | `9,950.493836` | `1,899.731476` | +| `1,000,000 / 1,000,000` | aggressive `5%` | `50,000` | `24,702.487342` | `24,695.076596` | `5,144.741853` | +| `8,000,000 / 8,000,000` | conservative `1%` | `80,000` | `39,912.470638` | `39,900.496897` | `7,384.757611` | +| `8,000,000 / 8,000,000` | balanced `2%` | `160,000` | `79,627.839041` | `79,603.950690` | `15,199.456048` | +| `8,000,000 / 8,000,000` | aggressive `5%` | `400,000` | `197,619.898737` | `197,560.612768` | `41,159.539070` | + +### Constraint on the Large-Size Rows + +The large-size rows above become increasingly optimistic because the current scenario curve floors `P_exit` at `1.18`. + +That means: + +- the mathematics are useful for tranche planning +- but the large-size rows are still **upper-bound planning numbers** +- before execution, each tranche still needs live size-aware external unwind quotes and private orderflow assumptions + +So the final strategy implication is: + +- if the target is truly `8M / 8M`, use direct matched adds to get into the six-figure or seven-figure range quickly +- then use percentage-based hybrid loops to compound the pool +- do **not** try to bootstrap all the way to millions from sub-dollar flash loops + +### Practical Optimization Summary + +If the goal is to smooth, improve, and optimize the strategy rather than merely prove it works, the optimized policy is: + +- stop thinking in fixed token tranches once the pool becomes meaningful +- start thinking in percentage-based loop profiles +- reserve aggressive sizing for bootstrap phases only +- downgrade to smaller percentage loops as the pool gets deeper +- treat direct matched adds as the primary accelerator and flash loops as the compounding layer + +## Current Live Inventory Reality and Restructured Path to 8M / 8M + +Using the refreshed live Mainnet state on April 7, 2026 after replacing the legacy `cWUSDC / USDC` pool and seeding the replacement: + +- pool `cWUSDC / USDC` reserves: + - `B0 = 100.000000 cWUSDC` + - `Q0 = 100.000000 USDC` +- deployer wallet: + - `cWUSDC = 8,888,789.459367` + - `USDC = 23.438732` + - `ETH = 0.028931789204992397` +- one observed live gas price during the post-repair dry-run pass: + - `190,662,663 wei` + - `0.190662663 gwei` + +Important modeling note: + +- the current loop calculator is still a planning tool unless it has: + - a live executable pool quote surface + - the strategy's live size-aware external quote + - `quote-push`: live external exit quote + - `base-unwind`: live external entry quote + - measured or live-estimated gas for the actual path + - an explicit post-trade deviation cap +- if those are missing, ladders should be treated as planning-only and not execution-ready +- on Mainnet, the repaired `cWUSDC / USDC` pool is healthier operationally, but it still exposes only a partial DODO read surface: + - `getVaultReserve()` and `getMidPrice()` return successfully + - `querySellBase` / `querySellQuote` still revert on direct pool reads + - the tool therefore continues to treat execution-grade laddering as blocked on the missing live pool quote surface, even though the pool is now mapped correctly and funded + - `cWUSDT/USDT` and `cWUSDC/USDT` remain planning-only today for the same reason + +Important reachability note: + +- because the repaired live pool has now been directly topped up to exactly `120 / 120`, hypothetical matched ladders below `120 / 120` are no longer relevant as add-only top-ups from the current pool +- the next valid add-only matched rung from current live state is above `120 / 120` + +### Current-Rung Reachability From Live Pool and Wallet + +Using the refreshed post-top-up live state: + +- pool `cWUSDC / USDC` reserves: + - `B0 = 120.000000 cWUSDC` + - `Q0 = 120.000000 USDC` +- deployer wallet: + - `cWUSDC = 8,888,769.459367` + - `USDC = 3.438732` + - `ETH = 0.028448799532520394` +- observed gas price during this pass: + - `1,041,456,922 wei` + - `1.041456922 gwei` + +Using the same aggressive `5%` loop profile as the earlier ladder section and the same conservative gas policy (`3 × 250,000 gas` per loop), the refreshed matched-rung ladder is: + +| target matched rung | direct base add needed | direct quote add needed | extra USDC needed beyond current wallet | loops to `50,000 / 50,000` at `5%` profile | extra ETH needed beyond current wallet | time at `6s` cadence | +|---:|---:|---:|---:|---:|---:| +| `10 / 10` | already above rung | already above rung | `0` | `350` | `0.244934 ETH` | `0.583 h` | +| `25 / 25` | already above rung | already above rung | `0` | `312` | `0.215252 ETH` | `0.520 h` | +| `50 / 50` | already above rung | already above rung | `0` | `284` | `0.193382 ETH` | `0.473 h` | +| `75 / 75` | already above rung | already above rung | `0` | `267` | `0.180103 ETH` | `0.445 h` | +| `100 / 100` | already above rung | already above rung | `0` | `255` | `0.170730 ETH` | `0.425 h` | +| `120 / 120` | already at rung | already at rung | `0` | `248` | `0.165262 ETH` | `0.413 h` | +| `150 / 150` | `30.000000` | `30.000000` | `26.561268` | `239` | `0.158232 ETH` | `0.398 h` | +| `200 / 200` | `80.000000` | `80.000000` | `76.561268` | `227` | `0.148859 ETH` | `0.378 h` | +| `300 / 300` | `180.000000` | `180.000000` | `176.561268` | `210` | `0.135581 ETH` | `0.350 h` | +| `400 / 400` | `280.000000` | `280.000000` | `276.561268` | `198` | `0.126208 ETH` | `0.330 h` | +| `500 / 500` | `380.000000` | `380.000000` | `376.561268` | `189` | `0.119178 ETH` | `0.315 h` | +| `600 / 600` | `480.000000` | `480.000000` | `476.561268` | `182` | `0.113710 ETH` | `0.303 h` | + +Interpretation: + +- the current live pool has already surpassed every rung below `120 / 120` +- the smallest new **add-only matched rung** from the current live pool is `150 / 150` +- the most efficient rung in this band is still `600 / 600` +- none of these ladders are executable from the current wallet under the conservative `3 × 250,000 gas` policy without both: + - more Mainnet `USDC` + - more Mainnet `ETH` +- with the current live `ETH`, the wallet only supports about `36` loops under that conservative gas policy, which implies a minimum starting matched rung of roughly `20,776 / 20,776` to reach `50,000 / 50,000` without topping up more gas + +### The True Constraint + +For an `8,000,000 / 8,000,000` target pool, the remaining matched depth needed from the current live pool is: + +- additional base required: `7,999,950.118471 cWUSDC` +- additional quote required: `7,999,999.527316 USDC` + +The deployer wallet can already cover the entire base-side requirement: + +- wallet `cWUSDC`: `8,888,889.459367` +- base required: `7,999,950.118471` +- base surplus after a full direct base-side seed: `888,939.340896 cWUSDC` + +But the wallet cannot cover the quote-side requirement: + +- wallet `USDC`: `5.765529` +- quote shortfall: `7,999,993.761787 USDC` + +So the binding constraint is not `cWUSDC`. + +The binding constraint is **Mainnet USDC**. + +### Why Selling Current `cWUSDC` to Raise `USDC` Is the Wrong Primary Path + +If the current wallet tries to self-fund the quote side by monetizing part of its own `cWUSDC`, the pool ceiling is much lower than `8M / 8M`. + +Under several effective external monetization prices, the maximum matched pool reachable from the current wallet alone is approximately: + +| effective external monetization price for sold `cWUSDC` | maximum matched pool reachable from current wallet alone | +|---:|---:| +| `1.00 USDC / cWUSDC` | `4,444,447.612448 / 4,444,447.612448` | +| `1.12 USDC / cWUSDC` | `4,696,019.792462 / 4,696,019.792462` | +| `1.18 USDC / cWUSDC` | `4,811,419.875038 / 4,811,419.875038` | +| `1.42 USDC / cWUSDC` | `5,215,797.023897 / 5,215,797.023897` | + +To reach a fully matched `8,000,000 / 8,000,000` pool from the current wallet **without any additional external USDC**, the monetized portion of `cWUSDC` would have to clear at about: + +- `8.999989 USDC per cWUSDC` + +That is not a reasonable planning assumption. + +### Restructured Strategy + +Because of that, the optimized path to `8M / 8M` changes: + +1. **Do not treat wallet `cWUSDC` as the scarce asset.** + It is already sufficient for the base-side target. +2. **Do not rely on selling large amounts of current `cWUSDC` to create the entire quote side.** + That caps the reachable matched pool far below `8M`. +3. **Treat external or bridged Mainnet `USDC` as the primary capital requirement.** +4. **Use direct matched adds to move the pool into the six-figure or seven-figure regime quickly.** +5. **Only then use percentage-based hybrid loops to compound and tune the pool.** + +So the correct inventory-first plan is: + +- preserve `cWUSDC` for direct matched seeding +- source Mainnet `USDC` directly rather than trying to synthesize all of it through self-liquidation +- use hybrid loops only after the pool is already materially deep + +### What This Means Operationally + +If the goal remains exactly `8M / 8M`, the cleanest path is: + +- add `7,999,995.145385 cWUSDC` from the deployer wallet directly to the pool side +- source `7,999,995.145127 USDC` from external quote inventory, bridge flows, treasury capital, or other non-self-destructive sources + +That is strictly better than selling down `cWUSDC` to manufacture the quote side from the same wallet. + +### Flash Loops Are Not the Bootstrap for This Exact Jump + +At the current live gas price and wallet ETH: + +- estimated gas per loop under the paper's policy: + - `0.0000644439615 ETH` +- current loop capacity before topping up ETH: + - about `33.66` loops + +So with the wallet in its current state: + +- flash loops are not the limiting source of scale +- gas is too small for a meaningful bootstrap campaign +- and the quote-side capital gap is too large for loops to close efficiently from the current starting point + +### Mainnet Gas Top-Up Requirement + +Because the current wallet only supports about `33.66` loops at the live gas price, Mainnet ETH top-up must still be treated as part of the execution plan, not an optional afterthought. + +Using the paper's current loop gas policy: + +- gas per loop: `0.0000644439615 ETH` + +the practical top-up bands are: + +| target loop budget | ETH required for loops only | practical ETH target including buffer | +|---:|---:|---:| +| `100` loops | `0.00644439615 ETH` | `0.008 ETH` | +| `250` loops | `0.016110990375 ETH` | `0.020 ETH` | +| `500` loops | `0.03222198075 ETH` | `0.040 ETH` | +| `1,000` loops | `0.0644439615 ETH` | `0.075 ETH` | +| `1,863` loops | `0.1206583028745 ETH` | `0.135 ETH` | + +For the optimized `8M / 8M` path described above, a sensible operator policy is: + +- minimum viable top-up: `0.02 ETH` +- recommended working top-up: `0.05 ETH` +- aggressive uninterrupted execution budget: `0.135 ETH` + +That top-up should happen **before** any serious loop campaign begins. + +In other words: + +- direct matched seeding solves the depth problem +- Mainnet `USDC` sourcing solves the quote problem +- Mainnet ETH top-up solves the execution continuity problem + +The right use of loops here is: + +- **after** a large direct matched seed +- **after** ETH is topped up for sustained execution +- as a compounding and maintenance layer, not as the primary path from `~4.85 / 4.85` to `8M / 8M` + +## Bottom Line + +The hybrid loop framework is viable in principle, but the path to `8M / 8M` is now clearly an inventory-and-execution problem, not a “find the perfect flash size” problem. + +The right next move is: + +1. top up Mainnet ETH for the intended loop budget +2. source Mainnet `USDC` directly for the quote side of the target pool +3. use the deployer's existing `cWUSDC` inventory for direct matched base-side seeding +4. only then use percentage-based hybrid loops for compounding and maintenance + +That is the durable path to growing public `cWUSD*/USD*` depth without guessing, without self-destructively selling the base inventory, and without letting gas starvation interrupt the strategy. + +## Operator Run Sheet — `256.763253 / 256.763253` Ladder + +The current Mainnet operator state used for this run sheet is: + +- deployer wallet: + - `ETH = 0.029745647296325322` + - `USDC = 136.763253` + - `cWUSDC = 8,888,769.459367` +- live `cWUSDC / USDC` pool: + - `120.000000 / 120.000000` +- staged matched top-up: + - `+136.763253 cWUSDC` + - `+136.763253 USDC` +- staged matched pool: + - `256.763253 / 256.763253` + +At this staged depth, the current safe `quote-push` tranche under the `500 bps` cap is: + +- `6.340000 USDC` + +and the modeled first-loop economics are: + +- `cWUSDC` out from the PMM: + - `6.185414` +- retained after gas: + - `0.545515 USDC` +- post-trade deviation: + - `499.785279 bps` + +### Preflight + +Run these checks before the first step: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +WALLET="$(cast wallet address --private-key "$PRIVATE_KEY")" +echo "wallet=$WALLET" + +cast balance "$WALLET" --ether --rpc-url "$ETHEREUM_MAINNET_RPC" +cast call 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48 'balanceOf(address)(uint256)' "$WALLET" --rpc-url "$ETHEREUM_MAINNET_RPC" +cast call 0x2de5F116bFcE3d0f922d9C8351e0c5Fc24b9284a 'balanceOf(address)(uint256)' "$WALLET" --rpc-url "$ETHEREUM_MAINNET_RPC" +cast call 0x69776fc607e9edA8042e320e7e43f54d06c68f0E 'getVaultReserve()(uint256,uint256)' --rpc-url "$ETHEREUM_MAINNET_RPC" +cast gas-price --rpc-url "$ETHEREUM_MAINNET_RPC" +``` + +Expected readiness: + +- enough wallet `USDC` to perform the matched top-up +- enough wallet `ETH` to keep the ladder running +- pool still at or near the staged assumptions after the top-up + +Apply the staged top-up: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +bash scripts/deployment/add-mainnet-public-dodo-cw-liquidity.sh \ + --pair=cwusdc-usdc \ + --base-amount=136763253 \ + --quote-amount=136763253 +``` + +Verify the staged pool: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +cast call 0x69776fc607e9edA8042e320e7e43f54d06c68f0E \ + 'getVaultReserve()(uint256,uint256)' \ + --rpc-url "$ETHEREUM_MAINNET_RPC" +``` + +Expected: + +- `256763253` +- `256763253` + +### Step 1 + +Dry-run the first safe tranche: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +node scripts/analytics/pmm-flash-push-break-even.mjs \ + -B 256763253 -Q 256763253 \ + --full-loop-dry-run \ + --loop-strategy quote-push \ + -x 6340000 \ + --base-asset cWUSDC --base-decimals 6 \ + --quote-asset USDC --quote-decimals 6 \ + --external-exit-price-cmd 'printf 1.12' \ + --external-exit-source live \ + --flash-provider-cap 1000000000000 \ + --flash-provider-name 'Aave mainnet (cap placeholder)' \ + --gas-tx-count 3 --gas-per-tx 250000 \ + --max-fee-gwei 0.264434700 \ + --native-token-price 2241.69 \ + --max-post-trade-deviation-bps 500 \ + --execution-grade +``` + +Expected modeled result: + +- retained after gas: + - `0.545515 USDC` +- post-trade deviation: + - `499.785279 bps` +- post-trade pool before rebalance: + - `250.577839 / 263.101351` + +Rebalance back to matched: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +bash scripts/deployment/add-mainnet-public-dodo-cw-liquidity.sh \ + --pair=cwusdc-usdc \ + --base-amount=12523512 \ + --quote-amount=0 +``` + +Resulting matched pool: + +- `263.101351 / 263.101351` + +### Verify + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +cast call 0x69776fc607e9edA8042e320e7e43f54d06c68f0E \ + 'getVaultReserve()(uint256,uint256)' \ + --rpc-url "$ETHEREUM_MAINNET_RPC" +``` + +Expected: + +- `263101351` +- `263101351` + +### Step 2 + +Dry-run the next safe tranche: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +node scripts/analytics/pmm-flash-push-break-even.mjs \ + -B 263101351 -Q 263101351 \ + --full-loop-dry-run \ + --loop-strategy quote-push \ + -x 6499324 \ + --base-asset cWUSDC --base-decimals 6 \ + --quote-asset USDC --quote-decimals 6 \ + --external-exit-price-cmd 'printf 1.12' \ + --external-exit-source live \ + --flash-provider-cap 1000000000000 \ + --flash-provider-name 'Aave mainnet (cap placeholder)' \ + --gas-tx-count 3 --gas-per-tx 250000 \ + --max-fee-gwei 0.264434700 \ + --native-token-price 2241.69 \ + --max-post-trade-deviation-bps 500 \ + --execution-grade +``` + +Expected modeled result: + +- retained after gas: + - about `0.560131 USDC` +- resulting matched pool after rebalance: + - `269.601416 / 269.601416` + +Rebalance: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +bash scripts/deployment/add-mainnet-public-dodo-cw-liquidity.sh \ + --pair=cwusdc-usdc \ + --base-amount=12838163 \ + --quote-amount=0 +``` + +### Verify + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +cast call 0x69776fc607e9edA8042e320e7e43f54d06c68f0E \ + 'getVaultReserve()(uint256,uint256)' \ + --rpc-url "$ETHEREUM_MAINNET_RPC" +``` + +Expected: + +- `269601416` +- `269601416` + +### Step 3 + +Dry-run the next safe tranche: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +node scripts/analytics/pmm-flash-push-break-even.mjs \ + -B 269601416 -Q 269601416 \ + --full-loop-dry-run \ + --loop-strategy quote-push \ + -x 6659826 \ + --base-asset cWUSDC --base-decimals 6 \ + --quote-asset USDC --quote-decimals 6 \ + --external-exit-price-cmd 'printf 1.12' \ + --external-exit-source live \ + --flash-provider-cap 1000000000000 \ + --flash-provider-name 'Aave mainnet (cap placeholder)' \ + --gas-tx-count 3 --gas-per-tx 250000 \ + --max-fee-gwei 0.264434700 \ + --native-token-price 2241.69 \ + --max-post-trade-deviation-bps 500 \ + --execution-grade +``` + +Expected modeled result: + +- retained after gas: + - about `0.574926 USDC` +- resulting matched pool after rebalance: + - `276.259243 / 276.259243` + +Rebalance: + +```bash +source scripts/lib/load-project-env.sh >/dev/null 2>&1 + +bash scripts/deployment/add-mainnet-public-dodo-cw-liquidity.sh \ + --pair=cwusdc-usdc \ + --base-amount=13155202 \ + --quote-amount=0 +``` + +### Continue + +The first ten safe loops from the `256.763253 / 256.763253` staged start produce: + +| step | start matched pool | flash `USDC` | retained after gas | end matched pool | +|---:|---:|---:|---:|---:| +| `1` | `256.763253` | `6.342691` | `0.545692` | `263.104041` | +| `2` | `263.104041` | `6.499324` | `0.560131` | `269.601416` | +| `3` | `269.601416` | `6.659826` | `0.574926` | `276.259243` | +| `4` | `276.259243` | `6.824290` | `0.590086` | `283.081486` | +| `5` | `283.081486` | `6.992817` | `0.605621` | `290.072205` | +| `6` | `290.072205` | `7.165505` | `0.621539` | `297.235561` | +| `7` | `297.235561` | `7.342458` | `0.637851` | `304.575816` | +| `8` | `304.575816` | `7.523780` | `0.654565` | `312.097339` | +| `9` | `312.097339` | `7.709581` | `0.671692` | `319.804606` | +| `10` | `319.804606` | `7.899969` | `0.689242` | `327.702206` | + +Projected continuation from the same ladder: + +| horizon | end matched pool | cumulative retained after gas | cumulative flash borrowed | cumulative `cWUSDC` rebalance | +|---:|---:|---:|---:|---:| +| `50 loops` | `869.491510 / 869.491510` | `54.549432 USDC` | `612.912131 USDC` | `1210.689809 cWUSDC` | +| `100 loops` | `2944.406872 / 2944.406872` | `243.923981 USDC` | `2688.450154 USDC` | `5310.515224 cWUSDC` | + +The operating rule remains: + +1. dry-run the next tranche +2. execute only if it still passes under the live pool, gas, and deviation cap +3. rebalance back to matched +4. reread reserves +5. repeat diff --git a/docs/03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md b/docs/03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md new file mode 100644 index 00000000..c8695a3c --- /dev/null +++ b/docs/03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md @@ -0,0 +1,244 @@ +# Mainnet PMM: TRUU liquidity, cWUSD* peg, deeper pools, and bots + +**Purpose:** Single operator surface for Ethereum mainnet: deepen **TRUU** liquidity, keep **cWUSDT/cWUSDC** (and related USD cW rails) pegged to hub stables, improve liquidity on already-deployed DODO PMM pools, and run bots safely against those pools. + +**Related:** `cross-chain-pmm-lps/docs/04-bot-policy.md`, `cross-chain-pmm-lps/docs/11-safe-inventory-sizing.md`, `cross-chain-pmm-lps/config/peg-bands.json`, `cross-chain-pmm-lps/config/deployment-status.json` (chain `1`), `scripts/deployment/deploy-mainnet-public-dodo-wave1-pool.sh`, `scripts/deployment/run-mainnet-public-dodo-cw-swap.sh`, `scripts/deployment/plan-mainnet-cw-stabilization.sh`, `scripts/verify/check-mainnet-public-dodo-cw-bootstrap-pools.sh`, `scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh`. + +**Hybrid loop calculations:** [MAINNET_CWUSD_HYBRID_FLASH_LOOP_CALCULATION_WHITEPAPER.md](/home/intlc/projects/proxmox/docs/03-deployment/MAINNET_CWUSD_HYBRID_FLASH_LOOP_CALCULATION_WHITEPAPER.md) + +--- + +## 1. TRUU — depth and tradability + +- [ ] **1.1** Prefer one deep **TRUU/USDT** (or primary) Uniswap v3 book for organic flow; add **cWUSD\*/TRUU** PMM only with a clear role (compliant rail), avoiding many shallow duplicates. +- [ ] **1.2** Seed PMM with **both** legs sized to a target **TRUU/USD** mid (cW leg = USD numeraire; TRUU leg matches market). +- [ ] **1.3** Define a **primary TRUU/USD reference** (plus sanity checks) for bot bounds and PMM **`i`** updates. +- [ ] **1.4** Automate **`i`** refresh on TRUU pools with caps on max change per period; never leave **`i`** stale through large market moves. +- [ ] **1.5** Rehearse **createPool → addLiquidity → swap** on a **mainnet fork** with correct decimals (**TRUU 10**, cW USD wrappers **6**). +- [ ] **1.6** Bots that trade TRUU: always use **minAmountOut**, reserve checks, and max trade size vs pool depth. + +--- + +## 2. cWUSD* — peg maintenance (hub rails) + +- [ ] **2.1** Treat **cWUSDT/USDT**, **cWUSDC/USDC**, and **cW\*/USDC** / **cW\*/USDT** hub pairs as the **peg contract**; do not use TRUU pools to fix cW drift. +- [ ] **2.2** Align bot behavior with **`cross-chain-pmm-lps/config/peg-bands.json`**: normal vs stress vs **circuit** (e.g. 200 bps USD circuit in config); define **pause** when circuit trips. +- [ ] **2.3** Combine **deviation vs oracle** with **cW inventory vs target** (inventory-first), per bot policy doc. +- [ ] **2.4** Reserve a **small gas budget** for **micro-trades** on matched-quote rails (**cWUSDC/USDC**, **cWUSDT/USDT**) for observability without becoming primary volume. +- [ ] **2.5** Size per-chain inventory targets using **`11-safe-inventory-sizing.md`** (refill latency, bridge **β/γ**, shock multiplier **σ**). +- [ ] **2.6** Ensure **mint/burn/bridge** roles and SLOs can refill inventory before pools empty under expected flow. +- [ ] **2.7** Monitor **USDC/USDT basis** on-chain so bots do not confuse stable basis with cW peg failure. + +--- + +## 3. Existing deployed pools — more liquidity + +- [ ] **3.1** Add liquidity in **tranches**; after each, read **`getVaultReserve`** and estimate price impact for a reference trade size. +- [ ] **3.2** Prioritize capital on pools that **routers and aggregators** actually hit; unfunded side pools do not improve real liquidity. +- [ ] **3.3** Keep **`cross-chain-pmm-lps/config/deployment-status.json`** (`chains."1".pmmPools`) and any **router/registry** mappings aligned with on-chain truth. +- [ ] **3.4** After material changes, run **`scripts/verify/check-mainnet-public-dodo-cw-bootstrap-pools.sh`** and **`scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh`**. +- [ ] **3.5** For **cW vs USDC/USDT** hub pools, prefer **deepening reserves** over frequent **fee/k** changes unless analytics show misfit. + +--- + +## 4. Bots against PMM pools — safety + +- [ ] **4.1** Use a **single coordinator** (or strict role split) so multiple bots do not fight the same pool or double-send. +- [ ] **4.2** On **oracle staleness** or divergence vs pool mid: **widen bands or pause**; do not increase size into bad data. +- [ ] **4.3** **Gas policy**: max fee per tx/day, nonce management, and backoff on congestion. +- [ ] **4.4** Cap per-block / per-pool trade size vs reserves to limit **sandwich / JIT** damage on public legs. +- [ ] **4.5** Alert on **δ**, **reserves**, **failed txs**, **bridge queue**, **bot budget vs PnL**; bots without telemetry are an operational risk. +- [ ] **4.6** Before changing bands, fees, or inventory targets, run **cross-chain-pmm-lps** simulations / scorecard where applicable. + +--- + +## 5. Governance split + +- [ ] **5.1** **Peg bots** optimize **cW vs hub stables**; **TRUU bots** optimize **TRUU pricing and inventory** — do not merge policy in one unconstrained loop. +- [ ] **5.2** Align public messaging and constraints with **compliance/market-making** policy where relevant; mechanics do not replace legal review. + +--- + +## 6. Quick commands + +```bash +# Env: ETHEREUM_MAINNET_RPC, DODO_PMM_INTEGRATION_MAINNET (and pool env vars as in bootstrap script) +source smom-dbis-138/scripts/load-env.sh + +bash scripts/verify/check-mainnet-public-dodo-cw-bootstrap-pools.sh +bash scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh +bash scripts/deployment/plan-mainnet-cw-stabilization.sh + +# Full deployment summary (Chain 138 + GRU + optional mainnet PMM peg check when mainnet env is set) +bash scripts/verify/check-full-deployment-status.sh + +# Optional: stricter reserve floor (wei-like raw units, both legs) +# MIN_POOL_RESERVE_RAW=1000000000 bash scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh + +# Optional: after deploying cW/TRUU PMM, set token addresses for an extra check +# PMM_TRUU_BASE_TOKEN=0x... PMM_TRUU_QUOTE_TOKEN=0x... bash scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh + +# Equal USD on each side (not equal raw 1:1 tokens) — set TRUU_USD_PRICE from spot/TWAP +# TRUU_USD_PRICE=0.00004 USD_NOTIONAL_PER_LEG=5000 bash scripts/deployment/compute-mainnet-truu-pmm-seed-amounts.sh + +# Create + seed cWUSDT/TRUU or cWUSDC/TRUU (dry-run first; set initial-price from DODO math / fork test) +# bash scripts/deployment/deploy-mainnet-pmm-cw-truu-pool.sh \ +# --pair=cwusdt-truu --initial-price= --base-amount=... --quote-amount=... --dry-run + +# Top up existing cW/TRUU PMM using max wallet balances at the reference USD ratio (section 11) +# bash scripts/deployment/add-mainnet-truu-pmm-topup.sh --pair=cwusdc-truu +``` + +--- + +## 7. Operational note + +Checklist items **1–5** are organizational and technical guardrails. Fulfilling them is **ongoing operations** (capital, bots, oracles), not a one-shot contract deploy. Use **section 6** scripts on a schedule or in CI when RPC and env are available. + +For live Mainnet public DODO cW pools, do not assume the full public DVM surface is available. Some rows should be treated as **partial DODO surface / integration-only**: reserve and mid-price getters work, but direct `querySellBase` / `querySellQuote` reads can revert and raw `sellBase` / `sellQuote` fallbacks are not considered safe. Prefer the repo-supported integration path and reserve-based quoting helpers for live operations. + +--- + +## 8. Implemented defaults (recommended baseline) + +These are the repo’s **default recommendations**; override with governance and fork tests. + +| Topic | Default | +|--------|---------| +| Volatile cW / TRUU pairs | **Both `cwusdt-truu` and `cwusdc-truu` are live** on Ethereum (see section 11). Keep **`publicRoutingEnabled: false`** in `deployment-status.json` until routers/GRU intentionally expose them; deepen reserves before scaling bots. | +| TRUU/USD reference | **Uniswap v3 TRUU/USDT** mid with short **TWAP/median**; second sanity source if available. | +| **`i` (initial price)** | Derive from DODO math for **base = cW (6 dp), quote = TRUU (10 dp)**; validate on **mainnet fork** before size. | +| Fee / k / TWAP | **30 bps**, **`k = 0.5e18`**, **TWAP off** (`deploy-mainnet-pmm-cw-truu-pool.sh` / `PMM_TRUU_*` env). | +| Peg rails | Keep **cW↔USDC/USDT** hub pools as peg venue; use **`peg-bands.json`** (normal / stress / circuit). | +| Bots | **Coordinator**; peg bots on hub rails **before** scaling TRUU/cW PMM; max trade **~0.25–0.5%** of smaller reserve (tune). | +| `deployment-status.json` | Mainnet **TRUU** anchor: `anchorAddresses.TRUU`. Live volatile rows: **`pmmPoolsVolatile[]`** with `role: "truu_routing"`, **`publicRoutingEnabled: false`** until routed. | +| Pilot | Small seed + **48–72h** observe with tight caps before scaling. | +| Compliance | Internal policy + counsel for public claims and scaled MM. | + +--- + +## 9. Can we go 1:1 cWUSD* with TRUU? + +**Yes for dollars, no for raw token counts** (unless TRUU happens to trade at exactly **$1.00 per full token**, which it does not today). + +- **cWUSDT / cWUSDC** are **USD-numeraire** wrappers (6 decimals): **1 unit ≈ 1 USD**. +- **TRUU** (10 decimals) trades at a **small USD price per full token** (e.g. on the order of **$0.00004** historically on Uniswap — always use a **fresh** reference). + +So: + +- **1:1 USD notional (recommended):** deposit **the same dollar value** of cW as of TRUU. Raw amounts differ: you need **far more TRUU units** than cW units for equal USD. +- **1:1 raw token amount:** would imply **1 TRUU ≈ 1 USD**, which is **inconsistent** with a market-priced TRUU unless you intentionally misprice the pool. + +**Raw amounts for equal USD per leg:** + +```text +base_amount_raw = usd_per_leg × 10^6 (cW, 6 decimals) +truu_tokens = usd_per_leg / truu_usd_price +quote_amount_raw = truu_tokens × 10^10 (TRUU, 10 decimals) +``` + +Use: + +```bash +TRUU_USD_PRICE= \ +USD_NOTIONAL_PER_LEG= \ +bash scripts/deployment/compute-mainnet-truu-pmm-seed-amounts.sh +``` + +Then pass `--base-amount` / `--quote-amount` into `deploy-mainnet-pmm-cw-truu-pool.sh` (still set `--initial-price` from DODO fork). + +--- + +## 10. Recording a live TRUU PMM pool + +After `createPool` + `addLiquidity`, append an object to **`chains."1".pmmPoolsVolatile`** in `cross-chain-pmm-lps/config/deployment-status.json`: + +```json +{ + "base": "cWUSDT", + "quote": "TRUU", + "poolAddress": "0xYourPoolFromCast", + "feeBps": 30, + "k": 500000000000000000, + "role": "truu_routing", + "publicRoutingEnabled": false +} +``` + +(`k` is the on-chain raw scalar `0.5e18`, same as in `deploy-mainnet-pmm-cw-truu-pool.sh`.) + +Run `node cross-chain-pmm-lps/scripts/validate-deployment-status.cjs` and `bash scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh`. + +If the pool is also listed as **active** under `publicPools` in `config/gru-transport-active.json`, `scripts/validation/validate-config-files.sh` resolves the address against **both** `pmmPools` and `pmmPoolsVolatile` on that chain. + +--- + +## 11. Live inventory (Ethereum mainnet, 2026-04) + +| Item | Value | +|------|--------| +| **DODO PMM integration** | `DODO_PMM_INTEGRATION_MAINNET` = `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` | +| **TRUU (anchor)** | `0xDAe0faFD65385E7775Cf75b1398735155EF6aCD2` (10 decimals) | +| **cWUSDT / TRUU pool** | `0x508E5e80B66204b8CD9869323Fdd3A289ea50993` | +| **cWUSDC / TRUU pool** | `0x9A632F35078b6A4A9bf27806Bb7aFfAA2F16C846` | +| **Shared `i` used at create** | `2482326199339289065` (align with fork/oracle before large adds if spot moves) | +| **Fee / k / TWAP** | 30 bps / `5e17` / off | + +**Last operator liquidity add (split across both volatile pools):** 2026-04-05 — cWUSDC/TRUU `addLiquidity` tx `0x014c5bb5f95550139ee63e2b290d3836766346f7cc1b6c145a2c9557d8b31833`; cWUSDT/TRUU `addLiquidity` tx `0x33ddde8b6b166552084debc40fc243ec1b46a1960898ba8520e37d50ed516dea`. Reserves move with trades; confirm live with `cast call "getVaultReserve()(uint256,uint256)" --rpc-url $ETHEREUM_MAINNET_RPC`. + +**Canonical JSON:** `cross-chain-pmm-lps/config/deployment-status.json` → `chains."1".pmmPoolsVolatile[]`. + +**Top up existing pools (ratio-matched add):** + +```bash +source smom-dbis-138/scripts/load-env.sh +# Wallet must hold both cW (6 dp) and TRUU (10 dp); uses max amounts that fit the reference ratio +bash scripts/deployment/add-mainnet-truu-pmm-topup.sh --pair=cwusdt-truu +bash scripts/deployment/add-mainnet-truu-pmm-topup.sh --pair=cwusdc-truu +``` + +**Keep wallet inventory for trading (same ratio, partial add):** `--reserve-bps=2000` keeps **20%** of the computed ratio-matched bundle on the deployer and adds **80%** (adjust bps to taste). + +```bash +bash scripts/deployment/add-mainnet-truu-pmm-topup.sh --pair=cwusdt-truu --reserve-bps=2000 +bash scripts/deployment/add-mainnet-truu-pmm-fund-both-pools.sh --reserve-bps=2000 +``` + +Or call `deploy-mainnet-pmm-cw-truu-pool.sh` directly with explicit `--base-amount` / `--quote-amount` (skips `createPool` when the pair exists). + +### 11.1 Large adds (under **$125k cW per pool**, 1:1 USD legs) + +Operator-confirmed cap: **up to $125,000** notional on the **cW** leg **per** volatile pool (cWUSDT/TRUU and cWUSDC/TRUU are separate — full cap needs **both** cW tokens and **two** TRUU quote legs). + +**Compute `base_raw` / `quote_raw` for any USD per leg:** + +```bash +bash scripts/deployment/compute-mainnet-truu-liquidity-amounts.sh --usd-per-leg=125000 +``` + +**Reference ladder (same ratio as historical seeds, `B_ref=1_500_000`, `Q_ref=372_348_929_900_893`):** + +| cW USD / leg | `base_raw` | `quote_raw` (TRUU) | +|--------------|------------|---------------------| +| 50,000 | `50000000000` | `12411630996696433333` | +| 100,000 | `100000000000` | `24823261993392866666` | +| 125,000 | `125000000000` | `31029077491741083333` | + +**Pre-flight (deployer must hold balances + ETH gas):** + +```bash +source smom-dbis-138/scripts/load-env.sh +D=$(cast wallet address --private-key "$PRIVATE_KEY") +# cWUSDT, cWUSDC, TRUU balances ≥ planned add; TRUU for *both* pools = 2× quote if same USD each +``` + +**Before max adds:** re-validate **`i`** vs Uniswap TRUU/USDT (TWAP/median) and/or **mainnet fork** — stale `i` at **$100k+** clips is high risk. + +**Optional verifier pair** (extra cast check beyond `pmmPoolsVolatile[]`): + +```bash +PMM_TRUU_BASE_TOKEN=0x... PMM_TRUU_QUOTE_TOKEN=0xDAe0faFD65385E7775Cf75b1398735155EF6aCD2 \ + bash scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh +``` + +**Still optional / operational (not closed by deploy alone):** checklist sections 1–5 (oracle/TWAP for TRUU, `i` refresh automation, peg bots on hub rails, coordinator, telemetry). **Security:** rotate deployer key if `PRIVATE_KEY` was ever echoed to logs. **Stricter depth gate:** `MIN_POOL_RESERVE_RAW=1000000 bash scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh` (tune threshold to policy). diff --git a/docs/03-deployment/MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN.md b/docs/03-deployment/MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN.md new file mode 100644 index 00000000..f4f35f01 --- /dev/null +++ b/docs/03-deployment/MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN.md @@ -0,0 +1,112 @@ +# Mainnet Standard DODO Pool Migration Plan + +**Purpose:** replace partial-surface Mainnet cW public pools with canonical full-surface DODO pools so routing, explorers, and indexers can treat them as ordinary DODO venues. + +## 1. Audit the current factory path + +Run: + +```bash +bash scripts/verify/audit-mainnet-dodo-standard-pool-readiness.sh +``` + +This reports: + +- `DODO_PMM_INTEGRATION_MAINNET` +- `dodoVendingMachine()` on the live integration +- runtime code size for the integration, factory, and each recorded pool +- integration mapping vs env-backed pool address +- `querySellBase` / `querySellQuote` probe status +- whether `hasStandardPoolSurface(pool)` is set + +## 2. Target state + +Each replacement pool should satisfy all of the following: + +- canonical factory-backed creation path +- `_BASE_TOKEN_` / `_QUOTE_TOKEN_` match the intended pair +- `getVaultReserve`, `getMidPrice`, `_BASE_RESERVE_`, `_QUOTE_RESERVE_` succeed +- `querySellBase` and `querySellQuote` succeed after liquidity is added +- `refreshPoolSurface(pool)` returns `true` + +The integration now enforces this for future create-and-seed flows in `smom-dbis-138/contracts/dex/DODOPMMIntegration.sol`. + +## 3. Files and scripts to update during replacement rollout + +### 3.1 Canonical creation and verification path + +- `smom-dbis-138/contracts/dex/DODOPMMIntegration.sol` + This is now the contract-level guardrail. Future replacement pools should be created through this integration and validated after liquidity. +- `smom-dbis-138/script/dex/DeployDODOPMMIntegration.s.sol` + Confirms which `DODO_VENDING_MACHINE_ADDRESS` is wired into the integration deployment. +- `scripts/deployment/deploy-mainnet-public-dodo-wave1-pool.sh` + Main operator entrypoint for creating and seeding replacement Mainnet cW public pools. +- `scripts/verify/check-mainnet-public-dodo-cw-bootstrap-pools.sh` + Post-migration verification for mapping, reserves, and dry-run routability. +- `scripts/verify/audit-mainnet-dodo-standard-pool-readiness.sh` + Migration audit for factory path and standard-surface readiness. + +### 3.2 Address and env inventory + +Update the env-backed pool address references used by scripts and operators: + +- root `.env` +- `.env.master.example` + +Pool keys to review and replace as each migration lands: + +- `POOL_CWUSDT_USDC_MAINNET` +- `POOL_CWUSDC_USDC_MAINNET` +- `POOL_CWUSDT_USDT_MAINNET` +- `POOL_CWUSDC_USDT_MAINNET` +- `POOL_CWEURC_USDC_MAINNET` +- `POOL_CWGBPC_USDC_MAINNET` +- `POOL_CWAUDC_USDC_MAINNET` +- `POOL_CWCADC_USDC_MAINNET` +- `POOL_CWJPYC_USDC_MAINNET` +- `POOL_CWCHFC_USDC_MAINNET` + +Also confirm: + +- `DODO_PMM_INTEGRATION_MAINNET` +- `DODO_VENDING_MACHINE_ADDRESS` for the deployment context that creates replacement pools +- any explicit mainnet DODO factory env, if introduced for stricter deployment controls + +### 3.3 Routing and public status surfaces + +Update the public inventories that describe the active pool set: + +- `config/smart-contracts-master.json` + Add or replace canonical Mainnet DODO pool references if this file is used as the public address source of truth. +- `config/aggregator-route-matrix.csv` +- `config/aggregator-route-matrix.json` + Update any rows that embed legacy pool addresses or notes. +- `docs/11-references/PMM_DEX_ROUTING_STATUS.md` +- `docs/03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md` + Remove partial-surface caveats only after every active public pool in scope has been replaced and validated. + +### 3.4 Swap and operational helpers + +Review helpers that may have embedded assumptions or pool references: + +- `scripts/deployment/run-mainnet-public-dodo-cw-swap.sh` +- `scripts/deployment/plan-mainnet-cw-stabilization.sh` +- `scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh` +- `scripts/verify/check-full-deployment-status.sh` +- `scripts/README.md` +- `scripts/verify/README.md` + +## 4. Recommended rollout sequence + +1. Audit the current integration/factory/pool path with `audit-mainnet-dodo-standard-pool-readiness.sh`. +2. Confirm the live integration is wired to the intended canonical DODO factory or adapter. +3. Deploy one replacement pool for a single pair through the integration. +4. Seed liquidity through `addLiquidity(...)`; this now fails unless the pool exposes the standard quote surface. +5. Call `refreshPoolSurface(pool)` and confirm `hasStandardPoolSurface(pool) == true`. +6. Update env/config references for that pair. +7. Run `check-mainnet-public-dodo-cw-bootstrap-pools.sh` and the relevant dry-run/live swap checks. +8. Repeat pair-by-pair, then retire the legacy pool references from public docs and route inventories. + +## 5. Immediate migration risk to watch + +Because replacement is address-based, any public explorer, route matrix, or env file that still points at the old pool will continue to show the legacy partial-surface behavior even after a correct replacement pool exists. The migration only becomes visible to routers and indexers after those references are updated. diff --git a/docs/03-deployment/NEXT_STEPS_PMM_FULL_PARITY_AND_ALL_POOLS.md b/docs/03-deployment/NEXT_STEPS_PMM_FULL_PARITY_AND_ALL_POOLS.md index cfe0667e..cdd3b00b 100644 --- a/docs/03-deployment/NEXT_STEPS_PMM_FULL_PARITY_AND_ALL_POOLS.md +++ b/docs/03-deployment/NEXT_STEPS_PMM_FULL_PARITY_AND_ALL_POOLS.md @@ -1,6 +1,6 @@ # Next Steps: Full Parity and Deploy All PMM Pools -> Historical note (2026-03-26): this document captures an earlier parity plan. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`, with the desired-state mesh reconciled. Use [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) and [LIQUIDITY_POOLS_MASTER_MAP.md](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md) for live status. +> Historical note (2026-04-02): this document captures an earlier parity plan. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`, with the desired-state mesh reconciled. Use [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) and [LIQUIDITY_POOLS_MASTER_MAP.md](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md) for live status. **Last Updated:** 2026-02-28 **Purpose:** Ordered list of steps to achieve full PMM parity and deploy all DODO PMM pools (Chain 138 first, then multichain). @@ -11,7 +11,7 @@ | Scope | DODOPMMIntegration | Pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC) | DODOPMMProvider | Liquidity | |-------|--------------------|-----------------------------------------------|-----------------|-----------| -| **Chain 138** | Deployed (`0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`) | Reconciled (addresses in ADDRESS_MATRIX / LIQUIDITY_POOLS_MASTER_MAP) | Deployed (`0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`) | Public stable and XAU pools funded | +| **Chain 138** | Deployed (`0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`) | Reconciled (addresses in ADDRESS_MATRIX / LIQUIDITY_POOLS_MASTER_MAP) | Deployed (`0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`) | Public stable and XAU pools funded | | **L2s (BSC, Polygon, Base, etc.)** | Script exists (`deploy-pmm-all-l2s.sh`) | Not created | Not deployed | N/A | | **cW* mesh (11 chains)** | Design only | 111 pools in design | Not deployed | N/A | @@ -30,9 +30,9 @@ 2. **Verify or create the three PMM pools** - Pools (from PRE_DEPLOYMENT_CHECKLIST / .env): - - cUSDT/cUSDC: `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` - - cUSDT/USDT: `0x6fc60DEDc92a2047062294488539992710b99D71` - - cUSDC/USDC: `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` + - cUSDT/cUSDC: `0x9e89bAe009adf128782E19e8341996c596ac40dC` + - cUSDT/USDT: `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` + - cUSDC/USDC: `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` - If any pool is missing on-chain, create it: - `forge script script/dex/CreateCUSDTCUSDCPool.s.sol:CreateCUSDTCUSDCPool --rpc-url "$RPC_URL_138" --broadcast --private-key "$PRIVATE_KEY"` - `forge script script/dex/CreateCUSDTUSDTPool.s.sol:CreateCUSDTUSDTPool --rpc-url "$RPC_URL_138" --broadcast --private-key "$PRIVATE_KEY"` @@ -44,12 +44,12 @@ - Run: `forge script script/liquidity/RegisterDODOPools.s.sol:RegisterDODOPools --rpc-url "$RPC_URL_138" --broadcast --private-key "$PRIVATE_KEY"`. 4. **Add liquidity to all three pools** - - Approve base/quote tokens to `DODOPMMIntegration` (`0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`). + - Approve base/quote tokens to `DODOPMMIntegration` (`0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`). - Call `DODOPMMIntegration.addLiquidity(pool, baseAmount, quoteAmount)` for each pool. See [DODO_PMM_INTEGRATION.md](../../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md). - **Forge script:** `forge script script/dex/AddLiquidityPMMPoolsChain138.s.sol:AddLiquidityPMMPoolsChain138 --rpc-url "$RPC_URL_138" --broadcast --private-key "$PRIVATE_KEY"` with env `ADD_LIQUIDITY_BASE_AMOUNT` and `ADD_LIQUIDITY_QUOTE_AMOUNT` (e.g. `1000000e6`). Or use **full-parity runner:** `./scripts/deployment/run-pmm-full-parity-all-phases.sh` (Phase 1 creates pools in parallel, registers, then adds liquidity when amounts are set). -5. **Optional: Deploy EnhancedSwapRouter (Chain 138)** - - Only after Uniswap/Balancer (or other DEX) pools exist on 138; configure quoter and pool IDs. See [PMM_DEX_ROUTING_STATUS.md](../11-references/PMM_DEX_ROUTING_STATUS.md) §5. +5. **Optional: Keep router-v2 and the pilot venue layer verified** + - `EnhancedSwapRouterV2` plus the funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are already live on Chain 138. Re-run `bash scripts/verify/check-chain138-pilot-dex-venues.sh` after venue funding, planner publication, or token-aggregation changes. 6. **Update docs** - Set [PMM_DEX_ROUTING_STATUS.md](../11-references/PMM_DEX_ROUTING_STATUS.md) to “pools created” and “liquidity added” when done. diff --git a/docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md b/docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md index 6f630c27..c6eb26f6 100644 --- a/docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md +++ b/docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md @@ -241,7 +241,7 @@ Indonesia / BNI slice (executable tasks): [DBIS_OMNL_INDONESIA_BNI_E2E_EXECUTABL |------------|---------|--------| | **IBAN**, **BBAN**, **national account** | **`fiat_rail_ref`** (normalized + hash for display) | RTGS and correspondent legs; ISO 20022 account servicer references. | | **BIC / BEI** | Same bundle as IBAN | Institution routing. | -| **WEB3-ETH-IBAN** (or institution-specific *Ethereum account alias* schemes) | **Alias** that **resolves** to `vault_root_address` or an allowed EOA/smart account | Not a replacement for LEI: it is a **routing/presentation** layer. Store: `alias_type`, `alias_value`, `resolved_address`, `chain_id` (138), `valid_from` / `valid_to`, `lei` (parent entity). | +| **WEB3-ETH-IBAN** (or institution-specific *Ethereum account alias* schemes) | **Alias** that **resolves** to `vault_root_address` or an allowed EOA/smart account | Not a replacement for LEI: it is a **routing/presentation** layer. Store: `alias_type`, `alias_value`, `resolved_address`, `chain_id` (138), `valid_from` / `valid_to`, `lei` (parent entity). Schema: `web3_eth_iban` in [`address-registry-entry.schema.json`](../../config/dbis-institutional/schemas/address-registry-entry.schema.json). **XE… encoding** (vs bank IBAN) and validation: [`config/dbis-institutional/README.md`](../../config/dbis-institutional/README.md). | ### 13.3 Instruments and custody (what is held) diff --git a/docs/03-deployment/OPERATIONAL_RUNBOOKS.md b/docs/03-deployment/OPERATIONAL_RUNBOOKS.md index 38b60d53..5358776a 100644 --- a/docs/03-deployment/OPERATIONAL_RUNBOOKS.md +++ b/docs/03-deployment/OPERATIONAL_RUNBOOKS.md @@ -210,7 +210,12 @@ If an RPC node returns wrong chain ID or block 0 / no block: use the dedicated r ## Liquidity & Multi-Chain (cUSDT/cUSDC) - **[CUSDT_CUSDC_MULTICHAIN_LIQUIDITY_RUNBOOK.md](../../smom-dbis-138/docs/deployment/CUSDT_CUSDC_MULTICHAIN_LIQUIDITY_RUNBOOK.md)** — Deploy cUSDT/cUSDC to other chains (Ethereum, BSC, Polygon, Base, etc.); create Dodo PMM and Uniswap pools; add to Balancer, Curve. Scripts: `deploy-cusdt-cusdc-all-chains.sh`, `deploy-pmm-all-l2s.sh`, `create-uniswap-v3-pool-cusdt-cusdc.sh`. +- **[USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md](USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md)** — Deploy native public-chain `USDW` -> `cWUSDW` wrap vault and share `cWUSDW` roles with the GRU bridge; BSC re-use, Polygon-first deployment gate. +- **[AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md](AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md)** — ALL Mainnet `AUSDT` origin pins, public `cWAUSDT` mirrors, and the activation gate for landing on Chain 138 as `cAUSDT`. +- **[CXAUC_CXAUT_CWAXAUC_CWAXAUT_ALLTRA_BRIDGE_CHECKLIST.md](CXAUC_CXAUT_CWAXAUC_CWAXAUT_ALLTRA_BRIDGE_CHECKLIST.md)** — ALL Mainnet gold corridor: `cXAUC/cXAUT` source assets, `cWAXAUC/cWAXAUT` bridge-minted ALL Mainnet wrappers, `cAXAUC/cAXAUT` unwrapped landing assets, and the activation gate. +- **[WORMHOLE_NTT_EXECUTOR_OPERATOR_RUNBOOK.md](WORMHOLE_NTT_EXECUTOR_OPERATOR_RUNBOOK.md)** — Wormhole NTT + Executor operator preparation, NTT CLI bootstrap, and the current Chain 138 support boundary. - **[LIQUIDITY_POOL_CONTROLS_RUNBOOK.md](LIQUIDITY_POOL_CONTROLS_RUNBOOK.md)** — Trustless LiquidityPoolETH, DODO PMM, PoolManager, LiquidityManager controls and funding. +- **[MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md](MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md)** — Ethereum mainnet: TRUU PMM liquidity, cWUSD* peg maintenance, deeper deployed pools, bot guardrails; verifier `scripts/verify/check-mainnet-pmm-peg-bot-readiness.sh`; deploy `scripts/deployment/deploy-mainnet-pmm-cw-truu-pool.sh`; USD-notional seed helper `scripts/deployment/compute-mainnet-truu-pmm-seed-amounts.sh`; ratio-matched top-up `scripts/deployment/add-mainnet-truu-pmm-topup.sh` (section 11 live inventory); large 1:1 USD legs `scripts/deployment/compute-mainnet-truu-liquidity-amounts.sh` (section 11.1). - **Runbooks master index:** [../RUNBOOKS_MASTER_INDEX.md](../RUNBOOKS_MASTER_INDEX.md) — All runbooks across the repo. --- @@ -272,7 +277,20 @@ ssh root@192.168.11.11 "tail -f /opt/smom-dbis-138/services/relay/relay-service. ssh root@192.168.11.11 "pkill -f 'node index.js' 2>/dev/null; sleep 2; cd /opt/smom-dbis-138/services/relay && nohup ./start-relay.sh >> relay-service.log 2>&1 &" ``` -**Configuration:** Uses **RPC_URL_138_PUBLIC** (VMID 2201, 192.168.11.221:8545) for Chain 138; `START_BLOCK=latest`. +**Configuration:** Uses **RPC_URL_138_PUBLIC** for Chain 138 (VMID 2201). On the relay host (LAN): `http://192.168.11.221:8545`. For **published** URLs and checks from the internet, use **HTTPS FQDN** `https://rpc-http-pub.d-bis.org`. `START_BLOCK=latest`. + +### XDC Zero + Chain 138 (parallel to CCIP) + +- **[CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md](CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md)** — Endpoint + CSC + second relayer pair (XDC mainnet `https://rpc.xinfin.network` ↔ Chain 138); does **not** replace subnet↔parent XDC-Relayer. +- **Troubleshooting:** [CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md](CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md) (pending txs, Hardhat hangs, SimpleCsc vs production CSC). + +### OP Stack Standard Rollup (Ethereum mainnet, Superchain registry) + +- **[OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md](OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md)** — Greenfield OP Stack L2 on Ethereum mainnet, Standard Rollup / `superchain_level = 2` path; **parallel** to Besu Chain 138. +- **L2 ↔ Besu 138 (optional bridging):** [OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md](OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md) +- **Config / scripts:** [`config/op-stack-superchain/README.md`](../../config/op-stack-superchain/README.md), [`scripts/op-stack/README.md`](../../scripts/op-stack/README.md) +- **Pointer:** [../07-ccip/XDC_ZERO_CHAIN138.md](../07-ccip/XDC_ZERO_CHAIN138.md) · [`config/xdc-zero/`](../../config/xdc-zero/) · [`scripts/xdc-zero/`](../../scripts/xdc-zero/) · `bash scripts/xdc-zero/run-xdc-zero-138-operator-sequence.sh` +- **systemd:** [`config/systemd/xdc-zero-relayer-138-pair.example.service`](../../config/systemd/xdc-zero-relayer-138-pair.example.service) (`node dist/server.js`) + [`config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults`](../../config/xdc-zero/xdc-zero-relayer-138-pair.example.defaults). Use [`config/xdc-zero/xdc-relayer.dotenv.example`](../../config/xdc-zero/xdc-relayer.dotenv.example) only for a clone-local relayer `.env`. Core `192.168.11.211:8545` is operator-only; relayer/service `SUBNET_URL` should use `https://rpc-http-pub.d-bis.org`. ### CCIP Deployment @@ -379,7 +397,7 @@ ssh root@192.168.11.11 "pkill -f 'node index.js' 2>/dev/null; sleep 2; cd /opt/s | # | Task | Frequency | Command / Script | |---|------|------------|------------------| | 135 | Monitor explorer sync status | Daily | `curl -s http://192.168.11.140:4000/api/v1/stats | jq .indexer` or Blockscout admin; check indexer lag | -| 136 | Monitor RPC node health (e.g. VMID 2201) | Daily | `bash scripts/verify/verify-backend-vms.sh`; `curl -s -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' $RPC_URL_138_PUBLIC` (or http://192.168.11.221:8545) | +| 136 | Monitor RPC node health (e.g. VMID 2201) | Daily | `bash scripts/verify/verify-backend-vms.sh`; `curl -s -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'` to **`$RPC_URL_138_PUBLIC`** — prefer **`https://rpc-http-pub.d-bis.org`** when not on LAN; on LAN, `http://192.168.11.221:8545` is OK | | 137 | Check config API uptime | Weekly | `curl -sI https://dbis-api.d-bis.org/health` or target config API URL | | 138 | Review explorer logs **(O-4)** | Weekly | See **O-4** below. `ssh root@ "journalctl -u blockscout -n 200 --no-pager"` or `pct exec 5000 -- journalctl -u blockscout -n 200 --no-pager`. Explorer: VMID 5000 (r630-02, 192.168.11.140). | | 139 | Update token list **(O-5)** | As needed | See **O-5** below. Canonical list: `token-lists/lists/dbis-138.tokenlist.json`. Guide: [TOKEN_LIST_AUTHORING_GUIDE.md](../11-references/TOKEN_LIST_AUTHORING_GUIDE.md). Bump `version` and `timestamp`; validate schema; deploy/public URL per runbook. | @@ -388,15 +406,15 @@ ssh root@192.168.11.11 "pkill -f 'node index.js' 2>/dev/null; sleep 2; cd /opt/s **O-5 (Update token list, as needed):** Edit `token-lists/lists/dbis-138.tokenlist.json`; bump `version.major|minor|patch` and `timestamp`; run validation (see TOKEN_LIST_AUTHORING_GUIDE); update any public URL (e.g. tokens.d-bis.org) and explorer/config API token list reference. -**Script:** `scripts/maintenance/daily-weekly-checks.sh [daily|weekly|all]` — daily: explorer, RPC, indexer lag, in-CT disk (138b); weekly: config API, thin pool all hosts (138a), fstrim (138c), journal vacuum (138d). **Cron:** `schedule-daily-weekly-cron.sh --install` (daily 08:00, weekly Sun 09:00). **Storage:** `schedule-storage-growth-cron.sh --install` (collect every 6h, prune snapshots+history Sun 08:00); `schedule-storage-monitor-cron.sh --install` (host alerts daily 07:00). See [04-configuration/STORAGE_GROWTH_AND_HEALTH.md](../04-configuration/STORAGE_GROWTH_AND_HEALTH.md). +**Script:** `scripts/maintenance/daily-weekly-checks.sh [daily|weekly|all]` — daily: explorer, RPC, indexer lag, in-CT disk (138b); weekly: config API, thin pool all hosts (138a), fstrim (138c), journal vacuum (138d). **Cron:** install from a persistent host checkout, e.g. `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-daily-weekly-cron.sh --install` (daily 08:00, weekly Sun 09:00). **Storage:** `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-storage-growth-cron.sh --install` (collect every 6h, prune snapshots+history Sun 08:00); `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-storage-monitor-cron.sh --install` (host alerts daily 07:00). See [04-configuration/STORAGE_GROWTH_AND_HEALTH.md](../04-configuration/STORAGE_GROWTH_AND_HEALTH.md). ### When decommissioning or changing RPC nodes -**Explorer (VMID 5000) depends on RPC** at `ETHEREUM_JSONRPC_HTTP_URL` (use **RPC_URL_138_PUBLIC** = VMID 2201, 192.168.11.221:8545). When you **decommission or change the IP of an RPC node** that Blockscout might use: +**Explorer (VMID 5000) depends on RPC** at `ETHEREUM_JSONRPC_HTTP_URL`. Point it at **VMID 2201** (public Besu). Prefer **`https://rpc-http-pub.d-bis.org`** in Blockscout when the indexer reaches RPC over NPM/tunnel; on-LAN-only installs may use `http://192.168.11.221:8545`. When you **decommission or change the IP of an RPC node** that Blockscout might use: 1. **Check** Blockscout env on VM 5000: `pct exec 5000 -- bash -c 'grep -E "ETHEREUM_JSONRPC|RPC" /opt/blockscout/.env 2>/dev/null || docker inspect blockscout 2>/dev/null | grep -A5 Env'` (run from root@r630-02, 192.168.11.12). -2. **If** it points to the affected node, **update** to a live RPC (set to `$RPC_URL_138_PUBLIC` or http://192.168.11.221:8545) in Blockscout env and **restart** Blockscout. +2. **If** it points to the affected node, **update** to a live RPC (set `ETHEREUM_JSONRPC_HTTP_URL` to **`https://rpc-http-pub.d-bis.org`** or, on LAN, `http://192.168.11.221:8545`) in Blockscout env and **restart** Blockscout. 3. **Update** any script defaults and `config/ip-addresses.conf` / docs that reference the old RPC. See **[BLOCKSCOUT_FIX_RUNBOOK.md](BLOCKSCOUT_FIX_RUNBOOK.md)** § "Proactive: When changing RPC or decommissioning nodes" and **[SOLACESCANSCOUT_DEEP_DIVE_FIXES_AND_TIMING.md](../04-configuration/verification-evidence/SOLACESCANSCOUT_DEEP_DIVE_FIXES_AND_TIMING.md)**. @@ -540,6 +558,8 @@ See [BLOCKSCOUT_FIX_RUNBOOK.md](BLOCKSCOUT_FIX_RUNBOOK.md). | Update token list **(O-5)** | As needed | Runbook [139] above; `token-lists/lists/dbis-138.tokenlist.json`; [TOKEN_LIST_AUTHORING_GUIDE.md](../11-references/TOKEN_LIST_AUTHORING_GUIDE.md) | | NPMplus backup | When NPMplus is up | `scripts/verify/backup-npmplus.sh` | | Validator key/config backup | Per backup policy | W1-8; [BACKUP_AND_RESTORE.md](BACKUP_AND_RESTORE.md) | +| Ensure FireFly primary (6200) | As needed | `scripts/maintenance/ensure-firefly-primary-via-ssh.sh` (r630-02) | +| Ensure Fabric sample network (6000) | As needed | `scripts/maintenance/ensure-fabric-sample-network-via-ssh.sh` (r630-02) | | Start firefly-ali-1 (6201) | Optional, when needed | `scripts/maintenance/start-firefly-6201.sh` (r630-02) | --- diff --git a/docs/03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md b/docs/03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md new file mode 100644 index 00000000..46aa1ffc --- /dev/null +++ b/docs/03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md @@ -0,0 +1,29 @@ +# OP Stack L2 ↔ Besu Chain 138 — integration notes + +**Last updated:** 2026-04-01 +**Purpose:** Optional follow-on after a **Standard Rollup** L2 is live on Ethereum. **Not** part of superchain-registry listing. **Does not** extend [XDC-Zero](CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) unless you design a separate pairing. + +## Architecture reminder + +| Network | Stack | Role in DBIS landscape | +|---------|--------|-------------------------| +| Besu **Chain 138** (EIP-155:138) | Besu + contracts + XDC-Zero | Core DBIS chain; XDC parent ↔ 138 via XDC-Relayer pattern | +| New **OP Stack L2** | `op-node` / `op-geth` + L1 Ethereum | Superchain-aligned rollup; **separate chain ID** from 138 | + +## If you need asset or message flow L2 ↔ 138 + +1. **Treat as a new bridge program** — pick one or combine: + - **CCIP** (patterns in `smom-dbis-138` / [ALL_MAINNETS_DEPLOYMENT_RUNBOOK.md](../../smom-dbis-138/docs/deployment/ALL_MAINNETS_DEPLOYMENT_RUNBOOK.md)) once router/onramps exist for **your** L2 chain id. + - **Custom lock/mint** or **canonical bridge** contracts audited for your token policy. + +2. **Update machine-readable config after addresses exist** + - [`config/token-mapping-multichain.json`](../../config/token-mapping-multichain.json) — add the L2 chain id and pairs. + - [`docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md`](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) / [`ADDRESS_MATRIX_AND_STATUS.md`](../11-references/ADDRESS_MATRIX_AND_STATUS.md) as your process requires. + +3. **Keep XDC-Zero scope clear** + - XDC-Zero runbooks address **XDC Network ↔ Chain 138**. + - Do not repoint the 138↔XDC relayer to serve the OP L2 without a dedicated design review. + +## Ordering + +Complete [OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md](OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md) through **Phase 4** (registry) before investing in L2↔138 bridging. diff --git a/docs/03-deployment/OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md b/docs/03-deployment/OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md new file mode 100644 index 00000000..0377f091 --- /dev/null +++ b/docs/03-deployment/OP_STACK_STANDARD_ROLLUP_SUPERCHAIN_RUNBOOK.md @@ -0,0 +1,150 @@ +# OP Stack Standard Rollup — Ethereum mainnet E2E (Superchain) + +**Last updated:** 2026-04-01 +**Purpose:** Operator end-to-end path for a **greenfield** OP Stack L2 on **Ethereum mainnet** targeting **Standard Rollup** status (`superchain_level = 2`) in [superchain-registry](https://github.com/ethereum-optimism/superchain-registry). Runs **in parallel** to Besu **Chain 138**; see [OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md](OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md). + +**Scaffolding:** [`config/op-stack-superchain/`](../../config/op-stack-superchain/) · **Scripts:** [`scripts/op-stack/README.md`](../../scripts/op-stack/README.md) + +**Official references:** + +- [Deploy the OP Stack](https://docs.optimism.io/) +- [Blockspace and Standard Rollup Charters](https://docs.optimism.io/op-stack/protocol/blockspace-charter) +- [superchain-registry](https://docs.optimism.io/op-stack/protocol/superchain-registry) +- [op-deployer](https://docs.optimism.io/chain-operators/tools/op-deployer/overview) +- [Adding a chain (registry ops)](https://github.com/ethereum-optimism/superchain-registry/blob/main/docs/ops.md#adding-a-chain) +- [Standard Rollup Charter](https://github.com/ethereum-optimism/OPerating-manual/blob/main/policies/Standard%20Rollup%20Charter.md) + +--- + +## Phase 0 — Prerequisites (before mainnet) + +1. **Freeze governance inputs** + - Run `bash scripts/op-stack/fetch-standard-mainnet-toml.sh` and diff against prior cache. + - Record pins in `config/op-stack-superchain/pinned-versions.manifest.example.yaml` → copy to `deployed/pinned-versions.manifest.yaml` (gitignored). + +2. **L2 chain ID** + - Choose a **unique** L2 chain ID **distinct from** Besu `138` unless you explicitly accept tooling collision. Document in the manifest. + +3. **Keys and roles** + - Complete [`config/op-stack-superchain/key-custody-checklist.example.md`](../../config/op-stack-superchain/key-custody-checklist.example.md) internally. + - Align admin/upgrade roles with [standard-config-roles-mainnet.toml](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-config-roles-mainnet.toml). + +4. **Capacity** + - L1 ETH for deployment, batch posting, proposals, challenger assumptions. + - HA capacity for sequencer pair, batcher, proposer, challenger, replicas. + +5. **Standard Rollup constraints (summary)** + - Ethereum **canonical** DA (not alt-DA). + - No custom modified **system** contracts for Standard status. + - OP Stack **version / bytecode** must match governance-approved [standard-versions-mainnet.toml](https://github.com/ethereum-optimism/superchain-registry/blob/main/validation/standard/standard-versions-mainnet.toml). + +### Recommended operator landing zone (Proxmox) + +To keep deployment/runtime work **off** an operator workstation, provision the dedicated OP Stack CTs on **`r630-02`** using **`thin5`**: + +- **5751** `op-stack-deployer-1` — `192.168.11.69` — `op-deployer`, `op-validator`, manifest and artifact handling +- **5752** `op-stack-ops-1` — `192.168.11.70` — sequencer/runtime bootstrap, service envs, systemd staging + +Create and bootstrap them with: + +```bash +bash scripts/deployment/provision-op-stack-operator-lxcs.sh +``` + +That script installs baseline tooling, enables SSH for `opuser`, and copies the repo's OP Stack scaffolding into `/opt/op-stack-bootstrap/` inside each CT. + +Live landing-zone state as of **2026-04-01**: + +- **5751** `op-stack-deployer-1` is provisioned on **`r630-02`** (`192.168.11.12`) at **`192.168.11.69`** +- **5752** `op-stack-ops-1` is provisioned on **`r630-02`** (`192.168.11.12`) at **`192.168.11.70`** +- the bootstrap cache is already seeded inside `/opt/op-stack-bootstrap/config/op-stack-superchain/cache/`, so a rerun does not need to re-fetch TOMLs unless `OP_STACK_REFRESH_TOMLS=1` + +--- + +## Phase 1 — Sepolia rehearsal (gate before mainnet) + +Use the **same** `op-deployer` / contract **release** you intend for mainnet. + +1. Install tooling per [Optimism chain operator docs](https://docs.optimism.io/) (`op-deployer`, `op-node`, `op-reth`, `op-batcher`, `op-proposer`, `op-challenger`, `op-validator` — exact packages follow your pinned version). Keep `op-geth` only as a temporary legacy fallback. + +2. Deploy L1 system contracts + L2 genesis on **Sepolia** via `op-deployer` (follow current CLI in upstream docs). + +3. Run `op-validator` against generated artifacts; fix until clean. + +4. Start **sequencer** (`op-node` + `op-reth`), **op-batcher**, **op-proposer**, **op-challenger**. + +5. **E2E on test L2:** deposit / withdraw, failover drill (sequencer or batcher), 24–72h soak. + +6. **Exit gate:** signed-off validator output, soak logs, frozen version manifest committed to CMDB. + +**Checklist:** `bash scripts/op-stack/print-sepolia-rehearsal-checklist.sh` + +--- + +## Phase 2 — Mainnet deploy + +1. Verify manifest pins still match **mainnet** `standard-versions-mainnet.toml`. + +2. Run `op-deployer` against **Ethereum mainnet**; capture all L1 addresses and L2 genesis / rollup config. + +3. Run `op-validator` on **mainnet** artifacts **before** registry PR. + +4. Record non-secret outputs under `config/op-stack-superchain/deployed/` (see [`deployed/README.md`](../../config/op-stack-superchain/deployed/README.md)). + +**Checklist:** `bash scripts/op-stack/print-mainnet-deploy-checklist.sh` + +--- + +## Phase 3 — Mainnet operations + +1. Start sequencer (HA as required), batcher, proposer, challenger. + +2. Expose **replica RPC** (and optional WS) with rate limits and monitoring: sync lag, L1 gas, batch submission, proposals, challenger health. + +3. **Mainnet E2E:** small production deposit/withdraw; document comms and rollback posture. + +**Checklist:** `bash scripts/op-stack/print-mainnet-ops-checklist.sh` + +4. **systemd templates:** [`op-stack-op-reth.example.service`](../../config/systemd/op-stack-op-reth.example.service) (preferred execution), [`op-stack-sequencer.example.service`](../../config/systemd/op-stack-sequencer.example.service) (legacy `op-geth` fallback), [`op-stack-op-node.example.service`](../../config/systemd/op-stack-op-node.example.service) (consensus), [`op-stack-batcher.example.service`](../../config/systemd/op-stack-batcher.example.service), [`op-stack-proposer.example.service`](../../config/systemd/op-stack-proposer.example.service), [`op-stack-challenger.example.service`](../../config/systemd/op-stack-challenger.example.service) — adjust `User`, `WorkingDirectory`, `EnvironmentFile`, and binary paths to match your install. + +--- + +## Phase 4 — Superchain registry (Standard status) + +1. Follow [Adding a chain](https://github.com/ethereum-optimism/superchain-registry/blob/main/docs/ops.md#adding-a-chain): local validation, then PR to [superchain-registry](https://github.com/ethereum-optimism/superchain-registry). + +2. Complete **Optimism Foundation** off-chain checks (unique chain ID, security configuration, governance authenticity) per [charter / docs](https://docs.optimism.io/op-stack/protocol/blockspace-charter). + +3. Target `superchain_level = 2` only after automated + governance promotion. + +4. After merge, use `--network` / `--op-network` flags per [registry hard-fork inheritance docs](https://docs.optimism.io/op-stack/protocol/superchain-registry). + +**Checklist script:** `bash scripts/op-stack/registry-pr-checklist.sh` + +--- + +## Phase 5 — Besu Chain 138 (optional) + +Not required for Standard Rollup. See [OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md](OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md). **XDC-Zero** remains [CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md](CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) (XDC ↔ Besu 138). + +--- + +## E2E completion table + +| Gate | Evidence | +|------|----------| +| Sepolia | `op-validator` OK, soak logs, frozen manifest | +| Mainnet L1/L2 | Address list + rollup/genesis artifacts | +| Live stack | Sequencer, batcher, proposer, challenger healthy | +| Mainnet validate | `op-validator` on mainnet configs | +| Registry | PR merged; `superchain_level = 2` when promoted | +| Ops | Runbooks, monitoring, incident contacts | + +--- + +## Related repo docs + +| Topic | Doc | +|-------|-----| +| Besu Chain 138 + XDC | [CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md](CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) | +| CCIP (138 ↔ public L1/L2s) | [../07-ccip/](../07-ccip/), `smom-dbis-138` deployment runbooks | diff --git a/docs/03-deployment/PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md b/docs/03-deployment/PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md index 97ebd9b4..d11b8d24 100644 --- a/docs/03-deployment/PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md +++ b/docs/03-deployment/PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md @@ -9,9 +9,14 @@ ## C.1 Deploy or bridge cW* tokens per chain -Chains (current pool-matrix scope): 1, 10, 56, 100, 137, 250, 324, 8453, 42161, 42220, 43114, 59144. -Note: Wemix (1111) may still be part of bridge-coverage phases, but it is not currently in `cross-chain-pmm-lps/config/pool-matrix.json`. -Tokens: cWUSDT, cWUSDC, cWAUSDT, cWEURC, cWEURT, cWUSDW (per pool-matrix). +Chains (current repo rollout scope): 1, 10, 25, 56, 100, 137, 42161, 42220, 43114, 8453, 1111. +Tokens (current pool-matrix): `cWUSDT`, `cWUSDC`, `cWAUSDT`, `cWEURC`, `cWEURT`, `cWUSDW`, `cWGBPC`, `cWGBPT`, `cWAUDC`, `cWJPYC`, `cWCHFC`, `cWCADC`, `cWXAUC`, `cWXAUT`. + +Important update: + +- the pool matrix now covers the full GRU Wave 1 wrapped set +- this closes the design/config gap for Wave 1 public liquidity +- it does **not** mark those pools live until addresses are written into `deployment-status.json` **Steps:** (1) Use cross-chain-pmm-lps config/chains.json and pool-matrix.json. (2) Deploy CompliantWrappedToken (cW*) per chain or use bridge; set addresses in deployment-status.json and smom-dbis-138/.env. (3) Ref: TOKEN_CONTRACT_DEPLOYMENTS_REMAINING §3, CW_DEPLOY_AND_WIRE_RUNBOOK. @@ -19,7 +24,13 @@ Tokens: cWUSDT, cWUSDC, cWAUSDT, cWEURC, cWEURT, cWUSDW (per pool-matrix). ## C.2 Create and fund PMM edge pools per chain -**Steps:** (1) From pool-matrix poolsFirst (e.g. cWUSDT/USDC), create DODO PMM or Uniswap pools per chain. (2) Add initial liquidity. (3) Record pool addresses in deployment-status.json chains[chainId].pmmPools. (4) Ensure token-aggregation/heatmap use deployment-status. +**Steps:** (1) From pool-matrix `poolsFirst` (for example `cWEURC/USDC`, `cWGBPC/USDT`, `cWXAUC/USDC`), create DODO PMM or Uniswap pools per chain. (2) Add initial liquidity. (3) Record pool addresses in deployment-status.json `chains[chainId].pmmPools`. (4) Ensure token-aggregation/heatmap use deployment-status. + +Use the deployment queue for the remaining operator breakdown: + +```bash +bash scripts/verify/check-gru-v2-deployment-queue.sh +``` **Ref:** LIQUIDITY_POOLS_MASTER_MAP § Public-chain cW*, pool-matrix.json. diff --git a/docs/03-deployment/PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md b/docs/03-deployment/PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md index f6a870a1..e6ab95a3 100644 --- a/docs/03-deployment/PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md +++ b/docs/03-deployment/PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md @@ -1,5 +1,7 @@ # PMM Full Mesh (Chain 138) and Single-Sided LPs (Public Networks) — Plan +> Historical note (2026-04-02): this document spans the full-mesh plan as well as the current live stable stack. The canonical Chain 138 PMM stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Public XAU pools remain on the older PMM phase until explicitly migrated. + **Purpose:** Define and run the full PMM pool mesh on Chain 138 and the single-sided LP deployment on public networks for aggregator and DEX routing. --- @@ -16,14 +18,14 @@ - Adds up to **12** pools (12×1) when `WETH_ADDRESS_138` (or `QUOTE_TOKEN_ADDRESS`) is configured. - **official vs ETH (on-chain as WETH, optional):** official USDT/WETH and official USDC/WETH. - Adds up to **2** pools when official token addresses and WETH are configured. -- **Already created:** The three legacy pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC) are created separately; the script skips any pair that already has a pool. +- **Already created on the current stable stack:** cUSDT/cUSDC `0x9e89bAe009adf128782E19e8341996c596ac40dC`, cUSDT/USDT `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, cUSDC/USDC `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`; the script skips any pair that already has a pool. ### 1.2 Contracts and roles | Contract | Address (Chain 138) | Role | |----------|---------------------|------| -| DODOPMMIntegration | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | `createPool(base, quote, ...)`; `swapExactIn(pool, tokenIn, amountIn, minAmountOut)` for generic routing | -| DODOPMMProvider | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` | `registerPool(tokenIn, tokenOut, pool)`; `executeSwap` uses `swapExactIn` for any registered pool | +| DODOPMMIntegration | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` | `createPool(base, quote, ...)`; `swapExactIn(pool, tokenIn, amountIn, minAmountOut)` for generic routing on the canonical stable stack | +| DODOPMMProvider | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` | `registerPool(tokenIn, tokenOut, pool)`; `executeSwap` uses `swapExactIn` for any registered pool on the canonical stable stack | - Deployer (or the account that holds **POOL_MANAGER_ROLE** on the integration and **POOL_MANAGER_ROLE** on the provider) must run pool creation and registration. - **Generic routing:** `DODOPMMIntegration.swapExactIn` allows any registered pool to be used for swaps; `DODOPMMProvider.executeSwap` routes through it when the pair is not one of the six legacy pairs. diff --git a/docs/03-deployment/PMM_POOLS_FUNDING_PLAN.md b/docs/03-deployment/PMM_POOLS_FUNDING_PLAN.md index 41efd7e1..8d178fdd 100644 --- a/docs/03-deployment/PMM_POOLS_FUNDING_PLAN.md +++ b/docs/03-deployment/PMM_POOLS_FUNDING_PLAN.md @@ -1,10 +1,10 @@ # PMM Pools Funding Plan - Chain 138 -> Historical note (2026-03-26): this funding plan documents an earlier three-pool PMM phase. The live canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. Current public funded pool addresses are maintained in [LIQUIDITY_POOLS_MASTER_MAP.md](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md). +> Historical note (2026-04-02): this funding plan documents an earlier three-pool PMM phase. The live canonical Chain 138 PMM stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Current public funded pool addresses are maintained in [LIQUIDITY_POOLS_MASTER_MAP.md](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md). **Purpose:** Step-by-step plan to fund the three DODO PMM liquidity pools on Chain 138. **Deployer:** `0x4A666F96fC8764181194447A7dFdb7d471b301C8` -**Integration:** `DODOPMMIntegration` at `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` +**Integration:** `DODOPMMIntegration` at `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` --- @@ -12,9 +12,9 @@ | Pool | Base token | Quote token | Pool address | Fund when | |------|------------|-------------|--------------|-----------| -| **1. cUSDT/cUSDC** | cUSDT | cUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | Deployer has cUSDT + cUSDC (mintable) | -| **2. cUSDT/USDT** | cUSDT | USDT (official) | `0x6fc60DEDc92a2047062294488539992710b99D71` | Deployer has cUSDT + official USDT | -| **3. cUSDC/USDC** | cUSDC | USDC (official) | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | Deployer has cUSDC + official USDC | +| **1. cUSDT/cUSDC** | cUSDT | cUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | Deployer has cUSDT + cUSDC (mintable) | +| **2. cUSDT/USDT** | cUSDT | USDT (official mirror) | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | Deployer has cUSDT + official USDT mirror | +| **3. cUSDC/USDC** | cUSDC | USDC (official mirror) | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | Deployer has cUSDC + official USDC mirror | - **Pool 1** uses only c* tokens; you can mint both on Chain 138 and fund fully. - **Pools 2 and 3** need "official" USDT/USDC on 138 (set in DODOPMMIntegration at deploy time). If those are deployer-owned mocks, mint them too; otherwise fund only from existing balance. @@ -85,8 +85,8 @@ From repo root, with smom-dbis-138/.env sourced: ```bash cd smom-dbis-138 && source .env -INT=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d -POOL1=0xff8d3b8fDF7B112759F076B69f4271D4209C0849 +INT=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895 +POOL1=0x9e89bAe009adf128782E19e8341996c596ac40dC CUSDT=0x93E66202A11B1772E55407B32B44e5Cd8eda7f22 CUSDC=0xf22258f57794CC8E06237084b353Ab30fFfa640b RPC="$RPC_URL_138" @@ -106,7 +106,7 @@ cast send "$INT" "addLiquidity(address,uint256,uint256)" "$POOL1" "$BASE_AMOUNT" ```bash cd smom-dbis-138 && source .env -export POOL_CUSDTCUSDC=0xff8d3b8fDF7B112759F076B69f4271D4209C0849 +export POOL_CUSDTCUSDC=0x9e89bAe009adf128782E19e8341996c596ac40dC export ADD_LIQUIDITY_BASE_AMOUNT=1000000000000 export ADD_LIQUIDITY_QUOTE_AMOUNT=1000000000000 diff --git a/docs/03-deployment/PRE_DEPLOYMENT_CHECKLIST.md b/docs/03-deployment/PRE_DEPLOYMENT_CHECKLIST.md index 07e56f10..48152d0f 100644 --- a/docs/03-deployment/PRE_DEPLOYMENT_CHECKLIST.md +++ b/docs/03-deployment/PRE_DEPLOYMENT_CHECKLIST.md @@ -1,6 +1,6 @@ # Pre-Deployment Checklist — DODO PMM, Pools, Provider, Router & APIs -**Last Updated:** 2026-03-26 +**Last Updated:** 2026-04-02 **Purpose:** Single source of truth for component status and ordered steps required before deployment (Chain 138). **See also:** [DEPLOYMENT_ORDER_OF_OPERATIONS.md](DEPLOYMENT_ORDER_OF_OPERATIONS.md) — full deployment order (Phase 0–6) and remaining recommendations. @@ -18,11 +18,11 @@ | Component | Status | Address / Notes | |-----------|--------|-----------------| -| **DODOPMMIntegration** | ✅ Deployed | Chain 138 canonical corrected stack: `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`. | -| **PMM pools** | ✅ Reconciled | 104 desired-state pools aligned; live funded public pools include cUSDT/cUSDC `0xff8d3b8fDF7B112759F076B69f4271D4209C0849`, cUSDT/USDT `0x6fc60DEDc92a2047062294488539992710b99D71`, cUSDC/USDC `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263`, cUSDT/cXAUC `0x94316511621430423a2cff0C036902BAB4aA70c2`, cUSDC/cXAUC `0x7867D58567948e5b9908F1057055Ee4440de0851`, cEURT/cXAUC `0x505403093826D494983A93b43Aa0B8601078A44e`. | -| **DODOPMMProvider** | ✅ Deployed | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`; 104/104 desired-state routes aligned. | -| **EnhancedSwapRouter** | ❌ Not deployed | Mainnet-only script today; for Chain 138 deploy when Uniswap/Balancer pools exist; set quoter/poolId. | -| **Token-aggregation API** | ✅ Implemented, runnable | Single-hop quotes; can index DODO once pools exist (set `CHAIN_138_DODO_PMM_INTEGRATION`). | +| **DODOPMMIntegration** | ✅ Deployed | Chain 138 canonical official DODO V2 DVM-backed stack: `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`. | +| **PMM pools** | ✅ Reconciled | 104 desired-state pools aligned; live funded public pools include cUSDT/cUSDC `0x9e89bAe009adf128782E19e8341996c596ac40dC`, cUSDT/USDT `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, cUSDC/USDC `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`, plus retained XAU public pools. | +| **DODOPMMProvider** | ✅ Deployed | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`; canonical stable routes aligned. | +| **EnhancedSwapRouter** | ❌ Not deployed | Chain 138 deployment script exists, but live WETH-to-stable routes and non-DODO providers are still not configured. | +| **Token-aggregation API** | ✅ Implemented, runnable | Single-hop quotes; now persists the canonical Chain 138 DODO pool set on the live explorer deployment. | | **Bridge quote (swap+bridge+swap)** | ✅ Implemented | `POST /api/bridge/quote`; on-chain coordinator optional. | | **Cross-chain cW* mesh** | Design/tooling only | Edge pools and bots not deployed. | @@ -42,7 +42,7 @@ - [ ] **Env set in `smom-dbis-138/.env` only** Required: `PRIVATE_KEY`, `RPC_URL_138` (must be Core RPC, not Public). - For PMM: `DODO_PMM_INTEGRATION_ADDRESS=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`, `DODO_PMM_PROVIDER_ADDRESS=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. + For PMM: `DODO_PMM_INTEGRATION_ADDRESS=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODO_PMM_PROVIDER_ADDRESS=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Optional: `GAS_PRICE_138` or `GAS_PRICE` (default 1 gwei). After TransactionMirror deploy: set `TRANSACTION_MIRROR_ADDRESS` from script output. Verify: `cd smom-dbis-138 && ./scripts/deployment/check-env-required.sh`. @@ -100,7 +100,7 @@ This deploys TransactionMirror then creates **only** the cUSDT/cUSDC pool. For m ```bash cd smom-dbis-138 -export DODO_PMM_INTEGRATION="${DODO_PMM_INTEGRATION_ADDRESS:-0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d}" +export DODO_PMM_INTEGRATION="${DODO_PMM_INTEGRATION_ADDRESS:-0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895}" export RPC_URL_138="${RPC_URL_138:-http://192.168.11.211:8545}" export GAS_PRICE="${GAS_PRICE_138:-${GAS_PRICE:-1000000000}}" @@ -149,7 +149,7 @@ Current deploy script is mainnet-only (`block.chainid == 1`). For Chain 138: ### Step 6: Token-aggregation API (DODO indexing) -- Ensure `CHAIN_138_DODO_PMM_INTEGRATION=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` (or equivalent) is set where the token-aggregation service runs. Optional: `CHAIN_138_DODO_POOL_MANAGER`, `CHAIN_138_DODO_VENDING_MACHINE` (see token-aggregation `.env.example` and [dex-factories.ts](../../smom-dbis-138/services/token-aggregation/src/config/dex-factories.ts)). +- Ensure `CHAIN_138_DODO_PMM_INTEGRATION=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` (or equivalent) is set where the token-aggregation service runs. Optional: `CHAIN_138_DODO_POOL_MANAGER`, `CHAIN_138_DODO_VENDING_MACHINE` (see token-aggregation `.env.example` and [dex-factories.ts](../../smom-dbis-138/services/token-aggregation/src/config/dex-factories.ts)). - Once pools exist, the service can index DODO pools from DODOPMMIntegration and expose single-hop quotes. ### Step 7: On-chain verification @@ -160,7 +160,7 @@ After any new deployment: ./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL] ``` -Target: all expected addresses (e.g. **64/64** per check-contracts-on-chain-138.sh when TransactionMirror, DODO pools, vault/reserve, CompliantFiatTokens, and ISO20022Router are present). Update [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md](REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md) and [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) with new pool and provider addresses. +Target: all expected addresses (e.g. **67/67** per check-contracts-on-chain-138.sh when TransactionMirror, DODO pools, vault/reserve, CompliantFiatTokens, ISO20022Router, and the cross-chain flash trio are present). Update [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md](REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md) and [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) with new pool, provider, and flash-infrastructure addresses. --- @@ -173,7 +173,7 @@ Target: all expected addresses (e.g. **64/64** per check-contracts-on-chain-138. | `smom-dbis-138/script/dex/CreateCUSDTUSDTPool.s.sol` | Create cUSDT/USDT pool. | | `smom-dbis-138/script/dex/CreateCUSDCUSDCPool.s.sol` | Create cUSDC/USDC pool. | | `smom-dbis-138/script/liquidity/DeployDODOPMMProvider.s.sol` | Deploy DODOPMMProvider (then register pools). | -| `smom-dbis-138/script/bridge/trustless/DeployEnhancedSwapRouter.s.sol` | Deploy EnhancedSwapRouter (mainnet-only; Chain 138 needs env/config). | +| `smom-dbis-138/script/bridge/trustless/DeployEnhancedSwapRouter.s.sol` | Legacy router deployment path (mainnet-oriented). The live Chain 138 execution surface is `EnhancedSwapRouterV2` plus the funded pilot-compatible venue layer; verify with `scripts/verify/check-chain138-pilot-dex-venues.sh`. | | `scripts/verify/check-contracts-on-chain-138.sh` | Verify expected contract addresses on Chain 138. | --- diff --git a/docs/03-deployment/PROXMOX_CSTAR_TO_CW_BRIDGE_RUNBOOK.md b/docs/03-deployment/PROXMOX_CSTAR_TO_CW_BRIDGE_RUNBOOK.md new file mode 100644 index 00000000..be700299 --- /dev/null +++ b/docs/03-deployment/PROXMOX_CSTAR_TO_CW_BRIDGE_RUNBOOK.md @@ -0,0 +1,224 @@ +# Proxmox Runbook: Bridge Any c* Asset to cW* + +**Created:** 2026-04-06 +**Purpose:** Single operator runbook for taking any canonical Chain 138 `c*` asset and bridging it to its public-chain `cW*` mirror using the dedicated GRU transport stack. + +This consolidates the repo’s existing cW deployment and bridge material into one generic workflow for Proxmox operators. It is the shortest path from “we want `cEURC -> cWEURC` on Polygon” to exact wiring and exact send commands. + +Related: + +- [CW_DEPLOY_AND_WIRE_RUNBOOK.md](../07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md) +- [CW_BRIDGE_APPROACH.md](../07-ccip/CW_BRIDGE_APPROACH.md) +- [ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md](../11-references/ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md) +- [token-mapping-multichain.json](../../config/token-mapping-multichain.json) + +## 1. Model + +The generic outbound path is: + +1. User approves the Chain 138 canonical token to `CWMultiTokenBridgeL1`. +2. User calls `CWMultiTokenBridgeL1.lockAndSend(canonicalToken, destinationSelector, recipient, amount)`. +3. Chain 138 locks the canonical `c*` balance in escrow. +4. The destination `CWMultiTokenBridgeL2` receives the CCIP message. +5. The destination bridge mints the configured `cW*` mirror to the recipient. + +The generic return path is the reverse: + +1. User approves the destination `cW*` token to `CWMultiTokenBridgeL2`. +2. User calls `CWMultiTokenBridgeL2.burnAndSend(mirroredToken, 138, recipient, amount)`. +3. The destination bridge burns `cW*`. +4. Chain 138 receives the return message. +5. `CWMultiTokenBridgeL1` releases the escrowed canonical `c*` back to the recipient. + +## 2. Supported generic asset families + +The repo already maps these generic canonical-to-mirror lanes in [token-mapping-multichain.json](../../config/token-mapping-multichain.json): + +- `cUSDT -> cWUSDT` +- `cUSDC -> cWUSDC` +- `cAUSDT -> cWAUSDT` +- `cUSDW -> cWUSDW` +- `cEURC -> cWEURC` +- `cEURT -> cWEURT` +- `cGBPC -> cWGBPC` +- `cGBPT -> cWGBPT` +- `cAUDC -> cWAUDC` +- `cJPYC -> cWJPYC` +- `cCHFC -> cWCHFC` +- `cCADC -> cWCADC` +- `cXAUC -> cWXAUC` +- `cXAUT -> cWXAUT` + +Important nuance: + +- The generic wiring model is reusable for all of those symbols. +- The repo’s currently proven live end-to-end corridors are still narrower than the full design surface. Mainnet `cUSDT -> cWUSDT`, Mainnet `cUSDC -> cWUSDC`, and Avalanche `cUSDT -> cWUSDT` are the clearest proven references. +- Other generic lanes should be treated as operator-wirable and testable, but not automatically “production proven” until they have their own canary proof. + +## 3. Prerequisites + +Before bridging a new lane, make sure all of this is true: + +- `smom-dbis-138/.env` has `PRIVATE_KEY`, `RPC_URL_138`, and the destination RPC URL. +- `smom-dbis-138/.env` has the destination selector, for example `ETH_MAINNET_SELECTOR`, `POLYGON_SELECTOR`, or `AVALANCHE_SELECTOR`. +- `smom-dbis-138/.env` has `CW_L1_BRIDGE_CHAIN138` or `CHAIN138_L1_BRIDGE`. +- `smom-dbis-138/.env` has `CW_BRIDGE_` for the destination `CWMultiTokenBridgeL2`. +- The destination `cW*` token is already deployed and recorded in `.env` and [token-mapping-multichain.json](../../config/token-mapping-multichain.json). +- The destination bridge has `MINTER_ROLE` and `BURNER_ROLE` on that `cW*` token. + +If the destination `cW*` suite is not deployed yet, use: + +```bash +./scripts/deployment/run-cw-remaining-steps.sh --deploy +``` + +Then set the emitted `CW*_` addresses in `smom-dbis-138/.env` and refresh the mapping: + +```bash +./scripts/deployment/run-cw-remaining-steps.sh --update-mapping +./scripts/deployment/run-cw-remaining-steps.sh --verify +``` + +## 4. Generic wiring + +Use the new generic helper from repo root: + +```bash +./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain --asset +``` + +Examples: + +```bash +./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain MAINNET --asset cUSDT +./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain POLYGON --asset cEURC +./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain AVALANCHE --asset cUSDC --max-outstanding 1000000000000 --freeze +``` + +Broadcast the writes only after the dry-run looks right: + +```bash +./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain POLYGON --asset cEURC --execute +./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain AVALANCHE --asset cUSDC --max-outstanding 1000000000000 --freeze --execute +``` + +What the script does: + +1. Resolves the canonical `c*` address from [token-mapping-multichain.json](../../config/token-mapping-multichain.json). +2. Resolves the destination `cW*` token from `.env` and mapping. +3. Calls `CWMultiTokenBridgeL2.configureTokenPair(canonical, mirrored)`. +4. Calls `CWMultiTokenBridgeL1.configureDestination(canonical, selector, l2Bridge, true)`. +5. Calls `CWMultiTokenBridgeL2.configureDestination(138, l1Bridge, true)`. +6. Calls `CWMultiTokenBridgeL1.configureSupportedCanonicalToken(canonical, true)`. +7. Optionally calls `CWMultiTokenBridgeL1.setMaxOutstanding(...)`. +8. Optionally calls `CWMultiTokenBridgeL2.freezeTokenPair(...)` and `freezeDestination(138)`. + +## 5. Generic outbound send + +Use the new send helper from repo root: + +```bash +./scripts/bridge/bridge-cstar-to-cw.sh --asset --chain --amount --recipient
+``` + +Examples: + +```bash +./scripts/bridge/bridge-cstar-to-cw.sh --asset cUSDT --chain MAINNET --amount 1 --recipient 0x1234... +./scripts/bridge/bridge-cstar-to-cw.sh --asset cEURC --chain POLYGON --amount 250.5 --recipient 0x1234... +./scripts/bridge/bridge-cstar-to-cw.sh --asset cXAUC --chain AVALANCHE --raw-amount 1000000 --recipient 0x1234... +``` + +Dry-run output includes: + +- canonical and mirrored token addresses +- source bridge address +- destination selector +- converted raw amount +- current source-token allowance +- bridge fee quote +- fee mode: native or ERC-20 fee token +- exact `cast send` commands that would be run + +To let the helper auto-approve and then submit: + +```bash +./scripts/bridge/bridge-cstar-to-cw.sh --asset cEURC --chain POLYGON --amount 250.5 --recipient 0x1234... --approve --execute +``` + +What the send helper does: + +1. Resolves the canonical 138 token and destination `cW*` mirror from [token-mapping-multichain.json](../../config/token-mapping-multichain.json). +2. Reads `decimals()` from the canonical token and converts `--amount` to raw units. +3. Reads `feeToken()` and `calculateFee(...)` from `CWMultiTokenBridgeL1`. +4. Checks allowance on the canonical token. +5. If the bridge uses an ERC-20 fee token, checks that allowance too. +6. If `--approve` is set, submits the approvals needed. +7. Calls `lockAndSend(address,uint64,address,uint256)`. + +## 6. Manual casts + +If you want the raw contract calls without the helper: + +Approve the canonical token: + +```bash +cast send "$CUSDC_138" "approve(address,uint256)" "$CW_L1_BRIDGE_CHAIN138" 1000000 \ + --rpc-url "$RPC_URL_138" --private-key "$PRIVATE_KEY" --legacy +``` + +Quote the fee: + +```bash +cast call "$CW_L1_BRIDGE_CHAIN138" "calculateFee(address,uint64,address,uint256)(uint256)" \ + "$CUSDC_138" "$POLYGON_SELECTOR" 0xRecipient 1000000 --rpc-url "$RPC_URL_138" +``` + +Send with native fee mode: + +```bash +cast send "$CW_L1_BRIDGE_CHAIN138" "lockAndSend(address,uint64,address,uint256)" \ + "$CUSDC_138" "$POLYGON_SELECTOR" 0xRecipient 1000000 \ + --rpc-url "$RPC_URL_138" --private-key "$PRIVATE_KEY" --legacy --value "$FEE_WEI" +``` + +## 7. Verification + +After wiring: + +```bash +./scripts/deployment/run-cw-remaining-steps.sh --verify +``` + +Useful direct checks: + +```bash +cast call "$CW_L1_BRIDGE_CHAIN138" "supportedCanonicalToken(address)(bool)" "$CUSDC_138" --rpc-url "$RPC_URL_138" +cast call "$CW_L1_BRIDGE_CHAIN138" "destinations(address,uint64)((address,bool))" "$CUSDC_138" "$POLYGON_SELECTOR" --rpc-url "$RPC_URL_138" +cast call "$CW_BRIDGE_POLYGON" "canonicalToMirrored(address)(address)" "$CUSDC_138" --rpc-url "$POLYGON_MAINNET_RPC" +cast call "$CWUSDC_POLYGON" "hasRole(bytes32,address)(bool)" "$(cast keccak 'MINTER_ROLE')" "$CW_BRIDGE_POLYGON" --rpc-url "$POLYGON_MAINNET_RPC" +``` + +After a send: + +```bash +cast call "$CWUSDC_POLYGON" "balanceOf(address)(uint256)" 0xRecipient --rpc-url "$POLYGON_MAINNET_RPC" +``` + +## 8. Operational notes + +- `CWMultiTokenBridgeL1` is the correct generic sender for canonical `c*`. +- `CWMultiTokenBridgeL2` is the correct generic receiver for mirrored `cW*`. +- `CCIPWETH9Bridge` and `CCIPWETH10Bridge` are not the generic `c* -> cW*` path. +- For strict hard-peg lanes, set `maxOutstanding`, attach the reserve verifier, and freeze the destination config after validation. +- For ALL Mainnet, keep using the dedicated adapter model rather than assuming a selector-driven public-chain CW bridge path. + +## 9. Recommended operator sequence + +1. Deploy missing destination `cW*` tokens if needed. +2. Refresh [token-mapping-multichain.json](../../config/token-mapping-multichain.json). +3. Run `configure-cstar-cw-bridge-pair.sh` in dry-run mode. +4. Run the same command with `--execute`. +5. Run `bridge-cstar-to-cw.sh` in dry-run mode with a canary amount. +6. Run the same send with `--approve --execute`. +7. Verify the destination mint and record the tx hash in the relevant lane runbook. diff --git a/docs/03-deployment/PROXMOX_VE_OPERATIONAL_DEPLOYMENT_TEMPLATE.md b/docs/03-deployment/PROXMOX_VE_OPERATIONAL_DEPLOYMENT_TEMPLATE.md index 10ade71d..d7f1007c 100644 --- a/docs/03-deployment/PROXMOX_VE_OPERATIONAL_DEPLOYMENT_TEMPLATE.md +++ b/docs/03-deployment/PROXMOX_VE_OPERATIONAL_DEPLOYMENT_TEMPLATE.md @@ -1,6 +1,6 @@ # Proxmox VE — Operational deployment template -**Last Updated:** 2026-03-25 +**Last Updated:** 2026-04-08 **Status:** Active — ties hypervisors, LAN/WAN, cluster peering, Chain 138 Besu tiers, NPMplus ingress, FQDNs, and deployment gates into one place. **Machine-readable:** [`config/proxmox-operational-template.json`](../../config/proxmox-operational-template.json) (sync when you change VMIDs/IPs/FQDNs). @@ -16,11 +16,15 @@ ## 1. Proxmox VE hosts (management) -| Hostname | MGMT IP | Proxmox UI | Cluster | Role (target) | -|----------|---------|------------|---------|----------------| -| ml110 | 192.168.11.10 | https://192.168.11.10:8006 | h (legacy) | Planned WAN aggregator (OPNsense/pfSense); **migrate CT/VM off before repurpose** | -| r630-01 | 192.168.11.11 | https://192.168.11.11:8006 | h | Primary: Chain 138 RPC/CCIP-adjacent workloads, Sankofa Phoenix stack, much of DBIS | -| r630-02 | 192.168.11.12 | https://192.168.11.12:8006 | h | Firefly, MIM4U, Mifos LXC, extra NPMplus instances, supporting infra | +| Hostname | **Canonical FQDN** | MGMT IP | Proxmox UI | Cluster | Role (target) | +|----------|---------------------|---------|------------|---------|----------------| +| ml110 | **ml110.sankofa.nexus** | 192.168.11.10 | https://192.168.11.10:8006 | h (legacy) | Planned WAN aggregator (OPNsense/pfSense); **migrate CT/VM off before repurpose** | +| r630-01 | **r630-01.sankofa.nexus** | 192.168.11.11 | https://192.168.11.11:8006 | h | Primary: Chain 138 RPC/CCIP-adjacent workloads, Sankofa Phoenix stack, much of DBIS | +| r630-02 | **r630-02.sankofa.nexus** | 192.168.11.12 | https://192.168.11.12:8006 | h | Firefly, MIM4U, Mifos LXC, extra NPMplus instances, supporting infra | +| r630-03 | **r630-03.sankofa.nexus** | 192.168.11.13 | https://192.168.11.13:8006 | h | Spare + storage thin pools; Besu **2102**, validators **1003–1004**, sentries **1503–1508**, ThirdWeb **2400–2403**, **2301** when placed here (see `ALL_VMIDS_ENDPOINTS.md`) | +| r630-04 | **r630-04.sankofa.nexus** | 192.168.11.14 | https://192.168.11.14:8006 | h | Spare + Ceph OSDs | + +**Read-only inventory diff:** `bash scripts/verify/audit-proxmox-operational-template.sh` — defaults to **five** management IPs from `config/ip-addresses.conf` (ML110 + r630-01..04). Hosts without SSH still **SKIP**; include **r630-03** so template VMIDs on that node are not false “missing.” **LAN:** 192.168.11.0/24, gateway **192.168.11.1** (UDM Pro), VLAN 11. Extended node IP plan (r630-03 …): `config/ip-addresses.conf` comments. diff --git a/docs/03-deployment/PUBLIC_SECTOR_LIVE_DEPLOYMENT_CHECKLIST.md b/docs/03-deployment/PUBLIC_SECTOR_LIVE_DEPLOYMENT_CHECKLIST.md index 8225e80b..21a3075a 100644 --- a/docs/03-deployment/PUBLIC_SECTOR_LIVE_DEPLOYMENT_CHECKLIST.md +++ b/docs/03-deployment/PUBLIC_SECTOR_LIVE_DEPLOYMENT_CHECKLIST.md @@ -40,7 +40,7 @@ This checklist tracks **proxmox-repo automation** and **sibling repos** (`../com | RPC `192.168.11.221:8545` / `192.168.11.211:8545` | HTTP 201 | | SSH `root@192.168.11.10` / `.11` | OK (BatchMode) | | `./scripts/run-completable-tasks-from-anywhere.sh` | Exit 0 | -| `./scripts/verify/check-contracts-on-chain-138.sh` | **64/64** present | +| `./scripts/verify/check-contracts-on-chain-138.sh` | **67/67** present | | `E2E_ACCEPT_502_INTERNAL=1 ./scripts/verify/verify-end-to-end-routing.sh` | 37 domains, 0 failed; report under `docs/04-configuration/verification-evidence/e2e-verification-20260325_165153/` | | `https://phoenix.sankofa.nexus/`, `https://sankofa.nexus/` | HTTP 200 | | `http://192.168.11.50:4000/health`, `:51:3000`, `:52:8080/health/ready` | No HTTP response from operator host (hosts ping; services may be down, firewalled, or not bound) — **re-check on Proxmox / in-container** | diff --git a/docs/03-deployment/RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md b/docs/03-deployment/RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md index 071adca9..07606055 100644 --- a/docs/03-deployment/RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md +++ b/docs/03-deployment/RECOMMENDATIONS_AND_FIXES_BEFORE_DEPLOY.md @@ -1,8 +1,8 @@ # Recommendations and Fixes Before Deploying Smart Contracts and PMM Pools -> Historical note (2026-03-26): this checklist spans earlier deployment phases and may reference superseded PMM workflows. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. Use [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) for live operations. +> Historical note (2026-04-02): this checklist spans earlier deployment phases and may reference superseded PMM workflows. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Use [ADDRESS_MATRIX_AND_STATUS.md](../11-references/ADDRESS_MATRIX_AND_STATUS.md) for live operations. -**Last Updated:** 2026-02-27 +**Last Updated:** 2026-04-02 **Purpose:** Single checklist of all **recommendations** and **required fixes** to complete before deploying smart contracts and PMM pools on Chain 138 (and related chains). Use this with [DEPLOYMENT_ORDER_OF_OPERATIONS.md](DEPLOYMENT_ORDER_OF_OPERATIONS.md) and [PRE_DEPLOYMENT_CHECKLIST.md](PRE_DEPLOYMENT_CHECKLIST.md). **Related:** [TODOS_CONSOLIDATED](../00-meta/TODOS_CONSOLIDATED.md) § First (0a–0c) | [CONTRACT_DEPLOYMENT_RUNBOOK.md](CONTRACT_DEPLOYMENT_RUNBOOK.md) | [RECOMMENDATIONS_OPERATOR_CHECKLIST](../00-meta/RECOMMENDATIONS_OPERATOR_CHECKLIST.md) @@ -17,11 +17,11 @@ These must be satisfied before **any** Chain 138 deployment. Run preflight once; | # | Item | Action / fix | |---|------|--------------| -| **1.1** | **Run preflight** | From repo root: `./scripts/deployment/preflight-chain138-deploy.sh [--cost]`. Verifies: dotenv exists, required env keys, RPC returns chainId 0x8a (138), deployer nonce (warns if stuck). Use `--cost` for gas/cost estimate. | +| **1.1** | **Run preflight** | From repo root: `./scripts/deployment/preflight-chain138-deploy.sh [--cost]`. Verifies: dotenv exists, required env keys, RPC returns chainId 0x8a (138), deployer nonce (warns if stuck). Use `--cost` for gas/cost estimate. If Core RPC `192.168.11.211:8545` is still reopening RocksDB after tx-pool maintenance, you can temporarily run preflight against a healthy same-chain **public** RPC: on LAN `CHAIN138_PREFLIGHT_RPC_URL=http://192.168.11.221:8545`, or from anywhere **`CHAIN138_PREFLIGHT_RPC_URL=https://rpc-http-pub.d-bis.org`** (HTTPS FQDN only for public checks). | | **1.2** | **Core RPC = IP:port, not FQDN** | In `smom-dbis-138/.env` set `RPC_URL_138=http://192.168.11.211:8545` (Core RPC, VMID 2101). Do **not** use `https://rpc-core.d-bis.org` for deployment (DNS/tunnel can fail). See [RPC_ENDPOINTS_MASTER](../04-configuration/RPC_ENDPOINTS_MASTER.md), [TODOS_CONSOLIDATED](../00-meta/TODOS_CONSOLIDATED.md) § 0b. | | **1.3** | **Deployer gas (Chain 138)** | Ensure deployer has ≥ ~0.006 ETH (recommended 1–2 ETH). Check: `RPC_URL_138=http://192.168.11.211:8545 ./scripts/deployment/check-deployer-balance-chain138-and-funding-plan.sh` or `cd smom-dbis-138 && ./scripts/deployment/check-balances-gas-and-deploy.sh`. | -| **1.4** | **Env from smom-dbis-138/.env only** | All deploy secrets from **`smom-dbis-138/.env`** only. Required: `PRIVATE_KEY`, `RPC_URL_138`. For PMM: `DODO_PMM_INTEGRATION_ADDRESS=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`, `DODO_PMM_PROVIDER_ADDRESS=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. Optional: `GAS_PRICE_138`, `GAS_PRICE` (default 1 gwei). For explorer/runtime inventories, prefer the checked-in JSON references under `explorer-monorepo/config/` instead of repopulating address-heavy `.env` files. Verify: `cd smom-dbis-138 && ./scripts/deployment/check-env-required.sh`. | -| **1.5** | **No stuck transactions** | If nonce has pending txs or you see "Replacement transaction underpriced": run `./scripts/clear-all-transaction-pools.sh` then wait **~60s** before deploying. Prefer scripts that check nonce (e.g. `deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh`). | +| **1.4** | **Env from smom-dbis-138/.env only** | All deploy secrets from **`smom-dbis-138/.env`** only. Required: `PRIVATE_KEY`, `RPC_URL_138`. For PMM: `DODO_PMM_INTEGRATION_ADDRESS=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODO_PMM_PROVIDER_ADDRESS=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Optional: `GAS_PRICE_138`, `GAS_PRICE` (default 1 gwei). For explorer/runtime inventories, prefer the checked-in JSON references under `explorer-monorepo/config/` instead of repopulating address-heavy `.env` files. Verify: `cd smom-dbis-138 && ./scripts/deployment/check-env-required.sh`. | +| **1.5** | **No stuck transactions** | If nonce has pending txs or you see "Replacement transaction underpriced": run `./scripts/clear-all-transaction-pools.sh` then wait **~60s** before deploying. Prefer scripts that check nonce (e.g. `deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh`). Note: Core RPC 2101 can take additional time to bind JSON-RPC while Besu reopens or compacts RocksDB; public RPC may recover first, but deployments should still return to Core once 2101 is healthy. | | **1.6** | **RPC 2101 (Core) writable** | If Core was read-only: `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh`. See [RPC_2101_READONLY_FIX.md](RPC_2101_READONLY_FIX.md). | | **1.7** | **Test all contracts** | Run **before** any deploy: `./scripts/deployment/test-all-contracts-before-deploy.sh`. Use `--dry-run` to print commands; `--no-match "Fork|Mainnet|Integration|e2e"` for unit-only; `--alltra` to include alltra-lifi-settlement. See [DEPLOYMENT_ORDER_OF_OPERATIONS](DEPLOYMENT_ORDER_OF_OPERATIONS.md) § Phase 0.8. | | **1.8** | **Gas / cost estimate** | Before deploying: `cd smom-dbis-138 && ./scripts/deployment/calculate-costs-consolidated.sh` (Chain 138 min gas 1 gwei). See [DEPLOYMENT_GAS_COSTS_REALTIME](../11-references/DEPLOYMENT_GAS_COSTS_REALTIME.md). | @@ -73,7 +73,7 @@ If you plan to deploy **additional** tokens or vaults after core + PMM, ensure p | # | Item | Action | |---|------|--------| -| 5.1 | **DODOPMMIntegration** | Already deployed: `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`. Ensure `DODO_PMM_INTEGRATION_ADDRESS` set in .env. | +| 5.1 | **DODOPMMIntegration** | Already deployed: `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`. Ensure `DODO_PMM_INTEGRATION_ADDRESS` set in .env. | | 5.2 | **PMM pools (all three)** | cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC must be **created** (CreateCUSDTCUSDCPool, CreateCUSDTUSDTPool, CreateCUSDCUSDCPool). Use Core RPC only. | | 5.3 | **DODOPMMProvider** | Deploy via DeployDODOPMMProvider.s.sol; set `DODO_PMM_PROVIDER_ADDRESS` in .env. Register each pool: `provider.registerPool(tokenIn, tokenOut, poolAddress)`. | | 5.4 | **Liquidity (optional)** | Per pool: approve base/quote to DODOPMMIntegration, then `addLiquidity(pool, baseAmount, quoteAmount)`. See [DODO_PMM_INTEGRATION](../../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md). | diff --git a/docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md b/docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md index 9dddfeae..9235f10d 100644 --- a/docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md +++ b/docs/03-deployment/REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md @@ -1,9 +1,9 @@ # Remaining Deployments for Full Network Coverage -> Historical note (2026-03-26): this status tracker includes earlier PMM-address snapshots. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-02): this status tracker includes earlier PMM-address snapshots. The current canonical Chain 138 PMM stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Public XAU pools remain live on the older PMM phase until explicitly migrated. -**Last Updated:** 2026-03-04 -**Purpose:** Ordered list of remaining deployments to achieve **maximum effective execution across all networks** (13-chain hub model: Chain 138 + 12 edge/alt). Use after [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST](../00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md) and [DEPLOYMENT_ORDER_OF_OPERATIONS](DEPLOYMENT_ORDER_OF_OPERATIONS.md). +**Last Updated:** 2026-04-03 +**Purpose:** Ordered list of remaining deployments to achieve **maximum effective execution across all networks** (13-chain hub model: Chain 138 + 12 edge/alt). Use after [REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST](../00-meta/REQUIRED_FIXES_GAPS_AND_DEPLOYMENTS_LIST.md) and [DEPLOYMENT_ORDER_OF_OPERATIONS](DEPLOYMENT_ORDER_OF_OPERATIONS.md). Desired non-EVM targets such as **Solana** are tracked separately from this EVM / ALT matrix until a dedicated wrapped-asset and relay program is opened. **Routing context:** [routing-matrix-13x13.json](../../smom-dbis-138/real-robinhood/data/routing-matrix-13x13.json) — 138↔Celo (42220) **B/SBS** (CCIP bridges deployed 2026-03-04); 138↔Wemix (1111) **Tabled** (see below). Full coverage = all 13 chains with bridge + liquidity where designed. @@ -22,7 +22,7 @@ | B | B.2b Wemix CCIP bridges | 📋 Tabled | No route to acquire WEMIX from ETH/BNB/POLY in-repo; tabled until route exists or manual acquisition. Fund ~0.4 WEMIX ([acquire-cro-and-wemix-gas.sh](../../scripts/deployment/acquire-cro-and-wemix-gas.sh)); then `deploy-bridges-config-ready-chains.sh wemix` + complete-config. See [WEMIX_ACQUISITION_TABLED.md](WEMIX_ACQUISITION_TABLED.md). | | B | **Gnosis CCIP bridges** | ✅ Done (2026-03-04) | Deployed: WETH9 `0x4ab39b5BaB7b463435209A9039bd40Cf241F5a82`, WETH10 `0xC15ACdBAC59B3C7Cb4Ea4B3D58334A4b143B4b44`; .env updated. | | B | B.3 Fund CCIP with LINK | ⏳ Blocked | `scripts/deployment/fund-ccip-bridges-with-link.sh` run (2026-03-04): many lanes failing with insufficient LINK or gas, Chain 138 Invalid params; top up LINK balances and gas on each chain before retry. | -| C | C.1–C.2 cW* + edge pools | 📋 Runbook | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md). | +| C | C.1 token mesh complete; C.2–C.3 edge pools / stabilization pending (EVM only) | ⚠️ Partial | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md). | | D | D.1–D.4 Optional XAU/vaults/trustless | 📋 Checklist | [PHASE_D_OPTIONAL_CHECKLIST.md](PHASE_D_OPTIONAL_CHECKLIST.md). | **Latest run (same session):** A.1 mint retry → timeout again (Chain 138 RPC). complete-config → Step A/B still fail (138 tx timeout or destination already set). Gnosis bridges deployed ✅. fund-ccip → failed (Chain 138 Invalid params; other chains: insufficient LINK or gas). Cronos deploy skipped (set CRONOS_RPC and CCIP_ROUTER_CRONOS in .env). @@ -33,12 +33,12 @@ | Item | Status | Action | |------|--------|--------| -| **Core RPC 2101** | ✅ Healthy (container, besu-rpc, port 8545, chain 138, DB writable) | None. Use `RPC_URL_138=http://192.168.11.211:8545`. | -| **Tx pool** | May repopulate after clear | Run `./scripts/clear-all-transaction-pools.sh`; if mint fails with “Replacement transaction underpriced”, use `GAS_PRICE_138=500000000000` (500 gwei) when running mint. | -| **Validators** | 1000–1004 active (1004 restarted 2026-03-04) | If 1004 fails again: `ssh root@192.168.11.10 'pct exec 1004 -- systemctl restart besu-validator'`. | -| **Block production** | Stalled (blocks not advancing) | **Blocker for confirmations.** Run `./scripts/monitoring/monitor-blockchain-health.sh`; when blocks advance, mint/add-liquidity txs will confirm. | +| **Core RPC 2101** | ✅ Healthy | Use `RPC_URL_138=http://192.168.11.211:8545` for deployment. Current verification on 2026-04-02 returned all sampled RPCs healthy with head spread `0`. | +| **Tx pool** | Healthy, but still operationally watchable | Only clear tx pools if you actually hit a stuck nonce or “Replacement transaction underpriced”. | +| **Validators** | Healthy in current verification window | Continue standard validator monitoring; no active block-production blocker is open in this review. | +| **Block production** | Healthy | Blocks are advancing. Mint/add-liquidity and deploy confirmations are no longer blocked by the March 2026 stall. | -**Next steps in order:** (1) Ensure blocks are advancing (all 5 validators active, wait for sync). (2) `cd smom-dbis-138 && ./scripts/mint-for-liquidity.sh` (optionally `GAS_PRICE_138=500000000000` if pool has a stuck tx). (3) After mint confirms, optionally `--add-liquidity`. See [CORE_RPC_2101_2102_TXPOOL_ADMIN_STATUS.md](../04-configuration/CORE_RPC_2101_2102_TXPOOL_ADMIN_STATUS.md) §7–8. +**Next steps in order:** (1) Treat canonical Chain 138 stable liquidity as complete and only rebalance when treasury or routing changes require it. (2) Focus remaining operator work on cross-chain coverage gaps such as LINK funding, Cronos/Wemix readiness, and public-chain cW* edge pools. (3) Reuse the mesh-first runbooks only when explicitly extending the pool set beyond the current live stable + retained XAU pools. --- @@ -46,11 +46,11 @@ | Area | Status | |------|--------| -| Chain 138 core + PMM | **64/64** contracts (check-contracts-on-chain-138.sh; includes ISO20022Router); DODOPMMIntegration + 3 pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC) created; DODOPMMProvider deployed. | -| Chain 138 liquidity | **Re-verify required** — prior run reported cUSDT/cUSDC liquidity add; this checklist previously showed zero liquidity. Treat liquidity state as unknown until reconfirmed on-chain. | +| Chain 138 core + PMM | **67/67** contracts verified; canonical stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`, with public stable pools `0x9e89...`, `0x866c...`, `0xc39b...` live, and the cross-chain flash trio now deployed and verified. | +| Chain 138 liquidity | **Verified live** — explorer token-aggregation now persists the canonical stable pools in its DB and public quote/report endpoints are healthy. Public XAU pools remain live on the older PMM phase. | | CCIP 138 → 1, 56, 137, 10, 42161, 43114, 8453, 100, 25, **42220 (Celo)** | Configured (B/SBS). Celo CCIP bridges deployed 2026-03-04; Gnosis, Cronos config-ready; Wemix (1111) **Tabled** (no ETH/BNB/POLY→WEMIX route; see [WEMIX_ACQUISITION_TABLED.md](WEMIX_ACQUISITION_TABLED.md)). | | Alltra 138 ↔ 651940 | ALT path live. | -| cW* on public chains | cW* token addresses and bridge availability are recorded in `deployment-status.json` on active chains; PMM pool arrays are still empty, so broader public-chain routing remains partial. | +| cW* on public chains | The tracked public EVM cW token mesh is now **12/12 on all 9 active public EVM chains**, and `deployment-status.json` records those token addresses plus bridge availability. PMM pool arrays are still empty, so broader public-chain routing remains partial. Desired non-EVM targets like Solana are not part of this EVM cW pool graph yet. | | LINK for CCIP | Fund bridges per lane so cross-chain messages execute. | --- @@ -86,11 +86,13 @@ ## Phase C — Public-chain cW* and edge pools +This phase remains **EVM-only**. Non-EVM desired targets such as **Solana** require a separate relay / adapter track and a wrapped-asset program that does not yet exist in the EVM `pool-matrix` flow. + **Goal:** Enable swap-bridge-swap and arbitrage on **public chains** (cW* tokens + DODO/Uniswap edge pools per pool-matrix). | Step | Action | Ref | |------|--------|-----| -| C.1 | **Deploy or bridge cW* tokens** per chain (1, 56, 137, 10, 42161, 8453, 43114, 100, 25, 42220, 1111). Use cross-chain-pmm-lps token-map and deployment recipe; record addresses in deployment-status.json and .env. | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md), [TOKEN_CONTRACT_DEPLOYMENTS_REMAINING](../11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md) §3 | +| C.1 | **Currently loaded public EVM cW token mesh complete** for 1, 10, 25, 56, 100, 137, 42161, 42220, 43114, and 8453. Remaining token-side work is the final Wemix target plus dedicated receiver / transport promotion where needed. | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md), [TOKEN_CONTRACT_DEPLOYMENTS_REMAINING](../11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md) §3 | | C.2 | **Create and fund PMM edge pools** (cW*/USDC, cW*/USDT, etc.) per [pool-matrix.json](../../cross-chain-pmm-lps/config/pool-matrix.json). Populate deployment-status.json with pool addresses. | [PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK](PHASE_C_CW_AND_EDGE_POOLS_RUNBOOK.md), [LIQUIDITY_POOLS_MASTER_MAP](../11-references/LIQUIDITY_POOLS_MASTER_MAP.md) § Public-chain cW* | | C.3 | **Stabilization bot / peg bands** (optional): Run bot and peg-band config from cross-chain-pmm-lps for cW* peg maintenance. | [cross-chain-pmm-lps/README.md](../../cross-chain-pmm-lps/README.md) | diff --git a/docs/03-deployment/REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md b/docs/03-deployment/REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md index 316db7bf..b47aa81f 100644 --- a/docs/03-deployment/REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md +++ b/docs/03-deployment/REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md @@ -1,15 +1,15 @@ # Required Fixes and Deployments — Status -> Historical note (2026-03-26): this tracker includes earlier PMM-address snapshots. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-02): this tracker includes earlier PMM-address snapshots. The current canonical Chain 138 PMM stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Public XAU pools remain live on the older PMM phase until migrated. -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-03 ## Required fixes ### 1. RPC 2101 (Core) — read-only filesystem -- **Status:** Not fixed (host storage I/O errors). -- **Fix before deploying:** Run `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh`. No Public RPC fallback for contract deployments. +- **Status:** Healthy in the current deployment window. +- **Fix before deploying:** If Core RPC regresses to read-only, run `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh`. No Public RPC fallback for contract deployments. - **Fix:** See [RPC_2101_READONLY_FIX.md](RPC_2101_READONLY_FIX.md). ### 2. Stuck transactions @@ -20,8 +20,8 @@ ## On-chain verification (Chain 138) -**Last run (2026-03-01):** `./scripts/verify/check-contracts-on-chain-138.sh` (use Core RPC URL or run from LAN). -**Result:** **64 present, 0 missing** (64 addresses per check-contracts-on-chain-138.sh; includes ISO20022Router; live verify 2026-03-30). TransactionMirror: `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc`. Current canonical DODO cUSDT/cUSDC pool: `0xff8d3b8fDF7B112759F076B69f4271D4209C0849`. **DeployCompliantFiatTokens** was run 2026-02-27 (10 tokens: cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT); see [CHAIN138_TOKEN_ADDRESSES](../11-references/CHAIN138_TOKEN_ADDRESSES.md). Evidence: [LIVE_VERIFICATION_LOG_2026-03-30.md](../00-meta/LIVE_VERIFICATION_LOG_2026-03-30.md). +**Last run (2026-04-03):** `./scripts/verify/check-contracts-on-chain-138.sh` (use Core RPC URL or run from LAN). +**Result:** **75 present, 0 missing** (75 addresses per `check-contracts-on-chain-138.sh`; includes ISO20022Router, the cross-chain flash trio, and the router-v2 execution stack). TransactionMirror: `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc`. Canonical stable PMM pools: cUSDT/cUSDC `0x9e89bAe009adf128782E19e8341996c596ac40dC`, cUSDT/USDT `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, cUSDC/USDC `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`. Cross-chain flash infra: adapter `0xBe9e0B2d4cF6A3b2994d6f2f0904D2B165eB8ffC`, repay receiver `0xD084b68cB4B1ef2cBA09CF99FB1B6552fd9b4859`, vault credit receiver `0x89F7a1fcbBe104BeE96Da4b4b6b7d3AF85f7E661`. Router-v2 execution stack: router `0xF1c93F54A5C2fc0d7766Ccb0Ad8f157DFB4C99Ce`, coordinator `0x7D0022B7e8360172fd9C0bB6778113b7Ea3674E7`, DODO v3 adapter `0x9Cb97adD29c52e3B81989BcA2E33D46074B530eF`. **DeployCompliantFiatTokens** was run 2026-02-27 (10 tokens: cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT); see [CHAIN138_TOKEN_ADDRESSES](../11-references/CHAIN138_TOKEN_ADDRESSES.md). --- @@ -30,7 +30,14 @@ | Item | Address | Status | |------|---------|--------| | TransactionMirror | `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc` | Deployed 2026-02-27. Set `TRANSACTION_MIRROR_ADDRESS` in smom-dbis-138/.env. | -| DODO cUSDT/cUSDC pool | 0xff8d3b8fDF7B112759F076B69f4271D4209C0849 | Current canonical public pool on corrected stack. Add liquidity via [ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK](ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md). | +| DODOPMMIntegration | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` | Current canonical official-DVM-backed stable integration. | +| DODOPMMProvider | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` | Current canonical provider for the stable pool set. | +| DODO cUSDT/cUSDC pool | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | Current canonical public stable pool. | +| DODO cUSDT/USDT pool | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | Current canonical public stable pool. | +| DODO cUSDC/USDC pool | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | Current canonical public stable pool. | +| UniversalCCIPFlashBridgeAdapter | `0xBe9e0B2d4cF6A3b2994d6f2f0904D2B165eB8ffC` | Deployed and Blockscout-verified 2026-04-03. | +| CrossChainFlashRepayReceiver | `0xD084b68cB4B1ef2cBA09CF99FB1B6552fd9b4859` | Deployed and Blockscout-verified 2026-04-03. | +| CrossChainFlashVaultCreditReceiver | `0x89F7a1fcbBe104BeE96Da4b4b6b7d3AF85f7E661` | Deployed and Blockscout-verified 2026-04-03. | | Compliant Fiat (10 tokens) | See CHAIN138_TOKEN_ADDRESSES | Deployed via DeployCompliantFiatTokens 2026-02-27. | --- @@ -38,7 +45,7 @@ ## Completion (run from LAN) 0. **If Core RPC was read-only:** `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh` (must pass). See [RPC_2101_READONLY_FIX.md](RPC_2101_READONLY_FIX.md). -1. Optional: `./scripts/clear-all-transaction-pools.sh` then wait 60s if nonce stuck. -2. `./scripts/deployment/deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh` (Core RPC only; checks nonce, RPC, gas; deploys mirror then pool). -3. Set `TRANSACTION_MIRROR_ADDRESS` in `smom-dbis-138/.env` to the logged address. -4. `./scripts/verify/check-contracts-on-chain-138.sh` (pass Core RPC URL or use RPC_URL_138) — target **61** present per current script list (run check-contracts-on-chain-138.sh). +1. Optional: `./scripts/clear-all-transaction-pools.sh` then wait 60s if nonce is stuck. +2. For stable-pool verification: `./scripts/verify/check-pmm-pool-balances-chain138.sh` and `pnpm run verify:token-aggregation-api`. +3. For redeploy / rebuild only: use `./scripts/deployment/deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh` or the mesh-first pool creation flow in [PRE_DEPLOYMENT_CHECKLIST.md](PRE_DEPLOYMENT_CHECKLIST.md). +4. `./scripts/verify/check-contracts-on-chain-138.sh` (pass Core RPC URL or use `RPC_URL_138`) — target **75/75** present. diff --git a/docs/03-deployment/SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md b/docs/03-deployment/SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md index 1f8556ff..66ea64b6 100644 --- a/docs/03-deployment/SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md +++ b/docs/03-deployment/SANKOFA_IT_OPS_KEYCLOAK_PORTAL_NEXT_STEPS.md @@ -19,10 +19,12 @@ One command after `.env` has `NPM_PASSWORD`, Cloudflare vars (for DNS), and SSH ## 1. Keycloak -1. Create realm role **`sankofa-it-admin`** (idempotent): `bash scripts/deployment/keycloak-sankofa-ensure-it-admin-role.sh` (needs `KEYCLOAK_ADMIN_PASSWORD` in repo `.env`, SSH to Proxmox, CT 7802). Then assign the role to IT staff in the Keycloak Admin Console (or use a group + token mapper if you prefer group claims). -2. Map **only** platform IT staff; require **MFA** at realm or IdP policy. -3. **Do not** reuse client-admin groups used for `admin.sankofa.nexus` tenant administration unless policy explicitly allows. -4. Optional: client scope **it-ops** with claim `it_admin=true` for the IT BFF audience. +1. Create realm role **`sankofa-it-admin`** (idempotent): `bash scripts/deployment/keycloak-sankofa-ensure-it-admin-role.sh` (needs `KEYCLOAK_ADMIN_PASSWORD` in repo `.env`, SSH to Proxmox, CT 7802). +2. Create group **`sankofa-it-admin`** and map the realm role onto it: `bash scripts/deployment/keycloak-sankofa-ensure-it-admin-group.sh`. Add IT users under **Groups → sankofa-it-admin → Members** (or assign the role directly to users if you skip the group). +3. **MFA policy (required for IT):** In Keycloak Admin → **Authentication** → **Required actions**: ensure **Configure OTP** is available. For realm **master** (or your Sankofa realm if split): **Realm settings** → **Security defences** / **Authentication** flows: add **OTP** to the browser flow for IT accounts, or enforce MFA at the corporate IdP (Azure AD / Google) that federates into Keycloak. Minimum bar: IT staff must not use password-only access to `/it` or break-glass SSH; document exception process in your security policy. +4. Map **only** platform IT staff; do not grant `sankofa-it-admin` to tenant client admins by default. +5. **Do not** reuse client-admin groups used for `admin.sankofa.nexus` tenant administration unless policy explicitly allows. +6. Optional: client scope **it-ops** with claim `it_admin=true` for the IT BFF audience. **Reference:** Keycloak CT / VMID in [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md); portal login runbook `scripts/deployment/enable-sankofa-portal-login-7801.sh`. @@ -30,7 +32,7 @@ One command after `.env` has `NPM_PASSWORD`, Cloudflare vars (for DNS), and SSH ## 2. Sankofa portal (`Sankofa/portal` repo) -1. **Implemented:** protected route **`/it`** (`src/app/it/page.tsx`) gated by **`sankofa-it-admin`** / **`ADMIN`** (credentials bootstrap). API proxies: `GET /api/it/drift`, `GET /api/it/inventory`, `POST /api/it/refresh`. +1. **Implemented:** protected route **`/it`** (`src/app/it/page.tsx`) gated by **`sankofa-it-admin`** / **`ADMIN`** (credentials bootstrap). API proxies: `GET /api/it/drift`, `GET /api/it/inventory`, `GET /api/it/summary`, `GET /api/it/portmap`, `POST /api/it/refresh`. 2. **Configure on CT 7801:** **`IT_READ_API_URL`** (e.g. `http://192.168.11.:8787`) and optional **`IT_READ_API_KEY`** (server-only; never `NEXT_PUBLIC_*`). Proxies to the read API on VLAN 11. 3. **Do not** expose `IT_READ_API_KEY` or Proxmox credentials to the browser bundle. 4. Display **`collected_at`** from JSON; show a stale warning if older than your SLO (e.g. 24h). diff --git a/docs/03-deployment/SANKOFA_IT_OPS_LIVE_INVENTORY_SCRIPTS.md b/docs/03-deployment/SANKOFA_IT_OPS_LIVE_INVENTORY_SCRIPTS.md index 3ebdbfd5..2e46671a 100644 --- a/docs/03-deployment/SANKOFA_IT_OPS_LIVE_INVENTORY_SCRIPTS.md +++ b/docs/03-deployment/SANKOFA_IT_OPS_LIVE_INVENTORY_SCRIPTS.md @@ -10,8 +10,12 @@ | `scripts/it-ops/lib/collect_inventory_remote.py` | Run on PVE via SSH stdin (`python3 -`) | | `scripts/it-ops/compute_ipam_drift.py` | Local: merge live JSON + `config/ip-addresses.conf` + **`ALL_VMIDS_ENDPOINTS.md`** pipe tables (`--all-vmids-md`) | | `scripts/it-ops/export-live-inventory-and-drift.sh` | Orchestrator: ping seed, SSH, write `reports/status/` | -| `services/sankofa-it-read-api/server.py` | Read-only HTTP: `/v1/inventory/live`, `/v1/inventory/drift` | +| `services/sankofa-it-read-api/server.py` | Read-only HTTP: `/v1/summary`, `/v1/collector-contract`, `/v1/portmap/joined`, `/v1/inventory/*` | +| `scripts/it-ops/persist-it-snapshot-sqlite.py` | Optional SQLite append when **`IT_BFF_SNAPSHOT_DB`** is set (export hook) | | `.github/workflows/live-inventory-drift.yml` | `workflow_dispatch` + weekly (graceful skip without LAN) | +| `.gitea/workflows/live-inventory-hardware-weekly.yml` | Weekly hardware poll + export (Gitea Actions) | + +On the **seed PVE**, set **`IT_COLLECT_IP_NEIGH=1`** when piping the collector to include an `ip_neigh_vmbr0_sample` block on nodes with `vmbr0`. **Exit codes (`compute_ipam_drift.py`):** **2** = same LAN IP used by guests with **different** names (address conflict). **0** otherwise. Guests that share an IP but share the **same** hostname (e.g. clone pairs) are listed under **`same_name_duplicate_ip_guests`** only (informational). **`vmid_ip_mismatch_live_vs_all_vmids_doc`** is informational (docs often lag live CT config). diff --git a/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md b/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md index abd1304f..66b9eec0 100644 --- a/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md +++ b/docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md @@ -1,6 +1,6 @@ # Sankofa Studio (FusionAI Creator) — Proxmox Deployment -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-05 **Status:** Active **White-label URL:** [https://studio.sankofa.nexus](https://studio.sankofa.nexus) @@ -24,6 +24,7 @@ - **Single LXC** runs Docker and the FusionAI Creator stack (orchestrator API, worker, Redis, audio/image/video/ue5_export services). - **API** listens on `0.0.0.0:8000`; NPMplus proxies `studio.sankofa.nexus` → `http://192.168.11.72:8000`. +- **App-owned root redirect:** `https://studio.sankofa.nexus/` returns **302** to `/studio/` from the FusionAI app itself, so NPMplus can stay generic with no custom per-host redirect block. - **Studio UI** at `https://studio.sankofa.nexus/studio/`; **Marketplace landing** at `https://studio.sankofa.nexus/marketplace/landing.html`. For scaled-out deployment (separate VMs per service), see FusionAI Creator [service-topology](https://gitea.d-bis.org/d-bis/FusionAI-Creator/src/branch/main/docs/specs/service-topology.md) and optional runbook updates. @@ -93,6 +94,7 @@ PROXMOX_HOST=192.168.11.11 REPO_URL=https://gitea.d-bis.org/d-bis/FusionAI-Creat - **Forward hostname / IP:** `192.168.11.72` - **Forward port:** `8000` 2. Request **SSL certificate** (Let's Encrypt or Cloudflare Origin) and enable **Force SSL**. +3. Leave `advanced_config` empty for this host. The app already owns the `/` → `/studio/` redirect and the edge does not need a Studio-specific override. --- @@ -130,6 +132,7 @@ Or SSH into the container and run the same. ## Health and verification - **Health:** `curl -s http://192.168.11.72:8000/health` +- **Root redirect:** `curl -I http://192.168.11.72:8000/` - **Studio UI:** https://studio.sankofa.nexus/studio/ - **Marketplace landing:** https://studio.sankofa.nexus/marketplace/landing.html diff --git a/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md b/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md index 3663b6db..c0f443c2 100644 --- a/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md +++ b/docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md @@ -1,6 +1,6 @@ # Sankofa Studio — E2E Flow (studio.sankofa.nexus → 192.168.11.72:8000) -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-05 **Purpose:** Execute the full E2E flow for Sankofa Studio (FusionAI Creator) at https://studio.sankofa.nexus. --- @@ -57,6 +57,8 @@ cd /home/intlc/projects/proxmox bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh ``` +If the host already exists, the helper now preserves its current certificate and `Force SSL` state while resetting Studio-specific `advanced_config` back to empty. + Then request SSL for the host (one of the hosts without a cert): ```bash @@ -71,6 +73,7 @@ FIRST_ONLY=1 bash scripts/request-npmplus-certificates.sh - **Scheme:** HTTP - **Forward hostname / IP:** `192.168.11.72` - **Forward port:** `8000` + - **Advanced config:** leave empty; the app itself redirects `/` to `/studio/` 2. **SSL:** Request certificate (Let's Encrypt or Cloudflare Origin), enable **Force SSL**. --- @@ -105,6 +108,7 @@ This creates/updates **A** `studio.sankofa.nexus` → `76.53.10.36` (or `PUBLIC_ ```bash curl -s http://192.168.11.72:8000/health +curl -I http://192.168.11.72:8000/ curl -s http://192.168.11.72:8000/studio/ -o /dev/null -w "%{http_code}\n" ``` @@ -120,6 +124,7 @@ bash scripts/verify/verify-end-to-end-routing.sh --profile=public **Browser:** +- Root redirect: https://studio.sankofa.nexus/ -> `/studio/` - Studio UI: https://studio.sankofa.nexus/studio/ - Marketplace landing: https://studio.sankofa.nexus/marketplace/landing.html diff --git a/docs/03-deployment/SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md b/docs/03-deployment/SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md index 8a1ab245..ad9d0ebf 100644 --- a/docs/03-deployment/SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md +++ b/docs/03-deployment/SINGLE_SIDED_LPS_PUBLIC_NETWORKS_RUNBOOK.md @@ -22,6 +22,21 @@ The source of truth is **cross-chain-pmm-lps/config/pool-matrix.json**: - **chains[chainId].poolsFirst:** List of pools to deploy first (e.g. `cWUSDT/USDC`, `cWUSDC/USDC`, …). - **chains[chainId].poolsOptional:** Optional extra quote stables (e.g. `cWUSDT/USDT`, `cWUSDT/DAI`). +The matrix now includes the full GRU Wave 1 wrapped set: + +- `cWEURC` +- `cWEURT` +- `cWGBPC` +- `cWGBPT` +- `cWAUDC` +- `cWJPYC` +- `cWCHFC` +- `cWCADC` +- `cWXAUC` +- `cWXAUT` + +This is a design / deployment queue update, not proof that those pools are live. + --- ## 3. Prerequisites per chain @@ -64,6 +79,12 @@ From repo root, run: This script reads **cross-chain-pmm-lps/config/pool-matrix.json** and prints, per chain, the list of **cW* / HUB** pools to create (and optional pools). Use the output to drive deployment (manual or via a deploy script that calls the appropriate factory on each chain). +For the GRU-specific operator queue, use: + +```bash +bash scripts/verify/check-gru-v2-deployment-queue.sh +``` + --- ## 6. Deployment status and MCP allowlist source diff --git a/docs/03-deployment/UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md b/docs/03-deployment/UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md index 6e614cf3..531a09af 100644 --- a/docs/03-deployment/UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md +++ b/docs/03-deployment/UNDEPLOYED_CONTRACTS_PRE_DEPLOYMENT_TASKS.md @@ -1,17 +1,17 @@ # Undeployed Contracts — Pre-Deployment Tasks -> Historical note (2026-03-26): this pre-deployment checklist preserves an earlier PMM bring-up phase. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-02): this pre-deployment checklist preserves earlier PMM bring-up phases. The current canonical Chain 138 PMM stable stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Public XAU pools remain on the older PMM phase until explicitly migrated. -**Last Updated:** 2026-02-28 -**Execution summary (2026-02-27):** On-chain verification **36/38**. Two missing: TransactionMirror (set `TRANSACTION_MIRROR_ADDRESS` in .env from script output) and DODO cUSDT/cUSDC pool (0x9fcB...). **Deploy uses Core RPC only.** Before deploy: if Core was read-only, run `./scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh` then `./scripts/maintenance/health-check-rpc-2101.sh`. See [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md](REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md), [RPC_2101_READONLY_FIX.md](RPC_2101_READONLY_FIX.md). +**Last Updated:** 2026-04-03 +**Execution summary (2026-04-03):** On-chain verification is now **67/67 present, 0 missing** on Chain 138. The canonical stable PMM stack is live, the explorer token-aggregation deployment persists the three canonical stable pools in its database, the cross-chain flash trio is deployed and Blockscout-verified, and the `EnhancedSwapRouter` dry-run now succeeds when invoked through the standard project env loader. The remaining router blocker is functional, not deploy-script-related: `swapToStablecoin()` still needs at least one live WETH-to-stable route on Chain 138. -**Execution summary (2026-02-26):** **All runnable tasks executed.** Env check, unified deploy dry-run, PMM pool dry-run, on-chain verification (36/36), deploy-optional-future-all --dry-run, fund-ccip-bridges-with-link --dry-run, check-balances-gas-and-deploy.sh, get-multichain-gas-prices.sh all completed. Mainnet dry-run and TransactionMirror simulate started (mainnet compiles CCIP bridges; run to completion when mainnet RPC is responsive). Previous: 1.x wallet/gas, 2.x gas API and estimates, 3.1 unified deploy dry-run (RPC + init fixes in smom-dbis-138), 3.2 DeployDeterministicCore simulated, 3.3 PMM pool script dry-run, 3.4 TransactionMirror, 3.6 optional-future, 3.7 fund-ccip dry-run, 4.6 on-chain verification (36/36). Optional env vars added to `smom-dbis-138/.env` when missing: `DODO_PMM_INTEGRATION_ADDRESS` and `QUOTE_TOKEN_ADDRESS` (public addresses only). PMM and unified deploy dry-runs now work with the hardened env loader (no inline env). Remaining: 3.5 mainnet dry-run (run when mainnet RPC is reachable); 4.1–4.5 post-deploy validation when components are deployed. +**Historical execution summary (2026-02-26):** **All runnable tasks executed for that earlier phase.** Env check, unified deploy dry-run, PMM pool dry-run, on-chain verification (36/36 at that time), deploy-optional-future-all --dry-run, fund-ccip-bridges-with-link --dry-run, check-balances-gas-and-deploy.sh, get-multichain-gas-prices.sh all completed. Mainnet dry-run and TransactionMirror simulate started (mainnet compiles CCIP bridges; run to completion when mainnet RPC is responsive). Previous: 1.x wallet/gas, 2.x gas API and estimates, 3.1 unified deploy dry-run (RPC + init fixes in smom-dbis-138), 3.2 DeployDeterministicCore simulated, 3.3 PMM pool script dry-run, 3.4 TransactionMirror, 3.6 optional-future, 3.7 fund-ccip dry-run, 4.6 on-chain verification (36/36 at that time). Optional env vars added to `smom-dbis-138/.env` when missing: `DODO_PMM_INTEGRATION_ADDRESS` and `QUOTE_TOKEN_ADDRESS` (public addresses only). PMM and unified deploy dry-runs now work with the hardened env loader (no inline env). Remaining at that historical point: 3.5 mainnet dry-run (run when mainnet RPC is reachable); 4.1–4.5 post-deploy validation when components are deployed. **Source:** [AI_AGENTS_57XX_MCP_CONTRACTS_AND_CHAINS.md](../02-architecture/AI_AGENTS_57XX_MCP_CONTRACTS_AND_CHAINS.md), [DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md](../11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md), [DEPLOYED_CONTRACTS_OVERVIEW](../../smom-dbis-138/docs/deployment/DEPLOYED_CONTRACTS_OVERVIEW.md), [deployment-status.json](../../cross-chain-pmm-lps/config/deployment-status.json) This checklist covers: **testing** anything not yet deployed, **checking deployer wallet gas**, **using the gas API to estimate deployment costs**, and **dry-running deployments** before live execution. -**Optional env vars (add/set when needed):** In `smom-dbis-138/.env`, if missing, add (public addresses only): `DODO_PMM_INTEGRATION_ADDRESS=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`, `DODO_PMM_PROVIDER_ADDRESS=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`, `QUOTE_TOKEN_ADDRESS=0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2` so PMM pool script and dry-runs work with the current env flow. Check: `./scripts/deployment/check-env-required.sh`. +**Optional env vars (add/set when needed):** In `smom-dbis-138/.env`, if missing, add (public addresses only): `DODO_PMM_INTEGRATION_ADDRESS=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODO_PMM_PROVIDER_ADDRESS=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`, `QUOTE_TOKEN_ADDRESS=0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2` so PMM pool scripts and dry-runs follow the current env flow. Check: `./scripts/deployment/check-env-required.sh`. --- @@ -82,16 +82,16 @@ This checklist covers: **testing** anything not yet deployed, **checking deploye ## 4. Test anything not deployed (validation / unit / script) -- [ ] **4.1** **PMM pools (Chain 138):** Create cUSDT/cUSDC pool with `forge script script/dex/CreateCUSDTCUSDCPool.s.sol:CreateCUSDTCUSDCPool --rpc-url $RPC_URL_138 --broadcast --private-key $PRIVATE_KEY --with-gas-price 1000000000` (script: `smom-dbis-138/script/dex/CreateCUSDTCUSDCPool.s.sol`). Requires POOL_MANAGER_ROLE on DODOPMMIntegration. If you see "Replacement transaction underpriced", a tx is pending at that nonce; wait for it to be mined or clear mempool, then retry with same or higher gas. After creation, test: `getMidPrice`, `getOraclePrice`, `getBaseReserve`, `getQuoteReserve` on pool address; confirm MCP `dodo.get_pool_state` and `dodo.identify_pool_interface` work with that address in allowlist. -- [ ] **4.2** **DODOPMMProvider:** Not deployed; implementation placeholder. When implemented, add unit tests and a script dry-run for deployment. -- [ ] **4.3** **TransactionMirror (Chain 138):** Deploy with `forge script script/DeployTransactionMirror.s.sol:DeployTransactionMirror --rpc-url $RPC_URL_138 --broadcast --private-key $PRIVATE_KEY --with-gas-price 1000000000`. If you see "Known transaction", the tx may be pending or already mined; check code at the logged address. Then test mirror receive path. -- [ ] **4.4** **EnhancedSwapRouter:** Not deployed. When Uniswap/Balancer pools exist on 138, run deploy script with `--dry-run` and test quote path. +- [x] **4.1** **PMM pools (Chain 138):** The canonical stable pools are already live on the current stack: cUSDT/cUSDC `0x9e89bAe009adf128782E19e8341996c596ac40dC`, cUSDT/USDT `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, cUSDC/USDC `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`. Use `bash scripts/verify/check-pmm-pool-balances-chain138.sh` to verify reserves, or `./scripts/deployment/create-all-pmm-pools-chain138.sh` only if you are explicitly rebuilding the stable stack. +- [x] **4.2** **DODOPMMProvider:** Already deployed on the canonical stable stack at `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. Use desired-state sync / registration scripts if the stable pool set changes. +- [x] **4.3** **TransactionMirror (Chain 138):** Already deployed at `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc`. Keep `TRANSACTION_MIRROR_ADDRESS` in `.env` aligned and test the mirror receive path after any related contract changes. +- [ ] **4.4** **EnhancedSwapRouter:** Deployment dry-run is now healthy, but live `swapToStablecoin()` is still blocked because Chain 138 does not yet have a WETH-to-stable route on any enabled provider. Re-run `bash scripts/deployment/dry-run-enhanced-swap-router-chain138.sh --run` after any WETH route change. - [ ] **4.5** **cW* tokens and PMM pools on public chains (1, 56, 137, etc.):** No addresses in deployment-status. No deployment from this repo yet. When you have a deployment path (bridge + factory or DODO), run gas estimate and dry-run per chain. -- [x] **4.6** **On-chain verification (64 addresses; check-contracts-on-chain-138.sh):** After any new deployment, run: +- [x] **4.6** **On-chain verification (67 addresses; check-contracts-on-chain-138.sh):** After any new deployment, run: ```bash ./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL] ``` - Includes TransactionMirror and DODO cUSDT/cUSDC pool in the list. Last run: 36 present, 2 missing; see [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS](REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md). + Includes TransactionMirror, the canonical stable pools, ISO20022Router, and the cross-chain flash trio in the list. Last run: 67 present, 0 missing; see [REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS](REQUIRED_FIXES_AND_DEPLOYMENTS_STATUS.md). --- @@ -99,10 +99,10 @@ This checklist covers: **testing** anything not yet deployed, **checking deploye | Chain | Item | Action for estimate / dry-run | |-------|------|-------------------------------| -| **138** | PMM pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC) | Estimate: `createPool` / `createCUSDTCUSDCPool` gas. Dry-run: pool-creation script or `cast send --dry-run`. | -| **138** | TransactionMirror | `forge script` or `forge create` with `--dry-run` / `cast estimate`. | -| **138** | DODOPMMProvider | When implemented: script dry-run + unit tests. | -| **138** | EnhancedSwapRouter | When pools exist: script dry-run. | +| **138** | PMM pools (cUSDT/cUSDC, cUSDT/USDT, cUSDC/USDC) | Already live on the canonical stable stack. Estimate or dry-run only when rebuilding or extending the current pool set. | +| **138** | TransactionMirror | Already deployed. Use dry-run or gas estimate only if redeploying. | +| **138** | DODOPMMProvider | Already deployed on the canonical stable stack. Desired-state sync only if pool mappings change. | +| **138** | EnhancedSwapRouter | Dry-run is healthy today; do not broadcast until at least one live WETH-to-stable route exists if `swapToStablecoin()` is required. | | **1** | (Trustless stack deployed; no new DODO from repo) | Gas estimate only if adding contracts. | | **56, 137, 10, 100, 25, 42161, 8453, 42220, 1111, 43114** | cW* tokens, PMM pools | When deployment path exists: per-chain gas estimate + deploy script dry-run. | diff --git a/docs/03-deployment/USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md b/docs/03-deployment/USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md new file mode 100644 index 00000000..df919aec --- /dev/null +++ b/docs/03-deployment/USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md @@ -0,0 +1,178 @@ +# USDW Public Wrap Vault Runbook + +**Purpose:** Deploy and configure the public-chain native `USDW` -> `cWUSDW` wrap vault so the same `cWUSDW` contract can serve both: + +- native public-chain `USDW` wrapping / unwrapping, and +- GRU bridge mint / burn from Chain 138 `cUSDW` + +**Current status:** repo-local contract, tests, and deploy scripts are ready; live BSC / Polygon deployment and role wiring remain operator work. + +--- + +## 1. Scope and chain posture + +| Chain | Native `USDW` source | `cWUSDW` status | Wrap vault status | +|-------|-----------------------|-----------------|------------------| +| 56 (BSC) | `dwinUsdWinPublic.chains.56.usdwCurrent` | Existing `cWUSDW` re-used | Ready to deploy | +| 137 (Polygon) | `dwinUsdWinPublic.chains.137.usdwCurrent` | Native `USDW` exists; must deploy `cWUSDW` first | Ready after `cWUSDW` exists | +| 43114 (Avalanche) | No native CMC-listed USD DWIN pinned in repo | Existing bridge-only `cWUSDW` | Do not deploy wrap vault unless issuer publishes native `USDW` on Avalanche | + +--- + +## 2. Repo artifacts + +- Contract: `smom-dbis-138/contracts/bridge/integration/USDWPublicWrapVault.sol` +- Deploy script: `smom-dbis-138/script/deploy/DeployUSDWPublicWrapVault.s.sol` +- Tests: `smom-dbis-138/test/bridge/USDWPublicWrapVault.t.sol` +- cW token deploy script: `smom-dbis-138/script/deploy/DeployCWTokens.s.sol` +- Checklist: `docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md` + +--- + +## 3. Design notes + +- The vault locks native public-chain `USDW` and mints `cWUSDW` after decimal normalization. +- The same `cWUSDW` supply can also be minted by the GRU bridge on inbound transfers from Chain 138. +- The vault intentionally allows pooled convertibility: bridge-minted `cWUSDW` can unwrap if enough native `USDW` liquidity is present. +- The current conservative implementation does **not** let admins withdraw the underlying native `USDW` reserve. Only non-underlying stray tokens can be recovered. + +That choice avoids creating an insolvency path before the repo has a fuller reserve-liability model for mixed vault and bridge issuance. + +--- + +## 4. Deploy `cWUSDW` + +### BSC + +Reuse the existing `cWUSDW`: + +- `0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55` + +Do **not** redeploy unless you intentionally want a separate token surface, which this repo does not recommend. + +### Polygon + +The native Polygon `USDW` leg already exists in repo config. The remaining missing token is the GRU mirror `cWUSDW`. + +Deploy a new `cWUSDW`: + +```bash +cd smom-dbis-138 +DEPLOY_CWUSDT=0 \ +DEPLOY_CWUSDC=0 \ +DEPLOY_CWUSDW=1 \ +CW_BRIDGE_ADDRESS=0xYourPolygonBridge \ +forge script script/deploy/DeployCWTokens.s.sol \ + --rpc-url "$POLYGON_RPC_URL" \ + --broadcast +``` + +After deployment: + +1. Record the `cWUSDW` address. +2. Update `config/token-mapping-multichain.json` `dwinUsdWinPublic.chains.137.cwUsdwBridgeMirror`. +3. Set `Compliant_USDW_cW.addressTo` for `138 -> 137`. +4. Align `cross-chain-pmm-lps/config/deployment-status.json`. + +--- + +## 5. Deploy the wrap vault + +### Required env + +- `PRIVATE_KEY` +- `USDW_NATIVE_ADDRESS` +- `CWUSDW_ADDRESS` + +### Optional env + +- `USDW_WRAP_ADMIN` +- `USDW_WRAP_OPERATOR` +- `USDW_WRAP_EMERGENCY_ADMIN` +- `USDW_WRAP_GRANT_TOKEN_ROLES=1` +- `USDW_WRAP_STRICT_ADMIN=1` + +### Example + +```bash +cd smom-dbis-138 +USDW_NATIVE_ADDRESS=0xed75ad08f416d4e53e4d45dd5140a4c8b84f39fb \ +CWUSDW_ADDRESS=0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55 \ +USDW_WRAP_GRANT_TOKEN_ROLES=1 \ +forge script script/deploy/DeployUSDWPublicWrapVault.s.sol \ + --rpc-url "$BSC_RPC_URL" \ + --broadcast +``` + +If the caller is not `DEFAULT_ADMIN_ROLE` on `cWUSDW`, leave `USDW_WRAP_GRANT_TOKEN_ROLES=0` and grant roles separately from the token admin. + +--- + +## 6. Required role wiring + +`cWUSDW` must grant both roles to: + +- the GRU public-chain bridge +- the `USDWPublicWrapVault` + +Required roles: + +- `MINTER_ROLE` +- `BURNER_ROLE` + +Recommended admin posture: + +- keep operational roles unfrozen until both bridge and vault are confirmed +- freeze operational roles only after final role recipients are set and audited + +--- + +## 7. Seed and verify liquidity + +Seed native `USDW` into the vault before relying on pooled unwrap: + +```bash +# approve native USDW to the vault, then seed from a reserve operator account +``` + +Minimum checks after deploy: + +1. `previewWrap(1 native token)` returns `1` token worth of `cWUSDW` units after decimal normalization. +2. `wrap(...)` mints `cWUSDW`. +3. `unwrap(...)` burns `cWUSDW` and releases native `USDW`. +4. Bridge-minted `cWUSDW` can unwrap against seeded liquidity. + +--- + +## 8. Activation gate + +Do **not** activate `cUSDW` in `config/gru-transport-active.json` until all of the following are true: + +1. Polygon `cWUSDW` is deployed and recorded. +2. Bridge and wrap-vault minter / burner roles are verified. +3. Public-chain native `USDW` decimals are confirmed on-chain and documented. +4. Reserve / outstanding-limit policy is decided for `cUSDW`. +5. `bash scripts/validation/validate-config-files.sh` passes after the config changes. + +At that point: + +1. add `cUSDW` to `enabledCanonicalTokens` +2. set Polygon `Compliant_USDW_cW.addressTo` +3. add transport pairs / max outstanding / optional reserve verifier entries + +--- + +## 9. Verification + +Local repo verification: + +```bash +cd smom-dbis-138 +forge test --match-path test/bridge/USDWPublicWrapVault.t.sol +``` + +Workspace validation: + +```bash +bash scripts/validation/validate-config-files.sh +``` diff --git a/docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md b/docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md new file mode 100644 index 00000000..c8949279 --- /dev/null +++ b/docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md @@ -0,0 +1,114 @@ +# USD DWIN (CMC) ↔ cUSDW / cWUSDW — Completed Practical Checklist + +**Status:** Config, documentation, and repo-local contract scaffolding complete; live deployment of the wrap vault, Polygon `cWUSDW`, and GRU transport activation for `cUSDW` remain operator work. +**Listing reference:** [CoinMarketCap — USD DWIN](https://coinmarketcap.com/currencies/usd-dwin/) +**Issuer migration notes:** [usddwin.com migration (BNB Chain)](https://usddwin.com/migration-binance-chain/) + +--- + +## 1. Pin post-swap public contract addresses (done in repo) + +Verified from the CMC page (April 2026): + +| Network | Chain ID | Role | Address | +|---------|----------|------|---------| +| BSC | 56 | **Current** USD DWIN (USDW) | `0xed75ad08f416d4e53e4d45dd5140a4c8b84f39fb` | +| BSC | 56 | Deprecated (1:1 swap source) | `0xabddb950f2ae8430c5a818f8bb4ec09e3ae41253` | +| Polygon | 137 | **Current** USD DWIN (USDW) | `0x3deb0c60f0be9d9b99da83a2b6b2ee790f5af37a` | +| Polygon | 137 | Deprecated | `0x60f7dd499956ec8fcea8ed80e9d7eade4ccdc417` | + +**Single source in repo:** `config/token-mapping-multichain.json` → object **`dwinUsdWinPublic`**. + +**Operator follow-up:** Call `decimals()` on each current contract and record the result next to `decimalsNote` in that JSON after verification. The wrap adapter must normalize to the same base unit as **cUSDW / cWUSDW (6)** on Chain 138 for bridge accounting. + +--- + +## 2. Decision: use existing cWUSDW for BSC and Avalanche (done) + +| Chain | cWUSDW (GRU mirror, repo) | Use for DWIN wrap + bridge? | +|-------|---------------------------|-----------------------------| +| BSC 56 | `0xC2FA05F12a75Ac84ea778AF9D6935cA807275E55` | **Yes** — same token should implement both (a) mint/burn from GRU CCIP receiver and (b) mint/burn from a DWIN lock vault, with one supply invariant. | +| Avalanche 43114 | `0xcfdCe5E660FC2C8052BDfa7aEa1865DD753411Ae` | **Bridge-only today** — CMC does not list a native USD DWIN ERC-20 on Avalanche in `dwinUsdWinPublic`. No public unwrap target until the issuer deploys or lists one. | +| Polygon 137 | Native public `USDW` already pinned in `dwinUsdWinPublic`; `cWUSDW` not yet deployed | **Deploy** a Polygon **cWUSDW**, align with `deployment-status.json` and `Compliant_USDW_cW` (currently `addressTo` zero placeholder). | + +Do **not** redeploy BSC cWUSDW unless you are intentionally splitting “bridge cWUSDW” from “DWIN-wrapped cWUSDW” (not recommended). + +--- + +## 3. Implement wrap / unwrap + GRU bridge wiring + +**Repo scaffolding now present:** + +- Contract: `smom-dbis-138/contracts/bridge/integration/USDWPublicWrapVault.sol` +- Deploy script: `smom-dbis-138/script/deploy/DeployUSDWPublicWrapVault.s.sol` +- cW deploy support: `smom-dbis-138/script/deploy/DeployCWTokens.s.sol` now supports `DEPLOY_CWUSDW=1` +- Detailed operator runbook: `docs/03-deployment/USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md` + +**Still required as operator work:** + +1. **Wrap module (per chain with native DWIN USDW)** + - Lock `dwinUsdWinPublic.chains..usdwCurrent` in a vault. + - Mint **cWUSDW** to the user (same contract as `cwUsdwBridgeMirror`). + - **Unwrap:** burn cWUSDW, release locked USDW to the user. + - Enforce **MINTER_ROLE** / **BURNER_ROLE** only for this module and the existing GRU L2 bridge (see `docs/07-ccip/CW_BRIDGE_APPROACH.md`, `CWMultiTokenBridgeL2.sol`, `CompliantWrappedToken`). + +2. **Inbound to Chain 138** + - After wrap, user or relayer uses the **GRU** path: burn/lock **cWUSDW** on public, mint/unlock **cUSDW** on 138 (`0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e`) per the chosen bridge stack. + +3. **Outbound from Chain 138** + - Lock **cUSDW** on 138, mint **cWUSDW** on destination; user **unwraps** to native DWIN USDW where a public leg exists. + +4. **Security** + - Single ledger: `circulating cWUSDW ≤ locked DWIN USDW + bridge liability from cUSDW` (adjust formula to your exact lock/mint ordering). + - Add **CWReserveVerifier** / outstanding limits when enabling transport for cUSDW in `config/gru-transport-active.json` (pattern matches cUSDT/cUSDC). + +**Important current design choice:** the repo-local vault intentionally does **not** expose an admin withdrawal path for the underlying native USDW reserve. That stays conservative until a fuller liability model exists for pooled convertibility between vault-minted and bridge-minted `cWUSDW`. + +--- + +## 4. Extend mapper config (done) + +| Item | Location | +|------|-----------| +| Native DWIN USDW + migration metadata | `config/token-mapping-multichain.json` → **`dwinUsdWinPublic`** | +| cUSDW → cWUSDW per route | Same file → **`pairs`** with key **`Compliant_USDW_cW`** for **138→56** (live), **138→43114** (live), **138→137** (placeholder `addressTo` until Polygon cWUSDW exists) | + +Symbol map **cUSDW → cWUSDW** was already in **`cToCwSymbolMapping`**. + +Registry-style fields for institutional JSON (`wrappedFrom`, `originChainId`, `bridgeAdapter`) are described in `docs/04-configuration/naming-conventions/04_REGISTRY_AND_JSON_FIELDS.md` and `03_BRIDGES_CROSS_CHAIN_NAMING.md`. + +--- + +## 5. Disambiguate tokens in canonical docs (done) + +**Cronos ISO-4217W USDW** (script family, 2 decimals in fallbacks) remains distinct from **CMC USD DWIN** on BSC/Polygon. See **`docs/11-references/TOKEN_CATEGORIES_CANONICAL.md`** (section on public USD DWIN). + +--- + +## Optional env (operator) + +In **`.env.master.example`**: + +- `USDW_DWIN_BSC` — optional override for tooling; canonical pin remains `token-mapping-multichain.json`. +- `USDW_DWIN_POLYGON` — same for Polygon. + +Existing **`CWUSDW_ADDRESS_56`** / **`CWUSDW_ADDRESS_43114`** continue to identify the **cWUSDW** contracts for token-aggregation. + +--- + +## Activation gate (not done) + +**cUSDW** is not yet listed under **`enabledCanonicalTokens`** in `config/gru-transport-active.json`. When wrap + bridge are audited: + +1. Add **cUSDW** with `mappingKey`: **`Compliant_USDW_cW`**, `mirroredSymbol`: **`cWUSDW`**, per-chain **transportPairs**, **maxOutstanding**, and optional **reserveVerifierKey**. +2. Set Polygon **`Compliant_USDW_cW.addressTo`** to the deployed **cWUSDW** and align **`cross-chain-pmm-lps/config/deployment-status.json`**. +3. Run `bash scripts/validation/validate-config-files.sh`. + +--- + +## Related runbooks + +- `docs/03-deployment/CUSDW_CUSDC_V2_HUB_POOL_RUNBOOK.md` — Chain 138 **cUSDW** hub liquidity. +- `docs/03-deployment/USDW_PUBLIC_WRAP_VAULT_RUNBOOK.md` — Native public-chain USDW → **cWUSDW** vault deployment and role wiring. +- `docs/07-ccip/CW_BRIDGE_APPROACH.md` — GRU **c\*** ↔ **cW\*** strategy. +- `docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md` — Mapper table including **cUSDW**. diff --git a/docs/03-deployment/VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md b/docs/03-deployment/VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md new file mode 100644 index 00000000..90df7ff3 --- /dev/null +++ b/docs/03-deployment/VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md @@ -0,0 +1,43 @@ +# VLAN migration runbook — flat 11 → segmented + +**Current:** Single broadcast domain `192.168.11.0/24` (VLAN 11). +**Target segments:** Documented in [NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md) (e.g. 110–112, 120, 160, 200–203). +**Policy:** Enforce **IP uniqueness** and automated drift **before** cutover ([SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md](../02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md) section 4). + +## Preconditions + +1. `bash scripts/it-ops/export-live-inventory-and-drift.sh` exits **0** (no `duplicate_ips` for different guest names). +2. Backup UDM/UniFi and Proxmox network configs. +3. Maintenance window announced for default gateway moves. + +## Ordered segments (do not reorder without risk review) + +| Step | Segment | Intent | +|------|---------|--------| +| 1 | Out-of-band / IPMI (if any) | Isolate management before touching data plane | +| 2 | Tenant-facing VLANs (200+) | Reduce blast radius for external-facing workloads | +| 3 | Besu validators / RPC | High sensitivity; coordinate with Chain 138 ops | +| 4 | Sankofa app tier | Portal, Keycloak, NPM upstreams | + +## Executable checklist + +Run the shell helper (dry-run by default): + +```bash +bash scripts/it-ops/vlan-segmentation-ordered-checklist.sh +bash scripts/it-ops/vlan-segmentation-ordered-checklist.sh --apply +``` + +`--apply` only records completion timestamps in a local state file under `reports/status/`; it does **not** configure switches. Use it as an operator log. + +## Per-step tasks (manual) + +1. Create VLANs on UDM/UniFi; assign subnets (no overlap with existing static leases). +2. Add tagged ports on switches; update Proxmox bridges / CT `net0` VLAN tags incrementally. +3. Re-run IPAM export after each wave; fix drift before the next wave. +4. Update [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md) and `config/ip-addresses.conf` **after** live matches intent. + +## Rollback + +- Keep previous UDM backup; revert trunk tagging if a segment loses gateway. +- Document actual vs planned in `reports/status/` for the IT controller audit log (Phase 3). diff --git a/docs/03-deployment/WEMIX_ACQUISITION_TABLED.md b/docs/03-deployment/WEMIX_ACQUISITION_TABLED.md index 475cc3f4..cb58e6e9 100644 --- a/docs/03-deployment/WEMIX_ACQUISITION_TABLED.md +++ b/docs/03-deployment/WEMIX_ACQUISITION_TABLED.md @@ -1,15 +1,18 @@ # Wemix (1111) deployments — tabled -**Last Updated:** 2026-03-06 +**Last Updated:** 2026-04-05 **Status:** All Wemix network deployments (CCIP bridges, config, LINK funding on 1111) are **tabled** until the deployer can acquire WEMIX for gas. --- ## Reason +- Current deployer: `0x4A666F96fC8764181194447A7dFdb7d471b301C8`. +- Current preflight status from `cd smom-dbis-138 && ./scripts/deployment/preflight-config-ready-chains.sh wemix`: RPC OK on chain `1111`, deployer balance `0 WEMIX`, required minimum `0.4 WEMIX`. - Deployer needs **~0.4 WEMIX** (native gas) on chain 1111 to deploy and configure CCIP bridges. - There is **no in-repo route** (aggregator/DEX integration or script) to swap **ETH**, **BNB**, or **Polygon (POL)** to WEMIX. - [TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER](../11-references/TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER.md) lists Wemix as “Bridge/DEX” only — i.e. manual acquisition. +- Historical `DeployWETHBridges.s.sol` broadcast files exist for chain `1111`, but the recorded bridge addresses do not currently resolve to bytecode on-chain. Treat the Wemix bridge layer as undeployed until a fresh funded deployment succeeds. --- @@ -35,3 +38,4 @@ - [REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md](REMAINING_DEPLOYMENTS_FOR_FULL_NETWORK_COVERAGE.md) — Phase B.2, routing context. - [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md) — steps when Wemix is un-tabled. - [WEMIX_TOKEN_VERIFICATION.md](../07-ccip/WEMIX_TOKEN_VERIFICATION.md) — token addresses on scan.wemix.com. +- [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) — current gas-native rollout and Wemix bridge note. diff --git a/docs/03-deployment/WORMHOLE_NTT_EXECUTOR_OPERATOR_RUNBOOK.md b/docs/03-deployment/WORMHOLE_NTT_EXECUTOR_OPERATOR_RUNBOOK.md new file mode 100644 index 00000000..c4ac3990 --- /dev/null +++ b/docs/03-deployment/WORMHOLE_NTT_EXECUTOR_OPERATOR_RUNBOOK.md @@ -0,0 +1,117 @@ +# Wormhole NTT + Executor — operator runbook + +**Last updated:** 2026-04-01 +**Purpose:** Prepare a Wormhole operator environment for **Native Token Transfers (NTT)** using the modern **Executor** relay path, while clearly separating repo-local preparation from the protocol support boundary for **Chain 138**. + +## What this runbook completes + +- installs the official `ntt` CLI +- bootstraps a local NTT project directory +- seeds environment templates and deployment placeholders +- records the current protocol boundary for Chain 138 + +## What this runbook does not complete automatically + +- deploying Wormhole contracts to a chain that is not currently listed as Wormhole-supported +- registering Chain 138 as a Wormhole chain +- providing Guardian / protocol-level support for Chain 138 +- filling secrets, RPC URLs, or signing keys + +## Why Executor, not Standard Relayer + +Wormhole’s own relayer docs now direct developers to the **Executor** framework and warn that the **Standard Relayer** is deprecated. New NTT integrations should be prepared with **Executor** in mind, not the legacy Standard Relayer path. + +## Chain 138 boundary + +Before attempting a real Wormhole deploy, confirm the chain is officially supported: + +- Wormhole chain IDs reference: `https://wormhole.com/docs/products/reference/chain-ids/` +- supported networks reference: `https://wormhole.com/docs/products/reference/supported-networks/` + +As of this repo update, **Chain 138 is not listed there**, so a full Wormhole NTT or messaging deployment for Chain 138 is still blocked on Wormhole-side chain support or a separate custom-chain onboarding process. + +That means: + +- **supported chains**: you can prepare and deploy NTT + Executor normally +- **Chain 138**: you can prepare operator tooling and configs, but you should not mark a live Wormhole deployment complete + +## Repo-local preparation + +### 1. Install the NTT CLI + +```bash +bash scripts/wormhole/install-ntt-cli.sh +``` + +This follows Wormhole’s current guidance: + +- install `ntt` +- ensure **Bun v1.2.23** is available in `PATH` + +### 2. Bootstrap a project + +```bash +WORMHOLE_NTT_PROJECT_DIR=~/wormhole-ntt-mainnet \ +WORMHOLE_ENVIRONMENT=Mainnet \ +bash scripts/wormhole/bootstrap-ntt-project.sh +``` + +This creates an NTT project, initializes `deployment.json`, and copies repo example files for local editing. + +### 3. Fill local env + +Use [config/wormhole/ntt-operator.example.env](/home/intlc/projects/proxmox/config/wormhole/ntt-operator.example.env) as the base for your local-only environment. + +At minimum, fill: + +- source RPC URL +- destination RPC URL +- deployer private key +- any Wormhole provider/API credentials you use internally + +### 4. Check Executor support + +Before a real transfer route, confirm the destination chain supports NTT with Executor: + +```bash +curl -fsSL https://executor.labsapis.com/v0/capabilities | jq . +``` + +For testnet: + +```bash +curl -fsSL https://executor-testnet.labsapis.com/v0/capabilities | jq . +``` + +Do not proceed with automated relaying unless the source/destination pair is supported there. + +## Suggested operator placement + +Use the OP Stack deployer CT as the Wormhole preparation box: + +- `5751` `op-stack-deployer-1` at `192.168.11.69` + +That CT already has: + +- baseline build tools +- SSH access for `opuser` +- repo bootstrap content + +## Artifact handling + +Store non-secret outputs in: + +- [config/wormhole/deployed/](/home/intlc/projects/proxmox/config/wormhole/deployed/) + +Examples: + +- `deployment.mainnet.json` +- `executor-capabilities.snapshot.json` +- `supported-chains.audit.md` + +## Next real blockers + +1. pick a Wormhole-supported source/destination pair if you want a live proof-of-path now +2. decide whether Chain 138 is waiting for official support or for a custom-chain onboarding effort +3. fill the local-only RPC + key material +4. run the actual `ntt` deployment flow from the bootstrapped project diff --git a/docs/04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md b/docs/04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md index b6339615..f77cf7d4 100644 --- a/docs/04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md +++ b/docs/04-configuration/ADDITIONAL_PATHS_AND_EXTENSIONS.md @@ -1,6 +1,6 @@ # Additional Paths and Extensions -**Last Updated:** 2026-03-06 +**Last Updated:** 2026-04-03 **Purpose:** Catalog of path types and extension points for routing, bridging, and deployer gas. Use this when adding new chains, assets, or aggregators. --- @@ -29,8 +29,10 @@ - **Pairs:** 138↔651940, 138↔public chains, 651940↔public; **138↔42793 (Etherlink)** added with WETH9, cUSDT, cUSDC, LINK (addressTo placeholders until bridge/relay). - **chainNames:** Includes 42793 "Etherlink". +- **nonEvmNetworks:** Tracks non-EVM rollout targets that should not be forced into an EIP-155 pair row. Current canonical entry: **Solana** (`vmKind: SVM`, relay / adapter class). -**To add a chain pair:** Add to `chainNames` and add a `pairs` entry with `fromChainId`, `toChainId`, `tokens[]` (key, name, addressFrom, addressTo, notes). +**To add a chain pair:** Add to `chainNames` and add a `pairs` entry with `fromChainId`, `toChainId`, `tokens[]` (key, name, addressFrom, addressTo, notes). +**To add a non-EVM target:** Add it under `nonEvmNetworks`; do not invent a fake EIP-155 chain id just to fit `.pairs`. --- @@ -55,9 +57,11 @@ ## 6. Deployer gas (`config/deployer-gas-routes.json`, `config/cro-wemix-swap-routes.json`) - **Chains:** 138 (internal), 1, 56, 137, 100, 10, 42161, 8453, 43114, 25 (manual), 42220, 1111 (manual), 651940 (manual), **42793 Etherlink (manual, optional)**. +- **nonEvmNetworks:** Planning-only section for non-EVM manual-funding targets. Current canonical entry: **Solana** (`SOL`, manual funding, not auto-routed by the current script). - **Cronos/Wemix:** Multiple swap routes in `cro-wemix-swap-routes.json`; script `scripts/deployment/acquire-cro-and-wemix-gas.sh`. -**To add a chain:** Add entry in `deployer-gas-routes.json` with `chainId`, `name`, `nativeSymbol`, `thresholdEther`, `method` (internal | protocolink | manual), and if manual: `manualInstructions`, `manualLinks`, optional `swapRoutesConfig`. +**To add a chain:** Add entry in `deployer-gas-routes.json` with `chainId`, `name`, `nativeSymbol`, `thresholdEther`, `method` (internal | protocolink | manual), and if manual: `manualInstructions`, `manualLinks`, optional `swapRoutesConfig`. +**To add a non-EVM target:** Add it under `nonEvmNetworks` and document the manual funding flow; `deployer-gas-auto-route.sh` currently processes only `.chains[]`. --- @@ -65,6 +69,7 @@ - **Chains:** 138, 1, 56, 137, 10, 42161, 43114, 8453, 100, 25, 42220, 1111, 651940. - **Modes:** B/SBS, via 138, ALT, TBD, —. Celo (42220) set to B/SBS (2026-03-06); Wemix (1111) remains TBD until bridge funded. +- **Boundary:** This matrix is an EVM / ALT operational matrix. **Solana** and other non-EVM relay targets live outside it until a separate non-EVM routing matrix is intentionally defined. **To add a chain to the matrix:** Extend `chainIndex` and `chainNames`, and add row/column in `matrix` with appropriate mode (B/SBS when CCIP live, TBD otherwise). diff --git a/docs/04-configuration/ADD_CHAIN138_TO_LEDGER_LIVE.md b/docs/04-configuration/ADD_CHAIN138_TO_LEDGER_LIVE.md index 971d7897..8101c575 100644 --- a/docs/04-configuration/ADD_CHAIN138_TO_LEDGER_LIVE.md +++ b/docs/04-configuration/ADD_CHAIN138_TO_LEDGER_LIVE.md @@ -1,6 +1,6 @@ # Add Chain 138 (Defi Oracle Meta Mainnet) to Ledger Live -**Last Updated:** 2026-02-13 +**Last Updated:** 2026-04-02 **Status:** Action plan and submission guide --- @@ -20,7 +20,7 @@ We would like to add Defi Oracle Meta Mainnet (Chain ID 138) to Ledger Live so u - Chain name: Defi Oracle Meta Mainnet - Chain ID: 138 (0x8a) -- EVM-compatible (EIP-155, EIP-1559), standard derivation 44'/60' +- EVM-compatible (EIP-155, EIP-1559, EIP-2718, EIP-2930), standard derivation 44'/60' - Public RPCs and block explorer are live; chain is listed on Chainlist (chainlist.org/chain/138). - We already have Chain ID 138 configured in a Ledger App-Ethereum fork (network name "Defi Oracle Meta", ticker ETH) and can provide specs or PRs as needed. @@ -59,7 +59,7 @@ This doc gives the steps and materials to request and support that integration. - Chain name: Defi Oracle Meta Mainnet - Chain ID: 138 (0x8a) - - EVM-compatible (EIP-155, EIP-1559), standard derivation 44'/60' + - EVM-compatible (EIP-155, EIP-1559, EIP-2718, EIP-2930), standard derivation 44'/60' - Public RPCs and block explorer are live; chain is listed on Chainlist (chainlist.org/chain/138). - We already have Chain ID 138 configured in a Ledger App-Ethereum fork (network name "Defi Oracle Meta", ticker ETH) and can provide specs or PRs as needed. @@ -105,13 +105,13 @@ Our canonical chain spec is in this repo at `pr-workspace/chains/_data/chains/ei |-------|--------| | **name** | Defi Oracle Meta Mainnet | | **chainId** | 138 | -| **networkId** | 1 | +| **networkId** | 138 (matches [ethereum-lists/chains `eip155-138.json`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json)) | | **shortName** | dfio-meta-main | | **nativeCurrency** | Ether (ETH), 18 decimals | | **slip44** | 60 (standard EVM) | | **infoURL** | https://d-bis.org | -**RPC URLs (public):** +**RPC URLs (public):** same order as upstream [ethereum-lists/chains `_data/chains/eip155-138.json`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json) (merged [cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80)): - `https://rpc-http-pub.d-bis.org` - `wss://rpc-ws-pub.d-bis.org` @@ -129,7 +129,7 @@ Our canonical chain spec is in this repo at `pr-workspace/chains/_data/chains/ei - Blockscout: `https://explorer.d-bis.org` (EIP3091) -**Features:** EIP-155, EIP-1559. +**Features:** EIP-155, EIP-1559, EIP-2718, EIP-2930 (Berlin-era typed transactions; aligns with chain genesis). ### 3.2 Ledger App-Ethereum (device) configuration diff --git a/docs/04-configuration/ALI_RPC_PORT_FORWARDING_CONFIG.md b/docs/04-configuration/ALI_RPC_PORT_FORWARDING_CONFIG.md index 403ae573..37afb612 100644 --- a/docs/04-configuration/ALI_RPC_PORT_FORWARDING_CONFIG.md +++ b/docs/04-configuration/ALI_RPC_PORT_FORWARDING_CONFIG.md @@ -1,5 +1,7 @@ # ALI RPC Port Forwarding Configuration +> Historical note: This port-forwarding guide reflects an earlier permissioned RPC layout and preserves a then-current `250x` target. Keep it as migration history. For live Ali/private RPC targets, use `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` and `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/ALL_VMIDS_ENDPOINTS.md b/docs/04-configuration/ALL_VMIDS_ENDPOINTS.md index 82a6c394..3747c67d 100644 --- a/docs/04-configuration/ALL_VMIDS_ENDPOINTS.md +++ b/docs/04-configuration/ALL_VMIDS_ENDPOINTS.md @@ -1,17 +1,17 @@ # Complete VMID and Endpoints Reference -**Last Updated:** 2026-03-30 -**Document Version:** 1.2 +**Last Updated:** 2026-04-09 +**Document Version:** 1.3 **Status:** Active Documentation — **Master (source of truth)** for VMID, IP, port, and domain mapping. See [MASTER_DOCUMENTATION_INDEX.md](../00-meta/MASTER_DOCUMENTATION_INDEX.md). **Operational template (hosts, peering, deployment gates, JSON):** [../03-deployment/PROXMOX_VE_OPERATIONAL_DEPLOYMENT_TEMPLATE.md](../03-deployment/PROXMOX_VE_OPERATIONAL_DEPLOYMENT_TEMPLATE.md) · [`config/proxmox-operational-template.json`](../../config/proxmox-operational-template.json) --- -**Date**: 2026-01-20 +**Date**: 2026-04-09 **Status**: Current Active Configuration (Verified) -**Last Updated**: 2026-01-20 -**Verification Status**: ✅ Complete - All VMIDs verified across 3 hosts +**Last Updated**: 2026-04-09 +**Verification Status**: Order band **10000/10001/10020** reconciled to live `pct config` on r630-01; `scripts/verify/audit-proxmox-operational-template.sh` defaults to **five** Proxmox IPs (.10–.14 from `ip-addresses.conf`). --- @@ -21,7 +21,7 @@ - **Running**: 45+ - **Stopped**: 5 - **Infrastructure Services**: 10 -- **Blockchain Nodes**: 22 (Validators: 5, Sentries: 4, RPC: 13) +- **Blockchain Nodes**: 37 (Validators: 5, Sentries: 11, RPC: 21) - **Application Services**: 22 --- @@ -36,7 +36,7 @@ |------|------------|----------|--------|-----------|---------| | 100 | 192.168.11.32 | proxmox-mail-gateway | ✅ Running | SMTP: 25, 587, 465 | **Proxmox Mail Proxy** / email gateway (LAN SMTP relay); **587/465 enabled** on Postfix (`master.cf` append 2026-03-30) | | 101 | 192.168.11.33 | proxmox-datacenter-manager | ✅ Running | Web: 8006 | Datacenter management | -| 103 | 192.168.11.30 | omada | ✅ Running | Web: 8043 | Omada controller | +| — | 192.168.11.30 | *(spare)* | — | — | **Was VMID 103 (Omada / TP-Link).** CT destroyed on r630-01 **2026-04-04**; IP available for reuse. | | 104 | 192.168.11.31 | gitea | ✅ Running | Web: 80, 443 | Git repository | | 105 | 192.168.11.26 | nginxproxymanager | ✅ Running | Web: 80, 81, 443 | Nginx Proxy Manager (legacy) | | 130 | 192.168.11.27 | monitoring-1 | ✅ Running | Web: 80, 443 | Monitoring services — **Proxmox node not re-verified 2026-03-30** (confirm with `pct list` if needed). | @@ -89,8 +89,10 @@ | 1504 | 192.168.11.154 | besu-sentry-ali | ✅ Running | P2P: 30303, Metrics: 9545 | Sentry node (Ali) | | 1505 | 192.168.11.213 | besu-sentry-alltra-1 | ✅ Running | P2P: 30303, Metrics: 9545 | Sentry (Alltra 1) | | 1506 | 192.168.11.214 | besu-sentry-alltra-2 | ✅ Running | P2P: 30303, Metrics: 9545 | Sentry (Alltra 2) | +| 1509 | 192.168.11.219 | besu-sentry-thirdweb-01 | ✅ Running | P2P: 30303, Metrics: 9545 | Thirdweb sentry 1 | +| 1510 | 192.168.11.220 | besu-sentry-thirdweb-02 | ✅ Running | P2P: 30303, Metrics: 9545 | Thirdweb sentry 2 | -**Note:** 1505-1506 moved from .170/.171 to .213/.214 (2026-02-01) to free CCIP Ops interim range. +**Placement note (verified 2026-04-09):** validators `1003/1004`, sentries `1503-1510`, and RPCs `2102`, `2301`, `2304`, `2400`, `2402`, `2403` are on **r630-03** (`192.168.11.13`). RPCs `2201`, `2303`, `2305-2308`, and `2401` are on **r630-02** (`192.168.11.12`). `1505-1506` moved from `.170/.171` to `.213/.214` on 2026-02-01. --- @@ -102,62 +104,87 @@ All RPC nodes have been migrated to a new VMID structure for better organization ### Core RPC Nodes +**Core Besu tier = VMIDs 2101–2103** (HTTP/WS **8545/8546**). **2101** and **2103** are on **r630-01** (`192.168.11.11`); **2102** is on **r630-03** (`192.168.11.13`). **2201** (public) and **2301** (private/Fireblocks) are separate lanes below. + | VMID | IP Address | Hostname | Status | Block | Peers | Endpoints | Purpose | |------|------------|----------|--------|-------|-------|-----------|---------| -| 2101 | 192.168.11.211 | besu-rpc-core-1 | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Core RPC node | -| **2201** | **192.168.11.221** | besu-rpc-public-1 | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Public RPC node **(FIXED PERMANENT)** | -| 2301 | 192.168.11.232 | besu-rpc-private-1 | ⏸️ Stopped | - | - | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Private RPC node (startup error) | +| 2101 | 192.168.11.211 | besu-rpc-core-1 | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Core RPC **1**; default `RPC_URL_138` / `RPC_CORE_1`; **r630-01** | +| 2102 | 192.168.11.212 | besu-rpc-core-2 | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Core RPC **2**; `RPC_CORE_2`; **r630-03** | +| 2103 | 192.168.11.217 | besu-rpc-core-thirdweb | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Core RPC **Thirdweb admin**; `RPC_THIRDWEB_ADMIN_CORE`; NPM `rpc.tw-core.d-bis.org`; **r630-01** | +| **2201** | **192.168.11.221** | besu-rpc-public-1 | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Public RPC node **(FIXED PERMANENT)** | +| 2301 | 192.168.11.232 | besu-rpc-private-1 | ✅ Running | 3,529,172 | 25 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Private / Fireblocks RPC node | + +**2026-04-02 health note:** `bash scripts/verify/check-chain138-rpc-health.sh` from this workspace received JSON-RPC responses from all sampled Chain 138 RPC nodes. Peer counts were **25-26** across the fleet, the observed head spread was **4 blocks**, and the public RPC capability probe passed for `https://rpc-http-pub.d-bis.org`. ### Named RPC Nodes (Ali/Luis/Putu) | VMID | IP Address | Hostname | Status | Block | Peers | Endpoints | Purpose | |------|------------|----------|--------|-------|-------|-----------|---------| -| 2303 | 192.168.11.233 | besu-rpc-ali-0x8a | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Ali RPC (0x8a identity) | -| 2304 | 192.168.11.234 | besu-rpc-ali-0x1 | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Ali RPC (0x1 identity) | -| 2305 | 192.168.11.235 | besu-rpc-luis-0x8a | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Luis RPC (0x8a identity) | -| 2306 | 192.168.11.236 | besu-rpc-luis-0x1 | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Luis RPC (0x1 identity) | -| 2307 | 192.168.11.237 | besu-rpc-putu-0x8a | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Putu RPC (0x8a identity) | -| 2308 | 192.168.11.238 | besu-rpc-putu-0x1 | ✅ Running | 1,145,367 | 7 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Putu RPC (0x1 identity) | +| 2303 | 192.168.11.233 | besu-rpc-ali-0x8a | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Ali RPC (0x8a identity) | +| 2304 | 192.168.11.234 | besu-rpc-ali-0x1 | ✅ Running | 3,529,173 | 25 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Ali RPC (0x1 identity) | +| 2305 | 192.168.11.235 | besu-rpc-luis-0x8a | ✅ Running | 3,529,176 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Luis RPC (0x8a identity) | +| 2306 | 192.168.11.236 | besu-rpc-luis-0x1 | ✅ Running | 3,529,173 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Luis RPC (0x1 identity) | +| 2307 | 192.168.11.237 | besu-rpc-putu-0x8a | ✅ Running | 3,529,174 | 25 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Putu RPC (0x8a identity) | +| 2308 | 192.168.11.238 | besu-rpc-putu-0x1 | ✅ Running | 3,529,173 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Putu RPC (0x1 identity) | ### ThirdWeb RPC Nodes | VMID | IP Address | Hostname | Status | Block | Peers | Endpoints | Purpose | |------|------------|----------|--------|-------|-------|-----------|---------| -| 2400 | 192.168.11.240 | thirdweb-rpc-1 | ✅ Running | 1,149,992 | 2 | **Nginx: 443**, Besu: 8545/8546, P2P: 30303, Metrics: 9545, Translator: 9645/9646 | ThirdWeb RPC with translator (primary) | -| 2401 | 192.168.11.241 | besu-rpc-thirdweb-0x8a-1 | ✅ Running | 1,149,992 | 2 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | ThirdWeb RPC instance 1 | -| 2402 | 192.168.11.242 | besu-rpc-thirdweb-0x8a-2 | ✅ Running | 1,149,992 | 2 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | ThirdWeb RPC instance 2 | -| 2403 | 192.168.11.243 | besu-rpc-thirdweb-0x8a-3 | ✅ Running | 600,172 | 0 | Besu: 8545/8546, P2P: 30303 | ThirdWeb RPC instance 3 (syncing) | +| 2400 | 192.168.11.240 | thirdweb-rpc-1 | ✅ Running | 3,529,172 | 25 | **Nginx: 443**, Besu: 8545/8546, P2P: 30303, Metrics: 9545, Translator: 9645/9646 | ThirdWeb permissioned/private RPC with translator (primary); no `ADMIN` | +| 2401 | 192.168.11.241 | besu-rpc-thirdweb-0x8a-1 | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | ThirdWeb specialized RPC 1; no `ADMIN`; HTTP `ETH/NET/WEB3/DEBUG/TRACE`, WS `ETH/NET/WEB3` | +| 2402 | 192.168.11.242 | besu-rpc-thirdweb-0x8a-2 | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | ThirdWeb specialized RPC 2; no `ADMIN`; HTTP `ETH/NET/WEB3/DEBUG/TRACE`, WS `ETH/NET/WEB3` | +| 2403 | 192.168.11.243 | besu-rpc-thirdweb-0x8a-3 | ✅ Running | 3,529,172 | 26 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | ThirdWeb specialized RPC 3; no `ADMIN`; HTTP `ETH/NET/WEB3/DEBUG/TRACE`, WS `ETH/NET/WEB3` | -**Note**: VMID 2400 is the primary ThirdWeb RPC with Nginx and RPC Translator. VMID 2403 metrics disabled due to port conflict, node is syncing. +### Older Edge RPC Nodes + +| VMID | IP Address | Hostname | Status | Block | Peers | Endpoints | Purpose | +|------|------------|----------|--------|-------|-------|-----------|---------| +| 2420 | 192.168.11.172 | besu-rpc-alltra-1 | ✅ Running | 3,529,172 | 25 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Older edge Alltra RPC 1 | +| 2430 | 192.168.11.173 | besu-rpc-alltra-2 | ✅ Running | 3,529,172 | 30 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Older edge Alltra RPC 2 | +| 2440 | 192.168.11.174 | besu-rpc-alltra-3 | ✅ Running | 3,529,172 | 30 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Older edge Alltra RPC 3 | +| 2460 | 192.168.11.246 | besu-rpc-hybx-1 | ✅ Running | 3,529,172 | 30 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Older edge HYBX RPC 1 | +| 2470 | 192.168.11.247 | besu-rpc-hybx-2 | ✅ Running | 3,529,172 | 30 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Older edge HYBX RPC 2 | +| 2480 | 192.168.11.248 | besu-rpc-hybx-3 | ✅ Running | 3,529,172 | 30 | Besu: 8545/8546, P2P: 30303, Metrics: 9545 | Older edge HYBX RPC 3 | + +### Static web (Chain 138 info site) + +| VMID | IP Address | Hostname | Status | Endpoints | Purpose | +|------|------------|----------|--------|-----------|---------| +| 2410 | 192.168.11.218 | info-defi-oracle-web | ✅ Running | **HTTP: 80** (nginx) | **info.defi-oracle.io** Vite SPA (incl. `/governance`, `/ecosystem`, `/documentation`, `/disclosures`, `/agents`) + **`/token-aggregation/`** → `IP_BLOCKSCOUT` — `config/nginx/info-defi-oracle-io.site.conf`; `provision-info-defi-oracle-web-lxc.sh` + `sync-info-defi-oracle-to-vmid2400.sh`; NPM upstream `IP_INFO_DEFI_ORACLE_WEB` | + +**Note**: VMID 2400 is the primary ThirdWeb RPC with Nginx and RPC Translator — **do not** host the info SPA there. The 2026-04-02 probe showed all ThirdWeb-side nodes responding normally. **Public Domain**: `rpc.public-0138.defi-oracle.io` → Routes to VMID 2400:443 --- -## OLD RPC Nodes (Decommissioned) +## OLD RPC Node Lineage (Historical VMIDs) -**Status**: ✅ **DECOMMISSIONED** (2026-01-18) +**Status**: Historical lineage retained for audit trail and old-script cleanup. Treat these rows as retired `25xx` RPC allocations from the 2026-01-18 migration, not as current live placement. -The following VMIDs have been permanently removed: +The following VMIDs were the older `25xx` RPC identities before the `21xx/22xx/23xx/24xx` migration: -| VMID | Old IP Address | Old Hostname | Status | Replaced By | +| VMID | Old IP Address | Old Hostname | Historical status | Replaced By | |------|----------------|--------------|--------|-------------| -| 2500 | 192.168.11.250 | besu-rpc-1 | 🗑️ Destroyed | VMID 2101 | -| 2501 | 192.168.11.251 | besu-rpc-2 | 🗑️ Destroyed | VMID 2201 | -| 2502 | 192.168.11.252 | besu-rpc-3 | 🗑️ Destroyed | VMID 2301 | -| 2503 | 192.168.11.253 | besu-rpc-ali-0x8a | 🗑️ Destroyed | VMID 2303 | -| 2504 | 192.168.11.254 | besu-rpc-ali-0x1 | 🗑️ Destroyed | VMID 2304 | -| 2505 | 192.168.11.201 | besu-rpc-luis-0x8a | 🗑️ Destroyed | VMID 2305 | -| 2506 | 192.168.11.202 | besu-rpc-luis-0x1 | 🗑️ Destroyed | VMID 2306 | -| 2507 | 192.168.11.203 | besu-rpc-putu-0x8a | 🗑️ Destroyed | VMID 2307 | -| 2508 | 192.168.11.204 | besu-rpc-putu-0x1 | 🗑️ Destroyed | VMID 2308 | +| 2500 | 192.168.11.250 | besu-rpc-1 | Retired in migration | VMID 2101 | +| 2501 | 192.168.11.251 | besu-rpc-2 | Retired in migration | VMID 2201 | +| 2502 | 192.168.11.252 | besu-rpc-3 | Retired in migration | VMID 2301 | +| 2503 | 192.168.11.253 | besu-rpc-ali-0x8a | Retired in migration | VMID 2303 | +| 2504 | 192.168.11.254 | besu-rpc-ali-0x1 | Retired in migration | VMID 2304 | +| 2505 | 192.168.11.201 | besu-rpc-luis-0x8a | Retired in migration | VMID 2305 | +| 2506 | 192.168.11.202 | besu-rpc-luis-0x1 | Retired in migration | VMID 2306 | +| 2507 | 192.168.11.203 | besu-rpc-putu-0x8a | Retired in migration | VMID 2307 | +| 2508 | 192.168.11.204 | besu-rpc-putu-0x1 | Retired in migration | VMID 2308 | -**Public Domains** (need updating to new IPs): -- `rpc-http-prv.d-bis.org` → Should route to new RPC nodes -- `rpc-ws-prv.d-bis.org` → Should route to new RPC nodes -- `rpc-http-pub.d-bis.org` → Should route to new RPC nodes -- `rpc-ws-pub.d-bis.org` → Should route to new RPC nodes -- `rpc.public-0138.defi-oracle.io` → Should route to 2401-2403 +**Cleanup note (2026-04-12):** if you still see Besu-named `25xx` CT names elsewhere in the workspace, treat them as historical residue until each script/runbook is reconciled to the live VMID map above. + +**Public Domains** (current live routing inventory): +- `rpc-http-prv.d-bis.org` → VMID `2101` (`192.168.11.211:8545`) +- `rpc-ws-prv.d-bis.org` → VMID `2101` (`192.168.11.211:8546`) +- `rpc-http-pub.d-bis.org` → VMID `2201` (`192.168.11.221:8545`) +- `rpc-ws-pub.d-bis.org` → VMID `2201` (`192.168.11.221:8546`) +- `rpc.public-0138.defi-oracle.io` → VMID `2400` (`192.168.11.240:443`) --- @@ -169,7 +196,9 @@ The following VMIDs have been permanently removed: |------|------------|----------|--------|-----------|---------| | 5000 | 192.168.11.140 | blockscout-1 | ✅ Running | Web: 80, 443; API: 4000 | Blockchain explorer | -**Public Domain**: `explorer.d-bis.org` → Routes to VMID 5000:80 (nginx serves web UI, proxies /api/* to port 4000) +**Public Domain**: `explorer.d-bis.org` → Routes to VMID 5000:80 (nginx serves the public UI and splits traffic across internal explorer services) + +**Internal split note**: the live explorer on VMID `5000` is no longer just "web plus Blockscout API". Public traffic is currently split across nginx, Next frontend (`3000`), explorer config/API (`8081`), Blockscout (`4000`), token aggregation (`3001`), and static `/config/*` assets. See [`LIVE_DEPLOYMENT_MAP.md`](../../explorer-monorepo/deployment/LIVE_DEPLOYMENT_MAP.md) for the authoritative internal listener map. --- @@ -178,9 +207,13 @@ The following VMIDs have been permanently removed: | VMID | IP Address | Hostname | Status | Endpoints | Purpose | |------|------------|----------|--------|-----------|---------| | 6200 | 192.168.11.35 | firefly-1 | ✅ Running | Web: 80, 443, API: 5000 | Firefly DLT platform | -| 6201 | 192.168.11.57 | firefly-ali-1 | ✅ Running | Web: 80, 443, API: 5000 | Firefly (Ali instance) | +| 6201 | 192.168.11.57 | firefly-ali-1 | ⏸️ Stopped | None verified | FireFly standby / retired metadata only until intentionally rebuilt | +| 6202 | 192.168.11.175 | firefly-alltra-1 | ✅ Running | Web: 80 (placeholder) | ALLTRA Firefly stack (`IP_FIREFLY_ALLTRA_1`) | +| 6203 | 192.168.11.176 | firefly-alltra-2 | ✅ Running | Web: 80 (placeholder) | ALLTRA Firefly stack (`IP_FIREFLY_ALLTRA_2`) | +| 6204 | 192.168.11.249 | firefly-hybx-1 | ✅ Running | Web: 80 (placeholder) | HYBX Firefly stack (`IP_FIREFLY_HYBX_1`) | +| 6205 | 192.168.11.250 | firefly-hybx-2 | ✅ Running | Web: 80 (placeholder) | HYBX Firefly stack (`IP_FIREFLY_HYBX_2`); re-IP’d from .172 2026-04-09 (was duplicate of Besu 2420/2500) | -**Note:** Firefly instances run on r630-02. VMID 6200 also on r630-02. +**Note:** Firefly instances run on r630-02. VMID 6200 also on r630-02. As of 2026-04-05, `firefly.service` is enabled and active again after normalizing the compose `version` field for the installed `docker-compose`. VMIDs 6202–6205 share the ALLTRA/HYBX placeholder web pattern; NPMplus maps `firefly-hybx-*.d-bis.org` to 249/250 per `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh`. --- @@ -203,7 +236,9 @@ The following VMIDs have been permanently removed: | VMID | IP Address | Hostname | Status | Endpoints | Purpose | |------|------------|----------|--------|-----------|---------| -| 6000 | 192.168.11.65 | fabric-1 | ✅ Running | Peer: 7051, Orderer: 7050 | Hyperledger Fabric network | +| 6000 | 192.168.11.113 | fabric-1 | ✅ Running | Peer: 7051, Orderer: 7050, Ops: 9443-9445 | Hyperledger Fabric sample network | + +**Note:** As of 2026-04-05, VMID 6000 is an active sample-network runtime, not a stopped placeholder. `fabric-sample-network.service` keeps the network queryable across CT restarts, and `scripts/maintenance/ensure-fabric-sample-network-via-ssh.sh` is the manual repair path. --- @@ -231,6 +266,15 @@ The following VMIDs have been permanently removed: --- +### OP Stack operator landing zone + +| VMID | IP Address | Hostname | Status | Endpoints | Purpose | +|------|------------|----------|--------|-----------|---------| +| 5751 | 192.168.11.69 | op-stack-deployer-1 | ✅ Provisioned | SSH: 22 | `op-deployer` / `op-validator` / artifact workspace on `r630-02` (`thin5`) | +| 5752 | 192.168.11.70 | op-stack-ops-1 | ✅ Provisioned | SSH: 22 | OP Stack runtime/service staging (`op-node`, `op-geth`, batcher, proposer, challenger) on `r630-02` (`thin5`) | + +--- + ### DBIS Core Services | VMID | IP Address | Hostname | Status | Endpoints | Purpose | @@ -239,8 +283,8 @@ The following VMIDs have been permanently removed: | 10101 | 192.168.11.106 | dbis-postgres-replica-1 | ✅ Running | PostgreSQL: 5432 | Database replica | | 10120 | 192.168.11.125 | dbis-redis | ✅ Running | Redis: 6379 | Cache layer | | 10130 | 192.168.11.130 | dbis-frontend | ✅ Running | Web: 80, 443 | Admin + secure **web** shell (see canonical hostnames below) | -| 10150 | 192.168.11.155 | dbis-api-primary | ✅ Running | TCP **3000** | **Placeholder:** `python3 -m http.server 3000` (not dbis_core Node API). **Host:** r630-01. **SMTP template:** `/tmp/smtp.env.example` (via `pct push` / operator; copy into `/opt/dbis-core/.env` when the real API is deployed). | -| 10151 | 192.168.11.156 | dbis-api-secondary | ✅ Running | TCP **3000** | Same as 10150 (placeholder static server). | +| 10150 | 192.168.11.155 | dbis-api-primary | ✅ Running | TCP **3000** | **Live DBIS API source runtime** via `dbis-api.service`. Root `/` returns service metadata JSON; `/health` and `/v1/health` return JSON health. **Host:** r630-01. | +| 10151 | 192.168.11.156 | dbis-api-secondary | ✅ Running | TCP **3000** | Secondary **live DBIS API** node via `dbis-api.service`; mirrors 10150. | **Canonical public hostnames (operator intent)** @@ -249,7 +293,7 @@ The following VMIDs have been permanently removed: | **d-bis.org** | Public institutional web | TBD — Gov Portals **DBIS** Next app or static export when cut over | | **admin.d-bis.org** | Admin console | VMID **10130** `:80` | | **secure.d-bis.org** | Member secure portal | VMID **10130** `:80` (path-based routing; see below) | -| **core.d-bis.org** | **DBIS Core** banking — **client** portal (`dbis_core`) | **TBD** — wire when UI/API for core banking clients is exposed (often **10150**/10151 or dedicated LXC) | +| **core.d-bis.org** | **DBIS Core** service root (`dbis_core`) | VMID **10150** `:3000` today; currently serves DBIS API metadata while the dedicated client UI cutover remains pending | **Legacy:** `dbis-admin.d-bis.org` → same upstream as **admin.d-bis.org** if still in DNS. @@ -257,10 +301,11 @@ The following VMIDs have been permanently removed: - `admin.d-bis.org` → VMID 10130:80 (canonical admin) - `dbis-admin.d-bis.org` → VMID 10130:80 (legacy alias, if configured) - `secure.d-bis.org` → VMID 10130:80 -- `dbis-api.d-bis.org` → NPM target VMID 10150:3000 (**currently static placeholder**, not production API) -- `dbis-api-2.d-bis.org` → NPM target VMID 10151:3000 (**placeholder**) +- `dbis-api.d-bis.org` → NPM target VMID 10150:3000 (**live DBIS API**, `/health` + `/v1/health`) +- `dbis-api-2.d-bis.org` → NPM target VMID 10151:3000 (**live DBIS API**) +- `data.d-bis.org` → NPM target VMID 10150:3000 (`/v1/health` on the primary DBIS API node) -**No other LAN host** in this inventory currently exposes the compiled **dbis_core** integration API; `192.168.11.150` / `.151` from older deployment notes were **unreachable** from the operator LAN (2026-03-30). Deploy Node + systemd on 10150/10151 (or update NPM to a new upstream) when the API is ready. +**Current DBIS API runtime:** `10150` and `10151` now expose the compiled/source **dbis_core** integration API through `dbis-api.service`. Older `192.168.11.150` / `.151` references remain historical only. --- @@ -294,19 +339,19 @@ The following VMIDs have been permanently removed: | 7802 | 192.168.11.52 | sankofa-keycloak-1 | ✅ Running | Keycloak: 8080, Admin: /admin | Identity and Access Management | | 7803 | 192.168.11.53 | sankofa-postgres-1 | ✅ Running | PostgreSQL: 5432 | Database Service | | 7804 | 192.168.11.54 | (Gov Portals dev) | ✅ Running | Web: 80 | Gov Portals — DBIS, ICCC, OMNL, XOM (*.xom-dev.phoenix.sankofa.nexus) | -| 7805 | 192.168.11.72 | sankofa-studio | — | API: 8000 | Sankofa Studio (FusionAI Creator) — studio.sankofa.nexus (IP .72; .55 = VMID 10230 order-vault) | +| 7805 | 192.168.11.72 | sankofa-studio | ✅ Running | API: 8000 | Sankofa Studio (FusionAI Creator) — studio.sankofa.nexus (IP .72; .55 = VMID 10230 order-vault) | | 7806 | 192.168.11.63 | sankofa-public-web | ✅ Running | Web: 3000 | Corporate / marketing Next.js (Sankofa **repo root**); provision: `scripts/deployment/provision-sankofa-public-web-lxc-7806.sh`; deploy: `scripts/deployment/sync-sankofa-public-web-to-ct.sh`; NPM apex via **`IP_SANKOFA_PUBLIC_WEB`** (`.env` or override) | **Public Domains** (NPMplus routing): -- `sankofa.nexus` / `www.sankofa.nexus` → **`IP_SANKOFA_PUBLIC_WEB`:`SANKOFA_PUBLIC_WEB_PORT** (typical: **7806** `192.168.11.63:3000` when `.env` sets `IP_SANKOFA_PUBLIC_WEB`; else defaults to portal **7801**); fleet script: `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh`. **`www`** → **301** → apex `https://sankofa.nexus` (`$request_uri`). ✅ +- `sankofa.nexus` / `www.sankofa.nexus` → **`IP_SANKOFA_PUBLIC_WEB`:`SANKOFA_PUBLIC_WEB_PORT** (canonical current target: **7806** `192.168.11.63:3000`). Fleet script: `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh`. **`www`** → **301** → apex `https://sankofa.nexus` (`$request_uri`). ✅ - `portal.sankofa.nexus` / `admin.sankofa.nexus` → **`IP_SANKOFA_CLIENT_SSO`:`SANKOFA_CLIENT_SSO_PORT** (typical: 7801 `:3000`). NextAuth / OIDC public URL: **`https://portal.sankofa.nexus`**. ✅ when NPM proxy rows exist (fleet script creates/updates them). - `dash.sankofa.nexus` → Set **`IP_SANKOFA_DASH`** (+ `SANKOFA_DASH_PORT`) in `config/ip-addresses.conf` to enable upstream in the fleet script; IP allowlist at NPM is operator policy. 🔶 until dash app + env are set. - `phoenix.sankofa.nexus` → Routes to `http://192.168.11.50:4000` (Phoenix API/VMID 7800) ✅ - `www.phoenix.sankofa.nexus` → Same upstream; **301** to **`https://phoenix.sankofa.nexus`**. ✅ - `the-order.sankofa.nexus` / `www.the-order.sankofa.nexus` → OSJ management portal (secure auth). App source: **the_order** at `~/projects/the_order`. NPMplus default upstream: **order-haproxy** `http://192.168.11.39:80` (VMID **10210**), which proxies to Sankofa portal `http://192.168.11.51:3000` (7801). Fallback: set `THE_ORDER_UPSTREAM_IP` / `THE_ORDER_UPSTREAM_PORT` to `.51` / `3000` if HAProxy is offline. **`www.the-order.sankofa.nexus`** → **301** **`https://the-order.sankofa.nexus`** (same as `www.sankofa` / `www.phoenix`). -- `studio.sankofa.nexus` → Routes to `http://192.168.11.72:8000` (Sankofa Studio / VMID 7805) +- `studio.sankofa.nexus` → Routes to `http://192.168.11.72:8000` (Sankofa Studio / VMID 7805; app-owned `/` → `/studio/` redirect) -**Public verification evidence (2026-03-26):** `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` passed with `Failed: 0`; Sankofa root, Phoenix, Studio, and The Order returned `200`. See [verification_report.md](verification-evidence/e2e-verification-20260326_100057/verification_report.md). +**Public verification evidence (2026-04-05):** `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` passed with `DNS passed: 60`, `HTTPS passed: 44`, and `Failed: 0`; Sankofa root, portal, admin, Studio, Phoenix, The Order, and `info.defi-oracle.io` all returned healthy responses. See [verification_report.md](verification-evidence/e2e-verification-20260405_160949/verification_report.md). **Service Details:** - **Host:** r630-01 (192.168.11.11) @@ -322,6 +367,9 @@ The following VMIDs have been permanently removed: | VMID | IP Address | Hostname | Status | Endpoints | Purpose | |------|------------|----------|--------|-----------|---------| +| 10000 | 192.168.11.44 | order-postgres-primary | ✅ Running | PostgreSQL: 5432 | Order DB primary (`ORDER_POSTGRES_PRIMARY`) | +| 10001 | 192.168.11.45 | order-postgres-replica | ✅ Running | PostgreSQL: 5432 | Order DB replica (`ORDER_POSTGRES_REPLICA`) | +| 10020 | 192.168.11.38 | order-redis | ✅ Running | Redis: 6379 | Order cache (`ORDER_REDIS_IP`; VMID 10020) | | 10030 | 192.168.11.40 | order-identity | ✅ Running | API | Identity | | 10040 | 192.168.11.41 | order-intake | ✅ Running | API | Intake | | 10050 | 192.168.11.49 | order-finance | ✅ Running | API | Finance | @@ -334,6 +382,7 @@ The following VMIDs have been permanently removed: | 10200 | 192.168.11.46 | order-prometheus | ✅ Running | 9090 | Metrics (`IP_ORDER_PROMETHEUS`; not Order Redis) | | 10201 | 192.168.11.47 | order-grafana | ✅ Running | 3000 | Dashboards | | 10202 | 192.168.11.48 | order-opensearch | ✅ Running | 9200 | Search | +| 10203 | 192.168.11.222 | omdnl-org-web | ✅ Running | HTTP: 80 (nginx) | **omdnl.org** / **www.omdnl.org** static landing; `provision-omdnl-org-web-lxc.sh`; `sync-omdnl-org-static-to-ct.sh`; NPM `upsert-omdnl-org-proxy-host.sh`; `IP_OMDNL_ORG_WEB` | | 10210 | 192.168.11.39 | order-haproxy | ✅ Running | 80 (HAProxy → portal :3000) | Edge for **the-order.sankofa.nexus**; HAProxy config via `config/haproxy/order-haproxy-10210.cfg.template` + `scripts/deployment/provision-order-haproxy-10210.sh` | **Gov portals vs Order:** VMID **7804** alone uses **192.168.11.54** (`IP_GOV_PORTALS_DEV`). Order-legal must not use .54. @@ -371,18 +420,20 @@ The following VMIDs have been permanently removed: |------|------------|----------|--------|-----------|---------| | 3500 | 192.168.11.29 | oracle-publisher-1 | ✅ Running (verify on-chain) | Oracle: Various | **r630-02** `thin5`. Reprovisioned 2026-03-28 via `scripts/deployment/provision-oracle-publisher-lxc-3500.sh` (systemd `oracle-publisher`). If `updateAnswer` txs revert, set `PRIVATE_KEY` in `/opt/oracle-publisher/.env` to an EOA **authorized on the aggregator** (may differ from deployer). Metrics: `:8000/metrics`. | | 3501 | 192.168.11.28 | ccip-monitor-1 | ✅ Running | Monitor: Various | CCIP monitoring; **migrated 2026-03-28** to **r630-02** `thin5` (`pvesh` … `/migrate --target-storage thin5`). | -| 5200 | 192.168.11.80 | cacti-1 | ✅ Running | Web: 80, 443 | Network monitoring (Cacti); **host r630-02** (migrated 2026-02-15) | +| 5200 | 192.168.11.80 | cacti-1 | ✅ Running | Web: 80, 443; API: 4000 | Primary Cacti / Besu connector node; **host r630-02** (migrated 2026-02-15) | +| 5201 | 192.168.11.177 | cacti-alltra-1 | ✅ Running | Web: 80; API: 4000 | Public Alltra Cacti landing page and local Hyperledger Cacti API; `cacti-alltra.d-bis.org` | +| 5202 | 192.168.11.251 | cacti-hybx-1 | ✅ Running | Web: 80; API: 4000 | Public HYBX Cacti landing page and local Hyperledger Cacti API; `cacti-hybx.d-bis.org` | --- -### Machine Learning Nodes +### Legacy Monitor / RPC-Adjacent Nodes | VMID | IP Address | Hostname | Status | Endpoints | Purpose | |------|------------|----------|--------|-----------|---------| -| 3000 | 192.168.11.60 | ml110 | ✅ Running | ML Services: Various | ML node 1 | -| 3001 | 192.168.11.61 | ml110 | ✅ Running | ML Services: Various | ML node 2 | -| 3002 | 192.168.11.62 | ml110 | ✅ Running | ML Services: Various | ML node 3 | -| 3003 | 192.168.11.63 | ml110 | ✅ Running | ML Services: Various | ML node 4 | +| 3000 | 192.168.11.60 | ml110 | ✅ Running | No dedicated public listener verified | Legacy monitor / RPC-adjacent Ubuntu guest (`systemd-networkd` re-enabled 2026-04-05) | +| 3001 | 192.168.11.61 | ml110 | ✅ Running | No dedicated public listener verified | Legacy monitor / RPC-adjacent Ubuntu guest (`systemd-networkd` re-enabled 2026-04-05) | +| 3002 | 192.168.11.62 | ml110 | ✅ Running | No dedicated public listener verified | Legacy monitor / RPC-adjacent Ubuntu guest (`systemd-networkd` re-enabled 2026-04-05) | +| 3003 | 192.168.11.66 | ml110 | ✅ Running | No dedicated public listener verified | Legacy monitor / RPC-adjacent Ubuntu guest; readdressed from `.63` on 2026-04-05 to remove the Sankofa public-web IP conflict, and `systemd-networkd` was re-enabled the same day | --- @@ -425,7 +476,9 @@ VM Nginx (443) → Backend Services Internal Network (192.168.11.0/24) ↓ Direct to RPC Nodes: - - VMID 2101: 192.168.11.211:8545 (HTTP) / 8546 (WS) - Core RPC + - VMID 2101: 192.168.11.211:8545 (HTTP) / 8546 (WS) - Core RPC 1 (r630-01) + - VMID 2102: 192.168.11.212:8545 (HTTP) / 8546 (WS) - Core RPC 2 (r630-03) + - VMID 2103: 192.168.11.217:8545 (HTTP) / 8546 (WS) - Core RPC Thirdweb admin (r630-01) - VMID 2201: 192.168.11.221:8545 (HTTP) / 8546 (WS) - Public RPC - VMID 2303: 192.168.11.233:8545 (HTTP) / 8546 (WS) - Ali 0x8a - VMID 2304: 192.168.11.234:8545 (HTTP) / 8546 (WS) - Ali 0x1 @@ -478,10 +531,9 @@ Direct to RPC Nodes: ### NPMplus Routing Issues -1. **`rpc.public-0138.defi-oracle.io`**: Currently routes to wrong VMID - - **Current**: `https://192.168.11.252:443` (VMID 2502 - decommissioned) - - **Should be**: `https://192.168.11.240:443` (VMID 2400) - - **Fix**: Update NPMplus proxy host configuration +1. **`rpc.public-0138.defi-oracle.io`**: Canonical target is **VMID 2400** + - **Canonical**: `https://192.168.11.240:443` (VMID 2400) + - **Historical note:** older inventory text referenced decommissioned VMID **2502**; remove that assumption when auditing current routing. --- @@ -546,15 +598,15 @@ This section lists all endpoints that should be configured in NPMplus, extracted | `rpc-http-prv.d-bis.org` | `192.168.11.211` | `https` | `443` | ✅ Yes | Private RPC with JWT (VMID 2101) | | `rpc-ws-prv.d-bis.org` | `192.168.11.211` | `https` | `443` | ✅ Yes | Private WebSocket RPC with JWT (VMID 2101) | | **Explorer** | -| `explorer.d-bis.org` | `192.168.11.140` | `http` | `4000` | ❌ No | Blockchain Explorer (VMID 5000 - Direct Route) | +| `explorer.d-bis.org` | `192.168.11.140` | `http` | `80` | ❌ No | Explorer ingress on VMID 5000 nginx; internal services are split behind it | | **DBIS Services** | | `d-bis.org` | `192.168.11.54` | `http` | `3001` | ❌ No | Public apex — Gov Portals DBIS on **7804** (override `IP_DBIS_PUBLIC_APEX` / `DBIS_PUBLIC_APEX_PORT`) | | `www.d-bis.org` | `192.168.11.54` | `http` | `3001` | ❌ No | Same upstream as apex; NPM **301** → `https://d-bis.org` when `advanced_config` set by fleet script | | `admin.d-bis.org` | `192.168.11.130` | `http` | `80` | ❌ No | DBIS **admin** console (VMID 10130); canonical | | `dbis-admin.d-bis.org` | `192.168.11.130` | `http` | `80` | ❌ No | Legacy alias — same upstream as **admin.d-bis.org** | -| `core.d-bis.org` | `192.168.11.155` | `http` | `3000` | ❌ No | **DBIS Core** client portal — default **10150** until `IP_DBIS_CORE_CLIENT` / `DBIS_CORE_CLIENT_PORT` repointed | -| `dbis-api.d-bis.org` | `192.168.11.155` | `http` | `3000` | ❌ No | VMID 10150 — **placeholder** static server until Node API deployed | -| `dbis-api-2.d-bis.org` | `192.168.11.156` | `http` | `3000` | ❌ No | VMID 10151 — **placeholder** | +| `core.d-bis.org` | `192.168.11.155` | `http` | `3000` | ❌ No | Current DBIS Core service root on **10150**; returns service metadata JSON until the dedicated client UI is cut over | +| `dbis-api.d-bis.org` | `192.168.11.155` | `http` | `3000` | ❌ No | VMID 10150 — live DBIS API (`/health`, `/v1/health`) | +| `dbis-api-2.d-bis.org` | `192.168.11.156` | `http` | `3000` | ❌ No | VMID 10151 — live DBIS API (`/health`, `/v1/health`) | | `secure.d-bis.org` | `192.168.11.130` | `http` | `80` | ❌ No | DBIS Secure Portal (VMID 10130) - Path-based routing | | **MIM4U Services** | | `mim4u.org` | `192.168.11.37` | `http` | `80` | ❌ No | MIM4U Main Site (VMID 7810 mim-web-1) | @@ -562,7 +614,7 @@ This section lists all endpoints that should be configured in NPMplus, extracted | `secure.mim4u.org` | `192.168.11.37` | `http` | `80` | ❌ No | MIM4U Secure Portal (VMID 7810) | | `training.mim4u.org` | `192.168.11.37` | `http` | `80` | ❌ No | MIM4U Training Portal (VMID 7810) | | **Sankofa Phoenix Services** | -| `sankofa.nexus` | **`IP_SANKOFA_PUBLIC_WEB`** (default `.51` until public-web CT) | `http` | **`SANKOFA_PUBLIC_WEB_PORT`** (`3000`) | ❌ No | Corporate apex; fleet script `update-npmplus-proxy-hosts-api.sh` | +| `sankofa.nexus` | **`IP_SANKOFA_PUBLIC_WEB`** (`192.168.11.63` on VMID 7806 in the current deployment) | `http` | **`SANKOFA_PUBLIC_WEB_PORT`** (`3000`) | ❌ No | Corporate apex; fleet script `update-npmplus-proxy-hosts-api.sh` | | `www.sankofa.nexus` | same as apex | `http` | same | ❌ No | **301** → `https://sankofa.nexus` | | `portal.sankofa.nexus` | **`IP_SANKOFA_CLIENT_SSO`** (typ. `.51` / 7801) | `http` | **`SANKOFA_CLIENT_SSO_PORT`** (`3000`) | ❌ No | Client SSO portal; `NEXTAUTH_URL=https://portal.sankofa.nexus` | | `admin.sankofa.nexus` | same as portal | `http` | same | ❌ No | Client access admin (same upstream until split) | @@ -578,7 +630,7 @@ Some domains use path-based routing in NPM configs: **`secure.d-bis.org`**: - `/admin` → `http://192.168.11.130:80` (DBIS Frontend) -- `/api` → `http://192.168.11.155:3000` (intended DBIS API — **upstream is placeholder** until 10150 runs dbis_core) +- `/api` → `http://192.168.11.155:3000` (live DBIS API on 10150) - `/graph` → `http://192.168.11.155:3000` (same) - `/` → `http://192.168.11.130:80` (DBIS Frontend) @@ -592,8 +644,8 @@ Some domains use path-based routing in NPM configs: | Domain | Correct target (VMID, IP:port) | Do NOT point to | |--------|--------------------------------|-----------------| -| `explorer.d-bis.org` | 5000, 192.168.11.140:80 (web), :4000 (API) | — | -| `sankofa.nexus`, `www.sankofa.nexus` | **Public web:** target **7806** (or `IP_SANKOFA_PUBLIC_WEB`) when split; defaults still **7801**, 192.168.11.51:3000 | 192.168.11.140 (Blockscout) | +| `explorer.d-bis.org` | 5000, 192.168.11.140:80/443 ingress; internal listeners documented in `deployment/LIVE_DEPLOYMENT_MAP.md` | — | +| `sankofa.nexus`, `www.sankofa.nexus` | **Public web:** **7806**, 192.168.11.63:3000 (`IP_SANKOFA_PUBLIC_WEB`) | 192.168.11.140 (Blockscout) | | `portal.sankofa.nexus`, `admin.sankofa.nexus` | **7801**, 192.168.11.51:3000 (`IP_SANKOFA_CLIENT_SSO`) | 192.168.11.140 (Blockscout) | | `dash.sankofa.nexus` | Set **`IP_SANKOFA_DASH`** when operator dash exists | 192.168.11.140 (Blockscout) | | `phoenix.sankofa.nexus`, `www.phoenix.sankofa.nexus` | 7800, 192.168.11.50:4000 | 192.168.11.140 (Blockscout) | @@ -606,20 +658,22 @@ If NPMplus proxy hosts for sankofa.nexus or phoenix.sankofa.nexus currently poin --- -**Last Updated**: 2026-03-29 +**Last Updated**: 2026-04-06 **Maintained By**: Infrastructure Team --- ## RPC Node Quick Reference -### Active RPC Endpoints (12/13 Running) +### Active RPC Endpoints (LAN Besu HTTP RPC fleet) | IP Address | VMID | Name | Status | |------------|------|------|--------| | 192.168.11.211 | 2101 | besu-rpc-core-1 | ✅ Running | +| 192.168.11.212 | 2102 | besu-rpc-core-2 | ✅ Running | +| 192.168.11.217 | 2103 | besu-rpc-core-thirdweb | ✅ Running | | 192.168.11.221 | 2201 | besu-rpc-public-1 | ✅ Running | -| 192.168.11.232 | 2301 | besu-rpc-private-1 | ⏸️ Stopped | +| 192.168.11.232 | 2301 | besu-rpc-private-1 | ✅ Running | | 192.168.11.233 | 2303 | besu-rpc-ali-0x8a | ✅ Running | | 192.168.11.234 | 2304 | besu-rpc-ali-0x1 | ✅ Running | | 192.168.11.235 | 2305 | besu-rpc-luis-0x8a | ✅ Running | @@ -634,8 +688,8 @@ If NPMplus proxy hosts for sankofa.nexus or phoenix.sankofa.nexus currently poin ### Test All RPC Nodes ```bash -# Quick test all RPC nodes -for ip in 192.168.11.211 192.168.11.221 192.168.11.233 192.168.11.234 192.168.11.235 192.168.11.236 192.168.11.237 192.168.11.238 192.168.11.240 192.168.11.241 192.168.11.242 192.168.11.243; do +# Quick test all RPC nodes (full fleet: scripts/verify/check-chain138-rpc-health.sh) +for ip in 192.168.11.211 192.168.11.212 192.168.11.217 192.168.11.221 192.168.11.232 192.168.11.233 192.168.11.234 192.168.11.235 192.168.11.236 192.168.11.237 192.168.11.238 192.168.11.240 192.168.11.241 192.168.11.242 192.168.11.243; do curl -s -X POST -H "Content-Type: application/json" \ --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' \ http://$ip:8545 | grep -q "result" && echo "✓ $ip" || echo "✗ $ip" diff --git a/docs/04-configuration/BESU_DEPLOYMENT_MONITORING.md b/docs/04-configuration/BESU_DEPLOYMENT_MONITORING.md index 63a9c133..11c0e4aa 100644 --- a/docs/04-configuration/BESU_DEPLOYMENT_MONITORING.md +++ b/docs/04-configuration/BESU_DEPLOYMENT_MONITORING.md @@ -1,5 +1,7 @@ # Besu Configuration Deployment Monitoring Guide +> Historical note: This monitoring guide reflects a January 2026 deployment window and preserves the fleet assumptions from that rollout. Keep it as deployment history. For current nodes and services, verify against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and the active verification scripts. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/BESU_IMPLEMENTATION_COMPLETE.md b/docs/04-configuration/BESU_IMPLEMENTATION_COMPLETE.md index ce9ae184..544a06ca 100644 --- a/docs/04-configuration/BESU_IMPLEMENTATION_COMPLETE.md +++ b/docs/04-configuration/BESU_IMPLEMENTATION_COMPLETE.md @@ -1,5 +1,7 @@ # Besu Configuration Implementation - Complete +> Historical note: This completion report captures a January 2026 implementation milestone and preserves the fleet assumptions from that period. Read it as delivery history, not as the current node/config inventory. For live Besu roles and configs, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and the active templates under `smom-dbis-138-proxmox/templates/besu-configs/`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/BESU_PERFORMANCE_TUNING.md b/docs/04-configuration/BESU_PERFORMANCE_TUNING.md index fccdb8bb..27a50d7b 100644 --- a/docs/04-configuration/BESU_PERFORMANCE_TUNING.md +++ b/docs/04-configuration/BESU_PERFORMANCE_TUNING.md @@ -1,5 +1,7 @@ # Besu Performance Tuning Guide +> Modern note: This tuning guide is still relevant conceptually, but some node-count and fleet examples come from an earlier RPC layout. Use the tuning guidance, but map it onto the current fleet defined in `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md b/docs/04-configuration/BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md new file mode 100644 index 00000000..f9bf4bb4 --- /dev/null +++ b/docs/04-configuration/BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md @@ -0,0 +1,111 @@ +# Pathways: Chain 138 → native BTC (Changelly & Atomic Wallet) + +**Purpose:** Define how value moves from **Chain 138** to **native BTC on Bitcoin mainnet** using **Changelly** (partner API, automation-friendly) and **Atomic Wallet** (in-app swap, user-operated). Machine-readable steps live in [`config/btc-settlement-pathways.json`](../../config/btc-settlement-pathways.json). + +**Related:** [MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md](../00-meta/MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md) (mainnet liquidity for bridges), [MAINNET_RAMP_USER_FLOWS.md](MAINNET_RAMP_USER_FLOWS.md), [DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md](../11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md). + +--- + +## 1. Changelly (recommended for orchestration) + +Changelly operates a **white-label crypto-to-crypto** product: **Exchange API v2** (JSON-RPC over HTTPS). You implement calls **only on a backend**; keys must not ship to browsers. Official docs: [Changelly Exchange API v2](https://docs.changelly.com/). + +### 1.1 Partner onboarding + +1. Generate an **RSA key pair** (Changelly documents the format in [Generate keys](https://docs.changelly.com/development/generate-keys)). +2. Register at [changelly.com](https://changelly.com/) and email **pro@changelly.com** with account email, **public** key, and Base64 public key, plus project description (per [Getting started](https://docs.changelly.com/usage/getting-started)). +3. Store the **private key** in your secrets vault (file path or KMS); map env vars in [`.env.master.example`](../../.env.master.example) (`CHANGELLY_*`). + +### 1.2 Auth model + +Each request sends: + +- **`X-Api-Key`** — SHA-256 hash of your public key (hex), as documented. +- **`X-Api-Signature`** — RSA-SHA256 signature of the **exact** JSON-RPC body. + +See [Authentication](https://docs.changelly.com/development/authentication). + +### 1.3 Typical API sequence (BTC payout) + +Use the methods listed in `config/btc-settlement-pathways.json` under `changelly.documentedRpcFlow`. In practice: + +1. **`getCurrencies` / `getPairsParams`** — Confirm **from** tickers you will fund (e.g. `eth`, `usdt20`, `usdc`) and **to** = `btc`. +2. **`getMinAmount`** — Respect minimums for the pair. +3. **`validateAddress`** — Validate the user’s **BTC** address before creating the transaction. +4. **`getExchangeAmount`** — Quote expected BTC out (v2 quotes must pair with v2 `createTransaction`). +5. **`createTransaction`** — Pass payout **BTC address**, **from** currency, and amount; receive **Changelly deposit (payin) address** and transaction id. +6. **On Ethereum:** Send the exact **payin** amount from your **treasury** wallet to the deposit address (ERC-20 `transfer` or native ETH per instructions). +7. **`getTransactions`** (or status polling) — Track until outbound BTC is sent; record **Bitcoin txid** for reconciliation. + +**Constraint:** For currencies with multiple outputs (e.g. BTC), Changelly does not accept more than **one output per address** in a single transaction ([Getting started](https://docs.changelly.com/usage/getting-started)). + +### 1.4 How this attaches to Chain 138 + +Changelly does **not** speak Chain 138. Your orchestrator must first land **standard Ethereum mainnet** assets: + +- **Swap on 138** (e.g. cUSDT/cUSDC via PMM) into whatever your **bridge** expects (often **WETH** for CCIP WETH bridges). +- **Bridge 138 → Ethereum** using your **deployed** bridges; ensure **mainnet liquidity** so payouts do not stall ([MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md](../00-meta/MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md)). +- **Optional mainnet DEX** if the bridged asset is not exactly the Changelly **from** ticker (e.g. WETH → USDT). + +Then run the Changelly sequence above from a **mainnet treasury** EOA or contract you control. + +--- + +## 2. Atomic Wallet (user path, not a drop-in server API) + +Atomic Wallet’s **Exchange** feature is documented for **end users**: you choose assets and send to **partner deposit flows** inside the app; rates are **not** fixed; completion time is vendor-dependent. See [How do I make a swap?](https://support.atomicwallet.io/article/73-how-to-make-an-exchange) and [The process of a swap](https://support.atomicwallet.io/article/90-the-process-of-exchange). + +### 2.1 Pathway in this project + +1. Same **138 → Ethereum** bridge outcome as for Changelly, but funds must end on an **Ethereum address the user controls in Atomic** (import the same key, or transfer to Atomic’s ETH account). +2. User opens **Exchange** in Atomic, selects **from** (e.g. ETH, USDT, USDC if listed) **to BTC**, confirms quote, completes the flow. +3. **Ops / compliance:** Treat as **manual** or **semi-manual**; idempotency and server-side reconciliation are **your** bookkeeping, not Atomic’s public API in this pathway. + +### 2.2 Why not “just call Atomic’s API” like Changelly? + +There is **no** first-party, documented **B2B swap API** in Atomic’s public knowledge base equivalent to Changelly v2 for arbitrary **server-to-BTC** settlement. Third-party **portfolio / connectivity** products may exist; they are **out of scope** for this repo unless you add a dedicated integration with contractual coverage. + +**Use Atomic** when end users already use the wallet and you accept **human-in-the-loop** swaps. **Use Changelly** when you need **backend-driven** create-and-pay flows. + +--- + +## 3. Architecture sketch (orchestrator) + +```mermaid +flowchart LR + subgraph chain138 [Chain 138] + A[Source tokens e.g. cUSDT cUSDC] + B[PMM or router swap] + C[Bridge lock or CCIP send] + end + subgraph mainnet [Ethereum mainnet] + D[Recipient treasury or user EOA] + E[Optional DEX to USDT USDC ETH] + end + subgraph settlement [BTC settlement] + F[Changelly createTransaction plus payin tx] + G[Atomic user Exchange] + H[Native BTC UTXO payout] + end + A --> B --> C --> D --> E + E --> F --> H + E --> G --> H +``` + +--- + +## 4. What you still implement in software + +| Piece | Changelly path | Atomic path | +|--------|----------------|-------------| +| Bridge + swap planner | Required | Required | +| Secure Changelly JSON-RPC client | Required | N/A | +| Treasury mainnet wallet + gas | Required | User wallet | +| Job store + idempotency + status UI | Required | Optional / manual | +| BTC address validation | Via Changelly + local checks | User | + +--- + +## 5. Env placeholders + +See **`CHANGELLY_*`** in [`.env.master.example`](../../.env.master.example). Do not commit private keys; use a secrets manager or encrypted PEM path on servers. diff --git a/docs/04-configuration/CHAIN138_JWT_AUTH_REQUIREMENTS.md b/docs/04-configuration/CHAIN138_JWT_AUTH_REQUIREMENTS.md index 499b07fc..4e5f0be1 100644 --- a/docs/04-configuration/CHAIN138_JWT_AUTH_REQUIREMENTS.md +++ b/docs/04-configuration/CHAIN138_JWT_AUTH_REQUIREMENTS.md @@ -1,5 +1,7 @@ # ChainID 138 JWT Authentication Requirements +> Modern note: This requirements doc preserves earlier blanket statements about RPC container auth during the migration period. Keep it as design guidance, but confirm the live service/auth split against current RPC configs and `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` before applying it operationally. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -158,4 +160,3 @@ location / { **Last Updated:** December 26, 2024 **Status:** ✅ Requirements Documented - diff --git a/docs/04-configuration/CHAIN138_WALLET_CONFIG_VALIDATION.md b/docs/04-configuration/CHAIN138_WALLET_CONFIG_VALIDATION.md index 648c26e6..217bc58b 100644 --- a/docs/04-configuration/CHAIN138_WALLET_CONFIG_VALIDATION.md +++ b/docs/04-configuration/CHAIN138_WALLET_CONFIG_VALIDATION.md @@ -1,14 +1,14 @@ # Chain 138 – Wallet & SDK Config Validation -**Last Updated:** 2026-01-31 +**Last Updated:** 2026-04-02 **Document Version:** 1.0 **Status:** Active Documentation --- **Purpose**: Validated configs for MetaMask, ethers.js, and Ledger (Chain 138 – Defi Oracle Meta Mainnet). -**RPC**: `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc2.d-bis.org`, `https://rpc.defi-oracle.io` -**WS**: `wss://rpc-ws-pub.d-bis.org`, `wss://rpc.d-bis.org`, `wss://ws.rpc.d-bis.org`, `wss://ws.rpc2.d-bis.org`, `wss://wss.defi-oracle.io` +**RPC**: `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc2.d-bis.org`, `https://rpc.public-0138.defi-oracle.io`, `https://rpc.defi-oracle.io` +**WS**: `wss://rpc-ws-pub.d-bis.org`, `wss://rpc.d-bis.org`, `wss://ws.rpc.d-bis.org`, `wss://ws.rpc2.d-bis.org`, `wss://rpc.public-0138.defi-oracle.io`, `wss://wss.defi-oracle.io` (order matches [ethereum-lists/chains `eip155-138.json`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json)) **Chain ID**: 138 (`0x8a`) --- @@ -20,7 +20,7 @@ Use **Settings → Networks → Add network** (or “Add a network manually”) | Field | Value | |-------|--------| | **Network name** | Defi Oracle Meta Mainnet | -| **RPC URL** | `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc2.d-bis.org`, or `https://rpc.defi-oracle.io` | +| **RPC URL** | `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc2.d-bis.org`, `https://rpc.public-0138.defi-oracle.io`, or `https://rpc.defi-oracle.io` | | **Chain ID** | `138` | | **Currency symbol** | ETH | | **Block explorer** | `https://explorer.d-bis.org` | @@ -40,8 +40,23 @@ const chain138 = { name: "Defi Oracle Meta Mainnet", nativeCurrency: { name: "Ether", symbol: "ETH", decimals: 18 }, rpcUrls: { - default: { http: ["https://rpc-http-pub.d-bis.org", "https://rpc.d-bis.org", "https://rpc2.d-bis.org", "https://rpc.defi-oracle.io"] }, - webSocket: ["wss://rpc-ws-pub.d-bis.org", "wss://rpc.d-bis.org", "wss://ws.rpc.d-bis.org", "wss://ws.rpc2.d-bis.org", "wss://wss.defi-oracle.io"] + default: { + http: [ + "https://rpc-http-pub.d-bis.org", + "https://rpc.d-bis.org", + "https://rpc2.d-bis.org", + "https://rpc.public-0138.defi-oracle.io", + "https://rpc.defi-oracle.io" + ] + }, + webSocket: [ + "wss://rpc-ws-pub.d-bis.org", + "wss://rpc.d-bis.org", + "wss://ws.rpc.d-bis.org", + "wss://ws.rpc2.d-bis.org", + "wss://rpc.public-0138.defi-oracle.io", + "wss://wss.defi-oracle.io" + ] }, blockExplorers: { default: { name: "Blockscout", url: "https://explorer.d-bis.org" } @@ -67,7 +82,7 @@ Validated: HTTP RPC returns chainId 138; WS endpoints route to same backend (VMI Chain 138 is a custom chain. In Ledger Live / Ledger-compatible apps: - **Network**: Add custom Ethereum-compatible network. -- **RPC**: `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc2.d-bis.org`, or `https://rpc.defi-oracle.io` +- **RPC**: `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc2.d-bis.org`, `https://rpc.public-0138.defi-oracle.io`, or `https://rpc.defi-oracle.io` - **Chain ID**: `138` - **Explorer**: `https://explorer.d-bis.org` diff --git a/docs/04-configuration/CHAIN138_X402_TOKEN_SUPPORT.md b/docs/04-configuration/CHAIN138_X402_TOKEN_SUPPORT.md index 0971f68f..3240a3ca 100644 --- a/docs/04-configuration/CHAIN138_X402_TOKEN_SUPPORT.md +++ b/docs/04-configuration/CHAIN138_X402_TOKEN_SUPPORT.md @@ -20,16 +20,27 @@ For the full operational + token readiness picture, use: ```bash ./scripts/verify/check-chain138-x402-readiness.sh [CORE_RPC] [PUBLIC_RPC] [EXPLORER_STATS] [--token SYMBOL=ADDRESS]... # Optional: --strict to exit non-zero until Chain 138 is fully x402-ready +# Default token set: cUSDT_V2, cUSDC_V2, then legacy cUSDT, cUSDC (override with repeated --token SYMBOL=0x…). ``` -**Last run:** March 31, 2026. Script confirms the following for deployed contracts on Chain 138. +**Last run:** April 7, 2026. Script confirms the following for deployed contracts on Chain 138. | Token | Address | ERC-2612 (permit) | ERC-3009 (transferWithAuthorization) | x402-compatible | |-------|---------|-------------------|--------------------------------------|-----------------| | cUSDT | `0x93E66202A11B1772E55407B32B44e5Cd8eda7f22` | Not supported | Not supported | No | | cUSDC | `0xf22258f57794CC8E06237084b353Ab30fFfa640b` | Not supported | Not supported | No | -| cUSDT V2 | `0x8d342d321DdEe97D0c5011DAF8ca0B59DA617D29` | Supported | Supported | Yes | -| cUSDC V2 | `0x1ac3F4942a71E86A9682D91837E1E71b7BACdF99` | Supported | Supported | Yes | +| cUSDT V2 | `0x9FBfab33882Efe0038DAa608185718b772EE5660` | Supported | Supported | Yes | +| cUSDC V2 | `0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d` | Supported | Supported | Yes | +| cEURC V2 | `0x243e6581Dc8a98d98B92265858b322b193555C81` | Supported | Supported | Yes | +| cEURT V2 | `0x2bAFA83d8fF8BaE9505511998987D0659791605B` | Supported | Supported | Yes | +| cGBPC V2 | `0x707508D223103f5D2d9EFBc656302c9d48878b29` | Supported | Supported | Yes | +| cGBPT V2 | `0xee17c18E10E55ce23F7457D018aAa2Fb1E64B281` | Supported | Supported | Yes | +| cAUDC V2 | `0xfb37aFd415B70C5cEDc9bA58a72D517207b769Bb` | Supported | Supported | Yes | +| cJPYC V2 | `0x2c751bBE4f299b989b3A8c333E0A966cdcA6Fd98` | Supported | Supported | Yes | +| cCHFC V2 | `0x60B7FB8e0DD0Be8595AD12Fe80AE832861Be747c` | Supported | Supported | Yes | +| cCADC V2 | `0xe799033c87fE0CE316DAECcefBE3134CC74b76a9` | Supported | Supported | Yes | +| cXAUC V2 | `0xF0F0F81bE3D033D8586bAfd2293e37eE2f615647` | Supported | Supported | Yes | +| cXAUT V2 | `0x89477E982847023aaB5C3492082cd1bB4b1b9Ef1` | Supported | Supported | Yes | WETH and WETH10 on Chain 138 (see [CHAIN138_TOKEN_ADDRESSES.md](../11-references/CHAIN138_TOKEN_ADDRESSES.md)) are standard approve/transferFrom implementations and do not expose permit or ERC-3009 in the repo; they are not x402-compatible in their current form. @@ -38,8 +49,9 @@ WETH and WETH10 on Chain 138 (see [CHAIN138_TOKEN_ADDRESSES.md](../11-references ## Implications - **thirdweb x402** requires the payment token to support either **ERC-2612 permit** or **ERC-3009** (e.g. sign + `transferWithAuthorization` / `receiveWithAuthorization`). See [Chain and token support](https://portal.thirdweb.com/x402#chain-and-token-support). -- **Current state:** Chain 138 is now x402-ready through the staged V2 compliant USD tokens. -- **Standards target:** this x402 capability is the repo-wide target profile for future `c* V2` currencies as captured in [GRU_STANDARDS_PROFILE.md](GRU_STANDARDS_PROFILE.md) and [`config/gru-standards-profile.json`](../../config/gru-standards-profile.json). The broader standards profile applies to all GRU manifest currencies, even where deployment is still staged. +- **Current state:** Chain 138 is now x402-ready through the live forward-canonical V2 compliant USD and Wave 1 ISO-4217/commodity tokens. For the full GRU V2 promotion gate on the active Chain 138 addresses, also use [GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md). +- **Execution mode note:** x402 should still be treated as a `7702` settlement rail even when `ERC-4337` remains the baseline smart-account fallback on Chain 138 for broader Thirdweb wallet execution. +- **Standards target:** this x402 capability is now verified on the live Chain 138 Wave 1 `c* V2` deployments and remains the repo-wide target profile for future `c* V2` currencies as captured in [GRU_STANDARDS_PROFILE.md](GRU_STANDARDS_PROFILE.md) and [`config/gru-standards-profile.json`](../../config/gru-standards-profile.json). - **Important coexistence note:** V1 `cUSDT` and `cUSDC` still back the live PMM/pool/liquidity routes, while `cUSDT V2` and `cUSDC V2` are the permit/auth-capable contracts for x402 and the next transport cutover. - **Options:** 1. **Use V2 contracts for x402 immediately:** point x402 pricing to `cUSDT V2` or `cUSDC V2`. @@ -52,5 +64,5 @@ WETH and WETH10 on Chain 138 (see [CHAIN138_TOKEN_ADDRESSES.md](../11-references After a token on Chain 138 supports ERC-2612 or ERC-3009: 1. Re-run `./scripts/verify/check-chain138-token-permit-support.sh --token SYMBOL=ADDRESS` for the active V2 inventory and update this doc. -2. In the x402 API, use `network: chain138` (custom chain definition) and set `price` to the V2 token object, e.g. `price: { amount: "", asset: { address: "0x1ac3F4942a71E86A9682D91837E1E71b7BACdF99", decimals: 6 } }` for `cUSDC V2`. +2. In the x402 API, use `network: chain138` (custom chain definition) and set `price` to the V2 token object, e.g. `price: { amount: "", asset: { address: "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", decimals: 6 } }` for `cUSDC V2`. 3. Keep V1/V2 symbol resolution explicit in transport and explorer integrations until the canonical cutover is complete. diff --git a/docs/04-configuration/CLOUDFLARE_API_SETUP.md b/docs/04-configuration/CLOUDFLARE_API_SETUP.md index 29903bc8..a2368ba2 100644 --- a/docs/04-configuration/CLOUDFLARE_API_SETUP.md +++ b/docs/04-configuration/CLOUDFLARE_API_SETUP.md @@ -1,5 +1,7 @@ # Cloudflare API Setup - Quick Start +> Modern note: This guide is still useful for API workflow, but its original RPC target examples came from a pre-standardization mapping. Current RPC tunnel/DNS targets are `rpc-http-pub.d-bis.org` / `rpc-ws-pub.d-bis.org` -> VMID `2201` (`192.168.11.221`) and `rpc-http-prv.d-bis.org` / `rpc-ws-prv.d-bis.org` -> VMID `2101` (`192.168.11.211`). Confirm live values in `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -73,10 +75,10 @@ cd /home/intlc/projects/proxmox ## What Gets Configured ### Tunnel Routes: -- `rpc-http-pub.d-bis.org` → `https://192.168.11.251:443` -- `rpc-ws-pub.d-bis.org` → `https://192.168.11.251:443` -- `rpc-http-prv.d-bis.org` → `https://192.168.11.252:443` -- `rpc-ws-prv.d-bis.org` → `https://192.168.11.252:443` +- `rpc-http-pub.d-bis.org` → `https://192.168.11.221:443` +- `rpc-ws-pub.d-bis.org` → `https://192.168.11.221:443` +- `rpc-http-prv.d-bis.org` → `https://192.168.11.211:443` +- `rpc-ws-prv.d-bis.org` → `https://192.168.11.211:443` ### DNS Records: - All 4 endpoints → CNAME → `.cfargotunnel.com` (🟠 Proxied) @@ -127,4 +129,3 @@ After running the script: - `.env` - Your API credentials (keep secure!) - Scripts are in: `scripts/configure-cloudflare-api.sh` - diff --git a/docs/04-configuration/COMPLETE_DEPLOYMENT_GUIDE.md b/docs/04-configuration/COMPLETE_DEPLOYMENT_GUIDE.md index 61f7ec45..ae56f050 100644 --- a/docs/04-configuration/COMPLETE_DEPLOYMENT_GUIDE.md +++ b/docs/04-configuration/COMPLETE_DEPLOYMENT_GUIDE.md @@ -24,9 +24,9 @@ This guide provides step-by-step instructions to deploy the complete direct publ - API Token OR Email + API Key - Access to zones: sankofa.nexus, d-bis.org, mim4u.org, defi-oracle.io -2. **ER605 Router Access** - - Omada Controller access OR direct ER605 GUI access - - Ability to configure NAT rules +2. **UDM Pro / Edge Router Access** + - UniFi / UDM Pro admin access, or access to the current edge gateway UI + - Ability to configure NAT / port-forward rules 3. **Proxmox Access** - SSH access to Proxmox host (192.168.11.10) @@ -120,7 +120,7 @@ CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO=your-zone-id **Output**: NAT rule configuration details -**Action**: Manually configure in Omada Controller or ER605 GUI: +**Action**: Manually configure in UniFi / UDM Pro or the current edge gateway UI: #### Rule 1: HTTPS (All Services) ``` diff --git a/docs/04-configuration/CONFIGURATION_DECISION_TREE.md b/docs/04-configuration/CONFIGURATION_DECISION_TREE.md index aada5994..12eba1a6 100644 --- a/docs/04-configuration/CONFIGURATION_DECISION_TREE.md +++ b/docs/04-configuration/CONFIGURATION_DECISION_TREE.md @@ -1,5 +1,7 @@ # Configuration Decision Tree +> Modern note: This decision tree remains useful for choosing a configuration path, but some examples preserve older RPC addresses and migration-era assumptions. Treat those examples as illustrative only, and validate live targets against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and `config/ip-addresses.conf`. + **Last Updated:** 2025-01-20 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/CONFIGURATION_TEMPLATES.md b/docs/04-configuration/CONFIGURATION_TEMPLATES.md index b613b3f8..d65b4151 100644 --- a/docs/04-configuration/CONFIGURATION_TEMPLATES.md +++ b/docs/04-configuration/CONFIGURATION_TEMPLATES.md @@ -1,5 +1,7 @@ # Configuration Templates +> Modern note: Some examples in this template library intentionally preserve older migration-era IPs and VMIDs for reference. Treat them as placeholders, not authoritative live values. For current RPC endpoints and node placement, confirm against `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, and `config/ip-addresses.conf`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/CONFIG_CHANGELOG.md b/docs/04-configuration/CONFIG_CHANGELOG.md index 78ec5ddd..8bf017eb 100644 --- a/docs/04-configuration/CONFIG_CHANGELOG.md +++ b/docs/04-configuration/CONFIG_CHANGELOG.md @@ -1,5 +1,7 @@ # Besu Configuration Changelog +> Historical note: This changelog preserves the chronology of the January 2026 Besu cleanup and still references earlier node naming/migration assumptions. Keep it for change history. For current effective config, use the active templates and generated configs plus `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md b/docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md index 489a457d..472910fd 100644 --- a/docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md +++ b/docs/04-configuration/C_TO_CW_MAPPER_MAPPING.md @@ -17,6 +17,8 @@ |----------------|--------------------| | cUSDT | cWUSDT | | cUSDC | cWUSDC | +| cAUSDT | cWAUSDT | +| cUSDW | cWUSDW | | cEURC | cWEURC | | cEURT | cWEURT | | cGBPC | cWGBPC | @@ -28,14 +30,26 @@ | cXAUC | cWXAUC | | cXAUT | cWXAUT | +**ALL Mainnet (651940) XAU exception:** the generic symbol map above still applies for ordinary public-chain wrapping, but the **138 -> 651940** gold corridor uses an Alltra-specific destination naming rule. Source-leg wrapping is still **`cWXAUC` / `cWXAUT`**, while the bridge-minted ALL Mainnet representation becomes **`cWAXAUC` / `cWAXAUT`**, and unwrapping on ALL Mainnet lands as **`cAXAUC` / `cAXAUT`**. + ## Per-chain address mapping For each destination chain, the mapper (or bridge config) should resolve: - **Compliant_USDT_cW**: Chain 138 cUSDT address → cWUSDT address on destination - **Compliant_USDC_cW**: Chain 138 cUSDC address → cWUSDC address on destination +- **Compliant_AUSDT_cW**: Chain 138 cAUSDT address → cWAUSDT address on destination +- **Compliant_USDW_cW**: Chain 138 cUSDW address → cWUSDW address on destination - **Compliant_EURC_cW**: Chain 138 cEURC address → cWEURC address on destination +**USD DWIN (CMC-listed native USDW on BSC/Polygon)** is not a Chain 138 `c*`; pins sit under **`dwinUsdWinPublic`** in the same JSON. That asset is the intended **collateral** for minting **cWUSDW** on the wrap leg, alongside GRU bridge mint/burn from **cUSDW**. See **`docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md`**. + +**AUSDT (ALL Mainnet native)** is likewise not a Chain 138 `c*`; pins now sit under **`alltraAusdtOrigin`** in the same JSON. Unlike USDW, this corridor originates on **chain 651940**, so public-chain **cWAUSDT** is treated as the transport mirror for the live **AUSDT -> cWAUSDT -> cAUSDT** flow rather than a native-public collateral wrapper. See **`docs/03-deployment/AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md`**. + +For **gold on ALL Mainnet**, keep the mapper key suffix `_cW` for compatibility, but read the per-pair row notes in `token-mapping-multichain.json`: **`Compliant_XAUC_cW`** and **`Compliant_XAUT_cW`** on the **138 -> 651940** pair denote destination-side **`cWAXAUC` / `cWAXAUT`** wrappers and ALL Mainnet native-unwrapped **`cAXAUC` / `cAXAUT`**. + +For the repo-local native wrap path, use **`smom-dbis-138/contracts/bridge/integration/USDWPublicWrapVault.sol`** and **`smom-dbis-138/script/deploy/DeployUSDWPublicWrapVault.s.sol`**. Polygon stays non-live until `cWUSDW` is actually deployed and `Compliant_USDW_cW.addressTo` is updated. + (Additional c* → cW* pairs can be added to `token-mapping-multichain.json` when those c* and cW* are deployed.) In `token-mapping-multichain.json`, entries with key suffix `_cW` use `addressTo: "0x0000000000000000000000000000000000000000"` as a placeholder until the cW* contract is deployed on that chain. **Operators:** after deploying cW* (e.g. via `DeployCWTokens.s.sol` or equivalent), update the corresponding `addressTo` in the JSON (or in env-driven config that overrides it). The **receiver/bridge on the destination chain must support minting cW*** (e.g. dedicated cW* receiver such as TwoWayTokenBridgeL2, or an extended bridge that calls `cW*.mint(recipient, amount)` in `ccipReceive`); see [CW_BRIDGE_APPROACH.md](../07-ccip/CW_BRIDGE_APPROACH.md) and [CW_BRIDGE_TASK_LIST.md](../00-meta/CW_BRIDGE_TASK_LIST.md). diff --git a/docs/04-configuration/DEPLOYMENT_CHECKLIST.md b/docs/04-configuration/DEPLOYMENT_CHECKLIST.md index db31c12b..a20aafd7 100644 --- a/docs/04-configuration/DEPLOYMENT_CHECKLIST.md +++ b/docs/04-configuration/DEPLOYMENT_CHECKLIST.md @@ -1,5 +1,7 @@ # Besu Configuration Deployment Checklist +> Historical note: This checklist preserves an older deployment sequence that still references the pre-standardization `250x` RPC range. Keep it as migration history, but do not use its VMID examples as current operational targets. For live node inventory and deployment targets, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and the current scripts under `scripts/verify/` and `scripts/maintenance/`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/DEPLOYMENT_COMPLETE.md b/docs/04-configuration/DEPLOYMENT_COMPLETE.md index 2d0b02a3..7696431c 100644 --- a/docs/04-configuration/DEPLOYMENT_COMPLETE.md +++ b/docs/04-configuration/DEPLOYMENT_COMPLETE.md @@ -1,5 +1,8 @@ # Besu Configuration Deployment - Complete +> Historical note: +> This document captures an earlier deployment-complete moment and still references migration-era VMIDs and assumptions. Keep for chronology; do not use as a current deployment checklist. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md b/docs/04-configuration/DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md index 0dc293ae..7a05f2d3 100644 --- a/docs/04-configuration/DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md +++ b/docs/04-configuration/DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md @@ -1,6 +1,6 @@ # Using DEX and Aggregators with ChainID 138 Coins/Tokens — Explainer -**Last Updated:** 2026-03-30 +**Last Updated:** 2026-04-02 **Purpose:** Explain how to use DEXs and aggregators with coins/tokens from ChainID 138 (DeFi Oracle Meta Mainnet), and how routing works for swaps and cross-chain flows. --- @@ -27,22 +27,22 @@ When building swap UIs or aggregator integrations, use these addresses for **tok ### 2.1 Native DEX: DODO PMM -On Chain 138, the canonical DEX layer is the corrected **DODO-style PMM** stack via: +On Chain 138, the canonical DEX layer is the **official DODO V2 DVM-backed PMM** stack via: -- **DODOPMMIntegration** — `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` - Corrected canonical integration; manages the full JSON-defined pool inventory. -- **DODOPMMProvider** — `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` - Corrected canonical provider; used by routing/aggregation to get quotes and execute swaps for registered pools. +- **DODO DVMFactory** — `0xc93870594C7f83A0aE076c2e30b494Efc526b68E` +- **DODO Vending Machine / adapter** — `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C` +- **DODOPMMIntegration** — `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` +- **DODOPMMProvider** — `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` **Core stable pools (canonical corrected-stack addresses):** | Pair | Pool address | Use case | |------|--------------|----------| -| cUSDT / cUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | Compliant↔compliant stablecoin | -| cUSDT / USDT | `0x6fc60DEDc92a2047062294488539992710b99D71` | Compliant↔official USDT | -| cUSDC / USDC | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | Compliant↔official USDC | +| cUSDT / cUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | Compliant↔compliant stablecoin | +| cUSDT / USDT | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | Compliant↔official USDT | +| cUSDC / USDC | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | Compliant↔official USDC | -**Current canonical PMM state:** the corrected stack has a fully reconciled desired-state inventory with `104` existing pools and `104` aligned provider routes, including the broader `c* / c*`, `c* / official`, and `* / WETH` mesh. +**Current canonical PMM state:** the official-DVM-backed stack currently has the three stable pools above, all funded and all recalibrated on 2026-04-02 with `i=1e18`, `k=0` so equal-reserve stable pairs quote at true 1:1 parity. **How to swap on-chain (direct):** @@ -56,7 +56,7 @@ Caller must approve the integration contract for the input token. Use the pool a ### 2.2 PMM pool checks: RPC + integration vs DODO official API -Use **RPC + `DODOPMMIntegration` / pool contracts** and the **token-aggregation API** as the primary way to verify PMM pools and state on **Chain 138**. Use **DODO’s official app API / subgraph** only where you have **standard DODO protocol pools on chains DODO supports** — not as the primary source for 138 (custom chain / Mock DVM stack). Dashboard vs API vs MCP detail: [POOL_ACCESS_DASHBOARD_API_MCP.md](../11-references/POOL_ACCESS_DASHBOARD_API_MCP.md). +Use **RPC + `DODOPMMIntegration` / pool contracts** and the **token-aggregation API** as the primary way to verify PMM pools and state on **Chain 138**. Use **DODO’s official app API / subgraph** only where you have **standard DODO protocol pools on chains DODO supports** — not as the primary source for 138, where the repo runs a self-deployed official DODO V2 DVM stack. Dashboard vs API vs MCP detail: [POOL_ACCESS_DASHBOARD_API_MCP.md](../11-references/POOL_ACCESS_DASHBOARD_API_MCP.md). --- @@ -182,7 +182,7 @@ The **explorer-monorepo** backend has a bridge aggregator that uses Li.Fi, Socke | Use case | Env / config | |----------|---------------| -| **Token-aggregation indexing DODO on 138** | `CHAIN_138_DODO_PMM_INTEGRATION=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` (and RPC, DB). Optional: `CHAIN_138_DODO_POOL_MANAGER`, `CHAIN_138_DODO_VENDING_MACHINE`. | +| **Token-aggregation indexing DODO on 138** | `CHAIN_138_DODO_PMM_INTEGRATION=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` (and RPC, DB). Optional: `CHAIN_138_DODO_POOL_MANAGER`, `CHAIN_138_DODO_VENDING_MACHINE`. | | **Uniswap on 138 (if deployed)** | `CHAIN_138_UNISWAP_V2_FACTORY`, `CHAIN_138_UNISWAP_V2_ROUTER`, `CHAIN_138_UNISWAP_V2_START_BLOCK` (and V3 equivalents). | | **Bridge quote (swap+bridge+swap)** | `RPC_URL`, `BRIDGE_REGISTRY_ADDRESS`; optional `ENHANCED_SWAP_ROUTER_ADDRESS`, `DESTINATION_RPC_URL`, `DESTINATION_SWAP_ROUTER_ADDRESS`. | | **Token list / MetaMask** | Token-aggregation `GET /api/v1/report/token-list?chainId=138` or static list; point MetaMask/dApp to this URL. | diff --git a/docs/04-configuration/E2E_ENDPOINTS_LIST.md b/docs/04-configuration/E2E_ENDPOINTS_LIST.md index 14f3f6e5..b396b60d 100644 --- a/docs/04-configuration/E2E_ENDPOINTS_LIST.md +++ b/docs/04-configuration/E2E_ENDPOINTS_LIST.md @@ -9,7 +9,10 @@ **What each hostname should present (operator narrative):** [FQDN_EXPECTED_CONTENT.md](FQDN_EXPECTED_CONTENT.md). -**Latest verified public pass:** `2026-03-30` via `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` with report at [verification_report.md](verification-evidence/e2e-verification-20260330_124914/verification_report.md). Result: exit `0`, `DNS passed: 45`, `Failed: 0`, `HTTPS passed: 32`, `Skipped / optional: 13` — includes **d-bis.org**, **www.d-bis.org**, **admin.d-bis.org**, **core.d-bis.org** (NPM + Cloudflare + Let’s Encrypt after fleet script). +**Latest verified public transport/TLS pass:** `2026-04-02` via `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` with report at [verification_report.md](verification-evidence/e2e-verification-20260402_130259/verification_report.md). Result: exit `0`, `DNS passed: 60`, `Failed: 0`, `HTTPS passed: 44` — includes the repaired DBIS, Keycloak, Studio, `info.defi-oracle.io`, `data.d-bis.org /v1/health`, and both Cacti hostnames. +**Resolved public regression snapshot:** the earlier `2026-04-02` regression run at [verification_report.md](verification-evidence/e2e-verification-20260402_074223/verification_report.md) is now historical only; its DBIS, Keycloak, Cacti, Studio, and `info.defi-oracle.io` warnings were resolved later the same day. +**2026-04-01 verifier tightening:** `verify-end-to-end-routing.sh` rejects placeholder directory listings for **`core.d-bis.org`**, **`dbis-api.d-bis.org`**, and **`dbis-api-2.d-bis.org`**. The current `2026-04-02` pass succeeds because those hosts now serve the real DBIS API/runtime, not static placeholder content. +**2026-04-04 explorer E2E tightening:** the canonical explorer **`explorer.d-bis.org`** is no longer treated as `optional-when-fail` in the public profile. The explorer-specific verifier now also checks the static **Visual Command Center** and the live **Mission Control** stream, bridge trace, and liquidity endpoints. **Previous:** `2026-03-29` — [verification_report.md](verification-evidence/e2e-verification-20260329_045318/verification_report.md); older: [20260329_045210](verification-evidence/e2e-verification-20260329_045210/verification_report.md), [20260327](verification-evidence/e2e-verification-20260327_134032/verification_report.md). **Latest verified private/admin pass:** `2026-03-27` via `bash scripts/verify/verify-end-to-end-routing.sh --profile=private` with report at [verification_report.md](verification-evidence/e2e-verification-20260327_134137/verification_report.md). Result: exit `0`, `DNS passed: 4`, `Failed: 0`. @@ -25,13 +28,15 @@ | Endpoint | Type | URL | Description (content provided) | |----------|------|-----|--------------------------------| | explorer.d-bis.org | web | https://explorer.d-bis.org | Blockscout-style blockchain explorer for Chain 138: blocks, transactions, addresses, contracts, tokens, verification. | +| explorer.d-bis.org | web | https://explorer.d-bis.org/chain138-command-center.html | Chain 138 deployment topology — interactive Mermaid command center (tabs, keyboard, `?tab=` / `?tab=mission-control` slugs); static asset with **More → Visual Command Center** entry point. | | d-bis.org | web | https://d-bis.org | **Public** DBIS web presence — institutional portal (Gov Portals Next app when deployed behind NPM). | | admin.d-bis.org | web | https://admin.d-bis.org | **Admin** console for DBIS operations staff; typical upstream VMID **10130**. | | dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | **Legacy** admin hostname; same upstream intent as **admin.d-bis.org** if still in DNS. | | secure.d-bis.org | web | https://secure.d-bis.org | **Member** secure portal (authenticated institutions); path-based routing on **10130** per [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md). | -| core.d-bis.org | web | https://core.d-bis.org | **DBIS Core** banking application — **client** portal (`dbis_core`); NPM upstream **TBD** (often co-located with API **10150**/10151 when live). | -| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | DBIS core API: token aggregation, Crypto.com OTC, exchange endpoints (VMID 10150). | -| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | DBIS API secondary instance (VMID 10151). | +| core.d-bis.org | web | https://core.d-bis.org | Current DBIS Core service root on VMID **10150**. Public root returns service metadata JSON while the dedicated client UI cutover remains separate work. | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | Primary DBIS core API host on VMID **10150**. Root `/`, `/health`, and `/v1/health` return live JSON responses. | +| dbis-api.d-bis.org | api | `https://dbis-api.d-bis.org/api/v1/gateway/rails` | **Authenticated** — SolaceNet gateway rail adapter list (`maintainer`, `adapters[]`). Internal smoke: `scripts/verify/check-dbis-core-gateway-rails.sh` (`DBIS_CORE_API_BASE`, `DBIS_CORE_BEARER_TOKEN`). | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | Secondary DBIS core API host on VMID **10151** with the same root and health responses. | | mim4u.org | web | https://mim4u.org | MIM4U main site. | | www.mim4u.org | web | https://www.mim4u.org | MIM4U www. | | secure.mim4u.org | web | https://secure.mim4u.org | MIM4U secure portal. | @@ -42,7 +47,7 @@ | www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | **301** to `https://phoenix.sankofa.nexus` (canonical apex; NPM `advanced_config`). | | the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | OSJ management portal (secure auth); app **the_order** at `~/projects/the_order`. NPM upstream default: **order-haproxy** VMID **10210** `http://192.168.11.39:80` → portal **192.168.11.51:3000** (`provision-order-haproxy-10210.sh`). Override with `THE_ORDER_UPSTREAM_*` for direct portal if 10210 is down. | | www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | **301** to `https://the-order.sankofa.nexus` (canonical apex; NPM `advanced_config`). | -| studio.sankofa.nexus | web | https://studio.sankofa.nexus | Sankofa Studio (FusionAI Creator) at VMID 7805. | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | Sankofa Studio (FusionAI Creator) at VMID 7805; app-owned **302** at `/` to `/studio/`. | | keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | Keycloak IdP (VMID 7802); client SSO for admin/portal. | | admin.sankofa.nexus | web | https://admin.sankofa.nexus | Client SSO: access administration (hostname intent; NPM upstream TBD). | | portal.sankofa.nexus | web | https://portal.sankofa.nexus | Client SSO: portal / marketplace (typical upstream VMID 7801). Add DNS + NPM row via `update-npmplus-proxy-hosts-api.sh`; NextAuth public URL `https://portal.sankofa.nexus`. | @@ -53,7 +58,7 @@ | cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | Cacti monitoring UI for HYBX. | | mifos.d-bis.org | web | https://mifos.d-bis.org | Mifos X / Fineract banking and microfinance platform (VMID 5800). | | dapp.d-bis.org | web | https://dapp.d-bis.org | DApp frontend for Chain 138 bridge (VMID 5801). | -| gitea.d-bis.org | web | https://gitea.d-bis.org | Gitea git repository and CI (Dev VM 5700). | +| gitea.d-bis.org | web | https://gitea.d-bis.org | Gitea org forge; NPM fourth upstream defaults to **VMID 104** (`IP_GITEA_INFRA`, HTTP **:80**). Optional: route hostname to dev VM **:3000** via `GITEA_PUBLIC_UPSTREAM_*` when running `update-npmplus-fourth-proxy-hosts.sh`. | | dev.d-bis.org | web | https://dev.d-bis.org | Dev VM web / Codespaces entry. | | codespaces.d-bis.org | web | https://codespaces.d-bis.org | Codespaces / dev environment entry. | | rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | Chain 138 public JSON-RPC HTTP (VMID 2201). | @@ -69,6 +74,7 @@ | rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | Defi Oracle Chain 138 public RPC. | | rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | Defi Oracle RPC. | | wss.defi-oracle.io | rpc-ws | wss://wss.defi-oracle.io | Defi Oracle RPC WebSocket. | +| info.defi-oracle.io | web | https://info.defi-oracle.io | Chain 138 info hub SPA (`/`, `/tokens`, `/pools`, `/swap`, `/routing`, `/governance`, `/ecosystem`, `/documentation`, `/solacenet`, `/agents`, `/disclosures`, `llms.txt`, `agent-hints.json`). **VMID 2410** (`192.168.11.218:80`); NPM `IP_INFO_DEFI_ORACLE_WEB`. Nginx **`/token-aggregation/`** → Blockscout. Publish: `provision-info-defi-oracle-web-lxc.sh` + `sync-info-defi-oracle-to-vmid2400.sh`. Verify: `pnpm run verify:info-defi-oracle-public`. | | rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | Alltra chain RPC HTTP. | | rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | Alltra chain RPC HTTP (2). | | rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | Alltra chain RPC HTTP (3). | @@ -85,7 +91,7 @@ Registered in `verify-end-to-end-routing.sh` as **optional-when-fail** until DNS | www.d-bis.org | web | https://www.d-bis.org | Optional **www** → apex **d-bis.org** redirect. | | members.d-bis.org | web | https://members.d-bis.org | Member institution portal (OIDC BFF). | | developers.d-bis.org | web | https://developers.d-bis.org | Developer hub; links to Gitea + OpenAPI. | -| data.d-bis.org | api | https://data.d-bis.org | Public data API ([openapi.yaml](../../config/dbis-data-api/openapi.yaml)). | +| data.d-bis.org | api | https://data.d-bis.org | Public data/API surface. Currently routed to the primary DBIS API node on VMID **10150** with `/v1/health` live. | | research.d-bis.org | web | https://research.d-bis.org | Research and working papers. | | policy.d-bis.org | web | https://policy.d-bis.org | Policy publications + manifests. | | ops.d-bis.org | web | https://ops.d-bis.org | Staff operations (SSO). | @@ -123,6 +129,7 @@ Registered in `verify-end-to-end-routing.sh` as **optional-when-fail** until DNS | dash.sankofa.nexus | https://dash.sankofa.nexus | | docs.d-bis.org | https://docs.d-bis.org | | blockscout.defi-oracle.io | https://blockscout.defi-oracle.io | +| info.defi-oracle.io | https://info.defi-oracle.io | | cacti-alltra.d-bis.org | https://cacti-alltra.d-bis.org | | cacti-hybx.d-bis.org | https://cacti-hybx.d-bis.org | | mifos.d-bis.org | https://mifos.d-bis.org | @@ -137,6 +144,7 @@ Registered in `verify-end-to-end-routing.sh` as **optional-when-fail** until DNS |--------|-----| | dbis-api.d-bis.org | https://dbis-api.d-bis.org | | dbis-api-2.d-bis.org | https://dbis-api-2.d-bis.org | +| info.defi-oracle.io (token-aggregation) | https://info.defi-oracle.io/token-aggregation/api/v1/ (same-origin proxy to explorer token-aggregation service; SPA default API base) | ### RPC HTTP (public) @@ -193,25 +201,27 @@ Files: `verification_report.md`, `all_e2e_results.json`, `*_https_headers.txt`, When running from outside LAN or when backends are down, the following endpoints commonly show **HTTPS warn** (not fail, due to `E2E_OPTIONAL_WHEN_FAIL`). -**These known items do not block contract or pool completion.** Fix when convenient; E2E still passes when they are in `E2E_OPTIONAL_WHEN_FAIL`. +**Current status:** the latest `2026-04-02` public verifier passed with `DNS passed: 60`, `HTTPS passed: 44`, and `Failed: 0`. The table below is now a historical troubleshooting guide for regressions rather than an active failure list. **2026-03-26 note:** after recovering NPMplus CT `10233` and re-running `update-npmplus-proxy-hosts-api.sh`, the latest public profile passed for all currently tested public domains, including Sankofa, Phoenix, Studio, The Order, DBIS, Mifos, and MIM4U. **2026-03-29 update:** public profile passed again with `Failed: 0` after fixing the explorer `/api/v1` proxy, removing the stale `192.168.11.52` address from CT `10232`, and moving VMID `10092` off `192.168.11.37` so MIM4U owns that IP exclusively. Current evidence: `docs/04-configuration/verification-evidence/e2e-verification-20260329_170619/`. | Endpoint | Typical cause | |----------|----------------| -| admin.d-bis.org, dbis-admin.d-bis.org | 502 — admin frontend (VMID 10130) unreachable from public | -| core.d-bis.org | DNS/502 until NPM row and **dbis_core** client upstream are provisioned | -| dbis-api.d-bis.org, dbis-api-2.d-bis.org | 502 — API backends (10150/10151) unreachable | -| secure.d-bis.org | 502 — secure portal backend unreachable | +| admin.d-bis.org, dbis-admin.d-bis.org | Historical 502 when the DBIS frontend on VMID **10130** is down. Current fix path: restart `nginx` on 10130. | +| core.d-bis.org | Historical warning when 10150 served placeholder content. Current host is live and returns DBIS service metadata JSON from the primary API node. | +| dbis-api.d-bis.org, dbis-api-2.d-bis.org | Historical warning when 10150/10151 were placeholder servers or down. Current fix path: restart `dbis-api.service` on those CTs. | +| secure.d-bis.org | Historical 502 when the DBIS frontend on VMID **10130** is unreachable from public. | +| data.d-bis.org | Historical warning until `/v1/health` was implemented on `2026-04-02`. Current upstream is VMID **10150**. | | mifos.d-bis.org | 502 — Mifos (VMID 5800) unreachable from public | | mim4u.org, www.mim4u.org, secure.mim4u.org, training.mim4u.org | Resolved on 2026-03-29. If these regress to 502, first check for IP ownership conflicts on `192.168.11.37` before debugging nginx. | -| studio.sankofa.nexus | Historically 404 when the proxy misses `/studio/` or backend `192.168.11.72:8000`; verifier checks `/studio/`. Passed on 2026-03-26 after the NPMplus host update | +| studio.sankofa.nexus | Historically 404/502 when the proxy misses `/studio/` or backend `192.168.11.72:8000`; current `2026-04-02` pass is clean. | | phoenix.sankofa.nexus, www.phoenix.sankofa.nexus | (Resolved in verifier) Phoenix API (7800) is API-first; `verify-end-to-end-routing.sh` checks `https://…/health` (200), not `/`. A separate **marketing** site on the apex hostname (if desired) needs another upstream or app routes—NPM still points `phoenix.sankofa.nexus` at the Fastify API today. | | the-order.sankofa.nexus | 502 if **10210** HAProxy or backend portal is down. NPM defaults upstream to **192.168.11.39:80** (order-haproxy). Fallback: `THE_ORDER_UPSTREAM_IP` / `THE_ORDER_UPSTREAM_PORT` = portal **192.168.11.51:3000** | -| keycloak.sankofa.nexus, admin.sankofa.nexus, portal.sankofa.nexus | Resolved on 2026-03-29 after removing the duplicate `192.168.11.52` address from CT `10232`. If these regress, verify ARP ownership of `192.168.11.52` before restarting Keycloak or NPMplus. | +| keycloak.sankofa.nexus, admin.sankofa.nexus, portal.sankofa.nexus | Resolved again on `2026-04-02` after removing the duplicate `192.168.11.52` address from CT `10232` and validating the restart path. If these regress, verify ARP ownership of `192.168.11.52` first. | | dash.sankofa.nexus | Still optional / unprovisioned. DNS/SSL/HTTPS may warn or skip until `IP_SANKOFA_DASH` and its app upstream are intentionally wired. | | docs.d-bis.org, blockscout.defi-oracle.io | Same optional-when-fail behavior; **blockscout.defi-oracle.io** also runs optional `/api/v2/stats` like **explorer.d-bis.org**. | +| info.defi-oracle.io | **Origin:** dedicated **VMID 2410** (`192.168.11.218`). If the public hostname regresses, run `sync-info-defi-oracle-to-vmid2400.sh`, `update-npmplus-proxy-hosts-api.sh` (upstream `.218`), then optional DNS/tunnel helpers `set-info-defi-oracle-dns-to-vmid2400-tunnel.sh`. Do **not** deploy the SPA to VMID **2400** (ThirdWeb RPC). | **Verifier behavior (2026-03):** `openssl s_client` is wrapped with `timeout` (`E2E_OPENSSL_TIMEOUT` default 15s, `E2E_OPENSSL_X509_TIMEOUT` default 5s) so `--profile=private` / `--profile=all` cannot hang. **`--profile=all`** merges private and public `E2E_OPTIONAL_WHEN_FAIL` lists for temporary regressions. Install **`wscat`** (`npm install -g wscat`) for full WSS JSON-RPC checks; the script uses `wscat -n` to match `curl -k`, and now treats a clean `wscat` exit as a successful full WebSocket check even when the tool prints no JSON output. @@ -228,3 +238,4 @@ When running from outside LAN or when backends are down, the following endpoints | **502s (dbis-admin, dbis-api, secure, mifos)** | From LAN: `./scripts/maintenance/address-all-remaining-502s.sh [--run-besu-fix] [--e2e]` or `./scripts/maintenance/run-all-maintenance-via-proxmox-ssh.sh --e2e`. If NPMplus API is unreachable: `./scripts/maintenance/fix-npmplus-services-via-proxmox-ssh.sh`. Runbook: [502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md](../00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md). | | **404 studio.sankofa.nexus** | Ensure backend (VMID 7805, 192.168.11.72:8000) is up and NPMplus proxy for `studio.sankofa.nexus` points to it. See [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md), [SANKOFA_STUDIO_E2E_FLOW.md](../03-deployment/SANKOFA_STUDIO_E2E_FLOW.md), [SANKOFA_STUDIO_DEPLOYMENT.md](../03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md). | | **the-order 502** | Check **10210** HAProxy (`curl http://192.168.11.39:80/` with `Host: the-order.sankofa.nexus`) and portal **192.168.11.51:3000**. Re-provision: `bash scripts/deployment/provision-order-haproxy-10210.sh`. NPM refresh: `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh`. Direct portal bypass: `THE_ORDER_UPSTREAM_IP=192.168.11.51 THE_ORDER_UPSTREAM_PORT=3000` for that run. | +| **Historical April 2026 public regressions** | Generate a fresh domain-by-domain plan with `bash scripts/verify/generate-public-surface-remediation-plan.sh --print` if the public sweep regresses again. Canonical matrix: [PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md](PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md). | diff --git a/docs/04-configuration/EAST_WEST_SSL_STATUS_REPORT.md b/docs/04-configuration/EAST_WEST_SSL_STATUS_REPORT.md index 603e6771..d1ff7440 100644 --- a/docs/04-configuration/EAST_WEST_SSL_STATUS_REPORT.md +++ b/docs/04-configuration/EAST_WEST_SSL_STATUS_REPORT.md @@ -1,5 +1,7 @@ # East-West Traffic & SSL Certificate Status Report +> Historical note: This report is a point-in-time SSL/routing status snapshot from the migration period. It preserves older upstream and VMID assumptions for auditability. Confirm all live east-west and proxy targets against current NPMplus scripts, `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, and the live proxy inventory before acting on it. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/EXPLORER_TROUBLESHOOTING.md b/docs/04-configuration/EXPLORER_TROUBLESHOOTING.md index 2bafffbd..b66621d6 100644 --- a/docs/04-configuration/EXPLORER_TROUBLESHOOTING.md +++ b/docs/04-configuration/EXPLORER_TROUBLESHOOTING.md @@ -92,7 +92,7 @@ See also: [NPMPLUS_UI_APIERROR_400_RUNBOOK.md](NPMPLUS_UI_APIERROR_400_RUNBOOK.m - **Fix:** Moved backup files to `sites-available/backups/`. Only `blockscout` remains active. ### 2. RPC URLs updated for mobile/public access -- **Issue:** Explorer used internal IPs (`192.168.11.250`) for RPC — unreachable from mobile/cellular and VMID 2500 was destroyed. +- **Issue:** Explorer used an internal-only RPC endpoint from the pre-standardization RPC layout, which was unreachable from mobile/cellular and no longer mapped to the active public RPC lane. - **Fix:** Replaced with public URLs: - `RPC_URL`: `https://rpc-http-pub.d-bis.org` - `RPC_WS_URL`: `wss://rpc-ws-pub.d-bis.org` diff --git a/docs/04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md b/docs/04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md index e3b5db18..fecb5ba1 100644 --- a/docs/04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md +++ b/docs/04-configuration/EXPLORER_WALLET_LINK_QUICK_WIN.md @@ -6,6 +6,16 @@ --- +## Option A0: SolaceScanScout Next.js frontend (this monorepo) + +The app in `explorer-monorepo/frontend` already exposes **`/wallet`** (Add to MetaMask, token list URLs, Chain 138 Open Snap). The navbar includes **Wallet** as a primary link plus entries under **Tools**. + +1. Build: `cd explorer-monorepo/frontend && npm run build` +2. Deploy the production output per your VMID 5000 / nginx runbook. +3. Verify `https:///wallet`. + +--- + ## Option A: Blockscout frontend (recommended) If the explorer uses a Blockscout frontend with a configurable nav: diff --git a/docs/04-configuration/FIXES_PREPARED.md b/docs/04-configuration/FIXES_PREPARED.md index 550c988c..05ad5426 100644 --- a/docs/04-configuration/FIXES_PREPARED.md +++ b/docs/04-configuration/FIXES_PREPARED.md @@ -1,5 +1,7 @@ # Fixes Prepared — Required and Optional +> Historical note: This checklist captured a specific remediation window and intentionally preserves then-current references to older Alltra/HYBX and `250x` RPC layouts. Read it as execution history. For the live fleet and current remediation targets, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and the current verification scripts. + **Last Updated:** 2026-02-07 **Purpose:** Single checklist of all fixes (required and optional) with copy-paste commands. **References:** [CHECKS_AND_FIXES_20260206.md](verification-evidence/CHECKS_AND_FIXES_20260206.md), [NEXT_STEPS_OPERATOR.md](../00-meta/NEXT_STEPS_OPERATOR.md), [UDM_PRO_NPMPLUS_ALLTRA_HYBX_PORT_FORWARD.md](UDM_PRO_NPMPLUS_ALLTRA_HYBX_PORT_FORWARD.md). diff --git a/docs/04-configuration/FQDN_EXPECTED_CONTENT.md b/docs/04-configuration/FQDN_EXPECTED_CONTENT.md index 0a962912..a8c95f7d 100644 --- a/docs/04-configuration/FQDN_EXPECTED_CONTENT.md +++ b/docs/04-configuration/FQDN_EXPECTED_CONTENT.md @@ -81,9 +81,9 @@ | `admin.d-bis.org` | Web | DBIS **admin** console (operations staff). | | `dbis-admin.d-bis.org` | Web | **Legacy** admin hostname; same expected content as **admin.d-bis.org** if DNS retained. | | `secure.d-bis.org` | Web | DBIS **member** secure portal (authenticated institutions); may path-route `/admin`, `/api`, `/` per NPM (see ALL_VMIDS). | -| `core.d-bis.org` | Web | **DBIS Core** banking app — **client**-facing portal (login, accounts, products as implemented in **dbis_core**); upstream when wired. | -| `dbis-api.d-bis.org` | API | DBIS **core API** (aggregation, OTC, exchange JSON). | -| `dbis-api-2.d-bis.org` | API | Secondary DBIS API instance. | +| `core.d-bis.org` | Web | Current public host is backed by the primary **DBIS Core** node on VMID **10150** and returns the DBIS service root metadata JSON. A dedicated client-facing UI cutover is still separate work. | +| `dbis-api.d-bis.org` | API | Primary DBIS **core API** on VMID **10150**. Root `/` returns service metadata; `/health` and `/v1/health` return JSON health. | +| `dbis-api-2.d-bis.org` | API | Secondary DBIS API instance on VMID **10151** with the same root `/`, `/health`, and `/v1/health` behavior. | | `mim4u.org`, `www.mim4u.org`, `secure.mim4u.org`, `training.mim4u.org` | Web | **MIM4U** property sites (nginx on MIM stack). | | `rpc-http-pub.d-bis.org`, `rpc.d-bis.org`, `rpc2.d-bis.org` | RPC-HTTP | **Public Besu JSON-RPC** (Chain 138); `eth_chainId` → `0x8a`. | | `rpc-ws-pub.d-bis.org`, `ws.rpc.d-bis.org`, `ws.rpc2.d-bis.org` | RPC-WS | **Public Besu WebSocket** RPC. | @@ -93,7 +93,7 @@ | `ws.rpc-fireblocks.d-bis.org` | RPC-WS | **Fireblocks-dedicated** WebSocket RPC. | | `rpc-alltra.d-bis.org`, `rpc-alltra-2.d-bis.org`, `rpc-alltra-3.d-bis.org` | RPC-HTTP | **Alltra** RPC fronts (tunnel to NPM); JSON-RPC for Chain 138 (or as configured on those edges). | | `rpc-hybx.d-bis.org`, `rpc-hybx-2.d-bis.org`, `rpc-hybx-3.d-bis.org` | RPC-HTTP | **HYBX** RPC fronts; same class as Alltra. | -| `cacti-alltra.d-bis.org`, `cacti-hybx.d-bis.org` | Web | **Cacti** monitoring UI (graphs, device views). | +| `cacti-alltra.d-bis.org`, `cacti-hybx.d-bis.org` | Web | Public Cacti landing pages on VMIDs **5201/5202**. Each CT also runs a local Hyperledger Cacti API on `:4000` for operator health checks. | | `mifos.d-bis.org` | Web | **Mifos** banking platform UI (when backend healthy). | | `dapp.d-bis.org` | Web | **DApp** static/hosted frontend (VMID per ALL_VMIDS). | | `gitea.d-bis.org` | Web | **Gitea** git forge UI. | @@ -109,6 +109,7 @@ | `rpc.public-0138.defi-oracle.io` | RPC-HTTP | **ThirdWeb-style HTTPS RPC** terminator on VMID 2400; JSON-RPC to Chain 138. | | `rpc.defi-oracle.io` | RPC-HTTP | Public JSON-RPC alias (same Besu public stack as `rpc.d-bis.org` family when healthy). | | `wss.defi-oracle.io` | RPC-WS | Public WebSocket RPC companion. | +| `info.defi-oracle.io` | Web | **Chain 138 information hub** SPA: **regulated finance** / **settlement** / **CDA** framing; **`/governance`** (DeFi Oracle LLC architecture, international governance, DBIS–International Commerce Courts / GRU enforcement narrative); **`/ecosystem`**; **`/documentation`** (public vs AUTH portal); **`/solacenet`** (SolaceNet capability/policy + rails governance, public summary); tokens, pools, routing, quotes, `/disclosures`, agents JSON, swaps. **Origin:** VMID **2410** (`192.168.11.218`); **`/token-aggregation/`** → Blockscout. NPMplus / Cloudflare. Not **2400** (RPC). | | `blockscout.defi-oracle.io` | Web | **Blockscout** explorer UI (generic / reference). When NPM proxies here, routing summaries align with **VMID 5000** (`192.168.11.140:80`, TLS at NPM). **Not** canonical **SolaceScanScout / Chain 138** branding—that is **`explorer.d-bis.org`**. Confirm live NPM if behavior differs. | --- diff --git a/docs/04-configuration/FULL_FIXES_PREPARED.md b/docs/04-configuration/FULL_FIXES_PREPARED.md index 470ea51d..aaf6db76 100644 --- a/docs/04-configuration/FULL_FIXES_PREPARED.md +++ b/docs/04-configuration/FULL_FIXES_PREPARED.md @@ -1,5 +1,7 @@ # Full Fixes Prepared — Consolidated Checklist +> Historical note: This is a consolidated remediation snapshot from an earlier operational window. It intentionally keeps older VMID references for auditability. Do not treat those targets as the current fleet layout; confirm current nodes and roles in `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`. + **Last Updated:** 2026-02-07 **Purpose:** Single master list of all fixes (infra, network, optional) with copy-paste commands. **Sources:** [FIXES_PREPARED.md](FIXES_PREPARED.md), [STUCK_TX_AND_BLOCK_STATUS_20260207.md](../08-monitoring/STUCK_TX_AND_BLOCK_STATUS_20260207.md), [SENTRY_RPC_REVIEW_20260207.md](../08-monitoring/SENTRY_RPC_REVIEW_20260207.md), [NEXT_STEPS_OPERATOR.md](../00-meta/NEXT_STEPS_OPERATOR.md). diff --git a/docs/04-configuration/GITEA_IP_CONFLICT_CHECK.md b/docs/04-configuration/GITEA_IP_CONFLICT_CHECK.md index 3b0c2163..0744ee92 100644 --- a/docs/04-configuration/GITEA_IP_CONFLICT_CHECK.md +++ b/docs/04-configuration/GITEA_IP_CONFLICT_CHECK.md @@ -1,6 +1,6 @@ # Gitea and Proxmox VE IP Address Conflict Check -**Date:** 2026-02-15 +**Date:** 2026-02-15 (IP matrix); **2026-04-05** (config vars + upgrade runbook cross-links) **Conclusion:** **No IP conflict** for the Gitea VM (VMID 104 @ 192.168.11.31). One other IP (.60) has a documentation ambiguity to verify on the live network. --- @@ -12,7 +12,7 @@ | 104 | **192.168.11.31** | gitea | ALL_VMIDS_ENDPOINTS, R630_01_02_VMID_INVENTORY, NPMPLUS_SERVICE_MAPPING_COMPLETE | - **192.168.11.31** is assigned **only** to VMID 104 (gitea) in the repo. No other VMID uses .31. -- **config/ip-addresses.conf** does not define `IP_GITEA` or 192.168.11.31; scripts that need Gitea’s IP use the docs or NPMplus proxy (gitea.d-bis.org). +- **config/ip-addresses.conf** defines **`IP_GITEA_INFRA`** (default **192.168.11.31**) and **`GITEA_PUBLIC_UPSTREAM_*`** for NPMplus. Platform ops and upgrades: [GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md](GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md). **Verdict:** No conflict for Gitea (104) with any other VM. @@ -31,10 +31,10 @@ Different VMIDs and different IPs; no conflict. The similar numbers (104 vs 1004 Docs describe two possible backends for Gitea: -1. **VMID 104** @ 192.168.11.31 — Infrastructure Gitea (Web 80/443). -2. **Dev VM (VMID 5700)** @ 192.168.11.59 — Gitea on port 3000; **gitea.d-bis.org** is documented to point to **192.168.11.59:3000** in the Dev/Codespaces flow. +1. **VMID 104** @ 192.168.11.31 — Infrastructure Gitea (Web 80/443). **`update-npmplus-fourth-proxy-hosts.sh` default** for **gitea.d-bis.org** (`GITEA_PUBLIC_UPSTREAM_HOST` / `PORT` in `config/ip-addresses.conf`). +2. **Dev VM (VMID 5700)** @ 192.168.11.59 — Optional **local** Gitea on port 3000 (`scripts/setup-dev-vm-users-and-gitea.sh`). Use only if you intentionally set `GITEA_PUBLIC_UPSTREAM_HOST=$IP_DEV_VM` and `GITEA_PUBLIC_UPSTREAM_PORT=3000` before updating fourth NPMplus. -These are two different IPs (.31 and .59). Ensure DNS/NPMplus for **gitea.d-bis.org** points to the intended backend (e.g. .31:80 or .59:3000) so there is no routing confusion. +These are two different IPs (.31 and .59). Older NPM backups may still show **192.168.11.60:3000** (pre–IP_DEV_VM move); re-run the fourth NPM script or align the proxy row manually. --- @@ -60,5 +60,6 @@ So **192.168.11.60** is now assigned only to VMID 3000 (ML). On a single 192.168 ## Recommendation 1. **Gitea (104 @ .31):** No change needed; no IP conflict. -2. **Optional:** Add `IP_GITEA="192.168.11.31"` to **config/ip-addresses.conf** so scripts can source a single Gitea IP if needed. +2. **Config:** Use **`IP_GITEA_INFRA`** / **`GITEA_PUBLIC_UPSTREAM_*`** from **config/ip-addresses.conf** (already present). 3. **Done:** Dev VM (5700) moved to 192.168.11.59; .60 is now only VMID 3000 (ML). Reconfigure LXC 5700 on Proxmox to use .59 if not already. +4. **Upgrades:** `scripts/operator/upgrade-gitea-lxc.sh` and [GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md](GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md). diff --git a/docs/04-configuration/GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md b/docs/04-configuration/GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md new file mode 100644 index 00000000..b5c20051 --- /dev/null +++ b/docs/04-configuration/GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md @@ -0,0 +1,144 @@ +# Gitea as a platform — layout, operations, and upgrades + +**Last updated:** 2026-04-05 +**Status:** Active operator documentation + +--- + +## 1. Where Gitea runs in this project + +| Role | VMID / host | LAN | Public edge | +|------|-------------|-----|-------------| +| **Org forge (primary)** | **104** on **r630-01** | **192.168.11.31** — HTTP **80** / HTTPS **443** | **https://gitea.d-bis.org** via NPMplus (`GITEA_PUBLIC_UPSTREAM_*` in `config/ip-addresses.conf`) | +| **Dev / GitOps (optional)** | **5700** | **192.168.11.59** — Gitea on **:3000** if installed via `scripts/setup-dev-vm-users-and-gitea.sh` | Only if you point `gitea.d-bis.org` at the dev VM (not default) | + +**Single source for IPs:** [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md). **NPM automation:** `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` and `update-npmplus-fourth-proxy-hosts.sh`. **IP conflict notes:** [GITEA_IP_CONFLICT_CHECK.md](GITEA_IP_CONFLICT_CHECK.md). + +--- + +## 2. Platform shape (VMID 104) + +Typical install matches the **community-scripts / tteck** LXC pattern vendored under `ProxmoxVE/install/gitea-install.sh`: + +- **Binary:** `/usr/local/bin/gitea` (single static binary from [dl.gitea.com](https://dl.gitea.com/gitea/)) +- **Config:** `/etc/gitea/app.ini` (often `chmod 770` and `root:gitea`) +- **Data:** `/var/lib/gitea/` (`custom`, `data`, `log`; repos and DB live under `data` unless external DB) +- **Service user:** `gitea` (system user) +- **systemd:** `gitea.service` → `gitea web --config /etc/gitea/app.ini` + +**Actions / CI:** Gitea Actions runners are optional; there is no stable unauthenticated API across all versions for umbrella checks — use `./scripts/verify/print-gitea-actions-urls.sh` and verify in the UI. + +**Integrations in this repo:** Webhooks and tokens for Phoenix Deploy API — [PHOENIX_DEPLOY_API_GITEA_INTEGRATION.md](PHOENIX_DEPLOY_API_GITEA_INTEGRATION.md). Submodule / remote hygiene — [../00-meta/SUBMODULE_HYGIENE.md](../00-meta/SUBMODULE_HYGIENE.md). + +--- + +## 3. Upgrade strategy (binary install) + +Official guidance: [Upgrade Gitea](https://docs.gitea.com/administration/upgrade-from-gitea) (read the **minor** vs **major** notes and backup expectations). + +**Before any upgrade** + +1. **Snapshot** the CT (Proxmox) or at least backup **`/var/lib/gitea`** and **`/etc/gitea/app.ini`**. +2. Announce a short **maintenance window** if users push during the stop. +3. Note **current version:** `pct exec 104 -- /usr/local/bin/gitea --version`. + +**Recommended path (automated from LAN)** + +```bash +# Preview (no stop, no download on CT beyond version probe) +./scripts/operator/upgrade-gitea-lxc.sh --dry-run + +# Latest release from GitHub “latest” +./scripts/operator/upgrade-gitea-lxc.sh + +# Pin a version (see https://dl.gitea.com/gitea/ for folders) +GITEA_VERSION=1.22.6 ./scripts/operator/upgrade-gitea-lxc.sh +``` + +The script stops `gitea`, backs up the binary, downloads the chosen release for **linux-amd64** (override with `GITEA_ARCH=linux-arm64` on ARM LXCs), runs **`gitea migrate`**, then starts the service. + +**Manual path inside CT** (if SSH to Proxmox is enough but you prefer hands-on) + +```bash +systemctl stop gitea +cp -a /usr/local/bin/gitea /usr/local/bin/gitea.bak.$(date +%Y%m%d%H%M%S) +curl -fsSL -o /tmp/gitea https://dl.gitea.com/gitea//gitea--linux-amd64 +chmod +x /tmp/gitea && install -m 755 /tmp/gitea /usr/local/bin/gitea +sudo -u gitea env GITEA_WORK_DIR=/var/lib/gitea HOME=/var/lib/gitea/data \ + /usr/local/bin/gitea migrate --config /etc/gitea/app.ini +systemctl start gitea +/usr/local/bin/gitea --version +``` + +**tteck LXC “update” command** +If the CT was created with the Proxmox helper that installs `update` in the container menu, that flow also replaces `/usr/local/bin/gitea` from GitHub releases (see `ProxmoxVE/ct/gitea.sh` `update_script`). Keep that in mind if operators are used to `update` inside the CT — it should align with the same binary layout. + +--- + +## 4. After upgrade + +- Open **https://gitea.d-bis.org** (or `http://192.168.11.31`) and confirm login, orgs, and a sample **git fetch**. +- Run **`gitea doctor`** if the release notes ask for it (often as the `gitea` user, same `app.ini`). +- Watch **`journalctl -u gitea -f`** for migration or hook errors. + +--- + +## 5. Security and platform roadmap (short list) + +- Stay on **supported** Gitea versions; subscribe to [Gitea security releases](https://github.com/go-gitea/gitea/security/advisories). +- Prefer **SSH deploy keys** or **tokens** over passwords; rotate **`GITEA_TOKEN`** used by automation ([`.env.master.example`](../../.env.master.example)). +- For larger teams or HA, evaluate **PostgreSQL**, **reverse-proxy hardening**, and **read replicas** per upstream docs — the default SQLite single-node CT is fine for many lab/small-org workloads until scale demands it. + +--- + +## 6. Add-ons, plugins, and extensions (what exists today) + +**There is no WordPress-style plugin marketplace inside Gitea.** The server is a single Go binary; “extending” it is done by turning on **built-in modules** in `app.ini`, using **webhooks + external services**, **Gitea Actions** (with runners), **OAuth apps**, and **custom branding** — not by dropping `.so` plugins into the core. + +### 6.1 Built-in features to enable in configuration (most common “add-ons”) + +These ship with Gitea and are toggled via **`app.ini`** / admin UI (exact section names vary slightly by version — use [Config Cheat Sheet](https://docs.gitea.com/administration/config-cheat-sheet) for yours): + +| Capability | What it gives you | +|------------|-------------------| +| **Gitea Actions** | CI/CD like GitHub Actions (`.gitea/workflows/*.yml`); requires **[`act_runner`](https://gitea.com/gitea/act_runner)** (or compatible) on a separate host/VM | +| **Packages** | npm, Maven, NuGet, PyPI, **generic** packages, etc. | +| **Container registry** | OCI images (often paired with Docker/Podman push) | +| **OAuth2 / OpenID** | Sign-in via Keycloak, Google, GitHub, etc. | +| **LDAP / SMTP** | Directory login and mail for notifications | +| **Webhooks** | Drive Phoenix Deploy, Slack, Matrix, custom HTTP receivers ([PHOENIX_DEPLOY_API_GITEA_INTEGRATION.md](PHOENIX_DEPLOY_API_GITEA_INTEGRATION.md)) | +| **Issue dependencies / time tracking** | Project-management style features (version-dependent) | + +**In this workspace:** workflows already exist in some repos (e.g. `.gitea/workflows/ci.yml` per [RECOMMENDATIONS_TTS_GITEA_PHOENIX.md](RECOMMENDATIONS_TTS_GITEA_PHOENIX.md)); ensure **Actions + a runner** are enabled if you want them on **gitea.d-bis.org**. + +### 6.2 External “plugins” (integrate via API / webhooks / CI) + +Community tools are **not** loaded into the Gitea process; they run beside it: + +- **[Awesome Gitea](https://docs.gitea.com/awesome)** — curated list (Actions, bots, migrations, IDE extensions, themes, Pages-style hosting, SDKs). +- **CI/CD:** [Woodpecker CI](https://woodpecker-ci.org/), [Drone](https://www.drone.io/) (Gitea as auth + repo source), or **Gitea Actions** + `act_runner`. +- **Dependency updates:** Renovate with Gitea provider (see [RENOVATE_GITEA_SETUP.md](RENOVATE_GITEA_SETUP.md) if present in tree). +- **Bots:** `tea` CLI, release automation (`gitea-release-action`, etc. — see Awesome list). +- **AI / review helpers:** [GITEA_AI_REVIEW_SETUP.md](GITEA_AI_REVIEW_SETUP.md) (pattern: webhook or CI calling an LLM API). + +### 6.3 Customization without “plugins” + +- **`custom/`** directory: templates, extra static assets, logos ([Customizing Gitea](https://docs.gitea.com/administration/customizing-gitea)). +- **Branch protection, deploy keys, commit signing** — org/repo settings ([GITEA_BRANCH_PROTECTION.md](GITEA_BRANCH_PROTECTION.md)). + +### 6.4 Experimental / future + +Upstream has discussed richer extensibility (e.g. dynamic renderers); nothing replaces **webhooks + Actions + external tools** today for most teams. For a **Forgejo**-centric plugin narrative, check Forgejo’s own docs if you ever fork/migrate. + +--- + +## 7. Related scripts and config + +| Asset | Purpose | +|-------|---------| +| `scripts/operator/upgrade-gitea-lxc.sh` | Binary upgrade via `pct exec` on VMID 104 | +| `config/ip-addresses.conf` | `IP_GITEA_INFRA`, `GITEA_PUBLIC_UPSTREAM_*` | +| `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` | Primary NPMplus row for `gitea.d-bis.org` | +| `scripts/nginx-proxy-manager/update-npmplus-fourth-proxy-hosts.sh` | Fourth NPMplus dev/Gitea hostnames | +| `scripts/setup-dev-vm-users-and-gitea.sh` | Dev VM Gitea on :3000 | +| `scripts/dev-vm/gitea-create-orgs-and-repos.sh` | API automation (needs `GITEA_TOKEN`) | diff --git a/docs/04-configuration/GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md b/docs/04-configuration/GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md index ee71e32a..29ddc456 100644 --- a/docs/04-configuration/GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md +++ b/docs/04-configuration/GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md @@ -36,6 +36,9 @@ Required decisions: - Deploy the canonical token contract on Chain 138. - If the asset is part of the V2 path, deploy the V2 contract family, not a new V1-style special case. +- For non-USD GRU Wave 1 or later V2 assets, prefer the generic deploy path: + - `bash scripts/deployment/deploy-gru-v2-generic-chain138.sh --dry-run` + - for the existing Wave 1 queue, see [../03-deployment/GRU_V2_WAVE1_CHAIN138_DEPLOYMENT_PLAN.md](../03-deployment/GRU_V2_WAVE1_CHAIN138_DEPLOYMENT_PLAN.md) - Confirm: - decimals - name @@ -160,6 +163,7 @@ Only apply this if the asset is intended for machine-payments or signature-based Verification: - `bash scripts/verify/check-chain138-token-permit-support.sh ...` - `bash scripts/verify/check-chain138-x402-readiness.sh --token SYMBOL=ADDRESS` +- `bash scripts/verify/check-gru-v2-token-standard-surface.sh --token SYMBOL=ADDRESS --strict` --- diff --git a/docs/04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md b/docs/04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md new file mode 100644 index 00000000..531a20c2 --- /dev/null +++ b/docs/04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md @@ -0,0 +1,239 @@ +# GRU Global Priority Cross-Chain Rollout + +**Purpose:** Translate the high-priority global currency set into a staged GRU v2 rollout plan for canonical `c*` on Chain 138 and mirrored `cW*` on destination chains. + +**Use with:** [GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md), [GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md](GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md), [GRU_STANDARDS_PROFILE.md](GRU_STANDARDS_PROFILE.md), [C_TO_CW_MAPPER_MAPPING.md](C_TO_CW_MAPPER_MAPPING.md), [`../../config/gru-iso4217-currency-manifest.json`](../../config/gru-iso4217-currency-manifest.json), [`../../config/gru-global-priority-currency-rollout.json`](../../config/gru-global-priority-currency-rollout.json), [`../../config/gru-transport-active.json`](../../config/gru-transport-active.json), and [`../../config/token-mapping-multichain.json`](../../config/token-mapping-multichain.json) + +--- + +## Bottom line + +Yes, the repo architecture supports full cross-chain swapping and deploying canonical `c*` assets cross-chain as mirrored `cW*` for the ranked currency set. + +What we **cannot** honestly say yet is that all of those currencies are already live. + +Current real state: + +- `USD` is the only fully live GRU transport lane today. +- `EUR`, `GBP`, `AUD`, `JPY`, `CHF`, `CAD`, and `XAU` already exist as canonical Chain 138 assets, but still need transport activation and cW deployment completion. +- The rest of the ranked currencies are not yet in the canonical manifest, which means they are still rollout candidates, not live assets. + +This document is the bridge between your strategic currency list and the repo's actual deployment workflow. + +--- + +## Desired deployment networks + +The default destination surface for this rollout is still the repo's **public EVM cW mesh**: + +- `1`, `10`, `25`, `56`, `100`, `137`, `42161`, `42220`, `43114`, `8453`, `1111` + +Separate but still relevant destination programs: + +- `651940` — **ALL Mainnet (Alltra)**, custom ALT bridge program +- `42793` — **Etherlink**, scaffolded / feature-gated EVM target + +New explicit non-EVM desired target: + +- **Solana** — tracked as an SVM / non-EVM rollout target under `config/token-mapping-multichain.json -> nonEvmNetworks` + +Important boundary: + +- Solana is a **desired deployment network**, but it is **not** part of the EVM `cW*` pool mesh. +- Solana requires an adapter / relay path plus an SPL or bridge-wrapped representation before a GRU `c* -> cW*` style transport lane can be called live. +- Truth and Tron remain separate adapter programs, not default GRU rollout destinations. + +--- + +## What “full cross-chain swapping” means here + +For a GRU currency to support full cross-chain swapping, all of the following have to be true: + +1. A canonical `c*` asset exists on Chain 138. +2. The asset is registered into GRU / asset registry and, where relevant, promoted through the GRU v2 path. +3. A mirrored `cW*` asset exists on the destination chain. +4. `token-mapping-multichain.json` resolves the `c* -> cW*` pair. +5. `gru-transport-active.json` explicitly enables the transport pair. +6. Reserve verifier and `maxOutstanding` policy are wired for the hard-peg corridor. +7. Token-aggregation, explorer metadata, wallet metadata, and route exposure are attached. +8. Oracle and liquidity paths exist for the currency pair or treasury route that makes the asset economically usable. + +If any one of those layers is missing, the asset is only partially integrated. + +--- + +## Naming assumptions + +This rollout file uses the repo's current naming conventions: + +- Default fiat rollout pattern: `cC -> cWC` +- Existing dual-form exceptions remain: + - `USD`: `cUSDC/cUSDT -> cWUSDC/cWUSDT` + - `EUR`: `cEURC/cEURT -> cWEURC/cWEURT` + - `GBP`: `cGBPC/cGBPT -> cWGBPC/cWGBPT` + - `XAU`: `cXAUC/cXAUT -> cWXAUC/cWXAUT` + +For newly ranked currencies, the default assumption is **coin-form first** unless governance explicitly requests a paired token-form issuance. + +Examples: + +- `SGD -> cSGDC -> cWSGDC` +- `CNY -> cCNYC -> cWCNYC` +- `IDR -> cIDRC -> cWIDRC` +- `XDR -> cXDRC -> cWXDRC` +- `XAG -> cXAGC -> cWXAGC` + +--- + +## Rollout waves + +### Wave 0 + +Keep the current live baseline healthy: + +- `USD` + +This is the existing `cUSDC/cUSDT -> cWUSDC/cWUSDT` transport lane. + +### Wave 1 + +Promote the already-deployed canonical Chain 138 set into transport-active corridors: + +- `EUR` +- `GBP` +- `AUD` +- `JPY` +- `CHF` +- `CAD` +- `XAU` + +These are the fastest path to broader GRU coverage because the Chain 138 leg already exists. + +### Wave 2 + +Add the remaining top-priority reserve and regional anchor fiat currencies: + +- `CNY` +- `HKD` +- `SGD` +- `SEK` +- `KRW` +- `NOK` +- `NZD` +- `INR` +- `MXN` +- `BRL` +- `ZAR` +- `TRY` +- `AED` +- `SAR` +- `PLN` +- `THB` +- `IDR` + +This is the first large “new canonical deployment” wave. + +### Wave 3 + +Extend into secondary emerging currencies and monetary-unit references: + +- `MYR` +- `PHP` +- `VND` +- `EGP` +- `CLP` +- `COP` +- `PKR` +- `BDT` +- `KES` +- `NGN` +- `XDR` +- `XAG` + +--- + +## Machine-readable rollout source + +The ranked rollout queue now lives in: + +- [`../../config/gru-global-priority-currency-rollout.json`](../../config/gru-global-priority-currency-rollout.json) + +The file captures: + +- tier +- rank +- rollout wave +- desired destination networks +- current repo target state +- assumed `c*` and `cW*` symbols + +Important boundary: + +- `gru-global-priority-currency-rollout.json` is a **planning queue** +- `gru-iso4217-currency-manifest.json` is the **live supported-currency source of truth** +- `gru-transport-active.json` is the **live routing/transport gate** + +--- + +## Verifier + +Use the rollout verifier to compare the ranked queue against current repo reality: + +```bash +bash scripts/verify/check-gru-global-priority-rollout.sh +``` + +Optional: + +```bash +bash scripts/verify/check-gru-global-priority-rollout.sh --wave=wave1 +bash scripts/verify/check-gru-global-priority-rollout.sh --json +``` + +The verifier reports, per currency: + +- manifest present or not +- canonical Chain 138 deployment present or not +- `c* -> cW*` symbol mapping present or not +- transport active or not +- x402-ready or not +- derived repo state +- next recommended step + +For the public-network rollout surface that the explorer now publishes, use: + +```bash +bash scripts/verify/check-gru-v2-public-protocols.sh +``` + +Explorer static JSON: + +- `https://explorer.d-bis.org/config/GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json` + +That status surface is intentionally stricter than the token mesh inventory: + +- it treats the public EVM `cW*` token mesh as complete on the currently loaded 10-chain set, with only `Wemix` still outside the loaded mesh +- it still keeps Wave 1 non-USD assets as `canonical_only` until transport is actually enabled +- it marks `Uniswap v3`, `Balancer`, `Curve 3`, `DODO PMM`, and `1inch` as **not deployed on the public cW mesh** until real public-chain `cW*` pools are recorded + +--- + +## Operator recommendation + +If the goal is to get to broad GRU v2 cross-chain coverage safely, the recommended order is: + +1. Finish Wave 1 first. +2. Only then start new canonical deployments for Wave 2. +3. Attach metadata and oracle/liquidity paths as part of each currency’s onboarding, not as an afterthought. + +That means each asset rollout should include: + +- IPFS-backed metadata URI +- disclosure / reporting URI +- reserve-verifier policy +- price oracle path +- at least one approved liquidity / treasury route + +The architecture can absolutely support the global currency list. + +The repo now has a concrete way to prove which parts are live, which parts are only canonical on Chain 138, and which parts are still waiting for first deployment. diff --git a/docs/04-configuration/GRU_STANDARDS_PROFILE.md b/docs/04-configuration/GRU_STANDARDS_PROFILE.md index a484e94a..a5a60515 100644 --- a/docs/04-configuration/GRU_STANDARDS_PROFILE.md +++ b/docs/04-configuration/GRU_STANDARDS_PROFILE.md @@ -1,6 +1,6 @@ # GRU Standards Profile -**Purpose:** Define the machine-readable standards profile for canonical `c* V2`, mirrored `cW*`, x402 capability, GRU governance/policy enforcement, and the broader ISO-4217-plus asset scope. +**Purpose:** Define the machine-readable standards profile for canonical `c* V2`, mirrored `cW*`, x402 capability, GRU governance/policy enforcement, USD ecosystem extensions such as `cAUSDT` / `cUSDW`, and the broader ISO-4217-plus asset scope. ## File @@ -16,7 +16,7 @@ This profile is the shared standards contract between docs, configs, operators, - the transport / wrapper standards for `cW*` - the required storage, governance, and supervision metadata for `c*`, `cW*`, and tokenized assets - the GRU M00 governance and policy standards -- the broader asset scope: **ISO-4217 fiat currencies, approved commodities, and future monetary units** +- the broader asset scope: **ISO-4217 fiat currencies, approved commodities, USD ecosystem extensions, and future monetary units / gas-native transport families** ## Compatibility boundary @@ -34,7 +34,9 @@ That keeps the standards profile broad while keeping the active transport overla ## Relationship to other files - [`config/gru-iso4217-currency-manifest.json`](../../config/gru-iso4217-currency-manifest.json) - Tracks which currencies exist and their current lifecycle state. + Tracks which currencies exist, their lifecycle state, and USD ecosystem extensions such as `cAUSDT` and `cUSDW`. +- [`config/gru-monetary-unit-manifest.json`](../../config/gru-monetary-unit-manifest.json) + Tracks non-ISO monetary units plus the gas-native GRU transport families such as `cETH`, `cBNB`, `cPOL`, `cAVAX`, `cCRO`, `cXDAI`, `cCELO`, and `cWEMIX`. - [`config/gru-transport-active.json`](../../config/gru-transport-active.json) Activates the currently enabled canonical tokens, compatible destination chains, and public pools. - [`config/gru-governance-supervision-profile.json`](../../config/gru-governance-supervision-profile.json) @@ -52,5 +54,6 @@ That keeps the standards profile broad while keeping the active transport overla - **Standards scope:** x402, EIP-712, ERC-2612, ERC-3009, ERC-5267, AccessControl, Pausable, deterministic storage namespaces, jurisdiction/supervision metadata, ISO-20022-aligned policy routing, and GRU M00 governance/policy facets. - **Asset scope:** all currencies added to the GRU manifest, not just the currently active USD lanes. +- **Extension scope:** USD ecosystem assets that bridge into GRU, such as Alltra `AUSDT -> cAUSDT` and D-WIN `USDW -> cUSDW`, can be formalized even when their transport readiness differs from the base USD lanes. - **Transport scope:** every public chain that is structurally compatible according to mapping, deployment, and bridge metadata. - **Governance scope:** proposal tagging by jurisdiction, jurisdictional authority approval when required, and minimum upgrade notice periods that survive across asset families. diff --git a/docs/04-configuration/GRU_TRANSPORT_ACTIVE_JSON.md b/docs/04-configuration/GRU_TRANSPORT_ACTIVE_JSON.md index 2d59ebd1..9b065168 100644 --- a/docs/04-configuration/GRU_TRANSPORT_ACTIVE_JSON.md +++ b/docs/04-configuration/GRU_TRANSPORT_ACTIVE_JSON.md @@ -13,6 +13,7 @@ This file is the final activation gate for: - enabled canonical `c*` assets on Chain 138 - enabled public destination chains for `cW*` +- authoritative destination `ccipChainSelector` metadata for each enabled bridge lane - approved `CWMultiTokenBridgeL1` / `CWMultiTokenBridgeL2` peers - reserve-verifier policy references for hard-peg eligible pairs - required `maxOutstanding` policy per canonical token / destination chain @@ -59,6 +60,11 @@ An active GRU transport pair is only valid when all of the following agree: 6. A `maxOutstanding` policy reference is set for the pair. 7. Required reserve-verifier wiring references are present. +For gas-native rollout lanes, the overlay also carries the destination CCIP selector in both +`enabledDestinationChains[]` and `approvedBridgePeers[]`. Token-aggregation resolves that into +`destinationChainSelector` on each active transport pair so verifier and deployment scripts can +check whether the live Chain 138 bridge has actually wired the destination. + ## Standard methodology The repo now treats GRU Transport as the canonical standard for public-chain monetary transport: @@ -89,14 +95,31 @@ Operators should: Until a pool is marked active in the overlay, token-aggregation hides GRU `cW*` pools that touch mirrored assets on public chains. +## ISO-4217 GRU bridge: native c* v2 to wrapped cW* v2 + +Canonical `c*` on Chain 138 and mirrored `cW*` on public chains are tied together by the GRU transport bridge model (escrow / lock on L1, mint on L2; burn on L2, release on L1), implemented by `CWMultiTokenBridgeL1` / `CWMultiTokenBridgeL2` and `CompliantWrappedToken` with mint/burn roles. See [CW_HARD_PEG_DESIGN_CWUSDC_CWUSDT.md](../07-ccip/CW_HARD_PEG_DESIGN_CWUSDC_CWUSDT.md). + +For each enabled canonical token, `enabledCanonicalTokens[].bridge` carries: + +- `canonicalAssetVersion`: `v1` or `v2` — which compliant native contract L1 escrows. +- `mirroredAssetVersion`: `v1` or `v2` — which `cW*` contract L2 mints/burns. + +`config/token-mapping-multichain.json` section **`gruIso4217Bridge`** holds Chain 138 addresses per `Compliant_*_cW` mapping key and optional **`mirroredV2ByMappingKeyAndChain`** (per destination `chainId`). `config/token-mapping-loader.cjs` resolves `canonicalAddress` / `mirroredAddress` for `getActiveTransportPairs()` from these settings. Defaults remain **v1/v1** until you deploy `cW*` v2 on each destination, fill non-null mirrored v2 addresses, update `cross-chain-pmm-lps/config/deployment-status.json` `cwTokens`, register supported tokens on the live L1/L2 bridge contracts, then flip both versions to `v2`. + ## v1 defaults The current overlay enables: - canonical assets: `cUSDT`, `cUSDC` +- live ecosystem extension lane: `cAUSDT -> cWAUSDT` +- gas-native GRU families such as `cETH`, `cETHL2`, `cBNB`, `cPOL`, `cAVAX`, `cCRO`, `cXDAI`, `cCELO`, and `cWEMIX` - destination chains: `25`, `56`, `137`, `43114`, `42161`, `8453`, `10`, `100`, `1` - transport form: **Compliant Wrapped ISO-4217 M1** +Important boundary: + +- `cUSDW -> cWUSDW` is already modeled in `config/token-mapping-multichain.json`, but it is **not yet an enabled canonical token** in this active overlay. Treat it as staged until the wrap-vault and transport activation steps are completed. + ## Related - [C_TO_CW_MAPPER_MAPPING.md](C_TO_CW_MAPPER_MAPPING.md) diff --git a/docs/04-configuration/GRU_V2_CHAIN138_READINESS.md b/docs/04-configuration/GRU_V2_CHAIN138_READINESS.md new file mode 100644 index 00000000..2220de1c --- /dev/null +++ b/docs/04-configuration/GRU_V2_CHAIN138_READINESS.md @@ -0,0 +1,94 @@ +# GRU V2 Chain 138 Readiness + +**Purpose:** Turn the GRU `c* V2` program into an operator-checked Chain 138 surface instead of leaving it as a standards-only plan. + +**Related:** [GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md](GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md), [GRU_STANDARDS_PROFILE.md](GRU_STANDARDS_PROFILE.md), [GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md](GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md), [GRU_V2_IPFS_METADATA_RUNBOOK.md](GRU_V2_IPFS_METADATA_RUNBOOK.md), [CHAIN138_X402_TOKEN_SUPPORT.md](CHAIN138_X402_TOKEN_SUPPORT.md), [CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md), [scripts/verify/check-gru-v2-chain138-readiness.sh](../../scripts/verify/check-gru-v2-chain138-readiness.sh), [scripts/verify/check-cstar-v2-transport-stack.sh](../../scripts/verify/check-cstar-v2-transport-stack.sh) + +## Current Chain 138 V2 addresses + +| Asset | Address | Live state | +|------|---------|------------| +| `cUSDT V2` | `0x9FBfab33882Efe0038DAa608185718b772EE5660` | Deployed, bytecode present, active in `UniversalAssetRegistry` as `AssetType.GRU`, `forwardCanonical=true`, IPFS metadata wired | +| `cUSDC V2` | `0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d` | Deployed, bytecode present, active in `UniversalAssetRegistry` as `AssetType.GRU`, `forwardCanonical=true`, IPFS metadata wired | + +## What the readiness checker proves + +Run: + +```bash +bash scripts/verify/check-gru-v2-chain138-readiness.sh +``` + +Optional: + +```bash +RUN_LOCAL_TESTS=1 bash scripts/verify/check-gru-v2-chain138-readiness.sh +bash scripts/verify/check-gru-v2-chain138-readiness.sh --report-only +``` + +The checker verifies: + +- deployed bytecode exists on Chain 138 for `cUSDT V2` and `cUSDC V2` +- both assets are active in `UniversalAssetRegistry` +- both assets are registered as `AssetType.GRU` +- core V2 identity and signing surface works: + - `name` + - `symbol` + - `versionTag` + - `currencyCode` + - `assetId` + - `assetVersionId` + - `DOMAIN_SEPARATOR` +- contract-linked metadata is populated: + - `tokenURI` + - `tokenURI` uses `ipfs://...` +- rollout caveats are explicit: + - any selected V2 address with `forwardCanonical=false` is not ready + - any selected V2 address missing the governance / supervision metadata ABI is not ready + - any active GRU registry entry with no bytecode is reported as an orphaned registry artifact + +## Current status as of 2026-04-03 + +### Green + +- `CompliantFiatTokenV2Test` passes locally. +- Both V2 assets are deployed on Chain 138. +- Both V2 assets are active in `UniversalAssetRegistry`. +- Both V2 assets expose the core V2 identity and signing surface: + - `name` + - `symbol` + - `versionTag` + - `currencyCode` + - `assetId` + - `assetVersionId` + - `DOMAIN_SEPARATOR` + +### Remaining caveat + +- `UniversalAssetRegistry` still contains one orphaned GRU entry from the interrupted April 3, 2026 rollout: `0x9AA44008f30B7F6D2BfB74016420c5eA49c5ebE4` is marked active but has no bytecode. +- The current registry implementation does not expose a public remove/deactivate path, so that orphan remains a cleanup item for a future controlled registry upgrade rather than an in-band token rollout step. + +## Meaning + +Chain 138 now has live forward-canonical GRU V2 USD assets: + +- V2 addresses are real +- V2 addresses are GRU-registered +- V2 addresses are x402-signing-capable at the core token layer +- V2 addresses are the forward-canonical GRU USD assets +- live deployed bytecode matches the governance / supervision metadata surface expected by the latest GRU V2 source +- the remaining issue is registry hygiene for the orphaned no-bytecode entry + +## Practical next steps + +1. Keep `cUSDT V2` and `cUSDC V2` as the canonical GRU V2 USD pair on Chain 138. +2. Treat V1 `cUSDT` / `cUSDC` as legacy liquidity addresses until PMM, cW, and transport cutover is complete. +3. Preserve the IPFS metadata/disclosure/reporting bundle as the presentation source of truth for the active V2 pair. +4. Plan a controlled `UniversalAssetRegistry` upgrade if you want to remove the orphaned `0x9AA...` GRU record instead of merely documenting it. +5. Continue the downstream cutover: explorer precedence, cW bridge mappings, pool migrations, and transport overlays. + +## Operator guidance + +- Use [check-cstar-v2-transport-stack.sh](../../scripts/verify/check-cstar-v2-transport-stack.sh) for the predeploy contract/transport green path. +- Use [check-gru-v2-chain138-readiness.sh](../../scripts/verify/check-gru-v2-chain138-readiness.sh) for the live Chain 138 promotion gate. +- Do not treat `cUSDT V2` / `cUSDC V2` as canonical-forward GRU USD until the readiness checker returns zero blockers. diff --git a/docs/04-configuration/GRU_V2_IPFS_METADATA_RUNBOOK.md b/docs/04-configuration/GRU_V2_IPFS_METADATA_RUNBOOK.md new file mode 100644 index 00000000..d9d3af46 --- /dev/null +++ b/docs/04-configuration/GRU_V2_IPFS_METADATA_RUNBOOK.md @@ -0,0 +1,68 @@ +# GRU V2 IPFS Metadata Runbook + +**Purpose:** Keep GRU v2 presentation metadata decentralized while storing only URIs on-chain. + +## Architecture + +```text +CompliantFiatTokenV2.tokenURI() + -> ipfs:///cusdt-v2/metadata.json + -> metadata.json + -> logo/image ipfs:// +``` + +Each GRU v2 token also carries: + +- `regulatoryDisclosureURI` +- `reportingURI` + +Those URIs can point at separate IPFS JSON documents so governance and reporting can evolve without storing large blobs on-chain. + +## Repo source of truth + +Metadata bundle source files live under: + +- `config/gru-v2-metadata/chain138/cusdt-v2/` +- `config/gru-v2-metadata/chain138/cusdc-v2/` + +## Publish to IPFS + +```bash +bash scripts/deployment/publish-gru-v2-chain138-metadata-to-ipfs.sh +``` + +Default IPFS API: + +```text +http://192.168.11.35:5001 +``` + +The script: + +1. uploads the metadata/disclosure/reporting bundle +2. writes `config/gru-v2-metadata/chain138/ipfs-manifest.latest.json` +3. prints exportable env vars for deployment + +## Deploy with metadata + +```bash +eval "$( + bash scripts/deployment/publish-gru-v2-chain138-metadata-to-ipfs.sh \ + | awk '/^export / { print }' +)" + +bash scripts/deployment/deploy-gru-v2-chain138.sh +``` + +The deploy path consumes: + +- `CUSDT_V2_TOKEN_URI` +- `CUSDT_V2_REGULATORY_DISCLOSURE_URI` +- `CUSDT_V2_REPORTING_URI` +- `CUSDC_V2_TOKEN_URI` +- `CUSDC_V2_REGULATORY_DISCLOSURE_URI` +- `CUSDC_V2_REPORTING_URI` + +## Operational note + +Wallets and explorers may cache logos and metadata. Updating the IPFS content will not refresh every client immediately, so treat metadata changes as gradual propagation events. diff --git a/docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md b/docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md index 53189264..22f40652 100644 --- a/docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md +++ b/docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md @@ -6,16 +6,25 @@ ## What the site does -- **Overview:** Chain 138 network metadata from `GET /api/v1/networks` when the API is reachable. -- **c* & cW*:** Live token list from `GET /api/v1/tokens?chainId=138` plus static **cW\*** registry from `cross-chain-pmm-lps/config/deployment-status.json` (rebuild to update). +**Positioning:** Copy and agent hints describe the programme as serving **regulated financial entities** and **settlement** workflows (**cross-border payments and settlements**), with tokenized instruments framed as **digital currencies**, **digital securities**, **digital commodities**, and other **Compliant Digital Assets**—explicitly **not** retail **crypto** speculation. **Governance narrative** (public): **DeFi Oracle, LLC** as technical architecture; **international regulated/governmental** oversight; **Digital Bank of International Settlements** / **International Commerce Courts** enforcement framing for **GRU** policy and serious violations—see `/governance`. **Ecosystem** summary: `/ecosystem`. **Public vs authenticated documentation** for governments, regulators, FIs, law enforcement, courts, developers, public: `/documentation`. **SolaceNet** (capability/policy plane, public framing): `/solacenet`. See also `/disclosures`. + +- **Overview:** Chain 138 network metadata from `GET /api/v1/networks` when the API is reachable; **cross-chain topology** (WETH9 / WETH10 / trustless tabs) from `GET /api/v1/bridge/routes` with bundled fallback. +- **c* & cW*:** Live token list from `GET /api/v1/tokens?chainId=138` plus live **cW\*** registry from `GET /api/v1/report/cw-registry` with bundled fallback. +- **Gas-native rollout:** Live gas-family registry from `GET /api/v1/report/gas-registry`, including canonical `c*` gas symbols on Chain 138, destination `cW*` mirrors, backing mode, quote lanes, and runtime lane readiness, with bundled fallback for static publishing. - **Pools:** Samples pools via `GET /api/v1/tokens/:address/pools` for compliant tokens. -- **Swap:** Quote from `GET /api/v1/quote` and on-chain **swapExactIn** on `DODOPMMIntegration` (wallet). -- **Routing:** `GET /api/v1/bridge/routes` and token-mapping pairs for cross-chain planning. +- **Swap:** Quote from `GET /api/v1/quote` (Uniswap-style estimate) and on-chain **swapExactIn** on canonical **`DODOPMMIntegration`** (`0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` per `docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md`) (wallet). The SPA sets **`minOut` from `querySellBase` / `querySellQuote`** on the pool so gas estimation does not fail on PMM mismatch. For CLI / runbooks: **`bash scripts/verify/pmm-swap-quote-chain138.sh --token-in … --amount-in …`** prints suggested **`minAmountOut`** and example **`cast send`**. +- **Routing:** `GET /api/v1/bridge/routes` and token-mapping pairs for cross-chain planning (same topology component as Overview). +- **Agents:** `/agents` — copyable live JSON context (networks + bridge routes + API paths). Static files for tools: `/llms.txt`, `/agent-hints.json`, `/robots.txt`, `/sitemap.xml`. +- **Governance:** `/governance` — DeFi Oracle, LLC technical architecture; international supervisory governance; DBIS / International Commerce Courts / GRU enforcement narrative (SPA). +- **Ecosystem:** `/ecosystem` — partners, products, services, interconnections (SPA). +- **Documentation:** `/documentation` — audiences; public hub vs secure authenticated portal; why some material is not public (SPA). +- **SolaceNet:** `/solacenet` — capability and policy control plane; rails governance summary for public audiences (SPA). +- **Disclosures:** `/disclosures` — audience (regulated finance vs retail crypto), Compliant Digital Assets framing, risk, naming (“compliant” / c* taxonomy), on-chain verification, indexer caveats (SPA route). ## Prerequisites -- Public **token-aggregation** base URL (e.g. `https://dbis-api.d-bis.org`) with CORS enabled for browsers. -- Static file host or CDN for `dist/` after `pnpm --filter info-defi-oracle-138 build`. +- **Browser API path (recommended):** The dedicated info LXC nginx proxies **`/token-aggregation/`** to the Blockscout / token-aggregation service (see `config/nginx/info-defi-oracle-io.site.conf`). The SPA defaults to **`{site origin}/token-aggregation`** so the browser stays same-origin (no cross-site CORS, no mixed content). Override only if needed: `VITE_TOKEN_AGGREGATION_API_BASE` at build time. +- **Static host:** Web root for `dist/` after `pnpm --filter info-defi-oracle-138 build` (or use `sync-info-defi-oracle-to-vmid2400.sh` to VMID **2410**). ## Steps @@ -24,10 +33,98 @@ 3. Upload `info-defi-oracle-138/dist/` to the web root. 4. Configure the web server for SPA fallback: all routes → `index.html`. 5. Add NPMplus proxy host **info.defi-oracle.io** → that origin; request Let’s Encrypt certificate. -6. Verify: open `/`, `/tokens`, `/pools`, `/swap`, `/routing` over HTTPS. +6. Verify in a browser: `/`, `/governance`, `/ecosystem`, `/documentation`, `/solacenet`, `/tokens`, `/pools`, `/swap`, `/routing`, `/agents`, `/disclosures` over HTTPS; confirm `/llms.txt` and `/agent-hints.json` return 200 (copied from `info-defi-oracle-138/public/` into `dist/` at build time). Prefer **`pnpm run verify:info-defi-oracle-public`** (checks SPA paths, static files, `agent-hints.json` fields, and `/token-aggregation/api/v1/networks`). + +### After deploy (automated) + +From any host with `curl` (optional `jq` for JSON sanity): + +```bash +bash scripts/verify/check-info-defi-oracle-public.sh +``` + +Override base URL: `INFO_SITE_BASE=https://staging.example.com bash scripts/verify/check-info-defi-oracle-public.sh` + +**Stale edge:** If `curl -I` shows an old `Last-Modified` or new routes 404, the edge is still serving a previous `dist/` — rebuild, re-upload/sync, and re-run the script. + +**Placeholder HTML:** If `curl -s https://info.defi-oracle.io/ | head` shows `Default Page` (or similar generic hosting default), the proxy is **not** pointing at the Vite `dist/` output — fix NPMplus upstream / tunnel target, then re-run `check-info-defi-oracle-public.sh`. + +**Static agent files:** `llms.txt`, `agent-hints.json`, `robots.txt`, and `sitemap.xml` must be deployed at the **site root** (Vite copies `public/` into `dist/`). If your sync only uploaded older assets, run a fresh `pnpm --filter info-defi-oracle-138 build` first. + +**Cloudflare DNS (`.env` API creds):** `set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` defaults to `INFO_DEFI_ORACLE_EDGE_MODE=auto`. If the tunnel ID is **not** in your account (`Tunnel not found` from `update-vmid2400-tunnel-config.sh`), publish an **A** record to your NPM WAN instead: + +```bash +INFO_DEFI_ORACLE_EDGE_MODE=public_ip bash scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh +``` + +Set `INFO_DEFI_ORACLE_PUBLIC_IP` or `PUBLIC_IP` if the NPM edge is not the default `76.53.10.36`. + +**HTTPS “Default Page” on NPM while HTTP works:** Request Let’s Encrypt certs for `info.defi-oracle.io` / `www.info.defi-oracle.io` (`scripts/request-npmplus-certificates.sh` with `CERT_DOMAINS_FILTER='info\.defi-oracle'` or `^79\|` for a single host id). Without a certificate, NPMplus may serve its default SSL vhost. + +**Cloudflare cache vs origin:** If `/` and `/llms.txt` pass but `/robots.txt` still returns NPM “Default Page” through the orange-cloud proxy, purge cache for static URLs: + +```bash +bash scripts/cloudflare/purge-info-defi-oracle-cache.sh +``` + +**Tunnel ingress (when tunnel exists in account):** `scripts/update-vmid2400-tunnel-config.sh` routes `info` / `www.info` to `http://IP_INFO_DEFI_ORACLE_WEB:80` (not `127.0.0.1:80`). Override with `INFO_DEFI_ORACLE_TUNNEL_UPSTREAM` if needed. + +## Dedicated web LXC (recommended) + +**VMID 2400 is ThirdWeb RPC**, not a static site host. Use a **small nginx-only LXC** (default **VMID 2410**, **192.168.11.218** — see `config/ip-addresses.conf`). + +1. **Provision once** (Debian + nginx + vhost; on **r630-01** by default, override `PROXMOX_HOST` for another node): + +```bash +bash scripts/deployment/provision-info-defi-oracle-web-lxc.sh +``` + +2. **Build and sync** the SPA into that CT (script name is historical; default target is **2410**): + +```bash +bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh +``` + +Override: `INFO_DEFI_ORACLE_VMID`, `PROXMOX_HOST`, `IP_INFO_DEFI_ORACLE_WEB` as needed. + +3. Sync the primary public NPMplus edge so `info.defi-oracle.io` and `www.info.defi-oracle.io` proxy to **`IP_INFO_DEFI_ORACLE_WEB:80`** (defaults updated in `update-npmplus-proxy-hosts-api.sh`): + +```bash +bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh +``` + +4. Request or renew the NPMplus certificate for the two hostnames: + +```bash +CERT_DOMAINS_FILTER='(^|,)www?\\.info\\.defi-oracle\\.io$|info\\.defi-oracle\\.io|www\\.info\\.defi-oracle\\.io' \ + bash scripts/request-npmplus-certificates.sh +``` + +5. Publish DNS. The helper prefers a Cloudflare tunnel when present, otherwise the public NPMplus edge IP: + +```bash +bash scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh +``` + +6. Optional: tunnel ingress for RPC lives on VMID 2400 — **info** traffic normally flows **NPMplus → dedicated web LXC**; only use `scripts/update-vmid2400-tunnel-config.sh` if you intentionally route `info` via the same tunnel stack as RPC. + +7. Verify public resolution, HTTPS, SPA, agent static files, and **same-origin** token-aggregation JSON: + +```bash +getent ahosts info.defi-oracle.io +curl -I https://info.defi-oracle.io +bash scripts/verify/check-info-defi-oracle-public.sh +# Optional: scored Playwright pass (Chromium): pnpm exec playwright install chromium && pnpm run audit:info-defi-oracle-site +``` + +## CI and scheduling + +- **Build (PR/push):** `.github/workflows/info-defi-oracle-138.yml` runs `pnpm --filter info-defi-oracle-138 build` when the package or lockfile changes. +- **Public smoke:** `.github/workflows/verify-info-defi-oracle-public.yml` runs **`check-info-defi-oracle-public.sh`** on **workflow_dispatch** (optional input **info_site_base**) and weekly (Mondays UTC). **Actions variable** `INFO_SITE_BASE` is used when the input is empty; otherwise the script defaults to `https://info.defi-oracle.io`. ## Related docs - [DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md](DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md) - [E2E_ENDPOINTS_LIST.md](E2E_ENDPOINTS_LIST.md) +- [PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md](PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md) - [CW_STAR_CMC_COINGECKO_LISTING_STATUS.md](../11-references/CW_STAR_CMC_COINGECKO_LISTING_STATUS.md) diff --git a/docs/04-configuration/ISO4217_COMPLIANT_TOKEN_MATRIX.md b/docs/04-configuration/ISO4217_COMPLIANT_TOKEN_MATRIX.md index 7921f325..16c480a3 100644 --- a/docs/04-configuration/ISO4217_COMPLIANT_TOKEN_MATRIX.md +++ b/docs/04-configuration/ISO4217_COMPLIANT_TOKEN_MATRIX.md @@ -150,6 +150,18 @@ On **ChainID 138 only**, compliant token symbols use the **v0 form** with **no c | USD | `cWAUSDC` | `cWAUSDT` | `cWAUSDW` | | EUR | `cWAEURC` | `cWAEURT` | `cWAEURW` | +### Alltra inbound gold exception + +The generic bridged rule above uses the **origin financial chain designator** in position 3. For the specific **Chain 138 -> ALL Mainnet (651940)** gold corridor, the repo uses an explicit **ALL Mainnet naming exception**: + +| Flow leg | XAUC | XAUT | +| --- | --- | --- | +| Source-side wrapped leg | `cWXAUC` | `cWXAUT` | +| Bridge-minted ALL Mainnet wrapped leg | `cWAXAUC` | `cWAXAUT` | +| Unwrapped ALL Mainnet native leg | `cAXAUC` | `cAXAUT` | + +This exception is intentional and should be interpreted from the **pair mapping + chainId + contract address**, not by applying the generic 7-character bridged rule blindly. + --- ## 11. Chain-Context Mapping diff --git a/docs/04-configuration/IT_OPS_EDGE_DISCOVERY_IPS.md b/docs/04-configuration/IT_OPS_EDGE_DISCOVERY_IPS.md new file mode 100644 index 00000000..1bd2c5e0 --- /dev/null +++ b/docs/04-configuration/IT_OPS_EDGE_DISCOVERY_IPS.md @@ -0,0 +1,15 @@ +# IT operations — edge and discovery IPs + +**Purpose:** Capture **non-Proxmox-guest** LAN addresses called out in the IT controller plan for classification and IPAM follow-up. + +| IP | Status | Notes | +|----|--------|--------| +| **192.168.11.23** | Discovery | `IP_SERVICE_23` in `config/ip-addresses.conf`. Observed HTTP **8080** with API-style headers; **owner/workload TBD** — tag in IT DB when known. | +| **192.168.11.26** | Documented | **VMID 105** legacy NPM (OpenResty), not bare-metal R750. **`IP_NGINX_LEGACY`** is the correct semantic; **`PROXMOX_HOST_R750_03`** defaults here for historical reasons only—do not treat as a physical R750. Align [HARDWARE_INVENTORY_MASTER.md](../11-references/HARDWARE_INVENTORY_MASTER.md) and `config/ip-addresses.conf` comments with live `pct` list. | +| **192.168.11.2** | Infra | Secondary **UDM** / HA peer; confirm power, adoption, and ICMP policy for monitoring. | +| **Workstations** | Optional env | When fixed, set **`WORKSTATION_01_IP`** / **`WORKSTATION_02_IP`** in repo `.env` and extend `compute_ipam_drift.py` hypervisor exclusions if needed. | + +## Related + +- [NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md) +- [SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md](../02-architecture/SANKOFA_IT_OPERATIONS_CONTROLLER_SPEC.md) diff --git a/docs/04-configuration/LEDGER_CHAIN138_ISSUES_AND_WORKAROUNDS.md b/docs/04-configuration/LEDGER_CHAIN138_ISSUES_AND_WORKAROUNDS.md index 03e5d7a6..2a73dd4d 100644 --- a/docs/04-configuration/LEDGER_CHAIN138_ISSUES_AND_WORKAROUNDS.md +++ b/docs/04-configuration/LEDGER_CHAIN138_ISSUES_AND_WORKAROUNDS.md @@ -114,10 +114,7 @@ See also: [CHAIN138_WALLET_CONFIG_VALIDATION.md](./CHAIN138_WALLET_CONFIG_VALIDA ## 4. Chainlist and discovery - **Chain 138** is registered as **Defi Oracle Meta Mainnet** on Chainlist (e.g. `https://chainlist.org/chain/138`). -- This repo’s chain data: **`pr-workspace/chains/_data/chains/eip155-138.json`** includes: - - RPCs: `rpc-http-pub.d-bis.org`, `rpc.d-bis.org`, `rpc2.d-bis.org`, `rpc.public-0138.defi-oracle.io`, `rpc.defi-oracle.io`, thirdweb (with API key placeholder), and matching WSS URLs. - - Explorer: `https://explorer.d-bis.org`. - - `slip44: 60` (ETH derivation); `chainId: 138`, `networkId: 1`. +- This repo’s chain data: **`pr-workspace/chains/_data/chains/eip155-138.json`** mirrors [ethereum-lists/chains `eip155-138.json`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json) (merged [cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80)): public d-bis.org and defi-oracle.io RPCs (HTTP + WSS), Blockscout at `https://explorer.d-bis.org`, `slip44: 60`, `chainId: 138`, `networkId: 138`, features EIP155 / EIP1559 / EIP2718 / EIP2930. Ledger Live does **not** use Chainlist to add new networks; it only supports its own list. So Chainlist is relevant for **MetaMask (or other wallets)** when used with Ledger. diff --git a/docs/04-configuration/MIGRATION_PLAN_R630_01_DATA.md b/docs/04-configuration/MIGRATION_PLAN_R630_01_DATA.md index e1a89a0e..70d51a2d 100644 --- a/docs/04-configuration/MIGRATION_PLAN_R630_01_DATA.md +++ b/docs/04-configuration/MIGRATION_PLAN_R630_01_DATA.md @@ -19,7 +19,7 @@ Goal: Reduce r630-01 **data** pool usage (currently ~65.8%, 280G pool) so it sta | VMID | Allocated | Role / name (typical) | Migration priority | |-------|-----------|------------------------|--------------------| -| 2500–2505 | 200G each | RPC (alltra etc.) | Low (critical RPC); move only if needed. | +| 2420, 2430, 2440, 2460, 2470, 2480 | 200G each | Edge/private RPC (Alltra/HYBX lanes) | Low (critical RPC); move only if needed. | | 2101 | 200G | Core RPC | **Do not move** (deploy/admin). | | 1000, 1001, 1002 | 100G each | Validators | **Do not move** (consensus). | | 1500, 1501, 1502 | 100G each | Sentries | Prefer stay; move only if necessary. | @@ -45,7 +45,7 @@ Goal: Reduce r630-01 **data** pool usage (currently ~65.8%, 280G pool) so it sta - **Pros:** thin5 is empty (237G); can move one or two large CTs (e.g. 200G each). - **Cons:** Node migration (IP may change unless static); service dependency and DNS/load balancer updates. -- **Best for:** One or two 200G RPC CTs (e.g. 2503, 2504, 2505) if you need to free a lot of data in one go. +- **Best for:** One or two 200G edge/private RPC CTs (for example from the `2420/2430/2440/2460/2470/2480` set) if you need to free a lot of data in one go. --- @@ -92,7 +92,7 @@ Suggested order: 10232, 10233, 10120, 10100, 10101, 10235, 10236, 7804, then 864 **Goal:** Free ~200G on r630-01 data by migrating one 200G CT to r630-02 and placing it on thin5. -**Candidates:** 2503, 2504, or 2505 (non–core RPC; confirm which can be moved without breaking dependencies). +**Candidates:** one of `2420/2430/2440/2460/2470/2480` (non-core/private RPC; confirm which can be moved without breaking dependencies). **Steps:** @@ -134,7 +134,7 @@ Suggested order: 10232, 10233, 10120, 10100, 10101, 10235, 10236, 7804, then 864 ## 7. Reference -- **r630-01 data:** 280G, 72% used; LVs: 1000, 1001, 1002, 1500–1502, 2101, 2500–2505, 10100, 10101, 10120, 10130, 10150, 10151, 10232, 10233, 10235, 10236, 7804, 8640, 8642. +- **r630-01 data:** 280G, 72% used at the time of this plan; the listed LV set included the then-current RPC edge fleet. Reconcile against current `pvesm` / `lvs` output before acting. - **r630-01 thin1:** 208G, 43.5% used; ~118G free. - **r630-02 thin5:** 237G, 0% used (empty). - Storage docs: `STORAGE_RECOMMENDATIONS_BY_FILL_RATE.md`, `PHYSICAL_DRIVES_AND_CONFIG.md`. diff --git a/docs/04-configuration/NGINX_CONFIGURATIONS_VMIDS_2400-2508.md b/docs/04-configuration/NGINX_CONFIGURATIONS_VMIDS_2400-2508.md index c7220093..b18a2a83 100644 --- a/docs/04-configuration/NGINX_CONFIGURATIONS_VMIDS_2400-2508.md +++ b/docs/04-configuration/NGINX_CONFIGURATIONS_VMIDS_2400-2508.md @@ -1,5 +1,8 @@ # Nginx Configurations for RPC Nodes +> Historical note: +> This document bridges old and new RPC VMIDs and intentionally preserves legacy `2500`-series references. Treat it as migration/reference material. Current live routing should be checked against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, the active NPM scripts, and current nginx/NPM configuration. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NGINX_PROXY_MANAGER_COMPLETE_SETUP.md b/docs/04-configuration/NGINX_PROXY_MANAGER_COMPLETE_SETUP.md index d698ced5..a0415d50 100644 --- a/docs/04-configuration/NGINX_PROXY_MANAGER_COMPLETE_SETUP.md +++ b/docs/04-configuration/NGINX_PROXY_MANAGER_COMPLETE_SETUP.md @@ -1,5 +1,7 @@ # Nginx Proxy Manager Complete Setup Guide +> Modern note: This guide preserves the general NPMplus workflow, but its original admin URL and several RPC upstream examples were from the older `250x` layout. Current operator access is typically `https://192.168.11.167:81` on LAN, and current RPC mappings are documented in `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -8,7 +10,7 @@ **Date**: 2026-01-09 **Status**: Complete Setup Instructions -**NPM URL**: `http://192.168.11.26:81` +**NPM URL**: `https://192.168.11.167:81` --- @@ -114,10 +116,10 @@ The script will: | Domain | Target | Port | WebSocket | Notes | |--------|--------|------|-----------|-------| | `explorer.d-bis.org` | `192.168.11.140` | 80 | No | Blockscout | -| `rpc-http-pub.d-bis.org` | `192.168.11.252` | 443 | ✅ Yes | HTTPS target | -| `rpc-ws-pub.d-bis.org` | `192.168.11.252` | 443 | ✅ Yes | HTTPS target | -| `rpc-http-prv.d-bis.org` | `192.168.11.251` | 443 | ✅ Yes | HTTPS target | -| `rpc-ws-prv.d-bis.org` | `192.168.11.251` | 443 | ✅ Yes | HTTPS target | +| `rpc-http-pub.d-bis.org` | `192.168.11.221` | 443 | ✅ Yes | Public HTTPS RPC target | +| `rpc-ws-pub.d-bis.org` | `192.168.11.221` | 443 | ✅ Yes | Public HTTPS/WSS RPC target | +| `rpc-http-prv.d-bis.org` | `192.168.11.211` | 443 | ✅ Yes | Core/private HTTPS RPC target | +| `rpc-ws-prv.d-bis.org` | `192.168.11.211` | 443 | ✅ Yes | Core/private HTTPS/WSS RPC target | | `dbis-admin.d-bis.org` | `192.168.11.130` | 80 | No | | | `dbis-api.d-bis.org` | `192.168.11.155` | 3000 | No | | | `dbis-api-2.d-bis.org` | `192.168.11.156` | 3000 | No | | @@ -136,7 +138,7 @@ The script will: | Domain | Target | Port | WebSocket | |--------|--------|------|-----------| -| `rpc.public-0138.defi-oracle.io` | `192.168.11.252` | 443 | ✅ Yes | +| `rpc.public-0138.defi-oracle.io` | `192.168.11.221` | 443 | ✅ Yes | **Total: 19 domains** diff --git a/docs/04-configuration/NGINX_PROXY_MANAGER_SSL_CONFIGURATION.md b/docs/04-configuration/NGINX_PROXY_MANAGER_SSL_CONFIGURATION.md index 6944fd73..129087a7 100644 --- a/docs/04-configuration/NGINX_PROXY_MANAGER_SSL_CONFIGURATION.md +++ b/docs/04-configuration/NGINX_PROXY_MANAGER_SSL_CONFIGURATION.md @@ -1,5 +1,7 @@ # Nginx Proxy Manager SSL Configuration Guide +> Modern note: The certificate workflow here is still valid, but the original NPM URL and several RPC backend examples came from the older `250x` mapping. Current operator access is `https://192.168.11.167:81`, and live RPC backends are in `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -8,7 +10,7 @@ **Date**: 2026-01-09 **Status**: Configuration Script Created -**NPM URL**: `http://192.168.11.26:81` +**NPM URL**: `https://192.168.11.167:81` --- @@ -121,10 +123,10 @@ For each domain, follow these steps: | Domain | Target | Port | SSL | Notes | |--------|--------|------|-----|-------| | `explorer.d-bis.org` | `192.168.11.140` | 80 | Let's Encrypt | Blockscout | -| `rpc-http-pub.d-bis.org` | `192.168.11.252` | 443 | Let's Encrypt | WebSocket ✅ | -| `rpc-ws-pub.d-bis.org` | `192.168.11.252` | 443 | Let's Encrypt | WebSocket ✅ | -| `rpc-http-prv.d-bis.org` | `192.168.11.251` | 443 | Let's Encrypt | WebSocket ✅ | -| `rpc-ws-prv.d-bis.org` | `192.168.11.251` | 443 | Let's Encrypt | WebSocket ✅ | +| `rpc-http-pub.d-bis.org` | `192.168.11.221` | 443 | Let's Encrypt | WebSocket ✅ | +| `rpc-ws-pub.d-bis.org` | `192.168.11.221` | 443 | Let's Encrypt | WebSocket ✅ | +| `rpc-http-prv.d-bis.org` | `192.168.11.211` | 443 | Let's Encrypt | WebSocket ✅ | +| `rpc-ws-prv.d-bis.org` | `192.168.11.211` | 443 | Let's Encrypt | WebSocket ✅ | | `dbis-admin.d-bis.org` | `192.168.11.130` | 80 | Let's Encrypt | | | `dbis-api.d-bis.org` | `192.168.11.155` | 3000 | Let's Encrypt | | | `dbis-api-2.d-bis.org` | `192.168.11.156` | 3000 | Let's Encrypt | | @@ -143,7 +145,7 @@ For each domain, follow these steps: | Domain | Target | Port | SSL | |--------|--------|------|-----| -| `rpc.public-0138.defi-oracle.io` | `192.168.11.252` | 443 | Let's Encrypt | +| `rpc.public-0138.defi-oracle.io` | `192.168.11.221` | 443 | Let's Encrypt | --- diff --git a/docs/04-configuration/NGINX_SSL_COMPLETE_SOLUTION.md b/docs/04-configuration/NGINX_SSL_COMPLETE_SOLUTION.md index c64b541c..d929533f 100644 --- a/docs/04-configuration/NGINX_SSL_COMPLETE_SOLUTION.md +++ b/docs/04-configuration/NGINX_SSL_COMPLETE_SOLUTION.md @@ -1,5 +1,7 @@ # Nginx SSL Configuration - Complete Solution Guide +> Historical note: This guide records a specific manual-remediation path from the earlier NPM/RPC migration period. The general SSL workflow is still useful, but the original admin URL and RPC upstream examples were from the retired `250x` layout. For live values, use `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` and the current NPMplus scripts. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -8,7 +10,7 @@ **Date**: 2026-01-09 **Status**: Ready for Manual Configuration -**NPM URL**: `http://192.168.11.26:81` +**NPM URL**: `https://192.168.11.167:81` **Credentials**: `nsatoshi2007@hotmail.com` / `L@ker$2010` --- @@ -51,10 +53,10 @@ Follow the detailed guide: `NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md` #### d-bis.org (9 domains) - `explorer.d-bis.org` → `http://192.168.11.140:80` -- `rpc-http-pub.d-bis.org` → `https://192.168.11.252:443` (WebSocket ✅) -- `rpc-ws-pub.d-bis.org` → `https://192.168.11.252:443` (WebSocket ✅) -- `rpc-http-prv.d-bis.org` → `https://192.168.11.251:443` (WebSocket ✅) -- `rpc-ws-prv.d-bis.org` → `https://192.168.11.251:443` (WebSocket ✅) +- `rpc-http-pub.d-bis.org` → `https://192.168.11.221:443` (WebSocket ✅) +- `rpc-ws-pub.d-bis.org` → `https://192.168.11.221:443` (WebSocket ✅) +- `rpc-http-prv.d-bis.org` → `https://192.168.11.211:443` (WebSocket ✅) +- `rpc-ws-prv.d-bis.org` → `https://192.168.11.211:443` (WebSocket ✅) - `dbis-admin.d-bis.org` → `http://192.168.11.130:80` - `dbis-api.d-bis.org` → `http://192.168.11.155:3000` - `dbis-api-2.d-bis.org` → `http://192.168.11.156:3000` @@ -67,7 +69,7 @@ Follow the detailed guide: `NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md` - `training.mim4u.org` → `http://192.168.11.19:80` #### defi-oracle.io (1 domain) -- `rpc.public-0138.defi-oracle.io` → `https://192.168.11.252:443` (WebSocket ✅) +- `rpc.public-0138.defi-oracle.io` → `https://192.168.11.221:443` (WebSocket ✅) ### Step 3: For Each Domain diff --git a/docs/04-configuration/NGINX_SSL_CONFIGURATION_STATUS.md b/docs/04-configuration/NGINX_SSL_CONFIGURATION_STATUS.md index bc98c436..9ff4f32b 100644 --- a/docs/04-configuration/NGINX_SSL_CONFIGURATION_STATUS.md +++ b/docs/04-configuration/NGINX_SSL_CONFIGURATION_STATUS.md @@ -1,5 +1,8 @@ # Nginx SSL Configuration - Status Report +> Historical note: +> This report reflects an earlier SSL/routing stage and includes legacy RPC upstream IPs. It remains useful as a troubleshooting record, but not as a current endpoint map. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_CHECKLIST.md b/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_CHECKLIST.md index e6b4ad10..1af2f335 100644 --- a/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_CHECKLIST.md +++ b/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_CHECKLIST.md @@ -1,5 +1,8 @@ # Nginx SSL Manual Configuration Checklist +> Historical note: +> This checklist was written during the earlier NPM/RPC SSL migration and still contains pre-cutover endpoint references. Keep for operator history; do not treat it as the current routing checklist. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md b/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md index 17ed8a9e..4338dde0 100644 --- a/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md +++ b/docs/04-configuration/NGINX_SSL_MANUAL_CONFIGURATION_GUIDE.md @@ -1,5 +1,7 @@ # Nginx SSL Manual Configuration - Step-by-Step Guide +> Historical note: This manual walkthrough preserves the older NPM UI flow and originally used pre-standardization RPC backends. Keep it for UI guidance, but use current values from `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` when creating or repairing hosts. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -7,7 +9,7 @@ --- **Date**: 2026-01-09 -**NPM URL**: `http://192.168.11.26:81` +**NPM URL**: `https://192.168.11.167:81` **Credentials**: `nsatoshi2007@hotmail.com` / `L@ker$2010` --- @@ -81,10 +83,10 @@ Fill in: | Domain | Details | Forward To | Port | WebSocket | |--------|---------|------------|------|-----------| | `explorer.d-bis.org` | Scheme: http | `192.168.11.140` | 80 | No | -| `rpc-http-pub.d-bis.org` | Scheme: https | `192.168.11.252` | 443 | ✅ Yes | -| `rpc-ws-pub.d-bis.org` | Scheme: https | `192.168.11.252` | 443 | ✅ Yes | -| `rpc-http-prv.d-bis.org` | Scheme: https | `192.168.11.251` | 443 | ✅ Yes | -| `rpc-ws-prv.d-bis.org` | Scheme: https | `192.168.11.251` | 443 | ✅ Yes | +| `rpc-http-pub.d-bis.org` | Scheme: https | `192.168.11.221` | 443 | ✅ Yes | +| `rpc-ws-pub.d-bis.org` | Scheme: https | `192.168.11.221` | 443 | ✅ Yes | +| `rpc-http-prv.d-bis.org` | Scheme: https | `192.168.11.211` | 443 | ✅ Yes | +| `rpc-ws-prv.d-bis.org` | Scheme: https | `192.168.11.211` | 443 | ✅ Yes | | `dbis-admin.d-bis.org` | Scheme: http | `192.168.11.130` | 80 | No | | `dbis-api.d-bis.org` | Scheme: http | `192.168.11.155` | 3000 | No | | `dbis-api-2.d-bis.org` | Scheme: http | `192.168.11.156` | 3000 | No | @@ -103,7 +105,7 @@ Fill in: | Domain | Details | Forward To | Port | WebSocket | |--------|---------|------------|------|-----------| -| `rpc.public-0138.defi-oracle.io` | Scheme: https | `192.168.11.252` | 443 | ✅ Yes | +| `rpc.public-0138.defi-oracle.io` | Scheme: https | `192.168.11.221` | 443 | ✅ Yes | --- diff --git a/docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md b/docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md index c0eee371..4741818b 100644 --- a/docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md +++ b/docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md @@ -1,5 +1,7 @@ # NPMplus for Alltra and HYBX — Master Plan +> Historical note: This master plan captures an earlier Alltra/HYBX edge strategy and preserves then-current backend assumptions. Keep it as planning history. For live backends and current proxy targets, verify against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and the current NPMplus scripts. + **Last Updated:** 2026-02-06 **Document Version:** 1.0 **Status:** Active Documentation @@ -25,9 +27,11 @@ Alltra + HYBX Backends (Sentry, RPC, Cacti, Firefly, Fabric, Indy) ``` **Traffic paths:** -- **Primary (Option B):** Internet → Cloudflare DNS (CNAME to tunnel) → cloudflared connector → NPMplus 192.168.11.169:443 → Alltra/HYBX **and Nathan's rpc-core-2** backends +- **Primary (Option B):** Internet → Cloudflare DNS (proxied `CNAME` to tunnel) → cloudflared connector → NPMplus 192.168.11.169:443 → Alltra/HYBX **and Nathan's rpc-core-2** backends - **Direct/Management:** Internet or LAN → 76.53.10.38:80/81/443 → NPMplus 192.168.11.169 +**Operational note (2026-04-01):** Public Alltra/HYBX service names were migrated to the Cloudflare tunnel path after the designated direct edge on `76.53.10.42:80` introduced an HTTP redirect that broke ACME `HTTP-01` for selected RPC hosts. Treat the tunnel `CNAME` path as canonical for public access; keep the direct edge only as management or fallback. + **Note:** This is the **third** of four NPMplus instances (one per public IP .36–.39). See [NPMPLUS_FOUR_INSTANCES_MASTER.md](NPMPLUS_FOUR_INSTANCES_MASTER.md). --- @@ -77,7 +81,7 @@ See [TUNNEL_ALLTRA_HYBX_INSTALL.md](cloudflare/TUNNEL_ALLTRA_HYBX_INSTALL.md) fo - **New tunnel:** Create `alltra-hybx-npmplus` in Cloudflare Zero Trust - **Tunnel URL:** `https://192.168.11.169:443` (No TLS Verify) -- **DNS:** CNAME Alltra/HYBX hostnames → `.cfargotunnel.com` (Proxied) +- **DNS:** CNAME Alltra/HYBX hostnames → `.cfargotunnel.com` (Proxied). The helper script `scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` now replaces legacy direct `A` records automatically. --- @@ -100,12 +104,14 @@ See [TUNNEL_ALLTRA_HYBX_INSTALL.md](cloudflare/TUNNEL_ALLTRA_HYBX_INSTALL.md) fo | `rpc-hybx.*` | 192.168.11.246:8545 (and .247, .248) | 8545 | | `cacti-alltra.*` | 192.168.11.177:80 | 80 | | `cacti-hybx.*` | 192.168.11.251:80 | 80 | -| `firefly-alltra-1.d-bis.org`, `firefly-alltra-2.d-bis.org` | 192.168.11.175, .176 | 80 (script adds; add tunnel route + DNS) | -| `firefly-hybx-1.d-bis.org`, `firefly-hybx-2.d-bis.org` | 192.168.11.249, .250 | 80 | -| `fabric-alltra.d-bis.org`, `indy-alltra.d-bis.org` | 192.168.11.178, .179 | 80 (adjust in NPM if different) | -| `fabric-hybx.d-bis.org`, `indy-hybx.d-bis.org` | 192.168.11.252, .253 | 80 | +| `firefly-alltra-1.d-bis.org`, `firefly-alltra-2.d-bis.org` | 192.168.11.175, .176 | 80 placeholder only; opt in after the real web listener is deployed | +| `firefly-hybx-1.d-bis.org`, `firefly-hybx-2.d-bis.org` | 192.168.11.249, .250 | 80 placeholder only | +| `fabric-alltra.d-bis.org`, `indy-alltra.d-bis.org` | 192.168.11.178, .179 | 80 placeholder only; use the actual web port if not 80 | +| `fabric-hybx.d-bis.org`, `indy-hybx.d-bis.org` | 192.168.11.252, .253 | 80 placeholder only | -SSL: Use Let's Encrypt (DNS Challenge + Cloudflare credentials). +SSL: Public TLS is expected to terminate at Cloudflare when the hostname is on the tunnel path. NPMplus origin cert state is not a public blocker in that mode because the tunnel origin is configured with `noTLSVerify`. For direct-access fallback or browser access to the origin, use Let's Encrypt (prefer DNS Challenge + Cloudflare credentials). + +Operational note (2026-04-05): the repo helpers now publish only the active RPC and Cacti hostnames by default. Firefly / Fabric / Indy names are skipped unless the operator explicitly sets `INCLUDE_PLACEHOLDER_HOSTS=1` for NPMplus and `INCLUDE_PLACEHOLDER_HOSTNAMES=1` for the Cloudflare tunnel helper after verifying that the backing HTTP service is truly live. --- diff --git a/docs/04-configuration/NPMPLUS_BACKEND_SERVICES_RESOLUTION.md b/docs/04-configuration/NPMPLUS_BACKEND_SERVICES_RESOLUTION.md index 399af639..f963e850 100644 --- a/docs/04-configuration/NPMPLUS_BACKEND_SERVICES_RESOLUTION.md +++ b/docs/04-configuration/NPMPLUS_BACKEND_SERVICES_RESOLUTION.md @@ -1,5 +1,7 @@ # NPMplus Backend Services Resolution +> Historical note: This document describes an earlier NPMplus/backend routing investigation during the RPC migration period. It preserves then-current backend assumptions for troubleshooting history. For live upstream mappings, use the current NPMplus scripts plus `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_BACKUP_RESTORE.md b/docs/04-configuration/NPMPLUS_BACKUP_RESTORE.md index 47ed55b4..b825fac6 100644 --- a/docs/04-configuration/NPMPLUS_BACKUP_RESTORE.md +++ b/docs/04-configuration/NPMPLUS_BACKUP_RESTORE.md @@ -441,10 +441,13 @@ ssh root@192.168.11.11 "pct exec 10233 -- cp /data/database.sqlite /data/databas **Create cron job for daily backups**: ```bash -# Add to crontab (crontab -e) -0 2 * * * /home/intlc/projects/proxmox/scripts/verify/backup-npmplus.sh >> /var/log/npmplus-backup.log 2>&1 +# From a persistent checkout on the target host +cd /srv/proxmox +CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-npmplus-backup-cron.sh --install ``` +Do not install cron from a transient host path. + ### Backup Retention Policy - **Daily backups**: Keep 7 days diff --git a/docs/04-configuration/NPMPLUS_CONNECTIVITY_TEST_RESULTS.md b/docs/04-configuration/NPMPLUS_CONNECTIVITY_TEST_RESULTS.md index 02a63b90..745ff366 100644 --- a/docs/04-configuration/NPMPLUS_CONNECTIVITY_TEST_RESULTS.md +++ b/docs/04-configuration/NPMPLUS_CONNECTIVITY_TEST_RESULTS.md @@ -1,5 +1,7 @@ # NPMplus Connectivity Test Results +> Historical note: These test results document an earlier NPMplus connectivity checkpoint during RPC renumbering. They are useful as evidence, but not as the live backend map. Use current NPMplus scripts and `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` for operational targeting. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_HA_SETUP_GUIDE.md b/docs/04-configuration/NPMPLUS_HA_SETUP_GUIDE.md index ff7c4edf..b8fc79b8 100644 --- a/docs/04-configuration/NPMPLUS_HA_SETUP_GUIDE.md +++ b/docs/04-configuration/NPMPLUS_HA_SETUP_GUIDE.md @@ -291,15 +291,15 @@ chmod +x scripts/npmplus/sync-certificates.sh #### Step 2.2: Set Up Automated Certificate Sync -**Cron Job** (runs every 5 minutes): +**Cron Job** (runs every 5 minutes, from a persistent checkout on `r630-01`): ```bash # On primary Proxmox host (r630-01) -crontab -e - -# Add: -*/5 * * * * /home/intlc/projects/proxmox/scripts/npmplus/sync-certificates.sh >> /var/log/npmplus-cert-sync.log 2>&1 +cd /srv/proxmox +REMOTE_PROJECT_ROOT=/srv/proxmox bash scripts/npmplus/automate-phase2-cert-sync.sh ``` +Do not install this cron from a transient host path. + --- ### Phase 3: Set Up Keepalived for Virtual IP @@ -698,9 +698,10 @@ if [ "$PRIMARY_STATUS" != "active" ] && [ "$SECONDARY_STATUS" != "active" ]; the fi ``` -**Cron Job**: +**Cron Job** (from a persistent checkout on `r630-01`): ```bash -*/5 * * * * /home/intlc/projects/proxmox/scripts/npmplus/monitor-ha-status.sh >> /var/log/npmplus-ha-monitor.log 2>&1 +cd /srv/proxmox +REMOTE_PROJECT_ROOT=/srv/proxmox bash scripts/npmplus/automate-phase5-monitoring.sh ``` --- diff --git a/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE.md b/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE.md index d64d4cae..1cfd140e 100644 --- a/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE.md +++ b/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE.md @@ -1,5 +1,7 @@ # NPMplus Migration - Complete Status +> Historical note: This document records a migration completion milestone and intentionally preserves then-current mappings, certificate gaps, and upstream assumptions. Read it as migration history. For current NPMplus topology and backends, use the active scripts plus `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE_STATUS.md b/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE_STATUS.md index e9cd075b..c01c62c8 100644 --- a/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE_STATUS.md +++ b/docs/04-configuration/NPMPLUS_MIGRATION_COMPLETE_STATUS.md @@ -1,5 +1,8 @@ # NPMplus Migration - Complete Status +> Historical note: +> This file captures migration-time status, including transitional backend mappings. It is not the current routing authority. Use it as historical context only. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_MIGRATION_GUIDE.md b/docs/04-configuration/NPMPLUS_MIGRATION_GUIDE.md index aaab3efe..7c977f0b 100644 --- a/docs/04-configuration/NPMPLUS_MIGRATION_GUIDE.md +++ b/docs/04-configuration/NPMPLUS_MIGRATION_GUIDE.md @@ -1,5 +1,8 @@ # NPMplus Migration Guide +> Historical note: +> This guide describes the earlier NPMplus migration phase and may reference pre-cutover RPC backends. It is preserved for operator history. For current backend targets and live host mappings, prefer `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and the current `scripts/nginx-proxy-manager/*` helpers. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_PROXY_HOSTS_SNAPSHOT_2026-03.md b/docs/04-configuration/NPMPLUS_PROXY_HOSTS_SNAPSHOT_2026-03.md index 2c9a6fe7..ae78f9a2 100644 --- a/docs/04-configuration/NPMPLUS_PROXY_HOSTS_SNAPSHOT_2026-03.md +++ b/docs/04-configuration/NPMPLUS_PROXY_HOSTS_SNAPSHOT_2026-03.md @@ -1,5 +1,8 @@ # NPMplus Proxy Hosts — Snapshot (March 2026) +> Historical note: +> This is a time-stamped snapshot of the NPMplus UI. It intentionally preserves what the proxy layer looked like in March 2026, including legacy labels and transitional VMID references. + **Source:** NPMplus UI (main instance, VMID 10233). **Snapshot date:** 2026-03-02. **Purpose:** Reference of current proxy destinations and their VMID/service mapping. diff --git a/docs/04-configuration/NPMPLUS_SCRIPTS_UPDATE_COMPLETE.md b/docs/04-configuration/NPMPLUS_SCRIPTS_UPDATE_COMPLETE.md index 4192dd51..0580f5ff 100644 --- a/docs/04-configuration/NPMPLUS_SCRIPTS_UPDATE_COMPLETE.md +++ b/docs/04-configuration/NPMPLUS_SCRIPTS_UPDATE_COMPLETE.md @@ -1,5 +1,8 @@ # NPMplus Scripts Update - Complete Summary +> Historical note: +> This is a migration-era completion summary. It preserves the then-current understanding of old and planned VMIDs, which no longer reflects the live estate. Use only for audit trail and chronology. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_SCRIPT_EXECUTION_STATUS.md b/docs/04-configuration/NPMPLUS_SCRIPT_EXECUTION_STATUS.md index f8728aab..4726a4fe 100644 --- a/docs/04-configuration/NPMPLUS_SCRIPT_EXECUTION_STATUS.md +++ b/docs/04-configuration/NPMPLUS_SCRIPT_EXECUTION_STATUS.md @@ -1,5 +1,7 @@ # NPMplus Script Execution Status +> Historical note: This status page records a migration checkpoint from the earlier RPC renumbering work. It intentionally preserves references to transitional `250x`/early `230x` assumptions. Use current NPMplus runbooks and `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` for live targets. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_SERVICE_MAPPING_COMPLETE.md b/docs/04-configuration/NPMPLUS_SERVICE_MAPPING_COMPLETE.md index 573b8e71..138cb260 100644 --- a/docs/04-configuration/NPMPLUS_SERVICE_MAPPING_COMPLETE.md +++ b/docs/04-configuration/NPMPLUS_SERVICE_MAPPING_COMPLETE.md @@ -1,6 +1,6 @@ # NPMplus Service Mapping - Complete Reference -**Last Updated:** 2026-01-31 +**Last Updated:** 2026-04-04 **Document Version:** 1.0 **Status:** Active Documentation @@ -25,7 +25,6 @@ NPMplus (VMID 10233 on r630-01) acts as the reverse proxy for all public-facing | 100 | 192.168.11.32 | proxmox-mail-gateway | Email gateway | 25, 587, 465 | | 101 | 192.168.11.33 | proxmox-datacenter-manager | Datacenter management | 8006 | | 102 | 192.168.11.34 | cloudflared | Cloudflare tunnel | Various | -| 103 | 192.168.11.30 | omada | Omada controller | 8043 | | 104 | 192.168.11.31 | gitea | Git repository | 80, 443 | | 105 | 192.168.11.26 | nginxproxymanager | Legacy NPM | 80, 81, 443 | | 106 | 192.168.11.110 | redis-rpc-translator | Redis | 6379 | @@ -34,6 +33,8 @@ NPMplus (VMID 10233 on r630-01) acts as the reverse proxy for all public-facing | 130 | 192.168.11.27 | monitoring-1 | Monitoring | 80, 443 | | **10233** | **192.168.11.166** | **npmplus** | **NPMplus Reverse Proxy** | **80, 81, 443** | +**Retired:** VMID 103 (Omada) was removed on 2026-04-04. `192.168.11.30` is spare and should not appear in active NPMplus routes. + --- ## NPMplus Configuration (Current Correct Settings) diff --git a/docs/04-configuration/NPMPLUS_VERIFY_RUNNING_AND_NETWORK.md b/docs/04-configuration/NPMPLUS_VERIFY_RUNNING_AND_NETWORK.md index 56882e47..e89d8db8 100644 --- a/docs/04-configuration/NPMPLUS_VERIFY_RUNNING_AND_NETWORK.md +++ b/docs/04-configuration/NPMPLUS_VERIFY_RUNNING_AND_NETWORK.md @@ -55,7 +55,11 @@ The script checks: ssh root@192.168.11.11 'bash -s' < scripts/npmplus/fix-npmplus-ip-and-gateway.sh ``` -This sets eth0 to 192.168.11.167/24, gateway 192.168.11.1, and starts the container. +This restores the correct gateway `192.168.11.1` and preserves the documented dual-address layout when present: +- `eth0 = 192.168.11.166/24` +- `eth1 = 192.168.11.167/24` with the default gateway + +If the container only has a single interface, it falls back to `eth0 = 192.168.11.167/24, gw = 192.168.11.1`. **Or start only:** @@ -80,9 +84,9 @@ pct start 10233 Example for **two interfaces** (.166 and .167) if your setup uses both: ```bash -# Set eth0 to .166, add eth1 with .167 (exact syntax depends on Proxmox version and current config) -pct set 10233 -net0 name=eth0,bridge=vmbr0,ip=192.168.11.166/24,gw=192.168.11.1 -# Add net1 if needed for .167 +# Keep .166 on eth0, put the default gateway only on eth1 / .167 +pct set 10233 -net0 name=eth0,bridge=vmbr0,ip=192.168.11.166/24 +pct set 10233 -net1 name=eth1,bridge=vmbr0,ip=192.168.11.167/24,gw=192.168.11.1 pct stop 10233 pct start 10233 ``` diff --git a/docs/04-configuration/NPMPLUS_VMID_CHANGES_REVIEW.md b/docs/04-configuration/NPMPLUS_VMID_CHANGES_REVIEW.md index d57f2c4c..6ef75c9b 100644 --- a/docs/04-configuration/NPMPLUS_VMID_CHANGES_REVIEW.md +++ b/docs/04-configuration/NPMPLUS_VMID_CHANGES_REVIEW.md @@ -1,5 +1,8 @@ # NPMplus VMID Changes Review - Current vs Planned +> Historical note: +> This review compares old and planned VMID mappings during the migration window. The migration has since moved on. Use current inventory docs for live placement and routing. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_VMID_MAPPING_CHANGES_REVIEW.md b/docs/04-configuration/NPMPLUS_VMID_MAPPING_CHANGES_REVIEW.md index 8716a35a..a329cd4c 100644 --- a/docs/04-configuration/NPMPLUS_VMID_MAPPING_CHANGES_REVIEW.md +++ b/docs/04-configuration/NPMPLUS_VMID_MAPPING_CHANGES_REVIEW.md @@ -1,5 +1,7 @@ # NPMplus VMID Mapping Changes - Review Document +> Historical note: This review captures pre-change mapping analysis from the RPC migration window. It intentionally includes old and proposed VMID mappings. Keep it as planning history, not as live configuration guidance. For current values, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/NPMPLUS_VMID_SERVICE_MAPPING.md b/docs/04-configuration/NPMPLUS_VMID_SERVICE_MAPPING.md index b50d1f37..60c51141 100644 --- a/docs/04-configuration/NPMPLUS_VMID_SERVICE_MAPPING.md +++ b/docs/04-configuration/NPMPLUS_VMID_SERVICE_MAPPING.md @@ -1,5 +1,7 @@ # NPMplus Backend Services - VMID Service Mapping +> Historical note: This mapping sheet captures an early migration checkpoint and is no longer the live NPMplus service inventory. Keep it as migration history only. For current VMID/IP/backend targets, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, and the active NPMplus scripts. + **Last Updated:** 2025-01-20 **Status:** ✅ **COMPLETE** - All scripts updated, Besu node files deployed, ready for migration @@ -16,9 +18,9 @@ | 10150 | 192.168.11.155 | 3000 | dbis-api-primary | 192.168.11.11 | ⚠️ Stopped (Config Missing) | | 10151 | 192.168.11.156 | 3000 | dbis-api-secondary | 192.168.11.11 | ⚠️ Stopped (Config Missing) | | 7811 | 192.168.11.36 | 80 | mim-api-1 | 192.168.11.12 | ✅ Active | -| 2101 | 192.168.11.211 | 443 | besu-rpc-core-1 | 192.168.11.10 | ⏳ Pending Creation | -| 2201 | 192.168.11.221 | 443 | besu-rpc-public-1 | 192.168.11.10 | ⏳ Pending Creation | -| 2301 | 192.168.11.232 | 443 | besu-rpc-private-1 | 192.168.11.10 | ⏳ Pending Creation | +| 2101 | 192.168.11.211 | 443 | besu-rpc-core-1 | active host per `ALL_VMIDS_ENDPOINTS.md` | Historical row; now live | +| 2201 | 192.168.11.221 | 443 | besu-rpc-public-1 | active host per `ALL_VMIDS_ENDPOINTS.md` | Historical row; now live | +| 2301 | 192.168.11.232 | 443 | besu-rpc-private-1 | active host per `ALL_VMIDS_ENDPOINTS.md` | Historical row; now live | --- @@ -31,7 +33,6 @@ | 2500 | besu-rpc-1 | 2101 | 192.168.11.211 | besu-rpc-core-1 | 2025-01-20 | | 2501 | besu-rpc-2 | 2201 | 192.168.11.221 | besu-rpc-public-1 | 2025-01-20 | | 2502 | besu-rpc-3 | 2301 | 192.168.11.232 | besu-rpc-private-1 | 2025-01-20 | -| - | - | 2302 | 192.168.11.232 | besu-rpc-private-2 | 2025-01-20 (New) | --- diff --git a/docs/04-configuration/PHYSICAL_DRIVES_AND_CONFIG.md b/docs/04-configuration/PHYSICAL_DRIVES_AND_CONFIG.md index 0028ad8a..487e9a48 100644 --- a/docs/04-configuration/PHYSICAL_DRIVES_AND_CONFIG.md +++ b/docs/04-configuration/PHYSICAL_DRIVES_AND_CONFIG.md @@ -1,6 +1,8 @@ -# Physical Drives and Current Configurations — All Three Proxmox Hosts +# Physical Drives and Current Configurations — Proxmox Hosts -**Last updated:** 2026-02-28 +> Modern note: This hardware/storage inventory is still useful, but host workload examples can lag behind live CT placement. Use the storage descriptions here together with current VM placement from `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` before making migration or capacity decisions. + +**Last updated:** 2026-04-03 --- @@ -32,7 +34,7 @@ **RAID:** **md0** = RAID10, 6× 233G SSDs → **~698G** usable. State: **active**, 6/6 devices [UUUUUU]. -**LVM on md0:** VG **pve** (single PV `/dev/md0`). Thin pools: **pve-thin1** 208G, **pve-data** 280G. Hosts CTs for validators, RPC 2101, 2500–2505, 1000–1002, 1500–1502, 7800–7804, 10130, 10150–10151, 10200–10236, 3000–3501, 100–105, 130, etc. +**LVM on md0:** VG **pve** (single PV `/dev/md0`). Thin pools: **pve-thin1** 208G, **pve-data** 280G. This host has carried validators, core RPC `2101`, and the edge/private RPC lanes across multiple generations. Verify the current CT set with `pct list` or `ALL_VMIDS_ENDPOINTS.md` instead of relying on the historical `2500–2505` example. **Summary:** 2× 559G SSDs (ZFS root) + 6× 233G SSDs (RAID10 → LVM data/thin1). All drives in use. @@ -57,6 +59,34 @@ --- +## r630-03 (192.168.11.13) + +| Device | Size | Model / notes | Configuration | +|--------|--------|---------------|---------------| +| **sda** | 558.9G | AL14SEB060NY | sda3 → VG **pve** (swap, root ext4, **data** thin pool). | +| **sdb** | 558.9G | HUC109060CSS600 | PV in VG **pve**; extends **data** thin pool (~1 TiB total with sda). | +| **sdc–sdh** | 232.9G each | Samsung 850/860 EVO 250G | Whole-disk PV → VG **thin1**–**thin6** + thin pools; Proxmox **`thin1-r630-03`** … **`thin6-r630-03`** (~226 GiB each). | + +**RAID:** None on data SSDs. + +**Summary:** 2× ~559G in **pve** for OS + thin **data**/**local-lvm**; six SSDs as **per-disk LVM thin** (same idea as r630-02). Idempotent provision: `scripts/proxmox/provision-r630-03-six-ssd-thinpools.sh`. + +--- + +## r630-04 (192.168.11.14) + +| Device | Size | Model / notes | Configuration | +|--------|--------|---------------|---------------| +| **sda** | 279.4G | ST9300653SS | sda3 → VG **pve** (swap, root, **data** thin pool leg). | +| **sdb** | 279.4G | HUC106030CSS600 | PV in VG **pve**; **data** thin ~467 GiB. | +| **sdc–sdf** | 232.9G each | Crucial MX500 | Ceph bluestore OSDs (one VG per disk). | + +**RAID:** None. + +**Summary:** **pve** for Proxmox + guest thin storage; four SSDs for Ceph. + +--- + ## Quick reference | Host | Physical drives | Layout | Unused / notes | @@ -64,6 +94,8 @@ | ml110 | 2× 1TB HDD | sda: OS+LVM data; sdb: LVM PV only | **sdb** — 931G not in any VG | | r630-01 | 2× 559G + 6× 233G SSD | ZFS root + RAID10 md0 → LVM | All in use | | r630-02 | 2× 233G + 6× 233G SSD | ZFS root + 6× single-disk LVM (thin1–thin6) | All in use | +| r630-03 | 2× 559G + 6× 233G SSD | **pve** thin **data** ~1 TiB + **thin1-r630-03**…**thin6-r630-03** on sdc–sdh | All data SSDs in use | +| r630-04 | 2× 279G + 4× 233G SSD | LVM **pve** + Ceph OSDs on 233G disks | Ceph + **pve** in use | To re-check: `ssh root@ 'lsblk -o NAME,SIZE,TYPE,FSTYPE,MODEL,SERIAL; echo; pvs; vgs'` diff --git a/docs/04-configuration/PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md b/docs/04-configuration/PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md index 3d3e0de3..23fcd5bf 100644 --- a/docs/04-configuration/PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md +++ b/docs/04-configuration/PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md @@ -8,14 +8,13 @@ The repo documents **r630-03** (192.168.11.13) and **r630-04** (192.168.11.14): -- **Status:** Powered off; **not currently in the Proxmox cluster** (only ml110, r630-01, r630-02 are active). +- **Status (verified 2026-04-02):** Both nodes are **in the Proxmox cluster** (`h`, five members with quorum) and **online**. They host **no** LXCs or VMs (empty spares). **Shared storage:** `data` / `local-lvm` include **r630-03** and **r630-04** (`nodes ml110,r630-01,r630-03,r630-04`); **r630-03** ~1 TiB thin pool (**sda+sdb**) plus **thin1-r630-03**…**thin6-r630-03** on six SSDs; **r630-04** ~467 GiB thin + Ceph OSDs on four SSDs. **Apt:** both spares used **no-subscription** `proxmox.sources` + `ceph.sources` with **enterprise** disabled after **401** on `enterprise.proxmox.com`; then `full-upgrade` to match the rest of the cluster (**pve-manager 9.1.7**, kernel **6.17.13-2-pve**). Optional headless refresh: `scripts/proxmox/pve-spare-host-optional-tuneup.sh`. Workload remains on **ml110**, **r630-01**, and **r630-02**. **r630-04** FQDN: `r630-04.sankofa.nexus`. **SSH host key:** [scripts/verify/refresh-proxmox-host-key-r630-04.sh](../../scripts/verify/refresh-proxmox-host-key-r630-04.sh). - **Hardware (per report):** Dell R630, 512 GB RAM each, 2×600 GB boot, 6×250 GB SSD. -- **Issues when last used:** Not in cluster, SSL/certificate issues, and others — all with documented fixes. +- **Older issues:** Historical power-on / SSL notes: [reports/R630_03_04_POWER_ON_ISSUES_AND_FIXES.md](../../reports/R630_03_04_POWER_ON_ISSUES_AND_FIXES.md). -**If these servers are still available and you are willing to power them on and fix them:** +**If these servers are still available and you are willing to use them for capacity:** -- **Add them to the cluster first** (power on → fix SSL/join cluster per [reports/R630_03_04_POWER_ON_ISSUES_AND_FIXES.md](../../reports/R630_03_04_POWER_ON_ISSUES_AND_FIXES.md)). -- Then you have **four** Proxmox nodes (ml110 + r630-01, -02, -03, -04) or **three R630s + ml110**. Migration can then spread workload to r630-03 and r630-04 as well, instead of only to r630-02 and ml110. +- They are **already joined**; use **live migration** or **restore** to place guests on **r630-03** / **r630-04** when you want to drain **r630-01** or **ml110** (see [PROXMOX_LOAD_BALANCING_RUNBOOK.md](PROXMOX_LOAD_BALANCING_RUNBOOK.md)). - That gives more headroom and better HA (see below) **without** buying new hardware. **If r630-03/04 are decommissioned or unavailable:** Treat this as “add new R630(s)” below. diff --git a/docs/04-configuration/PROXMOX_LOAD_BALANCING_RUNBOOK.md b/docs/04-configuration/PROXMOX_LOAD_BALANCING_RUNBOOK.md index 5cdd0f07..b74b959e 100644 --- a/docs/04-configuration/PROXMOX_LOAD_BALANCING_RUNBOOK.md +++ b/docs/04-configuration/PROXMOX_LOAD_BALANCING_RUNBOOK.md @@ -4,17 +4,21 @@ **Before you start:** If you are considering adding a **third or fourth R630** to the cluster first, see [PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md](PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md) — including whether you already have r630-03/r630-04 (powered off) to bring online. +**Spare nodes (storage ready):** **r630-03** (`192.168.11.13`) and **r630-04** (`192.168.11.14`) are in the cluster with **`data` / `local-lvm`** active (shared `/etc/pve/storage.cfg` lists `ml110,r630-01,r630-03,r630-04`). For **r630-03**, you can also place CT disks on **`thin1-r630-03`** … **`thin6-r630-03`** (~226 GiB pools, one per SSD). For **r630-04**, use **`data`/`local-lvm`** (Ceph OSD disks are separate). Scripts: `scripts/proxmox/ensure-r630-spare-node-storage.sh`, `scripts/proxmox/provision-r630-03-six-ssd-thinpools.sh`, optional `scripts/proxmox/pve-spare-host-optional-tuneup.sh`. + **Current imbalance (typical):** | Node | IP | LXC count | Load (1/5/15) | Notes | |----------|---------------|-----------|------------------|--------------| -| r630-01 | 192.168.11.11 | 58 | 56 / 81 / 92 | Heavily loaded | +| r630-01 | 192.168.11.11 | 58 | 56 / 81 / 92 | Historical sample only; re-check live load before acting | | r630-02 | 192.168.11.12 | 23 | ~4 / 4 / 4 | Light | | ml110 | 192.168.11.10 | 18 | ~7 / 7 / 9 | **Repurposing to OPNsense/pfSense** — migrate workloads off to r630-01/r630-02 | +| r630-03 | 192.168.11.13 | 0 (spare) | low | **Migration target** — ~1 TiB **data**/**local-lvm** + **thin1-r630-03**…**thin6-r630-03** | +| r630-04 | 192.168.11.14 | 0 (spare) | low | **Migration target** — ~467 GiB thin + Ceph OSDs | **Ways to balance:** -1. **Cross-host migration (r630-01 → r630-02)** — Moves workload off r630-01. IP stays the same if the container uses a static IP; only the Proxmox host changes. (ml110 is no longer a migration target; migrate containers *off* ml110 first.) +1. **Cross-host migration (e.g. r630-01 → r630-02, r630-03, or r630-04)** — Moves workload off r630-01. IP stays the same if the container uses a static IP; only the Proxmox host changes. (ml110 is no longer a migration target; migrate containers *off* ml110 first.) 2. **Same-host storage migration (r630-01 data → thin1)** — Frees space on the `data` pool and can improve I/O; does not reduce CPU/load by much. See [MIGRATION_PLAN_R630_01_DATA.md](MIGRATION_PLAN_R630_01_DATA.md). --- @@ -80,10 +84,10 @@ Containers that **reduce load** and are **safe to move** (no critical chain/cons - **10233** — npmplus (main NPMplus; 76.53.10.36 → .167) - **2101** — besu-rpc-core-1 (core RPC for deploy/admin) -- **2500–2505** — RPC alltra/hybx (critical RPCs) +- **2420/2430/2440/2460/2470/2480** — edge/private RPC lanes (critical; migrate only deliberately) - **1000–1002, 1500–1502** — validators and sentries (consensus) - **10130, 10150, 10151** — dbis-frontend, dbis-api (core apps; move only with a plan) -- **100, 101, 102, 103, 104, 105** — mail, datacenter, cloudflared, omada, gitea (infra) +- **100, 101, 102, 104, 105** — mail, datacenter, cloudflared, gitea (infra); ~~103 Omada~~ retired 2026-04-04 --- @@ -98,6 +102,120 @@ After all workloads are off ml110, remove ml110 from the cluster (or reinstall t --- +## 4b. Prepare r630-03 for migrations from r630-01 (mail, TsunamiSwap, 57xx AI, Studio) + +**Goal:** Move selected LXCs off **r630-01** onto **r630-03** (`192.168.11.13`) to reduce load. Use **cluster online migration** with explicit target storage **`local-lvm`** (each node has its own `pve` VG + `data` thin pool; disks are copied to r630-03). + +**Verified batch (source r630-01, static IPs on `vmbr0` / gw `192.168.11.1`):** + +| VMID | Hostname | RAM (MiB) | Cores | rootfs (source) | Size (config) | Notes | +|------|----------|-----------|-------|-----------------|---------------|--------| +| 100 | proxmox-mail-gateway | 4096 | 2 | **thin1** (r630-01 only) | 10G | Must use `--storage local-lvm` (not thin1 on target). | +| 5010 | tsunamiswap | 16384 | 8 | local-lvm | 160G | Largest disk; migrate when window allows. | +| 5702 | ai-inf-1 | 16384 | 4 | local-lvm | 30G | | +| 5705 | ai-inf-2 | 16384 | 4 | local-lvm | 30G | | +| 7805 | sankofa-studio | 8192 | 4 | local-lvm | 60G | `studio.sankofa.nexus` — NPM unchanged if IP stays `.72`. | + +**Rough total new allocation on r630-03:** ~290G thin + ~60G RAM cap (not all resident at once). **r630-03** had **~1 TiB free** on `data` / `local-lvm` and **~503 GiB** host RAM (check live: `pvesm status`, `free -h` on `.13`). + +**Preparation checklist** + +1. **Cluster:** `pvecm status` on r630-01 and r630-03 — same cluster, **Quorate: Yes**. `local-lvm` in `/etc/pve/storage.cfg` must list **r630-03** (and source node). +2. **Network:** Target node has **vmbr0** on the same LAN/VLAN as r630-01 (static CT IPs unchanged). +3. **Backups:** Take **vzdump** (or ZFS snapshot policy) for each VMID before migrating. +4. **Order (suggested):** smaller disks first, **5010** last: `100` → `5702` → `5705` → `7805` → `5010`. Alternatively do **5010** in a maintenance window first if you want the biggest copy done when load is lowest. + +**Migrate (from any node that can run `pct`, typically r630-01):** + +```bash +# Replace NODE with r630-01 if you SSH there first. +# Always set target storage so thin1-only CT 100 lands on r630-03's pool. + +ssh root@192.168.11.11 "pct migrate 100 r630-03 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 5702 r630-03 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 5705 r630-03 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 7805 r630-03 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 5010 r630-03 --storage local-lvm --restart" +``` + +If a migrate fails (lock, storage), stop the CT (`pct stop `), retry with `--restart`, or use offline backup/restore per [MIGRATE_CT_R630_01_TO_R630_02.md](../03-deployment/MIGRATE_CT_R630_01_TO_R630_02.md) adapted for target **r630-03** and storage **local-lvm**. + +**Afterward:** Update docs that still say these VMIDs live on r630-01 (`pct list -a | grep `). Optional: `bash scripts/proxmox/ensure-r630-spare-node-storage.sh --node r630-03` (dry-run) if you change storage layout. + +**Helper (prints the same plan):** `bash scripts/proxmox/print-migrate-r630-01-to-r630-03-plan.sh` + +--- + +## 4c. First-wave offload from r630-01 to r630-04 (Order / vault / portal support workloads) + +**Goal:** Reduce **r630-01** skew and free pressure on **`/var/lib/vz` / `thin1`** by moving a low-risk first wave onto **r630-04** (`192.168.11.14`), which is a spare node with **active `data` + `local-lvm`** and essentially **0% thin usage**. + +**Validated target readiness (live checks):** + +- `r630-04` is **quorate** in the same five-node cluster (`pvecm status`). +- `vmbr0` is up on **`192.168.11.14/24`**. +- `pvesm status` shows **`data`** and **`local-lvm`** both **active**. +- `lvs pve/data` shows **~466.7G** thin capacity with **~0% Data%** and **~1% Meta%**. +- `bash scripts/proxmox/ensure-r630-spare-node-storage.sh --node r630-04` reports **`local-lvm` active** and no corrective action needed. + +**Recommended first wave (ordered):** + +| VMID | Hostname | RAM | rootfs | Why this batch | +|------|----------|-----|--------|----------------| +| 10201 | `order-grafana` | 2G | `thin1:20G` | Very light support service; good first canary | +| 10210 | `order-haproxy` | 2G | `thin1:20G` | Small edge for Order surface; easy to validate | +| 7804 | `gov-portals-dev` | 2G | `thin1:20G` | Small app workload; static IP on `vmbr0` | +| 10020 | `order-redis` | 4G | `thin1:50G` | Light in current sample; frees `thin1` space | +| 10230 | `order-vault` | 2G | `thin1:50G` | Small support workload | +| 10092 | `order-mcp-legal` | 4G | `thin1:50G` | Small support workload | +| 8640 | `vault-phoenix-1` | 4G | `thin1:50G` | Light current usage; frees `thin1` | +| 8642 | `vault-phoenix-3` | 4G | `local-lvm:50G` | Similar profile; keep after a few easy wins | +| 10091 | `order-portal-internal` | 4G | `thin1:50G` | Low CPU and RAM in live sample | +| 10090 | `order-portal-public` | 4G | `thin1:50G` | Low CPU and RAM in live sample | +| 10070 | `order-legal` | 4G | `thin1:50G` | Low current pressure | +| 10200 | `order-prometheus` | 4G | `thin1:100G` | Still reasonable, but leave last due to larger disk | + +**Suggested batching:** + +1. **Canary batch:** `10201`, `10210`, `7804` +2. **Small support batch:** `10020`, `10230`, `10092` +3. **Portal / vault batch:** `8640`, `8642`, `10091`, `10090`, `10070` +4. **Last in wave:** `10200` + +**Migrate (one at a time or by the batches above):** + +```bash +ssh root@192.168.11.11 "pct migrate 10201 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10210 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 7804 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10020 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10230 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10092 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 8640 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 8642 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10091 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10090 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10070 r630-04 --storage local-lvm --restart" +ssh root@192.168.11.11 "pct migrate 10200 r630-04 --storage local-lvm --restart" +``` + +**Preflight before the first command** + +1. `bash scripts/verify/poll-lxc-cluster-health.sh` +2. `bash scripts/proxmox/ensure-r630-spare-node-storage.sh --node r630-04` +3. `ssh root@192.168.11.14 "pvecm status; pvesm status | egrep '^(data|local-lvm|local)'" ` +4. Take `vzdump` or snapshot coverage for the chosen batch if you want rollback points + +**Post-check after each batch** + +1. `ssh root@192.168.11.11 "pct list" | egrep '^(VMID|10201|10210|7804|10020|10230|10092|8640|8642|10091|10090|10070|10200)\b'` +2. `ssh root@192.168.11.14 "pct list" | egrep '^(VMID|10201|10210|7804|10020|10230|10092|8640|8642|10091|10090|10070|10200)\b'` +3. Re-run `bash scripts/verify/poll-lxc-cluster-health.sh` and confirm `r630-01` skew / `vz` pressure trend down + +**Helper (prints the same plan):** `bash scripts/proxmox/print-migrate-r630-01-to-r630-04-first-wave.sh` + +--- + ## 5. After migration - **IP:** Containers keep the same IP if they use static IP in the CT config; no change needed for NPM/DNS if they point by IP. @@ -106,11 +224,51 @@ After all workloads are off ml110, remove ml110 from the cluster (or reinstall t --- -## 6. Quick reference +## 6. Special-case CTs + +### Blockscout 5000 + +`5000` (`blockscout-1`) cannot use the normal `pvesh ... /migrate` flow because it has a host-local bind mount: + +```text +mp1: /var/lib/vz/logs-vmid5000,mp=/var/log-remote +``` + +Live `pvesh create /nodes//lxc/5000/migrate ...` aborts with: + +```text +cannot migrate local bind mount point 'mp1' +``` + +Use the dedicated stop-and-restore helper instead: + +```bash +bash scripts/proxmox/migrate-blockscout-5000-to-r630-04.sh --dry-run +PROXMOX_OPS_APPLY=1 bash scripts/proxmox/migrate-blockscout-5000-to-r630-04.sh --apply +``` + +The helper does four things in order: + +1. Seed and final-sync `/var/lib/vz/logs-vmid5000` to `r630-04` +2. Stop CT `5000` +3. Create and copy a `vzdump` archive, then `pct restore` it to `local-lvm` on `r630-04` +4. Re-apply `mp1` on the target and start the CT + +The bind-mounted log tree is intentionally kept as a host path on the target: + +```text +/var/lib/vz/logs-vmid5000 +``` + +--- + +## 7. Quick reference | Goal | Command / doc | |------|----------------| | Check current load | `bash scripts/check-all-proxmox-hosts.sh` | | Migrate one CT (r630-01 → r630-02) | `./scripts/maintenance/migrate-ct-r630-01-to-r630-02.sh thin1 [--destroy-source]` | +| Plan r630-01 → r630-03 (100, 5010, 57xx, 7805) | `bash scripts/proxmox/print-migrate-r630-01-to-r630-03-plan.sh` — see §4b | +| Move Blockscout 5000 (bind mount) | `bash scripts/proxmox/migrate-blockscout-5000-to-r630-04.sh --dry-run` | | Same-host (data → thin1) | [MIGRATION_PLAN_R630_01_DATA.md](MIGRATION_PLAN_R630_01_DATA.md), `migrate-ct-r630-01-data-to-thin1.sh` | | Full migration doc | [MIGRATE_CT_R630_01_TO_R630_02.md](../03-deployment/MIGRATE_CT_R630_01_TO_R630_02.md) | diff --git a/docs/04-configuration/PR_ADDITIONS_VALIDATION_REPORT.md b/docs/04-configuration/PR_ADDITIONS_VALIDATION_REPORT.md index 7dc26a7b..c4eb84f7 100644 --- a/docs/04-configuration/PR_ADDITIONS_VALIDATION_REPORT.md +++ b/docs/04-configuration/PR_ADDITIONS_VALIDATION_REPORT.md @@ -39,6 +39,8 @@ cd /home/intlc/projects/token-lists && npm install && npx ajv validate -s src/to ## 2. Chainlist (eip155-138.json) — ethereum-lists/chains +**Upstream:** Merged [chains#8124](https://github.com/ethereum-lists/chains/pull/8124) / [cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80). This repo’s [pr-ready/eip155-138.json](pr-ready/eip155-138.json) tracks [upstream `master`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json). + ### Schema requirements (chainSchema.json) | Field | Required | Our value | Status | @@ -47,23 +49,18 @@ cd /home/intlc/projects/token-lists && npm install && npx ajv validate -s src/to | **shortName** | ✅ | "dfio-meta-main" — pattern `^[A-Za-z0-9-_]{1,64}$` | ✅ | | **chain** | ✅ | "dfiometa" | ✅ | | **chainId** | ✅ | 138 | ✅ | -| **networkId** | ✅ | 1 | ⚠️ Verify | -| **rpc** | ✅ | array of strings | ✅ | +| **networkId** | ✅ | 138 | ✅ | +| **rpc** | ✅ | public HTTPS + WSS (d-bis.org + defi-oracle.io mirrors) | ✅ | | **faucets** | ✅ | [] | ✅ | | **infoURL** | ✅ | "https://d-bis.org" | ✅ | | **nativeCurrency** | ✅ | { name, symbol, decimals } | ✅ | -| **icon** | ❌ | "defioraclemeta" | ⚠️ Requires icon file | +| **features** | optional | EIP155, EIP1559, EIP2718, EIP2930 | ✅ | +| **icon** | ❌ | (omitted upstream) | ✅ | -### Issues to fix +### Follow-up PRs only -1. **networkId** — Currently `1`. Most EVM mainnets use `networkId === chainId`. Chain 138 may use networkId 138; verify from chain config. If wrong, change to `138`. -2. **icon** — Using `"icon": "defioraclemeta"` requires `_data/icons/defioraclemeta.json` to exist. Format: - ```json - [{"url":"ipfs://Qm...","width":1000,"height":1628,"format":"png"}] - ``` - The URL must be IPFS and retrievable via `ipfs get`. **Option:** Remove `icon` field to avoid needing the icon file (some chains omit it). -3. **explorers[].icon** — We don't use explorer icon; OK. -4. **Prettier** — Run `npx prettier --write _data/chains/eip155-138.json` before PR. +1. **Prettier** — Run `npx prettier --write _data/chains/eip155-138.json` before any new PR to ethereum-lists/chains. +2. **Icon** — If adding `"icon"`, supply matching `_data/icons/.json` per upstream rules. ### Validation command diff --git a/docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md b/docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md new file mode 100644 index 00000000..386379a7 --- /dev/null +++ b/docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md @@ -0,0 +1,108 @@ +# Public surface 502 and DNS remediation matrix + +**Last updated:** 2026-04-02 +**Purpose:** One operator-facing place to classify current public `502` surfaces and unresolved public hostnames, distinguish real outages from placeholders, and point to the exact repo script or runbook that fixes each one. + +## Current public review + +Public E2E was rerun on **2026-04-02** with: + +```bash +bash scripts/verify/verify-end-to-end-routing.sh --profile=public +``` + +Latest evidence: + +- `docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/verification_report.md` +- `docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/all_e2e_results.json` + +Observed public `502` hostnames on 2026-04-02: + +- `dbis-admin.d-bis.org` +- `core.d-bis.org` +- `cacti-hybx.d-bis.org` +- `studio.sankofa.nexus` +- `dbis-api.d-bis.org` +- `keycloak.sankofa.nexus` +- `data.d-bis.org` +- `admin.d-bis.org` +- `dbis-api-2.d-bis.org` +- `secure.d-bis.org` +- `cacti-alltra.d-bis.org` + +Observed unresolved public hostnames from this workspace on **2026-04-02**: + +- `info.defi-oracle.io` +- `www.info.defi-oracle.io` + +## Status classes + +| Class | Meaning | Action | +|------|---------|--------| +| `public_502_backend` | The hostname is intended to be live now and its upstream should answer. | Repair backend, refresh ingress, rerun public E2E. | +| `placeholder_surface` | The hostname exists in docs or ingress but the real app/API is not yet deployed. | Keep optional in E2E until the real service is deployed. | +| `planned_api_surface` | The hostname is a documented future API but is not yet backed by a real implementation. | Deploy the API or remove it from expected-live inventory. | +| `dns_missing` | The service has a deployment path, but public DNS is not published. | Publish DNS and edge routing before treating it as live. | + +## Operator workflow + +1. Generate the latest remediation report: + +```bash +bash scripts/verify/generate-public-surface-remediation-plan.sh --print +``` + +2. Use the machine-readable map when you need the exact scripts or commands for a host: + +```bash +cat config/public-surface-remediation-map.json +``` + +3. After remediation, rerun public E2E: + +```bash +bash scripts/verify/verify-end-to-end-routing.sh --profile=public +``` + +## Current fix families + +### Live backends that should be recovered now + +- `admin.d-bis.org`, `dbis-admin.d-bis.org`, `secure.d-bis.org` + Use `scripts/maintenance/address-all-remaining-502s.sh`, then `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh`. +- `studio.sankofa.nexus` + Use `scripts/deployment/run-sankofa-studio-e2e.sh`, plus the Studio NPMplus and DNS helpers. +- `keycloak.sankofa.nexus` + Use `scripts/deployment/enable-sankofa-portal-login-7801.sh`, `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh`, then refresh the NPMplus rows. +- `cacti-alltra.d-bis.org`, `cacti-hybx.d-bis.org` + Recover the upstream Cacti CTs, then run `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh`. + +### Surfaces that are still placeholders and should stay optional until deployment + +- `core.d-bis.org` + Deploy the real `dbis_core` frontend, then repoint the hostname. +- `dbis-api.d-bis.org`, `dbis-api-2.d-bis.org` + Deploy the real `dbis_core` API and stop counting directory listings or placeholder pages as healthy. +- `data.d-bis.org` + Deploy the documented public data API behind `/v1/health` before treating it as a live surface. +- `firefly-alltra-1.d-bis.org`, `firefly-alltra-2.d-bis.org`, `firefly-hybx-1.d-bis.org`, `firefly-hybx-2.d-bis.org`, `fabric-alltra.d-bis.org`, `indy-alltra.d-bis.org`, `fabric-hybx.d-bis.org`, `indy-hybx.d-bis.org` + Treat these as placeholders until the actual HTTP listener exists. The current helper scripts now skip them by default; only opt in with `INCLUDE_PLACEHOLDER_HOSTS=1` and `INCLUDE_PLACEHOLDER_HOSTNAMES=1` once the real service is deployed and listening on the intended port. + +### Public DNS that still needs publication + +- `info.defi-oracle.io`, `www.info.defi-oracle.io` + **Origin:** dedicated nginx LXC **VMID 2410** (`IP_INFO_DEFI_ORACLE_WEB`, default `192.168.11.218`). Public HTML still shows a placeholder when Cloudflare proxied DNS does not reach that upstream (check CF **DNS** target vs NPM public edge). + Use: + - `scripts/deployment/provision-info-defi-oracle-web-lxc.sh` (once) + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` (each release) + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` (NPM → `.218:80`) + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` (DNS: tunnel or public IP) + - `scripts/update-vmid2400-tunnel-config.sh` only if `info` hostnames are intentionally carried on the **RPC** tunnel stack + - If **`https://…/token-aggregation/api/v1/networks`** returns **502** or **HTML** instead of JSON: confirm nginx on **2410** includes `location /token-aggregation/` (see `config/nginx/info-defi-oracle-io.site.conf`), Blockscout **`IP_BLOCKSCOUT`** reachable from the CT, then `pnpm run verify:info-defi-oracle-public`. + +## Related files + +- `config/public-surface-remediation-map.json` +- `scripts/verify/generate-public-surface-remediation-plan.sh` +- `docs/04-configuration/E2E_ENDPOINTS_LIST.md` +- `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` diff --git a/docs/04-configuration/README.md b/docs/04-configuration/README.md index 34753235..9a9319d5 100644 --- a/docs/04-configuration/README.md +++ b/docs/04-configuration/README.md @@ -10,12 +10,14 @@ This directory contains setup and configuration guides. **Master documentation (source of truth for URLs/VMIDs):** [MASTER_DOCUMENTATION_INDEX.md](../00-meta/MASTER_DOCUMENTATION_INDEX.md) — Use [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md) and [RPC_ENDPOINTS_MASTER.md](RPC_ENDPOINTS_MASTER.md) as the Bible when fixing placeholders or domain → VMID:port; only explorer.d-bis.org → 192.168.11.140. +**Current GRU V2 docs:** [GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md), [GRU_V2_IPFS_METADATA_RUNBOOK.md](GRU_V2_IPFS_METADATA_RUNBOOK.md), [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md), and [THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md](THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md) + ## Documents - **[MCP_SETUP.md](MCP_SETUP.md)** ⭐⭐ - MCP Server configuration for Claude Desktop - **[WORMHOLE_AI_RESOURCES_LLM_PLAYBOOK.md](WORMHOLE_AI_RESOURCES_LLM_PLAYBOOK.md)** — Wormhole AI doc bundles: URLs, tier ladder, Chain 138 vs Wormhole boundary, mirror script, MCP - **[WORMHOLE_AI_RESOURCES_RAG.md](WORMHOLE_AI_RESOURCES_RAG.md)** — RAG / chunking strategy for `llms-full.jsonl` (category-first) -- **[naming-conventions/](naming-conventions/)** — UTRNF / GRU / Chain 138 symbol and registry naming reference (`01_UTRNF_REFERENCE.md`) +- **[naming-conventions/](naming-conventions/)** — UTRNF / GRU / Chain 138 symbol and registry naming (`01`–`04`, schema + examples; `scripts/validation/validate-naming-convention-registry-examples.sh` with `check-jsonschema`) - **[ENV_STANDARDIZATION.md](ENV_STANDARDIZATION.md)** ⭐⭐ - Environment variable standardization - **[CREDENTIALS_CONFIGURED.md](CREDENTIALS_CONFIGURED.md)** ⭐ - Credentials configuration guide - **[SECRETS_KEYS_CONFIGURATION.md](SECRETS_KEYS_CONFIGURATION.md)** ⭐⭐ - Secrets and keys management @@ -29,11 +31,14 @@ This directory contains setup and configuration guides. - **[NPMPLUS_UI_APIERROR_400_RUNBOOK.md](NPMPLUS_UI_APIERROR_400_RUNBOOK.md)** - NPMplus UI ApiError 400 on dashboard load: find failing request, test API with curl, logs, fixes - **[E2E_DNS_FROM_LAN_RUNBOOK.md](E2E_DNS_FROM_LAN_RUNBOOK.md)** - Run E2E domain sweep from LAN when public DNS is unavailable: /etc/hosts option, DNS path, or bastion - **[E2E_ENDPOINTS_LIST.md](E2E_ENDPOINTS_LIST.md)** - All E2E verification endpoints (domain, type, URL); list from CLI: `./scripts/verify/verify-end-to-end-routing.sh --list-endpoints --profile=public` +- **[GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md](GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md)** — Gitea as org forge (VMID 104), NPMplus, binary upgrades, `scripts/operator/upgrade-gitea-lxc.sh` +- **[GITEA_IP_CONFLICT_CHECK.md](GITEA_IP_CONFLICT_CHECK.md)** — Gitea IP (.31) vs other VMIDs; `IP_GITEA_INFRA` notes +- **[INFO_DEFI_ORACLE_IO_DEPLOYMENT.md](INFO_DEFI_ORACLE_IO_DEPLOYMENT.md)** - **`info.defi-oracle.io`** Chain 138 hub SPA (incl. `/governance`, `/ecosystem`, `/documentation`, `/solacenet`, `/disclosures`, agents): VMID **2410**, nginx **`/token-aggregation/`** proxy, `sync-info-defi-oracle-to-vmid2400.sh`, NPMplus, Cloudflare DNS (`set-info-defi-oracle-dns-to-vmid2400-tunnel.sh`), `purge-info-defi-oracle-cache.sh`, `pnpm run verify:info-defi-oracle-public`, CI `info-defi-oracle-138.yml` + `verify-info-defi-oracle-public.yml`, optional `pnpm run audit:info-defi-oracle-site` +- **[SOLACENET_PUBLIC_HUB.md](SOLACENET_PUBLIC_HUB.md)** — Public **SolaceNet** page (`/solacenet`) on the info hub plus `dbis_core/docs/solacenet/` markdown map - **[PROXMOX_LOAD_BALANCING_RUNBOOK.md](PROXMOX_LOAD_BALANCING_RUNBOOK.md)** - Balance Proxmox load: migrate containers from r630-01 to r630-02/ml110; candidates, script, cluster vs backup/restore - **[PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md](PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md)** - Add 3rd/4th R630 before migration? r630-03/04 status, HA/Ceph (3–4 nodes), order of operations - **[ER605_ROUTER_CONFIGURATION.md](ER605_ROUTER_CONFIGURATION.md)** ⭐⭐ - ER605 router configuration -- **[OMADA_API_SETUP.md](OMADA_API_SETUP.md)** ⭐⭐ - Omada API integration setup -- **[OMADA_HARDWARE_CONFIGURATION_REVIEW.md](OMADA_HARDWARE_CONFIGURATION_REVIEW.md)** ⭐⭐⭐ - Comprehensive Omada hardware and configuration review +- **Omada (TP-Link) retired (2026-04-04):** VMID 103 removed from Proxmox. Historical docs: [OMADA_API_SETUP.md](OMADA_API_SETUP.md), [OMADA_HARDWARE_CONFIGURATION_REVIEW.md](OMADA_HARDWARE_CONFIGURATION_REVIEW.md). - **[UNIFI_API_SETUP.md](UNIFI_API_SETUP.md)** ⭐⭐ - UniFi Local API integration setup - **[SITE_MANAGER_API_SETUP.md](SITE_MANAGER_API_SETUP.md)** ⭐⭐ - UniFi Site Manager Cloud API integration setup - **[UNIFI_API_COMPARISON.md](UNIFI_API_COMPARISON.md)** ⭐⭐ - Comparison guide for all UniFi API types @@ -52,7 +57,7 @@ This directory contains setup and configuration guides. - **[UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md)** ⭐⭐⭐ - Manual firewall configuration guide (sovereign tenant isolation) - **[cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md](cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md)** ⭐⭐ - Cloudflare Zero Trust integration - **[cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md](cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md)** ⭐⭐⭐ - Mapping Cloudflare DNS to Proxmox LXC containers -- **[cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md](cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md)** ⭐⭐⭐ - DNS configuration for Mail (100), RPC (2502), and Solace (300X) +- **[cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md](cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md)** ⭐⭐⭐ - DNS configuration for Mail, RPC/public surfaces, and Solace-era service records. Some entries are historical; confirm live RPC targets in [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md) and [RPC_ENDPOINTS_MASTER.md](RPC_ENDPOINTS_MASTER.md). - **Fireblocks Web3:** Submodule **[fireblocks-integration/](../fireblocks-integration/)** (Gitea: [d-bis/fireblocks-integration](https://gitea.d-bis.org/d-bis/fireblocks-integration)) — Dedicated RPC (VMID 2301), Console/SDK docs, `.env.example`. In-repo copy: [FIREBLOCKS_WEB3_INTEGRATION.md](FIREBLOCKS_WEB3_INTEGRATION.md) (operator/hosting ref). @@ -60,7 +65,7 @@ This directory contains setup and configuration guides. - **[PRICE_FEED_CHAIN138_METAMASK_AND_WALLETS.md](PRICE_FEED_CHAIN138_METAMASK_AND_WALLETS.md)** ⭐⭐⭐ - **Single reference** for adding Chain 138 USD prices to MetaMask and wallets: CoinGecko, CMC, Consensys outreach, on-chain oracle, Snap workaround. **Explorer tokens and GRU:** -- **[naming-conventions/README.md](naming-conventions/README.md)** — UTRNF token-role grammar, DBIS `c*` / `cW*` vs UTRNF collision matrix, bridge naming, registry JSON fields (Chain 138 + cross-chain). +- **[naming-conventions/README.md](naming-conventions/README.md)** — UTRNF token-role grammar, DBIS `c*` / `cW*` vs UTRNF collision matrix, bridge naming, registry JSON fields (Chain 138 + cross-chain); optional schema + examples validated by `scripts/validation/validate-naming-convention-registry-examples.sh` when `check-jsonschema` is installed. - **[EXPLORER_TOKENS_GRU_POLICY.md](EXPLORER_TOKENS_GRU_POLICY.md)** ⭐⭐ - Policy: all c* tokens on [explorer.d-bis.org/tokens](https://explorer.d-bis.org/tokens) must be registered as GRU; token list and registration steps. - **[C_TO_CW_MAPPER_MAPPING.md](C_TO_CW_MAPPER_MAPPING.md)** ⭐⭐ - c* → cW* mapping for mapper: symbol mapping and per-chain address mapping in `config/token-mapping-multichain.json`. @@ -77,7 +82,7 @@ This directory contains setup and configuration guides. **Decision tree (which VLAN, service, deployment path):** [CONFIGURATION_DECISION_TREE.md](CONFIGURATION_DECISION_TREE.md) (local); canonical version with deployment paths: [../10-best-practices/CONFIGURATION_DECISION_TREE.md](../10-best-practices/CONFIGURATION_DECISION_TREE.md). - **[FIXES_PREPARED.md](FIXES_PREPARED.md)** ⭐⭐⭐ - Single checklist of all fixes (required + optional) with copy-paste commands: UDM Pro Alltra/HYBX port forward, Alltra/HYBX 502 diagnosis, NPMplus certs, Explorer SSL, shellcheck, verification re-run. -- **[FULL_FIXES_PREPARED.md](FULL_FIXES_PREPARED.md)** ⭐⭐⭐ - Consolidated full fixes: validators & block production, stuck tx, Sentries (1503/1504), RPCs (2301, 2402, 2503–2508), UDM Pro, Alltra/HYBX 502, optional (certs, Explorer SSL, shellcheck, verification). Master table + execution order. +- **[FULL_FIXES_PREPARED.md](FULL_FIXES_PREPARED.md)** ⭐⭐⭐ - Historical consolidated fixes snapshot from the migration/remediation window. Useful as execution history, not as the current fleet/task list. **Smart contracts & ISO-20022 / Fin messaging:** - **[SMART_CONTRACTS_ISO20022_FIN_METHODOLOGY.md](SMART_CONTRACTS_ISO20022_FIN_METHODOLOGY.md)** ⭐⭐⭐ - Methodology for smart contracts to accept ISO-20022 and SWIFT Fin messages: canonical format, mapping, validation, and contract interface. @@ -86,10 +91,14 @@ This directory contains setup and configuration guides. - **[GRU_M00_DIAMOND_FACET_MAP.md](GRU_M00_DIAMOND_FACET_MAP.md)** ⭐⭐⭐ - GRU M00 Diamond (ERC-2535) Token Factory: facet map, storage namespaces, governance levels 0–5, canonical symbol grammar (c/a/d, W rules). Whitepaper-ready. - **[GRU_M00_DIAMOND_REVIEW_GAPS_AND_RECOMMENDATIONS.md](GRU_M00_DIAMOND_REVIEW_GAPS_AND_RECOMMENDATIONS.md)** ⭐⭐⭐ - Detailed review: missing components, functional wire-ins, naming alignment (a/d vs ac/vdc/sdc), checklist and recommendations. - **[GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md](GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md)** ⭐⭐⭐ - Concrete standards matrix and phased implementation plan for canonical `c* V2` tokens: x402 readiness, ERC-2612/ERC-3009, wrapper/vault boundaries, GRU M00 facet mapping, migration, and acceptance gates. +- **[GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md)** ⭐⭐⭐ - Live Chain 138 promotion gate for the deployed `cUSDT V2` / `cUSDC V2` assets: registry activation, versioning, `forwardCanonical`, and governance/supervision metadata ABI. +- **[THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md](THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md)** ⭐⭐⭐ - Repo execution policy for Thirdweb `ERC-4337`, `EIP-7702`, sponsorship, and x402 on Chain 138 and Mainnet, backed by a machine-readable matrix and verifier. - **[GRU_STANDARDS_PROFILE.md](GRU_STANDARDS_PROFILE.md)** ⭐⭐⭐ - Machine-readable standards profile for canonical `c* V2`, mirrored `cW*`, x402 capability, governance/policy layers, and the broader ISO-4217-plus asset scope. - **[GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md](GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md)** ⭐⭐⭐ - End-to-end checklist for creating and fully attaching a new FX `c*` currency into GRU, explorer metadata, transport, reserve policy, and routing. +- **[GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md)** ⭐⭐⭐ - Tiered rollout plan for globally important fiat, commodity, and monetary-unit assets that may be deployed as canonical `c*` on Chain 138 and mirrored as `cW*` on destination chains. - **[`../../config/gru-standards-profile.json`](../../config/gru-standards-profile.json)** ⭐⭐⭐ - Machine-readable source of truth for the repo-wide x402, EIP/ERC, transport, and governance standards that apply to GRU monetary assets. - **[`../../config/gru-iso4217-currency-manifest.json`](../../config/gru-iso4217-currency-manifest.json)** ⭐⭐⭐ - Machine-readable canonical manifest for the supported GRU ISO-4217 and commodity currency set, including deployment, transport, and x402 lifecycle state. +- **[`../../config/gru-global-priority-currency-rollout.json`](../../config/gru-global-priority-currency-rollout.json)** ⭐⭐ - Machine-readable rollout queue for the ranked global-priority currency set; use with `scripts/verify/check-gru-global-priority-rollout.sh` before promoting new assets into the live manifest. - **[GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md](GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md)** ⭐⭐⭐ - Storage namespaces, jurisdiction-aware governance review, supervision metadata, and upgrade notice periods (narrative companion to the governance supervision profile). - **[`../../config/gru-governance-supervision-profile.json`](../../config/gru-governance-supervision-profile.json)** ⭐⭐⭐ - Machine-readable governance and supervision profile (roles, required asset metadata, references into standards profile and storage standard). - **[GRU_M00_DIAMOND_DOCS_REVIEW_GAPS_AND_INCONSISTENCIES.md](GRU_M00_DIAMOND_DOCS_REVIEW_GAPS_AND_INCONSISTENCIES.md)** ⭐⭐ - Review of all GRU M00 Diamond docs: missing refs, link consistency, terminology, and follow-up list. @@ -111,6 +120,7 @@ This directory contains setup and configuration guides. **Mainnet liquidity & ramps (priority):** - **[MAINNET_RAMP_USER_FLOWS.md](MAINNET_RAMP_USER_FLOWS.md)** ⭐⭐ - On-ramp (buy on mainnet → bridge to 138) and off-ramp (138→mainnet → sell) user flows. Companion/dApp link target. - **Priority plan:** [MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md](../00-meta/MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md) - Obtain liquid on mainnet (fund LP + relay bridge), then wire off/on-ramps. +- **[BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md](BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md)** — Chain 138 → native BTC via **Changelly** (partner API) or **Atomic Wallet** (user swap); companion config [`config/btc-settlement-pathways.json`](../../config/btc-settlement-pathways.json). **Explorer (explorer.d-bis.org):** - **[EXPLORER_FUNCTIONALITY_REVIEW.md](EXPLORER_FUNCTIONALITY_REVIEW.md)** - Routes, API URLs, contract verification, Snap send HTTPS. diff --git a/docs/04-configuration/RPC_DNS_CONFIGURATION.md b/docs/04-configuration/RPC_DNS_CONFIGURATION.md index c8c76e08..837a4d9f 100644 --- a/docs/04-configuration/RPC_DNS_CONFIGURATION.md +++ b/docs/04-configuration/RPC_DNS_CONFIGURATION.md @@ -1,5 +1,7 @@ # RPC DNS Configuration for d-bis.org and defi-oracle.io +> Modern note: Most of this guide is still structurally correct, but the lower troubleshooting/examples section preserves older `2501/2502` references from the pre-standardization layout. Current live mappings are `2101` for `rpc-http-prv` / `rpc-ws-prv`, `2201` for `rpc-http-pub` / `rpc-ws-pub`, and `2301` for the Fireblocks/private lane. Confirm against `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`. + **Last Updated:** 2025-01-23 **Status:** Active Configuration @@ -248,12 +250,12 @@ curl -X POST http://192.168.11.211:8545 \ The Nginx configuration on each container: -**VMID 2501 (Permissioned RPC):** +**Historical mapping note (formerly VMID 2501, now VMID 2101 for core/private examples):** - Listens on port 443 (HTTPS) - `rpc-http-prv.d-bis.org` → proxies to `127.0.0.1:8545` (JWT auth required) - `rpc-ws-prv.d-bis.org` → proxies to `127.0.0.1:8546` (JWT auth required) -**VMID 2502 (Public RPC):** +**Historical mapping note (formerly VMID 2502, now VMID 2201 for public examples):** - Listens on port 443 (HTTPS) - `rpc-http-pub.d-bis.org` → proxies to `127.0.0.1:8545` (no auth) - `rpc-ws-pub.d-bis.org` → proxies to `127.0.0.1:8546` (no auth) @@ -283,20 +285,20 @@ nslookup rpc-http-pub.d-bis.org ```bash # Check if Nginx is running -ssh root@192.168.11.10 "pct exec 2501 -- systemctl status nginx" +ssh root@192.168.11.11 "pct exec 2101 -- systemctl status nginx" # Check if port 443 is listening -ssh root@192.168.11.10 "pct exec 2501 -- ss -tuln | grep 443" +ssh root@192.168.11.11 "pct exec 2101 -- ss -tuln | grep 443" # Check Nginx configuration -ssh root@192.168.11.10 "pct exec 2501 -- nginx -t" +ssh root@192.168.11.11 "pct exec 2101 -- nginx -t" ``` ### SSL Certificate Issues ```bash # Check SSL certificate -ssh root@192.168.11.10 "pct exec 2501 -- openssl x509 -in /etc/nginx/ssl/rpc.crt -text -noout" +ssh root@192.168.11.11 "pct exec 2101 -- openssl x509 -in /etc/nginx/ssl/rpc.crt -text -noout" # Test SSL connection openssl s_client -connect rpc-http-pub.d-bis.org:443 -servername rpc-http-pub.d-bis.org @@ -311,7 +313,7 @@ curl -X POST http://192.168.11.211:8545 \ -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' # Check Besu service status -ssh root@192.168.11.10 "pct exec 2501 -- systemctl status besu-rpc" +ssh root@192.168.11.11 "pct exec 2101 -- systemctl status besu-rpc" ``` --- diff --git a/docs/04-configuration/RPC_ENDPOINTS_MASTER.md b/docs/04-configuration/RPC_ENDPOINTS_MASTER.md index 7a9536ea..abda863f 100644 --- a/docs/04-configuration/RPC_ENDPOINTS_MASTER.md +++ b/docs/04-configuration/RPC_ENDPOINTS_MASTER.md @@ -1,15 +1,17 @@ # RPC Endpoints Master Reference -**Last Updated:** 2026-02-12 -**Document Version:** 1.3 +> Modern note: This remains the current RPC reference, but some sections intentionally preserve migration mappings from the retired `2500`-series RPC layout. Treat those mapping tables as historical lineage only. The live authoritative inventory is the combination of this document, `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and `config/ip-addresses.conf`. + +**Last Updated:** 2026-04-06 +**Document Version:** 1.4 **Status:** Active Documentation --- **Date**: 2026-01-18 **Status**: ✅ Active -**Last Updated**: 2026-02-05 -**Changelog:** Proxy hosts (sankofa/phoenix/mim4u/explorer) corrected; RPC 405 fix via update-npmplus-proxy-hosts-api.sh (block_exploits false for RPC). Exchange Registry path; Crypto.com OTC API path. +**Last Updated**: 2026-04-06 +**Changelog:** Inventory includes VMID **2103** (Thirdweb admin core); **core tier** = **2101–2103**. Live placement: **2101** and **2103** on **r630-01**, **2102** on **r630-03**. Health script probes **15** LAN RPC HTTP endpoints (`check-chain138-rpc-health.sh`). --- @@ -26,10 +28,13 @@ This is the **authoritative source** for all RPC endpoint configurations. All ot | Standard | Env var | Use | Canonical value | |----------|---------|-----|-----------------| | **138 Core RPC** | `RPC_URL_138` | Admin, deploy, scripts on LAN | `http://192.168.11.211:8545` (VMID 2101, RPC_CORE_1) | -| **138 Public RPC** | `RPC_URL_138_PUBLIC` | Bridge, monitoring, frontend, browser | `http://192.168.11.221:8545` (VMID 2201); public URL: `https://rpc-http-pub.d-bis.org` | +| **138 Public RPC** | `RPC_URL_138_PUBLIC` | Bridge, monitoring, frontend, **MetaMask, any internet-facing client** | **HTTPS FQDN:** `https://rpc-http-pub.d-bis.org` (VMID 2201 via NPM). On LAN only: `http://192.168.11.221:8545` | -- Set in `config/ip-addresses.conf` or `smom-dbis-138/.env`. In smom `.env`, **`RPC_URL`** is an accepted alias for **Core** and is normalized to `RPC_URL_138`. `CHAIN138_RPC_URL` / `CHAIN138_RPC` are derived from `RPC_URL_138`. `WS_URL_138_PUBLIC` is the WebSocket for Public (e.g. `ws://192.168.11.221:8546`). +- **Public / wallet rule:** Do not publish or paste **raw public-node IPs** for end users. Use **FQDN** URLs from [Public Domain Mappings](#public-domain-mappings-npmplus) (e.g. `https://rpc-http-pub.d-bis.org`, `https://rpc.d-bis.org`, `https://rpc.defi-oracle.io`, `https://rpc.public-0138.defi-oracle.io`). WebSocket: `wss://rpc-ws-pub.d-bis.org` (or `wss://wss.defi-oracle.io` per mapping table). +- **MetaMask:** Even with correct chain id and HTTPS RPC, MetaMask treats Chain 138 as a **user-added network** until/unless Consensys ships it as a built-in or curated default. Use `wallet_addEthereumChain` (EIP-3085) from your dapp and canonical FQDN `rpcUrls` so users never paste unknown endpoints. See [MetaMask: risks of unknown networks](https://support.metamask.io/stay-safe/safety-in-web3/the-risks-of-connecting-to-an-unknown-network/). +- Set in `config/ip-addresses.conf` or `smom-dbis-138/.env`. In smom `.env`, **`RPC_URL`** is an accepted alias for **Core** and is normalized to `RPC_URL_138`. `CHAIN138_RPC_URL` / `CHAIN138_RPC` are derived from `RPC_URL_138`. `WS_URL_138_PUBLIC` on LAN: `ws://192.168.11.221:8546`; **internet-facing:** `wss://rpc-ws-pub.d-bis.org`. - **Core RPC (VMID 2101) for deploy:** Use **IP and port**, not FQDN. Set `RPC_URL_138=http://192.168.11.211:8545` in `smom-dbis-138/.env` for contract deployment and gas checks. Do not use `https://rpc-core.d-bis.org` for deployment (avoids DNS/tunnel dependency; direct IP is reliable from LAN). See [TODOS_CONSOLIDATED](../00-meta/TODOS_CONSOLIDATED.md) § First (0b). +- **Thirdweb admin core (VMID 2103) — NPM HTTPS FQDN:** **`https://rpc.tw-core.d-bis.org`** (TLS via NPMplus → `192.168.11.217:8545`). **E2E verified (2026-04-09):** `eth_chainId` `0x8a`, `eth_blockNumber` OK; Foundry `forge script` dry-run against this URL OK. Use for deploy/tooling when DNS and TLS are acceptable; for air-gapped LAN-only automation use `http://192.168.11.217:8545` or set `RPC_THIRDWEB_ADMIN_LAN_ONLY=1` in `thirdweb-core-2103-test/scripts/rpc-url-2103.sh` consumers. WebSocket NPM host: **`wss.tw-core.d-bis.org`** → `wss://wss.tw-core.d-bis.org`. ### Public RPC capability baseline @@ -46,17 +51,18 @@ The public Chain 138 RPC tier is expected to provide the following wallet-grade - `trace_block` - `trace_replayBlockTransactions` -Use [scripts/verify/check-chain138-rpc-health.sh](/home/intlc/projects/proxmox/scripts/verify/check-chain138-rpc-health.sh) for the live health and capability probe. +Use [`scripts/verify/check-chain138-rpc-health.sh`](../../scripts/verify/check-chain138-rpc-health.sh) for the live health and capability probe. -If `eth_maxPriorityFeePerGas` is missing, the first fix path is the public node version on VMID `2201`. Besu `24.7.0+` adds support for that method; use [upgrade-public-rpc-vmid2201.sh](/home/intlc/projects/proxmox/scripts/besu/upgrade-public-rpc-vmid2201.sh) to perform the targeted public-RPC upgrade. +If `eth_maxPriorityFeePerGas` is missing, the first fix path is the public node version on VMID `2201`. Besu `24.7.0+` adds support for that method; use [`upgrade-public-rpc-vmid2201.sh`](../../scripts/besu/upgrade-public-rpc-vmid2201.sh) to perform the targeted public-RPC upgrade. | Variable / use | Canonical value | Notes | |----------------|-----------------|--------| -| **RPC_URL_138** (Core) | `http://192.168.11.211:8545` | **Prefer IP:port for admin/deploy.** Fallback from off-LAN: `https://rpc-core.d-bis.org` | -| **RPC_URL_138_PUBLIC** (Public) | `http://192.168.11.221:8545` or `https://rpc-http-pub.d-bis.org` | Single standard for Chain 138 public; VITE_RPC_URL_138 in frontend | +| **RPC_URL_138** (Core) | `http://192.168.11.211:8545` | **Prefer IP:port for admin/deploy.** Off-LAN read-only fallback (operator): `https://rpc-core.d-bis.org` — still not for deploy | +| **RPC_URL_138_PUBLIC** (Public) | **`https://rpc-http-pub.d-bis.org`** (internet); `http://192.168.11.221:8545` (LAN only) | **Published** configs, frontends, `wallet_addEthereumChain`, and Chainlist entries must use **HTTPS FQDN**, not `192.168.11.221`. `VITE_RPC_URL_138` / browser env: FQDN | | **RPC_URL_138_FIREBLOCKS** (Fireblocks) | `http://192.168.11.232:8545` or `https://rpc-fireblocks.d-bis.org` | Dedicated RPC for Fireblocks Web3 (VMID 2301); `WS_URL_138_FIREBLOCKS`: `wss://ws.rpc-fireblocks.d-bis.org` | | **Ethereum Mainnet** | `https://eth.llamarpc.com` or Infura/Alchemy | `ETHEREUM_MAINNET_RPC` or `RPC_URL_MAINNET` in .env; CCIP relay uses both. Prefer Infura `https://mainnet.infura.io/v3/` to avoid 429. | | **ALL Mainnet (651940)** | `https://mainnet-rpc.alltra.global` | alltra-lifi-settlement, token-lists | +| **WEMIX3.0 mainnet (1111)** | `https://api.wemix.com` | `WEMIX_RPC` or `WEMIX_MAINNET_RPC` in repo `.env`; WebSocket `wss://ws.wemix.com`. Official: [WEMIX public RPC](https://docs.wemix.com/en/quick-start/start-node/use-public-api-server-rpc). On-chain swap to native WEMIX: [wemix.fi/swap](https://wemix.fi/swap). Acquisition from other L1s: [WEMIX_ACQUISITION_TABLED.md](../03-deployment/WEMIX_ACQUISITION_TABLED.md). | ### Obtaining RPC URLs (Infura, Etherscan API, public RPCs) @@ -77,13 +83,17 @@ For **Ethereum mainnet and other public chains**, you can use: --- -## Active RPC Nodes (12/13 Running) +## RPC Inventory (config + live cluster) + +**Core RPC tier (VMIDs 2101–2103):** Besu JSON-RPC/WS on **8545/8546**, same chain id **138**. **2101** (`.211`) is the default **`RPC_URL_138` / `RPC_CORE_1`** for deploy and admin. **2102** (`.212`, **`RPC_CORE_2`**) is the second core peer; **Proxmox host: r630-03** (`192.168.11.13`). **2103** (`.217`, **`RPC_THIRDWEB_ADMIN_CORE`**, hostname `besu-rpc-core-thirdweb`) is the Thirdweb admin/core lane; **Proxmox host: r630-01** (`192.168.11.11`) with NPM FQDNs **`rpc.tw-core.d-bis.org`** / **`wss.tw-core.d-bis.org`** (see `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh`). **2101** and **2103** both run on **r630-01**. | VMID | IP Address | Hostname | HTTP RPC | WebSocket RPC | Status | |------|------------|----------|----------|---------------|--------| | 2101 | 192.168.11.211 | besu-rpc-core-1 | `http://192.168.11.211:8545` | `ws://192.168.11.211:8546` | ✅ Running | +| 2102 | 192.168.11.212 | besu-rpc-core-2 | `http://192.168.11.212:8545` | `ws://192.168.11.212:8546` | ✅ Running | +| 2103 | 192.168.11.217 | besu-rpc-core-thirdweb | `http://192.168.11.217:8545` | `ws://192.168.11.217:8546` | ✅ Running | | **2201** | **192.168.11.221** | besu-rpc-public-1 | `http://192.168.11.221:8545` | `ws://192.168.11.221:8546` | ✅ Running | -| 2301 | 192.168.11.232 | besu-rpc-private-1 | `http://192.168.11.232:8545` | `ws://192.168.11.232:8546` | ✅ Running (Fireblocks) | +| 2301 | 192.168.11.232 | besu-rpc-private-1 | `http://192.168.11.232:8545` | `ws://192.168.11.232:8546` | ✅ Running (Fireblocks lane) | | 2303 | 192.168.11.233 | besu-rpc-ali-0x8a | `http://192.168.11.233:8545` | `ws://192.168.11.233:8546` | ✅ Running | | 2304 | 192.168.11.234 | besu-rpc-ali-0x1 | `http://192.168.11.234:8545` | `ws://192.168.11.234:8546` | ✅ Running | | 2305 | 192.168.11.235 | besu-rpc-luis-0x8a | `http://192.168.11.235:8545` | `ws://192.168.11.235:8546` | ✅ Running | @@ -95,6 +105,8 @@ For **Ethereum mainnet and other public chains**, you can use: | 2402 | 192.168.11.242 | besu-rpc-thirdweb-0x8a-2 | `http://192.168.11.242:8545` | `ws://192.168.11.242:8546` | ✅ Running | | 2403 | 192.168.11.243 | besu-rpc-thirdweb-0x8a-3 | `http://192.168.11.243:8545` | `ws://192.168.11.243:8546` | ✅ Running | +**Health check:** `bash scripts/verify/check-chain138-rpc-health.sh` probes **all 15** LAN HTTP RPC endpoints above (including **2103**; **2103** uses a lower peer threshold than the rest—see script `RPC_ROWS`). Expect head spread within **`RPC_MAX_HEAD_SPREAD`** (default 12) and public capability checks against **`CHAIN138_PUBLIC_RPC_URL`** (default `https://rpc-http-pub.d-bis.org`). + **Fixed Permanent:** VMID 2201 = 192.168.11.221 (besu-rpc-public-1). Do not change. Source: `config/ip-addresses.conf`. --- diff --git a/docs/04-configuration/RPC_JWT_AUTHENTICATION.md b/docs/04-configuration/RPC_JWT_AUTHENTICATION.md index 916401e2..512b58ee 100644 --- a/docs/04-configuration/RPC_JWT_AUTHENTICATION.md +++ b/docs/04-configuration/RPC_JWT_AUTHENTICATION.md @@ -27,8 +27,8 @@ JWT (JSON Web Token) authentication has been configured for the Permissioned RPC | VMID | Type | Domain | Authentication | IP | |------|------|--------|----------------|-----| -| 2501 | Permissioned RPC | `rpc-http-prv.d-bis.org`
`rpc-ws-prv.d-bis.org` | ✅ JWT Required | 192.168.11.251 | -| 2502 | Public RPC | `rpc-http-pub.d-bis.org`
`rpc-ws-pub.d-bis.org` | ❌ No Auth | 192.168.11.252 | +| 2101 | Core/private upstream behind `rpc-http-prv.d-bis.org`
`rpc-ws-prv.d-bis.org` | `rpc-http-prv.d-bis.org`
`rpc-ws-prv.d-bis.org` | ✅ JWT Required at ingress | 192.168.11.211 | +| 2201 | Public RPC upstream behind `rpc-http-pub.d-bis.org`
`rpc-ws-pub.d-bis.org` | `rpc-http-pub.d-bis.org`
`rpc-ws-pub.d-bis.org` | ❌ No Auth | 192.168.11.221 | ### Request Flow with JWT @@ -135,14 +135,14 @@ Tokens expire after the specified number of days. To generate a new token: JWT tokens cannot be revoked individually without changing the secret key. To revoke all tokens: -1. Generate a new JWT secret on VMID 2501: +1. Generate a new JWT secret on the ingress host serving the private RPC path: ```bash - ssh root@192.168.11.10 "pct exec 2501 -- openssl rand -base64 32 > /etc/nginx/jwt_secret" + ssh root@192.168.11.11 "pct exec 2101 -- openssl rand -base64 32 > /etc/nginx/jwt_secret" ``` 2. Restart Nginx: ```bash - ssh root@192.168.11.10 "pct exec 2501 -- systemctl restart nginx" + ssh root@192.168.11.11 "pct exec 2101 -- systemctl restart nginx" ``` 3. Generate new tokens for authorized users @@ -153,7 +153,7 @@ JWT tokens cannot be revoked individually without changing the secret key. To re ### Secret Key Management -- **Location**: `/etc/nginx/jwt_secret` on VMID 2501 +- **Location**: `/etc/nginx/jwt_secret` on the private RPC ingress host (currently VMID `2101`) - **Permissions**: 600 (readable only by root) - **Backup**: Store securely, do not commit to version control @@ -203,15 +203,15 @@ curl -H "Authorization: Bearer YOUR_TOKEN" ... **Error**: `{"error": "Internal server error"}` **Solution**: -- Check JWT secret exists: `pct exec 2501 -- cat /etc/nginx/jwt_secret` -- Check lua-resty-jwt is installed: `pct exec 2501 -- ls /usr/share/lua/5.1/resty/jwt.lua` -- Check Nginx error logs: `pct exec 2501 -- tail -f /var/log/nginx/rpc-http-prv-error.log` +- Check JWT secret exists: `pct exec 2101 -- cat /etc/nginx/jwt_secret` +- Check lua-resty-jwt is installed: `pct exec 2101 -- ls /usr/share/lua/5.1/resty/jwt.lua` +- Check Nginx error logs: `pct exec 2101 -- tail -f /var/log/nginx/rpc-http-prv-error.log` ### Token Validation Fails 1. **Verify secret key matches**: ```bash - # On VMID 2501 + # On VMID 2101 cat /etc/nginx/jwt_secret ``` @@ -278,15 +278,14 @@ curl -H "Authorization: Bearer " https://rpc-http-prv.d-bis.org **Check Secret:** ```bash -ssh root@192.168.11.10 "pct exec 2501 -- cat /etc/nginx/jwt_secret" +ssh root@192.168.11.11 "pct exec 2101 -- cat /etc/nginx/jwt_secret" ``` **View Logs:** ```bash -ssh root@192.168.11.10 "pct exec 2501 -- tail -f /var/log/nginx/rpc-http-prv-access.log" +ssh root@192.168.11.11 "pct exec 2101 -- tail -f /var/log/nginx/rpc-http-prv-access.log" ``` --- **Last Updated**: 2025-12-24 - diff --git a/docs/04-configuration/RPC_JWT_SETUP_COMPLETE.md b/docs/04-configuration/RPC_JWT_SETUP_COMPLETE.md index 0a75bb6b..35984d55 100644 --- a/docs/04-configuration/RPC_JWT_SETUP_COMPLETE.md +++ b/docs/04-configuration/RPC_JWT_SETUP_COMPLETE.md @@ -1,5 +1,8 @@ # JWT Authentication Setup - Complete +> Historical note: +> This document records the original JWT rollout on the legacy private/public RPC ingress path and still references the old `2501` / `2502` layout. For current JWT/private-RPC handling, use `docs/04-configuration/RPC_JWT_AUTHENTICATION.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -356,4 +359,3 @@ ssh root@192.168.11.10 "pct exec 2501 -- journalctl -u jwt-validator -f" **Last Updated**: 2025-12-26 **Status**: ✅ **PRODUCTION READY** - diff --git a/docs/04-configuration/RPC_MIGRATION_COMPLETE_SUMMARY.md b/docs/04-configuration/RPC_MIGRATION_COMPLETE_SUMMARY.md index de04f9ed..e756e7ca 100644 --- a/docs/04-configuration/RPC_MIGRATION_COMPLETE_SUMMARY.md +++ b/docs/04-configuration/RPC_MIGRATION_COMPLETE_SUMMARY.md @@ -1,5 +1,7 @@ # RPC VMID Migration - Complete Summary +> Historical note: This is a migration completion report, not a current-state inventory. It preserves the migration lineage from the retired `250x` RPC set into the modern fleet. For the live RPC layout, use `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, and `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/RPC_MIGRATION_EXECUTION_SUMMARY.md b/docs/04-configuration/RPC_MIGRATION_EXECUTION_SUMMARY.md index 2ac25dc0..cbdb2d77 100644 --- a/docs/04-configuration/RPC_MIGRATION_EXECUTION_SUMMARY.md +++ b/docs/04-configuration/RPC_MIGRATION_EXECUTION_SUMMARY.md @@ -1,5 +1,8 @@ # RPC VMID Migration - Execution Summary +> Historical note: +> This document records the `2500`-series to `21xx/22xx/23xx` migration work. It is kept for chronology and audit trail, not as the current source of truth. For live inventory and current RPC roles, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and `config/proxmox-operational-template.json`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/RPC_MIGRATION_PROGRESS_REPORT.md b/docs/04-configuration/RPC_MIGRATION_PROGRESS_REPORT.md index 98066c8d..ac2c55be 100644 --- a/docs/04-configuration/RPC_MIGRATION_PROGRESS_REPORT.md +++ b/docs/04-configuration/RPC_MIGRATION_PROGRESS_REPORT.md @@ -1,5 +1,7 @@ # RPC VMID Migration - Progress Report +> Historical note: This progress report preserves an in-flight migration snapshot from January 2026. It should be read as progress evidence, not as the current RPC inventory. For current VMIDs, IPs, and roles, use `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` and `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/RPC_MIGRATION_STATUS.md b/docs/04-configuration/RPC_MIGRATION_STATUS.md index 43bded18..011030b1 100644 --- a/docs/04-configuration/RPC_MIGRATION_STATUS.md +++ b/docs/04-configuration/RPC_MIGRATION_STATUS.md @@ -1,5 +1,7 @@ # RPC VMID Migration - Current Status +> Historical note: This document records an in-flight migration state from January 2026. It should be read as migration evidence, not as the current RPC inventory. For live RPC roles, VMIDs, and host placement, use `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`, `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, and `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/RPC_VMID_MIGRATION_PLAN.md b/docs/04-configuration/RPC_VMID_MIGRATION_PLAN.md index 01b01fa7..f1212041 100644 --- a/docs/04-configuration/RPC_VMID_MIGRATION_PLAN.md +++ b/docs/04-configuration/RPC_VMID_MIGRATION_PLAN.md @@ -1,5 +1,8 @@ # RPC VMID Migration Plan - Complete Guide +> Historical note: +> This is a migration-era planning document for moving off the legacy `2500`-series RPC VMIDs. The migration has since been completed. Do not use this file as the current deployment map; use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md` for live state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/SOLACENET_PUBLIC_HUB.md b/docs/04-configuration/SOLACENET_PUBLIC_HUB.md new file mode 100644 index 00000000..83d47cf9 --- /dev/null +++ b/docs/04-configuration/SOLACENET_PUBLIC_HUB.md @@ -0,0 +1,38 @@ +# SolaceNet — public hub and documentation map + +**Purpose:** Point operators and integrators to **public-facing** SolaceNet content versus **repository-internal** governance and gap tracking. + +## Public web (Chain 138 info hub) + +- **URL:** [https://info.defi-oracle.io/solacenet](https://info.defi-oracle.io/solacenet) +- **Source:** `info-defi-oracle-138` SPA — build and deploy per [INFO_DEFI_ORACLE_IO_DEPLOYMENT.md](INFO_DEFI_ORACLE_IO_DEPLOYMENT.md). +- **Verify:** `pnpm run verify:info-defi-oracle-public` (includes `/solacenet` SPA check when script is updated alongside the app). + +## Repository documentation (canonical) + +| Document | Path | +|----------|------| +| Public overview (markdown) | `dbis_core/docs/solacenet/public/OVERVIEW.md` | +| Gaps and inconsistencies | `dbis_core/docs/solacenet/public/GAPS_AND_INCONSISTENCIES.md` | +| Rail/protocol governance | `dbis_core/docs/solacenet/RAIL_AND_PROTOCOL_GOVERNANCE.md` | +| Plugin registry vs gateway rails | `dbis_core/docs/solacenet/PLUGIN_AND_GATEWAY_BRIDGE.md` | +| Tracked protocol gap IDs | `dbis_core/docs/solacenet/PROTOCOL_GAPS_CHECKLIST.md` | +| **Full remaining task list (prioritized)** | `dbis_core/docs/solacenet/REMAINING_TASKS_FULL_LIST.md` | +| **Gaps / inconsistencies / missing (delta audit)** | `dbis_core/docs/solacenet/AUDIT_GAPS_INCONSISTENCIES_MISSING.md` | +| **Enable rail enforcement (runbook)** | `dbis_core/docs/solacenet/SOLACENET_GATEWAY_RAILS_ENFORCE_RUNBOOK.md` | +| **Telecom northbound (example JSON Schema)** | `dbis_core/docs/solacenet/schemas/telecom-northbound-event.example.json` | +| **DBIS Rail deferral (on-chain)** | `dbis_core/docs/solacenet/DBIS_RAIL_SCOPE_DEFERRAL.md` | +| **Backlog vs reality (all tasks)** | `dbis_core/docs/solacenet/TASK_BACKLOG_COMPLETION_STATUS.md` | +| **Adapter lifecycle policy** | `dbis_core/docs/solacenet/GATEWAY_ADAPTER_LIFECYCLE.md` | +| **Tokenization vs smom (PG-SN-003)** | `dbis_core/docs/solacenet/TOKENIZATION_SMOM_AND_SOLACENET.md` | +| **File-drop enforcement example** | `dbis_core/docs/solacenet/FILE_DROP_GATEWAY_INGRESS.example.md` | +| Quick reference | `dbis_core/SOLACENET_QUICK_REFERENCE.md` | +| Implementation status | `dbis_core/SOLACENET_IMPLEMENTATION_STATUS.md` | + +## Internal console (not the public hub) + +- **SolaceNet operator UI:** `dbis_core/frontend/solacenet-console/` — authenticated admin patterns; do not confuse with the public info site page. + +--- + +**Last updated:** 2026-04-07 diff --git a/docs/04-configuration/SOLACESCANSCOUT_REVIEW.md b/docs/04-configuration/SOLACESCANSCOUT_REVIEW.md index d40cba9d..d94f983d 100644 --- a/docs/04-configuration/SOLACESCANSCOUT_REVIEW.md +++ b/docs/04-configuration/SOLACESCANSCOUT_REVIEW.md @@ -1,5 +1,7 @@ # SolaceScanScout Navigation & Sync Status Review +> Historical note: This review records a point-in-time explorer status and remediation outcome. It is useful as troubleshooting history, not as the current operational state. For live explorer deployment status, use the current explorer runbooks, health checks, and endpoint inventory. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/SSL_FIX_SUMMARY.md b/docs/04-configuration/SSL_FIX_SUMMARY.md index 65fb25f5..40492af4 100644 --- a/docs/04-configuration/SSL_FIX_SUMMARY.md +++ b/docs/04-configuration/SSL_FIX_SUMMARY.md @@ -1,5 +1,8 @@ # SSL Configuration Fix - Summary +> Historical note: +> This summary documents a past SSL remediation stage and intentionally preserves then-active upstream mappings. It is historical context, not the live source of truth. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/STORAGE_FIX_R630_01_AND_THIN5.md b/docs/04-configuration/STORAGE_FIX_R630_01_AND_THIN5.md index 9eb33047..a876df88 100644 --- a/docs/04-configuration/STORAGE_FIX_R630_01_AND_THIN5.md +++ b/docs/04-configuration/STORAGE_FIX_R630_01_AND_THIN5.md @@ -4,7 +4,7 @@ ## Situation -- **r630-01** `data` / `local-lvm`: **~72%** used. Many CTs (validators, RPC 2101, 2500–2505, etc.) use this pool. +- **r630-01** `data` / `local-lvm`: **~72%** used at the time of this note. Many CTs used this pool, including validators, core RPC `2101`, and the then-current edge/private RPC lanes. - **r630-02** `thin5`: **~84.6%** used. **Only VMID 5000 (Blockscout/Explorer)** uses thin5. ## Fix options diff --git a/docs/04-configuration/STORAGE_GROWTH_AND_HEALTH.md b/docs/04-configuration/STORAGE_GROWTH_AND_HEALTH.md index 9a847f0a..cbfc9f30 100644 --- a/docs/04-configuration/STORAGE_GROWTH_AND_HEALTH.md +++ b/docs/04-configuration/STORAGE_GROWTH_AND_HEALTH.md @@ -1,10 +1,12 @@ # Storage Growth and Health — Predictable Growth Table & Proactive Monitoring -**Last updated:** 2026-03-28 +**Last updated:** 2026-04-11 **Purpose:** Real-time data collection and a predictable growth table so we can stay ahead of disk space issues on hosts and VMs. ### Recent operator maintenance (2026-03-28) +- **r630-01 `/var/lib/vz/dump` emergency prune (2026-04-11):** After first-wave CT rebalancing to **r630-04**, `r630-01` still showed `/var/lib/vz` at **~95%**. Live inspection confirmed the pressure was local `vzdump` archives, not active CT disks: `/var/lib/vz/dump` held **~508 GiB** across daily sets from **2026-04-05** through **2026-04-10**. Pruned the older **2026-04-05**, **2026-04-06**, and **2026-04-07** local backup days plus stale **2026-02-28** / **2026-03-28** logs, keeping the newest three local days (**2026-04-08** to **2026-04-10**). Result: `zfs list rpool/var-lib-vz` and `df -h /var/lib/vz` returned to **~266 GiB used / ~267 GiB free (~50%)**; `pvesm status` `local` returned to **~49.9%**. If this pattern recurs, inspect `/var/lib/vz/dump` first and treat uncontrolled local backup retention as a host-space incident distinct from thin-pool pressure. + - **Fleet checks (same day, follow-up):** Ran `collect-storage-growth-data.sh --append`, `storage-monitor.sh check`, `proxmox-host-io-optimize-pass.sh` (swappiness/sysstat; host `fstrim` N/A on LVM root). **Load:** ml110 load dominated by **Besu (Java)** and **cloudflared**; r630-01 load improved after earlier spike (still many CTs). **r630-01 `data` thin:** after guest `fstrim` fleet, **pvesm** used% dropped slightly (e.g. **~71.6% → ~70.2%** on 2026-03-28 — reclaim varies by CT). **ZFS:** r630-01 / r630-02 `rpool` ONLINE; last scrub **2026-03-08**, 0 errors. **`/proc/mdstat` (r630-01):** RAID devices present and active (no resync observed during check). - **ml110 `cloudflared`:** If the process still runs as `tunnel run --token …` on the **command line**, the token is visible in **`ps`** and process listings. Prefer **`credentials-file` + YAML** (`scripts/cloudflare-tunnels/systemd/cloudflared-ml110.service`) or **`EnvironmentFile`** with tight permissions; **rotate the tunnel token** in Cloudflare if it was ever logged. - **CT 7811 (r630-02, thin4):** Root was **100%** full (**~44 GiB** in `/var/log/syslog` + rotated `syslog.1`). **Remediation:** truncated `syslog` / `syslog.1` and restarted `rsyslog`; root **~6%** after fix. **`/etc/logrotate.d/rsyslog`** updated to **`daily` + `maxsize 200M`** (was weekly-only) and **`su root syslog`** so rotation runs before another multi-GB spike. If logs still grow fast, reduce app/rsyslog **facility** noise at the source. @@ -48,14 +50,16 @@ Run from **project root** (LAN, SSH key-based access to Proxmox hosts): ### Cron (proactive) -Use the scheduler script from project root (installs cron every 6 hours; uses `$PROJECT_ROOT`): +Use the scheduler script from a persistent host checkout (installs cron every 6 hours; uses `CRON_PROJECT_ROOT` when set): ```bash -./scripts/maintenance/schedule-storage-growth-cron.sh --install # every 6h: collect + append -./scripts/maintenance/schedule-storage-growth-cron.sh --show # print cron line -./scripts/maintenance/schedule-storage-growth-cron.sh --remove # uninstall +CRON_PROJECT_ROOT=/srv/proxmox ./scripts/maintenance/schedule-storage-growth-cron.sh --install # every 6h: collect + append +CRON_PROJECT_ROOT=/srv/proxmox ./scripts/maintenance/schedule-storage-growth-cron.sh --show # print cron line +./scripts/maintenance/schedule-storage-growth-cron.sh --remove # uninstall ``` +Do not install these cron jobs from `/tmp/...` or another transient host path. + **Retention:** Run `scripts/monitoring/prune-storage-snapshots.sh` weekly (e.g. keep last 30 days of snapshot files). Option: `--days 14` or `--dry-run` to preview. See **STORAGE_GROWTH_AUTOMATION_TASKS.md** for full automation list. --- @@ -72,7 +76,7 @@ Fill and refresh from real data. **Est. monthly growth** and **Growth factor** s | **ml110** | data / local-lvm | **~15%** | ~1.7T thin | Besu CTs | High | 80 / 95 | Same | | **2101** | / (root) | _%_ | 200G | Besu DB + logs | High (RocksDB) | 85 warn, 95 crit | e2fsck, make writable, free /data | | **2101** | /data/besu | _du_ | same as / | RocksDB + compaction | ~1–5% block growth | — | Resync or expand disk | -| **2500–2505** | /, /data/besu | _%_ | — | Besu | Same | 85 / 95 | Same as 2101 | +| **Legacy edge/private RPC examples** | /, /data/besu | _%_ | — | Besu | Same | 85 / 95 | Apply the same guidance to the current edge/private RPC lanes rather than the retired `2500–2505` set | | **2400** | /, /data/besu | _%_ | 196G | Besu + Nginx logs | Same | 85 / 95 | Logrotate, Vert.x tuning | | **10130, 10150, 10151** | / | _%_ | — | Logs, app data | Low–medium | 85 / 95 | Logrotate, clean caches | | **5000** (Blockscout) | /, DB volume | _%_ | — | Postgres + indexer | Medium | 85 / 95 | VACUUM, archive old data | @@ -97,7 +101,7 @@ Use this list to match real-time data to causes and actions. |--------|-------------------|----------------------|------------| | **LVM thin pool data%** | Host (r630-01 data, r630-02 thin*, ml110 thin1) | 100% = no new writes | fstrim in CTs, migrate VMs, remove unused LVs, expand pool | | **LVM thin metadata%** | Same | High metadata% can cause issues | Expand metadata LV or reduce snapshots | -| **RocksDB (Besu)** | /data/besu in 2101, 2500–2505, 2400, 2201, etc. | Grows with chain; compaction needs temp space | Ensure / and /data have headroom; avoid 100% thin pool | +| **RocksDB (Besu)** | /data/besu in 2101, the current edge/private RPC lanes, 2400, 2201, etc. | Grows with chain; compaction needs temp space | Ensure / and /data have headroom; avoid 100% thin pool | | **Journal / systemd logs** | /var/log in every CT | Can grow if not rotated | logrotate, journalctl --vacuum-time=7d | | **Nginx / app logs** | /var/log, /var/www | Depends on traffic | logrotate, log level | | **Postgres / DB** | Blockscout, DBIS, etc. | Grows with indexer and app data | VACUUM, archive, resize volume | @@ -133,9 +137,9 @@ Use this list to match real-time data to causes and actions. ## 6. Related -- **Host-level alerts:** `scripts/storage-monitor.sh` (WARN 80%, CRIT 90%). Schedule: `scripts/maintenance/schedule-storage-monitor-cron.sh --install` (daily 07:00). +- **Host-level alerts:** `scripts/storage-monitor.sh` (WARN 80%, CRIT 90%). Schedule from a persistent host checkout: `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-storage-monitor-cron.sh --install` (daily 07:00). - **In-CT disk check:** `scripts/maintenance/check-disk-all-vmids.sh` (root /). Run daily via `daily-weekly-checks.sh` (cron 08:00). -- **Retention:** `scripts/monitoring/prune-storage-snapshots.sh` (snapshots), `scripts/monitoring/prune-storage-history.sh` (history.csv). Both run weekly when using `schedule-storage-growth-cron.sh --install`. +- **Retention:** `scripts/monitoring/prune-storage-snapshots.sh` (snapshots), `scripts/monitoring/prune-storage-history.sh` (history.csv). Both run weekly when using `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-storage-growth-cron.sh --install`. - **Weekly remediation:** `daily-weekly-checks.sh weekly` runs fstrim in all running CTs and journal vacuum in key CTs; see **STORAGE_GROWTH_AUTOMATION_TASKS.md**. - **Logrotate audit:** **LOGROTATE_AUDIT_RUNBOOK.md** (high-log VMIDs). - **Making RPC VMIDs writable after full/read-only:** `scripts/maintenance/make-rpc-vmids-writable-via-ssh.sh`; see **502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md**. diff --git a/docs/04-configuration/STORAGE_GROWTH_AUTOMATION_TASKS.md b/docs/04-configuration/STORAGE_GROWTH_AUTOMATION_TASKS.md index b11d1e41..b16e0b49 100644 --- a/docs/04-configuration/STORAGE_GROWTH_AUTOMATION_TASKS.md +++ b/docs/04-configuration/STORAGE_GROWTH_AUTOMATION_TASKS.md @@ -11,7 +11,7 @@ | # | Task | Description | How | |---|------|-------------|-----| -| **A1** | **Storage snapshot + history append** | Run `collect-storage-growth-data.sh --append` on a schedule so `history.csv` grows for trend analysis. | Cron every 6 hours (or daily). Use `scripts/maintenance/schedule-storage-growth-cron.sh --install`. | +| **A1** | **Storage snapshot + history append** | Run `collect-storage-growth-data.sh --append` on a schedule so `history.csv` grows for trend analysis. | Cron every 6 hours (or daily). Install from a persistent host checkout, e.g. `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-storage-growth-cron.sh --install`. | | **A2** | **Snapshot retention** | Prune old snapshot files under `logs/storage-growth/` so the directory does not grow unbounded. | **Done.** Script: `scripts/monitoring/prune-storage-snapshots.sh` (default keep 30 days; `--days N`, `--dry-run`). Schedule weekly or run manually. | | **A3** | **History CSV retention** | Cap `history.csv` size (keep last 10k rows or ~90 days). | **Done.** Script: `scripts/monitoring/prune-storage-history.sh` (default 90 days proxy; `--max-rows N`, `--days N`, `--dry-run`). Run weekly via schedule-storage-growth-cron (prune line). | @@ -21,7 +21,7 @@ |---|------|-------------|-----| | **A4** | **Thin pool / pvesm check (all hosts)** | Fail or warn when any host’s thin pool or pvesm storage is ≥ 95% (critical) or ≥ 80% (warn). | **Done.** In `daily-weekly-checks.sh` weekly (F3/M2). | | **A5** | **In-CT disk check in cron** | Run `check-disk-all-vmids.sh` on a schedule and log or alert on WARN/CRIT. | **Done.** Called from `daily-weekly-checks.sh` daily (cron 08:00). | -| **A6** | **Integrate with existing storage-monitor.sh** | `storage-monitor.sh` already has WARN 80%, CRIT 90% and optional ALERT_EMAIL / ALERT_WEBHOOK. | **Done.** `scripts/maintenance/schedule-storage-monitor-cron.sh --install` (daily 07:00). | +| **A6** | **Integrate with existing storage-monitor.sh** | `storage-monitor.sh` already has WARN 80%, CRIT 90% and optional ALERT_EMAIL / ALERT_WEBHOOK. | **Done.** Install from a persistent host checkout, e.g. `CRON_PROJECT_ROOT=/srv/proxmox bash scripts/maintenance/schedule-storage-monitor-cron.sh --install` (daily 07:00). | | **A7** | **Metric file for alerting** | Write a metric file (e.g. `logs/storage-growth/last_run.metric`) with max thin pool % and timestamp so an external monitor can alert. | **Done.** Weekly run writes `STORAGE_METRIC_FILE` (storage_max_pct, storage_metric_timestamp). | ### 1.3 Proactive remediation (optional) @@ -41,7 +41,7 @@ | **F1** | **Implement or remove --json** | `scripts/monitoring/collect-storage-growth-data.sh` | **Done.** `--json` outputs a JSON object with `timestamp` and `csv_rows` (array of CSV line strings). | | **F2** | **CSV quoting for detail column** | `scripts/monitoring/collect-storage-growth-data.sh` | **Done.** Detail field is quoted when it contains commas or quotes via `csv_quote()`. | | **F3** | **Thin pool check on all three hosts** | `scripts/maintenance/daily-weekly-checks.sh` | **Done.** [138a] now runs thin pool/storage check on r630-02, r630-01, and ml110 (WARN ≥85%, FAIL ≥95%/100%). | -| **F4** | **PROJECT_ROOT in cron** | `schedule-daily-weekly-cron.sh` / new storage cron | Cron lines use `$PROJECT_ROOT`; crontab is installed by the user who runs the script, so path is correct. For schedule-storage-growth-cron.sh use same pattern (cd $PROJECT_ROOT && ...). | +| **F4** | **Persistent project root in cron** | `schedule-daily-weekly-cron.sh` / storage cron installers | **Done.** Installers now accept `CRON_PROJECT_ROOT`, dedupe old entries, and refuse transient roots like `/tmp/...`. | --- diff --git a/docs/04-configuration/THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md b/docs/04-configuration/THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md new file mode 100644 index 00000000..b445b3f6 --- /dev/null +++ b/docs/04-configuration/THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md @@ -0,0 +1,69 @@ +# Thirdweb Account Abstraction Support + +**Purpose:** Define the repo's concrete Thirdweb execution policy for `ERC-4337`, `EIP-7702`, gas sponsorship, and x402 across the chains relevant to GRU and Chain 138. + +**Machine-readable source:** [`../../config/thirdweb-account-abstraction-support.json`](../../config/thirdweb-account-abstraction-support.json) + +**Verifier:** [`../../scripts/verify/check-thirdweb-account-abstraction-support.sh`](../../scripts/verify/check-thirdweb-account-abstraction-support.sh) + +--- + +## Bottom line + +The repo now treats Thirdweb account abstraction as a **dual-mode** surface: + +- `ERC-4337` is the required compatibility baseline +- `EIP-7702` is the preferred execution mode where the chain and Thirdweb stack support it +- `x402` remains a `7702`-specific settlement rail, not a generic `4337` fallback + +For **Chain 138** specifically: + +- `ERC-4337` remains the current default execution mode in the policy matrix +- `EIP-7702` is tracked as supported target capability +- `x402` is enabled only through the GRU V2 USD payment tokens that expose `ERC-2612` and `ERC-3009` + +--- + +## Chain 138 payment tokens + +The Chain 138 x402-compatible payment tokens are: + +- `cUSDT V2` — `0x9FBfab33882Efe0038DAa608185718b772EE5660` +- `cUSDC V2` — `0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d` + +These contracts are live and expose: + +- `permit` / `ERC-2612` +- `transferWithAuthorization` +- `receiveWithAuthorization` +- `ERC-5267` domain introspection through the V2 token base + +See also: + +- [CHAIN138_X402_TOKEN_SUPPORT.md](CHAIN138_X402_TOKEN_SUPPORT.md) +- [GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md) + +--- + +## Verify + +Run: + +```bash +bash scripts/verify/check-thirdweb-account-abstraction-support.sh +``` + +Optional JSON output: + +```bash +bash scripts/verify/check-thirdweb-account-abstraction-support.sh --json +``` + +This verifies: + +- dual-mode account abstraction is enabled in the matrix +- Chain 138 explicitly lists both `ERC-4337` and `EIP-7702` +- Chain 138 keeps `ERC-4337` as the current default until full `7702` confirmation +- Chain 138 x402 stays pinned to `eip7702` +- at least one Chain 138 payment token is listed as x402-compatible +- Ethereum Mainnet is also represented as dual-mode diff --git a/docs/04-configuration/THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md b/docs/04-configuration/THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md new file mode 100644 index 00000000..b8840b16 --- /dev/null +++ b/docs/04-configuration/THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md @@ -0,0 +1,249 @@ +# Thirdweb Explorer Portal Deployment Model + +## Purpose + +This document defines the correct integration model between: + +- the Chain 138 explorer access portal +- Thirdweb Dashboard, CLI, and Engine/API +- private or public source repositories +- verification against the Chain 138 Blockscout explorer + +It exists to prevent a common but inaccurate assumption: that Thirdweb's dashboard is a full private-repository deployment console by itself. + +## Bottom line + +Thirdweb provides: + +1. Dashboard and project/API-key management +2. CLI/browser deployment flow for contracts compiled from a local or CI checkout +3. Engine / HTTP API for backend-authenticated deploy operations +4. Optional publish flow for Thirdweb discovery/registry surfaces + +Thirdweb does **not** replace: + +- your Git hosting +- your CI build pipeline +- your repo access and artifact generation +- your explorer-side governance, approvals, and audit controls +- your chain-explorer verification workflow + +For a Chain 138 explorer portal, the clean split is: + +- explorer `/access` handles identity, RPC products, subscriptions, API keys, and eventually deployment permissions +- your build worker or CI checks out repos and compiles artifacts +- your backend holds the Thirdweb secret and performs deploy calls +- your verification worker verifies against Blockscout using the same artifact metadata + +## What Thirdweb actually covers + +### Dashboard + +Used for: + +- projects +- analytics +- API keys +- contract inventory views + +It is not the primary place where a user links a private GitHub repository and gets a full build-and-deploy DevOps experience. + +### CLI and browser flow + +Typical path: + +1. developer compiles locally or in CI using Foundry, Hardhat, or another supported tool +2. developer runs `npx thirdweb deploy` or `npx thirdweb publish` +3. browser flow opens +4. user connects wallet, chooses target chain, enters constructor args, and signs + +This is usually the most direct Thirdweb methodology for developer-led deployments. + +### Engine / HTTP API + +This is the backend-secured path. + +Typical inputs: + +- chain ID +- bytecode +- ABI +- constructor params +- optional `salt` for deterministic deployment behavior where supported + +Important: + +- this is a server-side authenticated integration +- the secret key belongs on your backend or worker only +- it must never be shipped to the browser + +## How this maps to the explorer portal + +### Explorer access portal responsibilities + +The explorer portal should own: + +- explorer user identity +- role and permission gating +- RPC subscriptions and API key lifecycle +- optional GitHub OAuth for repo linking +- deployment approvals and audit logs +- artifact immutability rules +- allowlists for chains, factories, and deploy methods + +### Build system responsibilities + +Your CI or worker should own: + +- repo checkout +- dependency lockfile enforcement +- compile commands such as `forge build` or `hardhat compile` +- artifact generation +- compiler version pinning +- commit hash and artifact hash capture + +### Backend deploy responsibilities + +Your backend should own: + +- storing `THIRDWEB_SECRET_KEY` +- calling Engine / deploy API +- choosing deploy mode +- selecting chain ID +- enforcing policy around `from`, sponsorship, and deterministic deployment + +### Verification responsibilities + +Your chain explorer or verification worker should own: + +- Blockscout verification submission +- constructor-arg alignment +- compiler-settings alignment +- reporting verification status back into the portal + +## Repository linking + +If the portal offers “link repository”, that is **your** feature, not a native Thirdweb dashboard capability. + +Recommended implementation: + +1. user authenticates in the explorer portal +2. user optionally links GitHub using OAuth with minimal scopes +3. webhook or manual trigger starts a build job +4. build job checks out the repo and compiles artifacts +5. backend deploys using Thirdweb Engine/API +6. verification step runs against Blockscout + +This keeps repo access and source provenance under your control instead of pretending the Thirdweb dashboard is the source-control authority. + +## CREATE vs CREATE2 + +### CREATE + +Normal deployment flow: + +- standard constructor deployment +- address determined by sender and nonce + +### CREATE2 / deterministic deployment + +Portal support should treat this as: + +- explicit operator or developer choice +- optional `salt` +- factory/path validation +- artifact and bytecode consistency checks + +The deploy worker must make sure: + +- the target chain supports the intended path +- the selected factory/pattern is the one your stack expects +- the same bytecode and constructor inputs are used for both deploy and verify + +## Supported developer stacks + +The recommended portal model should treat these as compile sources, not deployment authorities: + +- Foundry / Cast +- Hardhat +- OpenZeppelin workflows +- Remix-generated artifacts + +Common output: + +- ABI +- bytecode +- constructor parameters +- compiler metadata + +These artifacts then flow into your backend deployment and verification pipeline. + +## Authentication and authorization + +Use different credentials for different surfaces: + +### User-facing explorer auth + +Use: + +- explorer login +- optional wallet auth +- optional GitHub OAuth + +Purpose: + +- user identity +- repo linking +- audit ownership +- deploy permission gating + +### Backend deploy auth + +Use: + +- `THIRDWEB_SECRET_KEY` + +Purpose: + +- Engine/API deploy operations + +Rule: + +- never expose this secret to the browser + +## Recommended Chain 138 portal flow + +For Chain 138, the recommended methodology is: + +1. user signs in to the explorer portal +2. user selects product and permissions +3. user links repo or uploads artifact package +4. worker checks out source and compiles +5. portal records commit hash, artifact hash, compiler settings, and target chain `138` +6. backend deploys through Thirdweb Engine/API +7. verification runs against Blockscout +8. explorer stores deployment result, verification result, and audit metadata + +## Additional recommended portal features + +These are portal responsibilities, not things Thirdweb gives you automatically: + +- project isolation +- environment isolation +- role-based access control +- approval gates for production deploys +- deploy audit logs +- artifact immutability +- spender and sponsorship limits +- chain allowlists +- factory allowlists +- published artifact provenance + +## Practical conclusion + +The correct model is: + +- Thirdweb supplies deployment infrastructure, wallet-driven CLI flows, and publish/discovery surfaces +- your explorer portal supplies identity, governance, CI/repo integration, policy, and verification lifecycle + +That is the right way to support Chain 138 without misrepresenting Thirdweb's dashboard as a full Git-hosted deployment control plane. diff --git a/docs/04-configuration/THIRDWEB_INSIGHT_INDEXER.md b/docs/04-configuration/THIRDWEB_INSIGHT_INDEXER.md index 06f7ae89..627499e6 100644 --- a/docs/04-configuration/THIRDWEB_INSIGHT_INDEXER.md +++ b/docs/04-configuration/THIRDWEB_INSIGHT_INDEXER.md @@ -4,6 +4,8 @@ **References:** [Insight API Reference](https://insight-api.thirdweb.com/reference), [Getting started](https://insight-api.thirdweb.com/), [Multichain queries](https://blog.thirdweb.com/changelog/multichain-queries-with-insight-api). +**Operational status (2026-04-07):** Thirdweb **Insight for Chain 138 is running** (operator-confirmed). Re-check any time with `node scripts/try-thirdweb-insight.js` (expects HTTP 200 for 138). **651940** remains **verify per project**: same script; if the API still returns unsupported, keep using your activity feed for that chain. + --- ## 1. What Insight provides @@ -38,7 +40,7 @@ The script calls the Insight API for **Chain 138** and **651940** (`GET /v1/even 2. Open **Insight** (or **Infrastructure** → **Insight**) and **enable** the Insight service for your project. 3. Ensure the **Client ID** you use in the script and dapp is from this project. 4. If you get **401 "keys are invalid"**, Insight is likely not enabled for the project — enable it in the dashboard and retry. -5. Check **supported chains**: [thirdweb.com/chainlist?service=insight](https://thirdweb.com/chainlist?service=insight). **Chain 138 and 651940 are not currently supported** by Insight (API returns "Chains not supported"). Use the try script with Ethereum (1) to verify your credentials; for 138 and 651940 use your own indexer and [ACTIVITY_FEED_SPEC.md](ACTIVITY_FEED_SPEC.md). +5. Check **supported chains**: [thirdweb.com/chainlist?service=insight](https://thirdweb.com/chainlist?service=insight). **Chain 138:** Insight is **on** for this deployment; confirm with the try script above. **651940:** confirm with the same script or chainlist; if unsupported, use your own indexer and [ACTIVITY_FEED_SPEC.md](ACTIVITY_FEED_SPEC.md). You can still use **Ethereum (1)** in the try script to sanity-check API keys alone. --- @@ -47,14 +49,14 @@ The script calls the Insight API for **Chain 138** and **651940** (`GET /v1/even **Events for a contract (e.g. DODO PMM on 138):** ```http -GET https://138.insight.thirdweb.com/v1/events/0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d?limit=10 +GET https://138.insight.thirdweb.com/v1/events/0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895?limit=10 x-client-id: ``` **Decoded events (if supported):** ```http -GET https://138.insight.thirdweb.com/v1/events/0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d?limit=10&decode=true +GET https://138.insight.thirdweb.com/v1/events/0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895?limit=10&decode=true x-client-id: ``` @@ -70,6 +72,6 @@ x-client-id: ## 5. Relation to your activity feed - **Insight:** Thirdweb-hosted indexer; use it when your chain is supported and you want quick REST queries. -- **Your stack:** [ACTIVITY_FEED_SPEC.md](ACTIVITY_FEED_SPEC.md) and the `activity_events` table are your own normalized feed (transfers, app events, bridge stitching). Use that for chains or event types Insight doesn’t cover (e.g. custom 138/651940 events and routing). +- **Your stack:** [ACTIVITY_FEED_SPEC.md](ACTIVITY_FEED_SPEC.md) and the `activity_events` table are your own normalized feed (transfers, app events, bridge stitching). Use that for **bridge-aware stitching**, custom app events, or any chain Insight does not index (e.g. 651940 if still unsupported). You can use both: Insight for standard events/transactions where available, and your indexer for activity feed and bridge-aware stitching. diff --git a/docs/04-configuration/THIRDWEB_WALLETS_INTEGRATION.md b/docs/04-configuration/THIRDWEB_WALLETS_INTEGRATION.md index 9a5e844c..95b4d05b 100644 --- a/docs/04-configuration/THIRDWEB_WALLETS_INTEGRATION.md +++ b/docs/04-configuration/THIRDWEB_WALLETS_INTEGRATION.md @@ -124,7 +124,7 @@ Use the **server wallet** (e.g. the key backing `SERVER_WALLET_ADDRESS` or an En - [x] **Documentation:** This file + links to portal (Get Started, Users, Quickstart, v5 migrate). - [x] **Client ID:** `VITE_THIRDWEB_CLIENT_ID` set in frontend-dapp (and any other app that uses thirdweb). - [x] **Connect UI (demo):** `/wallets` page with v5 `ConnectButton` + `inAppWallet` (email, google, apple, passkey) + external wallets; Chain 138 balance shown. -- [ ] **Chain 138:** Supported in the thirdweb client/chains config used by the dapp. +- [x] **Chain 138:** `WalletsDemoPage` and thirdweb `defineChain` use `defaultFrontendChain` from [`smom-dbis-138/frontend-dapp/src/config/networks.ts`](../../smom-dbis-138/frontend-dapp/src/config/networks.ts) (defaults to chain id **138** via `VITE_DEFAULT_FRONTEND_CHAIN_ID`). Main app wallet UI remains wagmi-first until migration. - [ ] **Migration (optional):** Bridge and other components moved from v4 hooks to v5 extensions/hooks so one account source is used everywhere. - [ ] **Backend (optional):** Use of `/v1/wallets/me` or auth endpoints from a secure service when needed. diff --git a/docs/04-configuration/TOKEN_AGGREGATION_REPORT_API_RUNBOOK.md b/docs/04-configuration/TOKEN_AGGREGATION_REPORT_API_RUNBOOK.md index 1c9c3cff..6214c088 100644 --- a/docs/04-configuration/TOKEN_AGGREGATION_REPORT_API_RUNBOOK.md +++ b/docs/04-configuration/TOKEN_AGGREGATION_REPORT_API_RUNBOOK.md @@ -21,6 +21,13 @@ bash metamask-integration/chain138-snap/scripts/verify-snap-api-and-icons.sh htt ### 2.1 On explorer VM (VMID 5000) or dedicated host +**Bundle + rsync (recommended from repo root on LAN):** builds with synced GRU/RPC env, then copies to `/opt/token-aggregation` and restarts `token-aggregation` systemd (if present): + +```bash +bash scripts/deploy-token-aggregation-for-publication.sh ./token-aggregation-build +EXPLORER_SSH=root@192.168.11.140 bash scripts/deployment/push-token-aggregation-bundle-to-explorer.sh ./token-aggregation-build +``` + 1. **Deploy the service:** ```bash cd smom-dbis-138/services/token-aggregation @@ -50,10 +57,32 @@ bash metamask-integration/chain138-snap/scripts/verify-snap-api-and-icons.sh htt |-----|---------| | `CUSDC_ADDRESS_138` | cUSDC on Chain 138 | | `CUSDT_ADDRESS_138` | cUSDT on Chain 138 | -| `CHAIN_138_RPC_URL` or `RPC_URL_138` | RPC for indexing | +| `CHAIN_138_RPC_URL` or `RPC_URL_138` | RPC for indexing and (when reachable) on-chain PMM quotes on Chain 138 DODO pools | +| `TOKEN_AGGREGATION_CHAIN138_RPC_URL` | Optional explicit alias; `deploy-token-aggregation-for-publication.sh` sets this to the same public RPC as `RPC_URL_138` | +| `TOKEN_AGGREGATION_PMM_RPC_URL` | Optional: PMM `querySell*` calls only (e.g. operator core RPC) while keeping `CHAIN_138_RPC_URL` on the public node | +| `TOKEN_AGGREGATION_PMM_QUERY_TRADER` | Optional `trader` address for PMM view calls (defaults to deployer in code) | | `DATABASE_URL` | PostgreSQL (required for full service) | -**Note:** The report endpoints may work with minimal config; full indexing requires DB and RPC. +**Note:** The report endpoints may work with minimal config; full indexing requires DB and RPC. Successful PMM quotes return `quoteEngine: "pmm-onchain"` on `GET /api/v1/quote`; otherwise the service falls back to constant-product math (`quoteEngine: "constant-product"`). + +### 2.3 GRU Transport runtime env on published explorer deployments + +The public explorer deployment does more than token-list/report reads. `/api/v1/bridge/status`, `/api/v1/bridge/routes`, and `/api/v1/bridge/preflight` also resolve the GRU Monetary Transport overlay from runtime env. + +At minimum, published `token-aggregation` deployments should carry: + +- `CHAIN138_L1_BRIDGE` +- `CW_BRIDGE_MAINNET`, `CW_BRIDGE_CRONOS`, `CW_BRIDGE_BSC`, `CW_BRIDGE_POLYGON`, `CW_BRIDGE_GNOSIS`, `CW_BRIDGE_AVALANCHE`, `CW_BRIDGE_BASE`, `CW_BRIDGE_ARBITRUM`, `CW_BRIDGE_OPTIMISM` +- `CW_RESERVE_VERIFIER_CHAIN138` +- `CW_STABLECOIN_RESERVE_VAULT` +- `CW_RESERVE_SYSTEM` +- optional neutral reference: `CW_ASSET_RESERVE_VERIFIER_DEPLOYED_CHAIN138` +- the `CW_MAX_OUTSTANDING_*` caps referenced by [`gru-transport-active.json`](../../config/gru-transport-active.json) +- the gas-family refs referenced by [`gru-transport-active.json`](../../config/gru-transport-active.json), including `CW_BRIDGE_WEMIX`, `CW_GAS_STRICT_ESCROW_VERIFIER_CHAIN138`, `CW_GAS_HYBRID_CAP_VERIFIER_CHAIN138`, `CW_GAS_ESCROW_VAULT_CHAIN138`, `CW_GAS_TREASURY_SYSTEM`, `CW_GAS_OUTSTANDING_*`, `CW_GAS_ESCROWED_*`, `CW_GAS_TREASURY_BACKED_*`, `CW_GAS_TREASURY_CAP_*`, and the gas-family `CW_MAX_OUTSTANDING_*` caps + +`bash scripts/deploy-token-aggregation-for-publication.sh` now syncs the full GRU transport env surface from `config/gru-transport-active.json` into the deployed `.env` automatically, including the Chain 138 `CWReserveVerifier` from the latest Foundry broadcast artifact when the root repo env does not already export it, plus a neutral `CW_ASSET_RESERVE_VERIFIER_DEPLOYED_CHAIN138` reference derived from [`config/smart-contracts-master.json`](../../config/smart-contracts-master.json). Gas-accounting refs default conservatively to `0` on publication builds when they are not supplied by the operator env so the API can publish the lane shape without inventing outstanding supply, and gas-lane `CW_MAX_OUTSTANDING_*` caps now derive from the lane-specific `perLaneCaps` declared in [`gru-transport-active.json`](../../config/gru-transport-active.json) instead of a blanket fallback. The deploy helper intentionally does not auto-fill `CW_GAS_STRICT_ESCROW_VERIFIER_CHAIN138` or `CW_GAS_HYBRID_CAP_VERIFIER_CHAIN138`; keep those unset until the live L1 bridge is explicitly wired to the gas verifier. +For a local non-secret gas env scaffold, run `bash scripts/verify/print-gas-runtime-env-canonical.sh`. +Deferred lanes such as the current `wemix` rollout remain visible in staged registry metadata, but the active `/api/v1/bridge/*` transport summary and the gas rollout verification scripts exclude them from active pair counts by default. --- @@ -94,6 +123,12 @@ ALLOW_BLOCKED=1 bash scripts/verify/check-gru-transport-preflight.sh https://exp bash scripts/verify/check-gru-transport-preflight.sh https://explorer.d-bis.org ``` +```bash +# Gas rollout registry + deployment-status summary +SKIP_GAS_REGISTRY=0 bash scripts/verify/check-public-report-api.sh https://explorer.d-bis.org +bash scripts/verify/check-gas-public-pool-status.sh +``` + ```bash bash metamask-integration/chain138-snap/scripts/verify-snap-api-and-icons.sh https://explorer.d-bis.org ``` @@ -118,6 +153,8 @@ Use these files for CoinGecko/CMC submission per [CMC_COINGECKO_SUBMISSION_RUNBO | Empty `tokens` array | Indexer / DB | **Chain 138:** `CHAIN_138_DODO_PMM_INTEGRATION` defaults to canonical DODOPMMIntegration if unset. Set `DATABASE_URL`, run migrations, ensure RPC to 138. Also set `CUSDT_ADDRESS_138` / `CUSDC_ADDRESS_138` (see `smom-dbis-138/services/token-aggregation/.env.example`). | | 502 Bad Gateway | Token-aggregation crashed or wrong port | Check logs; verify `TOKEN_AGG_PORT` matches service | | `/api/v1/bridge/preflight` shows blocked pairs | Missing runtime env refs for GRU Transport | Run `bash scripts/verify/check-gru-transport-preflight.sh` and clear the reported `runtimeMissingRequirements` / `eligibilityBlockers` | +| `/api/v1/report/gas-registry` is missing or empty | Older token-aggregation build or gas rollout config not deployed | Redeploy `token-aggregation`, then verify `GET /api/v1/report/gas-registry?chainId=10` returns `gasAssetFamilies[]`, `gasRedeemGroups[]`, `chains[]`, and `gasProtocolExposure[]` | +| `/api/v1/bridge/preflight` returns `200` but gas lanes are blocked | Published service `.env` is missing the GRU gas bridge/verifier/cap block, or the live gas verifier has not been attached yet | Re-run `bash scripts/deploy-token-aggregation-for-publication.sh` or manually sync the `CHAIN138_L1_BRIDGE`, `CW_BRIDGE_*`, `CW_RESERVE_VERIFIER_CHAIN138`, `CW_STABLECOIN_RESERVE_VAULT`, `CW_RESERVE_SYSTEM`, `CW_GAS_*`, and `CW_MAX_OUTSTANDING_*` variables into `/opt/token-aggregation/.env`, then restart `token-aggregation`. Treat `CW_ASSET_RESERVE_VERIFIER_DEPLOYED_CHAIN138` as informational only until the live L1 bridge is explicitly wired. | --- @@ -130,6 +167,10 @@ bash metamask-integration/chain138-snap/scripts/verify-snap-api-and-icons.sh htt # 1b. GRU Transport operator preflight bash scripts/verify/check-gru-transport-preflight.sh https://explorer.d-bis.org +# 1c. Gas-native rollout summary +SKIP_GAS_REGISTRY=0 bash scripts/verify/check-public-report-api.sh https://explorer.d-bis.org +bash scripts/verify/check-gas-public-pool-status.sh + # 2. Export for submission (after API is reachable) curl -s "https://explorer.d-bis.org/api/v1/report/coingecko?chainId=138" -o report-coingecko-138.json curl -s "https://explorer.d-bis.org/api/v1/report/cmc?chainId=138" -o report-cmc-138.json diff --git a/docs/04-configuration/TOKEN_LIST_PR_REVIEW.md b/docs/04-configuration/TOKEN_LIST_PR_REVIEW.md index 9b645983..182bac7d 100644 --- a/docs/04-configuration/TOKEN_LIST_PR_REVIEW.md +++ b/docs/04-configuration/TOKEN_LIST_PR_REVIEW.md @@ -86,8 +86,8 @@ 4. Open PR to https://github.com/ethereum-lists/chains ### Chain 138 status -- **Not present** (no eip155-138.json in chains repo) -- PR-ready: `proxmox/docs/04-configuration/pr-ready/eip155-138.json` +- **Listed upstream:** [ethereum-lists/chains `_data/chains/eip155-138.json`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json) (merged [chains#8124](https://github.com/ethereum-lists/chains/pull/8124) / [cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80)). +- Repo mirror / PR staging: `docs/04-configuration/pr-ready/eip155-138.json`, `pr-workspace/chains/_data/chains/eip155-138.json`. --- diff --git a/docs/04-configuration/UDM_PRO_VLAN_MIGRATION_PLAN.md b/docs/04-configuration/UDM_PRO_VLAN_MIGRATION_PLAN.md index ccf17e61..92854a11 100644 --- a/docs/04-configuration/UDM_PRO_VLAN_MIGRATION_PLAN.md +++ b/docs/04-configuration/UDM_PRO_VLAN_MIGRATION_PLAN.md @@ -1,5 +1,7 @@ # UDM Pro VLAN Migration Plan +> Historical note: This is a migration plan, not a current-state inventory. It preserves the pre-cutover VMID/IP model, including older `2500`-series RPC references. Before applying anything from this plan, reconcile with `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and the current network templates. + **Last Updated:** 2026-01-15 **Status:** ✅ **READY FOR MIGRATION** diff --git a/docs/04-configuration/VERIFICATION_GAPS_AND_TODOS.md b/docs/04-configuration/VERIFICATION_GAPS_AND_TODOS.md index 5f6b6a6f..8801a9a6 100644 --- a/docs/04-configuration/VERIFICATION_GAPS_AND_TODOS.md +++ b/docs/04-configuration/VERIFICATION_GAPS_AND_TODOS.md @@ -541,14 +541,12 @@ pct exec 10234 -- ping -c 3 192.168.11.166 **Commands**: ```bash -# On r630-01 -crontab -e - -# Add: -*/5 * * * * /home/intlc/projects/proxmox/scripts/npmplus/sync-certificates.sh >> /var/log/npmplus-cert-sync.log 2>&1 +# On r630-01, from a persistent checkout +cd /srv/proxmox +REMOTE_PROJECT_ROOT=/srv/proxmox bash scripts/npmplus/automate-phase2-cert-sync.sh # Test manually first -bash /home/intlc/projects/proxmox/scripts/npmplus/sync-certificates.sh +bash /srv/proxmox/scripts/npmplus/sync-certificates.sh ``` --- @@ -852,11 +850,9 @@ curl -vI https://rpc-http-pub.d-bis.org **Commands**: ```bash -# On primary Proxmox host -crontab -e - -# Add: -*/5 * * * * /home/intlc/projects/proxmox/scripts/npmplus/monitor-ha-status.sh >> /var/log/npmplus-ha-monitor.log 2>&1 +# On primary Proxmox host, from a persistent checkout +cd /srv/proxmox +REMOTE_PROJECT_ROOT=/srv/proxmox bash scripts/npmplus/automate-phase5-monitoring.sh ``` --- diff --git a/docs/04-configuration/VLAN_11_SETTINGS_REFERENCE.md b/docs/04-configuration/VLAN_11_SETTINGS_REFERENCE.md index 5964fdc9..9cfe2db7 100644 --- a/docs/04-configuration/VLAN_11_SETTINGS_REFERENCE.md +++ b/docs/04-configuration/VLAN_11_SETTINGS_REFERENCE.md @@ -201,7 +201,7 @@ If routing from `192.168.0.0/24` to `192.168.11.0/24` fails: | Service | IP Address | Port | Purpose | |---------|------------|------|---------| | UDM Pro | 192.168.11.1 | 443 | Gateway/Management | -| Omada Controller | 192.168.11.8 | 8043 | Network Controller | +| *(historical)* Omada Controller | 192.168.11.8 | 8043 | Retired reference only; not part of the active edge path | --- diff --git a/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md b/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md index c5399da7..0a782840 100644 --- a/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md +++ b/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md @@ -1,5 +1,7 @@ # Cloudflare DNS Configuration for Specific Services +> Historical note: This guide preserves an older service map in which the public RPC lane was VMID `2502`. Keep it as Cloudflare workflow history. The current public RPC lane is VMID `2201` (`192.168.11.221`), with current mappings documented in `docs/04-configuration/RPC_ENDPOINTS_MASTER.md` and `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2025-01-20 **Document Version:** 1.0 **Status:** Service-Specific DNS Mapping @@ -597,4 +599,3 @@ curl -I https://webmail.yourdomain.com **Maintained By:** Infrastructure Team **Last Updated:** 2025-01-20 **Next Update:** After Solace container details are confirmed - diff --git a/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md b/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md index b5016f30..50e30b7a 100644 --- a/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md +++ b/docs/04-configuration/cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md @@ -1,5 +1,7 @@ # Cloudflare DNS Mapping to Proxmox LXC Containers +> Historical note: This container-mapping guide preserves older `2500`-series RPC examples from the early Cloudflare-tunnel rollout. Use it for workflow reference only. For live RPC/container mappings, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `docs/04-configuration/RPC_ENDPOINTS_MASTER.md`. + **Last Updated:** 2025-01-20 **Document Version:** 1.0 **Status:** Implementation Guide @@ -589,4 +591,3 @@ pct exec -- curl http://: **Maintained By:** Infrastructure Team **Review Cycle:** Quarterly **Last Updated:** 2025-01-20 - diff --git a/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_QUICK_SETUP.md b/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_QUICK_SETUP.md index ba90df9a..fc335a02 100644 --- a/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_QUICK_SETUP.md +++ b/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_QUICK_SETUP.md @@ -1,5 +1,7 @@ # Cloudflare Tunnel Quick Setup Guide +> Historical note: This quick-start preserves the original tunnel cutover plan using `2501/2502`. Current live tunnel/backends are `2201` for public RPC and `2101` for core/private RPC. Use the current RPC docs for active targets. + **Last Updated:** 2025-12-21 **Status:** Step-by-Step Setup @@ -8,7 +10,7 @@ ## Current Status ✅ **cloudflared installed** on VMID 102 (version 2025.11.1) -✅ **Nginx configured** on RPC containers (2501, 2502) with SSL on port 443 +✅ **Nginx configured** on the RPC lanes used for public/core access, with SSL on port 443 ⚠️ **cloudflared currently running as DoH proxy** (needs to be reconfigured as tunnel) --- @@ -73,10 +75,10 @@ After the tunnel service is running, configure the routes: | Subdomain | Domain | Service | Type | |-----------|--------|---------|------| - | `rpc-http-pub` | `d-bis.org` | `https://192.168.11.251:443` | HTTP | - | `rpc-ws-pub` | `d-bis.org` | `https://192.168.11.251:443` | HTTP | - | `rpc-http-prv` | `d-bis.org` | `https://192.168.11.252:443` | HTTP | - | `rpc-ws-prv` | `d-bis.org` | `https://192.168.11.252:443` | HTTP | + | `rpc-http-pub` | `d-bis.org` | `https://192.168.11.221:443` | HTTP | + | `rpc-ws-pub` | `d-bis.org` | `https://192.168.11.221:443` | HTTP | + | `rpc-http-prv` | `d-bis.org` | `https://192.168.11.211:443` | HTTP | + | `rpc-ws-prv` | `d-bis.org` | `https://192.168.11.211:443` | HTTP | **For WebSocket endpoints, also enable:** - ✅ **WebSocket** (if available in the UI) @@ -92,10 +94,10 @@ After the tunnel service is running, configure the routes: - Go to **DNS** → **Records** 2. **Delete Existing A Records** (if any): - - `rpc-http-pub` → A → 192.168.11.251 - - `rpc-ws-pub` → A → 192.168.11.251 - - `rpc-http-prv` → A → 192.168.11.252 - - `rpc-ws-prv` → A → 192.168.11.252 + - `rpc-http-pub` → A → 192.168.11.221 + - `rpc-ws-pub` → A → 192.168.11.221 + - `rpc-http-prv` → A → 192.168.11.211 + - `rpc-ws-prv` → A → 192.168.11.211 3. **Create CNAME Records:** @@ -192,9 +194,9 @@ ssh root@192.168.11.10 "pct exec 102 -- journalctl -u cloudflared -n 50 --no-pag ### Connection Timeout **Check:** -- Nginx is running: `pct exec 2501 -- systemctl status nginx` -- Port 443 is listening: `pct exec 2501 -- ss -tuln | grep 443` -- Test direct connection: `curl -k https://192.168.11.251/health` +- Nginx is running: `pct exec 2201 -- systemctl status nginx` +- Port 443 is listening: `pct exec 2201 -- ss -tuln | grep 443` +- Test direct connection: `curl -k https://192.168.11.221/health` --- @@ -229,7 +231,7 @@ curl https://rpc-http-pub.d-bis.org/health ``` Internet → Cloudflare DNS → Cloudflare Tunnel → cloudflared (VMID 102) - → Nginx (2501/2502:443) → Besu RPC (8545/8546) + → Nginx (2201/2101:443) → Besu RPC (8545/8546) ``` --- @@ -249,4 +251,3 @@ Internet → Cloudflare DNS → Cloudflare Tunnel → cloudflared (VMID 102) - [CLOUDFLARE_TUNNEL_RPC_SETUP.md](CLOUDFLARE_TUNNEL_RPC_SETUP.md) - Detailed setup guide - [RPC_DNS_CONFIGURATION.md](../RPC_DNS_CONFIGURATION.md) - Direct DNS configuration - [CLOUDFLARE_DNS_TO_CONTAINERS.md](CLOUDFLARE_DNS_TO_CONTAINERS.md) - General tunnel guide - diff --git a/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_RPC_SETUP.md b/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_RPC_SETUP.md index 06d28695..a99b6107 100644 --- a/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_RPC_SETUP.md +++ b/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_RPC_SETUP.md @@ -1,5 +1,7 @@ # Cloudflare Tunnel Setup for RPC Endpoints +> Historical note: This tunnel setup guide preserves the original `2501/2502` cutover examples. Current live public/core RPC backends are `2201` (`192.168.11.221`) and `2101` (`192.168.11.211`). Treat the lower host-specific examples as historical unless they already match those values. + **Last Updated:** 2025-12-21 **Status:** Configuration Guide @@ -42,7 +44,7 @@ Internet → Cloudflare → Tunnel → cloudflared → nginx-proxy-manager → N ## Prerequisites -1. ✅ **Nginx installed** on RPC containers (2501, 2502) - Already done +1. ✅ **Nginx installed** on the active public/core RPC lanes - Already done 2. ✅ **SSL certificates** configured - Already done 3. **Cloudflare account** with Zero Trust enabled 4. **Domain** `d-bis.org` managed by Cloudflare @@ -516,4 +518,3 @@ rpc-ws-prv.d-bis.org → CNAME → .cfargotunnel.com (🟠 Proxied) - [RPC_DNS_CONFIGURATION.md](../RPC_DNS_CONFIGURATION.md) - Direct DNS configuration - [CLOUDFLARE_DNS_TO_CONTAINERS.md](CLOUDFLARE_DNS_TO_CONTAINERS.md) - General tunnel setup - [CLOUDFLARE_NGINX_INTEGRATION.md](../../05-network/CLOUDFLARE_NGINX_INTEGRATION.md) - Nginx integration - diff --git a/docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md b/docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md index 882d8fbf..4bbf190b 100644 --- a/docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md +++ b/docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md @@ -92,9 +92,9 @@ See also: [RPC_CORE_2_NATHAN_SFVALLEY2_TUNNEL.md](RPC_CORE_2_NATHAN_SFVALLEY2_TU | rpc-alltra.d-bis.org, rpc-alltra-2, rpc-alltra-3 | .172, .173, .174 | 8545 | Yes | | rpc-hybx.d-bis.org, rpc-hybx-2, rpc-hybx-3 | .246, .247, .248 | 8545 | Yes | | cacti-alltra.d-bis.org, cacti-hybx.d-bis.org | .177, .251 | 80 | Yes | -| firefly-alltra-1, firefly-alltra-2, firefly-hybx-1, firefly-hybx-2 | .175, .176, .249, .250 | 80 | **Add route** for each | -| fabric-alltra, indy-alltra, fabric-hybx, indy-hybx | .178, .179, .252, .253 | 80 | **Add route** for each | +| firefly-alltra-1, firefly-alltra-2, firefly-hybx-1, firefly-hybx-2 | .175, .176, .249, .250 | 80 | Placeholder only; add routes only after the HTTP listener is deployed | +| fabric-alltra, indy-alltra, fabric-hybx, indy-hybx | .178, .179, .252, .253 | 80 | Placeholder only; add routes only after the real web port is confirmed | **Cloudflare:** For each hostname above that you want public, in **sfvalley02** → **Published application routes** → **+ Add a published application route**: set **Published application route** = hostname, **Path** = `*`, **Service** = `https://192.168.11.169:443`, **No TLS Verify**. Then add a **DNS CNAME** for that hostname → `.cfargotunnel.com`. -**NPMplus:** Run `./scripts/nginx-proxy-manager/run-update-npmplus-alltra-hybx-via-ssh.sh` from repo root; it adds or updates all proxy hosts (RPC, Cacti, Firefly, Fabric, Indy). Adjust Firefly/Fabric/Indy ports in the third NPMplus UI if your backends use something other than 80. +**NPMplus:** Run `./scripts/nginx-proxy-manager/run-update-npmplus-alltra-hybx-via-ssh.sh` from repo root; it adds or updates the active RPC and Cacti proxy hosts by default. Only include Firefly/Fabric/Indy after deployment with `INCLUDE_PLACEHOLDER_HOSTS=1`, and adjust their ports in the third NPMplus UI if the web listener is not on `80`. diff --git a/docs/04-configuration/cloudflare/TUNNEL_ALLTRA_HYBX_INSTALL.md b/docs/04-configuration/cloudflare/TUNNEL_ALLTRA_HYBX_INSTALL.md index 2ec7829f..a34b6b2f 100644 --- a/docs/04-configuration/cloudflare/TUNNEL_ALLTRA_HYBX_INSTALL.md +++ b/docs/04-configuration/cloudflare/TUNNEL_ALLTRA_HYBX_INSTALL.md @@ -53,7 +53,9 @@ If using the existing sfvalley01 tunnel, add Public Hostnames for Alltra/HYBX do Example hostnames (define actual domains per NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md): - `rpc-alltra.d-bis.org` → https://192.168.11.169:443 - `rpc-hybx.d-bis.org` → https://192.168.11.169:443 -- `cacti-alltra.*`, `cacti-hybx.*`, `firefly-alltra-*`, etc. +- `cacti-alltra.*`, `cacti-hybx.*` + +Only add Firefly / Fabric / Indy hostnames after their real HTTP listener is deployed. The repo helpers now exclude those placeholder surfaces by default until the service is actually live. **Note:** sfvalley01 currently targets 192.168.11.167 for the 6 core RPC hostnames. Alltra/HYBX hostnames use a different origin (192.168.11.169). diff --git a/docs/04-configuration/metamask/DUAL_CHAIN_NETWORKS.json b/docs/04-configuration/metamask/DUAL_CHAIN_NETWORKS.json index b653317a..60e9c043 100644 --- a/docs/04-configuration/metamask/DUAL_CHAIN_NETWORKS.json +++ b/docs/04-configuration/metamask/DUAL_CHAIN_NETWORKS.json @@ -1,10 +1,14 @@ { "name": "MetaMask Multi-Chain Networks (13 chains)", "version": {"major": 1, "minor": 2, "patch": 0}, + "defaultChainId": 138, + "explorerUrl": "https://explorer.d-bis.org", + "tokenListUrl": "https://explorer.d-bis.org/api/config/token-list", + "generatedBy": "SolaceScanScout", "chains": [ - {"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}, - {"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}, - {"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}, + {"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false}, + {"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false}, + {"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false}, {"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]}, {"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}, {"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}, diff --git a/docs/04-configuration/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json b/docs/04-configuration/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json index 508e69e9..0c466d2c 100644 --- a/docs/04-configuration/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json +++ b/docs/04-configuration/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json @@ -1,859 +1,3073 @@ { -"name": "Multi-Chain Token List (13 chains, 138 base)", -"version": { -"major": 1, -"minor": 3, -"patch": 0 -}, -"timestamp": "2026-02-28T00:00:00.000Z", -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tokens": [ -{ -"chainId": 138, -"address": "0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6", -"name": "ETH/USD Price Feed", -"symbol": "ETH-USD", -"decimals": 8, -"logoURI": "https://ipfs.io/ipfs/QmPZuycjyJEe2otREuQ5HirvPJ8X6Yc6MBtwz1VhdD79pY", -"tags": [ -"oracle", -"price-feed" -] -}, -{ -"chainId": 138, -"address": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 138, -"address": "0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9F", -"name": "Wrapped Ether v10", -"symbol": "WETH10", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmanDFPHxnbKd6SSNzzXHf9GbpL9dLXSphxDZSPPYE6ds4", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 138, -"address": "0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 138, -"address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", -"name": "Compliant Tether USD", -"symbol": "cUSDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi", -"compliant" -] -}, -{ -"chainId": 138, -"address": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", -"name": "Compliant USD Coin", -"symbol": "cUSDC", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmNPq4D5JXzurmi9jAhogVMzhAQRk1PZ1r9H3qQUV9gjDm", -"tags": [ -"stablecoin", -"defi", -"compliant" -] -}, -{ -"chainId": 1, -"address": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 1, -"address": "0xdAC17F958D2ee523a2206206994597C13D831ec7", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 1, -"address": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 1, -"address": "0x514910771AF9Ca656af840dff83E8264EcF986CA", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 1, -"address": "0x6B175474E89094C44Da98b954EedeAC495271d0F", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 1, -"address": "0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419", -"name": "ETH/USD Price Feed", -"symbol": "ETH-USD", -"decimals": 8, -"logoURI": "https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png", -"tags": [ -"oracle", -"price-feed" -] -}, -{ -"chainId": 651940, -"address": "0xa95EeD79f84E6A0151eaEb9d441F9Ffd50e8e881", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 651940, -"address": "0x015B1897Ed5279930bC2Be46F661894d219292A6", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 25, -"address": "0xc21223249CA28397B4B6541dfFaEcC539BfF0c59", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 25, -"address": "0x66e4286603D22FF153A6547700f37C7Eae42F8E2", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 25, -"address": "0x99B3511A2d315A497C8112C1fdd8D508d4B1E506", -"name": "Wrapped Ether (WETH9)", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 25, -"address": "0x3304b747E565a97ec8AC220b0B6A1f6ffDB837e6", -"name": "Wrapped Ether v10", -"symbol": "WETH10", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmanDFPHxnbKd6SSNzzXHf9GbpL9dLXSphxDZSPPYE6ds4", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 25, -"address": "0x8c80A01F461f297Df7F9DA3A4f740D7297C8Ac85", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 25, -"address": "0x948690147D2e50ffe50C5d38C14125aD6a9FA036", -"name": "USD W Token", -"symbol": "USDW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/QmNPq4D5JXzurmi9jAhogVMzhAQRk1PZ1r9H3qQUV9gjDm", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 25, -"address": "0x58a8D8F78F1B65c06dAd7542eC46b299629A60dd", -"name": "EUR W Token", -"symbol": "EURW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/QmPh16PY241zNtePyeK7ep1uf1RcARV2ynGAuRU8U7sSqS", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 25, -"address": "0xFb4B6Cc81211F7d886950158294A44C312abCA29", -"name": "GBP W Token", -"symbol": "GBPW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/QmT2nJ6WyhYBCsYJ6NfS1BPAqiGKkCEuMxiC8ye93Co1hF", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 25, -"address": "0xf9f5D0ACD71C76F9476F10B3F3d3E201F0883C68", -"name": "AUD W Token", -"symbol": "AUDW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 25, -"address": "0xeE17bB0322383fecCA2784fbE2d4CD7d02b1905B", -"name": "JPY W Token", -"symbol": "JPYW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 25, -"address": "0xc9750828124D4c10e7a6f4B655cA8487bD3842EB", -"name": "CHF W Token", -"symbol": "CHFW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 25, -"address": "0x328Cd365Bb35524297E68ED28c6fF2C9557d1363", -"name": "CAD W Token", -"symbol": "CADW", -"decimals": 2, -"logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", -"tags": [ -"stablecoin", -"iso4217w" -] -}, -{ -"chainId": 56, -"address": "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 56, -"address": "0x55d398326f99059fF775485246999027B3197955", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 56, -"address": "0x2170Ed0880ac9A755fd29B2688956BD959F933F8", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 56, -"address": "0x404460C6A5EdE2D891e8297795264fDe62ADBB75", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 56, -"address": "0x1AF3F329e8BE154074D8769D1FFa4eE058B1DBc3", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 100, -"address": "0xDDAfbb505ad214D7b80b1f830fcCc89B60fb7A83", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 100, -"address": "0x4ECaBa5870353805a9F068101A40E0f32ed605C6", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 100, -"address": "0x6A023CCd1ff6F2045C3309768eAd9E68F978f6e1", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 100, -"address": "0xE2e73A1c69ecF83F464EFCE6A5be353a37cA09b2", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 100, -"address": "0xe91D153E0b41518A2Ce8Dd3D7944Fa863463a97d", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 137, -"address": "0x3c499c542cEF5E3811e1192ce70d8cC03d5c1369", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 137, -"address": "0xc2132D05D31c914a87C6611C10748AEb04B58e8F", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 137, -"address": "0x7ceB23fD6bC0adD59E62ac25578270cFf1b9f619", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 137, -"address": "0xb0897686c545045aFc77CF20eC7A532E3120E0F1", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 137, -"address": "0x8f3Cf7ad23Cd3CaDbD9735AFf958023239c6A063", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 10, -"address": "0x0b2C639c533813f4Aa9D7837CAf62653d097Ff85", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 10, -"address": "0x94b008aA00579c1307B0EF2c499aD98a8ce58e58", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 10, -"address": "0x4200000000000000000000000000000000000006", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 10, -"address": "0x350a791Bfc2C21F9Ed5d10980Dad2e2638ffa7f6", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 10, -"address": "0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 42161, -"address": "0xaf88d065e77c8cC2239327C5EDb3A432268e5831", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 42161, -"address": "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 42161, -"address": "0x82aF49447D8a07e3bd95BD0d56f35241523fBab1", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 42161, -"address": "0xf97f4df75117a78c1A5a0DBb814Af92458539FB4", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 42161, -"address": "0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 8453, -"address": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 8453, -"address": "0xfde4C96c8593536E31F229EA8f37b2ADa2699bb2", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 8453, -"address": "0x4200000000000000000000000000000000000006", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 8453, -"address": "0x88Fb150BDc53A65fe94Dea0c9BA0a6dAf8C6e196", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 8453, -"address": "0x50c5725949A6F0c72E6C4a641F24049A917DB0Cb", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 43114, -"address": "0xB97EF9Ef8734C71904D8002F8b6Bc66Dd9c48a6E", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 43114, -"address": "0x9702230A8Ea53601f5cD2dc00fDBc13d4dF4A8c7", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 43114, -"address": "0x49D5c2BdFfac6CE2BFdB6640F4F80f226bc10bAB", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 43114, -"address": "0x5947BB275c521040051D82396192181b413227A3", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 43114, -"address": "0xd586E7F844cEa2F87f50152665BCbc2C279D8d70", -"name": "Dai Stablecoin", -"symbol": "DAI", -"decimals": 18, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 42220, -"address": "0xcebA9300f2b948710d2653dD7B07f33A8B32118C", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 42220, -"address": "0x48065fbBE25f71C9282ddf5e1cD6D6A887483D5e", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 42220, -"address": "0x122013fd7dF1C6F636a5bb8f03108E876548b455", -"name": "Wrapped Ether", -"symbol": "WETH", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", -"tags": [ -"defi", -"wrapped" -] -}, -{ -"chainId": 42220, -"address": "0xd07294e6E917e07dfDcee882dd1e2565085C2ae0", -"name": "Chainlink Token", -"symbol": "LINK", -"decimals": 18, -"logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", -"tags": [ -"defi", -"oracle", -"ccip" -] -}, -{ -"chainId": 1111, -"address": "0xE3F5a90F9cb311505cd691a46596599aA1A0AD7D", -"name": "USD Coin", -"symbol": "USDC", -"decimals": 6, -"logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", -"tags": [ -"stablecoin", -"defi" -] -}, -{ -"chainId": 1111, -"address": "0xA649325Aa7C5093d12D6F98EB4378deAe68CE23F", -"name": "Tether USD", -"symbol": "USDT", -"decimals": 6, -"logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", -"tags": [ -"stablecoin", -"defi" -] + "name": "Multi-Chain Token List (13 chains, 138 base)", + "version": { + "major": 1, + "minor": 3, + "patch": 5 + }, + "timestamp": "2026-04-05T23:30:00.000Z", + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/chain138-list.svg", + "keywords": [ + "chain138", + "defi-oracle-meta", + "multichain", + "metamask", + "wallet" + ], + "tags": { + "defi": { + "name": "DeFi", + "description": "Decentralized Finance tokens" + }, + "bridge": { + "name": "Bridge", + "description": "Tokens bridged to other chains such as Truth Network" + }, + "wrapped": { + "name": "Wrapped", + "description": "Wrapped tokens representing native assets" + }, + "oracle": { + "name": "Oracle", + "description": "Oracle price feed tokens" + }, + "price-feed": { + "name": "Price Feed", + "description": "Price feed oracle tokens" + }, + "stablecoin": { + "name": "Stablecoin", + "description": "Stable value tokens pegged to fiat" + }, + "compliant": { + "name": "Compliant", + "description": "Regulatory compliant assets" + }, + "iso4217w": { + "name": "ISO4217W", + "description": "ISO 4217 compliant wrapped fiat tokens" + }, + "gas-native": { + "name": "Gas Native", + "description": "Gas-native compliant families and wrapped gas mirrors" + } + }, + "extensions": { + "defaultChainId": 138, + "explorerUrl": "https://explorer.d-bis.org", + "networksConfigUrl": "https://explorer.d-bis.org/api/config/networks" + }, + "tokens": [ + { + "chainId": 1, + "address": "0x5020Db641B3Fc0dAbBc0c688C845bc4E3699f35F", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x209FE32fe7B541751D190ae4e50cd005DcF8EDb4", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x0F91C5E6Ddd46403746aAC970D05d70FFe404780", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0xD4aEAa8cD3fB41Dc8437FaC7639B6d91B60A5e8d", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x855d74FFB6CF75721a9bAbc8B2ed35c8119241dC", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0xc074007dc0Bfb384B1cf6426a56287Ed23FE4D52", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x1dDF9970F01c76A692Fdba2706203E6f16e0C46F", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x07EEd0D7dD40984e47B9D3a3bdded1c536435582", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x2de5F116bFcE3d0f922d9C8351e0c5Fc24b9284a", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0xaF5017d0163ecb99D9B5D94e3b4D7b09Af44D8AE", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x572Be0fa8CA0534d642A567CEDb398B771D8a715", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0xACE1DBF857549a11aF1322e1f91F2F64b029c906", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 1, + "address": "0x6B175474E89094C44Da98b954EedeAC495271d0F", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 1, + "address": "0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419", + "name": "ETH/USD Price Feed", + "symbol": "ETH-USD", + "decimals": 8, + "logoURI": "https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png", + "tags": [ + "oracle", + "price-feed" + ] + }, + { + "chainId": 1, + "address": "0x514910771AF9Ca656af840dff83E8264EcF986CA", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 1, + "address": "0xDAe0faFD65385E7775Cf75b1398735155EF6aCD2", + "name": "Truth Network Token", + "symbol": "TRUU", + "decimals": 10, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "bridge" + ] + }, + { + "chainId": 1, + "address": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 1, + "address": "0xdAC17F958D2ee523a2206206994597C13D831ec7", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 1, + "address": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x25603ae4bff0b71d637b3573d1b6657f5f6d17ef", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x9f6d2578003fe04e58a9819a4943732f2a203a61", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x4d9bc6c74ba65e37c4139f0aec9fc5ddff28dcc4", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x4ab39b5bab7b463435209a9039bd40cf241f5a82", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x6f521cd9fcf7884cd4e9486c7790e818638e09dd", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x3f8c409c6072a2b6a4ff17071927ba70f80c725f", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x456373d095d6b9260f01709f93fccf1d8aa14d11", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x8e54c52d34a684e22865ac9f2d7c27c30561a7b9", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x377a5FaA3162b3Fc6f4e267301A3c817bAd18105", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x04B2AE3c3bb3d70Df506FAd8717b0FBFC78ED7E6", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0xddc4063f770f7c49d00b5a10fb552e922aa39b2c", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0x145e8e8c49b6a021969dd9d2c01c8fea44374f61", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 10, + "address": "0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 10, + "address": "0x350a791Bfc2C21F9Ed5d10980Dad2e2638ffa7f6", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 10, + "address": "0x0b2C639c533813f4Aa9D7837CAf62653d097Ff85", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 10, + "address": "0x94b008aA00579c1307B0EF2c499aD98a8ce58e58", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 10, + "address": "0x4200000000000000000000000000000000000006", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0xf9f5D0ACD71C76F9476F10B3F3d3E201F0883C68", + "name": "AUD W Token", + "symbol": "AUDW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0x328Cd365Bb35524297E68ED28c6fF2C9557d1363", + "name": "CAD W Token", + "symbol": "CADW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0xc9750828124D4c10e7a6f4B655cA8487bD3842EB", + "name": "CHF W Token", + "symbol": "CHFW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0xff3084410A732231472Ee9f93F5855dA89CC5254", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x32aD687F24F77bF8C86605c202c829163Ac5Ab36", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0xB55F49D6316322d5caA96D34C6e4b1003BD3E670", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x7574d37F42528B47c88962931e48FC61608a4050", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x9f833b4f1012F52eb3317b09922a79c6EdFca77D", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0xe5c65A76A541368d3061fe9E7A2140cABB903dbF", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0xBb58fa16bAc8E789f09C14243adEE6480D8213A2", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x52aD62B8bD01154e2A4E067F8Dc4144C9988d203", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x932566E5bB6BEBF6B035B94f3DE1f75f126304Ec", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x72948a7a813B60b37Cd0c920C4657DbFF54312b8", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0xf1B771c95573113E993374c0c7cB2dc1a7908B12", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0xD517C0cF7013f988946A468c880Cc9F8e2A4BCbE", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x58a8D8F78F1B65c06dAd7542eC46b299629A60dd", + "name": "EUR W Token", + "symbol": "EURW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/QmPh16PY241zNtePyeK7ep1uf1RcARV2ynGAuRU8U7sSqS", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0xFb4B6Cc81211F7d886950158294A44C312abCA29", + "name": "GBP W Token", + "symbol": "GBPW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/QmT2nJ6WyhYBCsYJ6NfS1BPAqiGKkCEuMxiC8ye93Co1hF", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0xeE17bB0322383fecCA2784fbE2d4CD7d02b1905B", + "name": "JPY W Token", + "symbol": "JPYW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/Qmb9JmuD9ehaQtTLBBZmAoiAbvE53e3FMjkEty8rvbPf9K", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0x8c80A01F461f297Df7F9DA3A4f740D7297C8Ac85", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 25, + "address": "0xc21223249CA28397B4B6541dfFaEcC539BfF0c59", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 25, + "address": "0x66e4286603D22FF153A6547700f37C7Eae42F8E2", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 25, + "address": "0x948690147D2e50ffe50C5d38C14125aD6a9FA036", + "name": "USD W Token", + "symbol": "USDW", + "decimals": 2, + "logoURI": "https://ipfs.io/ipfs/QmNPq4D5JXzurmi9jAhogVMzhAQRk1PZ1r9H3qQUV9gjDm", + "tags": [ + "stablecoin", + "iso4217w" + ] + }, + { + "chainId": 25, + "address": "0x99B3511A2d315A497C8112C1fdd8D508d4B1E506", + "name": "Wrapped Ether (WETH9)", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 25, + "address": "0x3304b747E565a97ec8AC220b0B6A1f6ffDB837e6", + "name": "Wrapped Ether v10", + "symbol": "WETH10", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmanDFPHxnbKd6SSNzzXHf9GbpL9dLXSphxDZSPPYE6ds4", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x7062f35567BBAb4d98dc33af03B0d14Df42294D5", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x9AE7a6B311584D60Fa93f973950d609061875775", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0xD9f8710caeeBA3b3D423D7D14a918701426B5ef3", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x50b073d0D1D2f002745cb9FC28a057d5be84911c", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x1ED9E491A5eCd53BeF21962A5FCE24880264F63f", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x8b6EE72001cAFcb21D56a6c4686D6Db951d499A6", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0xA6eFb8783C8ad2740ec880e46D4f7E608E893B1B", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x5fbCE65524211BC1bFb0309fd9EE09E786c6D097", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x5355148C4740fcc3D7a96F05EdD89AB14851206b", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x9a1D0dBEE997929ED02fD19E0E199704d20914dB", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0xCB145bA9A370681e3545F60e55621eBf218B1031", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x73E0CF8BF861D376B3a4C87c136F975027f045ff", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 56, + "address": "0x1AF3F329e8BE154074D8769D1FFa4eE058B1DBc3", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 56, + "address": "0x404460C6A5EdE2D891e8297795264fDe62ADBB75", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 56, + "address": "0x8AC76a51cc950d9822D68b83fE1Ad97B32Cd580d", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 56, + "address": "0x55d398326f99059fF775485246999027B3197955", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 56, + "address": "0x2170Ed0880ac9A755fd29B2688956BD959F933F8", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0xddc4063f770f7c49d00b5a10fb552e922aa39b2c", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0xa7133c78e0ec74503a5941bcbd44257615b6b4f6", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x46d90d7947f1139477c206c39268923b99cf09e4", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x25603ae4bff0b71d637b3573d1b6657f5f6d17ef", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x8e54c52d34a684e22865ac9f2d7c27c30561a7b9", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x4d9bc6c74ba65e37c4139f0aec9fc5ddff28dcc4", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x9f6d2578003fe04e58a9819a4943732f2a203a61", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x145e8e8c49b6a021969dd9d2c01c8fea44374f61", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0xd6969bC19b53f866C64f2148aE271B2Dae0C58E4", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x0cb0192C056aa425C557BdeAD8E56C7eEabf7acF", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0x23873b85cfeb343eb952618e8c9e9bfb7f6a0d45", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0xc6189d404dc60cae7b48e2190e44770a03193e5f", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 100, + "address": "0xe91D153E0b41518A2Ce8Dd3D7944Fa863463a97d", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 100, + "address": "0xE2e73A1c69ecF83F464EFCE6A5be353a37cA09b2", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 100, + "address": "0xDDAfbb505ad214D7b80b1f830fcCc89B60fb7A83", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 100, + "address": "0x4ECaBa5870353805a9F068101A40E0f32ed605C6", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 100, + "address": "0x6A023CCd1ff6F2045C3309768eAd9E68F978f6e1", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0xFb4B6Cc81211F7d886950158294A44C312abCA29", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0xc9750828124D4c10e7a6f4B655cA8487bD3842EB", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0xeE17bB0322383fecCA2784fbE2d4CD7d02b1905B", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x3CD9ee18db7ad13616FCC1c83bC6098e03968E66", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0xBeF5A0Bcc0E77740c910f197138cdD90F98d2427", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x948690147D2e50ffe50C5d38C14125aD6a9FA036", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x58a8D8F78F1B65c06dAd7542eC46b299629A60dd", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0xf9f5D0ACD71C76F9476F10B3F3d3E201F0883C68", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0xd6969bC19b53f866C64f2148aE271B2Dae0C58E4", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x0cb0192C056aa425C557BdeAD8E56C7eEabf7acF", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x328Cd365Bb35524297E68ED28c6fF2C9557d1363", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x9e6044d730d4183bF7a666293d257d035Fba6d44", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 137, + "address": "0x8f3Cf7ad23Cd3CaDbD9735AFf958023239c6A063", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 137, + "address": "0xb0897686c545045aFc77CF20eC7A532E3120E0F1", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 137, + "address": "0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 137, + "address": "0xc2132D05D31c914a87C6611C10748AEb04B58e8F", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 137, + "address": "0x7ceB23fD6bC0adD59E62ac25578270cFf1b9f619", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 138, + "address": "0xD51482e567c03899eecE3CAe8a058161FD56069D", + "name": "Australian Dollar (Compliant)", + "symbol": "cAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x54dBd40cF05e15906A2C21f600937e96787f5679", + "name": "Canadian Dollar (Compliant)", + "symbol": "cCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x873990849DDa5117d7C644f0aF24370797C03885", + "name": "Swiss Franc (Compliant)", + "symbol": "cCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x8085961F9cF02b4d800A3c6d386D31da4B34266a", + "name": "Euro Coin (Compliant)", + "symbol": "cEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0xdf4b71c61E5912712C1Bdd451416B9aC26949d72", + "name": "Tether EUR (Compliant)", + "symbol": "cEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x003960f16D9d34F2e98d62723B6721Fb92074aD2", + "name": "Pound Sterling (Compliant)", + "symbol": "cGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x350f54e4D23795f86A9c03988c7135357CCaD97c", + "name": "Tether GBP (Compliant)", + "symbol": "cGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0xEe269e1226a334182aace90056EE4ee5Cc8A6770", + "name": "Japanese Yen (Compliant)", + "symbol": "cJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "name": "Compliant USD Coin", + "symbol": "cUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "name": "Compliant Tether USD", + "symbol": "cUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant" + ] + }, + { + "chainId": 138, + "address": "0x290E52a8819A4fbD0714E517225429aA2B70EC6b", + "name": "Gold (Compliant)", + "symbol": "cXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant" + ], + "extensions": { + "unitOfAccount": "troy_ounce", + "unitDescription": "1 full token (10^decimals base units) = 1 troy oz fine gold" + } + }, + { + "chainId": 138, + "address": "0x94e408E26c6FD8F4ee00b54dF19082FDA07dC96E", + "name": "Tether XAU (Compliant)", + "symbol": "cXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant" + ], + "extensions": { + "unitOfAccount": "troy_ounce", + "unitDescription": "1 full token (10^decimals base units) = 1 troy oz fine gold" + } + }, + { + "chainId": 138, + "address": "0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6", + "name": "ETH/USD Price Feed", + "symbol": "ETH-USD", + "decimals": 8, + "logoURI": "https://ipfs.io/ipfs/QmPZuycjyJEe2otREuQ5HirvPJ8X6Yc6MBtwz1VhdD79pY", + "tags": [ + "oracle", + "price-feed" + ] + }, + { + "chainId": 138, + "address": "0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 138, + "address": "0x71D6687F38b93CCad569Fa6352c876eea967201b", + "name": "USD Coin (Official Mirror)", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 138, + "address": "0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1", + "name": "Tether USD (Official Mirror)", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xdAC17F958D2ee523a2206206994597C13D831ec7/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 138, + "address": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 138, + "address": "0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9F", + "name": "Wrapped Ether v10", + "symbol": "WETH10", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmanDFPHxnbKd6SSNzzXHf9GbpL9dLXSphxDZSPPYE6ds4", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 1111, + "address": "0xE3F5a90F9cb311505cd691a46596599aA1A0AD7D", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 1111, + "address": "0xA649325Aa7C5093d12D6F98EB4378deAe68CE23F", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 8453, + "address": "0xa846aead3071df1b6439d5d813156ace7c2c1da1", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0xdc383c489533a4dd9a6bd3007386e25d5078b878", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0xc1535e88578d984f12eab55863376b8d8b9fb05a", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0xcb145ba9a370681e3545f60e55621ebf218b1031", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x73e0cf8bf861d376b3a4c87c136f975027f045ff", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x2a0023ad5ce1ac6072b454575996dffb1bb11b16", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x22b98130ab4d9c355512b25ade4c35e75a4e7e89", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x29828e9ab2057cd3df3c9211455ae1f76e53d2af", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x377a5FaA3162b3Fc6f4e267301A3c817bAd18105", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x04B2AE3c3bb3d70Df506FAd8717b0FBFC78ED7E6", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x7e4b4682453bcce19ec903fb69153d3031986bc4", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0xcc6ae6016d564e9ab82aaff44d65e05a9b18951c", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 8453, + "address": "0x50c5725949A6F0c72E6C4a641F24049A917DB0Cb", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 8453, + "address": "0x88Fb150BDc53A65fe94Dea0c9BA0a6dAf8C6e196", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 8453, + "address": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 8453, + "address": "0xfde4C96c8593536E31F229EA8f37b2ADa2699bb2", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 8453, + "address": "0x4200000000000000000000000000000000000006", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0xc1535e88578d984f12eab55863376b8d8b9fb05a", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0xcc6ae6016d564e9ab82aaff44d65e05a9b18951c", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x7e4b4682453bcce19ec903fb69153d3031986bc4", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x2a0023ad5ce1ac6072b454575996dffb1bb11b16", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x22b98130ab4d9c355512b25ade4c35e75a4e7e89", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0xa846aead3071df1b6439d5d813156ace7c2c1da1", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x29828e9ab2057cd3df3c9211455ae1f76e53d2af", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0xdc383c489533a4dd9a6bd3007386e25d5078b878", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x0cb0192C056aa425C557BdeAD8E56C7eEabf7acF", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x73ADaF7dBa95221c080db5631466d2bC54f6a76B", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0xa7762b63c4871581885ad17c5714ebb286a7480b", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0x66568899ffe8f00b25dc470e878b65a478994e76", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 42161, + "address": "0xDA10009cBd5D07dd0CeCc66161FC93D7c9000da1", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 42161, + "address": "0xf97f4df75117a78c1A5a0DBb814Af92458539FB4", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 42161, + "address": "0xaf88d065e77c8cC2239327C5EDb3A432268e5831", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 42161, + "address": "0xFd086bC7CD5C481DCC9C85ebE478A1C0b69FCbb9", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 42161, + "address": "0x82aF49447D8a07e3bd95BD0d56f35241523fBab1", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 42220, + "address": "0xd07294e6E917e07dfDcee882dd1e2565085C2ae0", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 42220, + "address": "0xcebA9300f2b948710d2653dD7B07f33A8B32118C", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 42220, + "address": "0x48065fbBE25f71C9282ddf5e1cD6D6A887483D5e", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 42220, + "address": "0x122013fd7dF1C6F636a5bb8f03108E876548b455", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x04e1e22b0d41e99f4275bd40a50480219bc9a223", + "name": "Australian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWAUDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cAUDC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x1872e033b30f3ce0498847926857433e0146394e", + "name": "Canadian Dollar (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCADC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCADC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0xc2fa05f12a75ac84ea778af9d6935ca807275e55", + "name": "Swiss Franc (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWCHFC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cCHFC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x84353ed1f0c7a703a17abad19b0db15bc9a5e3e5", + "name": "Euro Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0xfc7d256e48253f7a7e08f0e55b9ff7039eb2524c", + "name": "Tether EUR (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWEURT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cEURT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0xbdf0c4ea1d81e8e769b0f41389a2c733e3ff723e", + "name": "Pound Sterling (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x4611d3424e059392a52b957e508273bc761c80f2", + "name": "Tether GBP (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWGBPT", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cGBPT.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x3714b1a312e0916c7dcdc4edf480fc0339e59a59", + "name": "Japanese Yen (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWJPYC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/Order-of-Hospitallers/proxmox-cp/main/token-lists/logos/gru/cJPYC.svg", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x0C242b513008Cd49C89078F5aFb237A3112251EB", + "name": "USD Coin (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDC.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x8142BA530B08f3950128601F00DaaA678213DFdf", + "name": "Tether USD (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWUSDT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cUSDT.png", + "tags": [ + "stablecoin", + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0x4f95297c23d9f4a1032b1c6a2e553225cb175bee", + "name": "Gold (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUC", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUC.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0xd2b4dbf2f6bd6704e066d752eec61fb0be953fd3", + "name": "Tether XAU (Compliant Wrapped ISO-4217 M1)", + "symbol": "cWXAUT", + "decimals": 6, + "logoURI": "https://explorer.d-bis.org/token-icons/cXAUT.png", + "tags": [ + "defi", + "compliant", + "wrapped" + ] + }, + { + "chainId": 43114, + "address": "0xd586E7F844cEa2F87f50152665BCbc2C279D8d70", + "name": "Dai Stablecoin", + "symbol": "DAI", + "decimals": 18, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0x6B175474E89094C44Da98b954EedeAC495271d0F/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 43114, + "address": "0x5947BB275c521040051D82396192181b413227A3", + "name": "Chainlink Token", + "symbol": "LINK", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/QmenWcmfNGfssz4HXvrRV912eZDiKqLTt6z2brRYuTGz9A", + "tags": [ + "defi", + "oracle", + "ccip" + ] + }, + { + "chainId": 43114, + "address": "0xB97EF9Ef8734C71904D8002F8b6Bc66Dd9c48a6E", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 43114, + "address": "0x9702230A8Ea53601f5cD2dc00fDBc13d4dF4A8c7", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 43114, + "address": "0x49D5c2BdFfac6CE2BFdB6640F4F80f226bc10bAB", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 651940, + "address": "0xa95EeD79f84E6A0151eaEb9d441F9Ffd50e8e881", + "name": "USD Coin", + "symbol": "USDC", + "decimals": 6, + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/assets/0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48/logo.png", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 651940, + "address": "0x015B1897Ed5279930bC2Be46F661894d219292A6", + "name": "Tether USD", + "symbol": "USDT", + "decimals": 6, + "logoURI": "https://ipfs.io/ipfs/QmRfhPs9DcyFPpGjKwF6CCoVDWUHSxkQR34n9NK7JSbPCP", + "tags": [ + "stablecoin", + "defi" + ] + }, + { + "chainId": 651940, + "address": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", + "name": "Wrapped Ether", + "symbol": "WETH", + "decimals": 18, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "wrapped" + ] + }, + { + "chainId": 11155111, + "address": "0x6cAEfA7446E967018330cCeC5BA7A43956a45137", + "name": "Truth Network Token (Sepolia)", + "symbol": "TRUU", + "decimals": 10, + "logoURI": "https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong", + "tags": [ + "defi", + "bridge" + ] + }, + { + "chainId": 138, + "address": "0xf8e9802a1766422e33a269556ad5fc032338eefc", + "name": "Ethereum Mainnet Gas (Compliant)", + "symbol": "cETH", + "familyKey": "eth_mainnet", + "mirroredSymbol": "cWETH", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/info/logo.png", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "eth_mainnet", + "mirroredSymbol": "cWETH", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0x18a6b163d255cc0cb32b99697843b487d059907d", + "name": "Ethereum L2 Gas (Compliant)", + "symbol": "cETHL2", + "familyKey": "eth_l2", + "mirroredSymbol": "cWETHL2", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "eth_l2", + "mirroredSymbol": "cWETHL2", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0x94517875f32680984a5921da7abf78e22f65d70f", + "name": "BNB Gas (Compliant)", + "symbol": "cBNB", + "familyKey": "bnb", + "mirroredSymbol": "cWBNB", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/smartchain/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "bnb", + "mirroredSymbol": "cWBNB", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c", + "name": "Polygon Gas (Compliant)", + "symbol": "cPOL", + "familyKey": "pol", + "mirroredSymbol": "cWPOL", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/polygon/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "pol", + "mirroredSymbol": "cWPOL", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0", + "name": "Avalanche Gas (Compliant)", + "symbol": "cAVAX", + "familyKey": "avax", + "mirroredSymbol": "cWAVAX", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/avalanchec/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "avax", + "mirroredSymbol": "cWAVAX", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0xfb48bb6c623571f9795b535b73f0d660e8643fd4", + "name": "Cronos Gas (Compliant)", + "symbol": "cCRO", + "familyKey": "cro", + "mirroredSymbol": "cWCRO", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/cronos/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "cro", + "mirroredSymbol": "cWCRO", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0xa39a59138f8a45b4a31455875b8a29ff31e76ec8", + "name": "Gnosis Gas (Compliant)", + "symbol": "cXDAI", + "familyKey": "xdai", + "mirroredSymbol": "cWXDAI", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/xdai/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "xdai", + "mirroredSymbol": "cWXDAI", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0x1814661dae0933bf397b1274f5a62411b94195c7", + "name": "Celo Gas (Compliant)", + "symbol": "cCELO", + "familyKey": "celo", + "mirroredSymbol": "cWCELO", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/celo/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "celo", + "mirroredSymbol": "cWCELO", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 138, + "address": "0x4d82206bec5b4dfa17759ffede07e35f4f63a050", + "name": "Wemix Gas (Compliant)", + "symbol": "cWEMIX", + "familyKey": "wemix", + "mirroredSymbol": "cWWEMIX", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/wemix/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "wemix", + "mirroredSymbol": "cWWEMIX", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 1, + "address": "0xf6dc5587e18f27adff60e303fdd98f35b50fa8a5", + "name": "Wrapped Ethereum Mainnet Gas (Compliant)", + "symbol": "cWETH", + "familyKey": "eth_mainnet", + "canonicalSymbol": "cETH", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/info/logo.png", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "eth_mainnet", + "canonicalSymbol": "cETH", + "backingMode": "strict_escrow", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 10, + "address": "0x95007ec50d0766162f77848edf7bdc4eba147fb4", + "name": "Wrapped Ethereum L2 Gas (Compliant)", + "symbol": "cWETHL2", + "familyKey": "eth_l2", + "canonicalSymbol": "cETHL2", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "eth_l2", + "canonicalSymbol": "cETHL2", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 25, + "address": "0x9b10eb0f77c45322dbd1fcb07176fd9a7609c164", + "name": "Wrapped CRO Gas (Compliant)", + "symbol": "cWCRO", + "familyKey": "cro", + "canonicalSymbol": "cCRO", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/cronos/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "cro", + "canonicalSymbol": "cCRO", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 56, + "address": "0x179034a08ac2c9c35d2e41239f68c79dca6f18fa", + "name": "Wrapped BNB Gas (Compliant)", + "symbol": "cWBNB", + "familyKey": "bnb", + "canonicalSymbol": "cBNB", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/smartchain/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "bnb", + "canonicalSymbol": "cBNB", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 100, + "address": "0x9f833b4f1012f52eb3317b09922a79c6edfca77d", + "name": "Wrapped XDAI Gas (Compliant)", + "symbol": "cWXDAI", + "familyKey": "xdai", + "canonicalSymbol": "cXDAI", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/xdai/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "xdai", + "canonicalSymbol": "cXDAI", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 137, + "address": "0x25980244aacecb6d8c4b887261ed27f87cb2fc73", + "name": "Wrapped POL Gas (Compliant)", + "symbol": "cWPOL", + "familyKey": "pol", + "canonicalSymbol": "cPOL", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/polygon/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "pol", + "canonicalSymbol": "cPOL", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 42161, + "address": "0xe27be001bc55cb2a8ed5ba5a62c834ca135244a3", + "name": "Wrapped Ethereum L2 Gas (Compliant)", + "symbol": "cWETHL2", + "familyKey": "eth_l2", + "canonicalSymbol": "cETHL2", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "eth_l2", + "canonicalSymbol": "cETHL2", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 42220, + "address": "0xb0fa7ec4123c7c275b3a89d9239569707ea3c66a", + "name": "Wrapped CELO Gas (Compliant)", + "symbol": "cWCELO", + "familyKey": "celo", + "canonicalSymbol": "cCELO", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/celo/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "celo", + "canonicalSymbol": "cCELO", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 43114, + "address": "0xe1d4aee2ef8f48a20338935188a8fe7f7c7de7d0", + "name": "Wrapped AVAX Gas (Compliant)", + "symbol": "cWAVAX", + "familyKey": "avax", + "canonicalSymbol": "cAVAX", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/avalanchec/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "avax", + "canonicalSymbol": "cAVAX", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_only", + "canonicalChainId": 138, + "wave": "wave1" + } + }, + { + "chainId": 8453, + "address": "0x2a0840e5117683b11682ac46f5cf5621e67269e3", + "name": "Wrapped Ethereum L2 Gas (Compliant)", + "symbol": "cWETHL2", + "familyKey": "eth_l2", + "canonicalSymbol": "cETHL2", + "logoURI": "https://raw.githubusercontent.com/trustwallet/assets/master/blockchains/ethereum/info/logo.png", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "decimals": 18, + "tags": [ + "defi", + "compliant", + "wrapped", + "gas-native" + ], + "extensions": { + "assetClass": "gas_native", + "familyKey": "eth_l2", + "canonicalSymbol": "cETHL2", + "backingMode": "hybrid_cap", + "redeemPolicy": "family_fungible_inventory_gated", + "canonicalChainId": 138, + "wave": "wave1" + } + } + ] } -], -"tags": { -"defi": { -"name": "DeFi", -"description": "Decentralized Finance tokens" -}, -"wrapped": { -"name": "Wrapped", -"description": "Wrapped tokens representing native assets" -}, -"oracle": { -"name": "Oracle", -"description": "Oracle price feed contracts" -}, -"price-feed": { -"name": "Price Feed", -"description": "Price feed oracle contracts" -}, -"stablecoin": { -"name": "Stablecoin", -"description": "Stable value tokens pegged to fiat" -}, -"compliant": { -"name": "Compliant", -"description": "Regulatory compliant tokens" -}, -"iso4217w": { -"name": "ISO4217W", -"description": "ISO 4217 compliant wrapped fiat tokens" -} -} -} \ No newline at end of file diff --git a/docs/04-configuration/metamask/ORACLE_UPDATE_SCRIPT_FIX.md b/docs/04-configuration/metamask/ORACLE_UPDATE_SCRIPT_FIX.md index 1af5046e..4bb07793 100644 --- a/docs/04-configuration/metamask/ORACLE_UPDATE_SCRIPT_FIX.md +++ b/docs/04-configuration/metamask/ORACLE_UPDATE_SCRIPT_FIX.md @@ -1,5 +1,7 @@ # Oracle Update Script Fix +> Historical note: This fix note documents one resolved RPC-endpoint bug in the old script path. The old `192.168.11.250` value is preserved here only as the failing example; the current intended Chain 138 admin/deploy RPC is `http://192.168.11.211:8545`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/04-configuration/naming-conventions/01_UTRNF_REFERENCE.md b/docs/04-configuration/naming-conventions/01_UTRNF_REFERENCE.md index 34ddfdb8..2848cc76 100644 --- a/docs/04-configuration/naming-conventions/01_UTRNF_REFERENCE.md +++ b/docs/04-configuration/naming-conventions/01_UTRNF_REFERENCE.md @@ -1,5 +1,6 @@ # Universal Token Role Naming Framework (UTRNF) — reference +**Last updated:** 2026-03-31 **Status:** Protocol-agnostic reference grammar. For DBIS-specific binding (including `c*` tokens), see [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md). --- @@ -66,7 +67,9 @@ Prefixes are intentionally short for gas efficiency and readability. ``` -Examples: `aUSDC`, `vdETH`, `sdDAI`, `yBTC`, `cWETH`, `lpUSDCETH`, `sUSD`, `xETH`. +Examples: `aUSDC`, `vdETH`, `sdDAI`, `yBTC`, `cDAI` (UTRNF **collateral** on DAI — illustrative only), `lpUSDCETH`, `sUSD`, `xETH`. + +**DBIS collision note:** Third-party UTRNF examples sometimes use **`cWETH`** meaning prefix **`c`** (collateral) + underlying **WETH**. In this repository, symbols beginning **`cW`** denote the **compliant-wrapped** GRU family (`cW*`), not UTRNF collateral-on-WETH. Disambiguate with `(chainId, address)` and registry `tokenRole` / `utrnfRole` — see [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md). **Extended (variant):** @@ -147,7 +150,7 @@ Example triad for `USDC`: `aUSDC`, `vdUSDC`, `sdUSDC`. ## 8. Balance classification logic (prefix detection) -Illustrative parsing (pseudocode): +Illustrative parsing (pseudocode). **Order matters:** test **longest prefixes first** (`vd`, `sd`, `lp`), then shorter ones. ```python if symbol.startswith("vd"): @@ -160,12 +163,23 @@ elif symbol.startswith("a"): classify("asset") elif symbol.startswith("y"): classify("yield") +elif symbol.startswith("i"): + classify("incentive") +elif symbol.startswith("r"): + classify("reserve") +elif symbol.startswith("x"): + classify("wrapped") elif symbol.startswith("s"): classify("synthetic") -# …extend with longest-prefix rules for multi-letter prefixes +elif symbol.startswith("c"): + classify("collateral") # generic UTRNF only; see DBIS caveat below +# …extend for other multi-letter prefixes as your protocol defines them ``` -**Caveat:** In DBIS, symbols beginning with `c` denote **compliant GRU money**, not UTRNF collateral. Use ecosystem-specific mapping (see doc 02) or registry fields. +**Caveats:** + +- In **DBIS / Chain 138**, symbols beginning with **`c`** followed by an ISO-like or fiat ticker (e.g. `cUSDC`) denote **compliant GRU base money**, not UTRNF collateral. **Do not** use the `elif symbol.startswith("c")` branch for those; use ecosystem mapping (see [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md)) or registry fields. +- **`cW*`** in DBIS is the **compliant-wrapped** namespace; it must not be parsed as UTRNF `c` + `W…`. --- @@ -221,6 +235,34 @@ Standardized naming assists wallet auto-classification, risk aggregation, dashbo --- +## 13.1 Security and risk considerations + +Clear naming and registry discipline reduce: + +- **Misclassification** of collateral vs cash vs debt (especially where prefixes collide across ecosystems). +- **Liquidation and risk-engine errors** when balances are aggregated by symbol without `chainId` and address. +- **Oracle and pricing mistakes** when the same ticker maps to different contracts on different chains. +- **UI misreporting** when wallets infer role from a partial prefix (e.g. treating all `c*` as one role). + +Ambiguous or overloaded prefixes are a **systemic risk vector**. Treat naming grammar as operational control, not marketing copy. + +--- + +## 13.2 Example ecosystem snapshot (illustrative) + +Underlyings `USDC`, `ETH`, `WBTC` might surface derived symbols such as: + +```text +aUSDC, vdUSDC, sdUSDC +aETH, vdETH, sdETH +lpUSDCETH, yUSDC +sUSD, rUSDC +``` + +A wallet showing `aUSDC: 5000` and `vdUSDC: 1200` can infer **assets vs variable debt** only if symbols follow the grammar **and** contracts match the registry. **DBIS `c*` cash positions are not inferable from this table** — use [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md). + +--- + ## 14. Implementation phases (reference) Suggested rollout (not a commitment for any single repo): diff --git a/docs/04-configuration/naming-conventions/02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md b/docs/04-configuration/naming-conventions/02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md index 2515ca2e..0ed2ee3c 100644 --- a/docs/04-configuration/naming-conventions/02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md +++ b/docs/04-configuration/naming-conventions/02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md @@ -1,5 +1,6 @@ # DBIS namespace and UTRNF mapping +**Last updated:** 2026-03-31 **Purpose:** Resolve collisions between the Universal Token Role Naming Framework ([01_UTRNF_REFERENCE.md](01_UTRNF_REFERENCE.md)) and DBIS / GRU / Chain 138 conventions. This document is **authoritative** for interpreting symbols in this repository. --- @@ -24,6 +25,7 @@ - **Meaning:** Canonical compliant fiat / commodity-linked GRU tokens (V1 today; V2 evolution per [GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md](../GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md)). - **Examples:** `cUSDC`, `cUSDT`, `cEURC`, `cXAUC`, `cXAUT`. - **Canonical addresses and decimals:** [EXPLORER_TOKEN_LIST_CROSSCHECK.md](../../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md), [ADDRESS_MATRIX_AND_STATUS.md](../../11-references/ADDRESS_MATRIX_AND_STATUS.md). +- **M00 Diamond symbol grammar (facets, `c` / `a` / `d`, `W` rules):** [GRU_M00_DIAMOND_FACET_MAP.md](../GRU_M00_DIAMOND_FACET_MAP.md) — align new symbols with that spec when touching GRU factory / registry facets. ### 2.2 `cW` + suffix (compliant wrapped / bridge side) @@ -60,7 +62,7 @@ When introducing **new** instruments that are not GRU `c*` base money, the follo | UTRNF role | UTRNF prefix | DBIS collision? | Action | |------------|--------------|-----------------|--------| -| Collateral (locked, lending) | `c` | **Yes** | **Do not** map DBIS `cUSDC` to this row. Use `gruCompliantBase` or equivalent registry field. | +| Collateral (locked, lending) | `c` | **Yes** | **Do not** map DBIS `cUSDC` to this row. Set registry **`tokenRole`** to **`gru_compliant_base`** (or your schema’s equivalent) for compliant money; use **`utrnfRole`: `collateral`** only for true UTRNF-style collateral tokens. | | Asset (supplied) | `a` | No | Use if product introduces `a*` tokens. | | Variable / stable debt | `vd` / `sd` | No | Use if debt tokens are deployed. | | Liquidity | `lp` | No | Align with pool naming in docs / aggregators. | diff --git a/docs/04-configuration/naming-conventions/03_BRIDGES_CROSS_CHAIN_NAMING.md b/docs/04-configuration/naming-conventions/03_BRIDGES_CROSS_CHAIN_NAMING.md index 41ac2c64..bd5c220f 100644 --- a/docs/04-configuration/naming-conventions/03_BRIDGES_CROSS_CHAIN_NAMING.md +++ b/docs/04-configuration/naming-conventions/03_BRIDGES_CROSS_CHAIN_NAMING.md @@ -1,5 +1,6 @@ # Bridges and cross-chain naming +**Last updated:** 2026-03-31 **Purpose:** Conventions for naming and identifying assets across chains when using CCIP, wrapped representations, and GRU `c*` / `cW*` transport. Complements [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md). --- @@ -85,10 +86,32 @@ Do not rename canonical `c*` on Chain 138 to match foreign DEX display names wit --- -## 8. Checklist for new bridge assets +## 8. PMM and on-chain liquidity (Chain 138) + +DODO PMM **pool contracts** use **ERC-20 LP semantics**; their **symbols and roles** are defined by the pool implementation and integration (not by the UTRNF `lp` grammar unless you explicitly name them that way off-chain). For **canonical pool addresses, routing, and DODOPMMIntegration**, use: + +- [PMM_DEX_ROUTING_STATUS.md](../../11-references/PMM_DEX_ROUTING_STATUS.md) +- [ADDRESS_MATRIX_AND_STATUS.md](../../11-references/ADDRESS_MATRIX_AND_STATUS.md) + +Resolve any portfolio or analytics **LP position** via **`(chainId, pool address)`** plus protocol metadata, same as bridge endpoints. + +--- + +## 9. Checklist for new bridge assets 1. Assign **logical asset id** and registry row (doc 04). 2. Record **each endpoint** `(chainId, address)` and **mint/burn vs lock/unlock** semantics. 3. Confirm **no collision** with non-canonical tokens on explorers. 4. Update **token lists** and **CONTRACT_ADDRESSES_REFERENCE** when the project declares a new canonical deployment. 5. Document **CCIP lane** or **custom bridge** name in `07-ccip` or deployment notes. + +--- + +## 10. Token-aggregation and public APIs + +Clients that list **tokens, pools, quotes, and bridge routes** should treat **registry and `(chainId, address)`** as authoritative; symbols are for display. Verification and edge checks: + +- `pnpm run verify:token-aggregation-api` (repo root) +- `SKIP_BRIDGE_ROUTES=0 bash scripts/verify/check-public-report-api.sh https://explorer.d-bis.org` (after edge deploy) + +See [AGENTS.md](../../../AGENTS.md) (quick pointers table) and [EXPLORER_TOKEN_LIST_CROSSCHECK.md](../../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md) for canonical Chain 138 token sets. diff --git a/docs/04-configuration/naming-conventions/04_REGISTRY_AND_JSON_FIELDS.md b/docs/04-configuration/naming-conventions/04_REGISTRY_AND_JSON_FIELDS.md index 97c6c50f..c9feb058 100644 --- a/docs/04-configuration/naming-conventions/04_REGISTRY_AND_JSON_FIELDS.md +++ b/docs/04-configuration/naming-conventions/04_REGISTRY_AND_JSON_FIELDS.md @@ -1,8 +1,9 @@ # Registry and JSON fields +**Last updated:** 2026-03-31 **Purpose:** Recommended fields for token and bridge registries so UTRNF-style roles, GRU layers, and cross-chain identity are **machine-readable**. This complements symbols documented in [01_UTRNF_REFERENCE.md](01_UTRNF_REFERENCE.md) and DBIS mapping in [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md). -**Phase 1:** Documentation only; no required change to existing JSON schemas unless a workstream adopts these fields explicitly. +**Schema and examples:** [schemas/token-registry-entry.schema.json](schemas/token-registry-entry.schema.json), [examples/](examples/) — validated by `bash scripts/validation/validate-naming-convention-registry-examples.sh` when `check-jsonschema` is installed. --- @@ -25,11 +26,11 @@ | Field | Type | Description | |-------|------|-------------| | `underlying` | string | Underlying ticker or logical asset (e.g. `USDC`, `XAU`). | -| `utrnfRole` | string | Optional: `asset`, `variable_debt`, `stable_debt`, `yield`, `liquidity`, `synthetic`, `reserve`, `wrapped`, `incentive`, or `none` / `not_applicable`. | -| `tokenRole` | string | DBIS-oriented role: e.g. `gru_compliant_base`, `gru_wrapped`, `dex_lp`, `vault_share`, `bridge_receipt`, `utility`. | +| `utrnfRole` | string | Optional UTRNF classification: `asset`, `variable_debt`, `stable_debt`, `yield`, `liquidity`, `synthetic`, `reserve`, `wrapped`, `incentive`, **`collateral`** (locked lending-style collateral — generic UTRNF), or `none` / `not_applicable`. | +| `tokenRole` | string | DBIS-oriented role: e.g. **`gru_compliant_base`**, `gru_wrapped`, `dex_lp`, `vault_share`, `bridge_receipt`, `utility`. | | `gruAssetClass` | string | Optional refinement for GRU tooling (align with [GRU_STANDARDS_PROFILE.md](../GRU_STANDARDS_PROFILE.md)). | -Use **`tokenRole`** for ecosystem-specific meaning; use **`utrnfRole`** when the instrument aligns with UTRNF grammar. **DBIS `c*` base money** should **not** set `utrnfRole` to `collateral` unless the contract is literally a UTRNF-style collateral token (rare in current GRU base layer). +Use **`tokenRole`** for ecosystem-specific meaning; use **`utrnfRole`** when the instrument aligns with UTRNF grammar. **DBIS `c*` compliant base money** should use **`tokenRole`: `gru_compliant_base`** and typically **`utrnfRole`: `not_applicable`** (or `none`). Reserve **`utrnfRole`: `collateral`** for contracts that are **actually** UTRNF-style collateral tokens, not for `cUSDC` / `cUSDT` on Chain 138. --- @@ -37,7 +38,7 @@ Use **`tokenRole`** for ecosystem-specific meaning; use **`utrnfRole`** when the | Field | Type | Description | |-------|------|-------------| -| `assetId` | string (bytes32 hex or opaque id) | Stable id for the asset family. | +| `assetId` | string | Stable id for the asset family. May be a **0x-prefixed 32-byte hex** (`bytes32`), a **namespaced opaque string** (e.g. `keccak256:GRU:cUSDC` as a convention label — not necessarily an on-chain hash unless your registry defines it that way), or another stable key. Align with [GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md](../GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md) (`keccak256("GRU:cUSDC")` style in prose = logical id; **store the encoding your tooling actually uses**). | | `assetVersionId` | string | Version-specific id (e.g. V1 vs V2 `cUSDC`). | | `forwardCanonical` | boolean | Whether this deployment is the active canonical target for routing. | | `legacyAliases` | array | Optional list of superseded `(chainId, address)` or symbols. | @@ -113,10 +114,13 @@ This mirrors [01_UTRNF_REFERENCE.md](01_UTRNF_REFERENCE.md) section 12. **Only u } ``` -Addresses and `forwardCanonical` must match project canon at time of publication; verify against [EXPLORER_TOKEN_LIST_CROSSCHECK.md](../../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md). +Addresses and `forwardCanonical` must match project canon at time of publication; verify against [EXPLORER_TOKEN_LIST_CROSSCHECK.md](../../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md). The `assetId` string here is a **documentation convention label**; production registries may store `bytes32` or another normalized form — see the **`assetId` row in §3** above. --- -## 9. Validation (future) +## 9. Validation -Optional follow-up: JSON Schema under `config/` and a small validator in `scripts/validation/` to enforce required fields for new registry entries. Not part of the initial documentation drop. +- **Schema:** [schemas/token-registry-entry.schema.json](schemas/token-registry-entry.schema.json) (JSON Schema 2020-12). +- **Examples:** [examples/gru-cusdc-chain138.example.json](examples/gru-cusdc-chain138.example.json), [examples/utrnf-lending-triad.example.json](examples/utrnf-lending-triad.example.json), [examples/utrnf-collateral-placeholder.example.json](examples/utrnf-collateral-placeholder.example.json) (illustrative UTRNF `collateral` — not Chain 138 `c*`). +- **Command:** `bash scripts/validation/validate-naming-convention-registry-examples.sh` + Uses `check-jsonschema` when installed (`pip install check-jsonschema`). With `SCHEMA_STRICT=1`, exits non-zero if the tool is missing. Wired into `scripts/validation/validate-config-files.sh` when strict schema checks run. diff --git a/docs/04-configuration/naming-conventions/README.md b/docs/04-configuration/naming-conventions/README.md index f309b141..847ba583 100644 --- a/docs/04-configuration/naming-conventions/README.md +++ b/docs/04-configuration/naming-conventions/README.md @@ -1,5 +1,6 @@ # Naming conventions (UTRNF, GRU, Chain 138, bridges) +**Last updated:** 2026-04-01 **Purpose:** Canonical grammar for token symbols, financial roles, cross-chain identity, and registry fields across DBIS / GRU / Chain 138 and CCIP-adjacent implementations. **Audience:** Protocol engineers, bridge operators, explorer and token-list maintainers, institutional JSON authors, and auditors. @@ -12,6 +13,11 @@ | [02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md](02_DBIS_NAMESPACE_AND_UTRNF_MAPPING.md) | **Authoritative DBIS binding:** what `c*` and `cW*` mean here vs UTRNF `c` (collateral); which UTRNF prefixes apply as-is; registry-first rules. | | [03_BRIDGES_CROSS_CHAIN_NAMING.md](03_BRIDGES_CROSS_CHAIN_NAMING.md) | Logical asset identity vs chain-local contracts; CCIP and bridge naming patterns; same hex / different bytecode cautions. | | [04_REGISTRY_AND_JSON_FIELDS.md](04_REGISTRY_AND_JSON_FIELDS.md) | Recommended JSON fields for token and bridge registries; links to `config/smart-contracts-master.json` and DBIS institutional config. | +| [schemas/token-registry-entry.schema.json](schemas/token-registry-entry.schema.json) | Optional JSON Schema for registry **entry** objects; [examples/](examples/) validated by `scripts/validation/validate-naming-convention-registry-examples.sh`. | +| [examples/gru-cusdc-chain138.example.json](examples/gru-cusdc-chain138.example.json) | **cUSDC V1** on 138 — PMM / liquidity canonical; `x402Ready: false`. | +| [examples/gru-cusdc-v2-chain138.example.json](examples/gru-cusdc-v2-chain138.example.json) | **cUSDC V2** on 138 — permit / ERC-3009, **x402**; coexists with V1 per [CHAIN138_X402_TOKEN_SUPPORT.md](../CHAIN138_X402_TOKEN_SUPPORT.md). | +| [examples/gru-cusdt-chain138.example.json](examples/gru-cusdt-chain138.example.json) | **cUSDT V1** — PMM / liquidity; `x402Ready: false`. | +| [examples/gru-cusdt-v2-chain138.example.json](examples/gru-cusdt-v2-chain138.example.json) | **cUSDT V2** — **x402**-capable. | ## When to use symbol parsing vs registry @@ -21,8 +27,12 @@ ## Related project documentation - GRU `c*` V2 standards and layers: [GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md](../GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md) +- GRU M00 Diamond symbol grammar (`c` / `a` / `d`, `W` rules): [GRU_M00_DIAMOND_FACET_MAP.md](../GRU_M00_DIAMOND_FACET_MAP.md) +- Explorer GRU registration policy: [EXPLORER_TOKENS_GRU_POLICY.md](../EXPLORER_TOKENS_GRU_POLICY.md) - GRU standards profile (machine-readable): [GRU_STANDARDS_PROFILE.md](../GRU_STANDARDS_PROFILE.md), [`config/gru-standards-profile.json`](../../../config/gru-standards-profile.json) - Canonical Chain 138 token addresses and Explorer cross-check: [EXPLORER_TOKEN_LIST_CROSSCHECK.md](../../11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md) +- PMM pools and routing: [PMM_DEX_ROUTING_STATUS.md](../../11-references/PMM_DEX_ROUTING_STATUS.md) +- Token-aggregation API verify: `pnpm run verify:token-aggregation-api`; public report check: `SKIP_BRIDGE_ROUTES=0 bash scripts/verify/check-public-report-api.sh https://explorer.d-bis.org` (see [AGENTS.md](../../../AGENTS.md)) - Contract addresses: [CONTRACT_ADDRESSES_REFERENCE.md](../../11-references/CONTRACT_ADDRESSES_REFERENCE.md), [ADDRESS_MATRIX_AND_STATUS.md](../../11-references/ADDRESS_MATRIX_AND_STATUS.md) - CCIP deployment and bridge docs: [docs/07-ccip/](../../07-ccip/) (e.g. [CCIP_DEPLOYMENT_SPEC.md](../../07-ccip/CCIP_DEPLOYMENT_SPEC.md)) - c* → cW* mapper config: [C_TO_CW_MAPPER_MAPPING.md](../C_TO_CW_MAPPER_MAPPING.md), `config/token-mapping-multichain.json` diff --git a/docs/04-configuration/naming-conventions/examples/gru-cusdc-chain138.example.json b/docs/04-configuration/naming-conventions/examples/gru-cusdc-chain138.example.json new file mode 100644 index 00000000..ef93aa37 --- /dev/null +++ b/docs/04-configuration/naming-conventions/examples/gru-cusdc-chain138.example.json @@ -0,0 +1,14 @@ +{ + "chainId": 138, + "address": "0xf22258f57794CC8E06237084b353Ab30fFfa640b", + "symbol": "cUSDC", + "decimals": 6, + "underlying": "USDC", + "tokenRole": "gru_compliant_base", + "utrnfRole": "not_applicable", + "assetId": "keccak256:GRU:cUSDC", + "assetVersionId": "v1", + "forwardCanonical": true, + "x402Ready": false, + "liquiditySurface": "pmm_primary" +} diff --git a/docs/04-configuration/naming-conventions/examples/gru-cusdc-v2-chain138.example.json b/docs/04-configuration/naming-conventions/examples/gru-cusdc-v2-chain138.example.json new file mode 100644 index 00000000..35878f33 --- /dev/null +++ b/docs/04-configuration/naming-conventions/examples/gru-cusdc-v2-chain138.example.json @@ -0,0 +1,13 @@ +{ + "chainId": 138, + "address": "0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d", + "symbol": "cUSDC", + "decimals": 6, + "underlying": "USDC", + "tokenRole": "gru_compliant_base", + "utrnfRole": "not_applicable", + "assetId": "keccak256:GRU:cUSDC", + "assetVersionId": "v2", + "forwardCanonical": true, + "x402Ready": true +} diff --git a/docs/04-configuration/naming-conventions/examples/gru-cusdt-chain138.example.json b/docs/04-configuration/naming-conventions/examples/gru-cusdt-chain138.example.json new file mode 100644 index 00000000..eb4bbfd0 --- /dev/null +++ b/docs/04-configuration/naming-conventions/examples/gru-cusdt-chain138.example.json @@ -0,0 +1,14 @@ +{ + "chainId": 138, + "address": "0x93E66202A11B1772E55407B32B44e5Cd8eda7f22", + "symbol": "cUSDT", + "decimals": 6, + "underlying": "USDT", + "tokenRole": "gru_compliant_base", + "utrnfRole": "not_applicable", + "assetId": "keccak256:GRU:cUSDT", + "assetVersionId": "v1", + "forwardCanonical": true, + "x402Ready": false, + "liquiditySurface": "pmm_primary" +} diff --git a/docs/04-configuration/naming-conventions/examples/gru-cusdt-v2-chain138.example.json b/docs/04-configuration/naming-conventions/examples/gru-cusdt-v2-chain138.example.json new file mode 100644 index 00000000..0568f830 --- /dev/null +++ b/docs/04-configuration/naming-conventions/examples/gru-cusdt-v2-chain138.example.json @@ -0,0 +1,13 @@ +{ + "chainId": 138, + "address": "0x9FBfab33882Efe0038DAa608185718b772EE5660", + "symbol": "cUSDT", + "decimals": 6, + "underlying": "USDT", + "tokenRole": "gru_compliant_base", + "utrnfRole": "not_applicable", + "assetId": "keccak256:GRU:cUSDT", + "assetVersionId": "v2", + "forwardCanonical": true, + "x402Ready": true +} diff --git a/docs/04-configuration/naming-conventions/examples/utrnf-collateral-placeholder.example.json b/docs/04-configuration/naming-conventions/examples/utrnf-collateral-placeholder.example.json new file mode 100644 index 00000000..bd5a469d --- /dev/null +++ b/docs/04-configuration/naming-conventions/examples/utrnf-collateral-placeholder.example.json @@ -0,0 +1,10 @@ +{ + "chainId": 1, + "address": "0x2222222222222222222222222222222222222222", + "symbol": "cDAI", + "decimals": 18, + "underlying": "DAI", + "utrnfRole": "collateral", + "tokenRole": "lending_collateral_receipt", + "forwardCanonical": false +} diff --git a/docs/04-configuration/naming-conventions/examples/utrnf-lending-triad.example.json b/docs/04-configuration/naming-conventions/examples/utrnf-lending-triad.example.json new file mode 100644 index 00000000..08d4efc1 --- /dev/null +++ b/docs/04-configuration/naming-conventions/examples/utrnf-lending-triad.example.json @@ -0,0 +1,13 @@ +{ + "chainId": 138, + "address": "0x0000000000000000000000000000000000000001", + "symbol": "aUSDC", + "decimals": 6, + "underlying": "USDC", + "utrnfRole": "asset", + "tokenRole": "lending_supply_receipt", + "assetToken": "aUSDC", + "variableDebtToken": "vdUSDC", + "stableDebtToken": "sdUSDC", + "forwardCanonical": false +} diff --git a/docs/04-configuration/naming-conventions/schemas/token-registry-entry.schema.json b/docs/04-configuration/naming-conventions/schemas/token-registry-entry.schema.json new file mode 100644 index 00000000..519eb94e --- /dev/null +++ b/docs/04-configuration/naming-conventions/schemas/token-registry-entry.schema.json @@ -0,0 +1,61 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://d-bis.org/doc/naming-conventions/schemas/token-registry-entry.schema.json", + "title": "TokenRegistryEntry", + "description": "Optional registry row for UTRNF / DBIS token and bridge metadata (docs/04-configuration/naming-conventions/04_REGISTRY_AND_JSON_FIELDS.md).", + "type": "object", + "required": ["chainId", "address", "symbol", "decimals"], + "properties": { + "chainId": { + "type": "integer", + "description": "EIP-155 style chain ID" + }, + "address": { + "type": "string", + "pattern": "^0x[a-fA-F0-9]{40}$", + "description": "ERC-20 contract address (checksummed or lowercase)" + }, + "symbol": { "type": "string", "minLength": 1 }, + "name": { "type": "string" }, + "decimals": { "type": "integer", "minimum": 0, "maximum": 255 }, + "underlying": { "type": "string" }, + "utrnfRole": { + "type": "string", + "enum": [ + "asset", + "variable_debt", + "stable_debt", + "yield", + "liquidity", + "synthetic", + "reserve", + "wrapped", + "incentive", + "collateral", + "none", + "not_applicable" + ] + }, + "tokenRole": { "type": "string" }, + "gruAssetClass": { "type": "string" }, + "assetId": { "type": "string" }, + "assetVersionId": { "type": "string" }, + "forwardCanonical": { "type": "boolean" }, + "legacyAliases": { + "type": "array", + "items": true + }, + "gruLayer": { + "type": "string", + "enum": ["M00", "M0", "M1", "na"] + }, + "originChainId": { "type": "integer" }, + "wrappedFrom": { "type": "string" }, + "bridgeKind": { "type": "string" }, + "ccipLane": { "type": "string" }, + "assetToken": { "type": "string" }, + "variableDebtToken": { "type": "string" }, + "stableDebtToken": { "type": "string" } + }, + "additionalProperties": true +} diff --git a/docs/04-configuration/pr-ready/README.md b/docs/04-configuration/pr-ready/README.md index 20a4a799..3268799e 100644 --- a/docs/04-configuration/pr-ready/README.md +++ b/docs/04-configuration/pr-ready/README.md @@ -7,17 +7,16 @@ ## 1. Chainlist (ethereum-lists/chains) **Repo:** https://github.com/ethereum-lists/chains -**Action:** Add or update `_data/chains/eip155-138.json`. +**Upstream status:** [ethereum-lists/chains#8124](https://github.com/ethereum-lists/chains/pull/8124) merged ([cb4c47b](https://github.com/ethereum-lists/chains/commit/cb4c47b0345fa8688dbc0133e0aa1cd3fb211a80)). This repo’s [eip155-138.json](./eip155-138.json) mirrors [upstream `master`](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json) for local PRs and reviews. -**File:** [eip155-138.json](./eip155-138.json) — lists only **public** RPC nodes (Core and Private RPC nodes are excluded). +**File:** [eip155-138.json](./eip155-138.json) — **public** RPC endpoints only (Besu Core / JWT private RPC hostnames are not listed here). -**Steps:** -1. Fork https://github.com/ethereum-lists/chains -2. Copy `eip155-138.json` to `_data/chains/eip155-138.json` in your fork -3. Commit, push, open PR. In the PR description paste the "Chain 138 spec" from [ADD_CHAIN138_TO_TRUST_WALLET.md](../ADD_CHAIN138_TO_TRUST_WALLET.md#chain-138-spec-for-forms--pr-description) -4. Follow their CONTRIBUTING.md and respond to review +**When proposing a change:** +1. Edit this file (and `pr-workspace/chains/_data/chains/eip155-138.json`) to match the intended upstream diff. +2. Fork https://github.com/ethereum-lists/chains, copy to `_data/chains/eip155-138.json`, run their checks / Prettier per [CONTRIBUTING.md](https://github.com/ethereum-lists/chains/blob/master/CONTRIBUTING.md). +3. In the PR description you can paste the “Chain 138 spec” from [ADD_CHAIN138_TO_TRUST_WALLET.md](../ADD_CHAIN138_TO_TRUST_WALLET.md#chain-138-spec-for-forms--pr-description). -**Note:** Chain 138 may already be listed (see https://chainlist.org/chain/138). If so, use this file only to propose updates. +**Live listing:** https://chainlist.org/chain/138 --- diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2a0232f2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/admin_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:41 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054853 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..387d87a8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:10 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.134927 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/all_e2e_results.json new file mode 100644 index 00000000..3c0ee6c1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/all_e2e_results.json @@ -0,0 +1,1477 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.071005, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053003, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-3.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:06 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043894, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046079, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.134927, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062040, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-2.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034084, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032403, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.060048, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054199, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063145, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.228455, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:18 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051805, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.051529, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T11:00:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038778, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.147814, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048892, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042287, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-3.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:45 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039758, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055807, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.045535, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.061918, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.070186, + "has_hsts": true, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042651, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T11:00:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.029693, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036389, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T11:00:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041057, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049049, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T11:00:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047085, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T11:00:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "dev.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:31:22 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 2.926816 + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054853, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047473, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-2.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.064345, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "gitea.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:32:04 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 1.599855 + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048484, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037982, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042202, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039806, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T11:00:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048644, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051048, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "rpc_http": { + "status": "skip", + "http_code": "405", + "error": "\r\n405 Not Allowed\r\n\r\n

405 Not Allowed

\r\n\r\n" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036823, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "codespaces.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:30:34 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.119661 + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T11:00:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T11:00:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T11:00:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:47:55 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046892, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..e8d7cc9b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:47 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 11:00:35 GMT +etag: "69cba953-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes + + +0.039806 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..725a0148 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:59 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:11 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046892 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..49dcf725 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:12 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:22 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054199 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..30d7191e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,7 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 18:00:53 GMT +content-type: text/html +content-length: 122 + + +3.119661 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5bfc2f85 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/core_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:09 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053003 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/d-bis_org_https_headers.txt new file mode 100644 index 00000000..3b948c21 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:49 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051048 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..70a2616c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:18 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.039758 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c1580517 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:11 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.062040 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d3960b91 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/data_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:20 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.029693 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c3bf2721 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:08 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.071005 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fea59b23 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:48 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.048644 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5cb6c53e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:15 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.038778 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d56578ca --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/dev_d-bis_org_https_headers.txt @@ -0,0 +1,7 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 18:00:41 GMT +content-type: text/html +content-length: 122 + + +2.926816 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..60e24067 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/developers_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:13 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.063145 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3d5da2ba --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/docs_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:17 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 11:00:35 GMT +etag: "69cba953-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes + + +0.048892 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5f208580 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:45 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 11:00:35 GMT +etag: "69cba953-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..76998f68 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,7 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 18:00:44 GMT +content-type: text/html +content-length: 122 + + +1.599855 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6c0bb1c6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/identity_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:17 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.042287 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cce5e473 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/interop_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:16 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.147814 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5f63f5c7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 302 +date: Wed, 01 Apr 2026 18:00:19 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=31536000; includeSubDomains +x-content-type-options: nosniff +x-xss-protection: 1; mode=block + + +0.070186 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..188dea8f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/members_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:10 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.046079 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..06f3146e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:09 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.043894 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/mim4u_org_https_headers.txt new file mode 100644 index 00000000..c5913e53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:20 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d1d7894f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/ops_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:18 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.055807 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a17c3ac8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:26 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-7E0JBiUCDSwba7VWzhhUJg=='; style-src 'self' 'nonce-7E0JBiUCDSwba7VWzhhUJg=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..64bc5a04 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/policy_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:12 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.032403 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7bb1ce1f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:12 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.060048 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e3f61abd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/research_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:11 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.034084 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..02c69808 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1,6 @@ + +405 Not Allowed + +

405 Not Allowed

+ + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1fa18a98 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:20 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.036389 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0c9a5a79 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:13 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.228455 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b5bf0ea0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:49 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.036823 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..71e7bdd2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:45 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a122d12f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/status_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:42 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.047473 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7d166586 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,11 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:15 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" + + +0.051805 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..953eca31 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:32 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..07f22077 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:46 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/verification_report.md new file mode 100644 index 00000000..853c5a6b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/verification_report.md @@ -0,0 +1,580 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-01T11:00:59-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (59) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 59 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 40 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 1 +- **Average response time**: 0.23135811627906974s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | pass | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | warn | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | warn | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | skip | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | warn | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: skip +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cb3cdeec --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 18:00:15 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051529 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..d53590f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 18:00:27 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7a2f17a7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 18:00:42 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.064345 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ed51b3a0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 18:00:19 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045535 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..31962bff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_110008/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,8 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 18:00:19 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ + + +0.061918 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..53aee543 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/admin_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:01 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.065767 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ad7ff0b2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:48 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.096847 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/all_e2e_results.json new file mode 100644 index 00000000..6c3c8909 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/all_e2e_results.json @@ -0,0 +1,1473 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035670, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046023, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-3.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:06 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037443, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042046, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.096847, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033272, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-2.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043256, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049049, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049725, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033157, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045356, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.077101, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:18 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040345, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035892, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:38:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039199, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045921, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040237, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042690, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-3.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:45 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043231, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052683, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.061047, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.065184, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.039341, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044468, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:38:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.040262 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044623, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:38:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035676, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040444, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:38:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041563, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:38:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:38:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:38:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "dev.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:31:22 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 2.811764 + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065767, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068908, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-2.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.052706, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "gitea.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:32:04 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 1.792339 + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042142, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038644, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.061392, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038176, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:39:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042608, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048433, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031992, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "codespaces.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:30:34 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.564977 + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:39:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:47:55 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037133, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..e28a8074 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2117.84","coin_price_change_percentage":4.64,"gas_price_updated_at":"2026-04-01T20:39:04.619155Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":243028,"gas_used_today":"165468661","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"448","total_blocks":"3502633","total_gas_used":"0","total_transactions":"42234","transactions_today":"1023","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..af2b530c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:05 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038176 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..17e09a1e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:08 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:11 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037133 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..82332784 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:49 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:22 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033157 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4fae7281 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:39:07 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.564977 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b5879c94 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/core_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:47 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046023 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/d-bis_org_https_headers.txt new file mode 100644 index 00000000..46003996 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:05 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048433 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fdda4d57 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:53 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.043231 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5cf70b5f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:48 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.033272 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a9b26dbe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/data_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 404 +date: Wed, 01 Apr 2026 20:38:55 GMT +content-type: text/html;charset=utf-8 +content-length: 469 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040262 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..22b1991f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:47 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.035670 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6a5a6e55 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:05 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.042608 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2431c95d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:52 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.039199 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..032bb859 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/dev_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:39:00 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +2.811764 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3e8c34d6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:50 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045356 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8a1c9602 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:52 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040237 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..278860ff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2117.84","coin_price_change_percentage":4.64,"gas_price_updated_at":"2026-04-01T20:35:01.489116Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":32000,"gas_used_today":"165468661","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"448","total_blocks":"3502633","total_gas_used":"0","total_transactions":"42234","transactions_today":"1023","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3bc2ee31 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:04 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a58fbc77 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:39:04 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +1.792339 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e795d543 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:52 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042690 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..09a85076 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:52 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045921 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..4098b3c1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Wed, 01 Apr 2026 20:38:54 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.039341 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..23057f65 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:48 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042046 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..15048866 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:47 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.037443 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/mim4u_org_https_headers.txt new file mode 100644 index 00000000..b69bdda6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:55 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..18279715 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052683 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..304ae180 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:56 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-hbXP2COK32EIZDILd/6tHw=='; style-src 'self' 'nonce-hbXP2COK32EIZDILd/6tHw=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..227cf274 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:49 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049049 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..dd957fe4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:49 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.049725 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b955e5f5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:49 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043256 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3ee4e5c8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:55 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044623 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d2fc2ef1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:50 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.077101 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c06ac874 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:06 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.031992 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..65bab6f1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:04 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..18108e48 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.068908 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7692b107 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:51 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040345 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..cf5269e1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:57 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..65bab6f1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:04 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/verification_report.md new file mode 100644 index 00000000..5951dc1a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/verification_report.md @@ -0,0 +1,580 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-01T13:39:08-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (59) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 59 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 39 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.16369144186046514s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | warn | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | warn | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | warn | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7efa8d15 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:38:51 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035892 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..f118947a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:38:56 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..9f3a00f3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:39:02 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052706 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..962064b2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:38:54 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.061047 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..839a25cc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133846/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:38:54 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.065184 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..137b5cab --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/admin_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:36 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037977 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d151bcf8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:24 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.040876 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/all_e2e_results.json new file mode 100644 index 00000000..4fad656c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/all_e2e_results.json @@ -0,0 +1,1473 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040127, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049839, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-3.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:06 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038554, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046927, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040876, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039674, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-2.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043670, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045643, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049339, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036735, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046728, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.087430, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:18 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037181, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.033263, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:39:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052554, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049698, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043296, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039218, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-3.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:45 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052837, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053866, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036801, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.027487, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.032182, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044552, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:39:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.050893 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043398, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:39:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040358, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042750, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:39:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037913, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:39:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "dev.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:31:22 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.104721 + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037977, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048532, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-2.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.048248, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "gitea.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:32:04 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.110403 + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042288, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043358, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038060, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039794, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:39:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037403, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045513, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042981, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "codespaces.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:30:34 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 2.678551 + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:39:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:39:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:39:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:47:55 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040176, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..3482155e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:42 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039794 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..256e7e08 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:48 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:11 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040176 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ad2f293a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:25 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:22 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036735 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ca599373 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:39:48 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +2.678551 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..78916f14 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/core_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:23 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049839 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/d-bis_org_https_headers.txt new file mode 100644 index 00000000..9e9bea03 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:44 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045513 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ee56980c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:29 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.052837 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7c8e9594 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:24 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.039674 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b02f846d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/data_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 404 +date: Wed, 01 Apr 2026 20:39:31 GMT +content-type: text/html;charset=utf-8 +content-length: 469 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050893 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..de542a99 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:23 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.040127 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..72fe19fd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:44 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.037403 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ece798b5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:27 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.052554 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5320bee9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/dev_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:39:36 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.104721 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..78f9df76 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:26 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046728 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..306b96bf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:28 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043296 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d80ac618 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:41 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7da5a26c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:39:40 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.110403 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2ac75d52 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039218 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..22d5e332 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049698 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e6173d00 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Wed, 01 Apr 2026 20:39:30 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.032182 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8152efe9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:23 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046927 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..11e539df --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:23 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.038554 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/mim4u_org_https_headers.txt new file mode 100644 index 00000000..9f05ac7c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:30 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c590ba07 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:29 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053866 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..fc93dea6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:32 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-jRznxJIs59LbsPnP1Fpdyw=='; style-src 'self' 'nonce-jRznxJIs59LbsPnP1Fpdyw=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9e111ff4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:25 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045643 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..82db2bbe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:25 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.049339 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5af7f4f8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:25 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043670 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..197f4821 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:31 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043398 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..56d835fd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:26 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.087430 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a73fdeea --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:44 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.042981 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..900d9c57 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:41 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..78a6d2b6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:37 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048532 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6d731523 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:27 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037181 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5c387eff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:32 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..5ad33ca5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:42 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/verification_report.md new file mode 100644 index 00000000..9ebc4d6d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/verification_report.md @@ -0,0 +1,580 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-01T13:39:48-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (59) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 59 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 39 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.24748358139534882s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | warn | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | warn | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | warn | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..dbbab7f9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:39:27 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033263 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..a48ceda6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:39:32 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..75bbfcb6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:39:37 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048248 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..57649d93 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:39:29 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036801 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..99067dc0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_133922/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:39:30 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.027487 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..53e9d1ae --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/admin_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:03 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.031536 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e4a7714d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:54 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.046115 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/all_e2e_results.json new file mode 100644 index 00000000..e6b65d22 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/all_e2e_results.json @@ -0,0 +1,1479 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030351, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036401, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-3.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:06 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037151, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044482, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046115, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038321, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-2.d-bis.org", + "issuer": "E7", + "expires": "May 8 12:17:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041146, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040824, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047654, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042286, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.064115, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.073356, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:18 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036906, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.043908, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:41:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050686, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043953, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033847, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055827, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx-3.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:45 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:41:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048119, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046168, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036813, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:41:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.037318, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.036320, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031909, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:42:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.041778 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045389, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:42:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036103, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044879, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:42:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033360, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:42:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:42:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 6 17:44:52 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.028421, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031536, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038257, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:42:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-alltra-2.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:48:31 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.039043, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "gitea.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:32:04 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.103983 + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037610, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032470, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040567, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045563, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T13:42:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043055, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.071966, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:42:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035965, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-hybx.d-bis.org", + "issuer": "E8", + "expires": "May 8 12:17:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 11:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031051, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T13:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T13:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T13:42:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "cacti-alltra.d-bis.org", + "issuer": "E8", + "expires": "May 8 04:47:55 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044499, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..10b276af --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:08 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045563 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..78281767 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:13 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:11 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044499 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..83996f8f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,15 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:55 GMT +content-type: text/html +content-length: 32 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:38:22 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042286 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4d876fb6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:12 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.031051 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f9883017 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/core_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:53 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036401 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/d-bis_org_https_headers.txt new file mode 100644 index 00000000..3e8754bf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:11 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.071966 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c2242944 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:59 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.048119 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..90936447 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:54 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.038321 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d60f4cac --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/data_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 404 +date: Wed, 01 Apr 2026 20:42:00 GMT +content-type: text/html;charset=utf-8 +content-length: 469 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041778 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f80ea75e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:53 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.030351 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a7f40fc3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:11 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.043055 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2337f3de --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:57 GMT +content-type: text/html; charset=utf-8 +content-length: 344 +vary: Accept-Encoding +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.050686 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bfe387e4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:03 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.028421 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a4e06cb9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:56 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.064115 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ce04b0be --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:58 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033847 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..3bebb142 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2115.5","coin_price_change_percentage":4.53,"gas_price_updated_at":"2026-04-01T20:40:02.326190Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":30000,"gas_used_today":"165468661","market_cap":"0.00","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"448","total_blocks":"3502633","total_gas_used":"0","total_transactions":"42234","transactions_today":"1023","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8ab12cad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:07 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2fc4afb1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Wed, 01 Apr 2026 20:42:07 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.103983 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..937f05cf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:58 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055827 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fdf516b2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:57 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043953 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e47955b9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Wed, 01 Apr 2026 20:42:00 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.036320 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8e5a8b58 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:54 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044482 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d0782f59 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:53 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.037151 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/mim4u_org_https_headers.txt new file mode 100644 index 00000000..d08c5afc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:00 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b4e064db --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:59 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046168 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c46be916 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:01 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-y3YasUwNw47JepgqeDRnrg=='; style-src 'self' 'nonce-y3YasUwNw47JepgqeDRnrg=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8b65d847 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:55 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040824 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0c5e1cd1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:55 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.047654 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ff997401 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:54 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041146 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e83e0075 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:00 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045389 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..26f5871f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:56 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.073356 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1ba3aea3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:12 GMT +content-type: text/html +content-length: 31 +vary: Accept-Encoding +last-modified: Tue, 10 Mar 2026 14:34:29 GMT +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.035965 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..f9c35f05 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:07 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4aae5209 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038257 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..971ab690 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:41:57 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036906 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1e40dfab --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:02 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..17faa969 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:08 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/verification_report.md new file mode 100644 index 00000000..9b628748 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/verification_report.md @@ -0,0 +1,580 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-01T13:42:13-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (59) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 59 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 41 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.11324351162790695s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | warn | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ff71092c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:41:57 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043908 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..9af066f5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Wed, 01 Apr 2026 20:42:01 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c3698367 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:42:04 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039043 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..deba60c0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:41:59 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036813 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5036e650 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_134152/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Wed, 01 Apr 2026 20:41:59 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037318 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0e75b63d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/admin_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:53:15 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.137069 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..99314cc1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:49 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +1.021214 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/all_e2e_results.json new file mode 100644 index 00000000..ad12b582 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/all_e2e_results.json @@ -0,0 +1,1452 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.167358 + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.124753 + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:52:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.029566, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.067138, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 1.021214, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.076572, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:52:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.059995, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052891, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.077540, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.147126 + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.060874, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.509479, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:52:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:52:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:52:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.037145 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:52:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.041511, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T22:52:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.110421 + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055268, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035285, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052969, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:53:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:53:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048508, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046204, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.043579, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.051694, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.048451 + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052560, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T22:53:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.102308 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054897, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T22:53:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.177565, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.064575, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T22:53:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.101092, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:53:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T22:53:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 6 17:44:52 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.029892, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.137069 + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055050, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:53:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.046095, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 20:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039272, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040368, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034801, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047796, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033968, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-01T22:53:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.125166 + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055253, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:53:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:53:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.096712 + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:54:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:54:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 11:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.029457, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-01T22:54:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-01T22:54:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-01T22:54:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.125550 + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..de3843ce --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2106.46","coin_price_change_percentage":0.14,"gas_price_updated_at":"2026-04-02T05:53:52.414170Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":158104,"gas_used_today":"9158838","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"473","total_blocks":"3515429","total_gas_used":"0","total_transactions":"42298","transactions_today":"9","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..69591ad6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:53 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033968 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..da1cb3d2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:54:03 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e5d93a3bd7e29a5-LAX +alt-svc: h3=":443"; ma=86400 + + +0.125550 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cf3d853c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:52:53 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e5d91ebec04c8d2-LAX +alt-svc: h3=":443"; ma=86400 + + +0.147126 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e1c2d9f7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:54:02 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.029457 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..38bed075 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/core_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:52:46 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.124753 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/d-bis_org_https_headers.txt new file mode 100644 index 00000000..9653d104 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:56 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055253 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..92ad31ed --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:02 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.048508 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..63a9386a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:50 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.076572 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f912b70c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/data_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:53:08 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.102308 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..026cd32d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:52:42 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.167358 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c305b6fe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:53:56 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.125166 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4ffeaa83 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:53:00 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.110421 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5c8e23df --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:11 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.029892 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..63e75549 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.060874 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1891310b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:01 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035285 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..79c3b540 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2106.46","coin_price_change_percentage":0.14,"gas_price_updated_at":"2026-04-02T05:51:14.051350Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":30000,"gas_used_today":"9158838","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"473","total_blocks":"3515429","total_gas_used":"0","total_transactions":"42298","transactions_today":"9","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..760668ed --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:18 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a3dabc9a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:17 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.039272 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..04ea9271 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052969 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8e6a7507 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:00 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055268 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..714f0292 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:53:04 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048451 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..006029c8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:48 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.067138 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..200e9986 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:48 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.029566 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/mim4u_org_https_headers.txt new file mode 100644 index 00000000..84c83c2a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:04 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8c8e5102 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046204 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..07c14d26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:09 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-UWE55yiS3xtdeW4RBcJlxg=='; style-src 'self' 'nonce-UWE55yiS3xtdeW4RBcJlxg=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6f652ef2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:52 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052891 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..b6f39f90 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:52 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.077540 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a9e951d9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:51 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.059995 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..67728762 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:08 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054897 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..769fe172 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:52:54 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.509479 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e4fd746b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:54:00 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.096712 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..000167eb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:18 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..37a92fb6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055050 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1e2740e7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 05:52:57 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037145 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a49ac7d3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:10 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..0329e7e4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:52 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/verification_report.md new file mode 100644 index 00000000..50a34da7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/verification_report.md @@ -0,0 +1,580 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-01T22:54:03-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (59) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 59 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 32 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.5910462093023258s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | warn | - | +| core.d-bis.org | web | pass | pass | warn | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | warn | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | warn | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | warn | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | warn | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | warn | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | pass | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | warn | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | warn | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | warn | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a3a53d1b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 05:52:57 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041511 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..4ad3e801 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 05:53:09 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..dbadda9f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 05:53:17 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046095 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f54bf5a0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 05:53:03 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043579 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..eecb4884 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260401_225239/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 05:53:03 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051694 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f4233147 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/admin_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:53 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.104006 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f6201ea9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:31 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.080755 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/all_e2e_results.json new file mode 100644 index 00000000..fed9455e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/all_e2e_results.json @@ -0,0 +1,1452 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.137226 + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.124550 + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038727, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.071151, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.080755, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.069670, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045096, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048382, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047903, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.128532 + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050768, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.119009, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.038550 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.048758, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T07:42:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.129624 + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053844, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042868, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043663, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043973, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053667, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.089233, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.033406, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.037827 + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046034, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T07:42:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.136825 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048084, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T07:42:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047430, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030152, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T07:42:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048619, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T07:42:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 6 17:44:52 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037265, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.104006 + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046131, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.029612, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 20:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037001, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032784, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033078, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036591, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041000, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T07:42:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.138622 + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044137, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:42:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:42:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.085904 + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:43:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:43:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 11:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032572, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T07:43:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T07:43:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T07:43:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.136704 + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..f335720a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2030.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2069.73","coin_price_change_percentage":-1.61,"gas_price_updated_at":"2026-04-02T14:42:43.399047Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":19341,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3527936","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..40ddc54e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:55 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041000 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8683b6f0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:43:04 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e609a902da8dbc2-LAX +alt-svc: h3=":443"; ma=86400 + + +0.136704 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7188dead --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:33 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e6099d14dd151ae-LAX +alt-svc: h3=":443"; ma=86400 + + +0.128532 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6a8d25b1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:43:03 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.032572 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4c3bfa4e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/core_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:29 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.124550 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/d-bis_org_https_headers.txt new file mode 100644 index 00000000..1e2e767a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:59 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044137 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6cde2c49 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:41 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.043973 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c0084bfc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:31 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.069670 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a4c69c5c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/data_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:46 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.136825 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..791353e4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:26 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.137226 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..96725186 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:58 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.138622 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d0aa3fc1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:39 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.129624 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0a69434f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:49 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.037265 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5392b6b3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:34 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050768 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..084d99a9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:40 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042868 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..aadb683b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2030.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2069.73","coin_price_change_percentage":-1.61,"gas_price_updated_at":"2026-04-02T14:42:43.399047Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":20008,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3527936","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..16e2ed04 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:54 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5972b4d9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:54 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.037001 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c257b8fb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:40 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043663 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3c7d2967 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:39 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053844 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ac3eea82 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:42 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037827 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..04a74400 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:31 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.071151 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9bd792a5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:30 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.038727 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/mim4u_org_https_headers.txt new file mode 100644 index 00000000..34972246 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:43 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bd3c9934 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:41 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053667 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..813838c4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:47 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-K7KdaRLwy8IFZdRzJb2VfA=='; style-src 'self' 'nonce-K7KdaRLwy8IFZdRzJb2VfA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..885d6535 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:33 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048382 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ccb07188 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:33 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.047903 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b7eb7026 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:32 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045096 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c8ad3c6b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:46 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048084 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a1c2a029 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:34 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.119009 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1a792407 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:43:02 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.085904 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..fea9cc19 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:54 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..70363271 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046131 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..009127b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 14:42:35 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038550 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5f804f21 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:48 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..bdd84226 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:55 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/verification_report.md new file mode 100644 index 00000000..4459c4bc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/verification_report.md @@ -0,0 +1,580 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-02T07:43:04-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (59) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 59 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 32 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.552784488372093s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | warn | - | +| core.d-bis.org | web | pass | pass | warn | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | warn | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | warn | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | warn | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | warn | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | warn | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | pass | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | warn | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | warn | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | warn | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f6250358 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 14:42:36 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048758 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..e5b064d3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 14:42:48 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..923c8c92 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 14:42:54 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.029612 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..2971961e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 14:42:42 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.089233 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..941215db --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 14:42:42 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033406 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f4a1b594 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/admin_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:14 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.084906 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..36d0fac0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:19 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.109813 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/all_e2e_results.json new file mode 100644 index 00000000..50d8cc08 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/all_e2e_results.json @@ -0,0 +1,1471 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.087855 + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.128829 + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:01:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031295, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.067047, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.109813, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.114166, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:01:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046054, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043347, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.071601, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.135577 + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040004, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063496, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:01:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:01:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:22-07:00", + "tests": { + "dns": { + "status": "skip", + "resolved_ip": null, + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 0.015651 + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:01:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.034454 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:01:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035692, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T08:01:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.148734 + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.061726, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035243, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054442, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035962, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039677, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.080232, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.043873, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.042741 + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040235, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T08:02:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.118341 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050439, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T08:02:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044169, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049339, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T08:02:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039405, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T08:02:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 6 17:44:52 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042876, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.084906 + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062957, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.044612, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 20:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.058076, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034676, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036069, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042132, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030229, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T08:02:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.106404 + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053300, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 3.087187 + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 11:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040149, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T08:02:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T08:02:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T08:02:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.117778 + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..d0a4e0b0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2030.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2075.73","coin_price_change_percentage":-1.33,"gas_price_updated_at":"2026-04-02T15:01:52.645667Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":7172,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3527936","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..dcf52ea1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:16 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.030229 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d21072db --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:25 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e60b6e97bfcfda5-LAX +alt-svc: h3=":443"; ma=86400 + + +0.117778 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4bda1e08 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:01:21 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e60b5586ec1cb83-LAX +alt-svc: h3=":443"; ma=86400 + + +0.135577 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..767c7117 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:24 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.040149 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fcf2454d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/core_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:01:17 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.128829 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/d-bis_org_https_headers.txt new file mode 100644 index 00000000..325699bb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:20 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053300 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c6ce4dcb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:03 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.035962 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0fc20854 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:19 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.114166 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e7135862 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/data_d-bis_org_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:07 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +3.118341 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..baa1a22c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:01:14 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.087855 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..eb20f39b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:20 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.106404 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d8cb9097 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:01 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.148734 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ece4db14 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:10 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.042876 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..edbc9606 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:21 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040004 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..820dbde7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:01 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035243 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..d46ea61f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2030.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2075.73","coin_price_change_percentage":-1.33,"gas_price_updated_at":"2026-04-02T15:01:52.645667Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":7765,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3527936","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cd80686f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:16 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..aba246e9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:15 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.058076 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e26b4c45 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:02 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054442 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..719e97af --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,2 @@ + +0.015651 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f3dd0c28 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.061726 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f78d417b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:04 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042741 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..283153f5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:18 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.067047 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..587beace --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:18 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.031295 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/mim4u_org_https_headers.txt new file mode 100644 index 00000000..7d2d4b46 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:04 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d95fcb2e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039677 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..b07736fe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:08 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-WCMR2F5/lIHTT/Yh+PaqiQ=='; style-src 'self' 'nonce-WCMR2F5/lIHTT/Yh+PaqiQ=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..043261ad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:20 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043347 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..66617f6d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:20 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.071601 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a4ffd9b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:20 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046054 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b354bba7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:08 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050439 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7f8bfde7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:01:21 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.063496 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..abe43b26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:02:23 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +3.087187 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..0c80b83f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:15 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..054bc80e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:14 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.062957 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..61c094a0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 02 Apr 2026 15:01:57 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034454 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..806dde80 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:09 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..c7bc235f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:16 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/verification_report.md new file mode 100644 index 00000000..4f5021f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/verification_report.md @@ -0,0 +1,589 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-02T08:02:25-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 59 +- **HTTPS tests passed**: 32 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 1 +- **Average response time**: 0.5397906818181818s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | warn | - | +| core.d-bis.org | web | pass | pass | warn | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | warn | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| info.defi-oracle.io | web | skip | skip | skip | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | warn | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | warn | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | warn | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | warn | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | pass | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | warn | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | warn | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | warn | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: skip +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3bb06095 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 15:01:58 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035692 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..fea0b0ef --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 15:02:09 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..34059910 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 15:02:15 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044612 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d30f94e6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 15:02:03 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.080232 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6ce5653e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_080111/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 15:02:03 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043873 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3c7e75c4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:14 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035364 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ca9f6d66 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:02 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.119941 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/all_e2e_results.json new file mode 100644 index 00000000..81020d38 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/all_e2e_results.json @@ -0,0 +1,1508 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030625, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049974, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037095, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041441, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.119941, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036362, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052219, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051035, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052129, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 8 23:35:06 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039165, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048747, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056116, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 3", + "expires": "Jul 1 15:08:57 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.157489, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.076878, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.045707, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T12:54:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044401, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052935, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037750, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046529, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041437, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.059941, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.034650, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.040699, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.041452, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034889, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T12:54:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.046468 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039218, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T12:54:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037304, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041746, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T12:54:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049047, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T12:54:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 6 17:44:52 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030427, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035364, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047163, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.032387, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 20:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032870, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040679, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041477, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044687, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044804, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T12:54:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038196, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044560, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035005, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 11:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041520, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T12:54:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T12:54:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T12:54:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 8 19:47:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038156, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..43459a2f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2010.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2049.51","coin_price_change_percentage":-2.57,"gas_price_updated_at":"2026-04-02T19:53:59.945591Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":14646,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3528186","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..715b15f9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:16 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044804 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ce57c66b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:19 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.038156 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1dde2f9c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:04 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.039165 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d9e11ec2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:18 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.041520 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0d50b1ce --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:01 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 332b3bbd4d18efd6b8c166a0cdac6e9b +x-span-id: 6db59a5a9e1def49 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/d-bis_org_https_headers.txt new file mode 100644 index 00000000..54144576 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:17 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044560 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0944943c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:09 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.041437 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f06974fc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:03 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.036362 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6ab63eaa --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 404 +date: Thu, 02 Apr 2026 19:54:11 GMT +content-type: text/html; charset=utf-8 +content-length: 149 +vary: Accept-Encoding +content-security-policy: default-src 'none' +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: a6a4e6a0df572f9c3b3173f62d4cea08 +x-span-id: 3ae025188f6d91e4 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5a4ca71f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:01 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6d8c00bd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:17 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 92c82b0d8022902ab521c296f4c0436c +x-span-id: 17a083c6f1825146 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8079950d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:07 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 4895cf54d89171d6133f1cf52e09ceab +x-span-id: 95a6305e5dba4ef3 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c6003957 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:13 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.030427 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d356535d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:05 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048747 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7ff94664 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:08 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037750 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..5775b500 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2010.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2049.51","coin_price_change_percentage":-2.57,"gas_price_updated_at":"2026-04-02T19:53:59.945591Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":15331,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3528186","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e29027eb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:16 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c761dc22 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:15 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.032870 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1d0f0faf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:08 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046529 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..559aae1e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:06 GMT +content-type: text/html +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PEd82Vg8xu52IGFuzoGUuT45MO5ddt2sIB0h9tvAksBKBZMvB7sjbbEPvmAukddv%2BZKShGFjEBC8YNfn5Nwde8356F5imo7NO7kIOeTQk%2BicxXMVROLjnIuiuNj8JrZabYeh9gZU"}]} +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e62622d6df36d35-LAX + + +0.157489 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..37d0285e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:07 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052935 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..990c1b1f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Thu, 02 Apr 2026 19:54:10 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.041452 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9ab10699 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:02 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041441 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f2c81704 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:02 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.037095 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/mim4u_org_https_headers.txt new file mode 100644 index 00000000..2084615f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:10 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..da75603e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:09 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.059941 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..742d743e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:11 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-75qDkJQQl9wYa5THDpNmuA=='; style-src 'self' 'nonce-75qDkJQQl9wYa5THDpNmuA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7268a3f2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:04 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051035 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..8a4e0217 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:04 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.052129 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..850aaec1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052219 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a72e87a5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:11 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039218 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..892713c5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:05 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.056116 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a299fa42 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:17 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..83c0c90f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:15 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8aa02b41 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:14 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047163 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c3ec2a32 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:06 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.076878 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6cfd40a0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:13 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..30cc6a3b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:16 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/verification_report.md new file mode 100644 index 00000000..61f13247 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/verification_report.md @@ -0,0 +1,589 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-02T12:54:19-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 43 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.04751554545454544s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| info.defi-oracle.io | web | pass | pass | pass | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | warn | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | pass | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d7f8f746 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 19:54:07 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045707 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..1cb34ac1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 19:54:12 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..00c47500 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 19:54:15 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.032387 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d4e9ac95 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 19:54:09 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034650 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..02493578 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_125400/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 19:54:10 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040699 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5ca32419 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:12 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033912 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c3ae1246 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:01 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.040396 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/all_e2e_results.json new file mode 100644 index 00000000..962f0a73 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/all_e2e_results.json @@ -0,0 +1,1511 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:02:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037918, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:02:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.067789, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031774, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042967, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040396, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.069791, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057922, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051371, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043314, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 8 23:35:06 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030355, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049989, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.081406, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.91.43", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 3", + "expires": "Jul 1 15:08:57 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.159279, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068788, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036145, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T13:03:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042601, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048963, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033908, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040213, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039662, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057704, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.034687, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.051106, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.036582, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034720, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T13:03:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045289, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050912, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T13:03:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038740, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048609, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T13:03:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041606, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T13:03:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 6 17:44:52 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040965, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033912, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054399, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.040711, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 20:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036600, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032422, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031195, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033072, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037734, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-02T13:03:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.064422, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056344, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033356, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 6 11:44:51 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037910, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-02T13:03:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-02T13:03:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-02T13:03:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 8 19:47:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036717, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..13789adf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":3929.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2046.41","coin_price_change_percentage":-2.72,"gas_price_updated_at":"2026-04-02T20:02:47.552396Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":3982,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3528186","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..fdb2a4db --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:15 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037734 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6d5ede06 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:17 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.036717 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..13490580 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:03 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.030355 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b9f5dc74 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:16 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.037910 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9cfb0f4d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:02:59 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: a05df2e754e57a36bd60d93e5a0e5900 +x-span-id: 124226d1f58f4e8b +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/d-bis_org_https_headers.txt new file mode 100644 index 00000000..0b96addf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056344 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a62a1fa2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:07 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.039662 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5660f0e2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:01 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.069791 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..49791302 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:09 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 1455a0797ea89f61384b702f02c4f5de +x-span-id: 9c9d58bd8b824d0e +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c8b63502 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:02:59 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2858143b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:15 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 772275f152b66d95bcdfbbb4c981e20e +x-span-id: a078f556a6618c17 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..dbe4004d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:05 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 6de25cda6dd59300d9d25e9718bd8b04 +x-span-id: 1d1227b1bc67af57 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..78711a8c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:12 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.040965 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d47143ff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049989 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d8a965e2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:06 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033908 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..e7d553d8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":3929.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2046.41","coin_price_change_percentage":-2.72,"gas_price_updated_at":"2026-04-02T20:02:47.552396Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":4621,"gas_used_today":"9203876","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"474","total_blocks":"3528186","total_gas_used":"0","total_transactions":"42327","transactions_today":"10","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7ee57e38 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:14 GMT +content-type: text/html +content-length: 85236 +vary: Accept-Encoding +last-modified: Wed, 01 Apr 2026 19:04:27 GMT +etag: "69cd6c3b-14cf4" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f5618d4a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:13 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.036600 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3f787144 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:06 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040213 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..5fefeb9f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:04 GMT +content-type: text/html +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rCLQ26zTTtRfbQYFVk4ASD8YfSCdZRAadoumr3%2B55oHNYH%2BYVsoIRvJ9h3cmsiw9GpqstqpXdPEjQt7ZlTawyXq6edaNJ04PfzSy9kaarIkQBz40yMsko35RSylMGtEh%2Bxk%2BsoNx"}]} +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e626f525f97f7d1-LAX + + +0.159279 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6488cad1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:06 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048963 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..3dfe861e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Thu, 02 Apr 2026 20:03:08 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.036582 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..46881ea4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:00 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042967 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1ece51cf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:00 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.031774 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/mim4u_org_https_headers.txt new file mode 100644 index 00000000..829526c0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:09 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d0fa3438 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:07 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057704 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..9b355968 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:10 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-sPVqurUhwIIuavAf3yWoHA=='; style-src 'self' 'nonce-sPVqurUhwIIuavAf3yWoHA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..18d08bfb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:02 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051371 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..2eea6fdf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:02 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.043314 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9de8d0ec --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:02 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057922 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..a55ebe8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","result":"0x8a","id":1} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..41a3bdc6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:09 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050912 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1b86fd44 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:03 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.081406 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..607353b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:16 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..8ea5560d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:14 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9cfd4cad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:12 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054399 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e7fa4d48 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:05 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.068788 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..2c68a9ce --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:11 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..8ea5560d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:14 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/verification_report.md new file mode 100644 index 00000000..ca8b4c65 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/verification_report.md @@ -0,0 +1,589 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-02T13:03:17-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 44 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.04736965909090909s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| info.defi-oracle.io | web | pass | pass | pass | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | pass | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | pass | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | pass | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..373b97c6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 20:03:05 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036145 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..6c55d077 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 02 Apr 2026 20:03:10 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..051957ec --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 20:03:13 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040711 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..159cb483 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 20:03:08 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034687 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ef095e37 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260402_130259/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 02 Apr 2026 20:03:08 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051106 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c0d49f4f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:22 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033451 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..af53172e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:55 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.121442 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/all_e2e_results.json new file mode 100644 index 00000000..ef4d5484 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/all_e2e_results.json @@ -0,0 +1,1503 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037651, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040048, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:21:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027151, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045313, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.121442, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037014, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:21:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055783, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050470, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.060041, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 8 23:35:06 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035672, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.058255, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062197, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:21:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:21:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-03T22:21:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.172878, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:21:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "skip", + "http_code": "502", + "error": "\r\n502 Bad Gateway\r\n\r\n

502 Bad Gateway

\r\n\r\n" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038398, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.037954, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-03T22:22:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049788, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057762, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.042633 + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055474, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033520, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053313, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.046380, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036812, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.057808, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041738, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-03T22:22:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.091404, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.069055, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-03T22:22:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035963, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043811, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-03T22:22:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039188, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-03T22:22:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041960, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033451, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053680, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.039501, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041033, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044190, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.040667 + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038709, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 404, + "response_time_seconds": 0.040268 + }, + "blockscout_api": { + "status": "skip", + "http_code": "500" + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-03T22:22:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046347, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046199, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041104, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047721, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-03T22:22:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-03T22:22:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-03T22:22:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 8 19:47:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033240, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..cc628ecb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 404 +date: Sat, 04 Apr 2026 05:22:25 GMT +content-type: text/html; charset=utf-8 +content-length: 14 +access-control-allow-credentials: true +access-control-allow-origin: * +access-control-expose-headers: +cache-control: max-age=0, private, must-revalidate +x-request-id: GKMP4wnhvXmIGGsAAIkB +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040268 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..24feca94 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:36 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.033240 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..20413b3d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:57 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.035672 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..62a499e4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:30 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.047721 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1c61e26f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:54 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 48cf4914c327458e6507e06cfb45a825 +x-span-id: 080db486559ad4be +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/d-bis_org_https_headers.txt new file mode 100644 index 00000000..55db3a37 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046199 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..666388c4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:02 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.033520 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5c9d892a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:56 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.037014 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..72230dd9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:04 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: a5502fddde8446c4922760f8d71eed44 +x-span-id: 010b99180080fd76 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ce3cb1dd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:54 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8a2a0d13 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:28 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ab6babc6751d439c366b80449a4eb48c +x-span-id: 925e88bf67111f8f +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..15a76519 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:01 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: b12e35af3e90f484605154f8e012dfea +x-span-id: 4f50a4cc07ef21bf +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2458fa3e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:22 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.041960 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1c22e8e6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:57 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.058255 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..370ef2ad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 404 +date: Sat, 04 Apr 2026 05:22:01 GMT +content-type: text/html; charset=utf-8 +content-length: 14 +access-control-allow-credentials: true +access-control-allow-origin: * +access-control-expose-headers: +cache-control: max-age=0, private, must-revalidate +x-request-id: GKMP3WHOnQ1WOcUAADyk +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042633 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..ece1a7f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +"Internal server error" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c4811459 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 404 +date: Sat, 04 Apr 2026 05:22:24 GMT +content-type: text/html; charset=utf-8 +content-length: 14 +access-control-allow-credentials: true +access-control-allow-origin: * +access-control-expose-headers: +cache-control: max-age=0, private, must-revalidate +x-request-id: GKMP4sReaBQQmKMAAD_E +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b2ca09ed --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:24 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.041033 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b41a13ed --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055474 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..f9d1fc37 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:59 GMT +content-type: text/html +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5BiareP%2B5%2B%2Bn7xsKNFIZ%2BINd7cyKsDRdKNzTyuyMOVT%2B2h65MZokdCgP3YSYA2fGNw%2BFOnz3bqhYqMChKobMtuqQwrJKNgUPU50IuLyKpXpwgVoQXmCTKCAHlHSaUAoE%2FNYmfaxO"}]} +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e6ddf69ac0b2af1-LAX + + +0.172878 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..42d160ef --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057762 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..105ec8ad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sat, 04 Apr 2026 05:22:04 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.057808 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e49147dd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:55 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045313 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..db8e6081 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:55 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.027151 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/mim4u_org_https_headers.txt new file mode 100644 index 00000000..390de39e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:04 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9a77998d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053313 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..737e9697 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:10 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-hc7f2pIQAU9EVchNnUBbhA=='; style-src 'self' 'nonce-hc7f2pIQAU9EVchNnUBbhA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9e06d30f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:57 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050470 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0ec8fe2c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:57 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.060041 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8944b58f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:56 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055783 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..c176f7bb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1,6 @@ + +502 Bad Gateway + +

502 Bad Gateway

+ + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..93a2f1be --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:05 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.069055 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..8309a67a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:21:58 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.062197 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..650a5ae0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:29 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..e609a3b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:24 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ee8692a3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:23 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053680 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d2debc56 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:00 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038398 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..4e067edd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:16 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..4e27f979 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:25 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/verification_report.md new file mode 100644 index 00000000..ecd0f0d6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/verification_report.md @@ -0,0 +1,589 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-03T22:22:36-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 41 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 1 +- **Average response time**: 0.050522409090909104s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | +|--------|------|-----|-----|-------|-----| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | +| core.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | +| mifos.d-bis.org | web | pass | pass | pass | - | +| members.d-bis.org | web | pass | pass | pass | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | +| research.d-bis.org | web | pass | pass | pass | - | +| policy.d-bis.org | web | pass | pass | pass | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | +| developers.d-bis.org | web | pass | pass | pass | - | +| sankofa.nexus | web | pass | pass | pass | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | +| info.defi-oracle.io | web | pass | pass | pass | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | skip | +| studio.sankofa.nexus | web | pass | pass | pass | - | +| www.d-bis.org | web | pass | pass | pass | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | +| interop.d-bis.org | web | pass | pass | pass | - | +| docs.d-bis.org | web | pass | pass | warn | - | +| identity.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | +| dapp.d-bis.org | web | pass | pass | pass | - | +| ops.d-bis.org | web | pass | pass | pass | - | +| www.sankofa.nexus | web | pass | pass | pass | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | +| mim4u.org | web | pass | pass | pass | - | +| data.d-bis.org | api | pass | pass | pass | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | +| www.mim4u.org | web | pass | pass | pass | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | +| admin.d-bis.org | web | pass | pass | pass | - | +| status.d-bis.org | web | pass | pass | pass | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | +| gitea.d-bis.org | web | pass | pass | pass | - | +| secure.mim4u.org | web | pass | pass | pass | - | +| explorer.d-bis.org | web | pass | pass | warn | - | +| training.mim4u.org | web | pass | pass | pass | - | +| blockscout.defi-oracle.io | web | pass | pass | warn | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | +| d-bis.org | web | pass | pass | pass | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | +| secure.d-bis.org | web | pass | pass | pass | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | +| codespaces.d-bis.org | web | pass | pass | pass | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: skip +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): optional Blockscout API check; use `SKIP_BLOCKSCOUT_API=1` to skip when backend is unreachable (e.g. off-LAN). Fix runbook: docs/03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8306d51c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 05:22:00 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037954 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..ef5b9c67 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 05:22:11 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d47f4711 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 05:22:23 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039501 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5b79e655 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 05:22:03 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046380 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..678b166a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260403_222153/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 05:22:03 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036812 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..58babab6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:51 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049149 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..cccb9903 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:36 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.098207 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/all_e2e_results.json new file mode 100644 index 00000000..03b8e815 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/all_e2e_results.json @@ -0,0 +1,1527 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048576, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041983, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.058826, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.082235, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.098207, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045461, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052200, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056363, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039294, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 8 23:35:06 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034554, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.079504, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.099156, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.135931, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045743, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.040333, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-04T15:25:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050098, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050259, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034912, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048854, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048022, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.071316, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.105081, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036904, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.071732, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042767, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-04T15:25:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039957, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050578, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T15:25:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044885, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034285, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T15:25:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047469, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T15:25:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045235, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049149, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051987, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:25:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.042800, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034182, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038826, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:25:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033218, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:26:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043098, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-04T15:26:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027772, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-04T15:26:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047131, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:26:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049920, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:26:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:26:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036140, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:26:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:26:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038303, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T15:26:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T15:26:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T15:26:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 8 19:47:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036772, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..e1c65d12 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2001.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2072.99","coin_price_change_percentage":0.77,"gas_price_updated_at":"2026-04-04T22:25:53.164332Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":32000,"gas_used_today":"93726170","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"539","total_blocks":"3610634","total_gas_used":"0","total_transactions":"41402","transactions_today":"233","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..1b4f9820 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:06 GMT +content-type: text/html +content-length: 86817 +vary: Accept-Encoding +last-modified: Sat, 04 Apr 2026 21:40:06 GMT +etag: "69d18536-15321" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.027772 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ef7a3182 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:10 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.036772 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..563c0353 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:39 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.034554 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ed6aba11 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:09 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.038303 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b7f8420e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:34 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 47db9031215189502b2cfcca8ffa309a +x-span-id: fd47b9d531b9b5c9 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/d-bis_org_https_headers.txt new file mode 100644 index 00000000..ef8388b1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:07 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049920 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1954af3e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:44 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.048022 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..33f418e3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:37 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.045461 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..27e0e59a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:47 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: fa9165cac39bb37fd3d096097c30aaa3 +x-span-id: 98e073c2eb703f18 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..538a19bb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:34 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fdeacc6a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:07 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ea066b848cf3569dc44ad794b4cf10d3 +x-span-id: 4254c0ff7e8418b0 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..95663ef4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:42 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 7d5b9956a36733be70448976d14a7238 +x-span-id: 71db84993d1c87b1 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..acf914ac --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:50 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.045235 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..efd829a1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:39 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.079504 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..93bee21c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:43 GMT +content-type: text/html +content-length: 86817 +vary: Accept-Encoding +last-modified: Sat, 04 Apr 2026 21:40:06 GMT +etag: "69d18536-15321" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034912 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..f83c0dc0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2001.0,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2072.99","coin_price_change_percentage":0.77,"gas_price_updated_at":"2026-04-04T22:25:53.164332Z","gas_prices":{"slow":null,"average":null,"fast":null},"gas_prices_update_in":32000,"gas_used_today":"93726170","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"539","total_blocks":"3610561","total_gas_used":"0","total_transactions":"41402","transactions_today":"233","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0b277742 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:53 GMT +content-type: text/html +content-length: 86817 +vary: Accept-Encoding +last-modified: Sat, 04 Apr 2026 21:40:06 GMT +etag: "69d18536-15321" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..64009e21 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"chains":{"138":{"block_number":"3611836","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.529409491,"last_sync":"2026-04-04T22:25:54Z","latency_ms":2,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-04T22:25:54Z","rpc_probe":[{"blockNumber":"0x371cbc","blockNumberDec":"3611836","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.529409491,"latencyMs":2,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..24e6827b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,23 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:54 GMT +content-type: text/event-stream +access-control-allow-headers: Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..724474cb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:52 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.034182 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..54905dc6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:43 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048854 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..ce22632f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:41 GMT +content-type: text/html +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=M8g15prLHslfzKsJ1f9fI2iXxd3%2Fg4WFUSedF4UUQf9ziELZWsjWCbeqO9iFNsy2feZuredXlBjUjoDRGMGwZzNpJP%2Bv2NIvU7LPHFcjy%2FURY0oDnY3H6LGBQl3QtMBUioBCxci%2F"}]} +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e73baf7fc201ffb-LAX + + +0.135931 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..68712822 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:42 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050259 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..2f318b81 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sat, 04 Apr 2026 22:25:46 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.071732 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fd12c479 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:36 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.082235 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..88dcfd93 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:35 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.058826 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/mim4u_org_https_headers.txt new file mode 100644 index 00000000..a686c236 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:46 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7a2228e8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:44 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.071316 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1adbd813 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:48 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-CfHuHNXbo0mflxncTQj3Rw=='; style-src 'self' 'nonce-CfHuHNXbo0mflxncTQj3Rw=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f5f5e7c6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:38 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056363 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..df051970 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:38 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.039294 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..87e73c05 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:38 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052200 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..154cb9f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:47 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050578 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..04e89c11 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:39 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + + +0.099156 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..80dc11e0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/secure_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:08 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..6af3b813 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/secure_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:52 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e0750b68 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:51 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051987 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..fe675f13 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:41 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045743 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1733e062 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:49 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..9924ee9e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/training_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:26:05 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/verification_report.md new file mode 100644 index 00000000..1faa2c1d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/verification_report.md @@ -0,0 +1,594 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-04T15:26:10-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 44 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.0525004090909091s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | Explorer+ | +|--------|------|-----|-----|-------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | +| mim4u.org | web | pass | pass | pass | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | +| d-bis.org | web | pass | pass | pass | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..944af097 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 22:25:42 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040333 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..297b5db1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_mim4u_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sat, 04 Apr 2026 22:25:48 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https: data:; font-src 'self' https: data:; img-src 'self' data: https: blob:; connect-src 'self' https: wss: ws:; media-src 'self' https: data:; object-src 'none'; base-uri 'self'; form-action 'self' https:; frame-ancestors 'none'; upgrade-insecure-requests + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f4a7ff41 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 22:25:52 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042800 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ba10ce4a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 22:25:45 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.105081 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c4a30102 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_152533/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sat, 04 Apr 2026 22:25:46 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036904 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d9934db4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/admin_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.085706 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e08fe243 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.169646 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/all_e2e_results.json new file mode 100644 index 00000000..58301386 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/all_e2e_results.json @@ -0,0 +1,1237 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:00:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.165766 + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:00:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.170926 + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:00:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:00:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.148472 + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:00:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.085154 + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.169646 + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.155326 + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:01:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.097421 + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.087831 + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.085792 + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 8 23:35:06 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.029509, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.094577 + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.084841 + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:01:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:01:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "rpc_http": { + "status": "skip", + "http_code": "000000", + "error": "" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-04T19:01:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 523, + "response_time_seconds": 2.914210 + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:01:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "rpc_http": { + "status": "skip", + "http_code": "000000", + "error": "" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.151100 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.077561 + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-04T19:02:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.146342 + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.094874 + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.097326 + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.166327 + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:02:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:02:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "rpc_http": { + "status": "skip", + "http_code": "000000", + "error": "" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.152105 + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:02:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.150885 + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.182010 + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.176851 + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.087235 + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.162710 + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-04T19:03:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.174639 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.155489 + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T19:03:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "websocket": { + "status": "pass", + "http_code": "000000", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.187361 + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:03:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.078335 + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T19:03:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "fail" + }, + "websocket": { + "status": "pass", + "http_code": "000000", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.166869 + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:04:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "rpc_http": { + "status": "skip", + "http_code": "000000", + "error": "" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T19:04:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "fail" + }, + "websocket": { + "status": "pass", + "http_code": "000000", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047711, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.085706 + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.170744 + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:04:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.077978 + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056313, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.159098 + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:04:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "fail" + }, + "https": { + "status": "fail", + "response_time_seconds": 3.154217 + }, + "blockscout_api": { + "status": "skip", + "http_code": "000000" + }, + "explorer_command_center": { + "status": "fail", + "http_code": "000000" + }, + "mission_control_stream": { + "status": "fail", + "curl_exit": "0" + }, + "mission_control_trace": { + "status": "fail", + "http_code": "000000" + }, + "mission_control_liquidity": { + "status": "fail", + "http_code": "000000" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:05:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.074158 + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-04T19:05:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.096231 + }, + "blockscout_api": { + "status": "skip", + "http_code": "000000" + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-04T19:05:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.163261 + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:05:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.064194 + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:05:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "rpc_http": { + "status": "skip", + "http_code": "000000", + "error": "" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:05:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "https": { + "status": "skip", + "response_time_seconds": 3.080466 + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:05:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:05:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039613, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-04T19:05:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "rpc_http": { + "status": "skip", + "http_code": "000000", + "error": "" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-04T19:05:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "skip" + }, + "websocket": { + "status": "pass", + "http_code": "000000", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-04T19:06:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 8 19:47:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048310, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..1c017427 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,2 @@ + +3.096231 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2b90e7df --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 02:06:05 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.048310 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9c9be4d7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 02:01:36 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.029509 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c4b6494b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 02:05:53 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.039613 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..615b6189 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/core_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.170926 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/d-bis_org_https_headers.txt new file mode 100644 index 00000000..f0cda0ca --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.064194 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a203b695 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.152105 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..477f7791 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.155326 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5bece661 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/data_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.174639 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0b93de83 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.165766 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f511a913 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.163261 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3b94e2d5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.146342 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..65301102 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 02:04:24 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.047711 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1c51a133 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/developers_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.094577 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a12fd9bc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/docs_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.097326 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ec736ec0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.154217 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..e69de29b diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7fb18565 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 02:04:43 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.056313 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3175f794 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/identity_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.166327 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..2883954a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 523 +date: Sun, 05 Apr 2026 02:01:57 GMT +content-type: text/plain; charset=UTF-8 +content-length: 15 +cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 +expires: Thu, 01 Jan 1970 00:00:01 GMT +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9e74f7b79877c277-LAX +alt-svc: h3=":443"; ma=86400 + + +2.914210 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c8b56ba2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/interop_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.094874 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5e5059ac --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.087235 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6ae8b3a5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/members_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.085154 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9cfe982d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.148472 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/mim4u_org_https_headers.txt new file mode 100644 index 00000000..86399cab --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/mim4u_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.162710 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5085e480 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/ops_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.150885 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d1b23f79 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.187361 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..da5ae3aa --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/policy_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.087831 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7b4bbaff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.085792 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..26d8d767 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/research_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.097421 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c2fffa8f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.155489 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6e6c1fdf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.084841 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9b743be8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/secure_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.080466 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..1598985d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/secure_mim4u_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.159098 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..73048183 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/status_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.170744 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6bacaead --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.151100 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..bd0974c5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.166869 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..c1f547cc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/training_mim4u_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.074158 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/verification_report.md new file mode 100644 index 00000000..f2ab6221 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/verification_report.md @@ -0,0 +1,594 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-04T19:06:05-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 5 +- **Explorer surface failures**: 1 +- **Failed tests**: 1 +- **Skipped / optional (not configured or unreachable)**: 45 +- **Average response time**: 2.773079318181819s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | Explorer+ | +|--------|------|-----|-----|-------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | skip | skip | - | - | +| core.d-bis.org | web | pass | skip | skip | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| mifos.d-bis.org | web | pass | skip | skip | - | - | +| members.d-bis.org | web | pass | skip | skip | - | - | +| admin.sankofa.nexus | web | pass | skip | skip | - | - | +| dash.sankofa.nexus | web | pass | skip | skip | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| research.d-bis.org | web | pass | skip | skip | - | - | +| policy.d-bis.org | web | pass | skip | skip | - | - | +| portal.sankofa.nexus | web | pass | skip | skip | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | +| developers.d-bis.org | web | pass | skip | skip | - | - | +| sankofa.nexus | web | pass | skip | skip | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | skip | - | skip | - | +| info.defi-oracle.io | web | pass | pass | warn | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | skip | - | skip | - | +| studio.sankofa.nexus | web | pass | skip | skip | - | - | +| www.d-bis.org | web | pass | skip | skip | - | - | +| dbis-api.d-bis.org | api | pass | skip | skip | - | - | +| interop.d-bis.org | web | pass | skip | skip | - | - | +| docs.d-bis.org | web | pass | skip | skip | - | - | +| identity.d-bis.org | web | pass | skip | skip | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | skip | - | skip | - | +| dapp.d-bis.org | web | pass | skip | skip | - | - | +| ops.d-bis.org | web | pass | skip | skip | - | - | +| www.sankofa.nexus | web | pass | skip | skip | - | - | +| www.the-order.sankofa.nexus | web | pass | skip | skip | - | - | +| keycloak.sankofa.nexus | web | pass | skip | skip | - | - | +| mim4u.org | web | pass | skip | skip | - | - | +| data.d-bis.org | api | pass | skip | skip | - | - | +| sandbox.d-bis.org | web | pass | skip | skip | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | skip | - | - | - | +| phoenix.sankofa.nexus | web | pass | skip | skip | - | - | +| www.mim4u.org | web | pass | skip | skip | - | - | +| wss.defi-oracle.io | rpc-ws | pass | fail | - | - | - | +| the-order.sankofa.nexus | web | pass | skip | skip | - | - | +| rpc2.d-bis.org | rpc-http | pass | skip | - | skip | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | fail | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | +| admin.d-bis.org | web | pass | skip | skip | - | - | +| status.d-bis.org | web | pass | skip | skip | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | skip | skip | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | +| secure.mim4u.org | web | pass | skip | skip | - | - | +| explorer.d-bis.org | web | pass | fail | fail | - | - | +| training.mim4u.org | web | pass | skip | skip | - | - | +| blockscout.defi-oracle.io | web | pass | skip | skip | - | - | +| dbis-api-2.d-bis.org | api | pass | skip | skip | - | - | +| d-bis.org | web | pass | skip | skip | - | - | +| rpc-core.d-bis.org | rpc-http | pass | skip | - | skip | - | +| secure.d-bis.org | web | pass | skip | skip | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | +| rpc.defi-oracle.io | rpc-http | pass | skip | - | skip | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | skip | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: skip +- RPC: skip +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: skip +- RPC: skip +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: skip +- RPC: skip +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: skip +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: fail +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: skip +- RPC: skip +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: fail +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: fail +- HTTPS: fail +- Blockscout API: skip +- Command Center: fail +- Mission Control stream: fail +- Mission Control trace: fail +- Mission Control liquidity: fail +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Blockscout API: skip +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: skip +- RPC: skip +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: skip +- HTTPS: skip +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: skip +- RPC: skip +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: skip +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e0753f25 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_d-bis_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.077561 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..20ae8a27 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_mim4u_org_https_headers.txt @@ -0,0 +1,2 @@ + +3.078335 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ff8b41e7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.077978 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c7cea16f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.182010 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..52b34e35 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260404_190038/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,2 @@ + +3.176851 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d49213d7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:21 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035740 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..26794f09 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:09 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.053381 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/all_e2e_results.json new file mode 100644 index 00000000..88fecb8b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/all_e2e_results.json @@ -0,0 +1,1524 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027383, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043923, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031190, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046016, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053381, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042526, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049035, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.067861, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034990, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 07:41:33 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027556, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046347, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063883, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.170187, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036951, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.044450, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T12:40:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037326, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045769, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042561, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049561, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036298, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050997, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.033724, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035215, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.043794, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036970, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T12:40:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 503, + "response_time_seconds": 0.074339 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044640, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:40:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037400, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.028975, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:40:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040346, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:40:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027417, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035740, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057022, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.039727, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038908, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040536, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044123, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039313, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.181905, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T12:40:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.120959, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.074862, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035572, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030912, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:40:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:40:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:40:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 04:41:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045160, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..7cae4671 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T19:40:25.497888Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":24092,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"492","total_blocks":"3239306","total_gas_used":"0","total_transactions":"41950","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..cf08d72c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:32 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "uez3j23bnzggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.181905 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4c775472 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:36 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.045160 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..148cb67e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:11 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.027556 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..27e6d954 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:35 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.030912 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9da4b15c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:08 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: c8a6ae126a405f5f000418842f2151e5 +x-span-id: 83b0a96e235ccc7c +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/d-bis_org_https_headers.txt new file mode 100644 index 00000000..54fe31d7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:34 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.074862 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b2491304 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:16 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.036298 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..34bcbb79 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:10 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.042526 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..acddab6d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 503 +date: Sun, 05 Apr 2026 19:40:18 GMT +content-type: application/json; charset=utf-8 +content-length: 104 +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 68275aed579a69edbdc4f1b2a2d59fb3 +x-span-id: 689bcd1acb367a13 +x-parent-span-id: +traceparent: 00-68275aed579a69edbdc4f1b2a2d59fb3-689bcd1acb367a13-01 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b4ac2b97 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:08 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.027383 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ee76e83f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:33 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 23def7db7ee43a872c52d5638ecb8e16 +x-span-id: 0c8562659c6e201e +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d6f9f279 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:14 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 42828dd0c72a12ac7db6f1c772bea91f +x-span-id: 472d723e2484b00e +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9e3cfa0e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:20 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.027417 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..16cf245a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:12 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046347 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..76ea810f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:15 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "uez3j23bnzggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042561 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..60b96313 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T19:39:54.466815Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":2866,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"492","total_blocks":"3239306","total_gas_used":"0","total_transactions":"41950","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..62d365e0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:23 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "uez3j23bnzggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044123 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..5edc35f7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T19:40:20.118Z","from_block":3649659,"logs_fetched":0,"ok":true,"to_block":3649693},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":1155},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T19:40:22.618Z","from_block":3649661,"logs_fetched":0,"ok":true,"to_block":3649694},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":1156},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T19:40:22.843Z","from_block":3649661,"logs_fetched":0,"ok":true,"to_block":3649694},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":1156},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T19:40:20.118Z","from_block":3649659,"logs_fetched":0,"ok":true,"to_block":3649693},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":1155},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T19:39:54.692Z","from_block":3649619,"logs_fetched":0,"ok":true,"to_block":3649680},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":693},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3649697","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.272539807,"last_sync":"2026-04-05T19:40:23Z","latency_ms":23,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T19:40:23Z","rpc_probe":[{"blockNumber":"0x37b0a1","blockNumberDec":"3649697","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.272539807,"latencyMs":23,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..badf77c1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:23 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..94ad5586 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:22 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.038908 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..10b14a9d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049561 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..ea283dfb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:13 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 19:03:51 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dWFqTdR2LRy7AGvRQBMR1r4g3WFh73LOdtsaSUAVWA1EIUysoVlVxL4%2B4IJxzr92xEbLwWeUNzKZf5Tnkqsj2z8lC9Dphr4ijH6EK%2B54AJnZdWZ7MEccG6CPlBbFsu7Q%2B8BdGuR%2B"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7b05f8d9d2191b-LAX + + +0.170187 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7ddfa39f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045769 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..35f76472 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 19:40:17 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.043794 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..afde2381 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:09 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046016 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b1e0bbe1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:09 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.031190 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/mim4u_org_https_headers.txt new file mode 100644 index 00000000..b5ffc556 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:17 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.036970 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..73764c09 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:16 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050997 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c40fad25 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:19 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-H2DryVSWficHBnd9CfCKjA=='; style-src 'self' 'nonce-H2DryVSWficHBnd9CfCKjA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.037400 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..daab0ec8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:11 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.067861 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..06854425 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:11 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.034990 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..689f8268 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:10 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049035 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1b5fc1f0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:18 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044640 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..69fe0c4b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:12 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.063883 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..42f3d35d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:34 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.035572 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..ca8ac0ca --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:22 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.040536 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8b80bcd9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:21 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057022 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..9d9da33d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:14 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036951 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7ad99fb4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:19 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.040346 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..fd357538 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:31 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.039313 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/verification_report.md new file mode 100644 index 00000000..e08fe068 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/verification_report.md @@ -0,0 +1,594 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T12:40:36-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.0508125s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | Explorer+ | +|--------|------|-----|-----|-------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | +| mim4u.org | web | pass | pass | pass | - | - | +| data.d-bis.org | api | pass | pass | warn | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | +| d-bis.org | web | pass | pass | pass | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..33517d35 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:40:14 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044450 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..79a5b4b2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:40:19 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.028975 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..febfd159 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:40:22 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039727 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c87c791e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:40:16 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033724 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..722f116b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124007/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:40:17 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035215 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fa677db1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:25 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035906 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f29c1a57 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:08 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.043832 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/all_e2e_results.json new file mode 100644 index 00000000..5eb4102c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/all_e2e_results.json @@ -0,0 +1,1524 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034955, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045696, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042491, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062417, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043832, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.116009, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057061, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.121954, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048295, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 07:41:33 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045819, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047307, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.082076, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.91.43", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.144325, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057979, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.038231, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T12:42:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044925, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046207, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050164, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042997, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035550, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052364, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.042716, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.033629, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.043973, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048524, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T12:42:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 503, + "response_time_seconds": 3.342668 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044428, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:42:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038251, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043192, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:42:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043210, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:42:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041853, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035906, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044313, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036146, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032863, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031488, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062090, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032383, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038274, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T12:42:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045974, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051982, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035300, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039926, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T12:42:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T12:42:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T12:42:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 04:41:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036723, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..0423fcf8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T19:42:29.623530Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":24908,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"492","total_blocks":"3239306","total_gas_used":"0","total_transactions":"42403","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..a0366f97 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:36 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "uez3j23bnzggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038274 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6555109f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:39 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.036723 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..982b2959 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:10 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.045819 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fabee048 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:38 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.039926 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..163d489a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:06 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 8e90f7b165554bb626afbec751a258fd +x-span-id: 6c4c65acfff9aa08 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/d-bis_org_https_headers.txt new file mode 100644 index 00000000..368e9a22 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:37 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051982 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2249e2c8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:16 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.035550 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ee233119 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:08 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.116009 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ac849e16 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 503 +date: Sun, 05 Apr 2026 19:42:21 GMT +content-type: application/json; charset=utf-8 +content-length: 104 +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 758886ad7f3939481c5e155d9fb8710b +x-span-id: eeca5795f3a61360 +x-parent-span-id: +traceparent: 00-758886ad7f3939481c5e155d9fb8710b-eeca5795f3a61360-01 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d2679cd1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:06 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.034955 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..915d0375 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:36 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: c0b19c5e9900710a784f294eeba779f2 +x-span-id: c0035f57153de641 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a89d609b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:14 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 813e7a2d8b5abace2c152cf3ae7f2f66 +x-span-id: ca97ec700e3d6553 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..25962678 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:24 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.041853 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..56208cf9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:11 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047307 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..dd03c1ae --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:14 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "uez3j23bnzggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050164 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..4a3a4fab --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T19:41:58.593885Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":2990,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"492","total_blocks":"3239306","total_gas_used":"0","total_transactions":"42403","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f53658cf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:26 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "uez3j23bnzggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.062090 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..9bc99566 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T19:42:27.327Z","from_block":3649723,"logs_fetched":0,"ok":true,"to_block":3649757},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":1279},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T19:42:23.144Z","from_block":3649721,"logs_fetched":0,"ok":true,"to_block":3649755},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":1280},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T19:42:23.355Z","from_block":3649721,"logs_fetched":0,"ok":true,"to_block":3649755},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":1280},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T19:42:27.327Z","from_block":3649723,"logs_fetched":0,"ok":true,"to_block":3649757},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":1279},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T19:41:54.880Z","from_block":3649679,"logs_fetched":0,"ok":true,"to_block":3649740},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":817},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3649759","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.324570856,"last_sync":"2026-04-05T19:42:27Z","latency_ms":34,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T19:42:27Z","rpc_probe":[{"blockNumber":"0x37b0df","blockNumberDec":"3649759","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.324570856,"latencyMs":34,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..c9caa49e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:27 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..250ac4df --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:26 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.032863 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..940f5102 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042997 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..f6489abb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:12 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 19:03:51 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NyeYPDExhEc1kkfVPyUSgjihSFuxQztLzuZ0aU%2BHUoD4%2BNNI%2BbqvnO7BPdf0SkIM8Vc9HQdqv2q%2B5KHvz0CY%2FWupE9MbMn2ZDpp8z7wjTDUxRgwN%2BcMGdE13ENiWLRdnZJtX6qsx"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7b08e23fcfae43-LAX + + +0.144325 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1a4e49f1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:14 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046207 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c1584bbe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 19:42:17 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.043973 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..58d19442 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:07 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.062417 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..629fa173 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:07 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.042491 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/mim4u_org_https_headers.txt new file mode 100644 index 00000000..5c37736e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:17 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.048524 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..81de7b84 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:16 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052364 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..54e66357 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:22 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-7kxgz9dnEDHLnN/2I3SkQw=='; style-src 'self' 'nonce-7kxgz9dnEDHLnN/2I3SkQw=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.038251 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..aed621f0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:10 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.121954 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d206f9ed --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:10 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.048295 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8164075f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:09 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057061 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e8f8eca2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:21 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044428 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..63e77bfb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:11 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.082076 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..035aea94 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:37 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.035300 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..c607dac1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:26 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.031488 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0cc2cc1a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:25 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044313 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..894673b8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:13 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057979 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..09e1497e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:23 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.043210 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..029eb04f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:35 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.032383 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/verification_report.md new file mode 100644 index 00000000..9b29666d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/verification_report.md @@ -0,0 +1,594 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T12:42:39-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.12514695454545458s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | RPC | Explorer+ | +|--------|------|-----|-----|-------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | +| mim4u.org | web | pass | pass | pass | - | - | +| data.d-bis.org | api | pass | pass | warn | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | +| d-bis.org | web | pass | pass | pass | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..48f4bf76 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:42:13 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038231 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..062b10f8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 19:42:22 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.043192 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a1fcf5b3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:42:26 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036146 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c2e4eec8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:42:16 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042716 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..bf2d025d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_124206/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 19:42:17 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033629 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..26978dbd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:39 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035453 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..15dd7f4c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:21 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.075165 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/all_e2e_results.json new file mode 100644 index 00000000..03107684 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/all_e2e_results.json @@ -0,0 +1,1530 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048874, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053903, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044946, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.075930, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.075165, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.101124, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057433, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.084444, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065200, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 07:41:33 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041128, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045655, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065895, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.91.43", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.166420, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043471, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "root_redirect": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.041207, + "location": "/studio/" + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.036815, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T14:56:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044593, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.059218, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.172577, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047893, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027459, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053982, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.027478, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.052815, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.056414, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043312, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T14:56:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 503, + "response_time_seconds": 3.355696 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054382, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T14:56:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035556, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044212, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T14:56:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044970, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T14:56:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032916, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035453, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042550, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.024318, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033836, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038605, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055966, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035692, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039394, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T14:56:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038415, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043745, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034130, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.025805, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T14:56:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T14:56:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T14:56:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 04:41:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043483, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..fd3dd701 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T21:56:26.845217Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":8382,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"493","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..50e3d5af --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:49 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "3al1e7zibnggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039394 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3308df87 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:52 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.043483 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a58b89be --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:24 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.041128 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..dafef6cc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:51 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.025805 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0ace284d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:19 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 71bec15eea4e097d9f7cde867470e446 +x-span-id: 3bd405ea809eedca +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/d-bis_org_https_headers.txt new file mode 100644 index 00000000..6c44f55c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:50 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043745 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b3fdd3be --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:30 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.027459 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d4a5c165 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:22 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.101124 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a71e4192 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 503 +date: Sun, 05 Apr 2026 21:56:35 GMT +content-type: application/json; charset=utf-8 +content-length: 104 +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: c30e937f4fb1d7ac6c5132b73757dd9c +x-span-id: 2282be8ae2308edb +x-parent-span-id: +traceparent: 00-c30e937f4fb1d7ac6c5132b73757dd9c-2282be8ae2308edb-01 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cb77e64b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:18 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.048874 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..68095081 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:50 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: bc88d33aff84cb8e982251f1d17ffac2 +x-span-id: dce2e572c10758cb +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..69da4f17 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:27 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: b8e5f052829d3d4c811acc16d62ff2fe +x-span-id: ad77ce4f07862c7b +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8b67a0df --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:38 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.032916 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0a359b80 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:24 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045655 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2342d0b6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:28 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "3al1e7zibnggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.172577 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..229aaa24 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T21:56:26.845217Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":17271,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"493","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..baa184b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:41 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "3al1e7zibnggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.055966 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..847021b8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T21:56:38.872Z","from_block":3653749,"logs_fetched":0,"ok":true,"to_block":3653782},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":9333},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T21:56:40.719Z","from_block":3653750,"logs_fetched":0,"ok":true,"to_block":3653783},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":9334},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:44:50.601Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:44:50.098Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-05T21:56:38.128Z","from_block":3653749,"logs_fetched":0,"ok":true,"to_block":3653782},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2417884,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:44:48.451Z","uptime_sec":7912},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T21:56:36.173Z","from_block":82204786,"logs_fetched":0,"ok":true,"to_block":82204823},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2741860,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T21:55:41.591Z","uptime_sec":59},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T21:56:40.913Z","from_block":3653750,"logs_fetched":0,"ok":true,"to_block":3653783},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":9334},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T21:56:38.872Z","from_block":3653749,"logs_fetched":0,"ok":true,"to_block":3653782},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":9333},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T21:56:04.973Z","from_block":3653704,"logs_fetched":0,"ok":true,"to_block":3653765},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":8871},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3653786","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.233434291,"last_sync":"2026-04-05T21:56:41Z","latency_ms":3,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T21:56:41Z","rpc_probe":[{"blockNumber":"0x37c09a","blockNumberDec":"3653786","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.233434291,"latencyMs":3,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..b30c5b4f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:41 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1f84bbfd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:40 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.033836 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d241436d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:29 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047893 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..aa58b80e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:26 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 19:45:26 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Hsqw2Z5sOYlgCJUbF17DlKK13jYxBrsMaLFr%2BlM2Gom7Rb0S0a4kNq1hdKubNXNUtGt4tRVLtHO7jfSLoabxCGOvkZ%2Bb2ZdY5BVBCA8YqWK2L8Jl0C0XbUKkZmZdo%2BWoSpV%2BCm1q"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7bcd819a5dd938-LAX + + +0.166420 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3118a19d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.059218 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..930893b6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 21:56:31 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.056414 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..af8db987 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:20 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.075930 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9eca231b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:20 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.044946 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/mim4u_org_https_headers.txt new file mode 100644 index 00000000..d89d1e94 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:32 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.043312 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d56bfbe3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:30 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053982 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..73d008ff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:36 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-lT46XpJrvXrQXxzqvWyPlQ=='; style-src 'self' 'nonce-lT46XpJrvXrQXxzqvWyPlQ=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.035556 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f2091c98 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:23 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.084444 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1f94af76 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:24 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.065200 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f33aff2c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:23 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057433 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ecde9ac2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:36 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054382 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..003fac89 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:25 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.065895 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bd185c35 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:51 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.034130 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..1f3934e4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:40 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.038605 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b34eda7c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:39 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042550 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..b6f45659 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:27 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.043471 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..fdd7ad8a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:37 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.044970 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..789a0f9f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:49 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.035692 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/verification_report.md new file mode 100644 index 00000000..6cd09a19 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/verification_report.md @@ -0,0 +1,595 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T14:56:52-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.12843790909090913s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | warn | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Root redirect: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2161ef55 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 21:56:27 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036815 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..bcbdea5d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 21:56:37 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044212 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..065d1def --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 21:56:40 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.024318 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..89307ad3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 21:56:30 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.027478 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..88dc63c8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_145618/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 21:56:31 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052815 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5a171d76 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:15 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.131959 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..76262337 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:46 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.103369 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/all_e2e_results.json new file mode 100644 index 00000000..e0610346 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/all_e2e_results.json @@ -0,0 +1,1530 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056190, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052237, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.108742, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048943, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.103369, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049190, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057403, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056700, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046169, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 07:41:33 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048154, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050914, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.082459, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.176429, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053996, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "root_redirect": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.062507, + "location": "/studio/" + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.048089, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T15:05:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068484, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056035, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044940, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.066955, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:05:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:05:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.167349, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.078188, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.060622, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.062430, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.062338, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044033, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T15:06:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 503, + "response_time_seconds": 3.380356 + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.073115, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:06:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047009, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055440, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:06:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.072172, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:06:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:06:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.087311, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.131959, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065902, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:06:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.046327, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049847, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046430, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055084, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.072405, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.058936, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T15:06:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047280, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051294, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:06:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045907, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:06:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049662, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:06:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:06:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:06:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.38", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 12 04:41:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046009, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..d4cba650 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T22:06:16.441567Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":18935,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"493","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..f47848c5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:28 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "4eds2bcdicggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.058936 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0046fb78 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:32 GMT +content-type: text/html +content-length: 907 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-38b" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.046009 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0383320f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:50 GMT +content-type: text/html +content-length: 901 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +etag: "69cec6a5-385" +accept-ranges: bytes +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN +alt-svc: h3=":443"; ma=86400 + + +0.048154 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bfd978c0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:31 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.049662 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cde4f7fe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:44 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: e32070fd025629f823b6575d15060c61 +x-span-id: 5274e4ec1cf7735a +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/d-bis_org_https_headers.txt new file mode 100644 index 00000000..9013be54 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:29 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051294 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c4b255e3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:00 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.167349 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..8d1299f6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:47 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.049190 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8571eeb6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 503 +date: Sun, 05 Apr 2026 22:06:07 GMT +content-type: application/json; charset=utf-8 +content-length: 104 +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: e07ad59682c66fd9007e73c50a33dd62 +x-span-id: 07ce9d38713cf063 +x-parent-span-id: +traceparent: 00-e07ad59682c66fd9007e73c50a33dd62-07ce9d38713cf063-01 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9bf6ea98 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:44 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.056190 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2633243e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:29 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 6bed89955fdcbf7a56d2060e5d87bb27 +x-span-id: 70ce1291a4fc2807 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..27ba704e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:56 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ca36b809b0a315544db24fb6e887018f +x-span-id: 70816b7a46bd7e35 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8c705dae --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:15 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.087311 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d3e78fcc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:50 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050914 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b74e41f7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:57 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "4eds2bcdicggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044940 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..978f4747 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T22:06:16.441567Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":28631,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"493","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..583c3421 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:19 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "4eds2bcdicggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.055084 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..811d7dff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T22:06:14.778Z","from_block":3654037,"logs_fetched":0,"ok":true,"to_block":3654070},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":9911},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:06:17.981Z","from_block":3654038,"logs_fetched":0,"ok":true,"to_block":3654072},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":9912},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:44:50.601Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:44:50.098Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-05T22:06:15.447Z","from_block":3654037,"logs_fetched":0,"ok":true,"to_block":3654071},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2417884,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:44:48.451Z","uptime_sec":8491},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:06:17.041Z","from_block":82205355,"logs_fetched":0,"ok":true,"to_block":82205392},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2741860,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T21:55:41.591Z","uptime_sec":637},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:06:18.149Z","from_block":3654039,"logs_fetched":0,"ok":true,"to_block":3654072},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":9912},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T22:06:14.778Z","from_block":3654037,"logs_fetched":0,"ok":true,"to_block":3654070},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":9911},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:06:06.335Z","from_block":3654005,"logs_fetched":0,"ok":true,"to_block":3654066},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":9449},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3654075","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.545145054,"last_sync":"2026-04-05T22:06:19Z","latency_ms":30,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T22:06:19Z","rpc_probe":[{"blockNumber":"0x37c1bb","blockNumberDec":"3654075","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.545145054,"latencyMs":30,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..c2be6b70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:19 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3a08cd48 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:18 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.049847 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..99d56f6c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:58 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.066955 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..6a8213f7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:53 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 22:00:30 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4seGhna96sLA8FCT8JEvwSwrL8HmRzmaOJ55rDY%2FoAiiV5DLmfGc4VzvrB%2BnQnUmJ%2FvlsQskULFMCEQ7rbsGyfbNpD%2F7QIIzc14t3nk3KKHfAtYEqix%2BgRAEy2e7ifzuzyy8%2FnQ6"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7bdb5a8a87fc10-LAX + + +0.176429 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fc021401 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:57 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056035 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..fa2bfccc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 22:06:03 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.062338 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..eb6feb5c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:46 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048943 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e92bcdaf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:45 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.108742 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/mim4u_org_https_headers.txt new file mode 100644 index 00000000..f8819153 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:03 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044033 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1d7e0c42 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.078188 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..13a0bdeb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:10 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-h8vNQVCEkdCZKN/eDcXNRA=='; style-src 'self' 'nonce-h8vNQVCEkdCZKN/eDcXNRA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.047009 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c591dd82 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:49 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056700 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ad53ea25 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:49 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.046169 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b0d3b564 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:48 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057403 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f41a733f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:08 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.073115 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..88b95c43 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:51 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.082459 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6e09ed3a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:30 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.045907 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..caaa02d9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:18 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.046430 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c25dda76 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:16 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.065902 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ce369d3b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:05:54 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053996 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..59e8bcbc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:13 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.072172 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..3759545f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:28 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.072405 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/verification_report.md new file mode 100644 index 00000000..a33453ee --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/verification_report.md @@ -0,0 +1,595 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T15:06:32-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.14165461363636359s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | warn | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Root redirect: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..15839d52 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:05:55 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048089 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..72101c07 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:06:11 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.055440 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0cd432a3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:06:17 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046327 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..b1816084 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:06:01 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.060622 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..39be846e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:06:02 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.062430 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..df911934 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:41 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.030584 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..375ad84a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:27 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.082133 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/all_e2e_results.json new file mode 100644 index 00000000..2151302a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/all_e2e_results.json @@ -0,0 +1,1533 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038454, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041487, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.094590, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053491, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.082133, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052135, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.058134, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.060855, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038810, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.140880, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053292, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068133, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.131632, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031330, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "root_redirect": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.031217, + "location": "/studio/" + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.028704, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T15:24:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040712, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045623, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044480, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052580, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033340, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.061384, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.048268, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.040190, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.042472, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038953, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T15:24:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050521, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056233, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:24:37-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045293, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:38-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034874, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:24:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044211, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:24:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042888, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030584, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041358, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.038217, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.028411, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046755, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053019, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040724, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044331, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T15:24:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049981, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.064870, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044826, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033053, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T15:24:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T15:24:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T15:24:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.128773, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..dca5ea76 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T22:24:22.600536Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":1639,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"493","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..dbb324ad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:52 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "bdyzqazl42ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044331 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..052d739a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:55 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kql93%2BOtzFtJa4lvgRqg3nTJ2lC5INsQS7w97q8eiT4qcZ6BgU1Zs6bMHZEJkXwOuujon%2FveNPsL%2BEiUyQi3u0gwltokTpBw%2BcI0OS3GamydjyMW%2FByE%2Bbtqx00ySDLGV4FsHMW8bq%2B0"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7bf73b3ff5dbe5-LAX + + +0.128773 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a7e459f8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:29 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aknVYDnljPWvO%2B4Vq949OiVkXDZwojjtWKcPPspmTTh3Xk9UUG5o%2Fc3NB2lcR%2FohLaJ4iylnYo7JsXidh7K%2F%2BN6QJxWkapCZ%2BnYNVcZjko3mSgVIn7adOnjC%2F8s5BIIt2BHeRCD2Vg%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7bf69ae86b98a2-LAX + + +0.140880 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..04fc78d2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:54 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.033053 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ee46b7bf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:25 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: fc0fd3a5f0008abfd2d3bf39444c9907 +x-span-id: 841bd861f9425370 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/d-bis_org_https_headers.txt new file mode 100644 index 00000000..93f80ec1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.064870 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..99c4bd7a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:35 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.033340 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5205c016 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:27 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.052135 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..40695c7e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:37 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: e878196dd18e232dca86207dda355b39 +x-span-id: 45cacf6d44205546 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fe9cdb56 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:24 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.038454 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..36cab7be --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:52 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: b3879536d13eac21f933c6f07114e34b +x-span-id: d6e878f6eff2ad77 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ac1f12b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:33 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ec540b113fbf4853ca700e16b61fe2fb +x-span-id: 39cc478aa5828335 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4ccbcc3a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:41 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.042888 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..86f09100 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:30 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053292 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cb88b237 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:34 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "4nxr37saedggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044480 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..60569751 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T22:24:22.600536Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":10760,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"493","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5af634c7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:43 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "bdyzqazl42ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.053019 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..46318ee7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T22:24:39.398Z","from_block":3654589,"logs_fetched":0,"ok":true,"to_block":3654623},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":11015},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:24:42.440Z","from_block":3654591,"logs_fetched":0,"ok":true,"to_block":3654624},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":11016},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:44:50.601Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:44:50.098Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-05T22:24:39.845Z","from_block":3654589,"logs_fetched":0,"ok":true,"to_block":3654623},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2417884,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:44:48.451Z","uptime_sec":9595},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:24:38.892Z","from_block":82206437,"logs_fetched":0,"ok":true,"to_block":82206473},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2741860,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T21:55:41.591Z","uptime_sec":1741},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:24:42.534Z","from_block":3654591,"logs_fetched":0,"ok":true,"to_block":3654624},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":11016},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T22:24:39.398Z","from_block":3654589,"logs_fetched":0,"ok":true,"to_block":3654623},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":11015},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T22:24:07.705Z","from_block":3654546,"logs_fetched":0,"ok":true,"to_block":3654607},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":10553},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3654627","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.57150095,"last_sync":"2026-04-05T22:24:43Z","latency_ms":34,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T22:24:43Z","rpc_probe":[{"blockNumber":"0x37c3e3","blockNumberDec":"3654627","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.57150095,"latencyMs":34,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..2bb2f3fd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:43 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a5d65533 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:42 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.028411 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..22bc0ad0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:34 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052580 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..35e4df45 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:31 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 22:00:30 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FwgJkkjT8tAD4ejq%2Fgxc6iLSXYIH0Nf%2BIb%2BmhfGhFoD0ij6bmspO8Ldh%2Fr2kFvba9Ucakd%2FjUkXNrDVTtlyo7vijdfgSzzR%2FZwecqVyJBCUttnI3LwBcsWdPQwLhSxQ42WczqONQ"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7bf6a79db17056-LAX + + +0.131632 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..f5aee87d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-05T18:15:23.624Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bb1b88ab --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:33 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045623 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e41cdc20 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 22:24:36 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.042472 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c965835b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:26 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053491 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e221fa55 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:26 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.094590 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/mim4u_org_https_headers.txt new file mode 100644 index 00000000..c5fa2cb9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:37 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.038953 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c4af90e9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:35 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.061384 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..abadcd6b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:38 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-kzpn28Y/d47/SaxAcB9//A=='; style-src 'self' 'nonce-kzpn28Y/d47/SaxAcB9//A=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.045293 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4a893120 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:29 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.060855 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f2258c4e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:29 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.038810 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..67149774 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.058134 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..29152a8c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:37 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056233 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..252b41ee --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:30 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.068133 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4e530c32 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:53 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044826 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..ebc2e184 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:42 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.046755 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3ccea512 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:41 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041358 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..08b19d2e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:32 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.031330 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f871a184 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:39 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.044211 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..72cb53b6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:52 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.040724 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/verification_report.md new file mode 100644 index 00000000..ea38c67b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/verification_report.md @@ -0,0 +1,595 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T15:24:55-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 44 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.05320418181818181s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Root redirect: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d3fdb8b1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:24:32 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.028704 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..f6ee69e9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 22:24:39 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.034874 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6261e8e4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:24:42 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038217 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ccceb9fc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:24:35 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048268 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..e3195ee7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 22:24:36 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.040190 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ede934f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:14 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049455 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0ab4d758 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:54 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.095905 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/all_e2e_results.json new file mode 100644 index 00000000..510ae243 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/all_e2e_results.json @@ -0,0 +1,1533 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048664, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.096266, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:09:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041567, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.066194, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.095905, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051218, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:09:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065781, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051659, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047372, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.133236, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.092061, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.069357, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:09:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:09:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T16:09:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.91.43", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.222160, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049971, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "root_redirect": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.047401, + "location": "/studio/" + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.047924, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:10:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043338, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063478, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045617, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063690, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063847, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068848, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.072339, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.061484, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.096467, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045816, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:10:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048841, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068131, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:10:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056207, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049873, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:10:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.058224, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:10:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052510, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049455, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.068000, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.045830, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038555, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043002, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.061515, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044081, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047480, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:10:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050169, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057022, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039481, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043526, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:10:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:10:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:10:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.120404, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..4abe2a2a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T23:10:24.415198Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":29754,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"504","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..7a0b179e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:26 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047480 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a9f81ac9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:30 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BCqdGAiUBDhTMNSFRHuzie9CcABTz3j%2BLhT7igtVIhKkJ0P36Lc19JUSXWFiVB4flES%2Bk1cfrZueTxW4hsd3XOF3nYuV3oFyR3L5i%2BWbr3%2BuJpQE92RYyA8a2CAzFtoFBvsxohHCy42l"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7c39feba3cdcee-LAX + + +0.120404 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ba6862aa --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:57 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4x%2Blp1MCwoxmXzYsHHXxHhc1k3RtvVnqEsHqnaBZLtgcUAwXPCDlYuYKU6Lxc3Pl5m%2B9ZIp9a8JQQBNWDE53bn0zAUWdWlwd%2BDU%2FimyLn0ve2xxkMrEnUrwHCLo3BHtKHiwgnqIdcg%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7c39312fce1876-LAX + + +0.133236 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8c27e2f0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:28 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.043526 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d706ecae --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:50 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 50f4a81ecd98822e5645ece8209f4d1f +x-span-id: 36f9e6b9e95cc852 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/d-bis_org_https_headers.txt new file mode 100644 index 00000000..eb8894c3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:27 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057022 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f71781f3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:05 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.063847 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..dba77558 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:54 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.051218 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..be1726c5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:09 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 51eb727e974e16f80fe88b9bac4c0f09 +x-span-id: 6a6a3df6bdea3e82 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a3245366 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:50 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.048664 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..311e77ff --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:26 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 4499f692db4776f2ece62867da755bcb +x-span-id: 6719270f3cecccfa +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..392840d2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:02 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: e71ac9e7d7f7f7d27aa78f0f52595850 +x-span-id: 1f37ca2c7cec021b +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7d1fe9c0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:13 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.052510 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fb178163 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:57 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.092061 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..60645270 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:03 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045617 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..519d7800 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T23:09:53.376195Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":7949,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"504","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..24750195 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:16 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.061515 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..c9d13de9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T23:10:14.835Z","from_block":3655957,"logs_fetched":0,"ok":true,"to_block":3655990},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":13748},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:10:12.860Z","from_block":3655956,"logs_fetched":0,"ok":true,"to_block":3655989},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":13750},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:44:50.601Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:44:50.098Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-05T23:10:15.182Z","from_block":3655957,"logs_fetched":0,"ok":true,"to_block":3655991},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2417884,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:44:48.451Z","uptime_sec":12328},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:10:16.148Z","from_block":82209106,"logs_fetched":0,"ok":true,"to_block":82209140},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2741860,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T21:55:41.591Z","uptime_sec":4475},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:10:12.856Z","from_block":3655956,"logs_fetched":0,"ok":true,"to_block":3655989},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":13750},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T23:10:14.835Z","from_block":3655957,"logs_fetched":0,"ok":true,"to_block":3655990},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":13748},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:10:10.993Z","from_block":3655927,"logs_fetched":0,"ok":true,"to_block":3655988},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":13287},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3655994","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.200790446,"last_sync":"2026-04-05T23:10:17Z","latency_ms":25,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T23:10:17Z","rpc_probe":[{"blockNumber":"0x37c93a","blockNumberDec":"3655994","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.200790446,"latencyMs":25,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..43e10739 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:17 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3c596e4a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:15 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.038555 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b0cc8222 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.063690 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..c95bdc65 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:00 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 23:06:06 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NqPTejDuCmJrg%2FTVs5KuLvOn0jp6FYCKeyxN85zLQaQOJBw7kPy3mmMA7e9WcYLfXlfMQrpa%2BiuT9fclRAed%2BZDeB0fxxu9WchDZEnBua%2BGJpT%2B5lU%2Fuqehdt4fOp8VfOYEeXpz4"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7c394428b4d7ac-LAX + + +0.222160 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..f5aee87d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-05T18:15:23.624Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3b3bce87 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:02 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.063478 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..8f393fcd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 23:10:08 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.096467 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ce5d9e04 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.066194 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7f99aba7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:52 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.041567 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/mim4u_org_https_headers.txt new file mode 100644 index 00000000..03fe84c9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:08 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.045816 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8b96e31b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:05 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.068848 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..dba4937e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:10 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-9FkpbHVt0eS/ptH46m8CQA=='; style-src 'self' 'nonce-9FkpbHVt0eS/ptH46m8CQA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.056207 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f6fd340b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:56 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051659 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..3f10f7fb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:56 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.047372 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..55b2214d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:55 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.065781 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ac3ee1fb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:09 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.068131 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0c79c0d0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:09:58 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.069357 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f8b8fcae --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:27 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.039481 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..978e5500 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:16 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.043002 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8db6eca5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:14 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.068000 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..3467ceb3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:01 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049971 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5ff406fa --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:12 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.058224 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..2ace53c8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:25 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044081 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/verification_report.md new file mode 100644 index 00000000..d6cb5a2b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/verification_report.md @@ -0,0 +1,595 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T16:10:30-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 44 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.06469465909090909s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Root redirect: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8c91787e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:10:01 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047924 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..cf52d0f5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:10:11 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.049873 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..5bcc7747 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:10:15 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045830 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ccd420ac --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:10:06 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.072339 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1b7624c3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_160949/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:10:07 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.061484 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..38cfd350 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:49 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045855 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..9840efa4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:10 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.073458 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/all_e2e_results.json new file mode 100644 index 00000000..bf368309 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/all_e2e_results.json @@ -0,0 +1,1533 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052996, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057036, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047023, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.074879, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.073458, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.061457, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062136, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.128518, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052941, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.151352, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045836, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.086870, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.154460, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.101141, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "root_redirect": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.055944, + "location": "/studio/" + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.057840, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:20:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.094892, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057730, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056046, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054191, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063592, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.081210, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.065899, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.039175, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.050574, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032830, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:20:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050257, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.070141, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:20:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.069125, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052059, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:20:36-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057530, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:20:43-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.106452, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045855, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:49-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055043, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:20:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:50-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.042809, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053893, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044740, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:20:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052969, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:21:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.064134, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T16:21:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048334, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:21:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.069793, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:21:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.057924, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:21:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:21:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044627, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:21:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:21:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055431, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:21:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:21:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:21:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.145087, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..980a577a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T23:20:45.041315Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":14304,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.03311173333333333,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"504","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..895c4b05 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:02 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048334 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..351fcea1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:12 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2F8f4aJ%2BE9oPLLJCANjYjw3QmlGJjvV1DupQuGCSB49MZyI3RaUkWwi2UU%2FC281dk0FZp9AUP3xI5qfPj8hUc549tZcMKcwC3pk3unsATOJ0ArJD3ceJs1KsXFi%2FrT4Syrp3IBGLeqjwj"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7c49af1f32f7c5-LAX + + +0.145087 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..71288909 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:14 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jTplHbV65nroyEJJ3a0Mmv4eFpOS5at4LNsmCNcJuHSy9KaFPNlmVGb4l%2B%2Bcc57RquWgRgP6xgQ%2F6nvu5icDGK2nsv0x2Z56KInIew5N2QXVN5DBRO1qfsOvzrqCRERqOXm%2BjknGrA%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7c484429f9fbf8-LAX + + +0.151352 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..cdaeba01 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:05 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.055431 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9fb324ba --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:08 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 08d01390f96d4b703290bcdb43991f48 +x-span-id: c529a5f27bd6960c +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/d-bis_org_https_headers.txt new file mode 100644 index 00000000..d01c9750 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:03 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057924 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3ef65c26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:25 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.063592 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6bfa2379 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:11 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.061457 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..657d7f1b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:28 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: cb456cfd4aeefa62abf195a48ba320af +x-span-id: 5a4e5731a917714c +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..418e0a7e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:07 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.052996 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a348d4b0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:02 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ebefeae3c024d7c7ae71f6db071aef70 +x-span-id: 560d2906636ed971 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bb4acb77 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:20 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 9224b98e0ef5a5451285172a57a68264 +x-span-id: b9a444e51dd911a6 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..12124815 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:49 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.106452 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ce65e636 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045836 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..64af3d12 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:22 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056046 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..e063888b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T23:20:45.041315Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":24042,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.023179333333333333,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"504","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..338f538e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:52 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.052969 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..803e447d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T23:20:50.716Z","from_block":3656275,"logs_fetched":0,"ok":true,"to_block":3656308},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":14384},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:20:50.241Z","from_block":3656275,"logs_fetched":0,"ok":true,"to_block":3656308},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":14385},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:44:50.601Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:44:50.098Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-05T23:20:52.617Z","from_block":3656276,"logs_fetched":0,"ok":true,"to_block":3656309},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2417884,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:44:48.451Z","uptime_sec":12964},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:20:52.150Z","from_block":82209712,"logs_fetched":0,"ok":true,"to_block":82209748},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2741860,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T21:55:41.591Z","uptime_sec":5111},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:20:50.241Z","from_block":3656275,"logs_fetched":0,"ok":true,"to_block":3656308},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":14385},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T23:20:50.716Z","from_block":3656275,"logs_fetched":0,"ok":true,"to_block":3656308},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":14384},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:20:11.766Z","from_block":3656228,"logs_fetched":0,"ok":true,"to_block":3656289},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":13922},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3656311","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":1.767274047,"last_sync":"2026-04-05T23:20:52Z","latency_ms":26,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T23:20:52Z","rpc_probe":[{"blockNumber":"0x37ca77","blockNumberDec":"3656311","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":1.767274047,"latencyMs":26,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..150b97cf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:52 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..924ca9fd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:51 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.053893 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8affc018 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:22 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054191 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..7bba2d58 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:18 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 23:06:06 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2B3QpfwSEjt5GgE0ks2Q8fW1Hn9xKoU4sTeWziRvSsHymtr3lCTZqZ51jMzFoB%2BvH6mmEpLUUa6jmffb0NjXXiQmFLvkHaXbY4luVpyHnKbwS55jfoGYBHtp0BBe3jO1Od1KNwCZi"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7c485a9973991f-LAX + + +0.154460 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..f5aee87d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-05T18:15:23.624Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2ce347a5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:21 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057730 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..bc47e1d7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 23:20:27 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.050574 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..477072c7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:10 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.074879 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b86ed1b5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:09 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.047023 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/mim4u_org_https_headers.txt new file mode 100644 index 00000000..921ff402 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:28 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.032830 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..17f95c64 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:26 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.081210 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..bf872672 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:35 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-h0NqXe3SduE3lzb1WWPLpA=='; style-src 'self' 'nonce-h0NqXe3SduE3lzb1WWPLpA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.069125 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2c6456d0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:13 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.128518 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..6f7b8451 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:14 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.052941 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fc383143 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:12 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.062136 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..22fb522e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.070141 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a2c9254a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:16 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.086870 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a9a2c70b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:04 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044627 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..3235f37d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:51 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044740 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5c952675 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:50 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055043 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..de76675b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:19 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.101141 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..920ded91 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:42 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.057530 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..c4b73a0d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:21:01 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.064134 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/verification_report.md new file mode 100644 index 00000000..519a812a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/verification_report.md @@ -0,0 +1,595 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T16:21:13-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 44 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.06796102272727274s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Root redirect: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..23810d3b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:20:20 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.057840 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..930cc6e0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:20:36 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.052059 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..271227b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:20:50 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042809 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..79a6b7fa --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:20:26 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.065899 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..699fb1ae --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162007/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:20:27 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039175 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e63c8b79 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:07 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.031970 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d81fb389 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:53 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.041657 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/all_e2e_results.json new file mode 100644 index 00000000..65cdbe39 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/all_e2e_results.json @@ -0,0 +1,1533 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039223, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:51-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045178, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:23:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037443, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.059222, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041657, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045058, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:23:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.063401, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044837, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044474, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.134682, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051588, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052045, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:23:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:23:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.146829, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:23:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039721, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "root_redirect": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.034654, + "location": "/studio/" + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035376, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:23:58-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043410, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045018, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037286, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:23:59-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041857, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:00-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046819, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049237, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:01-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.054624, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.078904, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.044287, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041383, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:24:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048050, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052006, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:24:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050992, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044314, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:24:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032829, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:24:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 10 02:35:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.030984, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031970, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051438, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035120, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 10 05:35:18 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031764, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.029994, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "May 7 23:15:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036363, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045214, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035244, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-05T16:24:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042122, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038763, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044676, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 9 20:35:21 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032884, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-05T16:24:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-05T16:24:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "note": "wscat exited successfully without printable RPC output" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-05T16:24:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.127268, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..c4792a29 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T23:23:51.228252Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":4721,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0101736,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"504","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..bb9ea356 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:17 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035244 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..7112eff7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:21 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PDghrPb37yT4%2BR%2BNLq2AMeHvO4qgXZwQ%2BcLD1D5TEhk3suL4VU89n4n2saZTTgjBCd22swOSdPJurVcr3EMeb6pArZMA3nOGO9sVfF6mECKNW0X%2BOLaTylVfU9JiiwrrJmVqPb4y%2F74Z"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7c4e480e7f3dc4-LAX + + +0.127268 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..40e07de7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:56 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9fTIHFJCY2GIJAMsUxzgDsvN1QEdxjInqz1GPIsH4zzqurlDoDi9YTkWUvuJqGJVDzWSnSl4Dg7y02hgbdAKUR%2Fq7miEnVwF8hZJpMa%2FOn201JXQLSR%2BNpM4Yo29XHm%2BXP36RqegXg%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e7c4dab5cbd4896-LAX + + +0.134682 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..417963b3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:19 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.032884 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..3044173b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:52 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: b00bec5b99e9c8c124875d3811aabf5f +x-span-id: 3a8f86d4b9b644ea +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/d-bis_org_https_headers.txt new file mode 100644 index 00000000..87048c8c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:18 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038763 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0d6f640a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:01 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.046819 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..17527b6d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:54 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.045058 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..39fd8061 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:03 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 7d18853e6200f3c7578363dfa23f90a2 +x-span-id: e7d8e73a6fe7e66a +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fb12774f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:51 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.039223 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ba402ecc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:18 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 00ebb00ae9cf1d5323858e9d5ce8b0ea +x-span-id: dd6cbd0092bea5b8 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b19ecd82 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:59 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ca5876576d5a00d71497d6482263dcbf +x-span-id: cdd572db6dff977a +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..68879542 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:07 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.030984 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a87181e6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:56 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051588 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4cc7ba6c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/docs_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:59 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037286 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..d6e29ac6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2038.89","coin_price_change_percentage":-1.5,"gas_price_updated_at":"2026-04-05T23:23:51.228252Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":13675,"gas_used_today":"3849660","market_cap":"0.000","network_utilization_percentage":0.0101736,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"504","total_blocks":"3302571","total_gas_used":"0","total_transactions":"42423","transactions_today":"48","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..737c2dbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,629 @@ + + + + + + Chain 138 — Visual Command Center + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA.

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + +
+

Chain 138 to the public EVM mesh, Alltra, pending or scaffold targets, Avalanche cW minting, and the separate Mainnet cW mint corridor that sits alongside the standard WETH-class CCIP rail.

+
+flowchart TB + subgraph C138["Chain 138 — primary"] + CORE[Core registry vault oracle ISO router] + PMM[DODO PMM V2 DVM + pools] + R2[EnhancedSwapRouterV2] + D3[D3MM pilot] + CCIPB[CCIP WETH9 WETH10 bridges] + ALLA[AlltraAdapter] + ADP[Truth Tron Solana adapters partial] + end + + subgraph PUB["Public EVM mesh (cW*)"] + E1[Ethereum 1] + E10[Optimism 10] + E25[Cronos 25] + E56[BSC 56] + E100[Gnosis 100] + E137[Polygon 137] + E42161[Arbitrum 42161] + E43114[Avalanche 43114] + E8453[Base 8453] + E42220[Celo 42220] + end + + subgraph PEND["Pending or separate"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 scaffold design] + end + + subgraph A651["ALL Mainnet 651940"] + ALLTOK[AUSDT USDC WETH WALL HYDX] + end + + C138 -->|CCIP WETH| PUB + C138 -->|CCIP WETH| E1 + C138 -->|mainnet cW mint corridor| E1 + C138 -->|AlltraAdapter| A651 + PUB -->|CCIP return| C138 + E1 -->|CCIP return| C138 + C138 -.->|operator completion| WEMIX + C138 -.->|not CCIP matrix row| XDC + C138 -.->|future gated| SCAFF + + C138 -->|avax cw corridor| E43114 +
+

Topology note: Mainnet now represents two Ethereum-facing patterns in production, the standard WETH-class CCIP rail and the dedicated cUSDC/cUSDT -> cWUSDC/cWUSDT mint corridor.

+
+ + +
+

On-chain layers: tokens, core, liquidity, cross-domain, reserve and settlement.

+
+flowchart TB + subgraph L1["Tokens and compliance"] + CT[cUSDT · cUSDC · cEUR* · cXAU* · mirrors · USDT · USDC] + GEN[WETH WETH10 LINK] + end + + subgraph L2["Core infrastructure"] + REG[Compliance TokenFactory TokenRegistry BridgeVault] + POL[PolicyManager DebtRegistry FeeCollector] + ISO[ISO20022Router] + end + + subgraph L3["Liquidity and execution"] + DVM[DVMFactory VendingMachine DODOPMMIntegration] + PRV[DODOPMMProvider PrivatePoolRegistry] + R2[EnhancedSwapRouterV2] + VEN[Uniswap v3 lane Balancer Curve 1inch pilots] + D3[D3Oracle D3Vault D3Proxy D3MMFactory] + end + + subgraph L4["Cross-domain"] + CCIP[CCIP Router CCIPWETH9 CCIPWETH10] + ALL[AlltraAdapter] + LBX[Lockbox138] + CH[PaymentChannel Mirror AddressMapper] + end + + subgraph L5["Reserve vault settlement"] + RS[ReserveSystem OraclePriceFeed] + VF[VaultFactory Ledger Liquidation XAUOracle] + MSR[MerchantSettlementRegistry WithdrawalEscrow] + end + + L1 --> L2 + L2 --> L3 + L3 --> R2 + R2 --> VEN + L2 --> L4 + L2 --> L5 + DVM --> PRV +
+
+ + +
+

Same-chain 138: PMM pools, RouterV2 venues, D3 pilot.

+
+flowchart LR + subgraph inputs["Typical inputs"] + U1[cUSDT] + U2[cUSDC] + U3[USDT mirror] + U4[USDC mirror] + U5[cEURT] + U6[cXAUC] + end + + subgraph path_pmm["DODO PMM"] + INT[DODOPMMIntegration] + POOL[Stable pools XAU public pools Private XAU registry] + end + + subgraph path_r2["Router v2"] + R2[EnhancedSwapRouterV2] + UV3[Uniswap v3 WETH stable] + PILOT[Balancer Curve 1inch] + end + + subgraph path_d3["Pilot"] + D3[D3MM WETH10 pilot pool] + end + + inputs --> INT + INT --> POOL + inputs --> R2 + R2 --> UV3 + R2 --> PILOT + GEN2[WETH WETH10] --> R2 + GEN2 --> D3 +
+
+ + +
+

CCIP transport, Alltra round-trip, the dedicated c-to-cW mint corridors, and the orchestrated swap-bridge-swap target.

+
+

CCIP — WETH primary transport

+
+sequenceDiagram + participant U as User or bot + participant C138 as Chain 138 + participant BR as CCIPWETH9 or WETH10 bridge + participant R as CCIP Router + participant D as Destination EVM + + U->>C138: Fund WETH bridge fee LINK + U->>BR: Initiate cross-chain WETH transfer + BR->>R: CCIP message + R->>D: Deliver WETH class asset + Note over D: Native DEX or cW pools where deployed + D->>R: Optional return leg + R->>C138: Inbound to receiver bridge +
+
+
+

Alltra — 138 to ALL Mainnet

+
+flowchart LR + A[Chain 138] -->|AlltraAdapter| B[ALL 651940] + B -->|AlltraAdapter| A +
+
+
+

Special corridors — c* to cW* mint

+
+flowchart LR + S1[cUSDT on 138] -->|avax cw relay mint| T1[cWUSDT on Avalanche] + S2[cUSDC on 138] -->|mainnet relay mint| T2[cWUSDC on Mainnet] + S3[cUSDT on 138] -->|mainnet relay mint| T3[cWUSDT on Mainnet] +
+
+
+

Orchestrated swap-bridge-swap (design target)

+
+flowchart LR + Q[QuoteService POST api bridge quote] --> S1[Source leg e.g. 138 PMM] + S1 --> BR[Bridge CCIP Alltra or special] + BR --> S2[Destination leg DEX or cW pool] +
+
+
+ + +
+

Ethereum Mainnet first-wave cW DODO mesh, plus the separate optional TRUU PMM rail. See PMM_DEX_ROUTING_STATUS and cross-chain-pmm-lps deployment-status for live detail.

+
+flowchart TB + subgraph ETH["Ethereum Mainnet"] + CW[cWUSDT cWUSDC cWEURC cWGBPC cWAUDC cWCADC cWJPYC cWCHFC] + HUB[USDC USDT] + DODO[DODO PMM Wave 1 pools] + end + + CW <--> DODO + HUB <--> DODO +
+

TRUU note: the optional Mainnet Truth rail is a separate volatile PMM lane and is not part of the default cW stable mesh.

+
+

Mainnet TRUU PMM (volatile, optional)

+
+flowchart LR + subgraph TRUUmesh["Mainnet TRUU rail optional"] + CWu[cWUSDT or cWUSDC] + TRUU[TRUU ERC-20] + PMM[DODO PMM integration] + end + + CWu <--> PMM + TRUU <--> PMM +
+
+
+ + +
+

Wallets, edge FQDNs, APIs, operators feeding Chain 138 RPC, plus the explorer-hosted Mission Control visual surfaces.

+
+flowchart TB + subgraph users["Wallets and tools"] + MM[MetaMask custom network Snaps] + MCP[MCP PMM controller allowlist 138] + end + + subgraph edge["Public edge"] + EXP[explorer.d-bis.org Blockscout token-aggregation] + MC[Mission Control visual panels] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + RPC[rpc-http-pub.d-bis.org public RPC] + end + + subgraph api["APIs"] + TA[token-aggregation v1 v2 quote pools bridge routes] + DBIS[dbis-api Core runtime] + X402[x402-api readiness surface] + end + + subgraph ops["Operator"] + REL[CCIP relay systemd] + SCR[smom-dbis-138 forge scripts] + end + + users --> edge + EXP --> MC + edge --> api + MC --> api + api --> C138[Chain 138 RPC] + ops --> C138 +
+

Mission Control note: the live visual display lives in the main explorer SPA, especially the bridge-monitoring and operator surfaces. This command center stays focused on the static architecture view.

+
+ + +
+

Contract families vs wallet/client integrations not spelled out in every zoom diagram. Wormhole remains docs/MCP scope, not canonical 138 addresses.

+
+flowchart LR + subgraph chain138_tech["Chain 138 contract families"] + A[Besu EVM] + B[ERC-20 core registries] + C[DODO V2 V3] + D[UniV3 Bal Curve 1inch pilots] + E[CCIP bridges router] + F[Alltra Vault ISO channels] + end + + subgraph public_integrations["Wallet and client integrations"] + L[Ledger] + CL[Chainlist] + TW[thirdweb RPC] + ETH[ethers.js] + MM[MetaMask Snaps] + end + + chain138_tech --> public_integrations +
+
+ + +
+

Mission Control is the live explorer surface for SSE health, labeled bridge traces, cached liquidity proxy results, and operator-facing API references. The interactive controls live in the main explorer SPA; this tab is the architecture companion with direct entry points.

+
+

Mission Control visual flow

+
+flowchart LR + UI[Explorer SPA Mission Control panels] + SSE[SSE stream] + TRACE[Bridge trace] + LIQ[Liquidity proxy] + T4[Track 4 script API] + API[Explorer Go API] + UP[Blockscout and token-aggregation upstreams] + + UI --> SSE + UI --> TRACE + UI --> LIQ + UI -.->|operator-only| T4 + SSE --> API + TRACE --> API + LIQ --> API + T4 --> API + TRACE --> UP + LIQ --> UP +
+
+
+

Live entry points

+

Use the main explorer UI for the visual Mission Control experience, then open the raw APIs when you need direct payloads or verification.

+ +
+
+ +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f65e70ba --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:08 GMT +content-type: text/html; charset=utf-8 +content-length: 21393 +vary: Accept-Encoding +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +etag: "145yegzg4a7ggp" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.036363 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..c293ac53 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"pools":[{"address":"0x9e89bae009adf128782e19e8341996c596ac40dc","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0xf22258f57794cc8e06237084b353ab30fffa640b","symbol":"cUSDC","name":"USD Coin (Compliant)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null},{"address":"0x866cb44b59303d8dc5f4f9e3e7a8e8b0bf238d66","dex":"dodo","token0":{"address":"0x93e66202a11b1772e55407b32b44e5cd8eda7f22","symbol":"cUSDT","name":"Tether USD (Compliant)","source":"db"},"token1":{"address":"0x004b63a7b5b0e06f6bb6adb4a5f9f590bf3182d1","symbol":"USDT","name":"Tether USD (Chain 138)","source":"db"},"reserves":{"token0":"999999997998","token1":"999999997998"},"tvl":1999999.995996,"volume24h":0,"feeTier":null}]} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..9643baf1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,3 @@ +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T23:24:08.912Z","from_block":3656374,"logs_fetched":0,"ok":true,"to_block":3656407},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":14581},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:24:05.968Z","from_block":3656372,"logs_fetched":0,"ok":true,"to_block":3656406},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357265,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:07.110Z","uptime_sec":14582},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:44:50.601Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:44:50.098Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-05T23:24:08.351Z","from_block":3656374,"logs_fetched":0,"ok":true,"to_block":3656407},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2417884,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:44:48.451Z","uptime_sec":13160},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:24:06.927Z","from_block":82209905,"logs_fetched":0,"ok":true,"to_block":82209941},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2741860,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T21:55:41.591Z","uptime_sec":5307},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:24:05.964Z","from_block":3656372,"logs_fetched":0,"ok":true,"to_block":3656406},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2357248,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:06.992Z","uptime_sec":14582},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-05T19:21:12.729Z","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-05T19:21:12.043Z","block_number":"0x370ed9","destination_chain_selector":"5009297550715157269","message_id":"0xfe98acc2c6d05cb0df029c10c0c0a4d7644624e4fcb0ab023b848209ad828e5f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"},"last_source_poll":{"at":"2026-04-05T23:24:08.912Z","from_block":3656374,"logs_fetched":0,"ok":true,"to_block":3656407},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":2,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":2357317,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:21:08.213Z","uptime_sec":14581},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-05T23:23:11.983Z","from_block":3656318,"logs_fetched":0,"ok":true,"to_block":3656379},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2376863,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-05T19:28:49.919Z","uptime_sec":14119},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3656410","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.236902259,"last_sync":"2026-04-05T23:24:09Z","latency_ms":30,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-05T23:24:09Z","rpc_probe":[{"blockNumber":"0x37cada","blockNumberDec":"3656410","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.236902259,"latencyMs":30,"name":"chain-138","ok":true}],"status":"operational"}} + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..0e882fcf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:09 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScanScout +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b1342bfe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:08 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.031764 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..02ce94ad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:00 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.041857 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..57b097d1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:57 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 23:21:29 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QG1OKwL4TueTW5kWdQhzy%2FSOPDABBjV1Co1ytBVwzFiMtSbYNMz3QG7Dl3slYpJaLBJhiCfNMw1WE9xZbZxOeUh2srE7%2ByQgQk0VNQFK78DyX8HrKdLu07HJ5SCOSvR5EE3biAZz"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e7c4db629c92ae0-LAX + + +0.146829 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..f5aee87d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-05T18:15:23.624Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b2e52a14 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:59 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045018 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..aefcda23 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 05 Apr 2026 23:24:03 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.044287 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..71f7e65a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.059222 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b90d0e47 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:52 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.037443 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/mim4u_org_https_headers.txt new file mode 100644 index 00000000..aa5ba797 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:03 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.041383 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..00819bef --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:01 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049237 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a184dded --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:05 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-MRqTCw4UOywlu6gDl+uXVQ=='; style-src 'self' 'nonce-MRqTCw4UOywlu6gDl+uXVQ=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.050992 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..81869ffd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:55 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044837 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..75cbf42c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:55 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.044474 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..dff69f45 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:54 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.063401 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..612a15d8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:04 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052006 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..beb9bc46 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:56 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.052045 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ed0f842e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:19 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044676 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..3e4da52a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:08 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.029994 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..42b6e0e9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:07 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051438 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7f315e0f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:23:58 GMT +content-type: text/html; charset=utf-8 +content-length: 4067 +vary: Accept-Encoding +accept-ranges: bytes +last-modified: Sat, 28 Feb 2026 16:54:14 GMT +etag: "c7772edca86cad691e9159bf4b3d84cc" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039721 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a20cf40d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:06 GMT +content-type: text/html; charset=utf-8 +content-length: 5165 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "jzlo1xjk1r3zb" +alt-svc: h3=":443"; ma=86400 + + +0.032829 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..c785ee33 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:17 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.045214 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/verification_report.md new file mode 100644 index 00000000..f7d0d8a1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/verification_report.md @@ -0,0 +1,595 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-05T16:24:21-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 44 +- **Explorer surface failures**: 0 +- **Failed tests**: 0 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.05012622727272727s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | pass | pass | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Root redirect: pass +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: pass +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1b42a5a4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:23:58 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035376 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..33524af7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 05 Apr 2026 23:24:05 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044314 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..538307b8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:24:08 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035120 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..8122aa21 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:24:02 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054624 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..16d7ff67 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260405_162351/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 05 Apr 2026 23:24:02 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.078904 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..456adfbe --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:33 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049465 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ff9a766d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:04 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.101377 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/all_e2e_results.json new file mode 100644 index 00000000..658e3da6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/all_e2e_results.json @@ -0,0 +1,1524 @@ +[ + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035892, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:02-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038583, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038947, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054061, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:04-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.101377, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.054627, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:05-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048276, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.055965, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:06-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041156, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.132676, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049025, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:07-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.113322, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:08-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.131270, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.031102 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.032321, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-09T15:12:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045362, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039239, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034039, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036700, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039938, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053874, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.034704, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.072278, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.052525, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047660, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-09T15:12:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048861, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.052651, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-09T15:12:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.041424, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.075684, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-09T15:12:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043580, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-09T15:12:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 13 10:42:14 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045347, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049465, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.062254, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.046391, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 13 13:42:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036297, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.162952, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:35-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "Jul 8 03:31:39 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046628, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "fail", + "curl_exit": "0" + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "fail", + "http_code": "500" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:44-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044632, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034124, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-09T15:12:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036939, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:45-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044953, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034772, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE1", + "expires": "Apr 13 04:42:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034656, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-09T15:12:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-09T15:12:48-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-09T15:12:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.155325, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..de68508f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2185.5","coin_price_change_percentage":-2.48,"gas_price_updated_at":"2026-04-09T22:12:44.937952Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":31036,"gas_used_today":"288682","market_cap":"0.00","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"573","total_blocks":"3816247","total_gas_used":"0","total_transactions":"43072","transactions_today":"2","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..f6ae3828 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:45 GMT +content-type: text/html +content-length: 86825 +vary: Accept-Encoding +last-modified: Thu, 09 Apr 2026 12:02:13 GMT +etag: "69d79545-15329" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034124 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5f19d10e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:54 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mQbauYc89rhPWDfB6pH%2FCs6%2FViV7711D0WoWwjhvs%2FiRiq9SjHMQHyRd2bbGKCDQF8yij5%2Bo8Inlncsx9ur4VJuEOcNfrxzUf2CWONyh73nomQ%2F7ogKZ1BSxxGHO29MFdPzusq%2FPdRzQ"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e9cdb22a83b0c4e-LAX + + +0.155325 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ad89e01e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:07 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EgLWW7anI1neigiagxShRUIU9EBwqw1dzLZ7CSLP%2FAVsoGrVvLFbMTpi0szYkpE4uZ27heJOlrdpwEBRZ5lCxX1PdldNOzR1H6B9m%2FqQECjXjIEwfeX9ouNbYgyh%2Brap2r3Q%2FxpKbA%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9e9cd9fa5f4bf7bb-LAX + + +0.132676 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f9ea5f70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:48 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.034656 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9fcc430e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:03 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 59cd3432a3c07d8fed8787ac57fc40e8 +x-span-id: 12eac2c83b2c4493 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/d-bis_org_https_headers.txt new file mode 100644 index 00000000..b34610d6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:46 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044953 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a87cac1c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:12 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.039938 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1a3b5689 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:05 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.054627 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fe6a607b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:14 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 10bea979541e1f8bc95d7543e9a90ab6 +x-span-id: 634f16aabbb046f0 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..830d0a70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:02 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.035892 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..698169de --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:45 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: f1f394870d9be6e1eee7258df46493c1 +x-span-id: 4f939380bc09de44 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..284085e8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:10 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 8cbd7ceb0303941f6d99f0553125ef9b +x-span-id: a38be1db61414851 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f6e82441 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:33 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.045347 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..91e15b6f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:07 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049025 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f97eaefa --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:11 GMT +content-type: text/html +content-length: 86825 +vary: Accept-Encoding +last-modified: Thu, 09 Apr 2026 12:02:13 GMT +etag: "69d79545-15329" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034039 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..5fa51102 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"average_block_time":2.0e3,"coin_image":"https://coin-images.coingecko.com/coins/images/39140/small/ETH.png?1720706783","coin_price":"2185.5","coin_price_change_percentage":-2.48,"gas_price_updated_at":"2026-04-09T22:12:13.886599Z","gas_prices":{"slow":0.01,"average":0.01,"fast":0.01},"gas_prices_update_in":9052,"gas_used_today":"288682","market_cap":"0.00","network_utilization_percentage":0.0,"secondary_coin_image":null,"secondary_coin_price":null,"static_gas_price":null,"total_addresses":"573","total_blocks":"3816247","total_gas_used":"0","total_transactions":"43072","transactions_today":"2","tvl":null} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..44800605 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,696 @@ + + + + + + Chain 138 — Visual Command Center + + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The live Mission Control visual surfaces remain in the main explorer SPA. Deep links: ?tab=mission-control or numeric ?tab=08 (slug per tab).

+
+ +
+
+ + + + + + + + + +
+ Back to More +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a521d462 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:36 GMT +content-type: text/html +content-length: 86825 +vary: Accept-Encoding +last-modified: Thu, 09 Apr 2026 12:02:13 GMT +etag: "69d79545-15329" +cache-control: no-store, no-cache, must-revalidate +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.046628 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..4422653c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"error":"Internal server error"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..e69de29b diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bf3b18f3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:35 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.036297 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..28f0fe03 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:11 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.036700 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..53b2f74d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:09 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 23:21:29 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zIXaf3xjZ0k7MnRbrYcD1aJ92YfMIJ5qVqfTD6hcCfe5ZMNVgxYjKVX0n5ZilrfZlby65taazrUxCC4MUyART%2BUWXkHihv%2Fk9GYmOCOejE%2B4x4i0jxmOoqimr%2FMSRFzBuRjTn5l2"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9e9cda078cc44f1a-LAX + + +0.131270 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..f5aee87d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-05T18:15:23.624Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4a7a7c80 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:11 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.039239 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..1d32c2f9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Thu, 09 Apr 2026 22:12:14 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.052525 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..786b7cbb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:04 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.054061 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..17ee89ad --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:04 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.038947 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/mim4u_org_https_headers.txt new file mode 100644 index 00000000..62eea394 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:14 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.047660 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..40789aca --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:13 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053874 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0abda4f8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:21 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-PYLYYM0NJ2ox6dFcUAQSRA=='; style-src 'self' 'nonce-PYLYYM0NJ2ox6dFcUAQSRA=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.041424 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ff1f581b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:06 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.055965 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..3395d37d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:07 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.041156 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9bd58a1e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:06 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048276 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5a153bd0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:15 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.052651 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..870725fc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:08 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.113322 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..18d8904f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:46 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.034772 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..321df268 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:35 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.162952 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..10a6e62a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:34 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.062254 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..bff9607b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Thu, 09 Apr 2026 22:12:10 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.031102 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ae15c20c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:27 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.043580 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..fb0311ee --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:45 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.044632 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/verification_report.md new file mode 100644 index 00000000..c2687b52 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/verification_report.md @@ -0,0 +1,594 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-09T15:12:55-07:00 +**Public IP**: 76.53.10.36 +**Profile**: public +**Verifier**: intlc + +## All endpoints (60) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 60 +- **DNS tests passed**: 60 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 1 +- **Failed tests**: 1 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.05708759090909091s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | warn | - | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: fail +- Mission Control trace: pass +- Mission Control liquidity: fail +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..8f13a570 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 09 Apr 2026 22:12:10 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.032321 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..748b9308 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Thu, 09 Apr 2026 22:12:21 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.075684 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..26513885 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 09 Apr 2026 22:12:35 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046391 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..0746564e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 09 Apr 2026 22:12:13 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.034704 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..b4506a80 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260409_151202/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Thu, 09 Apr 2026 22:12:13 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.072278 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9ac9ba90 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:39 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037867 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..9573d688 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:10 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.137755 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/all_e2e_results.json new file mode 100644 index 00000000..89b0c3b7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/all_e2e_results.json @@ -0,0 +1,1616 @@ +[ + { + "domain": "ws.rpc-fireblocks.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:20:03-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc-fireblocks.d-bis.org", + "issuer": "E8", + "expires": "May 22 21:48:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035463, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045440, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.031227, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051397, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.137755, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042051, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065906, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044411, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039542, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.118942, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:13-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.044213, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.086486, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:14-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.209.228", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.134900, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.033692 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.033342, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-12T03:20:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034834, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:16-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047966, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.578443, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:17-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046673, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033530, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042250, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.030852, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:19-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035651, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.072847, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039765, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-12T03:20:20-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046508, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051168, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:20:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035470, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.033906, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:20:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043957, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:20:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 16 19:29:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037265, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037867, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.060269, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-prv.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-prv.d-bis.org", + "issuer": "E7", + "expires": "Jun 25 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.038222, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 16 22:29:59 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036153, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:41-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.026582, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-fireblocks.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:20:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-fireblocks.d-bis.org", + "issuer": "E8", + "expires": "May 22 21:47:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:20:42-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "Jul 8 03:31:39 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.548176, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "fail", + "http_code": "200" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:21:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039494, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-12T03:21:09-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.602497, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-12T03:21:10-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045986, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:21:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048902, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:21:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:21:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.039005, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:21:11-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:21:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 16 13:29:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.032958, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:21:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-prv.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:21:12-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-prv.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:19 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:21:18-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:21:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.126383, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..f91428c3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"total_blocks":3924841,"total_transactions":54603,"total_addresses":6793,"latest_block":3924840,"freshness":{"chain_head":{"block_number":3924840,"timestamp":"2026-04-12T10:21:09Z","age_seconds":0,"source":"reported","confidence":"high","provenance":"rpc","completeness":"complete"},"latest_indexed_block":{"block_number":3924840,"timestamp":"2026-04-12T10:21:09Z","age_seconds":0,"source":"reported","confidence":"high","provenance":"explorer_index","completeness":"complete"},"latest_indexed_transaction":{"block_number":3924088,"timestamp":"2026-04-12T09:56:05Z","age_seconds":1504,"hash":"0x26045d9cbb060a284cc58accd5329ded5edaead40e155425a950fe863ca9f801","source":"reported","confidence":"high","provenance":"tx_index","completeness":"partial"},"latest_non_empty_block":{"block_number":3924088,"timestamp":"2026-04-12T09:56:05Z","age_seconds":1504,"distance_from_head":752,"source":"reported","confidence":"high","provenance":"tx_index","completeness":"partial"}},"completeness":{"transactions_feed":"partial","blocks_feed":"complete","gas_metrics":"unavailable","utilization_metrics":"unavailable"},"sampling":{"stats_generated_at":"2026-04-12T10:21:09Z","rpc_probe_at":"2026-04-12T10:21:09Z","stats_window_seconds":300}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..a106e3fb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:09 GMT +content-type: text/html; charset=utf-8 +content-length: 111149 +vary: Accept-Encoding +etag: "zwpi1pp06v2dqa" +vary: Accept-Encoding +cache-control: no-store, no-cache, must-revalidate +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://blockscout.defi-oracle.io wss://blockscout.defi-oracle.io https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.602497 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..4f990bbc --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:23 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HDZj22C9oLWvKZtbrLivhvZYMt11qydZl4rXV%2BBHKYi5fiule%2BGTYNMf1XhRKpLPcnqOfTDIQchg%2Ftj8skNLxteqDnVhLesnd7RbSEsk4MjPPxd4MoPx1GYGSelo%2BRo3WYqaH9DXjYiB"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9eb180fe4a9bf9ce-LAX + + +0.126383 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..819db799 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:13 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZwP9l%2FRK0Kr%2BatZu7Wux82m6AyXTZXjLljavJeLTVCZEluapB%2BSBMLyUeSdV5c4I7%2BCx5zP6A%2BTAlMIZ%2FFmGxrMUsRbDIQw333IofTc4jWMCTfxpK4l97XoF7GfMy3qaM3Jw2jWrqA%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9eb17f459a33a63a-LAX + + +0.118942 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..506c936f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:11 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.032958 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2e55bee9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:09 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ea27cf59efd3870eda8299f6c6f027f0 +x-span-id: c9772d187b21c0e1 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/d-bis_org_https_headers.txt new file mode 100644 index 00000000..161328e0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:10 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048902 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bc5a4d98 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:18 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.033530 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..2127f811 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:11 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.042051 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f3714df4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:20 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: aaa0b6562cac172d318a2e6fe9c84a8b +x-span-id: 4b097a7fd5f5b4e2 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..55cb6cd9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:09 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.035463 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..19590a8f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:10 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: f22a9e38e78b3f20ed30c43a78523312 +x-span-id: 3ec811b76546aa07 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..253da8b5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:15 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: bb3dc7ab72e307b4f66bfa2593acc4fc +x-span-id: 67940978ace62e4d +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a0c4f285 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:39 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.037265 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c1718055 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:13 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044213 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..bcc68651 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:17 GMT +content-type: text/html; charset=utf-8 +content-length: 111163 +vary: Accept-Encoding +etag: "h8nszwdfox2dqo" +vary: Accept-Encoding +cache-control: no-store, no-cache, must-revalidate +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://blockscout.defi-oracle.io wss://blockscout.defi-oracle.io https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.578443 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..24ec5f15 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"total_blocks":3924827,"total_transactions":54603,"total_addresses":6793,"latest_block":3924826,"freshness":{"chain_head":{"block_number":3924826,"timestamp":"2026-04-12T10:20:41Z","age_seconds":1,"source":"reported","confidence":"high","provenance":"rpc","completeness":"complete"},"latest_indexed_block":{"block_number":3924826,"timestamp":"2026-04-12T10:20:41Z","age_seconds":1,"source":"reported","confidence":"high","provenance":"explorer_index","completeness":"complete"},"latest_indexed_transaction":{"block_number":3924088,"timestamp":"2026-04-12T09:56:05Z","age_seconds":1477,"hash":"0x26045d9cbb060a284cc58accd5329ded5edaead40e155425a950fe863ca9f801","source":"reported","confidence":"high","provenance":"tx_index","completeness":"partial"},"latest_non_empty_block":{"block_number":3924088,"timestamp":"2026-04-12T09:56:05Z","age_seconds":1477,"distance_from_head":738,"source":"reported","confidence":"high","provenance":"tx_index","completeness":"partial"}},"completeness":{"transactions_feed":"partial","blocks_feed":"complete","gas_metrics":"unavailable","utilization_metrics":"unavailable"},"sampling":{"stats_generated_at":"2026-04-12T10:20:42Z","rpc_probe_at":"2026-04-12T10:20:41Z","stats_window_seconds":300}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..9f1375cb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,748 @@ + + + + + + Chain 138 — Visual Command Center + + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The main explorer remains the canonical live operational surface. Deep links: ?tab=mission-control or numeric ?tab=08 (slug per tab).

+
+ +
+ Loading local diagram assets. If the local Mermaid bundle is unavailable, the page will try a trusted CDN fallback automatically. +
+ +
+ If diagram rendering is unavailable, use the main explorer operational surfaces directly: + Operations Hub, + Bridge Monitoring, + Routes, + System, + and Operator. +
+ +
+
+ + + + + + + + + +
+ Back to Operations +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e295e212 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:42 GMT +content-type: text/html; charset=utf-8 +content-length: 111149 +vary: Accept-Encoding +etag: "ahn14s51ep2dqa" +vary: Accept-Encoding +cache-control: no-store, no-cache, must-revalidate +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://blockscout.defi-oracle.io wss://blockscout.defi-oracle.io https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.548176 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..4422653c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"error":"Internal server error"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..156a2f5d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,10 @@ +: mission-control stream + +event: ping +data: {} + +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-12T09:02:02.190Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":{"at":"2026-04-12T09:02:02.188Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","tx_hash":"0x29422259e81835f80b72d4ca16fa3256ec25461749363d827a3aa5a94a9c7d8e"},"last_seen_message":{"at":"2026-04-12T09:02:55.312Z","block_number":"0x3bda1a","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x020002288e64febf18da555466e54ec8c80d287b57615079f805f45d51a699fd"},"last_source_poll":{"at":"2026-04-12T10:20:38.970Z","from_block":3924789,"logs_fetched":0,"ok":true,"to_block":3924822},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":42,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":487580,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-08T09:54:08.316Z","uptime_sec":347194},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-12T10:20:41.143Z","from_block":3924790,"logs_fetched":0,"ok":true,"to_block":3924824},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2978621,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-11T05:16:09.211Z","uptime_sec":104673},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-07T04:28:06.895Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-07T04:28:06.558Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-12T10:20:38.933Z","from_block":3924789,"logs_fetched":0,"ok":true,"to_block":3924822},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":3051,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-07T04:26:48.652Z","uptime_sec":453234},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-12T10:20:40.140Z","from_block":82745567,"logs_fetched":0,"ok":true,"to_block":82745604},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2978619,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-11T05:16:09.004Z","uptime_sec":104674},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-12T10:20:41.244Z","from_block":3924790,"logs_fetched":0,"ok":true,"to_block":3924824},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2978685,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-11T05:16:10.262Z","uptime_sec":104672},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-12T09:02:02.190Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":{"at":"2026-04-12T09:02:02.188Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","tx_hash":"0x29422259e81835f80b72d4ca16fa3256ec25461749363d827a3aa5a94a9c7d8e"},"last_seen_message":{"at":"2026-04-12T09:02:55.312Z","block_number":"0x3bda1a","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x020002288e64febf18da555466e54ec8c80d287b57615079f805f45d51a699fd"},"last_source_poll":{"at":"2026-04-12T10:20:38.970Z","from_block":3924789,"logs_fetched":0,"ok":true,"to_block":3924822},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":42,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":487580,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-08T09:54:08.316Z","uptime_sec":347194},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":{"at":"2026-04-12T09:57:30.124Z","block_number":"0x3be078","destination_chain_selector":"5009297550715157269","message_id":"0x3ab53a9e78c4cc00e3efd8a8c92518356a35f144e79f22d53b44c8a5a4dca777","sender":"0xcacfd227A040002e49e2e01626363071324f820a","transaction_hash":"0x26045d9cbb060a284cc58accd5329ded5edaead40e155425a950fe863ca9f801"},"last_source_poll":{"at":"2026-04-12T10:20:32.253Z","from_block":3924758,"logs_fetched":0,"ok":true,"to_block":3924819},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":4},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":3055,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-07T04:26:48.652Z","uptime_sec":453234},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3924827","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.104448725,"last_sync":"2026-04-12T10:20:43Z","latency_ms":3,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-12T10:20:43Z","freshness":{"chain_head":{"block_number":3924827,"timestamp":"2026-04-12T10:20:43Z","age_seconds":0,"source":"reported","confidence":"high","provenance":"rpc","completeness":"complete"},"latest_indexed_block":{"block_number":3924827,"timestamp":"2026-04-12T10:20:43Z","age_seconds":0,"source":"reported","confidence":"high","provenance":"explorer_index","completeness":"complete"},"latest_indexed_transaction":{"block_number":3924088,"timestamp":"2026-04-12T09:56:05Z","age_seconds":1478,"hash":"0x26045d9cbb060a284cc58accd5329ded5edaead40e155425a950fe863ca9f801","source":"reported","confidence":"high","provenance":"tx_index","completeness":"partial"},"latest_non_empty_block":{"block_number":3924088,"timestamp":"2026-04-12T09:56:05Z","age_seconds":1478,"distance_from_head":739,"source":"reported","confidence":"high","provenance":"tx_index","completeness":"partial"}},"mode":{"age_seconds":0,"confidence":"high","kind":"snapshot","provenance":"mission_control_feed","reason":"live_homepage_stream_not_attached","scope":"relay_monitoring_homepage_card_only","source":"reported","updated_at":"2026-04-12T10:20:43Z"},"rpc_probe":[{"blockNumber":"0x3be35b","blockNumberDec":"3924827","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.104448725,"latencyMs":3,"name":"chain-138","ok":true}],"sampling":{"stats_generated_at":"2026-04-12T10:20:43Z","rpc_probe_at":"2026-04-12T10:20:43Z","stats_window_seconds":300},"status":"operational","subsystems":{"bridge_relay_monitoring":{"age_seconds":0,"completeness":"complete","confidence":"high","provenance":"mission_control_feed","source":"reported","status":"operational","updated_at":"2026-04-12T10:20:43Z"},"rpc_head":{"age_seconds":0,"completeness":"complete","confidence":"high","provenance":"rpc","source":"reported","status":"operational","updated_at":"2026-04-12T10:20:43Z"},"stats_summary":{"age_seconds":0,"completeness":"complete","confidence":"medium","provenance":"composite","source":"reported","status":"operational","updated_at":"2026-04-12T10:20:43Z"},"tx_index":{"age_seconds":1478,"completeness":"partial","confidence":"high","provenance":"tx_index","source":"reported","status":"partial","updated_at":"2026-04-12T09:56:05Z"}}}} + +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-12T09:02:02.190Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":{"at":"2026-04-12T09:02:02.188Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","tx_hash":"0x29422259e81835f80b72d4ca16fa3256ec25461749363d827a3aa5a94a9c7d8e"},"last_seen_message":{"at":"2026-04-12T09:02:55.312Z","block_number":"0x3bda1a","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x020002288e64febf18da555466e54ec8c80d287b57615079f805f45d51a699fd"},"last_source_poll":{"at":"2026-04-12T10:20:59.351Z","from_block":3924799,"logs_fetched":0,"ok":true,"to_block":3924833},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":42,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":487580,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-08T09:54:08.316Z","uptime_sec":347214},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","ro \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..0121ba17 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,22 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:43 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://blockscout.defi-oracle.io https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScan +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +access-control-allow-origin: * +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-headers: Content-Type, Authorization +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..fa7cb8e5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:41 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.036153 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d6a384ec --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:17 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046673 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..4c6f87ef --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:14 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 23:21:29 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1BVHEDilCbzlhEz4%2FWVgVxl6HsCncpdlcI754YSHGwbpCiVyC%2BqRrp2NRjcm9mZSdrLL8fM4tAlf0zec3DT2cZUHPraZQfYN7Y2vAyx7%2F9MA09h2TGsUqZbqa2CqXPMaFbK%2BJgeT"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9eb17f503e101ae2-LAX + + +0.134900 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..b1b0a415 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-10T04:26:18.153Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..1cbc9b11 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:16 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047966 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..bb00138a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 12 Apr 2026 10:20:19 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.072847 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..628a70c2 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:10 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051397 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a4bacdb9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:10 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.031227 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/mim4u_org_https_headers.txt new file mode 100644 index 00000000..d02c5cb0 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:20 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.039765 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..34fdc1b5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:18 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.042250 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f2677d80 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:26 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-83s/zUaAu4NJhl2oQZI46A=='; style-src 'self' 'nonce-83s/zUaAu4NJhl2oQZI46A=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.035470 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2e74c64a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:12 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.044411 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c600689b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:12 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.039542 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a1378646 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:12 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.065906 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-fireblocks_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-fireblocks_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-fireblocks_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-http-prv_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-http-prv_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-http-prv_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6abac643 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:20 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051168 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..f70de11d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:13 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.086486 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ad0fbf43 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:11 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.039005 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..7fd4a404 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:41 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.026582 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..df6bd2be --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:39 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.060269 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..92f95299 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Sun, 12 Apr 2026 10:20:15 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033692 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..cd072240 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:32 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.043957 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..aa2174e9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:21:08 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.039494 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/verification_report.md new file mode 100644 index 00000000..9a3c9ec8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/verification_report.md @@ -0,0 +1,628 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-12T03:21:24-07:00 +**Public IP**: 76.53.10.36 +**Profile**: all +**Verifier**: intlc + +## All endpoints (64) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-fireblocks.d-bis.org | rpc-http | https://rpc-fireblocks.d-bis.org | +| rpc-http-prv.d-bis.org | rpc-http | https://rpc-http-prv.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-prv.d-bis.org | rpc-ws | https://rpc-ws-prv.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc-fireblocks.d-bis.org | rpc-ws | https://ws.rpc-fireblocks.d-bis.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 64 +- **DNS tests passed**: 64 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 1 +- **Failed tests**: 1 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.08723513636363635s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| ws.rpc-fireblocks.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | warn | - | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-prv.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| rpc-fireblocks.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-prv.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### ws.rpc-fireblocks.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-prv.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-fireblocks.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: fail +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-prv.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..62db9389 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:20:15 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033342 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..2401bd71 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:20:26 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.033906 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..98ab7655 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:20:40 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.038222 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d9cb2c70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:20:18 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.030852 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..84ce9d6d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_032003/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:20:19 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035651 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..f30e5a35 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/admin_d-bis_org_https_headers.txt @@ -0,0 +1,17 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:53 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.046968 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/admin_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/admin_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..d13e96fd --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/admin_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:22 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.080131 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/all_e2e_results.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/all_e2e_results.json new file mode 100644 index 00000000..4e878b54 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/all_e2e_results.json @@ -0,0 +1,1616 @@ +[ + { + "domain": "ws.rpc-fireblocks.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:37:15-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc-fireblocks.d-bis.org", + "issuer": "E8", + "expires": "May 22 21:48:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dbis-admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 15 06:47:43 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.042218, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "core.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:21-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "core.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:01 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038685, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "mifos.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "*", + "issuer": "*", + "expires": "May 19 19:15:03 3025 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036795, + "has_hsts": false, + "has_csp": false, + "has_xfo": false + } + } + }, + { + "domain": "members.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:22-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "members.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:31:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045286, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "admin.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 27 19:39:40 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.080131, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dash.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:23-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dash.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 30 17:27:00 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.035875, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "research.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "research.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:33:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049603, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "policy.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:24-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "policy.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:32:38 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.051997, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "portal.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "portal.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 27 19:40:08 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034381, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "cacti-hybx.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.123989, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "developers.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "developers.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 17:28:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.053267, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:37 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.065655, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:26-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-pub.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-pub.d-bis.org", + "issuer": "E8", + "expires": "Jun 16 06:48:10 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "info.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.91.43", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "info.defi-oracle.io", + "issuer": "Cloudflare TLS Issuing ECC CA 1", + "expires": "Jul 1 22:38:44 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.141950, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc.public-0138.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.public-0138.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 26 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "studio.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "studio.sankofa.nexus", + "issuer": "E7", + "expires": "May 31 10:23:29 2026 GMT" + }, + "https": { + "status": "warn", + "http_code": 502, + "response_time_seconds": 0.037924 + } + } + }, + { + "domain": "www.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 18:50:30 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.033954, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "dbis-api.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-12T03:37:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:47:45 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.040974, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "interop.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "interop.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048916, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "docs.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "docs.d-bis.org", + "issuer": "E8", + "expires": "Jun 19 20:22:34 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.624996, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "identity.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "identity.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:30:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.050349, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx-3.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:30-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "172.67.220.49", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:01:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "dapp.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dapp.d-bis.org", + "issuer": "E8", + "expires": "May 22 02:38:20 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.034485, + "has_hsts": false, + "has_csp": true, + "has_xfo": false + } + } + }, + { + "domain": "ops.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:31-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ops.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:32:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.047327, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.sankofa.nexus", + "issuer": "E7", + "expires": "Apr 16 20:59:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.092708, + "canonical_redirect": true, + "location_header": "location: https://sankofa.nexus/" + } + } + }, + { + "domain": "www.the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:32-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:52:05 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.035298, + "canonical_redirect": true, + "location_header": "location: https://the-order.sankofa.nexus/" + } + } + }, + { + "domain": "keycloak.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "keycloak.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 25 04:50:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 302, + "response_time_seconds": 0.039294, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:47:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.036143, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "data.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-12T03:37:33-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "data.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:27:36 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046701, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "sandbox.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "sandbox.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:19:17 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.048783, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "ws.rpc.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:37:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc.d-bis.org", + "issuer": "E8", + "expires": "Jun 29 16:00:38 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:39-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "phoenix.sankofa.nexus", + "issuer": "E7", + "expires": "Jun 16 06:47:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.038430, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "www.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.mim4u.org", + "issuer": "E8", + "expires": "Jun 15 06:47:54 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.043197, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "wss.defi-oracle.io", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:37:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "wss.defi-oracle.io", + "issuer": "E8", + "expires": "Jun 29 16:00:55 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "the-order.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "the-order.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 16 06:48:53 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.060120, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:46-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc2.d-bis.org", + "issuer": "E7", + "expires": "Jun 30 16:00:41 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-pub.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:37:47-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-pub.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:27 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "dev.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:52-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 16 19:29:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.077345, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "admin.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "admin.d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:49:41 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.046968, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "status.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:53-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "status.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:16:11 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.099390, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-alltra-2.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-http-prv.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:54-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-http-prv.d-bis.org", + "issuer": "E7", + "expires": "Jun 25 16:00:12 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "www.phoenix.sankofa.nexus", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:55-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "www.phoenix.sankofa.nexus", + "issuer": "E8", + "expires": "Jun 15 06:48:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 301, + "response_time_seconds": 0.072463, + "canonical_redirect": true, + "location_header": "location: https://phoenix.sankofa.nexus/health" + } + } + }, + { + "domain": "gitea.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:56-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 16 22:29:59 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045343, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "secure.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.mim4u.org", + "issuer": "E8", + "expires": "Jun 16 06:48:46 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.045078, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-fireblocks.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:37:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-fireblocks.d-bis.org", + "issuer": "E8", + "expires": "May 22 21:47:15 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "explorer.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:37:57-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "explorer.d-bis.org", + "issuer": "E8", + "expires": "Jul 8 03:31:39 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.945209, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + }, + "explorer_command_center": { + "status": "pass", + "http_code": 200 + }, + "mission_control_stream": { + "status": "pass", + "http_code": 200 + }, + "mission_control_trace": { + "status": "pass", + "http_code": 200 + }, + "mission_control_liquidity": { + "status": "fail", + "http_code": "500" + } + } + }, + { + "domain": "training.mim4u.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:38:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "training.mim4u.org", + "issuer": "E7", + "expires": "Jun 16 06:49:02 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.049469, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "blockscout.defi-oracle.io", + "domain_type": "web", + "timestamp": "2026-04-12T03:38:25-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "blockscout.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 8 13:56:19 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.747360, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + }, + "blockscout_api": { + "status": "pass", + "http_code": 200 + } + } + }, + { + "domain": "dbis-api-2.d-bis.org", + "domain_type": "api", + "timestamp": "2026-04-12T03:38:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "dbis-api-2.d-bis.org", + "issuer": "E8", + "expires": "Apr 16 20:56:22 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.037943, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:38:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "E7", + "expires": "Jun 28 18:50:15 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.056333, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-core.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:38:27-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-core.d-bis.org", + "issuer": "E8", + "expires": "Jun 30 17:33:58 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "secure.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:38:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "secure.d-bis.org", + "issuer": "E7", + "expires": "Apr 16 20:58:28 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.027562, + "has_hsts": true, + "has_csp": true, + "has_xfo": true + } + } + }, + { + "domain": "rpc-hybx.d-bis.org", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:38:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "codespaces.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:38:28-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.40", + "expected_ip": "76.53.10.40" + }, + "ssl": { + "status": "pass", + "cn": "subject=", + "issuer": "YE2", + "expires": "Apr 16 13:29:58 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.028482, + "has_hsts": false, + "has_csp": false, + "has_xfo": true + } + } + }, + { + "domain": "rpc.defi-oracle.io", + "domain_type": "rpc-http", + "timestamp": "2026-04-12T03:38:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc.defi-oracle.io", + "issuer": "E7", + "expires": "Jun 30 18:44:51 2026 GMT" + }, + "rpc_http": { + "status": "pass", + "chain_id": "0x8a" + } + } + }, + { + "domain": "rpc-ws-prv.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:38:29-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "rpc-ws-prv.d-bis.org", + "issuer": "E7", + "expires": "Jun 16 06:48:19 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "ws.rpc2.d-bis.org", + "domain_type": "rpc-ws", + "timestamp": "2026-04-12T03:38:34-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "76.53.10.36", + "expected_ip": "76.53.10.36" + }, + "ssl": { + "status": "pass", + "cn": "ws.rpc2.d-bis.org", + "issuer": "E8", + "expires": "Jun 28 16:00:21 2026 GMT" + }, + "websocket": { + "status": "pass", + "http_code": "400", + "full_test": true, + "full_test_output": "result" + } + } + }, + { + "domain": "cacti-alltra.d-bis.org", + "domain_type": "web", + "timestamp": "2026-04-12T03:38:40-07:00", + "tests": { + "dns": { + "status": "pass", + "resolved_ip": "104.21.86.131", + "expected_ip": "any" + }, + "ssl": { + "status": "pass", + "cn": "d-bis.org", + "issuer": "WE1", + "expires": "May 27 07:40:56 2026 GMT" + }, + "https": { + "status": "pass", + "http_code": 200, + "response_time_seconds": 0.113469, + "has_hsts": true, + "has_csp": false, + "has_xfo": true + } + } + } +] diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/blockscout_defi-oracle_io_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/blockscout_defi-oracle_io_blockscout_api.txt new file mode 100644 index 00000000..3cebf51e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/blockscout_defi-oracle_io_blockscout_api.txt @@ -0,0 +1 @@ +{"total_blocks":3925359,"total_transactions":54604,"total_addresses":6793,"latest_block":3925358,"average_block_time":2000,"gas_prices":{"average":0.000001},"network_utilization_percentage":0,"transactions_today":6970,"freshness":{"chain_head":{"block_number":3925358,"timestamp":"2026-04-12T10:38:25Z","age_seconds":1,"source":"reported","confidence":"high","provenance":"rpc","completeness":"complete"},"latest_indexed_block":{"block_number":3925358,"timestamp":"2026-04-12T10:38:25Z","age_seconds":1,"source":"reported","confidence":"high","provenance":"explorer_index","completeness":"complete"},"latest_indexed_transaction":{"block_number":3925177,"timestamp":"2026-04-12T10:32:23Z","age_seconds":363,"hash":"0x622cd2219a143204af20df0f8854094dd9d6a93e3239a64a5037b8ccce69fdcd","source":"reported","confidence":"high","provenance":"tx_index","completeness":"complete"},"latest_non_empty_block":{"block_number":3925177,"timestamp":"2026-04-12T10:32:23Z","age_seconds":363,"distance_from_head":181,"source":"reported","confidence":"high","provenance":"tx_index","completeness":"complete"}},"completeness":{"transactions_feed":"complete","blocks_feed":"complete","gas_metrics":"complete","utilization_metrics":"complete"},"sampling":{"stats_generated_at":"2026-04-12T10:38:26Z","rpc_probe_at":"2026-04-12T10:38:25Z","stats_window_seconds":300}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/blockscout_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/blockscout_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..ac925ac1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/blockscout_defi-oracle_io_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:25 GMT +content-type: text/html; charset=utf-8 +content-length: 111054 +vary: Accept-Encoding +etag: "7g3xqxvn432dnn" +vary: Accept-Encoding +cache-control: no-store, no-cache, must-revalidate +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://blockscout.defi-oracle.io wss://blockscout.defi-oracle.io https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.747360 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/cacti-alltra_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/cacti-alltra_d-bis_org_https_headers.txt new file mode 100644 index 00000000..59d4c3d3 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/cacti-alltra_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:39 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=GKCiB6crbTr6QqorSnBKt%2Bw46M0BOy%2BN1kU%2Fdw2yEvvRK6Cn4xpOkaW3EsLZkS2ZlsKv5v4DggEX%2BjU8IgFwwMBs2BZ1%2Fm4WqIECiM6gJhJBlUO%2FT1QkpBCM%2FbL5VnAjKVrDbAo%2Flv6z"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9eb19a4b8a3552cc-LAX + + +0.113469 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/cacti-hybx_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/cacti-hybx_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c5b22c39 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/cacti-hybx_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:25 GMT +content-type: text/html +alt-svc: h3=":443"; ma=86400 +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=r7tl%2BDWw18SdukiBhmDUxQTN%2BezlUv1GfM86xJgjd%2BGfgMquJtXJHS2RKbQx7n1RCG9Xnx%2FoGk16XlG4M1g%2F6L9ylAhfR1xGA6%2Fnqca7QbluJiJc3M1RO5lTjGzqwGCwyFj%2BfeYxBw%3D%3D"}]} +last-modified: Thu, 02 Apr 2026 19:42:29 GMT +referrer-policy: strict-origin-when-cross-origin +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +cf-cache-status: DYNAMIC +strict-transport-security: max-age=31536000; includeSubDomains +server: cloudflare +cf-ray: 9eb19877e8a5ed79-LAX + + +0.123989 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/codespaces_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/codespaces_d-bis_org_https_headers.txt new file mode 100644 index 00000000..c596993b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/codespaces_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:28 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.028482 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/core_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/core_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/core_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/core_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/core_d-bis_org_https_headers.txt new file mode 100644 index 00000000..de83b36e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/core_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:21 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 3a78cab7bc66883de98f0d408ec2264d +x-span-id: 7d3157499e803808 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/d-bis_org_https_headers.txt new file mode 100644 index 00000000..54e9cbcf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:27 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.056333 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dapp_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dapp_d-bis_org_https_headers.txt new file mode 100644 index 00000000..6adaa444 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dapp_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:31 GMT +content-type: text/html +content-length: 470 +vary: Accept-Encoding +last-modified: Sun, 22 Feb 2026 04:25:15 GMT +etag: "699a852b-1d6" +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https: wss: http://192.168.11.221:8545 ws://192.168.11.221:8546 https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org; frame-src 'self' https:; frame-ancestors 'self'; +accept-ranges: bytes + + +0.034485 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dash_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dash_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..c8184c51 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dash_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:23 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.035875 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/data_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/data_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a01fd56b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/data_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:33 GMT +content-type: application/json; charset=utf-8 +content-length: 100 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 0dab61c109005aef25afdbdf2bf4e777 +x-span-id: a2eb5a71517798f5 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-admin_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-admin_d-bis_org_https_headers.txt new file mode 100644 index 00000000..0e520243 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-admin_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:20 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.042218 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api-2_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api-2_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api-2_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api-2_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api-2_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a345de93 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api-2_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:26 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: 4484cbee3c250e8e5fa7e5cbe99a6654 +x-span-id: 8ff48d90bf52f14c +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api_d-bis_org_https_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api_d-bis_org_https_body.txt new file mode 100644 index 00000000..c98a6e26 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api_d-bis_org_https_body.txt @@ -0,0 +1 @@ +{"service":"dbis-core-banking-system","status":"healthy","version":"1.0.0","docs":"/api-docs","health":"/health"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d221aec7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dbis-api_d-bis_org_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:28 GMT +content-type: application/json; charset=utf-8 +content-length: 113 +vary: Accept-Encoding +content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +origin-agent-cluster: ?1 +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-dns-prefetch-control: off +x-download-options: noopen +x-frame-options: SAMEORIGIN +x-permitted-cross-domain-policies: none +x-xss-protection: 0 +x-trace-id: ea566e434d11e84e34c58a99df78d1e9 +x-span-id: 486db4895ea416e0 +x-parent-span-id: diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dev_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dev_d-bis_org_https_headers.txt new file mode 100644 index 00000000..54b5f874 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/dev_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:52 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.077345 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/developers_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/developers_d-bis_org_https_headers.txt new file mode 100644 index 00000000..5732a293 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/developers_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:25 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.053267 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/docs_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/docs_d-bis_org_https_headers.txt new file mode 100644 index 00000000..ec4aec5f --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/docs_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:29 GMT +content-type: text/html; charset=utf-8 +content-length: 111054 +vary: Accept-Encoding +etag: "15sjbbcd4jl2dnn" +vary: Accept-Encoding +cache-control: no-store, no-cache, must-revalidate +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://blockscout.defi-oracle.io wss://blockscout.defi-oracle.io https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.624996 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_blockscout_api.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_blockscout_api.txt new file mode 100644 index 00000000..0fee27f6 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_blockscout_api.txt @@ -0,0 +1 @@ +{"total_blocks":3925345,"total_transactions":54604,"total_addresses":6793,"latest_block":3925344,"average_block_time":2000,"gas_prices":{"average":0.000001},"network_utilization_percentage":0,"transactions_today":6970,"freshness":{"chain_head":{"block_number":3925344,"timestamp":"2026-04-12T10:37:57Z","age_seconds":1,"source":"reported","confidence":"high","provenance":"rpc","completeness":"complete"},"latest_indexed_block":{"block_number":3925344,"timestamp":"2026-04-12T10:37:57Z","age_seconds":1,"source":"reported","confidence":"high","provenance":"explorer_index","completeness":"complete"},"latest_indexed_transaction":{"block_number":3925177,"timestamp":"2026-04-12T10:32:23Z","age_seconds":335,"hash":"0x622cd2219a143204af20df0f8854094dd9d6a93e3239a64a5037b8ccce69fdcd","source":"reported","confidence":"high","provenance":"tx_index","completeness":"complete"},"latest_non_empty_block":{"block_number":3925177,"timestamp":"2026-04-12T10:32:23Z","age_seconds":335,"distance_from_head":167,"source":"reported","confidence":"high","provenance":"tx_index","completeness":"complete"}},"completeness":{"transactions_feed":"complete","blocks_feed":"complete","gas_metrics":"complete","utilization_metrics":"complete"},"sampling":{"stats_generated_at":"2026-04-12T10:37:58Z","rpc_probe_at":"2026-04-12T10:37:57Z","stats_window_seconds":300}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_command_center_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_command_center_body.txt new file mode 100644 index 00000000..9f1375cb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_command_center_body.txt @@ -0,0 +1,748 @@ + + + + + + Chain 138 — Visual Command Center + + + + + + +
+

Chain 138 — deployment and liquidity topology

+

Operator-style view of the architecture in docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md. Diagrams are informational only; contract addresses live in explorer config and repo references. The main explorer remains the canonical live operational surface. Deep links: ?tab=mission-control or numeric ?tab=08 (slug per tab).

+
+ +
+ Loading local diagram assets. If the local Mermaid bundle is unavailable, the page will try a trusted CDN fallback automatically. +
+ +
+ If diagram rendering is unavailable, use the main explorer operational surfaces directly: + Operations Hub, + Bridge Monitoring, + Routes, + System, + and Operator. +
+ +
+
+ + + + + + + + + +
+ Back to Operations +
+ + +
+

Hub, leaf endings, CCIP destinations, Alltra, the dedicated Avalanche cW corridor, the public cW mesh, and pending programs. Mainnet cW mint corridors and the optional TRUU rail are summarized under the Ethereum anchor.

+
+flowchart TB + subgraph LEAF_INGRESS["Leaves — access to 138"] + WU[Wallets · MetaMask Snaps · Ledger · Chainlist · SDKs · ethers.js] + OPS[Operators · Foundry scripts · relay · systemd · deploy hooks] + RPCPUB[Public RPC FQDNs · thirdweb mirrors] + FB[Fireblocks Web3 RPC] + end + + subgraph LEAF_EDGE["Leaves — services that index or front 138"] + EXP[Explorer · Blockscout · token-aggregation] + INFO[info.defi-oracle.io] + DAPP[dapp.d-bis.org bridge UI] + DBIS[dbis-api Core hosts] + X402[x402 payment API] + MCP[MCP PMM controller] + end + + subgraph HUB["CHAIN 138 — origin hub"] + C138["Besu EVM · tokens core · DODO PMM V2/V3 · RouterV2 · UniV3 / Balancer / Curve / 1inch pilots · CCIP bridges + router · AlltraAdapter · BridgeVault · ISO channels · mirror reserve vault settlement · Lockbox · Truth / Tron / Solana adapters"] + end + + subgraph CCIP_ETH["Ethereum 1 — CCIP anchor"] + ETH1["WETH9 / WETH10 bridges · CCIPRelayRouter · RelayBridge · Logger · optional trustless stack"] + LEAF_ETH["Leaf — Mainnet native DEX venues · Li.Fi touchpoints on other chains · first-wave cW DODO pools · optional TRUU PMM rail"] + end + + subgraph CCIP_L2["Other live CCIP EVM destinations"] + L2CLU["OP 10 · Base 8453 · Arb 42161 · Polygon 137 · BSC 56 · Avax 43114 · Gnosis 100 · Celo 42220 · Cronos 25"] + LEAF_L2["Leaf — per-chain native DEX · cW token transport · partial edge pools"] + end + + subgraph ALLTRA["ALL Mainnet 651940"] + A651["AlltraAdapter peer · AUSDT · WETH · WALL · HYDX · DEX env placeholders"] + LEAF_651["Leaf — ALL native venues when configured"] + end + + subgraph SPECIAL["Dedicated corridor from 138"] + AVAXCW["138 cUSDT to Avax cWUSDT mint path"] + LEAF_AVAX["Leaf — recipient on 43114"] + end + + subgraph CW_MESH["Public cW GRU mesh"] + CW["Cross-public-EVM token matrix · pool design · Mainnet DODO concentration"] + end + + subgraph PENDING["Pending separate scaffold"] + WEMIX[Wemix 1111 CCIP pending] + XDC[XDC Zero parallel program] + SCAFF[Etherlink Tezos OP L2 design] + PNON[Truth pointer · Tron adapter · Solana partial] + end + + WU --> RPCPUB + RPCPUB --> C138 + WU --> C138 + OPS --> C138 + EXP --> C138 + INFO --> C138 + DAPP --> C138 + DBIS --> C138 + X402 --> C138 + MCP --> C138 + FB --> C138 + + C138 <--> ETH1 + C138 <--> L2CLU + C138 <--> A651 + C138 --> AVAXCW + AVAXCW --> LEAF_AVAX + + ETH1 <--> L2CLU + ETH1 --> LEAF_ETH + L2CLU --> LEAF_L2 + A651 --> LEAF_651 + + CW -.->|pool and peg design| LEAF_ETH + CW -.->|token mesh| L2CLU + + C138 -.-> WEMIX + C138 -.-> XDC + C138 -.-> SCAFF + C138 -.-> PNON +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ Source: proxmox/docs/02-architecture/SMOM_DBIS_138_FULL_DEPLOYMENT_FLOW_MAP.md — addresses: config/smart-contracts-master.json and CONTRACT_ADDRESSES_REFERENCE. +
+ + + + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_https_headers.txt new file mode 100644 index 00000000..b732b2d5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:58 GMT +content-type: text/html; charset=utf-8 +content-length: 111054 +vary: Accept-Encoding +etag: "ix72kvqww32dnn" +vary: Accept-Encoding +cache-control: no-store, no-cache, must-revalidate +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: https:; font-src 'self' https://cdnjs.cloudflare.com; connect-src 'self' https://blockscout.defi-oracle.io wss://blockscout.defi-oracle.io https://explorer.d-bis.org wss://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.945209 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_liquidity.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_liquidity.json new file mode 100644 index 00000000..4422653c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_liquidity.json @@ -0,0 +1 @@ +{"error":"Internal server error"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_stream_body.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_stream_body.txt new file mode 100644 index 00000000..e1da911d --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_stream_body.txt @@ -0,0 +1,10 @@ +: mission-control stream + +event: ping +data: {} + +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-12T09:02:02.190Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":{"at":"2026-04-12T09:02:02.188Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","tx_hash":"0x29422259e81835f80b72d4ca16fa3256ec25461749363d827a3aa5a94a9c7d8e"},"last_seen_message":{"at":"2026-04-12T09:02:55.312Z","block_number":"0x3bda1a","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x020002288e64febf18da555466e54ec8c80d287b57615079f805f45d51a699fd"},"last_source_poll":{"at":"2026-04-12T10:37:58.920Z","from_block":3925309,"logs_fetched":0,"ok":true,"to_block":3925342},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":42,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":487580,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-08T09:54:08.316Z","uptime_sec":348231},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"ccip_relays":{"avax":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"relay_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","relay_router":"0x2a0023Ad5ce1Ac6072B454575996DfFb1BB11b16"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-12T10:37:56.073Z","from_block":3925307,"logs_fetched":0,"ok":true,"to_block":3925341},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x3f8c409c6072a2b6a4ff17071927ba70f80c725f"],"destination_bridge_default":"0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2978621,"profile":"avax","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-11T05:16:09.211Z","uptime_sec":105710},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_cw":{"url_probe":{"body":{"destination":{"chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","delivery_mode":"router","relay_bridge":"0x635002c5fb227160cd2eac926d1baa61847f3c75","relay_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"relay_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","relay_router":"0xc9158759a7e3621f6bb191bf5d77605d6e25b410"},"last_error":null,"last_relay_attempt":{"at":"2026-04-07T04:28:06.895Z","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","target_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","token_count":0},"last_relay_success":null,"last_seen_message":{"at":"2026-04-07T04:28:06.558Z","block_number":"0x340dc9","destination_chain_selector":"6433500567565415381","message_id":"0x8aa12010aece5f29396fbe84ed4f18554661f8a77238895c433367276110dc8f","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0xb6b821d3a04739c0f548fe1e30f4f162392c12a06930757bacdb940dc87f05b5"},"last_source_poll":{"at":"2026-04-12T10:37:57.885Z","from_block":3925308,"logs_fetched":0,"ok":true,"to_block":3925342},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"3411398"},"ok":true,"queue":{"failed":0,"processed":1,"size":0},"scope":{"destination_bridge_allowlist":["0x635002c5fb227160cd2eac926d1baa61847f3c75"],"destination_bridge_default":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":3051,"profile":"avax-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-07T04:26:48.652Z","uptime_sec":454270},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42dab7b888dd382bd5adcf9e038dbf1fd03b4817"},"status":"operational"},"ok":true,"status":200}},"avax_to_138":{"url_probe":{"body":{"destination":{"chain_id":138,"chain_name":"Chain 138","chain_selector":"138","delivery_mode":"router","relay_bridge":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","relay_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"relay_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","relay_router":"0xe75d26bc558a28442f30750c6d97bffb46f39abc"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-12T10:37:58.682Z","from_block":82746535,"logs_fetched":0,"ok":true,"to_block":82746573},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x152ed3e9912161b76bdfd368d0c84b7c31c10de7"],"destination_bridge_default":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","source_bridge":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75"},"service":{"name":"ccip-relay","pid":2978619,"profile":"avax-to-138","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-11T05:16:09.004Z","uptime_sec":105710},"source":{"bridge_address":"0x635002c5fb227160cd2eac926d1baa61847f3c75","bridge_filter":"0x635002c5Fb227160Cd2eAC926d1BaA61847f3C75","chain_id":43114,"chain_name":"Avalanche","chain_selector":"6433500567565415381","router_address":"0x1773125b280d296354f4f4b958a7cfc4e5975b60"},"status":"operational"},"ok":true,"status":200}},"bsc":{"url_probe":{"body":{"destination":{"chain_id":56,"chain_name":"BSC","chain_selector":"11344663589394136015","delivery_mode":"router","relay_bridge":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"relay_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","relay_router":"0x4d9Bc6c74ba65E37c4139F0aEC9fc5Ddff28Dcc4"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":null,"last_source_poll":{"at":"2026-04-12T10:37:56.158Z","from_block":3925307,"logs_fetched":0,"ok":true,"to_block":3925341},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"latest"},"ok":true,"queue":{"failed":0,"processed":0,"size":0},"scope":{"destination_bridge_allowlist":["0x886c6a4abc064dbf74e7caec460b7eec31f1b78c"],"destination_bridge_default":"0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":2978685,"profile":"bsc","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-11T05:16:10.262Z","uptime_sec":105709},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_cw":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-12T09:02:02.190Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":{"at":"2026-04-12T09:02:02.188Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","tx_hash":"0x29422259e81835f80b72d4ca16fa3256ec25461749363d827a3aa5a94a9c7d8e"},"last_seen_message":{"at":"2026-04-12T09:02:55.312Z","block_number":"0x3bda1a","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x020002288e64febf18da555466e54ec8c80d287b57615079f805f45d51a699fd"},"last_source_poll":{"at":"2026-04-12T10:37:58.920Z","from_block":3925309,"logs_fetched":0,"ok":true,"to_block":3925342},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":42,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":487580,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-08T09:54:08.316Z","uptime_sec":348231},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"operational"},"ok":true,"status":200}},"mainnet_weth":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"relay_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":null,"last_relay_success":null,"last_seen_message":{"at":"2026-04-12T10:33:33.307Z","block_number":"0x3be4b9","destination_chain_selector":"5009297550715157269","message_id":"0x7a49b584a1966c9c568036169b227a2293b74132a21bcfbd253b2e8d621f1dde","sender":"0xcacfd227A040002e49e2e01626363071324f820a","transaction_hash":"0x622cd2219a143204af20df0f8854094dd9d6a93e3239a64a5037b8ccce69fdcd"},"last_source_poll":{"at":"2026-04-12T10:37:33.602Z","from_block":3925269,"logs_fetched":0,"ok":true,"to_block":3925330},"monitoring":{"confirmation_blocks":1,"delivery_enabled":false,"effective_source_poll_interval_ms":60000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":true,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":0,"size":5},"scope":{"destination_bridge_allowlist":["0xf9a32f37099c582d28b4de7fca6eac1e5259f939"],"destination_bridge_default":"0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939","source_bridge":"0xcacfd227A040002e49e2e01626363071324f820a"},"service":{"name":"ccip-relay","pid":3055,"profile":"mainnet-weth","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-07T04:26:48.652Z","uptime_sec":454270},"source":{"bridge_address":"0xcacfd227A040002e49e2e01626363071324f820a","bridge_filter":"0xcacfd227A040002e49e2e01626363071324f820a","chain_id":138,"chain_name":"Chain 138","chain_selector":"138","router_address":"0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817"},"status":"paused"},"ok":true,"status":200}}},"chains":{"138":{"block_number":"3925345","endpoint":"https://rpc-http-pub.d-bis.org","head_age_sec":0.295254228,"last_sync":"2026-04-12T10:37:59Z","latency_ms":3,"name":"Defi Oracle Meta Mainnet","probe_error":"","status":"operational"}},"checked_at":"2026-04-12T10:37:59Z","freshness":{"chain_head":{"block_number":3925345,"timestamp":"2026-04-12T10:37:59Z","age_seconds":0,"source":"reported","confidence":"high","provenance":"rpc","completeness":"complete"},"latest_indexed_block":{"block_number":3925345,"timestamp":"2026-04-12T10:37:59Z","age_seconds":0,"source":"reported","confidence":"high","provenance":"explorer_index","completeness":"complete"},"latest_indexed_transaction":{"block_number":3925177,"timestamp":"2026-04-12T10:32:23Z","age_seconds":336,"hash":"0x622cd2219a143204af20df0f8854094dd9d6a93e3239a64a5037b8ccce69fdcd","source":"reported","confidence":"high","provenance":"tx_index","completeness":"complete"},"latest_non_empty_block":{"block_number":3925177,"timestamp":"2026-04-12T10:32:23Z","age_seconds":336,"distance_from_head":168,"source":"reported","confidence":"high","provenance":"tx_index","completeness":"complete"}},"mode":{"age_seconds":0,"confidence":"high","kind":"snapshot","provenance":"mission_control_feed","reason":"live_homepage_stream_not_attached","scope":"relay_monitoring_homepage_card_only","source":"reported","updated_at":"2026-04-12T10:37:59Z"},"rpc_probe":[{"blockNumber":"0x3be561","blockNumberDec":"3925345","chainKey":"138","endpoint":"https://rpc-http-pub.d-bis.org","error":"","headAgeSeconds":0.295254228,"latencyMs":3,"name":"chain-138","ok":true}],"sampling":{"stats_generated_at":"2026-04-12T10:37:59Z","rpc_probe_at":"2026-04-12T10:37:59Z","stats_window_seconds":300},"status":"operational","subsystems":{"bridge_relay_monitoring":{"age_seconds":0,"completeness":"complete","confidence":"high","provenance":"mission_control_feed","source":"reported","status":"operational","updated_at":"2026-04-12T10:37:59Z"},"rpc_head":{"age_seconds":0,"completeness":"complete","confidence":"high","provenance":"rpc","source":"reported","status":"operational","updated_at":"2026-04-12T10:37:59Z"},"stats_summary":{"age_seconds":0,"completeness":"complete","confidence":"medium","provenance":"composite","source":"reported","status":"operational","updated_at":"2026-04-12T10:37:59Z"},"tx_index":{"age_seconds":336,"completeness":"complete","confidence":"high","provenance":"tx_index","source":"reported","status":"operational","updated_at":"2026-04-12T10:32:23Z"}}}} + +event: mission-control +data: {"data":{"ccip_relay":{"url_probe":{"body":{"destination":{"chain_id":1,"chain_name":"Ethereum Mainnet","chain_selector":"5009297550715157269","delivery_mode":"router","relay_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"relay_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","relay_router":"0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA"},"last_error":null,"last_relay_attempt":{"at":"2026-04-12T09:02:02.190Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","token_count":0},"last_relay_success":{"at":"2026-04-12T09:02:02.188Z","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","target_bridge":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","tx_hash":"0x29422259e81835f80b72d4ca16fa3256ec25461749363d827a3aa5a94a9c7d8e"},"last_seen_message":{"at":"2026-04-12T09:02:55.312Z","block_number":"0x3bda1a","destination_chain_selector":"5009297550715157269","message_id":"0x007a53665f3d69a6e26e0a5bca121395399833658137efe8922ce4830f4fcb63","sender":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","transaction_hash":"0x020002288e64febf18da555466e54ec8c80d287b57615079f805f45d51a699fd"},"last_source_poll":{"at":"2026-04-12T10:38:19.290Z","from_block":3925316,"logs_fetched":0,"ok":true,"to_block":3925353},"monitoring":{"confirmation_blocks":1,"delivery_enabled":true,"effective_source_poll_interval_ms":5000,"finality_delay_blocks":2,"poll_interval_ms":5000,"replay_window_blocks":32,"shedding":false,"start_block":"2706088"},"ok":true,"queue":{"failed":0,"processed":42,"size":0},"scope":{"destination_bridge_allowlist":["0x2bf74583206a49be07e0e8a94197c12987abd7b5"],"destination_bridge_default":"0x2bF74583206A49Be07E0E8A94197C12987AbD7B5","source_bridge":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7"},"service":{"name":"ccip-relay","pid":487580,"profile":"mainnet-cw","relayer_address":"0x4A666F96fC8764181194447A7dFdb7d471b301C8","running":true,"started_at":"2026-04-08T09:54:08.316Z","uptime_sec":348251},"source":{"bridge_address":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","bridge_filter":"0x152eD3e9912161b76BDFd368D0C84B7C31C10dE7","chain_id":138,"chain_name":"Chain 138","chain_selector":"138" \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_stream_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_stream_headers.txt new file mode 100644 index 00000000..4c324816 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_stream_headers.txt @@ -0,0 +1,22 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:59 GMT +content-type: text/event-stream +access-control-allow-headers: Authorization, Content-Type, X-API-Key +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-origin: * +cache-control: no-cache +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; font-src 'self' https://cdnjs.cloudflare.com; img-src 'self' data: https:; connect-src 'self' https://blockscout.defi-oracle.io https://explorer.d-bis.org https://rpc-http-pub.d-bis.org wss://rpc-ws-pub.d-bis.org http://192.168.11.221:8545 ws://192.168.11.221:8546; +permissions-policy: geolocation=(), microphone=(), camera=() +referrer-policy: strict-origin-when-cross-origin +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-explorer-name: SolaceScan +x-explorer-version: 1.0.0 +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +access-control-allow-origin: * +access-control-allow-methods: GET, POST, OPTIONS +access-control-allow-headers: Content-Type, Authorization +alt-svc: h3=":443"; ma=86400 +referrer-policy: strict-origin-when-cross-origin + diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_trace.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_trace.json new file mode 100644 index 00000000..d6289553 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/explorer_d-bis_org_mission_control_trace.json @@ -0,0 +1 @@ +{"data":{"blockscout_url":"https://explorer.d-bis.org/tx/0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2","from":"0x4a666f96fc8764181194447a7dfdb7d471b301c8","from_registry":"DEPLOYER_ADMIN_138","source":"blockscout","to":"0x152ed3e9912161b76bdfd368d0c84b7c31c10de7","to_registry":"CW_L1_BRIDGE_CHAIN138","tx_hash":"0x2f31d4f9a97be754b800f4af1a9eedf3b107d353bfa1a19e81417497a76c05c2"}} diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/gitea_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/gitea_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9a0e6d30 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/gitea_d-bis_org_https_headers.txt @@ -0,0 +1,10 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:56 GMT +x-dns-prefetch-control: off +x-content-type-options: nosniff +x-permitted-cross-domain-policies: none +referrer-policy: strict-origin-when-cross-origin +x-frame-options: SAMEORIGIN + + +0.045343 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/identity_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/identity_d-bis_org_https_headers.txt new file mode 100644 index 00000000..55f795f8 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/identity_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:30 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.050349 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/info_defi-oracle_io_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/info_defi-oracle_io_https_headers.txt new file mode 100644 index 00000000..f4665740 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/info_defi-oracle_io_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:27 GMT +content-type: text/html +vary: Accept-Encoding +last-modified: Sun, 05 Apr 2026 23:21:29 GMT +report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Pu5BKZOVnKBZnj4wpb%2FE8x%2BCtDUb7878qRMbDKAv%2FEeIr4NAWP7na4mmGPluMwNqYfm60XGWP9Hiiep2qwmKbEd88U9CMknSPsXW%2BDYl%2F4Os%2FjpRoIfu%2BvzE20TTdRjf1eRDIzi6"}]} +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} +cf-cache-status: DYNAMIC +server: cloudflare +cf-ray: 9eb19883fb714adb-LAX + + +0.141950 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/info_defi_oracle_io_token_aggregation_networks.json b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/info_defi_oracle_io_token_aggregation_networks.json new file mode 100644 index 00000000..b1b0a415 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/info_defi_oracle_io_token_aggregation_networks.json @@ -0,0 +1 @@ +{"source":"runtime-file","version":"1.2.0","networks":[{"chainId":"0x8a","chainIdDecimal":138,"chainName":"DeFi Oracle Meta Mainnet","shortName":"dbis","rpcUrls":["https://rpc-http-pub.d-bis.org","https://rpc.d-bis.org","https://rpc2.d-bis.org","https://rpc.defi-oracle.io"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://explorer.d-bis.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://explorer.d-bis.org","explorerApiUrl":"https://explorer.d-bis.org/api/v2","testnet":false},{"chainId":"0x1","chainIdDecimal":1,"chainName":"Ethereum Mainnet","shortName":"eth","rpcUrls":["https://eth.llamarpc.com","https://rpc.ankr.com/eth","https://ethereum.publicnode.com","https://1rpc.io/eth"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://ethereum.org","testnet":false},{"chainId":"0x9f2c4","chainIdDecimal":651940,"chainName":"ALL Mainnet","shortName":"all","rpcUrls":["https://mainnet-rpc.alltra.global"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://alltra.global"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"],"infoURL":"https://alltra.global","testnet":false},{"chainId":"0x19","chainIdDecimal":25,"chainName":"Cronos Mainnet","rpcUrls":["https://evm.cronos.org","https://cronos-rpc.publicnode.com"],"nativeCurrency":{"name":"CRO","symbol":"CRO","decimals":18},"blockExplorerUrls":["https://cronos.org/explorer"],"iconUrls":["https://ipfs.io/ipfs/Qma3FKtLce9MjgJgWbtyCxBiPjJ6xi8jGWUSKNS5Jc2ong"]},{"chainId":"0x38","chainIdDecimal":56,"chainName":"BNB Smart Chain","rpcUrls":["https://bsc-dataseed.binance.org","https://bsc-dataseed1.defibit.io","https://bsc-dataseed1.ninicoin.io"],"nativeCurrency":{"name":"BNB","symbol":"BNB","decimals":18},"blockExplorerUrls":["https://bscscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x64","chainIdDecimal":100,"chainName":"Gnosis Chain","rpcUrls":["https://rpc.gnosischain.com","https://gnosis-rpc.publicnode.com","https://1rpc.io/gnosis"],"nativeCurrency":{"name":"xDAI","symbol":"xDAI","decimals":18},"blockExplorerUrls":["https://gnosisscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x89","chainIdDecimal":137,"chainName":"Polygon","rpcUrls":["https://polygon-rpc.com","https://polygon.llamarpc.com","https://polygon-bor-rpc.publicnode.com"],"nativeCurrency":{"name":"MATIC","symbol":"MATIC","decimals":18},"blockExplorerUrls":["https://polygonscan.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa","chainIdDecimal":10,"chainName":"Optimism","rpcUrls":["https://mainnet.optimism.io","https://optimism.llamarpc.com","https://optimism-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://optimistic.etherscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4b1","chainIdDecimal":42161,"chainName":"Arbitrum One","rpcUrls":["https://arb1.arbitrum.io/rpc","https://arbitrum.llamarpc.com","https://arbitrum-one-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://arbiscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x2105","chainIdDecimal":8453,"chainName":"Base","rpcUrls":["https://mainnet.base.org","https://base.llamarpc.com","https://base-rpc.publicnode.com"],"nativeCurrency":{"name":"Ether","symbol":"ETH","decimals":18},"blockExplorerUrls":["https://basescan.org"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa86a","chainIdDecimal":43114,"chainName":"Avalanche C-Chain","rpcUrls":["https://api.avax.network/ext/bc/C/rpc","https://avalanche-c-chain-rpc.publicnode.com","https://1rpc.io/avax/c"],"nativeCurrency":{"name":"AVAX","symbol":"AVAX","decimals":18},"blockExplorerUrls":["https://snowtrace.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0xa4ec","chainIdDecimal":42220,"chainName":"Celo","rpcUrls":["https://forno.celo.org","https://celo-mainnet-rpc.publicnode.com","https://1rpc.io/celo"],"nativeCurrency":{"name":"CELO","symbol":"CELO","decimals":18},"blockExplorerUrls":["https://celoscan.io"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]},{"chainId":"0x457","chainIdDecimal":1111,"chainName":"Wemix","rpcUrls":["https://api.wemix.com","https://wemix-mainnet-rpc.publicnode.com"],"nativeCurrency":{"name":"WEMIX","symbol":"WEMIX","decimals":18},"blockExplorerUrls":["https://scan.wemix.com"],"iconUrls":["https://raw.githubusercontent.com/ethereum/ethereum.org/main/static/images/eth-diamond-black.png"]}],"lastModified":"2026-04-10T04:26:18.153Z"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/interop_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/interop_d-bis_org_https_headers.txt new file mode 100644 index 00000000..79af08bb --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/interop_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:28 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048916 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/keycloak_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/keycloak_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..7d58896a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/keycloak_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 302 +date: Sun, 12 Apr 2026 10:37:32 GMT +location: https://keycloak.sankofa.nexus/admin/ +referrer-policy: no-referrer +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-content-type-options: nosniff +x-xss-protection: 0 +alt-svc: h3=":443"; ma=86400 +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests + + +0.039294 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/members_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/members_d-bis_org_https_headers.txt new file mode 100644 index 00000000..9d59a242 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/members_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:22 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.045286 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/mifos_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/mifos_d-bis_org_https_headers.txt new file mode 100644 index 00000000..a848b297 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/mifos_d-bis_org_https_headers.txt @@ -0,0 +1,12 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:22 GMT +content-type: text/html +content-length: 2147 +last-modified: Wed, 07 May 2025 12:00:31 GMT +vary: Accept-Encoding +etag: "681b4b5f-863" +alt-svc: h3=":443"; ma=86400 +accept-ranges: bytes + + +0.036795 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/mim4u_org_https_headers.txt new file mode 100644 index 00000000..48614a62 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:33 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.036143 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/ops_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/ops_d-bis_org_https_headers.txt new file mode 100644 index 00000000..e983229a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/ops_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:31 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.047327 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a64ff4f4 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:39 GMT +content-type: application/json; charset=utf-8 +content-length: 54 +vary: Accept-Encoding +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload +content-security-policy: default-src 'self'; script-src 'self' 'nonce-v/WS/yjkxP3In8rs2xa+wQ=='; style-src 'self' 'nonce-v/WS/yjkxP3In8rs2xa+wQ=='; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests +referrer-policy: strict-origin-when-cross-origin +permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=() +x-permitted-cross-domain-policies: none +cross-origin-embedder-policy: require-corp +cross-origin-opener-policy: same-origin +cross-origin-resource-policy: same-origin +alt-svc: h3=":443"; ma=86400 + + +0.038430 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/policy_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/policy_d-bis_org_https_headers.txt new file mode 100644 index 00000000..79daafca --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/policy_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:24 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.051997 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/portal_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/portal_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..a49fc9e7 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/portal_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:24 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.034381 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/research_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/research_d-bis_org_https_headers.txt new file mode 100644 index 00000000..15c0ddc5 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/research_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:23 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.049603 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-alltra_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-core_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-core_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-core_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-fireblocks_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-fireblocks_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-fireblocks_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-http-prv_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-http-prv_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-http-prv_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-http-pub_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-http-pub_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-http-pub_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx-2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx-2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx-2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx-3_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx-3_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx-3_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc-hybx_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc2_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc2_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc2_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_d-bis_org_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_d-bis_org_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_d-bis_org_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_public-0138_defi-oracle_io_rpc_response.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_public-0138_defi-oracle_io_rpc_response.txt new file mode 100644 index 00000000..1283cc70 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/rpc_public-0138_defi-oracle_io_rpc_response.txt @@ -0,0 +1 @@ +{"jsonrpc":"2.0","id":1,"result":"0x8a"} \ No newline at end of file diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/sandbox_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/sandbox_d-bis_org_https_headers.txt new file mode 100644 index 00000000..d7f4265a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/sandbox_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:33 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.048783 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..9a41fcaf --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/sankofa_nexus_https_headers.txt @@ -0,0 +1,19 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:25 GMT +content-type: text/html; charset=utf-8 +vary: Accept-Encoding +x-content-type-options: nosniff +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: ws: wss: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +link: ; rel=preload; as="font"; crossorigin=""; type="font/woff2" +cache-control: private, no-cache, no-store, max-age=0, must-revalidate +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 + + +0.065655 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/secure_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/secure_d-bis_org_https_headers.txt new file mode 100644 index 00000000..2db13f94 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/secure_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:27 GMT +content-type: text/html +content-length: 795 +vary: Accept-Encoding +last-modified: Thu, 02 Apr 2026 19:27:04 GMT +etag: "69cec308-31b" +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.027562 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/secure_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/secure_mim4u_org_https_headers.txt new file mode 100644 index 00000000..16ee375a --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/secure_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:56 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.045078 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/status_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/status_d-bis_org_https_headers.txt new file mode 100644 index 00000000..18554552 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/status_d-bis_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:53 GMT +content-type: text/html; charset=utf-8 +content-length: 22505 +vary: Accept-Encoding +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +referrer-policy: strict-origin-when-cross-origin +content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self' +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "fqzlq2o9ljhd0" +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.099390 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/studio_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/studio_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..042f040e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/studio_sankofa_nexus_https_headers.txt @@ -0,0 +1,13 @@ +HTTP/2 502 +date: Sun, 12 Apr 2026 10:37:27 GMT +content-type: text/html +content-length: 122 +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.037924 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..ad466b22 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,20 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:45 GMT +content-type: text/html; charset=utf-8 +content-length: 5259 +vary: Accept-Encoding +x-dns-prefetch-control: on +strict-transport-security: max-age=63072000; includeSubDomains; preload +x-frame-options: SAMEORIGIN +x-content-type-options: nosniff +x-xss-protection: 0 +referrer-policy: strict-origin-when-cross-origin +permissions-policy: camera=(), microphone=(), geolocation=() +content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: +vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding +cache-control: s-maxage=31536000, stale-while-revalidate +etag: "oibim89srm41x" +alt-svc: h3=":443"; ma=86400 + + +0.060120 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/training_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/training_mim4u_org_https_headers.txt new file mode 100644 index 00000000..864023ee --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/training_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:38:24 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.049469 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/verification_report.md b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/verification_report.md new file mode 100644 index 00000000..3922bf46 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/verification_report.md @@ -0,0 +1,628 @@ +# End-to-End Routing Verification Report + +**Date**: 2026-04-12T03:38:41-07:00 +**Public IP**: 76.53.10.36 +**Profile**: all +**Verifier**: intlc + +## All endpoints (64) + +| Domain | Type | URL | +|--------|------|-----| +| admin.d-bis.org | web | https://admin.d-bis.org | +| admin.sankofa.nexus | web | https://admin.sankofa.nexus | +| blockscout.defi-oracle.io | web | https://blockscout.defi-oracle.io | +| cacti-alltra.d-bis.org | web | https://cacti-alltra.d-bis.org | +| cacti-hybx.d-bis.org | web | https://cacti-hybx.d-bis.org | +| codespaces.d-bis.org | web | https://codespaces.d-bis.org | +| core.d-bis.org | web | https://core.d-bis.org | +| d-bis.org | web | https://d-bis.org | +| dapp.d-bis.org | web | https://dapp.d-bis.org | +| dash.sankofa.nexus | web | https://dash.sankofa.nexus | +| data.d-bis.org | api | https://data.d-bis.org | +| dbis-admin.d-bis.org | web | https://dbis-admin.d-bis.org | +| dbis-api-2.d-bis.org | api | https://dbis-api-2.d-bis.org | +| dbis-api.d-bis.org | api | https://dbis-api.d-bis.org | +| dev.d-bis.org | web | https://dev.d-bis.org | +| developers.d-bis.org | web | https://developers.d-bis.org | +| docs.d-bis.org | web | https://docs.d-bis.org | +| explorer.d-bis.org | web | https://explorer.d-bis.org | +| gitea.d-bis.org | web | https://gitea.d-bis.org | +| identity.d-bis.org | web | https://identity.d-bis.org | +| info.defi-oracle.io | web | https://info.defi-oracle.io | +| interop.d-bis.org | web | https://interop.d-bis.org | +| keycloak.sankofa.nexus | web | https://keycloak.sankofa.nexus | +| members.d-bis.org | web | https://members.d-bis.org | +| mifos.d-bis.org | web | https://mifos.d-bis.org | +| mim4u.org | web | https://mim4u.org | +| ops.d-bis.org | web | https://ops.d-bis.org | +| phoenix.sankofa.nexus | web | https://phoenix.sankofa.nexus | +| policy.d-bis.org | web | https://policy.d-bis.org | +| portal.sankofa.nexus | web | https://portal.sankofa.nexus | +| research.d-bis.org | web | https://research.d-bis.org | +| rpc-alltra-2.d-bis.org | rpc-http | https://rpc-alltra-2.d-bis.org | +| rpc-alltra-3.d-bis.org | rpc-http | https://rpc-alltra-3.d-bis.org | +| rpc-alltra.d-bis.org | rpc-http | https://rpc-alltra.d-bis.org | +| rpc-core.d-bis.org | rpc-http | https://rpc-core.d-bis.org | +| rpc-fireblocks.d-bis.org | rpc-http | https://rpc-fireblocks.d-bis.org | +| rpc-http-prv.d-bis.org | rpc-http | https://rpc-http-prv.d-bis.org | +| rpc-http-pub.d-bis.org | rpc-http | https://rpc-http-pub.d-bis.org | +| rpc-hybx-2.d-bis.org | rpc-http | https://rpc-hybx-2.d-bis.org | +| rpc-hybx-3.d-bis.org | rpc-http | https://rpc-hybx-3.d-bis.org | +| rpc-hybx.d-bis.org | rpc-http | https://rpc-hybx.d-bis.org | +| rpc-ws-prv.d-bis.org | rpc-ws | https://rpc-ws-prv.d-bis.org | +| rpc-ws-pub.d-bis.org | rpc-ws | https://rpc-ws-pub.d-bis.org | +| rpc.d-bis.org | rpc-http | https://rpc.d-bis.org | +| rpc.defi-oracle.io | rpc-http | https://rpc.defi-oracle.io | +| rpc.public-0138.defi-oracle.io | rpc-http | https://rpc.public-0138.defi-oracle.io | +| rpc2.d-bis.org | rpc-http | https://rpc2.d-bis.org | +| sandbox.d-bis.org | web | https://sandbox.d-bis.org | +| sankofa.nexus | web | https://sankofa.nexus | +| secure.d-bis.org | web | https://secure.d-bis.org | +| secure.mim4u.org | web | https://secure.mim4u.org | +| status.d-bis.org | web | https://status.d-bis.org | +| studio.sankofa.nexus | web | https://studio.sankofa.nexus | +| the-order.sankofa.nexus | web | https://the-order.sankofa.nexus | +| training.mim4u.org | web | https://training.mim4u.org | +| ws.rpc-fireblocks.d-bis.org | rpc-ws | https://ws.rpc-fireblocks.d-bis.org | +| ws.rpc.d-bis.org | rpc-ws | https://ws.rpc.d-bis.org | +| ws.rpc2.d-bis.org | rpc-ws | https://ws.rpc2.d-bis.org | +| wss.defi-oracle.io | rpc-ws | https://wss.defi-oracle.io | +| www.d-bis.org | web | https://www.d-bis.org | +| www.mim4u.org | web | https://www.mim4u.org | +| www.phoenix.sankofa.nexus | web | https://www.phoenix.sankofa.nexus | +| www.sankofa.nexus | web | https://www.sankofa.nexus | +| www.the-order.sankofa.nexus | web | https://www.the-order.sankofa.nexus | + +## Summary + +- **Total domains tested**: 64 +- **DNS tests passed**: 64 +- **HTTPS tests passed**: 43 +- **Explorer surface failures**: 1 +- **Failed tests**: 1 +- **Skipped / optional (not configured or unreachable)**: 0 +- **Average response time**: 0.10345102272727277s + +## Results overview + +| Domain | Type | DNS | SSL | HTTPS | Root | RPC | Explorer+ | +|--------|------|-----|-----|-------|------|-----|-----------| +| ws.rpc-fireblocks.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dbis-admin.d-bis.org | web | pass | pass | pass | - | - | - | +| core.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| mifos.d-bis.org | web | pass | pass | pass | - | - | - | +| members.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.sankofa.nexus | web | pass | pass | pass | - | - | - | +| dash.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-hybx-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| research.d-bis.org | web | pass | pass | pass | - | - | - | +| policy.d-bis.org | web | pass | pass | pass | - | - | - | +| portal.sankofa.nexus | web | pass | pass | pass | - | - | - | +| cacti-hybx.d-bis.org | web | pass | pass | pass | - | - | - | +| developers.d-bis.org | web | pass | pass | pass | - | - | - | +| sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc-alltra.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-pub.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| info.defi-oracle.io | web | pass | pass | pass | - | - | - | +| rpc.public-0138.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| studio.sankofa.nexus | web | pass | pass | warn | - | - | - | +| www.d-bis.org | web | pass | pass | pass | - | - | - | +| dbis-api.d-bis.org | api | pass | pass | pass | - | - | - | +| interop.d-bis.org | web | pass | pass | pass | - | - | - | +| docs.d-bis.org | web | pass | pass | pass | - | - | - | +| identity.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx-3.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| dapp.d-bis.org | web | pass | pass | pass | - | - | - | +| ops.d-bis.org | web | pass | pass | pass | - | - | - | +| www.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| keycloak.sankofa.nexus | web | pass | pass | pass | - | - | - | +| mim4u.org | web | pass | pass | pass | - | - | - | +| data.d-bis.org | api | pass | pass | pass | - | - | - | +| sandbox.d-bis.org | web | pass | pass | pass | - | - | - | +| ws.rpc.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| www.mim4u.org | web | pass | pass | pass | - | - | - | +| wss.defi-oracle.io | rpc-ws | pass | pass | - | - | - | - | +| the-order.sankofa.nexus | web | pass | pass | pass | - | - | - | +| rpc2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-pub.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| dev.d-bis.org | web | pass | pass | pass | - | - | - | +| admin.d-bis.org | web | pass | pass | pass | - | - | - | +| status.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-alltra-2.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| rpc-http-prv.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| www.phoenix.sankofa.nexus | web | pass | pass | pass | - | - | - | +| gitea.d-bis.org | web | pass | pass | pass | - | - | - | +| secure.mim4u.org | web | pass | pass | pass | - | - | - | +| rpc-fireblocks.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| explorer.d-bis.org | web | pass | pass | pass | - | - | - | +| training.mim4u.org | web | pass | pass | pass | - | - | - | +| blockscout.defi-oracle.io | web | pass | pass | pass | - | - | - | +| dbis-api-2.d-bis.org | api | pass | pass | pass | - | - | - | +| d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-core.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| secure.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc-hybx.d-bis.org | rpc-http | pass | pass | - | - | pass | - | +| codespaces.d-bis.org | web | pass | pass | pass | - | - | - | +| rpc.defi-oracle.io | rpc-http | pass | pass | - | - | pass | - | +| rpc-ws-prv.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| ws.rpc2.d-bis.org | rpc-ws | pass | pass | - | - | - | - | +| cacti-alltra.d-bis.org | web | pass | pass | pass | - | - | - | + +## Test Results by Domain (detail) + + +### ws.rpc-fireblocks.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dbis-admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### core.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### mifos.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### members.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dash.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### research.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### policy.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### portal.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### cacti-hybx.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### developers.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-pub.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### info.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.public-0138.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### studio.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: warn +- Details: See `all_e2e_results.json` + +### www.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### dbis-api.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### interop.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### docs.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### identity.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx-3.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### dapp.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ops.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### keycloak.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### data.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### sandbox.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### ws.rpc.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### www.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### wss.defi-oracle.io +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### the-order.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-pub.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### dev.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### admin.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### status.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-alltra-2.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-http-prv.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### www.phoenix.sankofa.nexus +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### gitea.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### secure.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-fireblocks.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### explorer.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Command Center: pass +- Mission Control stream: pass +- Mission Control trace: pass +- Mission Control liquidity: fail +- Details: See `all_e2e_results.json` + +### training.mim4u.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### blockscout.defi-oracle.io +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Blockscout API: pass +- Details: See `all_e2e_results.json` + +### dbis-api-2.d-bis.org +- Type: api +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-core.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### secure.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc-hybx.d-bis.org +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### codespaces.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +### rpc.defi-oracle.io +- Type: rpc-http +- DNS: pass +- SSL: pass +- RPC: pass +- Details: See `all_e2e_results.json` + +### rpc-ws-prv.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### ws.rpc2.d-bis.org +- Type: rpc-ws +- DNS: pass +- SSL: pass +- Details: See `all_e2e_results.json` + +### cacti-alltra.d-bis.org +- Type: web +- DNS: pass +- SSL: pass +- HTTPS: pass +- Details: See `all_e2e_results.json` + +## Files Generated + +- `all_e2e_results.json` - Complete E2E test results +- `*_https_headers.txt` - HTTP response headers per domain +- `*_rpc_response.txt` - RPC response per domain +- `verification_report.md` - This report + +## Notes + +- **Optional domains:** Domains in `E2E_OPTIONAL_WHEN_FAIL` (default: many d-bis.org/sankofa/mim4u/rpc) have any fail treated as skip so the run passes when off-LAN or services unreachable. The canonical explorer `explorer.d-bis.org` is intentionally **not** in that list anymore. Set `E2E_OPTIONAL_WHEN_FAIL=` (empty) for strict mode. +- WebSocket tests require `wscat` tool: `npm install -g wscat` +- OpenSSL fetch uses `timeout` (`E2E_OPENSSL_TIMEOUT` / `E2E_OPENSSL_X509_TIMEOUT`, defaults 15s / 5s) so `openssl s_client` cannot hang indefinitely +- Internal connectivity tests require access to NPMplus container +- Explorer (explorer.d-bis.org): verifies Blockscout API, `/chain138-command-center.html`, and Mission Control stream / trace / liquidity endpoints. Use `SKIP_BLOCKSCOUT_API=1` only when you need to skip the Blockscout API sub-check specifically. + +## Next Steps + +1. Review test results for each domain +2. Investigate any failed tests +3. Test WebSocket connections for RPC WS domains (if wscat available) +4. Test internal connectivity from NPMplus container +5. Update source-of-truth JSON after verification diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_d-bis_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_d-bis_org_https_headers.txt new file mode 100644 index 00000000..48eb6fe1 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_d-bis_org_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:37:28 GMT +content-type: text/html +content-length: 134 +location: https://d-bis.org/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.033954 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_mim4u_org_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_mim4u_org_https_headers.txt new file mode 100644 index 00000000..8465b94b --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_mim4u_org_https_headers.txt @@ -0,0 +1,18 @@ +HTTP/2 200 +date: Sun, 12 Apr 2026 10:37:39 GMT +content-type: text/html +content-length: 2710 +vary: Accept-Encoding +last-modified: Tue, 31 Mar 2026 05:21:47 GMT +etag: "69cb59eb-a96" +accept-ranges: bytes +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload +referrer-policy: strict-origin-when-cross-origin + + +0.043197 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_phoenix_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_phoenix_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..584f720e --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_phoenix_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:37:55 GMT +content-type: text/html +content-length: 134 +location: https://phoenix.sankofa.nexus/health +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.072463 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..2815b81c --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:37:31 GMT +content-type: text/html +content-length: 134 +location: https://sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.092708 diff --git a/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_the-order_sankofa_nexus_https_headers.txt b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_the-order_sankofa_nexus_https_headers.txt new file mode 100644 index 00000000..3fd6ff88 --- /dev/null +++ b/docs/04-configuration/verification-evidence/e2e-verification-20260412_033715/www_the-order_sankofa_nexus_https_headers.txt @@ -0,0 +1,14 @@ +HTTP/2 301 +date: Sun, 12 Apr 2026 10:37:32 GMT +content-type: text/html +content-length: 134 +location: https://the-order.sankofa.nexus/ +alt-svc: h3=":443"; ma=86400 +x-xss-protection: 0 +x-content-type-options: nosniff +x-frame-options: SAMEORIGIN +content-security-policy: upgrade-insecure-requests +strict-transport-security: max-age=63072000; includeSubDomains; preload + + +0.035298 diff --git a/docs/04-configuration/verification-evidence/public-surface-remediation-20260402_075318.md b/docs/04-configuration/verification-evidence/public-surface-remediation-20260402_075318.md new file mode 100644 index 00000000..4ef9799b --- /dev/null +++ b/docs/04-configuration/verification-evidence/public-surface-remediation-20260402_075318.md @@ -0,0 +1,227 @@ +# Public surface remediation plan + +- Generated: 2026-04-02T07:53:18-07:00 +- E2E source: `/home/intlc/projects/proxmox/docs/04-configuration/verification-evidence/e2e-verification-20260402_074223/all_e2e_results.json` +- Remediation map: `/home/intlc/projects/proxmox/config/public-surface-remediation-map.json` + +## Summary + +| Surface | Domains | Live observation | Classification | Upstream | Primary fix | +|---------|---------|------------------|----------------|----------|-------------| +| `dbis-admin-console` | `admin.d-bis.org, dbis-admin.d-bis.org` | admin.d-bis.org: HTTPS 502, DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 502, DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. | +| `dbis-secure-portal` | `secure.d-bis.org` | secure.d-bis.org: HTTPS 502, DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. | +| `dbis-core-portal` | `core.d-bis.org` | core.d-bis.org: HTTPS 502, DNS 76.53.10.36 | `placeholder_surface` | `10150 @ r630-01 -> 192.168.11.155:3000` | Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. | +| `dbis-api-pair` | `dbis-api.d-bis.org, dbis-api-2.d-bis.org` | dbis-api.d-bis.org: HTTPS 502, DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 502, DNS 76.53.10.36 | `placeholder_surface` | `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` | Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. | +| `dbis-data-api` | `data.d-bis.org` | data.d-bis.org: HTTPS 502, DNS 76.53.10.36 | `planned_api_surface` | `TBD @ TBD -> currently mapped to 192.168.11.155:3000` | Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. | +| `sankofa-studio` | `studio.sankofa.nexus` | studio.sankofa.nexus: HTTPS 502, DNS 76.53.10.36 | `public_502_backend` | `7805 @ r630-01 -> 192.168.11.72:8000` | Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. | +| `sankofa-keycloak` | `keycloak.sankofa.nexus` | keycloak.sankofa.nexus: HTTPS 502, DNS 76.53.10.36 | `public_502_backend` | `7802 @ r630-01 -> 192.168.11.52:8080` | Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. | +| `cacti-alltra` | `cacti-alltra.d-bis.org` | cacti-alltra.d-bis.org: HTTPS 502, DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_502_backend` | `5201 @ r630-02 -> 192.168.11.177:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `cacti-hybx` | `cacti-hybx.d-bis.org` | cacti-hybx.d-bis.org: HTTPS 502, DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_502_backend` | `5202 @ r630-02 -> 192.168.11.251:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `info-defi-oracle-hub` | `info.defi-oracle.io, www.info.defi-oracle.io` | info.defi-oracle.io: no public DNS answer; www.info.defi-oracle.io: no public DNS answer | `dns_missing` | `2400 @ ml110 -> 192.168.11.240:80` | Build and sync the SPA to VMID 2400, add the tunnel ingress rules for info/www, then publish proxied CNAMEs in Cloudflare. | + +## dbis-admin-console + +- Expected service: DBIS admin console +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: admin.d-bis.org: HTTPS 502, DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-secure-portal + +- Expected service: DBIS member secure portal +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: secure.d-bis.org: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-core-portal + +- Expected service: DBIS Core client portal +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150 @ r630-01 -> 192.168.11.155:3000` +- Live observation: core.d-bis.org: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. +- Scripts: + - `dbis_core/scripts/deployment/deploy-frontend.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-frontend.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-api-pair + +- Expected service: Primary and secondary DBIS API surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` +- Live observation: dbis-api.d-bis.org: HTTPS 502, DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. +- Scripts: + - `dbis_core/scripts/deployment/deploy-api.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-api.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + - `docs/11-references/DBIS_CORE_API_REFERENCE.md` + +## dbis-data-api + +- Expected service: Public DBIS data API with /v1/health and read-only dataset routes +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `TBD @ TBD -> currently mapped to 192.168.11.155:3000` +- Live observation: data.d-bis.org: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. +- Scripts: + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `config/dbis-data-api/openapi.yaml` + - `config/dbis-data-api/README.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + +## sankofa-studio + +- Expected service: Sankofa Studio FusionAI app under /studio/ +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7805 @ r630-01 -> 192.168.11.72:8000` +- Live observation: studio.sankofa.nexus: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. +- Scripts: + - `scripts/deployment/run-sankofa-studio-e2e.sh` + - `scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `scripts/cloudflare/add-studio-sankofa-dns.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/run-sankofa-studio-e2e.sh` + - `bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `bash scripts/cloudflare/add-studio-sankofa-dns.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md` + - `docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## sankofa-keycloak + +- Expected service: Keycloak IdP for portal/admin client SSO +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7802 @ r630-01 -> 192.168.11.52:8080` +- Live observation: keycloak.sankofa.nexus: HTTPS 502, DNS 76.53.10.36 +- Repo solution: Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. +- Scripts: + - `scripts/deployment/enable-sankofa-portal-login-7801.sh` + - `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run` + - `bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/02-architecture/EXPECTED_WEB_CONTENT.md` + - `docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## cacti-alltra + +- Expected service: Alltra Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5201 @ r630-02 -> 192.168.11.177:80` +- Live observation: cacti-alltra.d-bis.org: HTTPS 502, DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## cacti-hybx + +- Expected service: HYBX Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5202 @ r630-02 -> 192.168.11.251:80` +- Live observation: cacti-hybx.d-bis.org: HTTPS 502, DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## info-defi-oracle-hub + +- Expected service: Chain 138 info SPA served from VMID 2400 via the VMID 2400 Cloudflare tunnel +- Status policy: `keep_optional_until_published` +- Upstream: `2400 @ ml110 -> 192.168.11.240:80` +- Live observation: info.defi-oracle.io: no public DNS answer; www.info.defi-oracle.io: no public DNS answer +- Repo solution: Build and sync the SPA to VMID 2400, add the tunnel ingress rules for info/www, then publish proxied CNAMEs in Cloudflare. +- Scripts: + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `scripts/update-vmid2400-tunnel-config.sh` + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` +- Commands: + - `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `bash scripts/update-vmid2400-tunnel-config.sh` + - `bash scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` +- Docs: + - `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` + - `info-defi-oracle-138/README.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## Totals + +- Active issue groups in this report: 10 +- Total mapped surfaces: 10 diff --git a/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_151018.md b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_151018.md new file mode 100644 index 00000000..b28e96bf --- /dev/null +++ b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_151018.md @@ -0,0 +1,248 @@ +# Public surface remediation plan + +- Generated: 2026-04-05T15:10:18-07:00 +- E2E source: `/home/intlc/projects/proxmox/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/all_e2e_results.json` +- Remediation map: `/home/intlc/projects/proxmox/config/public-surface-remediation-map.json` + +## Summary + +| Surface | Domains | Live observation | Classification | Upstream | Primary fix | +|---------|---------|------------------|----------------|----------|-------------| +| `dbis-admin-console` | `admin.d-bis.org, dbis-admin.d-bis.org` | admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. | +| `dbis-secure-portal` | `secure.d-bis.org` | secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. | +| `dbis-core-portal` | `core.d-bis.org` | core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150 @ r630-01 -> 192.168.11.155:3000` | Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. | +| `dbis-api-pair` | `dbis-api.d-bis.org, dbis-api-2.d-bis.org` | dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` | Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. | +| `dbis-data-api` | `data.d-bis.org` | data.d-bis.org: HTTPS 503 (warn), DNS 76.53.10.36 | `planned_api_surface` | `TBD @ TBD -> currently mapped to 192.168.11.155:3000` | Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. | +| `alltra-hybx-placeholder-web-surfaces` | `firefly-alltra-1.d-bis.org, firefly-alltra-2.d-bis.org, firefly-hybx-1.d-bis.org, firefly-hybx-2.d-bis.org, fabric-alltra.d-bis.org, indy-alltra.d-bis.org, fabric-hybx.d-bis.org, indy-hybx.d-bis.org` | firefly-alltra-1.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; firefly-alltra-2.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; firefly-hybx-1.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; firefly-hybx-2.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; fabric-alltra.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; indy-alltra.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; fabric-hybx.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; indy-hybx.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory | `placeholder_surface` | `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` | Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port. | +| `sankofa-studio` | `studio.sankofa.nexus` | studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `7805 @ r630-01 -> 192.168.11.72:8000` | Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. | +| `sankofa-keycloak` | `keycloak.sankofa.nexus` | keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 | `public_502_backend` | `7802 @ r630-01 -> 192.168.11.52:8080` | Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. | +| `cacti-alltra` | `cacti-alltra.d-bis.org` | cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.38 | `public_502_backend` | `5201 @ r630-02 -> 192.168.11.177:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `cacti-hybx` | `cacti-hybx.d-bis.org` | cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.38 | `public_502_backend` | `5202 @ r630-02 -> 192.168.11.251:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `info-defi-oracle-hub` | `info.defi-oracle.io, www.info.defi-oracle.io` | info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory | `dns_missing` | `2400 @ ml110 -> 192.168.11.240:80` | Build and sync the SPA to VMID 2400, add the tunnel ingress rules for info/www, then publish proxied CNAMEs in Cloudflare. | + +## dbis-admin-console + +- Expected service: DBIS admin console +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-secure-portal + +- Expected service: DBIS member secure portal +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-core-portal + +- Expected service: DBIS Core client portal +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150 @ r630-01 -> 192.168.11.155:3000` +- Live observation: core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. +- Scripts: + - `dbis_core/scripts/deployment/deploy-frontend.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-frontend.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-api-pair + +- Expected service: Primary and secondary DBIS API surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` +- Live observation: dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. +- Scripts: + - `dbis_core/scripts/deployment/deploy-api.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-api.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + - `docs/11-references/DBIS_CORE_API_REFERENCE.md` + +## dbis-data-api + +- Expected service: Public DBIS data API with /v1/health and read-only dataset routes +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `TBD @ TBD -> currently mapped to 192.168.11.155:3000` +- Live observation: data.d-bis.org: HTTPS 503 (warn), DNS 76.53.10.36 +- Repo solution: Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. +- Scripts: + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `config/dbis-data-api/openapi.yaml` + - `config/dbis-data-api/README.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + +## alltra-hybx-placeholder-web-surfaces + +- Expected service: Alltra and HYBX Firefly, Fabric, and Indy web surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` +- Live observation: firefly-alltra-1.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; firefly-alltra-2.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; firefly-hybx-1.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; firefly-hybx-2.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; fabric-alltra.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; indy-alltra.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; fabric-hybx.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory; indy-hybx.d-bis.org: DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683, not in current E2E inventory +- Repo solution: Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port. +- Scripts: + - `scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/generate-public-surface-remediation-plan.sh` +- Commands: + - `bash scripts/verify/generate-public-surface-remediation-plan.sh --print` + - `INCLUDE_PLACEHOLDER_HOSTS=1 bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `INCLUDE_PLACEHOLDER_HOSTNAMES=1 bash scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` +- Docs: + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md` + - `docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md` + +## sankofa-studio + +- Expected service: Sankofa Studio FusionAI app under /studio/ +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7805 @ r630-01 -> 192.168.11.72:8000` +- Live observation: studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. +- Scripts: + - `scripts/deployment/run-sankofa-studio-e2e.sh` + - `scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `scripts/cloudflare/add-studio-sankofa-dns.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/run-sankofa-studio-e2e.sh` + - `bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `bash scripts/cloudflare/add-studio-sankofa-dns.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md` + - `docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## sankofa-keycloak + +- Expected service: Keycloak IdP for portal/admin client SSO +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7802 @ r630-01 -> 192.168.11.52:8080` +- Live observation: keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 +- Repo solution: Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. +- Scripts: + - `scripts/deployment/enable-sankofa-portal-login-7801.sh` + - `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run` + - `bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/02-architecture/EXPECTED_WEB_CONTENT.md` + - `docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## cacti-alltra + +- Expected service: Alltra Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5201 @ r630-02 -> 192.168.11.177:80` +- Live observation: cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.38 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## cacti-hybx + +- Expected service: HYBX Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5202 @ r630-02 -> 192.168.11.251:80` +- Live observation: cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.38 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## info-defi-oracle-hub + +- Expected service: Chain 138 info SPA served from VMID 2400 via the VMID 2400 Cloudflare tunnel +- Status policy: `keep_optional_until_published` +- Upstream: `2400 @ ml110 -> 192.168.11.240:80` +- Live observation: info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory +- Repo solution: Build and sync the SPA to VMID 2400, add the tunnel ingress rules for info/www, then publish proxied CNAMEs in Cloudflare. +- Scripts: + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `scripts/update-vmid2400-tunnel-config.sh` + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` +- Commands: + - `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `bash scripts/update-vmid2400-tunnel-config.sh` + - `bash scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` +- Docs: + - `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` + - `info-defi-oracle-138/README.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## Totals + +- Active issue groups in this report: 0 +- Total mapped surfaces: 11 diff --git a/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152140.md b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152140.md new file mode 100644 index 00000000..152e5a1c --- /dev/null +++ b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152140.md @@ -0,0 +1,252 @@ +# Public surface remediation plan + +- Generated: 2026-04-05T15:21:40-07:00 +- E2E source: `/home/intlc/projects/proxmox/docs/04-configuration/verification-evidence/e2e-verification-20260405_150543/all_e2e_results.json` +- Remediation map: `/home/intlc/projects/proxmox/config/public-surface-remediation-map.json` + +## Summary + +| Surface | Domains | Live observation | Classification | Upstream | Primary fix | +|---------|---------|------------------|----------------|----------|-------------| +| `dbis-admin-console` | `admin.d-bis.org, dbis-admin.d-bis.org` | admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. | +| `dbis-secure-portal` | `secure.d-bis.org` | secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. | +| `dbis-core-portal` | `core.d-bis.org` | core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150 @ r630-01 -> 192.168.11.155:3000` | Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. | +| `dbis-api-pair` | `dbis-api.d-bis.org, dbis-api-2.d-bis.org` | dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` | Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. | +| `dbis-data-api` | `data.d-bis.org` | data.d-bis.org: HTTPS 503 (warn), DNS 76.53.10.36 | `planned_api_surface` | `TBD @ TBD -> currently mapped to 192.168.11.155:3000` | Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. | +| `alltra-hybx-placeholder-web-surfaces` | `firefly-alltra-1.d-bis.org, firefly-alltra-2.d-bis.org, firefly-hybx-1.d-bis.org, firefly-hybx-2.d-bis.org, fabric-alltra.d-bis.org, indy-alltra.d-bis.org, fabric-hybx.d-bis.org, indy-hybx.d-bis.org` | firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer | `placeholder_surface` | `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` | Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port. | +| `sankofa-studio` | `studio.sankofa.nexus` | studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `7805 @ r630-01 -> 192.168.11.72:8000` | Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. | +| `sankofa-keycloak` | `keycloak.sankofa.nexus` | keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 | `public_502_backend` | `7802 @ r630-01 -> 192.168.11.52:8080` | Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. | +| `cacti-alltra` | `cacti-alltra.d-bis.org` | cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_502_backend` | `5201 @ r630-02 -> 192.168.11.177:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `cacti-hybx` | `cacti-hybx.d-bis.org` | cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_502_backend` | `5202 @ r630-02 -> 192.168.11.251:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `info-defi-oracle-hub` | `info.defi-oracle.io, www.info.defi-oracle.io` | info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory | `public_edge_ok` | `2410 @ r630-01 -> 192.168.11.218:80` | Build with pnpm --filter info-defi-oracle-138 build; sync dist + nginx to VMID 2410 (sync-info-defi-oracle-to-vmid2400.sh); refresh NPMplus rows to IP_INFO_DEFI_ORACLE_WEB; DNS via Cloudflare tunnel or public_ip (set-info-defi-oracle-dns-to-vmid2400-tunnel.sh). Optional tunnel ingress: update-vmid2400-tunnel-config.sh only if info hostnames use the RPC tunnel stack. | + +## dbis-admin-console + +- Expected service: DBIS admin console +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-secure-portal + +- Expected service: DBIS member secure portal +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-core-portal + +- Expected service: DBIS Core client portal +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150 @ r630-01 -> 192.168.11.155:3000` +- Live observation: core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. +- Scripts: + - `dbis_core/scripts/deployment/deploy-frontend.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-frontend.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-api-pair + +- Expected service: Primary and secondary DBIS API surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` +- Live observation: dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. +- Scripts: + - `dbis_core/scripts/deployment/deploy-api.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-api.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + - `docs/11-references/DBIS_CORE_API_REFERENCE.md` + +## dbis-data-api + +- Expected service: Public DBIS data API with /v1/health and read-only dataset routes +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `TBD @ TBD -> currently mapped to 192.168.11.155:3000` +- Live observation: data.d-bis.org: HTTPS 503 (warn), DNS 76.53.10.36 +- Repo solution: Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. +- Scripts: + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `config/dbis-data-api/openapi.yaml` + - `config/dbis-data-api/README.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + +## alltra-hybx-placeholder-web-surfaces + +- Expected service: Alltra and HYBX Firefly, Fabric, and Indy web surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` +- Live observation: firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer +- Repo solution: Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port. +- Scripts: + - `scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/generate-public-surface-remediation-plan.sh` +- Commands: + - `bash scripts/verify/generate-public-surface-remediation-plan.sh --print` + - `INCLUDE_PLACEHOLDER_HOSTS=1 bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `INCLUDE_PLACEHOLDER_HOSTNAMES=1 bash scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` +- Docs: + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md` + - `docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md` + +## sankofa-studio + +- Expected service: Sankofa Studio FusionAI app under /studio/ +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7805 @ r630-01 -> 192.168.11.72:8000` +- Live observation: studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. +- Scripts: + - `scripts/deployment/run-sankofa-studio-e2e.sh` + - `scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `scripts/cloudflare/add-studio-sankofa-dns.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/run-sankofa-studio-e2e.sh` + - `bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `bash scripts/cloudflare/add-studio-sankofa-dns.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md` + - `docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## sankofa-keycloak + +- Expected service: Keycloak IdP for portal/admin client SSO +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7802 @ r630-01 -> 192.168.11.52:8080` +- Live observation: keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 +- Repo solution: Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. +- Scripts: + - `scripts/deployment/enable-sankofa-portal-login-7801.sh` + - `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run` + - `bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/02-architecture/EXPECTED_WEB_CONTENT.md` + - `docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## cacti-alltra + +- Expected service: Alltra Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5201 @ r630-02 -> 192.168.11.177:80` +- Live observation: cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## cacti-hybx + +- Expected service: HYBX Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5202 @ r630-02 -> 192.168.11.251:80` +- Live observation: cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## info-defi-oracle-hub + +- Expected service: Chain 138 info hub SPA on dedicated nginx LXC VMID 2410; NPMplus → 192.168.11.218:80; nginx reverse-proxies /token-aggregation/ to Blockscout token-aggregation (not hosted on VMID 2400 ThirdWeb RPC) +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `2410 @ r630-01 -> 192.168.11.218:80` +- Live observation: info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory +- Repo solution: Build with pnpm --filter info-defi-oracle-138 build; sync dist + nginx to VMID 2410 (sync-info-defi-oracle-to-vmid2400.sh); refresh NPMplus rows to IP_INFO_DEFI_ORACLE_WEB; DNS via Cloudflare tunnel or public_ip (set-info-defi-oracle-dns-to-vmid2400-tunnel.sh). Optional tunnel ingress: update-vmid2400-tunnel-config.sh only if info hostnames use the RPC tunnel stack. +- Scripts: + - `scripts/deployment/provision-info-defi-oracle-web-lxc.sh` + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` + - `scripts/cloudflare/purge-info-defi-oracle-cache.sh` + - `scripts/verify/check-info-defi-oracle-public.sh` + - `scripts/update-vmid2400-tunnel-config.sh` +- Commands: + - `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `pnpm run verify:info-defi-oracle-public` +- Docs: + - `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` + - `info-defi-oracle-138/README.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## Totals + +- Active issue groups in this report: 1 +- Total mapped surfaces: 11 diff --git a/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152515.md b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152515.md new file mode 100644 index 00000000..ab526477 --- /dev/null +++ b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152515.md @@ -0,0 +1,252 @@ +# Public surface remediation plan + +- Generated: 2026-04-05T15:25:15-07:00 +- E2E source: `/home/intlc/projects/proxmox/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/all_e2e_results.json` +- Remediation map: `/home/intlc/projects/proxmox/config/public-surface-remediation-map.json` + +## Summary + +| Surface | Domains | Live observation | Classification | Upstream | Primary fix | +|---------|---------|------------------|----------------|----------|-------------| +| `dbis-admin-console` | `admin.d-bis.org, dbis-admin.d-bis.org` | admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. | +| `dbis-secure-portal` | `secure.d-bis.org` | secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. | +| `dbis-core-portal` | `core.d-bis.org` | core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150 @ r630-01 -> 192.168.11.155:3000` | Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. | +| `dbis-api-pair` | `dbis-api.d-bis.org, dbis-api-2.d-bis.org` | dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` | Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. | +| `dbis-data-api` | `data.d-bis.org` | data.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `planned_api_surface` | `TBD @ TBD -> currently mapped to 192.168.11.155:3000` | Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. | +| `alltra-hybx-placeholder-web-surfaces` | `firefly-alltra-1.d-bis.org, firefly-alltra-2.d-bis.org, firefly-hybx-1.d-bis.org, firefly-hybx-2.d-bis.org, fabric-alltra.d-bis.org, indy-alltra.d-bis.org, fabric-hybx.d-bis.org, indy-hybx.d-bis.org` | firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer | `placeholder_surface` | `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` | Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port. | +| `sankofa-studio` | `studio.sankofa.nexus` | studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `7805 @ r630-01 -> 192.168.11.72:8000` | Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. | +| `sankofa-keycloak` | `keycloak.sankofa.nexus` | keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 | `public_502_backend` | `7802 @ r630-01 -> 192.168.11.52:8080` | Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. | +| `cacti-alltra` | `cacti-alltra.d-bis.org` | cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_502_backend` | `5201 @ r630-02 -> 192.168.11.177:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `cacti-hybx` | `cacti-hybx.d-bis.org` | cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_502_backend` | `5202 @ r630-02 -> 192.168.11.251:80` | Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. | +| `info-defi-oracle-hub` | `info.defi-oracle.io, www.info.defi-oracle.io` | info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory | `public_edge_ok` | `2410 @ r630-01 -> 192.168.11.218:80` | Build with pnpm --filter info-defi-oracle-138 build; sync dist + nginx to VMID 2410 (sync-info-defi-oracle-to-vmid2400.sh); refresh NPMplus rows to IP_INFO_DEFI_ORACLE_WEB; DNS via Cloudflare tunnel or public_ip (set-info-defi-oracle-dns-to-vmid2400-tunnel.sh). Optional tunnel ingress: update-vmid2400-tunnel-config.sh only if info hostnames use the RPC tunnel stack. | + +## dbis-admin-console + +- Expected service: DBIS admin console +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Repair or restart VMID 10130, then refresh the primary NPMplus proxy definitions and rerun the public E2E sweep. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-secure-portal + +- Expected service: DBIS member secure portal +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Use the same VMID 10130 backend recovery as the DBIS admin console, then resync the proxy rows that point secure traffic at 192.168.11.130:80. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-core-portal + +- Expected service: DBIS Core client portal +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150 @ r630-01 -> 192.168.11.155:3000` +- Live observation: core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. +- Scripts: + - `dbis_core/scripts/deployment/deploy-frontend.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-frontend.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-api-pair + +- Expected service: Primary and secondary DBIS API surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` +- Live observation: dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. +- Scripts: + - `dbis_core/scripts/deployment/deploy-api.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-api.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + - `docs/11-references/DBIS_CORE_API_REFERENCE.md` + +## dbis-data-api + +- Expected service: Public DBIS data API with /v1/health and read-only dataset routes +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `TBD @ TBD -> currently mapped to 192.168.11.155:3000` +- Live observation: data.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. +- Scripts: + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `config/dbis-data-api/openapi.yaml` + - `config/dbis-data-api/README.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + +## alltra-hybx-placeholder-web-surfaces + +- Expected service: Alltra and HYBX Firefly, Fabric, and Indy web surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` +- Live observation: firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer +- Repo solution: Do not publish these hostnames by default. Only add the Cloudflare tunnel and NPMplus rows after the real HTTP listener is deployed on the intended upstream port, or repoint the hostname to the actual web port. +- Scripts: + - `scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/generate-public-surface-remediation-plan.sh` +- Commands: + - `bash scripts/verify/generate-public-surface-remediation-plan.sh --print` + - `INCLUDE_PLACEHOLDER_HOSTS=1 bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `INCLUDE_PLACEHOLDER_HOSTNAMES=1 bash scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` +- Docs: + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md` + - `docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md` + +## sankofa-studio + +- Expected service: Sankofa Studio FusionAI app under /studio/ +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7805 @ r630-01 -> 192.168.11.72:8000` +- Live observation: studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Redeploy or restart the Studio backend, then refresh the NPMplus proxy and DNS records for studio.sankofa.nexus. +- Scripts: + - `scripts/deployment/run-sankofa-studio-e2e.sh` + - `scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `scripts/cloudflare/add-studio-sankofa-dns.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/run-sankofa-studio-e2e.sh` + - `bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `bash scripts/cloudflare/add-studio-sankofa-dns.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md` + - `docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## sankofa-keycloak + +- Expected service: Keycloak IdP for portal/admin client SSO +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7802 @ r630-01 -> 192.168.11.52:8080` +- Live observation: keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 +- Repo solution: Restart or reconfigure Keycloak, ensure the portal/keycloak proxy rows are correct, and verify the client redirect URIs. +- Scripts: + - `scripts/deployment/enable-sankofa-portal-login-7801.sh` + - `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run` + - `bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/02-architecture/EXPECTED_WEB_CONTENT.md` + - `docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## cacti-alltra + +- Expected service: Alltra Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5201 @ r630-02 -> 192.168.11.177:80` +- Live observation: cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## cacti-hybx + +- Expected service: HYBX Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5202 @ r630-02 -> 192.168.11.251:80` +- Live observation: cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Recover the Cacti backend and then refresh the Alltra/HYBX NPMplus rows on the dedicated 192.168.11.169 proxy instance. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## info-defi-oracle-hub + +- Expected service: Chain 138 info hub SPA on dedicated nginx LXC VMID 2410; NPMplus → 192.168.11.218:80; nginx reverse-proxies /token-aggregation/ to Blockscout token-aggregation (not hosted on VMID 2400 ThirdWeb RPC) +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `2410 @ r630-01 -> 192.168.11.218:80` +- Live observation: info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory +- Repo solution: Build with pnpm --filter info-defi-oracle-138 build; sync dist + nginx to VMID 2410 (sync-info-defi-oracle-to-vmid2400.sh); refresh NPMplus rows to IP_INFO_DEFI_ORACLE_WEB; DNS via Cloudflare tunnel or public_ip (set-info-defi-oracle-dns-to-vmid2400-tunnel.sh). Optional tunnel ingress: update-vmid2400-tunnel-config.sh only if info hostnames use the RPC tunnel stack. +- Scripts: + - `scripts/deployment/provision-info-defi-oracle-web-lxc.sh` + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` + - `scripts/cloudflare/purge-info-defi-oracle-cache.sh` + - `scripts/verify/check-info-defi-oracle-public.sh` + - `scripts/update-vmid2400-tunnel-config.sh` +- Commands: + - `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `pnpm run verify:info-defi-oracle-public` +- Docs: + - `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` + - `info-defi-oracle-138/README.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## Totals + +- Active issue groups in this report: 1 +- Total mapped surfaces: 11 diff --git a/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152634.md b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152634.md new file mode 100644 index 00000000..ce24649c --- /dev/null +++ b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152634.md @@ -0,0 +1,252 @@ +# Public surface remediation plan + +- Generated: 2026-04-05T15:26:34-07:00 +- E2E source: `/home/intlc/projects/proxmox/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/all_e2e_results.json` +- Remediation map: `/home/intlc/projects/proxmox/config/public-surface-remediation-map.json` + +## Summary + +| Surface | Domains | Live observation | Classification | Upstream | Primary fix | +|---------|---------|------------------|----------------|----------|-------------| +| `dbis-admin-console` | `admin.d-bis.org, dbis-admin.d-bis.org` | admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `dbis-secure-portal` | `secure.d-bis.org` | secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `dbis-core-portal` | `core.d-bis.org` | core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150 @ r630-01 -> 192.168.11.155:3000` | Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. | +| `dbis-api-pair` | `dbis-api.d-bis.org, dbis-api-2.d-bis.org` | dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` | Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. | +| `dbis-data-api` | `data.d-bis.org` | data.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `planned_api_surface` | `TBD @ TBD -> currently mapped to 192.168.11.155:3000` | Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. | +| `alltra-hybx-placeholder-web-surfaces` | `firefly-alltra-1.d-bis.org, firefly-alltra-2.d-bis.org, firefly-hybx-1.d-bis.org, firefly-hybx-2.d-bis.org, fabric-alltra.d-bis.org, indy-alltra.d-bis.org, fabric-hybx.d-bis.org, indy-hybx.d-bis.org` | firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer | `placeholder_surface` | `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` | Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. | +| `sankofa-studio` | `studio.sankofa.nexus` | studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `7805 @ r630-01 -> 192.168.11.72:8000` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `sankofa-keycloak` | `keycloak.sankofa.nexus` | keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 | `public_502_backend` | `7802 @ r630-01 -> 192.168.11.52:8080` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `cacti-alltra` | `cacti-alltra.d-bis.org` | cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_edge_ok` | `5201 @ r630-02 -> 192.168.11.177:80` | Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. | +| `cacti-hybx` | `cacti-hybx.d-bis.org` | cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_edge_ok` | `5202 @ r630-02 -> 192.168.11.251:80` | Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. | +| `info-defi-oracle-hub` | `info.defi-oracle.io, www.info.defi-oracle.io` | info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory | `public_edge_ok` | `2410 @ r630-01 -> 192.168.11.218:80` | Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. | + +## dbis-admin-console + +- Expected service: DBIS admin console +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-secure-portal + +- Expected service: DBIS member secure portal +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-core-portal + +- Expected service: DBIS Core client portal +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150 @ r630-01 -> 192.168.11.155:3000` +- Live observation: core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. +- Scripts: + - `dbis_core/scripts/deployment/deploy-frontend.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-frontend.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-api-pair + +- Expected service: Primary and secondary DBIS API surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` +- Live observation: dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. +- Scripts: + - `dbis_core/scripts/deployment/deploy-api.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-api.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + - `docs/11-references/DBIS_CORE_API_REFERENCE.md` + +## dbis-data-api + +- Expected service: Public DBIS data API with /v1/health and read-only dataset routes +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `TBD @ TBD -> currently mapped to 192.168.11.155:3000` +- Live observation: data.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. +- Scripts: + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `config/dbis-data-api/openapi.yaml` + - `config/dbis-data-api/README.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + +## alltra-hybx-placeholder-web-surfaces + +- Expected service: Alltra and HYBX Firefly, Fabric, and Indy web surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` +- Live observation: firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer +- Repo solution: Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. +- Scripts: + - `scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/generate-public-surface-remediation-plan.sh` +- Commands: + - `bash scripts/verify/generate-public-surface-remediation-plan.sh --print` + - `INCLUDE_PLACEHOLDER_HOSTS=1 bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `INCLUDE_PLACEHOLDER_HOSTNAMES=1 bash scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` +- Docs: + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md` + - `docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md` + +## sankofa-studio + +- Expected service: Sankofa Studio FusionAI app under /studio/ +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7805 @ r630-01 -> 192.168.11.72:8000` +- Live observation: studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/deployment/run-sankofa-studio-e2e.sh` + - `scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `scripts/cloudflare/add-studio-sankofa-dns.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/run-sankofa-studio-e2e.sh` + - `bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `bash scripts/cloudflare/add-studio-sankofa-dns.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md` + - `docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## sankofa-keycloak + +- Expected service: Keycloak IdP for portal/admin client SSO +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7802 @ r630-01 -> 192.168.11.52:8080` +- Live observation: keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/deployment/enable-sankofa-portal-login-7801.sh` + - `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run` + - `bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/02-architecture/EXPECTED_WEB_CONTENT.md` + - `docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## cacti-alltra + +- Expected service: Alltra Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5201 @ r630-02 -> 192.168.11.177:80` +- Live observation: cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. +- Scripts: + - `scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## cacti-hybx + +- Expected service: HYBX Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5202 @ r630-02 -> 192.168.11.251:80` +- Live observation: cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. +- Scripts: + - `scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## info-defi-oracle-hub + +- Expected service: Chain 138 info hub SPA on dedicated nginx LXC VMID 2410; NPMplus → 192.168.11.218:80; nginx reverse-proxies /token-aggregation/ to Blockscout token-aggregation (not hosted on VMID 2400 ThirdWeb RPC) +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `2410 @ r630-01 -> 192.168.11.218:80` +- Live observation: info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory +- Repo solution: Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. +- Scripts: + - `scripts/deployment/provision-info-defi-oracle-web-lxc.sh` + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` + - `scripts/cloudflare/purge-info-defi-oracle-cache.sh` + - `scripts/verify/check-info-defi-oracle-public.sh` + - `scripts/update-vmid2400-tunnel-config.sh` +- Commands: + - `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `pnpm run verify:info-defi-oracle-public` +- Docs: + - `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` + - `info-defi-oracle-138/README.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## Totals + +- Active issue groups in this report: 0 +- Total mapped surfaces: 11 diff --git a/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152652.md b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152652.md new file mode 100644 index 00000000..35adadb9 --- /dev/null +++ b/docs/04-configuration/verification-evidence/public-surface-remediation-20260405_152652.md @@ -0,0 +1,252 @@ +# Public surface remediation plan + +- Generated: 2026-04-05T15:26:52-07:00 +- E2E source: `/home/intlc/projects/proxmox/docs/04-configuration/verification-evidence/e2e-verification-20260405_152424/all_e2e_results.json` +- Remediation map: `/home/intlc/projects/proxmox/config/public-surface-remediation-map.json` + +## Summary + +| Surface | Domains | Live observation | Classification | Upstream | Primary fix | +|---------|---------|------------------|----------------|----------|-------------| +| `dbis-admin-console` | `admin.d-bis.org, dbis-admin.d-bis.org` | admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `dbis-secure-portal` | `secure.d-bis.org` | secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `10130 @ r630-01 -> 192.168.11.130:80` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `dbis-core-portal` | `core.d-bis.org` | core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150 @ r630-01 -> 192.168.11.155:3000` | Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. | +| `dbis-api-pair` | `dbis-api.d-bis.org, dbis-api-2.d-bis.org` | dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `placeholder_surface` | `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` | Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. | +| `dbis-data-api` | `data.d-bis.org` | data.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 | `planned_api_surface` | `TBD @ TBD -> currently mapped to 192.168.11.155:3000` | Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. | +| `alltra-hybx-placeholder-web-surfaces` | `firefly-alltra-1.d-bis.org, firefly-alltra-2.d-bis.org, firefly-hybx-1.d-bis.org, firefly-hybx-2.d-bis.org, fabric-alltra.d-bis.org, indy-alltra.d-bis.org, fabric-hybx.d-bis.org, indy-hybx.d-bis.org` | firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer | `placeholder_surface` | `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` | Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. | +| `sankofa-studio` | `studio.sankofa.nexus` | studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 | `public_502_backend` | `7805 @ r630-01 -> 192.168.11.72:8000` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `sankofa-keycloak` | `keycloak.sankofa.nexus` | keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 | `public_502_backend` | `7802 @ r630-01 -> 192.168.11.52:8080` | Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. | +| `cacti-alltra` | `cacti-alltra.d-bis.org` | cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_edge_ok` | `5201 @ r630-02 -> 192.168.11.177:80` | Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. | +| `cacti-hybx` | `cacti-hybx.d-bis.org` | cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 | `public_edge_ok` | `5202 @ r630-02 -> 192.168.11.251:80` | Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. | +| `info-defi-oracle-hub` | `info.defi-oracle.io, www.info.defi-oracle.io` | info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory | `public_edge_ok` | `2410 @ r630-01 -> 192.168.11.218:80` | Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. | + +## dbis-admin-console + +- Expected service: DBIS admin console +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-admin.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-secure-portal + +- Expected service: DBIS member secure portal +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `10130 @ r630-01 -> 192.168.11.130:80` +- Live observation: secure.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/maintenance/address-all-remaining-502s.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `./scripts/maintenance/address-all-remaining-502s.sh --no-npm` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-core-portal + +- Expected service: DBIS Core client portal +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150 @ r630-01 -> 192.168.11.155:3000` +- Live observation: core.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core frontend and then repoint core.d-bis.org to that live upstream. Until then, keep this surface optional in public E2E. +- Scripts: + - `dbis_core/scripts/deployment/deploy-frontend.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-frontend.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## dbis-api-pair + +- Expected service: Primary and secondary DBIS API surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `10150/10151 @ r630-01 -> 192.168.11.155/192.168.11.156:3000` +- Live observation: dbis-api.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36; dbis-api-2.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Deploy the real dbis_core API to 10150 and 10151, then refresh the NPMplus rows. Until real JSON API routes exist, these hosts stay optional by policy. +- Scripts: + - `dbis_core/scripts/deployment/deploy-api.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash dbis_core/scripts/deployment/deploy-api.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + - `docs/11-references/DBIS_CORE_API_REFERENCE.md` + +## dbis-data-api + +- Expected service: Public DBIS data API with /v1/health and read-only dataset routes +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `TBD @ TBD -> currently mapped to 192.168.11.155:3000` +- Live observation: data.d-bis.org: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Publish a real data API implementation behind data.d-bis.org or intentionally remove it from public expectations until a live upstream exists. +- Scripts: + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `config/dbis-data-api/openapi.yaml` + - `config/dbis-data-api/README.md` + - `docs/04-configuration/E2E_ENDPOINTS_LIST.md` + +## alltra-hybx-placeholder-web-surfaces + +- Expected service: Alltra and HYBX Firefly, Fabric, and Indy web surfaces +- Status policy: `keep_optional_until_real_service_deployed` +- Upstream: `6202-6205, 6001-6002, 6401-6402 @ r630-02 -> 192.168.11.175-179 / 192.168.11.249-253:80` +- Live observation: firefly-alltra-1.d-bis.org: no public DNS answer; firefly-alltra-2.d-bis.org: no public DNS answer; firefly-hybx-1.d-bis.org: no public DNS answer; firefly-hybx-2.d-bis.org: no public DNS answer; fabric-alltra.d-bis.org: no public DNS answer; indy-alltra.d-bis.org: no public DNS answer; fabric-hybx.d-bis.org: no public DNS answer; indy-hybx.d-bis.org: no public DNS answer +- Repo solution: Currently unpublished as intended. Only publish these hostnames after the real service is deployed and verified. +- Scripts: + - `scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/generate-public-surface-remediation-plan.sh` +- Commands: + - `bash scripts/verify/generate-public-surface-remediation-plan.sh --print` + - `INCLUDE_PLACEHOLDER_HOSTS=1 bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `INCLUDE_PLACEHOLDER_HOSTNAMES=1 bash scripts/cloudflare/configure-alltra-hybx-tunnel-and-dns.sh` +- Docs: + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/PUBLIC_SURFACE_502_AND_DNS_REMEDIATION_MATRIX.md` + - `docs/04-configuration/cloudflare/SFVALLEY2_TUNNEL_MANUAL_RUNBOOK.md` + +## sankofa-studio + +- Expected service: Sankofa Studio FusionAI app under /studio/ +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7805 @ r630-01 -> 192.168.11.72:8000` +- Live observation: studio.sankofa.nexus: HTTPS 200 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/deployment/run-sankofa-studio-e2e.sh` + - `scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `scripts/cloudflare/add-studio-sankofa-dns.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/run-sankofa-studio-e2e.sh` + - `bash scripts/nginx-proxy-manager/add-studio-sankofa-npmplus-proxy.sh` + - `bash scripts/cloudflare/add-studio-sankofa-dns.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/03-deployment/SANKOFA_STUDIO_E2E_FLOW.md` + - `docs/03-deployment/SANKOFA_STUDIO_DEPLOYMENT.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## sankofa-keycloak + +- Expected service: Keycloak IdP for portal/admin client SSO +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `7802 @ r630-01 -> 192.168.11.52:8080` +- Live observation: keycloak.sankofa.nexus: HTTPS 302 (pass), DNS 76.53.10.36 +- Repo solution: Currently healthy. Keep the upstream, proxy rows, and public E2E verifier aligned so any future regression is caught quickly. +- Scripts: + - `scripts/deployment/enable-sankofa-portal-login-7801.sh` + - `scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/deployment/enable-sankofa-portal-login-7801.sh --dry-run` + - `bash scripts/deployment/keycloak-sankofa-ensure-client-redirects.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/02-architecture/EXPECTED_WEB_CONTENT.md` + - `docs/03-deployment/SANKOFA_PHOENIX_PUBLIC_PORTAL_ADMIN_ENDPOINT_CORRECTION_TASKS.md` + - `docs/04-configuration/FQDN_EXPECTED_CONTENT.md` + +## cacti-alltra + +- Expected service: Alltra Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5201 @ r630-02 -> 192.168.11.177:80` +- Live observation: cacti-alltra.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. +- Scripts: + - `scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## cacti-hybx + +- Expected service: HYBX Cacti monitoring UI +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `5202 @ r630-02 -> 192.168.11.251:80` +- Live observation: cacti-hybx.d-bis.org: HTTPS 200 (pass), DNS 104.21.86.131,172.67.220.49,2606:4700:3030::ac43:dc31,2606:4700:3037::6815:5683 +- Repo solution: Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. +- Scripts: + - `scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `scripts/verify/verify-end-to-end-routing.sh` +- Commands: + - `bash scripts/maintenance/ensure-cacti-web-via-ssh.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-alltra-hybx-proxy-hosts.sh` + - `bash scripts/verify/verify-end-to-end-routing.sh --profile=public` +- Docs: + - `docs/00-meta/502_DEEP_DIVE_ROOT_CAUSES_AND_FIXES.md` + - `docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## info-defi-oracle-hub + +- Expected service: Chain 138 info hub SPA on dedicated nginx LXC VMID 2410; NPMplus → 192.168.11.218:80; nginx reverse-proxies /token-aggregation/ to Blockscout token-aggregation (not hosted on VMID 2400 ThirdWeb RPC) +- Status policy: `must_pass_when_upstream_healthy` +- Upstream: `2410 @ r630-01 -> 192.168.11.218:80` +- Live observation: info.defi-oracle.io: HTTPS 200 (pass), DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b; www.info.defi-oracle.io: DNS 104.21.91.43,172.67.209.228,2606:4700:3032::ac43:d1e4,2606:4700:3037::6815:5b2b, not in current E2E inventory +- Repo solution: Currently healthy. Keep the documented upstream, proxy rows, and verification checks aligned. +- Scripts: + - `scripts/deployment/provision-info-defi-oracle-web-lxc.sh` + - `scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `scripts/cloudflare/set-info-defi-oracle-dns-to-vmid2400-tunnel.sh` + - `scripts/cloudflare/purge-info-defi-oracle-cache.sh` + - `scripts/verify/check-info-defi-oracle-public.sh` + - `scripts/update-vmid2400-tunnel-config.sh` +- Commands: + - `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` + - `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` + - `pnpm run verify:info-defi-oracle-public` +- Docs: + - `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` + - `info-defi-oracle-138/README.md` + - `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` + +## Totals + +- Active issue groups in this report: 0 +- Total mapped surfaces: 11 diff --git a/docs/06-besu/ALL_RPC_NODES_VMID_LIST.md b/docs/06-besu/ALL_RPC_NODES_VMID_LIST.md index 79fd93e9..6e5c1b16 100644 --- a/docs/06-besu/ALL_RPC_NODES_VMID_LIST.md +++ b/docs/06-besu/ALL_RPC_NODES_VMID_LIST.md @@ -25,60 +25,55 @@ --- -### Public/Permissioned RPC Nodes +### Core / Public / Private RPC Nodes | VMID | IP Address | Hostname | Status | Purpose | |------|------------|----------|--------|---------| -| **2500** | 192.168.11.250 | besu-rpc-1 | ⏸️ Stopped | Core RPC node (internal) | -| **2501** | 192.168.11.251 | besu-rpc-2 | ⏸️ Stopped | Permissioned RPC (JWT auth) | -| **2502** | 192.168.11.252 | besu-rpc-3 | ⏸️ Stopped | Public RPC (no auth) | -| **2503** | 192.168.11.253 | besu-rpc-ali-0x8a | ⏸️ Stopped | Ali RPC node (0x8a identity) | -| **2504** | 192.168.11.254 | besu-rpc-ali-0x1 | ⏸️ Stopped | Ali RPC node (0x1 identity) | +| **2101** | 192.168.11.211 | besu-rpc-core-1 | ✅ Running | Core admin RPC | +| **2102** | 192.168.11.212 | besu-rpc-core-2 | ✅ Running | Core admin RPC | +| **2103** | 192.168.11.217 | besu-rpc-core-thirdweb | ✅ Running | Thirdweb admin/core RPC | +| **2201** | 192.168.11.221 | besu-rpc-public-1 | ✅ Running | Public RPC | +| **2301** | 192.168.11.232 | besu-rpc-private-1 | ✅ Running | Private / Fireblocks RPC | -**Total**: 5 nodes (currently all stopped) +**Total**: 5 nodes --- -### Named RPC Nodes (Luis/Putu) +### Named / Edge RPC Nodes | VMID | IP Address | Hostname | Status | Purpose | |------|------------|----------|--------|---------| -| **2505** | 192.168.11.201 | besu-rpc-luis-0x8a | ⏸️ Stopped | Luis RPC (0x8a identity) | -| **2506** | 192.168.11.202 | besu-rpc-luis-0x1 | ⏸️ Stopped | Luis RPC (0x1 identity) | -| **2507** | 192.168.11.203 | besu-rpc-putu-0x8a | ⏸️ Stopped | Putu RPC (0x8a identity) | -| **2508** | 192.168.11.204 | besu-rpc-putu-0x1 | ⏸️ Stopped | Putu RPC (0x1 identity) | +| **2303** | 192.168.11.233 | besu-rpc-ali-0x8a | ✅ Running | Ali RPC (0x8a identity) | +| **2304** | 192.168.11.234 | besu-rpc-ali-0x1 | ✅ Running | Ali RPC (0x1 identity) | +| **2305** | 192.168.11.235 | besu-rpc-luis-0x8a | ✅ Running | Luis RPC (0x8a identity) | +| **2306** | 192.168.11.236 | besu-rpc-luis-0x1 | ✅ Running | Luis RPC (0x1 identity) | +| **2307** | 192.168.11.237 | besu-rpc-putu-0x8a | ✅ Running | Putu RPC (0x8a identity) | +| **2308** | 192.168.11.238 | besu-rpc-putu-0x1 | ✅ Running | Putu RPC (0x1 identity) | +| **2420** | 192.168.11.172 | besu-rpc-alltra-1 | ✅ Running | Alltra edge RPC 1 | +| **2430** | 192.168.11.173 | besu-rpc-alltra-2 | ✅ Running | Alltra edge RPC 2 | +| **2440** | 192.168.11.174 | besu-rpc-alltra-3 | ✅ Running | Alltra edge RPC 3 | +| **2460** | 192.168.11.246 | besu-rpc-hybx-1 | ✅ Running | HYBX edge RPC 1 | +| **2470** | 192.168.11.247 | besu-rpc-hybx-2 | ✅ Running | HYBX edge RPC 2 | +| **2480** | 192.168.11.248 | besu-rpc-hybx-3 | ✅ Running | HYBX edge RPC 3 | -**Total**: 4 nodes (currently all stopped) - ---- - -### Other RPC Nodes - -| VMID | IP Address | Hostname | Status | Purpose | -|------|------------|----------|--------|---------| -| **2101** | 192.168.11.211 | besu-rpc-core-1 | ✅ Running | Core RPC node | - -**Total**: 1 node +**Total**: 12 nodes --- ## Summary -**Total RPC Nodes**: 13 +**Total RPC Nodes**: 21 -**Running**: 4 nodes -- 2101, 2400, 2401, 2402 - -**Stopped**: 9 nodes -- 2500, 2501, 2502, 2503, 2504, 2505, 2506, 2507, 2508 +**Running**: 21 nodes --- ## VMID Ranges -- **2100s**: Other RPC nodes (2101) -- **2400s**: ThirdWeb RPC nodes (2400-2402) -- **2500s**: Main RPC nodes (2500-2508) +- **2100s**: Core/admin RPC nodes +- **2200s**: Public RPC nodes +- **2300s**: Private / named RPC nodes +- **2400s**: Thirdweb / edge RPC nodes --- @@ -86,14 +81,11 @@ ### Node Lists Deployed To -**Currently Running (4 nodes)**: -- ✅ 2101 - Files deployed -- ✅ 2400 - Files deployed -- ✅ 2401 - Files deployed -- ✅ 2402 - Files deployed - -**Will Deploy When Started (9 nodes)**: -- ⏸️ 2500, 2501, 2502, 2503, 2504, 2505, 2506, 2507, 2508 +**Current fleet**: +- ✅ 2101, 2102, 2103, 2201 +- ✅ 2301, 2303, 2304, 2305, 2306, 2307, 2308 +- ✅ 2400, 2401, 2402, 2403 +- ✅ 2420, 2430, 2440, 2460, 2470, 2480 --- @@ -101,13 +93,13 @@ ```bash # All RPC VMIDs -RPC_VMIDS=(2101 2400 2401 2402 2500 2501 2502 2503 2504 2505 2506 2507 2508) +RPC_VMIDS=(2101 2102 2103 2201 2301 2303 2304 2305 2306 2307 2308 2400 2401 2402 2403 2420 2430 2440 2460 2470 2480) # Running RPC VMIDs -RUNNING_RPC_VMIDS=(2101 2400 2401 2402) +RUNNING_RPC_VMIDS=(2101 2102 2103 2201 2301 2303 2304 2305 2306 2307 2308 2400 2401 2402 2403 2420 2430 2440 2460 2470 2480) # Stopped RPC VMIDs -STOPPED_RPC_VMIDS=(2500 2501 2502 2503 2504 2505 2506 2507 2508) +STOPPED_RPC_VMIDS=() ``` --- @@ -116,7 +108,7 @@ STOPPED_RPC_VMIDS=(2500 2501 2502 2503 2504 2505 2506 2507 2508) ```bash # Check all RPC node statuses -for vmid in 2101 2400 2401 2402 2500 2501 2502 2503 2504 2505 2506 2507 2508; do +for vmid in 2101 2102 2103 2201 2301 2303 2304 2305 2306 2307 2308 2400 2401 2402 2403 2420 2430 2440 2460 2470 2480; do ssh root@192.168.11.10 "pct status $vmid" done ``` diff --git a/docs/06-besu/BESU_NODES_FILE_REFERENCE.md b/docs/06-besu/BESU_NODES_FILE_REFERENCE.md index 434c00a1..214d2324 100644 --- a/docs/06-besu/BESU_NODES_FILE_REFERENCE.md +++ b/docs/06-besu/BESU_NODES_FILE_REFERENCE.md @@ -1,10 +1,10 @@ # Besu Nodes File Reference -**Last Updated:** 2026-02-08 -**Document Version:** 1.2 +**Last Updated:** 2026-04-09 +**Document Version:** 1.3 **Status:** Active Documentation -**See also:** [MASTER_DOCS_AND_NODE_LISTS_REVIEW.md](MASTER_DOCS_AND_NODE_LISTS_REVIEW.md) — review of master documentation, static-nodes.json, and permissions-nodes.toml. **Node lists (single source):** `config/besu-node-lists/`; deploy to **all 32 Besu nodes** (validators 1000–1004, sentries 1500–1508, RPC 2101, 2102, 2201, 2301, 2303–2306, 2400–2403, 2500–2505) with `scripts/deploy-besu-node-lists-to-all.sh`. Verify presence and checksum: `scripts/verify/verify-static-permissions-on-all-besu-nodes.sh --checksum`. Restart Besu to reload lists: `scripts/besu/restart-besu-reload-node-lists.sh` (recognizes `besu-validator`, `besu-sentry`, `besu-rpc`, and generic `besu.service` used by 1505–1508, 2500–2505). IP source of truth: `config/ip-addresses.conf`, [NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md). +**See also:** [MASTER_DOCS_AND_NODE_LISTS_REVIEW.md](MASTER_DOCS_AND_NODE_LISTS_REVIEW.md) — review of master documentation, static-nodes.json, and permissions-nodes.toml. **Node lists (single source):** `config/besu-node-lists/`; deploy to **all 37 Besu nodes** (validators `1000–1004`, sentries `1500–1510`, RPC `2101–2103`, `2201`, `2301`, `2303–2308`, `2400–2403`, `2420`, `2430`, `2440`, `2460`, `2470`, `2480`) with `scripts/deploy-besu-node-lists-to-all.sh`. Verify presence and checksum: `scripts/verify/verify-static-permissions-on-all-besu-nodes.sh --checksum`. Restart Besu to reload lists: `scripts/besu/restart-besu-reload-node-lists.sh` (recognizes `besu-validator`, `besu-sentry`, `besu-rpc`, and generic `besu.service` where present). IP source of truth: `config/ip-addresses.conf`, [NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md). --- @@ -125,9 +125,14 @@ The topology enforces the following peering configuration: | 1502 | besu-sentry-3 | 192.168.11.152 (DHCP) | Sentry | besu-sentry | | 1503 | besu-sentry-4 | 192.168.11.153 (DHCP) | Sentry | besu-sentry | | 1504 | besu-sentry-5 / besu-sentry-ali | 192.168.11.154 | Sentry | besu-sentry | -| 2500 | besu-rpc-alltra-1 | 192.168.11.172 | ALLTRA RPC | besu-rpc (see NPMPLUS_ALLTRA_HYBX) | -| 2501 | besu-rpc-alltra-2 | 192.168.11.173 | ALLTRA RPC | besu-rpc | -| 2502 | besu-rpc-alltra-3 | 192.168.11.174 | ALLTRA RPC | besu-rpc | +| 1509 | besu-sentry-thirdweb-01 | 192.168.11.219 | Sentry | besu-sentry | +| 1510 | besu-sentry-thirdweb-02 | 192.168.11.220 | Sentry | besu-sentry | +| 2420 | besu-rpc-alltra-1 | 192.168.11.172 | ALLTRA RPC | besu-rpc (see NPMPLUS_ALLTRA_HYBX) | +| 2430 | besu-rpc-alltra-2 | 192.168.11.173 | ALLTRA RPC | besu-rpc | +| 2440 | besu-rpc-alltra-3 | 192.168.11.174 | ALLTRA RPC | besu-rpc | +| 2460 | besu-rpc-hybx-1 | 192.168.11.246 | HYBX RPC | besu-rpc | +| 2470 | besu-rpc-hybx-2 | 192.168.11.247 | HYBX RPC | besu-rpc | +| 2480 | besu-rpc-hybx-3 | 192.168.11.248 | HYBX RPC | besu-rpc | ### Production RPC nodes (current VMID → IP) @@ -139,9 +144,9 @@ These are the **production** RPC nodes in use. Scripts and configs use `config/i | 2102 | besu-rpc-core-2 | 192.168.11.212 | Nathan RPC, SFValley2 tunnel (RPC_CORE_2) | | 2201 | besu-rpc-public-1 | 192.168.11.221 | Bridge, monitoring, public-facing (RPC_PUBLIC_1) | | 2301 | besu-rpc-private-1 | 192.168.11.232 | Private RPC (RPC_PRIVATE_1) | -| 2303 | (RPC) | 192.168.11.233 | RPC | -| 2400 | (ThirdWeb primary) | 192.168.11.240 | RPC_THIRDWEB_PRIMARY | -| 2401 | (ThirdWeb) | 192.168.11.241 | RPC_THIRDWEB_1 | +| 2303 | besu-rpc-ali-0x8a | 192.168.11.233 | Permissioned RPC | +| 2400 | thirdweb-rpc-1 | 192.168.11.240 | Thirdweb primary / translator RPC | +| 2401 | besu-rpc-thirdweb-0x8a-1 | 192.168.11.241 | Thirdweb specialized RPC 1 | | 2402 | besu-rpc-thirdweb-0x8a-2 | 192.168.11.242 | RPC_THIRDWEB_2 | | 2403 | besu-rpc-thirdweb-0x8a-3 | 192.168.11.243 | RPC_THIRDWEB_3 | @@ -185,9 +190,16 @@ The Quorum Genesis Tool typically generates the following files that are shared #### RPC Nodes — Production Chain 138 (2101, 2201, 2301, …) -For **admin, bridge, and deployment** use **2101** (192.168.11.211, RPC_CORE_1). See "Production RPC nodes" table above. VMIDs 2500–2502 are **ALLTRA** RPC at .172–.174, not .250–.252. +For **admin, bridge, and deployment** use **2101** (192.168.11.211, RPC_CORE_1). See "Production RPC nodes" table above. VMIDs `2420/2430/2440` are the current **ALLTRA** edge RPC set at `.172/.173/.174`. -#### RPC Nodes (2500-2502 — ALLTRA) +### Canonical RPC policy profiles + +- `2101`, `2102`, `2103`: Core/admin RPC nodes; may expose `ADMIN`. +- `2201`: Public RPC node; `ETH`, `NET`, `WEB3` only. +- `2301`, `2303`, `2304`, `2305`, `2306`, `2307`, `2308`, `2400`, `2420`, `2430`, `2440`, `2460`, `2470`, `2480`: Permissioned/private RPC nodes; no `ADMIN`. +- `2401`, `2402`, `2403`: Thirdweb specialized RPC nodes; no `ADMIN`; HTTP `ETH`, `NET`, `WEB3`, `DEBUG`, `TRACE`; WS `ETH`, `NET`, `WEB3`. + +#### RPC Nodes (2420-2440 ALLTRA, 2460-2480 HYBX) | File | Location | Description | Generated By | |-----------------------------|-----------------------|------------------------------------------------|-----------------------| @@ -218,15 +230,18 @@ For **admin, bridge, and deployment** use **2101** (192.168.11.211, RPC_CORE_1). | 1503 | 192.168.11.153 (DHCP) | `genesis.json`, `static-nodes.json`, `permissions-nodes.toml`, `config-sentry.toml`, `nodekey` | | 1504 | 192.168.11.154 | `genesis.json`, `static-nodes.json`, `permissions-nodes.toml`, `config-sentry.toml`, `nodekey` | -### RPC Nodes (2500-2502 — ALLTRA) +### RPC Nodes (2420-2440 ALLTRA, 2460-2480 HYBX) | VMID | IP Address | Node Type | Required Files | |------|------------|-----------|-----------------------------------------------------------------------------------------------------------------| -| 2500 | 192.168.11.172 | **ALLTRA RPC** | `genesis.json`, `static-nodes.json`, `permissions-nodes.toml`, config, `nodekey` | -| 2501 | 192.168.11.173 | **ALLTRA RPC** | (same) | -| 2502 | 192.168.11.174 | **ALLTRA RPC** | (same) | +| 2420 | 192.168.11.172 | **ALLTRA RPC** | `genesis.json`, `static-nodes.json`, `permissions-nodes.toml`, config, `nodekey` | +| 2430 | 192.168.11.173 | **ALLTRA RPC** | (same) | +| 2440 | 192.168.11.174 | **ALLTRA RPC** | (same) | +| 2460 | 192.168.11.246 | **HYBX RPC** | (same) | +| 2470 | 192.168.11.247 | **HYBX RPC** | (same) | +| 2480 | 192.168.11.248 | **HYBX RPC** | (same) | -**Note:** For **Chain 138 admin/deployment** use **2101** (192.168.11.211, RPC_CORE_1). See "Production RPC nodes" table and [NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md](../04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md) for 2500-2502 IPs. +**Note:** For **Chain 138 admin/deployment** use **2101** (192.168.11.211, RPC_CORE_1). See "Production RPC nodes" table and [NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md](../04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md) for the current edge RPC inventory. ## File Locations Summary @@ -270,9 +285,10 @@ Validator signing keys (validators only): 1. **config-validator.toml** - Validator configuration 2. **config-sentry.toml** - Sentry configuration 3. **config-rpc-{type}.toml** - RPC node configuration (type-specific): - - `config-rpc-core.toml` - Core RPC (VMID 2500) - - `config-rpc-perm.toml` - Permissioned RPC (VMID 2501) - - `config-rpc-public.toml` - Public RPC (VMID 2502) + - `config-rpc-core.toml` - Core/admin RPC profile (`2101`, `2102`, `2103`) + - `config-rpc.toml` - Permissioned/private RPC profile (`2301`, `2303`-`2308`, `2400`, `2420`, `2430`, `2440`, `2460`, `2470`, `2480`) + - `config-rpc-public.toml` - Public RPC profile (`2201`) + - `config-rpc-4.toml` - Thirdweb specialized RPC profile (`2401`, `2402`, `2403`) ## Enode URL Format @@ -352,9 +368,10 @@ pct exec -- ls -la /keys/validators/ # validators only ```bash pct exec -- cat /etc/besu/config-validator.toml # validators pct exec -- cat /etc/besu/config-sentry.toml # sentries -pct exec -- cat /etc/besu/config-rpc-core.toml # Core RPC (2500) -pct exec -- cat /etc/besu/config-rpc-perm.toml # Permissioned RPC (2501) -pct exec -- cat /etc/besu/config-rpc-public.toml # Public RPC (2502) +pct exec -- cat /etc/besu/config-rpc-core.toml # Core/admin RPC (2101/2102/2103) +pct exec -- cat /etc/besu/config-rpc.toml # Permissioned/private RPC +pct exec -- cat /etc/besu/config-rpc-public.toml # Public RPC (2201) +pct exec -- cat /etc/besu/config-rpc-4.toml # Thirdweb specialized RPC ``` ### View Genesis @@ -367,4 +384,3 @@ pct exec -- cat /etc/besu/genesis.json pct exec -- cat /etc/besu/permissions-nodes.toml pct exec -- cat /etc/besu/static-nodes.json ``` - diff --git a/docs/06-besu/BESU_NODES_TWEAKS_AND_FOLLOWUPS.md b/docs/06-besu/BESU_NODES_TWEAKS_AND_FOLLOWUPS.md index 8e84d2bc..0dfb3d63 100644 --- a/docs/06-besu/BESU_NODES_TWEAKS_AND_FOLLOWUPS.md +++ b/docs/06-besu/BESU_NODES_TWEAKS_AND_FOLLOWUPS.md @@ -1,5 +1,8 @@ # Besu Nodes – Tweaks and Follow-ups +> Historical note: +> This document tracks earlier follow-up work on now-renumbered or transitional RPC nodes. Some references to `2503`-series nodes are preserved intentionally as operational history. + **Last updated:** 2026-02-13 ## VMIDs 2503, 2504, 2505 (HYBX RPC) diff --git a/docs/06-besu/BESU_VERSION_CONFIGURATION_GUIDE.md b/docs/06-besu/BESU_VERSION_CONFIGURATION_GUIDE.md index da297090..ae5217c0 100644 --- a/docs/06-besu/BESU_VERSION_CONFIGURATION_GUIDE.md +++ b/docs/06-besu/BESU_VERSION_CONFIGURATION_GUIDE.md @@ -1,5 +1,7 @@ # Besu Version-Specific Configuration Guide +> Modern note: This guide still applies to the layered-transaction-pool era, but the fleet is now standardized on Besu `25.12.0`, not `23.10.0`. Read the compatibility guidance in that broader `23.10+` context. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -7,21 +9,21 @@ --- **Date**: 2026-01-21 -**Version**: Besu 23.10.0+ +**Version**: Besu 23.10.0+ through 25.12.0 **Status**: ✅ **ACTIVE** --- ## Overview -This guide documents configuration requirements specific to Besu version 23.10.0 and later, which introduced the **layered transaction pool** as the default implementation. +This guide documents configuration requirements specific to Besu version 23.10.0 and later, which introduced the **layered transaction pool** as the default implementation. The current fleet standard is Besu `25.12.0`. --- ## Version Information ### Current Deployment -- **Besu Version**: 23.10.0 +- **Besu Version**: 25.12.0 - **Transaction Pool**: Layered (default) - **Consensus**: QBFT - **Network**: Permissioned (ChainID 138) diff --git a/docs/06-besu/CHAIN138_BESU_CONFIGURATION.md b/docs/06-besu/CHAIN138_BESU_CONFIGURATION.md index 09dd895e..8fc554fe 100644 --- a/docs/06-besu/CHAIN138_BESU_CONFIGURATION.md +++ b/docs/06-besu/CHAIN138_BESU_CONFIGURATION.md @@ -1,5 +1,8 @@ # ChainID 138 Besu Node Configuration Guide +> Historical note: +> This guide contains migration-era and intermediate RPC-node assumptions, especially around the `2503`-series specialized nodes. It remains useful as design history, but parts of it do not reflect the current 37-node fleet. For live roles and configs, use `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`, `docs/02-architecture/DBIS_NODE_ROLE_MATRIX.md`, and the current templates/config files. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -413,4 +416,3 @@ Uses standard sentry configuration with: - Main config: `scripts/configure-besu-chain138-nodes.sh` - New containers: `scripts/setup-new-chain138-containers.sh` - diff --git a/docs/06-besu/CHAT_TASKS_COMPLETE_REVIEW.md b/docs/06-besu/CHAT_TASKS_COMPLETE_REVIEW.md index b54475e1..e5a9a126 100644 --- a/docs/06-besu/CHAT_TASKS_COMPLETE_REVIEW.md +++ b/docs/06-besu/CHAT_TASKS_COMPLETE_REVIEW.md @@ -1,5 +1,8 @@ # Complete Task List - Chat Review +> Historical note: +> This is a retrospective chat/task summary and intentionally preserves the terminology and VMID assumptions from the period it reviewed. It is not a current operator runbook. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/COMPLETE_REMAINING_TASKS_LIST.md b/docs/06-besu/COMPLETE_REMAINING_TASKS_LIST.md index 02493dd4..125768d9 100644 --- a/docs/06-besu/COMPLETE_REMAINING_TASKS_LIST.md +++ b/docs/06-besu/COMPLETE_REMAINING_TASKS_LIST.md @@ -1,5 +1,7 @@ # Complete Remaining Tasks List +> Historical note: This task list is a point-in-time backlog snapshot from the earlier Besu/RPC migration cycle. It intentionally preserves tasks tied to then-current VMIDs and fleet gaps. Use it as historical planning context, not as the current operator backlog. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/COMPREHENSIVE_CONSISTENCY_REVIEW.md b/docs/06-besu/COMPREHENSIVE_CONSISTENCY_REVIEW.md index dead66c7..e631ee0f 100644 --- a/docs/06-besu/COMPREHENSIVE_CONSISTENCY_REVIEW.md +++ b/docs/06-besu/COMPREHENSIVE_CONSISTENCY_REVIEW.md @@ -1,5 +1,8 @@ # Comprehensive Consistency Review Report +> Historical note: +> This review captures inconsistencies that existed when it was authored, including legacy RPC endpoint assumptions. It should be read as a historical assessment, not as the current authoritative state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -199,4 +202,3 @@ This review examines consistency between: 2. Update IP addresses in source project scripts and documentation 3. Update network.conf.example in proxmox project 4. Re-run consistency check to verify fixes - diff --git a/docs/06-besu/COMPREHENSIVE_RECOMMENDATIONS.md b/docs/06-besu/COMPREHENSIVE_RECOMMENDATIONS.md index 7ad3a5ca..17669087 100644 --- a/docs/06-besu/COMPREHENSIVE_RECOMMENDATIONS.md +++ b/docs/06-besu/COMPREHENSIVE_RECOMMENDATIONS.md @@ -1,5 +1,7 @@ # Comprehensive Recommendations & Suggestions +> Historical note: This recommendations list is a January 2026 planning artifact. It intentionally preserves priorities and assumptions from that period, including migration-era node references. Use it as historical guidance, not as the current execution plan. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/DEPLOYMENT_ATTEMPTS_COMPLETE.md b/docs/06-besu/DEPLOYMENT_ATTEMPTS_COMPLETE.md index 75d04aae..09bccdec 100644 --- a/docs/06-besu/DEPLOYMENT_ATTEMPTS_COMPLETE.md +++ b/docs/06-besu/DEPLOYMENT_ATTEMPTS_COMPLETE.md @@ -1,5 +1,7 @@ # Deployment Attempts Complete +> Historical note: This is a point-in-time deployment report from the earlier Besu rollout cycle. It preserves execution history and migration-era assumptions. Do not read it as the current deployment state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/DEPLOYMENT_WITH_NONCE_SKIP_COMPLETE.md b/docs/06-besu/DEPLOYMENT_WITH_NONCE_SKIP_COMPLETE.md index 9cd84944..4deb8544 100644 --- a/docs/06-besu/DEPLOYMENT_WITH_NONCE_SKIP_COMPLETE.md +++ b/docs/06-besu/DEPLOYMENT_WITH_NONCE_SKIP_COMPLETE.md @@ -1,5 +1,7 @@ # Deployment with Nonce Skip - Complete +> Historical note: This document records one specific deployment path taken during an earlier execution window. It should be treated as operational history, not as the current recommended procedure or fleet state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/EXECUTION_REVIEW_SUMMARY.md b/docs/06-besu/EXECUTION_REVIEW_SUMMARY.md index 6c5e36cd..f95bed44 100644 --- a/docs/06-besu/EXECUTION_REVIEW_SUMMARY.md +++ b/docs/06-besu/EXECUTION_REVIEW_SUMMARY.md @@ -1,5 +1,7 @@ # Immediate Next Steps - Execution Review Summary +> Historical note: This summary captures a partial execution checkpoint from January 2026. It intentionally preserves the blockers and fleet assumptions from that moment. Use it as audit history, not as the current status board. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/IMMEDIATE_NEXT_STEPS_COMPLETE_REVIEW.md b/docs/06-besu/IMMEDIATE_NEXT_STEPS_COMPLETE_REVIEW.md index cb7ee070..ee224916 100644 --- a/docs/06-besu/IMMEDIATE_NEXT_STEPS_COMPLETE_REVIEW.md +++ b/docs/06-besu/IMMEDIATE_NEXT_STEPS_COMPLETE_REVIEW.md @@ -1,5 +1,7 @@ # Immediate Next Steps - Complete Review +> Historical note: This review is a point-in-time execution assessment from the earlier migration/remediation cycle. It preserves then-current blockers and references. Treat it as historical context, not as the current completion status. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/IMMEDIATE_NEXT_STEPS_EXECUTION_RESULTS.md b/docs/06-besu/IMMEDIATE_NEXT_STEPS_EXECUTION_RESULTS.md index af87ea23..de64b3e6 100644 --- a/docs/06-besu/IMMEDIATE_NEXT_STEPS_EXECUTION_RESULTS.md +++ b/docs/06-besu/IMMEDIATE_NEXT_STEPS_EXECUTION_RESULTS.md @@ -1,5 +1,7 @@ # Immediate Next Steps - Execution Results +> Historical note: These execution results reflect a specific run from January 2026. They are useful as evidence of what happened then, but they should not be treated as the current deployment or transaction state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/MASTER_DOCS_AND_NODE_LISTS_REVIEW.md b/docs/06-besu/MASTER_DOCS_AND_NODE_LISTS_REVIEW.md index 30b71bd7..b086a492 100644 --- a/docs/06-besu/MASTER_DOCS_AND_NODE_LISTS_REVIEW.md +++ b/docs/06-besu/MASTER_DOCS_AND_NODE_LISTS_REVIEW.md @@ -1,5 +1,7 @@ # Master Documentation, Static-Nodes, and Permissioned-Nodes Review +> Historical note: This review accurately captured documentation gaps on 2026-02-07, but several recommendations it calls out have since been implemented. Keep it as audit history, not as the current inconsistency list. + **Date:** 2026-02-07 **Scope:** docs/MASTER_INDEX.md, all static-nodes.json and permissions/permissioned-nodes files. **Purpose:** Single review for consistency, gaps, and recommended source of truth. diff --git a/docs/06-besu/ML110_VMID_LIST.md b/docs/06-besu/ML110_VMID_LIST.md index 21cbb765..5c81a0da 100644 --- a/docs/06-besu/ML110_VMID_LIST.md +++ b/docs/06-besu/ML110_VMID_LIST.md @@ -1,5 +1,7 @@ # All VMIDs on ml110 (192.168.11.10) +> Historical note: This host inventory reflects an earlier ml110 placement snapshot and still includes migration-era RPC assumptions. Preserve it as host history, but verify all live placement against `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` and `config/proxmox-operational-template.json`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -41,8 +43,8 @@ Based on documentation, ml110 typically hosts: - **Sentries**: 1500-1503 (192.168.11.150-153) - **RPC Nodes**: 2101, 2400-2402, 2500-2508 -### Machine Learning Nodes -- **3000-3003**: ML nodes (192.168.11.60-63) +### Legacy Monitor / RPC-Adjacent Nodes +- **3000-3003**: Legacy monitor / RPC-adjacent Ubuntu guests (`192.168.11.60-62`, `192.168.11.66`) ### Infrastructure Services - **Oracle/Monitoring**: 3500, 3501 diff --git a/docs/06-besu/NETWORK_RECOVERED_BUT_TX_ISSUE.md b/docs/06-besu/NETWORK_RECOVERED_BUT_TX_ISSUE.md index 82288033..1bd3c283 100644 --- a/docs/06-besu/NETWORK_RECOVERED_BUT_TX_ISSUE.md +++ b/docs/06-besu/NETWORK_RECOVERED_BUT_TX_ISSUE.md @@ -1,5 +1,7 @@ # Network Recovered - Transaction Propagation Issue +> Historical note: This incident note records a specific recovery window and the transaction issues observed at that time. Preserve it as troubleshooting history, not as the current network status. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/NODE_LIST_DEPLOYMENT_COMPLETE.md b/docs/06-besu/NODE_LIST_DEPLOYMENT_COMPLETE.md index b559472b..a99781c7 100644 --- a/docs/06-besu/NODE_LIST_DEPLOYMENT_COMPLETE.md +++ b/docs/06-besu/NODE_LIST_DEPLOYMENT_COMPLETE.md @@ -1,5 +1,7 @@ # Node List Deployment - Complete +> Historical note: This completion note records an earlier node-list deployment milestone. It preserves the fleet shape and assumptions from that run. Use it as execution history only. For the current 37-node allowlist and fleet layout, use `config/besu-node-lists/static-nodes.json`, `config/besu-node-lists/permissions-nodes.toml`, and `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md`. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/NODE_LIST_DEPLOYMENT_FINAL_STATUS.md b/docs/06-besu/NODE_LIST_DEPLOYMENT_FINAL_STATUS.md index 4506297a..c55416aa 100644 --- a/docs/06-besu/NODE_LIST_DEPLOYMENT_FINAL_STATUS.md +++ b/docs/06-besu/NODE_LIST_DEPLOYMENT_FINAL_STATUS.md @@ -38,19 +38,13 @@ --- -### ⏸️ Nodes Not Deployed (Stopped) +### Historical Note -The following nodes are stopped and will receive files when started: +This document reflects the early 2026 deployment wave and is no longer the canonical fleet reference. Use: -- VMID 2500 (192.168.11.250) - Stopped -- VMID 2501 (192.168.11.251) - Stopped -- VMID 2502 (192.168.11.252) - Stopped -- VMID 2505 (192.168.11.201) - Stopped -- VMID 2506 (192.168.11.202) - Stopped -- VMID 2507 (192.168.11.203) - Stopped -- VMID 2508 (192.168.11.204) - Stopped - -**Note**: These nodes will need deployment when they are started. +- `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` +- `docs/06-besu/BESU_NODES_FILE_REFERENCE.md` +- `scripts/verify/verify-static-permissions-on-all-besu-nodes.sh` --- @@ -95,7 +89,7 @@ pct exec -- systemctl restart besu-rpc.service After restart, verify connections: ```bash -cast rpc admin_peers http://192.168.11.250:8545 +cast rpc admin_peers http://192.168.11.211:8545 ``` Expected: Multiple peer connections showing all nodes from `static-nodes.json` diff --git a/docs/06-besu/NODE_LIST_FIX_COMPLETE.md b/docs/06-besu/NODE_LIST_FIX_COMPLETE.md index 7e15e5a7..ed297ce7 100644 --- a/docs/06-besu/NODE_LIST_FIX_COMPLETE.md +++ b/docs/06-besu/NODE_LIST_FIX_COMPLETE.md @@ -1,5 +1,8 @@ # Node List Fix - Complete +> Historical note: +> This is a completion record from an earlier fix cycle. Legacy RPC VMID references are retained on purpose for chronology. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/NODE_LIST_RECONCILIATION_COMPLETE.md b/docs/06-besu/NODE_LIST_RECONCILIATION_COMPLETE.md index 8a94c396..5247d769 100644 --- a/docs/06-besu/NODE_LIST_RECONCILIATION_COMPLETE.md +++ b/docs/06-besu/NODE_LIST_RECONCILIATION_COMPLETE.md @@ -1,5 +1,8 @@ # Node List Reconciliation - Complete +> Historical note: +> This file preserves a point-in-time reconciliation completion record. It includes migration-era RPC references and should not be used as the live fleet map. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/NODE_LIST_RECONCILIATION_REPORT.md b/docs/06-besu/NODE_LIST_RECONCILIATION_REPORT.md index 549f7c7a..9f7e08db 100644 --- a/docs/06-besu/NODE_LIST_RECONCILIATION_REPORT.md +++ b/docs/06-besu/NODE_LIST_RECONCILIATION_REPORT.md @@ -1,5 +1,8 @@ # Node List Reconciliation Report +> Historical note: +> This report reflects the reconciliation state at the time it was written and intentionally mentions then-current migration relationships from the `2500` series. It should be read as audit history, not as the current allowlist/inventory state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/NODE_LIST_REQUIREMENTS.md b/docs/06-besu/NODE_LIST_REQUIREMENTS.md index 071d5d0a..e1a95a97 100644 --- a/docs/06-besu/NODE_LIST_REQUIREMENTS.md +++ b/docs/06-besu/NODE_LIST_REQUIREMENTS.md @@ -58,7 +58,7 @@ - ✅ 5 Validator nodes (1000-1004) - ✅ 1 RPC node at 192.168.11.211 (VMID 2101) - ✅ 1 RPC node at 192.168.11.241 (VMID 2401) -- ⚠️ Missing some expected RPC nodes (2400, 2402, 2500-2502, 2505-2508) +- Historical note: this count predates the current 37-node fleet and the RPC renumbering. - ⚠️ Contains some unknown IPs (221, 232-238) - need verification ### permissioned-nodes.json @@ -90,31 +90,31 @@ | 1502 | 192.168.11.152 | ⚠️ Need to verify | | 1503 | 192.168.11.153 | ⚠️ Need to verify | -### RPC Nodes (13 nodes expected) +### RPC Nodes (21 nodes expected) | VMID | IP Address | Status | |------|------------|--------| -| 2101 | 192.168.11.211 | ✅ In list | -| 2400 | 192.168.11.240 | ❌ Missing | -| 2401 | 192.168.11.241 | ✅ In list | -| 2402 | 192.168.11.242 | ❌ Missing | -| 2500 | 192.168.11.250 | ❌ Missing | -| 2501 | 192.168.11.251 | ❌ Missing | -| 2502 | 192.168.11.252 | ❌ Missing | -| 2505 | 192.168.11.201 | ❌ Missing | -| 2506 | 192.168.11.202 | ❌ Missing | -| 2507 | 192.168.11.203 | ❌ Missing | -| 2508 | 192.168.11.204 | ❌ Missing | - -**Unknown IPs in list** (need verification): -- 192.168.11.221 -- 192.168.11.232 -- 192.168.11.233 -- 192.168.11.234 -- 192.168.11.235 -- 192.168.11.236 -- 192.168.11.237 -- 192.168.11.238 +| 2101 | 192.168.11.211 | ✅ Present | +| 2102 | 192.168.11.212 | ✅ Present | +| 2103 | 192.168.11.217 | ✅ Present | +| 2201 | 192.168.11.221 | ✅ Present | +| 2301 | 192.168.11.232 | ✅ Present | +| 2303 | 192.168.11.233 | ✅ Present | +| 2304 | 192.168.11.234 | ✅ Present | +| 2305 | 192.168.11.235 | ✅ Present | +| 2306 | 192.168.11.236 | ✅ Present | +| 2307 | 192.168.11.237 | ✅ Present | +| 2308 | 192.168.11.238 | ✅ Present | +| 2400 | 192.168.11.240 | ✅ Present | +| 2401 | 192.168.11.241 | ✅ Present | +| 2402 | 192.168.11.242 | ✅ Present | +| 2403 | 192.168.11.243 | ✅ Present | +| 2420 | 192.168.11.172 | ✅ Present | +| 2430 | 192.168.11.173 | ✅ Present | +| 2440 | 192.168.11.174 | ✅ Present | +| 2460 | 192.168.11.246 | ✅ Present | +| 2470 | 192.168.11.247 | ✅ Present | +| 2480 | 192.168.11.248 | ✅ Present | --- diff --git a/docs/06-besu/T1_2_CANONICAL_LINK_DEPLOYMENT.md b/docs/06-besu/T1_2_CANONICAL_LINK_DEPLOYMENT.md index 8d208948..e25656f0 100644 --- a/docs/06-besu/T1_2_CANONICAL_LINK_DEPLOYMENT.md +++ b/docs/06-besu/T1_2_CANONICAL_LINK_DEPLOYMENT.md @@ -1,5 +1,7 @@ # Deploy Canonical LINK Token - Status & Approach +> Historical note: This deployment note captures a January 2026 decision point and CREATE2 deployment approach. It preserves the reasoning from that moment. Use it as historical record, not as the current token-deployment status without rechecking live chain state. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/T1_2_CREATE2_DEPLOYMENT_STATUS.md b/docs/06-besu/T1_2_CREATE2_DEPLOYMENT_STATUS.md index 889d407b..0a64b16a 100644 --- a/docs/06-besu/T1_2_CREATE2_DEPLOYMENT_STATUS.md +++ b/docs/06-besu/T1_2_CREATE2_DEPLOYMENT_STATUS.md @@ -1,5 +1,7 @@ # CREATE2 Deployment to Canonical LINK Address - Status +> Historical note: This status page records a specific pre-execution state from January 2026. It should be read as execution history, not as a current readiness indicator. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/T1_2_CREDENTIALS_STATUS.md b/docs/06-besu/T1_2_CREDENTIALS_STATUS.md index 0fc10d79..1de9499c 100644 --- a/docs/06-besu/T1_2_CREDENTIALS_STATUS.md +++ b/docs/06-besu/T1_2_CREDENTIALS_STATUS.md @@ -1,5 +1,7 @@ # T1.2 Bridge Resolution - Credentials Status +> Historical note: This credentials status snapshot is time-bound and reflects the state of one January 2026 execution window. Keep it as audit history, not as the current secrets readiness source of truth. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -22,7 +24,7 @@ ### 2. RPC_URL ✅ - **Status**: ✅ **PRESENT** -- **Value**: `http://192.168.11.250:8545` +- **Value**: `http://192.168.11.211:8545` - **Alternative**: `RPC_URL_138=http://192.168.11.211:8545` - **Location**: `smom-dbis-138/.env` diff --git a/docs/06-besu/T1_2_CREDENTIALS_VERIFIED.md b/docs/06-besu/T1_2_CREDENTIALS_VERIFIED.md index 661c4eda..b31e7ca6 100644 --- a/docs/06-besu/T1_2_CREDENTIALS_VERIFIED.md +++ b/docs/06-besu/T1_2_CREDENTIALS_VERIFIED.md @@ -1,5 +1,7 @@ # T1.2 Bridge Resolution - Credentials Verification Complete +> Historical note: This verification record reflects a point-in-time credential check from January 2026. Preserve it as evidence, but do not rely on it as the current secrets status without revalidation. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation @@ -38,7 +40,7 @@ All required credentials for Phase 3 deployment: ```bash # ✅ Present and Verified PRIVATE_KEY=0x5373d11ee2cad4ed82b9208526a8c358839cbfe325919fb250f062a25153d1c8 -RPC_URL=http://192.168.11.250:8545 +RPC_URL=http://192.168.11.211:8545 RPC_URL_138=http://192.168.11.211:8545 LINK_TOKEN=0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03 CHAIN138_SELECTOR=138 @@ -59,7 +61,7 @@ WETH10_ADDRESS=0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f | Credential | Status | Value | |------------|--------|-------| | PRIVATE_KEY | ✅ Ready | `0x5373d11ee2cad4ed82b9208526a8c358839cbfe325919fb250f062a25153d1c8` | -| RPC_URL | ✅ Ready | `http://192.168.11.250:8545` | +| RPC_URL | ✅ Ready | `http://192.168.11.211:8545` | | CCIP_ROUTER | ✅ Verified | `0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e` | | CCIP_FEE_TOKEN | ✅ Verified | `0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03` | | LINK_TOKEN | ✅ Ready | `0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03` (same as CCIP_FEE_TOKEN) | diff --git a/docs/06-besu/T1_2_LINK_TOKEN_DECISION.md b/docs/06-besu/T1_2_LINK_TOKEN_DECISION.md index 71e4b9e1..f61d1b25 100644 --- a/docs/06-besu/T1_2_LINK_TOKEN_DECISION.md +++ b/docs/06-besu/T1_2_LINK_TOKEN_DECISION.md @@ -1,5 +1,7 @@ # LINK Token Decision for Phase 3 Deployment +> Historical note: This decision memo records the recommended LINK-token path from an earlier deployment cycle. Keep it as historical rationale; confirm current token strategy and chain state before treating it as live guidance. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/T1_2_PHASE3_EXECUTION_PLAN.md b/docs/06-besu/T1_2_PHASE3_EXECUTION_PLAN.md index 13b5238e..c1b105b7 100644 --- a/docs/06-besu/T1_2_PHASE3_EXECUTION_PLAN.md +++ b/docs/06-besu/T1_2_PHASE3_EXECUTION_PLAN.md @@ -39,7 +39,7 @@ ```bash # Set environment variables -export RPC_URL="http://192.168.11.211:8545" # or http://192.168.11.250:8545 +export RPC_URL="http://192.168.11.211:8545" export PRIVATE_KEY="0x..." # Admin private key export CCIP_ROUTER="0x99b3511a2d315a497c8112c1fdd8d508d4b1e506" export CCIP_FEE_TOKEN="0x514910771AF9Ca656af840dff83E8264EcF986CA" # Verify this diff --git a/docs/06-besu/TXPOOL_EVICTION_PREVENT_STUCK.md b/docs/06-besu/TXPOOL_EVICTION_PREVENT_STUCK.md index 2b42b3c8..292cc366 100644 --- a/docs/06-besu/TXPOOL_EVICTION_PREVENT_STUCK.md +++ b/docs/06-besu/TXPOOL_EVICTION_PREVENT_STUCK.md @@ -1,5 +1,7 @@ # Tx-Pool Eviction to Prevent Stuck Transactions +> Modern note: This guidance is still technically relevant, but it predates the current fleet-wide standardization on Besu `25.12.0`. Confirm option support and defaults against the current Besu version guide and live configs before applying it. + **Last Updated:** 2026-02-07 **Status:** Active diff --git a/docs/06-besu/VALIDATOR_TXPOOL_FIX_STATUS.md b/docs/06-besu/VALIDATOR_TXPOOL_FIX_STATUS.md index 5ca977b7..41ef7759 100644 --- a/docs/06-besu/VALIDATOR_TXPOOL_FIX_STATUS.md +++ b/docs/06-besu/VALIDATOR_TXPOOL_FIX_STATUS.md @@ -1,5 +1,7 @@ # Validator Transaction Pool Fix - Current Status +> Historical note: This status page documents a specific validator/txpool incident window and the findings from that period. It is troubleshooting history, not the current validator-health view. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/06-besu/VALIDATOR_TXPOOL_MANUAL_UPDATE_GUIDE.md b/docs/06-besu/VALIDATOR_TXPOOL_MANUAL_UPDATE_GUIDE.md index 89f8e781..90138d78 100644 --- a/docs/06-besu/VALIDATOR_TXPOOL_MANUAL_UPDATE_GUIDE.md +++ b/docs/06-besu/VALIDATOR_TXPOOL_MANUAL_UPDATE_GUIDE.md @@ -1,5 +1,7 @@ # Validator Transaction Pool Manual Update Guide +> Historical note: This manual update guide was written for a particular validator/txpool remediation path. Preserve it as incident guidance, but confirm current Besu version, txpool behavior, and node inventory before applying it to the live fleet. + **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation diff --git a/docs/07-ccip/CCIP_BRIDGE_MAINNET_CONNECTION.md b/docs/07-ccip/CCIP_BRIDGE_MAINNET_CONNECTION.md index d463e443..4ea93da5 100644 --- a/docs/07-ccip/CCIP_BRIDGE_MAINNET_CONNECTION.md +++ b/docs/07-ccip/CCIP_BRIDGE_MAINNET_CONNECTION.md @@ -19,7 +19,7 @@ Chain 138 does not use Chainlink’s public CCIP network (custom chain). Cross-c | Contract | Address | Role | |--------------------|---------|------| -| **CCIPRelayRouter** | `0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb` | Receives relayed messages; calls bridge `ccipReceive`. Relayer must have `RELAYER_ROLE`. | +| **CCIPRelayRouter** | `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` | Active Mainnet relay router; receives relayed messages and calls authorized bridge `ccipReceive`. Relayer must have `RELAYER_ROLE`. | | **CCIPRelayBridge** | `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` | Holds WETH; releases to recipient when relay router calls `ccipReceive`. **Must be funded with WETH** for payouts. **WETH9-only** — no other tokens accepted. | | WETH9 | `0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2` | Canonical mainnet WETH. | @@ -35,7 +35,7 @@ Chain 138 does not use Chainlink’s public CCIP network (custom chain). Cross-c | **Bridge** (LINK fee) | `0xcacfd227A040002e49e2e01626363071324f820a` | Pay fee in Chain 138 LINK. Default in `CCIPWETH9_BRIDGE_CHAIN138`. | | **Bridge** (native ETH fee) | `0x63cbeE010D64ab7F1760ad84482D6cC380435ab5` | Pay fee in native ETH. | -Both bridges have **mainnet destination** set to **CCIPRelayBridge** (`0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939`), so all 138→mainnet sends are delivered via the relay. +WETH sends to Mainnet still target **CCIPRelayBridge** (`0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939`). cW mint flows use a separate Mainnet `CWMultiTokenBridgeL2` and should not be pointed at the WETH relay bridge. --- @@ -71,7 +71,7 @@ Both bridges have **mainnet destination** set to **CCIPRelayBridge** (`0xF9A32F3 ```bash ./scripts/bridge/grant-relayer-role-mainnet.sh ``` - Or manually: `cast send 0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb "grantRelayerRole(address)" 0x4A666F96fC8764181194447A7dFdb7d471b301C8 --rpc-url $ETHEREUM_MAINNET_RPC --private-key $PRIVATE_KEY --legacy` + Or manually: `cast send 0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA "grantRelayerRole(address)" 0x4A666F96fC8764181194447A7dFdb7d471b301C8 --rpc-url $ETHEREUM_MAINNET_RPC --private-key $PRIVATE_KEY --legacy` 3. **Start the relay service:** ```bash diff --git a/docs/07-ccip/CCIP_RELAY_DEPLOYMENT.md b/docs/07-ccip/CCIP_RELAY_DEPLOYMENT.md index f7b45dae..4e0a5eda 100644 --- a/docs/07-ccip/CCIP_RELAY_DEPLOYMENT.md +++ b/docs/07-ccip/CCIP_RELAY_DEPLOYMENT.md @@ -39,7 +39,7 @@ The CCIP Relay Service monitors `MessageSent` events on Chain 138 and relays mes | `PRIVATE_KEY` | Relayer private key | Needs ETH on mainnet for gas | | `START_BLOCK` | `latest` | Avoids RPC range limit errors | | `CCIP_ROUTER_CHAIN138` | 0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817 | Chain 138 router | -| `CCIP_RELAY_ROUTER_MAINNET` | 0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb | Mainnet relay router | +| `CCIP_RELAY_ROUTER_MAINNET` | 0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA | Active Mainnet relay router | | `CCIP_RELAY_BRIDGE_MAINNET` | 0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939 | Mainnet relay bridge | **Important:** Use `START_BLOCK=latest` to avoid "Requested range exceeds maximum RPC range limit" from Besu when querying `eth_getLogs`. Use `.env.local` with expanded `PRIVATE_KEY` if `${PRIVATE_KEY}` is used in `.env`. diff --git a/docs/07-ccip/CHAIN138_PUBLIC_CHAIN_UNLOAD_ROUTES.md b/docs/07-ccip/CHAIN138_PUBLIC_CHAIN_UNLOAD_ROUTES.md index 5b73fab3..7dd689ce 100644 --- a/docs/07-ccip/CHAIN138_PUBLIC_CHAIN_UNLOAD_ROUTES.md +++ b/docs/07-ccip/CHAIN138_PUBLIC_CHAIN_UNLOAD_ROUTES.md @@ -23,20 +23,22 @@ This is the reviewed practical route set for unloading WETH from Chain 138 onto | Mainnet | Relay-backed direct | Mainnet relay bridge must hold enough WETH | Direct `138 -> Mainnet` only when relay inventory is seeded | | BSC | Relay-backed direct | BSC relay bridge only covers tiny sends right now | Small direct `138 -> BSC`, or bootstrap mainnet then fan out | | Avalanche | Relay-backed direct | Avalanche relay bridge only covers tiny sends right now | Tiny direct sends only, or top up Avalanche relay inventory | -| Gnosis | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Gnosis` | -| Cronos | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Cronos` | -| Celo | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Celo` | -| Polygon | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Polygon` | -| Arbitrum | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Arbitrum` | -| Optimism | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Optimism` | -| Base | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Base` | +| Gnosis | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Gnosis` after bridge/router repair | +| Cronos | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Cronos` after bridge/router repair | +| Celo | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Celo` after bridge/router repair | +| Polygon | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Polygon` after bridge/router repair | +| Arbitrum | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Arbitrum` after bridge/router repair | +| Optimism | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Optimism` after bridge/router repair | +| Base | Mainnet hub currently blocked | Bootstrap mainnet first and fix Mainnet hub fan-out | `138 -> Mainnet`, then `Mainnet -> Base` after bridge/router repair | | WEMIX | Not deployed | No | Deploy and wire the bridge first | ## Operational meaning - The only practical first-hop lanes out of Chain 138 today are the relay-backed ones: `Mainnet`, `BSC`, and `Avalanche`. - The native bridge mappings on `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base` are still useful as destination addresses for the mainnet hub, but they are not themselves proof of a live `138 -> chain` delivery path. -- `Mainnet` is the real fan-out hub once it has been bootstrapped from Chain 138. +- `Mainnet` remains the intended fan-out hub once it has been bootstrapped from Chain 138, but the active `WETH9` public fan-out path is currently blocked at the source bridge/router layer. +- The public blocker is broader than Arbitrum alone: read-only `calculateFee()` preflights on `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` revert for the tracked public-chain selectors `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base`. +- Arbitrum is still the concrete live proof point: the latest `Mainnet -> Arbitrum` attempt failed on-chain in tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07`, with the revert occurring inside the Mainnet router before any bridge event was emitted. - `WEMIX` is still outside the unload set because bridge deployment and seeding are missing. ## Exact route helper @@ -61,7 +63,7 @@ The helper prints: - the configured Chain 138 mapping and the practical route for each chain - the live prerequisite for using that route now - exact `cast send` commands for relay-backed `138 -> chain` lanes -- exact `cast send` commands for `Mainnet -> chain` fan-out once mainnet is bootstrapped +- exact `cast send` commands for `Mainnet -> chain` fan-out only when the Mainnet WETH9 quote preflight is healthy - relay worker commands for `Mainnet`, `BSC`, and `Avalanche` ## Relay profiles diff --git a/docs/07-ccip/CROSS_NETWORK_FUNDING_BOOTSTRAP_STRATEGY.md b/docs/07-ccip/CROSS_NETWORK_FUNDING_BOOTSTRAP_STRATEGY.md index b2afc86e..94300fa2 100644 --- a/docs/07-ccip/CROSS_NETWORK_FUNDING_BOOTSTRAP_STRATEGY.md +++ b/docs/07-ccip/CROSS_NETWORK_FUNDING_BOOTSTRAP_STRATEGY.md @@ -27,13 +27,13 @@ This is confirmed by live execution: | Mainnet | Relay-backed direct | Mainnet relay bridge must hold enough WETH | Direct `138 -> Mainnet` when relay inventory is funded | | BSC | Relay-backed direct | BSC relay bridge only covers tiny sends right now | Small direct `138 -> BSC`, or bootstrap mainnet through BSC | | Avalanche | Relay-backed direct | Avalanche relay bridge only covers tiny sends right now | Tiny direct sends only, or top up inventory first | -| Gnosis | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Gnosis` | -| Cronos | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Cronos` | -| Celo | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Celo` | -| Polygon | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Polygon` | -| Arbitrum | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Arbitrum` | -| Optimism | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Optimism` | -| Base | Via mainnet hub | Bootstrap mainnet first | `138 -> Mainnet`, then `Mainnet -> Base` | +| Gnosis | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Gnosis` after Mainnet bridge/router fix | +| Cronos | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Cronos` after Mainnet bridge/router fix | +| Celo | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Celo` after Mainnet bridge/router fix | +| Polygon | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Polygon` after Mainnet bridge/router fix | +| Arbitrum | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Arbitrum` after Mainnet bridge/router fix | +| Optimism | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Optimism` after Mainnet bridge/router fix | +| Base | Mainnet hub currently blocked | Bootstrap mainnet first and repair Mainnet fan-out | `138 -> Mainnet`, then `Mainnet -> Base` after Mainnet bridge/router fix | | WEMIX | Deploy-first | Bridge not deployed and no gas seed | Deploy and seed first | ## Best strategy now @@ -45,7 +45,7 @@ This is the best practical topology. Why: - `138 -> Mainnet` is a real relay-backed route when the relay bridge has WETH -- mainnet already has enabled fan-out mappings for Gnosis, Cronos, Celo, Polygon, Arbitrum, Optimism, and Base +- mainnet still has enabled fan-out mappings for Gnosis, Cronos, Celo, Polygon, Arbitrum, Optimism, and Base - the successful recovery proved that topping up mainnet relay inventory and replaying is operationally viable ### 2. Use BSC as the bootstrap and recovery helper @@ -73,12 +73,25 @@ Avalanche is structurally similar to BSC but currently weaker because: - deployer has native gas - relay inventory is present but still below the `0.01` WETH working threshold -### 4. Treat the native-mapped chains as mainnet destinations +### 4. Treat the native-mapped chains as blocked mainnet destinations until the source path is repaired Gnosis, Cronos, Celo, Polygon, Arbitrum, Optimism, and Base are still valuable, but their practical role is: - `Mainnet -> target` destinations after mainnet bootstrap - not proven direct Chain 138 first hops +- currently blocked even as Mainnet fan-out targets on the active WETH9 source bridge path + +Live corrections from 2026-04-04: + +- a direct `138 -> Arbitrum` WETH send emitted a valid `MessageSent` event on the Chain 138 router +- the active relay service still skipped that message because it was running the Mainnet destination profile +- destination processing on Arbitrum remained untouched (`processedTransfers == false`) +- a follow-on `Mainnet -> Arbitrum` send from `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` also failed on-chain in tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07` +- debug tracing shows the revert occurs inside the Mainnet CCIP router `0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D` before any bridge event is emitted, so this is not a wallet-balance issue +- the failed Mainnet send left deployer balances intact apart from gas; WETH and LINK were not stranded +- read-only quote preflights now also revert for the current Mainnet WETH9 bridge across the tracked public-chain selectors: `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base` + +Treat that as confirmation of the current rule: these chains are meaningful destinations after Mainnet bootstrap, not safe first hops from Chain 138 unless a dedicated relay profile and router path are added first. More importantly, the current Mainnet WETH9 public fan-out path should be treated as blocked at the source bridge/router layer until it is repaired or replaced. ## What to keep funded @@ -121,7 +134,7 @@ cd /home/intlc/projects/proxmox/smom-dbis-138 1. Audit the current route and inventory state. 2. If mainnet relay inventory is sufficient, use direct `138 -> Mainnet`. 3. If mainnet relay inventory is insufficient, use `138 -> BSC` plus the proven external BSC -> Mainnet bridge pattern to refill mainnet. -4. Once mainnet is funded, fan out `Mainnet -> target` for Gnosis, Cronos, Celo, Polygon, Arbitrum, Optimism, and Base. +4. Keep `Mainnet -> target` fan-out blocked until the current Mainnet WETH9 source bridge quote/send path is repaired. 5. Seed Avalanche relay inventory only if Avalanche needs to become an active first hop too. ## Bottom line @@ -129,6 +142,6 @@ cd /home/intlc/projects/proxmox/smom-dbis-138 The practical route graph is now: - first hop from Chain 138 through the relay-backed lanes -- keep mainnet funded and use it as the hub +- keep mainnet funded and use it as the hub once the Mainnet WETH9 public fan-out path is repaired - use BSC as the proven bootstrap and recovery helper - treat the native-mapped public-chain bridges as mainnet destinations unless a dedicated relay is added for them diff --git a/docs/07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md b/docs/07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md index 823647c4..7721e26c 100644 --- a/docs/07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md +++ b/docs/07-ccip/CW_DEPLOY_AND_WIRE_RUNBOOK.md @@ -1,7 +1,9 @@ # Runbook: Deploy cW* and Wire Config **Created:** 2026-02-27 -**Purpose:** Steps to deploy cWUSDT/cWUSDC on a chain, set `CW_BRIDGE_`, update token-mapping, and verify roles. Covers Phase D and E from [CW_BRIDGE_TASK_LIST.md](../00-meta/CW_BRIDGE_TASK_LIST.md). +**Purpose:** Steps to deploy generic `cW*` mirrors on a chain, set `CW_BRIDGE_`, update token-mapping, and verify roles. Covers Phase D and E from [CW_BRIDGE_TASK_LIST.md](../00-meta/CW_BRIDGE_TASK_LIST.md). + +For the single-runbook Proxmox operator flow, including generic lane wiring and generic outbound sends, see [PROXMOX_CSTAR_TO_CW_BRIDGE_RUNBOOK.md](../03-deployment/PROXMOX_CSTAR_TO_CW_BRIDGE_RUNBOOK.md). --- @@ -40,6 +42,12 @@ Operational note: the verifier gates new `lockAndSend` mints. Return `ccipReceiv **One-command helper (from repo root):** `./scripts/deployment/run-cw-remaining-steps.sh` runs a dry-run and `--update-mapping` by default. Use `--deploy` to broadcast, then set CWUSDT_*/CWUSDC_* in .env from output and run again with `--update-mapping` (or run `--update-mapping` after editing .env). Use `--verify` to check MINTER/BURNER roles per chain and `--verify-hard-peg` to inspect the Avalanche hard-peg bridge state (`supportedCanonicalToken`, `maxOutstanding`, verifier attachment/config, and L2 freeze flags). +**Generic lane wiring helper (from repo root):** +`./scripts/deployment/configure-cstar-cw-bridge-pair.sh --chain --asset ` wires one canonical-to-mirrored lane on `CWMultiTokenBridgeL1` / `CWMultiTokenBridgeL2`. Add `--execute` to broadcast and `--freeze` for strict-mode production locks. + +**Generic outbound send helper (from repo root):** +`./scripts/bridge/bridge-cstar-to-cw.sh --asset --chain --amount ` preflights allowance plus `calculateFee(address,uint64,address,uint256)` and prints or submits the exact `lockAndSend(...)` call. Add `--approve --execute` to broadcast. + ### D1. Run cW* deploy **All supported chains:** @@ -240,10 +248,22 @@ For the production Avalanche route, `smom-dbis-138/scripts/deployment/complete-n ### E1. Relay service (138 → Mainnet) -If using the existing CCIPRelayBridge for cW* on Mainnet, that contract is WETH-only and must be **extended** (or a separate cW* receiver deployed and relay logic updated) so that when the relay sends a cUSDT/cUSDC message, the Mainnet receiver mints cWUSDT/cWUSDC. See [RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md](RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md) for the pattern (token whitelist + transfer or mint in `ccipReceive`). Then: +Mainnet now has a relay-compatible cW receiver for the generic `c* -> cW*` path: -- Configure relay to send c* messages to the cW* receiver on Mainnet. -- Ensure the receiver has MINTER_ROLE on cWUSDT/cWUSDC and holds or mints as designed. +- Mainnet relay router: `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` +- Mainnet cW bridge (`CW_BRIDGE_MAINNET`): `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5` +- Chain 138 sender bridge (`CW_L1_BRIDGE_CHAIN138`): `0x152ed3e9912161b76bdfd368d0c84b7c31c10de7` + +The legacy Mainnet `CCIPRelayBridge` at `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` remains the WETH-only release bridge. Do not point cW mint flows at that contract. + +The current proven Mainnet mint-on-receive corridor is: + +- `138 cUSDC -> Mainnet cWUSDC` +- Source send tx: `0x1228c6aa540e59055b0c548390272554135ef6611bec7f5424da6da0c85944af` +- Message id: `0x1fc04053a22f9aaa51a43d883a7d154d952a523873995e106cc2c90889376952` +- Mainnet relay tx: `0xa67a85dc0fd8b20f6f3516c5db68e75084ff10adb40cc7edc9fb00f54ff2ad47` + +That canary completed with `processed(messageId)=true` on the Mainnet cW bridge and increased the deployer's Mainnet `cWUSDC` balance by `1` token. ### E2. Direct CCIP (138 → chain) @@ -272,17 +292,23 @@ If Chain 138 uses UniversalCCIPBridge or a dedicated sender to send c* to a dest | 5 | Verify MINTER_ROLE and BURNER_ROLE on cW* for the bridge (D4). | | 6 | In hard-peg mode, allowlist canonical tokens and set `maxOutstanding` on `CWMultiTokenBridgeL1`, then freeze token pair and destination on `CWMultiTokenBridgeL2` (D5). | | 7 | Deploy and attach `CWReserveVerifier`, then configure canonical `cUSDT` / `cUSDC` backing requirements (D6). | -| 8 | If cross-chain mint is required, ensure the bridge/receiver code mints cW* in ccipReceive (Phase B or C); then wire relay/direct CCIP (E1, E2) and run E2E test (E3). | +| 8 | If cross-chain mint is required, ensure the bridge/receiver code mints cW* in ccipReceive (Phase B or C); then wire relay/direct CCIP (E1, E2) and run E2E test (E3). Mainnet `cUSDC -> cWUSDC` is now the reference completed relay-backed example. | --- -## Retry failed cW* deploys (Mainnet, Cronos, Arbitrum) +## Retry or finalize cW* deploys (Mainnet focus; Cronos verifier; Arbitrum replay only if drift appears) -If the 10 remaining cW* (cWEURC..cWXAUT) failed on **Mainnet** (nonce), **Cronos** (RPC timeout), or **Arbitrum** (gas), use the steps below. +As of **2026-04-03**, the public EVM mesh is no longer blocked on token deployment: -### Mainnet (1) — fix nonce +- **Cronos** now has the full 12-token `cW*` suite live and bridge-role verified. +- **Arbitrum** has the full address set recorded in `.env`; only rerun deployment there if a verifier shows bytecode or role drift. +- **Mainnet** recovery is complete: the full 12-token `cW*` suite is now live there alongside the earlier `cWUSDT` and `cWUSDC`. -Deployer nonce on Mainnet must match the RPC (error: `nonce=256 maxNonce=253` means 3 pending txs are ahead of what the RPC has confirmed). +Use the steps below only for replay or disaster recovery on a chain that drifts from the recorded mesh. + +### Mainnet (1) — replay only if drift reappears + +The Mainnet nonce-recovery flow below is now historical recovery guidance. Use it only if a fresh verifier shows missing bytecode or a stuck deployment nonce again. 1. **Check nonce and balance:** `./scripts/deployment/check-deployer-nonce-and-balance.sh` @@ -302,21 +328,45 @@ DEPLOY_CWUSDT=0 DEPLOY_CWUSDC=0 CW_BRIDGE_ADDRESS="$CW_BRIDGE_MAINNET" forge scr Add the printed CWEURC_MAINNET … CWXAUT_MAINNET to `.env`, then run `./scripts/deployment/run-cw-remaining-steps.sh --update-mapping`. -### Cronos (25) — retry when RPC is stable; fix nonce if needed +### Cronos (25) — complete and verified; keep these steps only for replay / disaster recovery -If you see `invalid nonce; got X, expected Y`, wait for pending txs to confirm or replace/cancel them (same idea as Mainnet). Check: `./scripts/deployment/check-deployer-nonce-and-balance.sh` +If you ever need to replay Cronos because of a fresh RPC or nonce issue, use the flow below. The current expected post-recovery result is: ```bash -cd smom-dbis-138 && source .env +CRONOS_CW_VERIFY_RPC_URL=https://cronos-evm-rpc.publicnode.com \ + bash ../scripts/verify/check-cw-cronos-wave1.sh +``` + +That verifier should report `missing_code=0 missing_roles=0`. + +```bash +cd smom-dbis-138 +source scripts/lib/deployment/dotenv.sh +load_deployment_env --repo-root "$PWD" DEPLOY_CWUSDT=0 DEPLOY_CWUSDC=0 CW_BRIDGE_ADDRESS="$CW_BRIDGE_CRONOS" forge script script/deploy/DeployCWTokens.s.sol:DeployCWTokens \ --rpc-url "${CRONOS_RPC_URL}" --chain-id 25 --broadcast --private-key "$PRIVATE_KEY" --legacy -vvv ``` -Then set CWEURC_CRONOS … CWXAUT_CRONOS in `.env` from the script output and run `--update-mapping`. +If `evm.cronos.org` starts rate-limiting (`Cloudflare 1015`), retry against `https://cronos-evm-rpc.publicnode.com` and reduce the batch size: -### Arbitrum (42161) — use current gas; low gas price is enough +```bash +cd smom-dbis-138 +source scripts/lib/deployment/dotenv.sh +load_deployment_env --repo-root "$PWD" +DEPLOY_CWUSDT=0 DEPLOY_CWUSDC=0 DEPLOY_CWAUSDT=0 DEPLOY_CWUSDW=0 DEPLOY_CWEURC=0 CW_BRIDGE_ADDRESS="$CW_BRIDGE_CRONOS" forge script script/deploy/DeployCWTokens.s.sol:DeployCWTokens \ + --rpc-url "https://cronos-evm-rpc.publicnode.com" --chain-id 25 --broadcast --private-key "$PRIVATE_KEY" --legacy -vvv +``` -[Arbitrum One gas](https://arbiscan.io/gastracker) is often ~0.02 Gwei; the 10-contract deploy then costs <0.001 ETH. If you see "max fee per gas less than block base fee", set `ARBITRUM_GAS_PRICE` slightly above base (e.g. `25000000` = 0.025 gwei). Only use 35 gwei if the network is congested. Run the deploy: +Then set `CWEURC_CRONOS` … `CWXAUT_CRONOS` in `.env`, run `./scripts/deployment/run-cw-remaining-steps.sh --update-mapping`, and confirm with: + +```bash +CRONOS_CW_VERIFY_RPC_URL=https://cronos-evm-rpc.publicnode.com \ + bash ../scripts/verify/check-cw-cronos-wave1.sh +``` + +### Arbitrum (42161) — rerun only if verifier shows drift + +[Arbitrum One gas](https://arbiscan.io/gastracker) is often ~0.02 Gwei; the 10-contract deploy then costs <0.001 ETH. Only rerun this section if the mesh verifier or a direct bytecode check shows an actual gap. If you do need to replay, set `ARBITRUM_GAS_PRICE` slightly above base (e.g. `25000000` = 0.025 gwei). Only use 35 gwei if the network is congested. Run the deploy: ```bash cd smom-dbis-138 && source .env diff --git a/docs/07-ccip/OPTIONAL_DEPLOYMENTS_START_HERE.md b/docs/07-ccip/OPTIONAL_DEPLOYMENTS_START_HERE.md index 443a3354..35aaed16 100644 --- a/docs/07-ccip/OPTIONAL_DEPLOYMENTS_START_HERE.md +++ b/docs/07-ccip/OPTIONAL_DEPLOYMENTS_START_HERE.md @@ -2,9 +2,11 @@ **Note: Nothing here is optional nor future — these are planned deployments (Chain 138 and multichain).** -**Last Updated:** 2026-02-16 +**Last Updated:** 2026-04-03 **Purpose:** Single entry point to run all deployments: AddressMapper (other chains), DODO PMM 138, Mainnet trustless, Paymaster. Run from repo root or `smom-dbis-138/` with `.env` and PRIVATE_KEY. +> Historical note: the completion table below preserves the 2026-02-16 optional-deployment snapshot. The current canonical Chain 138 contract baseline is **67/67** in `check-contracts-on-chain-138.sh`. + --- ## Completion status (automated run) @@ -19,7 +21,7 @@ | **Phase 4 Reserve Keeper** | ✅ Code | Script skips Phase 4 unless `ORACLE_PRICE_FEED` or `RESERVE_KEEPER` is set; DeployKeeper.s.sol no-ops with message when ORACLE_PRICE_FEED unset. Set env to run or skip. | | **Phase 8 eMoney 138** | ✅ Deployed | ComplianceRegistry, DebtRegistry, PolicyManager, eMoney impl, TokenFactory138, BridgeVault138 deployed. | | **§2D Paymaster** | ✅ Script run | Informational script ran; next steps: deploy EntryPoint/AccountFactory/Paymaster from ERC-4337 kit, set env. | -| **§4 Post-deployment check** | ✅ Done | `check-contracts-on-chain-138.sh`: 46 present, 0 missing (EOA and Mainnet-only excluded). | +| **§4 Post-deployment check** | ✅ Done | Historical snapshot: `check-contracts-on-chain-138.sh`: 46 present, 0 missing (EOA and Mainnet-only excluded) on 2026-02-16. Current canonical baseline is **67/67**. | **To finish deployments:** If Phase 6/8 failed with "Replacement transaction underpriced", run **Fix stuck transaction** (cancel-pending or flush-stuck-tx) first, then `./scripts/run-optional-deployments.sh --execute --phases 6,8`. Set DODO env vars for §2B to run Phase 7. Use a Mainnet RPC that accepts your key for §2C Mainnet. diff --git a/docs/07-ccip/XDC_ZERO_CHAIN138.md b/docs/07-ccip/XDC_ZERO_CHAIN138.md index 008ae368..81c9cdb9 100644 --- a/docs/07-ccip/XDC_ZERO_CHAIN138.md +++ b/docs/07-ccip/XDC_ZERO_CHAIN138.md @@ -6,6 +6,12 @@ **Config templates:** [`../../config/xdc-zero/`](../../config/xdc-zero/) -**Scripts:** `bash scripts/verify/xdc-zero-chain138-preflight.sh` · `bash scripts/xdc-zero/merge-endpointconfig-chain138.sh` +**Scripts:** `bash scripts/verify/xdc-zero-chain138-preflight.sh` · `bash scripts/xdc-zero/merge-endpointconfig-chain138.sh --dry-run …` · `bash scripts/xdc-zero/deploy-endpoint-chain138.sh --dry-run` + +**systemd:** `config/systemd/xdc-zero-relayer-138-pair.example.service` + `config/xdc-zero/xdc-relayer.dotenv.example` (or `xdc-zero-relayer-138-pair.example.defaults` for `/etc/default/`) + +**Troubleshooting:** [../03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md](../03-deployment/CHAIN138_XDC_ZERO_DEPLOYMENT_TROUBLESHOOTING.md) + +**Operator sequence:** `bash scripts/xdc-zero/run-xdc-zero-138-operator-sequence.sh` **XDC mainnet RPC:** `https://rpc.xinfin.network` (chain id 50) — set as `XDC_PARENTNET_URL` / `xdcparentnet` in `network.config.json`; not Ethereum L1. diff --git a/docs/08-monitoring/BLOCKSCOUT_CONFIGURATION_GUIDE.md b/docs/08-monitoring/BLOCKSCOUT_CONFIGURATION_GUIDE.md index 2abc89d4..980d82fb 100644 --- a/docs/08-monitoring/BLOCKSCOUT_CONFIGURATION_GUIDE.md +++ b/docs/08-monitoring/BLOCKSCOUT_CONFIGURATION_GUIDE.md @@ -1,6 +1,6 @@ # Blockscout Configuration Guide - Complete Setup -**Last Updated:** 2026-01-31 +**Last Updated:** 2026-04-04 **Document Version:** 1.0 **Status:** Active Documentation @@ -82,7 +82,7 @@ services: postgres: condition: service_healthy environment: - - DATABASE_URL=postgresql://blockscout:blockscout@postgres:5432/blockscout + - DATABASE_URL=postgresql://blockscout:blockscout@postgres:5432/blockscout?sslmode=disable - ETHEREUM_JSONRPC_HTTP_URL=http://192.168.11.250:8545 - ETHEREUM_JSONRPC_WS_URL=ws://192.168.11.250:8546 - ETHEREUM_JSONRPC_TRACE_URL=http://192.168.11.250:8545 @@ -92,7 +92,10 @@ services: - BLOCKSCOUT_HOST=192.168.11.140 - BLOCKSCOUT_PROTOCOL=http - SECRET_KEY_BASE=$(openssl rand -hex 64) - - POOL_SIZE=10 + - POOL_SIZE=50 + - POOL_SIZE_API=50 + - DATABASE_QUEUE_TARGET=5s + - INDEXER_DISABLE_PENDING_TRANSACTIONS_FETCHER=true - ECTO_USE_SSL=false ports: - "4000:4000" @@ -136,7 +139,34 @@ for i in {1..30}; do done # Start Blockscout -docker-compose up -d blockscout || docker compose up -d blockscout +docker compose up -d blockscout || docker-compose up -d blockscout + +# If legacy docker-compose crashes with KeyError: 'ContainerConfig', +# remove the old container and start Blockscout directly: +docker rm -f blockscout 2>/dev/null || true +docker run -d \ + --name blockscout \ + --restart unless-stopped \ + --network blockscout_blockscout-network \ + -p 4000:4000 \ + -e DATABASE_URL=postgresql://blockscout:blockscout@postgres:5432/blockscout?sslmode=disable \ + -e ETHEREUM_JSONRPC_HTTP_URL=http://192.168.11.250:8545 \ + -e ETHEREUM_JSONRPC_WS_URL=ws://192.168.11.250:8546 \ + -e ETHEREUM_JSONRPC_TRACE_URL=http://192.168.11.250:8545 \ + -e ETHEREUM_JSONRPC_VARIANT=besu \ + -e CHAIN_ID=138 \ + -e COIN=ETH \ + -e BLOCKSCOUT_HOST=192.168.11.140 \ + -e BLOCKSCOUT_PROTOCOL=http \ + -e SECRET_KEY_BASE="$SECRET_KEY" \ + -e POOL_SIZE=50 \ + -e POOL_SIZE_API=50 \ + -e DATABASE_QUEUE_TARGET=5s \ + -e INDEXER_DISABLE_PENDING_TRANSACTIONS_FETCHER=true \ + -e ECTO_USE_SSL=false \ + -v blockscout_blockscout-data:/app/apps/explorer/priv/static \ + blockscout/blockscout:latest \ + bin/blockscout start ``` ### Step 4: Configure Nginx @@ -218,6 +248,17 @@ curl http://192.168.11.140/ ## Configuration Settings Reference +- `POOL_SIZE=50` and `POOL_SIZE_API=50`: recommended baseline for the public Chain 138 explorer on VMID 5000. The older `POOL_SIZE=10` profile is too small under current indexer plus public API load. +- `DATABASE_QUEUE_TARGET=5s`: lets Blockscout wait longer before dropping DB work during bursty indexing. +- `INDEXER_DISABLE_PENDING_TRANSACTIONS_FETCHER=true`: keeps one noisy fetcher off by default; it reduced queue pressure during the April 4, 2026 E2E repair. + +## Troubleshooting Hot Path + +- If `/api/v2/stats`, `/api/v2/blocks`, or `/api/v2/transactions` intermittently return `500`, check `docker logs blockscout` for `DBConnection.ConnectionError` before changing nginx. +- If logs show `connection not available and request was dropped from queue`, raise pool sizes and queue target first. +- If logs show `tcp recv (idle): closed`, prefer the local Docker-network Postgres path (`postgres:5432`) over the VM host `:6432` HAProxy hop on VMID 5000, then keep the larger Blockscout pools in place. +- If the legacy `docker-compose` binary throws `KeyError: 'ContainerConfig'`, prefer `docker compose` or a temporary `docker run` recovery instead of repeatedly retrying the old binary. + ### Environment Variables | Variable | Value | Description | @@ -264,4 +305,3 @@ curl -X POST http://192.168.11.250:8545 \ --- **Last Updated**: $(date) - diff --git a/docs/08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md b/docs/08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md index 64004bf4..d13bb93f 100644 --- a/docs/08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md +++ b/docs/08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md @@ -1,6 +1,6 @@ # Blockscout Contract Verification Guide - ChainID 138 -**Last Updated:** 2026-01-31 +**Last Updated:** 2026-04-03 **Document Version:** 1.0 **Status:** Active Documentation @@ -40,6 +40,25 @@ ChainID 138 uses **Blockscout** (self-hosted) as its block explorer. This guide ## Verification Methods +### Recommended Chain 138 operator path + +For the canonical Proxmox / Chain 138 workspace, prefer the repo helpers instead of raw `forge verify-contract`: + +```bash +bash scripts/verify/run-contract-verification-with-proxy.sh +``` + +For the private DODO v3 / D3MM pilot on Chain 138, use the dedicated helper: + +```bash +bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh +``` + +That helper knows the live DODO v3 deployment set and the harder standard-input path for the pilot contracts. As of 2026-04-03: + +- `D3Oracle`, `D3Vault`, `DODOApprove`, and `DODOApproveProxy` are fully source-verified on Blockscout. +- `D3MMFactory` and `D3Proxy` accept verification submissions, but Blockscout currently exposes only bytecode metadata for them rather than the full verified-contract metadata. + ### Method 1: Using Foundry Script with Verification When deploying contracts with Foundry, add Blockscout verification flags: diff --git a/docs/11-references/13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md b/docs/11-references/13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md index 8082cb54..3c0a3bba 100644 --- a/docs/11-references/13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md +++ b/docs/11-references/13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md @@ -80,8 +80,8 @@ For each node **r630-N** (IP 192.168.11.(10+N), N=5..13): ## Phase 4: Dell Precision 7920 workstations (2×) -- [ ] **workstation-01 (192.168.11.30):** Power on; connect 1G to management LAN; set static IP .30 (or DHCP reservation). Install OS and tools (admin/dev); optional 10G to XG if needed for large data. -- [ ] **workstation-02 (192.168.11.31):** Same; IP .31. +- [ ] **workstation-01:** Power on; connect 1G to management LAN; assign an explicit unused management IP and record it in `config/ip-addresses.conf` or `.env`. Do not assume `.30`. +- [ ] **workstation-02:** Same; choose another unused management IP. Do not assume `.31` because it is assigned to Gitea. - [ ] **Document:** Add to inventory and network diagram; no Proxmox cluster join (workstations are clients). --- diff --git a/docs/11-references/13_NODE_NETWORK_AND_CABLING_CHECKLIST.md b/docs/11-references/13_NODE_NETWORK_AND_CABLING_CHECKLIST.md index 4b703c71..69abf113 100644 --- a/docs/11-references/13_NODE_NETWORK_AND_CABLING_CHECKLIST.md +++ b/docs/11-references/13_NODE_NETWORK_AND_CABLING_CHECKLIST.md @@ -111,8 +111,8 @@ Ceph VLANs are optional; can run Ceph over management until a dedicated cluster | Workstation | IP (mgmt) | 10G cable | |-----------------|-------------|-----------------| -| workstation-01 | 192.168.11.30 | Optional: XG #1 port (spare) | -| workstation-02 | 192.168.11.31 | Optional: XG #1 port (spare) | +| workstation-01 | Assign explicitly when provisioned | Optional: XG #1 port (spare) | +| workstation-02 | Assign explicitly when provisioned | Optional: XG #1 port (spare) | ### 4.5 Inter-switch link diff --git a/docs/11-references/76.53.10.34_CONNECTION_EXPLANATION.md b/docs/11-references/76.53.10.34_CONNECTION_EXPLANATION.md index 91369d60..e58b7e47 100644 --- a/docs/11-references/76.53.10.34_CONNECTION_EXPLANATION.md +++ b/docs/11-references/76.53.10.34_CONNECTION_EXPLANATION.md @@ -18,9 +18,9 @@ ### IP Address Identity -**`76.53.10.34`** is the **ER605 router's WAN IP address**, not an RPC service endpoint. +**`76.53.10.34`** is the **UDM Pro edge router's WAN IP address**, not an RPC service endpoint. -- **Device**: TP-Link ER605 v2.20 (er605-1) +- **Device**: UDM Pro edge gateway - **Role**: Primary Edge Router (WAN interface) - **Network**: Public WAN IP (Block #1: 76.53.10.32/28) - **Gateway**: 76.53.10.33 diff --git a/docs/11-references/ADDRESS_MATRIX_AND_STATUS.md b/docs/11-references/ADDRESS_MATRIX_AND_STATUS.md index fdf379bc..a159700d 100644 --- a/docs/11-references/ADDRESS_MATRIX_AND_STATUS.md +++ b/docs/11-references/ADDRESS_MATRIX_AND_STATUS.md @@ -1,7 +1,7 @@ # Address Matrix and Status — Correlated Reference -**Last Updated:** 2026-03-26 -**Purpose:** Single correlated matrix of all existing contract, token, and pool addresses with deployment status. **On-chain verification (2026-03-26):** corrected Chain 138 PMM stack verified at `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`; desired-state inventory is fully reconciled with `104` existing pools and `104` aligned routes. +**Last Updated:** 2026-04-01 +**Purpose:** Single correlated matrix of all existing contract, token, and pool addresses with deployment status. **On-chain verification (2026-04-02):** the canonical Chain 138 PMM stack is the official DODO V2 DVM-backed deployment at `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`, and `DODO_VENDING_MACHINE_ADDRESS=0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C`. Stable pairs were recalibrated on 2026-04-02 with `i=1e18`, `k=0` so equal-reserve stable pools quote at true 1:1 parity. **Sources:** CONTRACT_ADDRESSES_REFERENCE, CHAIN138_TOKEN_ADDRESSES, LIQUIDITY_POOLS_MASTER_MAP, DEPLOYED_COINS_TOKENS_AND_NETWORKS, env examples, PRE_DEPLOYMENT_CHECKLIST. --- @@ -111,12 +111,14 @@ | Contract / pool | Address | Status | Notes | |-----------------|---------|--------|-------| -| DODOPMMIntegration | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | ✅ | Corrected canonical integration; full JSON desired-state reconciled | -| DODOPMMProvider | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` | ✅ | Corrected canonical provider; 104 aligned routes | +| DODO DVMFactory | `0xc93870594C7f83A0aE076c2e30b494Efc526b68E` | ✅ | Self-deployed official DODO V2 DVMFactory on Chain 138 | +| DODO Vending Machine / Adapter | `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C` | ✅ | Canonical `DODO_VENDING_MACHINE_ADDRESS` | +| DODOPMMIntegration | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` | ✅ | Canonical official-DVM-backed integration | +| DODOPMMProvider | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` | ✅ | Canonical provider registered against the current integration | | PrivatePoolRegistry | `0xb27057B27db09e8Df353AF722c299f200519882A` | ✅ | Live private XAU pool registry | -| Pool cUSDT/cUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | ✅ | Funded live | -| Pool cUSDT/USDT (official mirror) | `0x6fc60DEDc92a2047062294488539992710b99D71` | ✅ | Intended funded canonical pool; integration/provider mapping must be repointed if still on older empty pool | -| Pool cUSDC/USDC (official mirror) | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | ✅ | Canonical corrected-stack pool | +| Pool cUSDT/cUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | ✅ | Funded live on the canonical official-DVM stack; corrected to `i=1e18`, `k=0` | +| Pool cUSDT/USDT (official mirror) | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | ✅ | Funded live on the canonical official-DVM stack; corrected to `i=1e18`, `k=0` | +| Pool cUSDC/USDC (official mirror) | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | ✅ | Funded live on the canonical official-DVM stack; corrected to `i=1e18`, `k=0` | | Pool cUSDT/cXAUC (public) | `0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0` | ✅ | Funded live | | Pool cUSDC/cXAUC (public) | `0xEA9Ac6357CaCB42a83b9082B870610363B177cBa` | ✅ | Funded live | | Pool cEURT/cXAUC (public) | `0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf` | ✅ | Funded live | @@ -146,7 +148,7 @@ | CCIP / bridge | 4 (1 deprecated) | ✅ Use 0x971c… WETH9 bridge | | Governance / deterministic | 9 | ✅ All deployed | | Channels / mirror / reserve / vault | 14+ | ✅ All deployed | -| PMM / pools | 1 integration, 1 provider, 1 private registry, 104 aligned pools | ✅ Corrected full mesh and edge pool desired state live | +| PMM / pools | 1 DVMFactory, 1 adapter, 1 integration, 1 provider, 1 private registry, 3 canonical stable pools | ✅ Official DODO V2 DVM-backed public stable path live | | TransactionMirror | 1 | ✅ `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc` | ### 2.2 Ethereum Mainnet (1) @@ -158,6 +160,12 @@ | WETH | `0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2` | ✅ | | USDT | `0xdAC17F958D2ee523a2206206994597C13D831ec7` | ✅ | | USDC | `0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48` | ✅ | +| DODOPMMIntegration (optional GRU cW + TRUU volatile) | `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` | ✅ Live; `DODO_PMM_INTEGRATION_MAINNET`; Etherscan source-verified 2026-04-11 | +| TRUU (Truth) | `0xDAe0faFD65385E7775Cf75b1398735155EF6aCD2` | ✅ Anchor in `deployment-status.json` | +| PMM pool cWUSDT / TRUU | `0x508E5e80B66204b8CD9869323Fdd3A289ea50993` | ✅ Volatile; see runbook §11 | +| PMM pool cWUSDC / TRUU | `0x9A632F35078b6A4A9bf27806Bb7aFfAA2F16C846` | ✅ Volatile; see runbook §11 | + +Detail and env wiring: [MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md](../03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md) section 11, [CONTRACT_ADDRESSES_REFERENCE.md](CONTRACT_ADDRESSES_REFERENCE.md) (Mainnet TRUU PMM subsection). ### 2.3 ALL Mainnet (651940) @@ -196,12 +204,14 @@ Bridges (CCIPWETH9 / CCIPWETH10) and LINK funding per runbook. Addresses in `smo | Env variable (Chain 138) | Canonical address | |--------------------------|-------------------| -| DODO_PMM_INTEGRATION_ADDRESS | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | -| DODO_PMM_PROVIDER_ADDRESS | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` | +| DODO_DVM_FACTORY | `0xc93870594C7f83A0aE076c2e30b494Efc526b68E` | +| DODO_VENDING_MACHINE_ADDRESS | `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C` | +| DODO_PMM_INTEGRATION_ADDRESS | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` | +| DODO_PMM_PROVIDER_ADDRESS | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` | | PRIVATE_POOL_REGISTRY | `0xb27057B27db09e8Df353AF722c299f200519882A` | -| POOL_CUSDTCUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | -| POOL_CUSDTUSDT | `0x6fc60DEDc92a2047062294488539992710b99D71` | -| POOL_CUSDCUSDC | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | +| POOL_CUSDTCUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | +| POOL_CUSDTUSDT | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | +| POOL_CUSDCUSDC | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | | POOL_CUSDT_XAU_PUBLIC | `0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0` | | POOL_CUSDC_XAU_PUBLIC | `0xEA9Ac6357CaCB42a83b9082B870610363B177cBa` | | POOL_CEURT_XAU_PUBLIC | `0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf` | diff --git a/docs/11-references/API_DOCUMENTATION.md b/docs/11-references/API_DOCUMENTATION.md index 6d5586b1..a7482257 100644 --- a/docs/11-references/API_DOCUMENTATION.md +++ b/docs/11-references/API_DOCUMENTATION.md @@ -30,9 +30,9 @@ ### ChainID 138 -**HTTP**: `http://192.168.11.250:8545` +**HTTP**: `http://192.168.11.211:8545` **HTTPS**: `https://rpc-core.d-bis.org` -**WebSocket**: `ws://192.168.11.250:8546` +**WebSocket**: `ws://192.168.11.211:8546` --- @@ -169,4 +169,3 @@ cast call "" --rpc-url $RPC_URL --- **Last Updated**: $(date) - diff --git a/docs/11-references/APT_PACKAGES_CHECKLIST.md b/docs/11-references/APT_PACKAGES_CHECKLIST.md index b678bfb1..f8153cc4 100644 --- a/docs/11-references/APT_PACKAGES_CHECKLIST.md +++ b/docs/11-references/APT_PACKAGES_CHECKLIST.md @@ -53,7 +53,7 @@ lsb-release # LSB release information ### Note: nginx for RPC Nodes **nginx is NOT installed on RPC nodes**. Instead, **VMID 105 (nginx-proxy-manager)** is used as a centralized reverse proxy and load balancer for all RPC endpoints. This provides: - Centralized management via web UI -- Load balancing across RPC nodes (2500-2502) +- Load balancing across current RPC nodes (2101/2201/2301 and the broader 21xx-24xx fleet) - SSL termination - High availability with automatic failover @@ -361,4 +361,3 @@ pct exec -- ping -c 3 8.8.8.8 # Check DNS resolution pct exec -- nslookup archive.ubuntu.com ``` - diff --git a/docs/11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md b/docs/11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md index cbcb0cca..a1830435 100644 --- a/docs/11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md +++ b/docs/11-references/CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md @@ -29,7 +29,7 @@ | **42220**| Celo | WETH9, WETH10 | No proven direct first hop from 138 | Native bridge is deployed, but use **Mainnet hub** or cW path instead of assuming direct delivery | Not a direct no-prefund first hop | | **1111** | Wemix | WETH9, WETH10 | Not live yet | Bridge deployment and gas seeding still pending | Pending | -**cW specific status:** The cW mint-on-receive model is the correct non-prefunded pattern. Avalanche `cUSDT -> cWUSDT` is live and proven using AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75`; other cW corridors should still be treated as design / partial unless separately proven. +**cW specific status:** The cW mint-on-receive model is the correct non-prefunded pattern. Avalanche `cUSDT -> cWUSDT` is live and proven using AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75`, and Mainnet `cUSDC -> cWUSDC` plus `cUSDT -> cWUSDT` are now live and canary-proven using Mainnet cW bridge `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5`; other cW corridors should still be treated as design / partial unless separately proven. --- @@ -60,7 +60,9 @@ | Token(s) | Chain(s) | Receiver | Mechanism | Current status | |---------------|----------|------------------------|-----------|----------------| | **cUSDT → cWUSDT** | **43114 (Avalanche)** | AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75` | Dedicated non-prefunded relay path; destination mints `cWUSDT` to recipient | ✅ Live and proven E2E | -| **cWUSDT, cWUSDC** (cW*) | 56, 100, 137, 10, 42161, 8453, 43114, 25, 1, etc. | TwoWayTokenBridgeL2 (or CCIPReceiverCW) | `ccipReceive` → `cW*.mint(recipient, amount)`; receiver has MINTER_ROLE | ⏳ Generic pattern; treat as design / partial unless separately proven | +| **cUSDC → cWUSDC** | **1 (Ethereum Mainnet)** | `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5` via relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` | `ccipReceive` → `cWUSDC.mint(recipient, amount)` after sender/peer checks | ✅ Live and canary-proven | +| **cUSDT → cWUSDT** | **1 (Ethereum Mainnet)** | `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5` via relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` | `ccipReceive` → `cWUSDT.mint(recipient, amount)` after sender/peer checks | ✅ Live and canary-proven | +| **cWUSDT, cWUSDC** (cW*) | 56, 100, 137, 10, 42161, 8453, 43114, 25, etc. | TwoWayTokenBridgeL2 (or CCIPReceiverCW) | `ccipReceive` → `cW*.mint(recipient, amount)`; receiver has MINTER_ROLE | ⏳ Generic pattern; treat as design / partial unless separately proven outside Avalanche + Mainnet | **Sources:** [CW_BRIDGE_APPROACH](../07-ccip/CW_BRIDGE_APPROACH.md) for the generic mint-on-receive model; [NON_PREFUNDED_AVAX_MIGRATION_RUNBOOK](../07-ccip/NON_PREFUNDED_AVAX_MIGRATION_RUNBOOK.md) for the live AVAX proof and contract addresses. diff --git a/docs/11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md b/docs/11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md index ebed8f99..38c4d57a 100644 --- a/docs/11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md +++ b/docs/11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md @@ -1,6 +1,6 @@ # Chains & Protocols: Bridges, Ledger, and Integrations -**Last Updated:** 2026-01-29 +**Last Updated:** 2026-04-03 **Status:** Authoritative reference for bridge chains and protocol acceptance --- @@ -12,10 +12,43 @@ This document consolidates: 2. **Protocols and wallets that have accepted ChainID 138** – Ledger, Chainlist, thirdweb, MetaMask, etc. 3. **Protocols and wallets that have accepted ALL Mainnet (651940)** – Chainlist, MetaMask, etc. +The key normalization for 2026-04 is: + +- **Live EVM CCIP destinations** are one bucket. +- **Alltra** is a separate custom bridge bucket. +- **Truth** is a registry adapter on 138 plus an Ethereum ↔ Truth public bridge story, not a direct 138 ↔ Truth CCIP lane. +- **Tron** is a deployed non-EVM adapter on 138 with relay/off-chain dependencies. +- **Etherlink / Tezos** are scaffolded and feature-gated, not live public bridge lanes. +- **XDC Zero** and **OP Stack L2 ↔ 138** remain separate programs, not rows in the live CCIP destination matrix. + --- ## Part 1: Chains Handled by Bridges +### 1.0 Canonical bridge-program classification + +| Program / destination | Chain / ID | Classification | Current repo state | Canonical note | +|-------|----------|--------|--------|--------| +| Ethereum Mainnet | `1` | EVM CCIP destination | ✅ Live | Standard CCIP WETH9/WETH10 destination | +| Optimism | `10` | EVM CCIP destination | ✅ Live | Standard CCIP destination | +| Cronos | `25` | EVM CCIP destination | ✅ Live | Standard CCIP destination | +| BSC | `56` | EVM CCIP destination | ✅ Live | Standard CCIP destination | +| Gnosis | `100` | EVM CCIP destination | ✅ Live | Treat as live, not merely config-ready | +| Polygon | `137` | EVM CCIP destination | ✅ Live | Standard CCIP destination | +| Arbitrum One | `42161` | EVM CCIP destination | ✅ Live | Standard CCIP destination | +| Avalanche C-Chain | `43114` | EVM CCIP destination | ✅ Live | Standard CCIP destination; separate `avax-cw` GRU corridor also exists | +| Base | `8453` | EVM CCIP destination | ✅ Live | Standard CCIP destination | +| Celo | `42220` | EVM CCIP destination | ✅ Live | Treat as live, not merely config-ready | +| Wemix | `1111` | EVM CCIP destination | ⏳ Pending operator completion | Repo wiring exists; deployment/funding not fully closed | +| ALL Mainnet | `651940` | Custom Alltra bridge | ✅ Live | `AlltraAdapter`, not CCIP | +| Truth Network | Substrate / non-EVM | Registry adapter + Ethereum Truth bridge | ⚠️ Partial / pointer only | No direct 138 ↔ Truth CCIP lane documented | +| Tron | non-EVM | Adapter + relay program | ⚠️ Partial / relay-dependent | `TronAdapter` exists on 138; not part of the CCIP lane table | +| Solana | non-EVM (SVM) | Adapter + relay program | ⚠️ Partial / relay-dependent | `SolanaAdapter` in `smom-dbis-138`; no EIP-155 chain id; not part of the CCIP lane table | +| Etherlink | `42793` | Scaffold / gated bridge target | ⏳ Planned / feature-gated | Placeholder token mapping and runbook tasks exist | +| Tezos L1 | non-EVM | Scaffold / gated bridge target | ⏳ Planned / feature-gated | Relay/service plan exists, not live lane | +| XDC Network | `50` | Parallel bridge program | ⚠️ Separate program | `XDC Zero`, not CCIP | +| OP Stack L2 | separate future chain | Future bridge design | ⏳ Design only | Optional future L2 ↔ 138 program | + ### 1.1 Chainlink CCIP Bridge **Primary use:** ChainID 138 ↔ Ethereum cross-chain transfers @@ -31,23 +64,23 @@ This document consolidates: | Base | 8453 | ✅ | | BSC (BNB Chain) | 56 | ✅ | | Avalanche | 43114 | ✅ | -| Gnosis Chain | 100 | ✅ Config ready | -| Celo | 42220 | ✅ Config ready | -| Wemix | 1111 | ✅ Config ready | +| Gnosis Chain | 100 | ✅ | +| Celo | 42220 | ✅ | +| Wemix | 1111 | ⏳ Pending operator completion | | ChainID 138 (DeFi Oracle Meta Mainnet) | 138 | ✅ | -**Deployed CCIP WETH bridges:** CCIPWETH9Bridge and CCIPWETH10Bridge on BSC, Polygon, Avalanche, Base, Arbitrum, Optimism, ChainID 138. +**Deployed CCIP WETH bridges:** CCIPWETH9Bridge and CCIPWETH10Bridge on the live EVM destination set above, with Wemix still pending final operator completion. -**Additional CCIP-ready chains (selectors configured):** Gnosis Chain (`465200170687744372`), Celo (`1346049177634351622`), Wemix (`5142893604156789321`). +**Additional CCIP selectors tracked in repo:** Gnosis Chain (`465200170687744372`), Celo (`1346049177634351622`), Wemix (`5142893604156789321`). -#### Completion checklist for Config-Ready chains (Gnosis, Celo, Wemix) +#### Remaining completion checklist for pending CCIP chain(s) -To move Gnosis (100), Celo (42220), and Wemix (1111) from **Config ready** to **✅**: +Wemix (1111) still needs operator completion: -1. **Verify CCIP support** — Confirm each chain is listed in [Chainlink CCIP supported networks](https://docs.chain.link/ccip/supported-networks). -2. **Deploy bridges** — Deploy CCIPWETH9Bridge and CCIPWETH10Bridge on each chain (see runbook). -3. **Configure destinations** — Run `smom-dbis-138/scripts/deployment/complete-config-ready-chains.sh` (requires bridge addresses and `CHAIN138_SELECTOR` in `.env`). -4. **Fund with LINK** — Send ~10 LINK per bridge on each chain for CCIP fees. +1. **Verify CCIP support** — Confirm the current supported-network metadata is still valid. +2. **Deploy bridges** — Deploy CCIPWETH9Bridge and CCIPWETH10Bridge on Wemix (see runbook). +3. **Configure destinations** — Run `smom-dbis-138/scripts/deployment/complete-config-ready-chains.sh` with the Wemix bridge addresses and `CHAIN138_SELECTOR`. +4. **Fund with LINK / gas** — Complete the documented operator funding step for the Wemix deployer and bridge addresses. **Runbook:** [CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md](../07-ccip/CONFIG_READY_CHAINS_COMPLETION_RUNBOOK.md) **Env example:** `smom-dbis-138/docs/deployment/ENV_CONFIG_READY_CHAINS.example` @@ -90,6 +123,51 @@ To move Gnosis (100), Celo (42220), and Wemix (1111) from **Config ready** to ** **USDC (AUSDC):** `0xa95EeD79f84E6A0151eaEb9d441F9Ffd50e8e881` +### 1.5 Truth Network + +| Item | Status | Notes | +|------|--------|-------| +| `TruthNetworkAdapter` on Chain 138 | ✅ Deployed | Adapter is registered in `ChainRegistry` on 138 | +| Direct 138 ↔ Truth CCIP lane | ❌ Not documented | Repo does not define Truth as a normal CCIP destination | +| Public Truth bridge story | ✅ Ethereum ↔ Truth | Truth bridge narrative is Ethereum-centered (`TRUU` lift/burn) | +| 138 role today | ⚠️ Registry / pointer | Use 138 as metadata/registry attachment to the Ethereum Truth bridge story | + +Canonical reference: [TRUTH_NETWORK_BRIDGE_SPEC.md](../07-ccip/TRUTH_NETWORK_BRIDGE_SPEC.md) + +### 1.6 Tron + +| Item | Status | Notes | +|------|--------|-------| +| `TronAdapter` on Chain 138 | ✅ Deployed | `TRON_ADAPTER_CHAIN138` is recorded in the address inventory | +| Part of standard EVM CCIP matrix | ❌ No | Treat as non-EVM relay program | +| End-to-end bridging | ⚠️ Relay / ops dependent | Requires off-chain relay/oracle workflow and operational wiring | + +### 1.7 Etherlink and Tezos + +| Item | Status | Notes | +|------|--------|-------| +| Etherlink token mapping row (`42793`) | ✅ Scaffolded | Placeholder `addressTo` values only | +| Tezos / Etherlink feature flags | ✅ Present | `TEZOS_BRIDGE_ENABLED`, `ETHERLINK_BRIDGE_ENABLED` | +| Public production bridge lane | ❌ Not live | Treat as planned / gated until runbook items are completed | + +Canonical reference: [TEZOS_CCIP_REMAINING_ITEMS.md](../07-ccip/TEZOS_CCIP_REMAINING_ITEMS.md) + +### 1.8 XDC Zero + +| Item | Status | Notes | +|------|--------|-------| +| XDC ↔ 138 program | ⚠️ Separate track | Parallel to CCIP and non-EVM adapter programs | + +Canonical reference: [CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md](../03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) + +### 1.9 OP Stack L2 + +| Item | Status | Notes | +|------|--------|-------| +| L2 ↔ 138 bridge | ⏳ Design only | Optional future design, not a live lane | + +Canonical reference: [OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md](../03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md) + --- ## Part 2: Protocols That Have Accepted ChainID 138 @@ -229,6 +307,10 @@ Ledger Live and other clients can discover ChainID 138 RPCs via Chainlist. - [CHAIN_SUPPORT.md](../../alltra-lifi-settlement/docs/CHAIN_SUPPORT.md) – Chain support matrix - [BRIDGE_CONFIGURATION.md](../../smom-dbis-138/docs/deployment/BRIDGE_CONFIGURATION.md) – CCIP bridge config +- [TRUTH_NETWORK_BRIDGE_SPEC.md](../07-ccip/TRUTH_NETWORK_BRIDGE_SPEC.md) – Truth bridge classification and execution plan +- [TEZOS_CCIP_REMAINING_ITEMS.md](../07-ccip/TEZOS_CCIP_REMAINING_ITEMS.md) – Etherlink / Tezos staged work +- [CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md](../03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) – XDC Zero parallel bridge program +- [OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md](../03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md) – Future OP Stack bridge notes - [PUBLIC_RPC_CHAIN138_LEDGER.md](../04-configuration/PUBLIC_RPC_CHAIN138_LEDGER.md) – Ledger RPCs - [CHAIN138_WALLET_CONFIG_VALIDATION.md](../04-configuration/CHAIN138_WALLET_CONFIG_VALIDATION.md) – Wallet configs - [ALL_MAINNET_CONFIGURATION.md](../../smom-dbis-138/docs/deployment/ALL_MAINNET_CONFIGURATION.md) – ALL Mainnet config diff --git a/docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md b/docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md index 451c143b..1381e93c 100644 --- a/docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md +++ b/docs/11-references/CONTRACT_ADDRESSES_REFERENCE.md @@ -1,8 +1,8 @@ # Contract Addresses Reference - ChainID 138 -**Last Updated:** 2026-03-30 -**Document Version:** 1.6 -**Status:** Active documentation. Use the corrected canonical Chain 138 PMM stack: `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`, `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +**Last Updated:** 2026-04-05 +**Document Version:** 1.8 +**Status:** Active documentation. Use the official DODO V2 DVM-backed Chain 138 PMM stack: `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`, `DODO_VENDING_MACHINE_ADDRESS=0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C`. --- @@ -17,7 +17,8 @@ See [config/README-CONTRACTS-MASTER.md](../../config/README-CONTRACTS-MASTER.md) --- **Network**: ChainID 138 -**RPC Endpoint** (admin/deployment): Set `RPC_URL_138` (e.g. `http://192.168.11.211:8545` or `https://rpc-core.d-bis.org`) +**RPC — admin / deployment:** `RPC_URL_138` → Core Besu on LAN: `http://192.168.11.211:8545` (do **not** use FQDN for deploy). See [RPC_ENDPOINTS_MASTER](../04-configuration/RPC_ENDPOINTS_MASTER.md). +**RPC — public / wallets / browsers:** use **HTTPS FQDN** only (e.g. `https://rpc-http-pub.d-bis.org`); see `RPC_URL_138_PUBLIC` and the public mapping table in [RPC_ENDPOINTS_MASTER](../04-configuration/RPC_ENDPOINTS_MASTER.md). **Explorer:** https://explorer.d-bis.org (Blockscout) — use for Chain 138 balances, contracts, and verification. For balances on **other chains** (Ethereum mainnet, etc.), use [blockscan.com](https://blockscan.com) or etherscan.io. See [EXPLORER_AND_BLOCKSCAN_REFERENCE](EXPLORER_AND_BLOCKSCAN_REFERENCE.md). **Correlated matrix and status (Chain 138 + multi-chain):** [ADDRESS_MATRIX_AND_STATUS.md](ADDRESS_MATRIX_AND_STATUS.md). Reconcile addresses here and in `.env` when deploying or deprecating contracts (R2). @@ -33,7 +34,7 @@ These contracts were pre-deployed when ChainID 138 was initialized: |----------|---------|--------|-------| | **WETH9** | `0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2` | ✅ Pre-deployed | Genesis allocation | | **WETH10** | `0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f` | ✅ Pre-deployed | Genesis allocation | -| **Multicall** | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | ✅ Pre-deployed | Genesis allocation. Same address as Oracle Aggregator in some docs — verify on explorer which contract is at this slot. | +| **Oracle Aggregator (legacy slot)** | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | ✅ Pre-deployed / preserved | Live ABI on Chain 138 matches Oracle Aggregator (`latestAnswer`, `latestRoundData`). Do **not** use this slot as Multicall for new integrations. | ### ✅ Newly Deployed Contracts @@ -41,7 +42,7 @@ Contracts deployed after chain initialization: | Contract | Address | Status | Purpose | |----------|---------|--------|---------| -| **Oracle Aggregator** | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | ✅ Deployed | Price feed aggregator (same address as Multicall — operator to confirm which contract is at this slot on explorer) | +| **Oracle Aggregator** | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | ✅ Deployed | Price feed aggregator. Verified on 2026-04-02 via `latestAnswer()` / `latestRoundData()` against Core RPC. | | **Oracle Proxy** | `0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6` | ✅ Deployed | **MetaMask price feed** | | **CCIP Router** | `0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817` | ✅ Deployed | Canonical relay-backed router (`CCIP_ROUTER` in `smom-dbis-138/.env`) | | **CCIP Router (direct legacy)** | `0x8078A09637e47Fa5Ed34F626046Ea2094a5CDE5e` | ✅ Deployed | `CCIP_ROUTER_DIRECT_LEGACY` — still bytecode-checked | @@ -62,6 +63,46 @@ Contracts deployed after chain initialization: | **UniversalCCIPBridge** (proxy) | `0xCd42e8eD79Dc50599535d1de48d3dAFa0BE156F8` | ✅ Deployed | Phased core (2026-02-11) | | | **BridgeOrchestrator** (proxy) | `0x89aB428c437f23bAB9781ff8Db8D3848e27EeD6c` | ✅ Deployed | Phased core (2026-02-11) | | +### GRU c* V2 staged/live tokens (Chain 138) + +| Contract | Address | Status | Notes | +|----------|---------|--------|-------| +| **cUSDT V2 / CompliantUSDTTokenV2** | `0x9FBfab33882Efe0038DAa608185718b772EE5660` | ✅ Deployed, active in `UniversalAssetRegistry`, and forward-canonical | `versionTag=2`, `currencyCode=USD`, `assetType=GRU`, `forwardCanonical=true`, `tokenURI=ipfs://.../cusdt-v2/metadata.json` as of April 3, 2026. Supersedes earlier staged address `0x8d342d321DdEe97D0c5011DAF8ca0B59DA617D29`. | +| **cUSDC V2 / CompliantUSDCTokenV2** | `0x219522c60e83dEe01FC5b0329d6fA8fD84b9D13d` | ✅ Deployed, active in `UniversalAssetRegistry`, and forward-canonical | `versionTag=2`, `currencyCode=USD`, `assetType=GRU`, `forwardCanonical=true`, `tokenURI=ipfs://.../cusdc-v2/metadata.json` as of April 3, 2026. Supersedes earlier staged address `0x1ac3F4942a71E86A9682D91837E1E71b7BACdF99`. | + +### Gas-native compliant rollout (deployed 2026-04-05) + +| Contract | Address | Status | Notes | +|----------|---------|--------|-------| +| **CWAssetReserveVerifier** | `0xbf26a679586663f87f3bf3f52c79479b8aa8d854` | ✅ Deployed, not yet attached | Generic verifier for gas-native lanes. Safe to reference for rollout planning; do not treat it as active bridge policy until the live L1 bridge is explicitly wired to it. | +| **cETH** | `0xf8e9802a1766422e33a269556ad5fc032338eefc` | ✅ Deployed on Chain 138 | Canonical gas token for `eth_mainnet`. | +| **cETHL2** | `0x18a6b163d255cc0cb32b99697843b487d059907d` | ✅ Deployed on Chain 138 | Canonical gas token for shared `eth_l2`. | +| **cBNB** | `0x94517875f32680984a5921da7abf78e22f65d70f` | ✅ Deployed on Chain 138 | Canonical gas token for BNB Chain. | +| **cPOL** | `0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c` | ✅ Deployed on Chain 138 | Canonical gas token for Polygon. | +| **cAVAX** | `0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0` | ✅ Deployed on Chain 138 | Canonical gas token for Avalanche. | +| **cCRO** | `0xfb48bb6c623571f9795b535b73f0d660e8643fd4` | ✅ Deployed on Chain 138 | Canonical gas token for Cronos. | +| **cXDAI** | `0xa39a59138f8a45b4a31455875b8a29ff31e76ec8` | ✅ Deployed on Chain 138 | Canonical gas token for Gnosis. | +| **cCELO** | `0x1814661dae0933bf397b1274f5a62411b94195c7` | ✅ Deployed on Chain 138 | Canonical gas token for Celo. | +| **cWEMIX** | `0x4d82206bec5b4dfa17759ffede07e35f4f63a050` | ✅ Deployed on Chain 138 | Canonical gas token for Wemix. Public-chain mirror still pending. | + +### Gas-native public mirrors (deployed 2026-04-05) + +| Chain | Contract | Address | Status | +|------|----------|---------|--------| +| Ethereum mainnet (`1`) | **cWETH** | `0xf6dc5587e18f27adff60e303fdd98f35b50fa8a5` | ✅ Deployed, bridge minter/burner roles granted | +| Optimism (`10`) | **cWETHL2** | `0x95007ec50d0766162f77848edf7bdc4eba147fb4` | ✅ Deployed, bridge minter/burner roles granted | +| Cronos (`25`) | **cWCRO** | `0x9b10eb0f77c45322dbd1fcb07176fd9a7609c164` | ✅ Deployed, bridge minter/burner roles granted | +| BNB Chain (`56`) | **cWBNB** | `0x179034a08ac2c9c35d2e41239f68c79dca6f18fa` | ✅ Deployed, bridge minter/burner roles granted | +| Gnosis (`100`) | **cWXDAI** | `0x9f833b4f1012f52eb3317b09922a79c6edfca77d` | ✅ Deployed, bridge minter/burner roles granted | +| Polygon (`137`) | **cWPOL** | `0x25980244aacecb6d8c4b887261ed27f87cb2fc73` | ✅ Deployed, bridge minter/burner roles granted | +| Arbitrum One (`42161`) | **cWETHL2** | `0xe27be001bc55cb2a8ed5ba5a62c834ca135244a3` | ✅ Deployed, bridge minter/burner roles granted | +| Celo (`42220`) | **cWCELO** | `0xb0fa7ec4123c7c275b3a89d9239569707ea3c66a` | ✅ Deployed, bridge minter/burner roles granted | +| Avalanche (`43114`) | **cWAVAX** | `0xe1d4aee2ef8f48a20338935188a8fe7f7c7de7d0` | ✅ Deployed, bridge minter/burner roles granted | +| Base (`8453`) | **cWETHL2** | `0x2a0840e5117683b11682ac46f5cf5621e67269e3` | ✅ Deployed, bridge minter/burner roles granted | +| Wemix (`1111`) | **cWWEMIX** | Pending | Mirror not deployed yet; `CW_BRIDGE_WEMIX` and destination gas funding are still missing. | + +**Wemix note:** historical broadcast artifacts exist for prior `DeployWETHBridges.s.sol` runs on `1111`, but the recorded bridge addresses do not currently resolve to bytecode on-chain. Treat `CW_BRIDGE_WEMIX` as unset until a live bridge deployment is completed and funded. + ### Channels / Mirror / Trustless / Reserve / Vault (deployed 2026-02-11; mirror 2026-02-12) | Contract | Address | Notes | @@ -100,10 +141,73 @@ Contracts deployed after chain initialization: | Contract | Address | Status / Notes | |----------|---------|----------------| -| **DODOPMMIntegration** | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | ✅ Canonical corrected stack; desired-state sync reconciled on 2026-03-26. | -| **DODOPMMProvider** | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` | ✅ Canonical corrected stack; 104/104 desired-state routes aligned on 2026-03-26. | +| **DODO DVMFactory** | `0xc93870594C7f83A0aE076c2e30b494Efc526b68E` | ✅ Self-deployed official DODO V2 DVMFactory on Chain 138. Not DODO-listed, but canonical for this repo. | +| **DODO Vending Machine / DVMFactoryAdapter** | `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C` | ✅ Canonical `DODO_VENDING_MACHINE_ADDRESS` used by `DODOPMMIntegration`. | +| **DODOPMMIntegration** | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` | ✅ Canonical official-DVM-backed integration deployed 2026-04-01. Use this for stable-pool routing, token-aggregation, and explorer fallback reads. | +| **DODOPMMProvider** | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` | ✅ Canonical provider deployed 2026-04-02 and registered against the current integration. | +| **DODOPMMIntegration (older PMM phase / supplemental only)** | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | Historical/supplemental integration retained for older XAU-phase references and reserve probes. Do **not** use as the canonical stable-routing or explorer-fallback source. | | **TransactionMirror** | `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc` (Chain 138; deployed 2026-02-27) | Set `TRANSACTION_MIRROR_ADDRESS` in `smom-dbis-138/.env`. Deploy: `./scripts/deployment/deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh`. | -| **DODO cUSDT/cUSDC pool** | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | ✅ Live on canonical corrected stack. See [LIQUIDITY_POOLS_MASTER_MAP](LIQUIDITY_POOLS_MASTER_MAP.md). | +| **DODO cUSDT/cUSDC pool** | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | ✅ Funded on the current canonical stack; recreated 2026-04-02 with `i=1e18`, `k=0` for true 1:1 stable quoting. | +| **DODO cUSDT/USDT pool** | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | ✅ Funded on the current canonical stack; recreated 2026-04-02 with `i=1e18`, `k=0`. | +| **DODO cUSDC/USDC pool** | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | ✅ Funded on the current canonical stack; recreated 2026-04-02 with `i=1e18`, `k=0`. | + +### DODO v3 / D3MM pilot deployment + native venue layer (Chain 138) + +| Contract / Pool | Address | Status / Notes | +|-----------------|---------|----------------| +| **D3Oracle** | `0xD7459aEa8bB53C83a1e90262777D730539A326F0` | ✅ Deployed 2026-04-02 for the private DODO v3 / D3MM pilot. Blockscout source-verified 2026-04-03. | +| **D3Vault** | `0x42b6867260Fb9eE6d09B7E0233A1fAD65D0133D1` | ✅ Deployed and configured with `WETH10`, `USDT`, `USDC`, `cUSDT`, `cUSDC`. Blockscout source-verified 2026-04-03. | +| **D3MMFactory** | `0x78470C7d2925B6738544E2DD4FE7c07CcA21AC31` | ✅ Deployed. Standard-input Blockscout verification submission path is wired in `bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh`; explorer currently exposes bytecode metadata but has not fully materialized source metadata yet. | +| **D3Proxy** | `0xc9a11abB7C63d88546Be24D58a6d95e3762cB843` | ✅ Deployed and used for proof-swap execution. Standard-input Blockscout verification submission path is wired; explorer currently exposes bytecode metadata but has not fully materialized source metadata yet. | +| **Oracle Aggregator (`WETH10` / ETH-USD pilot source)** | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | ✅ Live Chain 138 oracle surface. Promoted into the DODO v3 pilot as the `WETH10` source on 2026-04-02 via `setPriceSource(WETH10)` tx `0xf06a5064a4a2f6514b2d5304e9662b8b3aa003c109f214de8710bd9a8304f518`. | +| **ManagedStableUsdFeed (USDT / USD)** | `0x7c2Cb2667f0f97f4004aae04B67d94A085E6f0f1` | ✅ Deployed 2026-04-02 and promoted into the pilot on 2026-04-02 via `setPriceSource(USDT)`. Replaces bootstrap mock `0x8c5eD794399C68468985238Fa127958E06e6e87F`. | +| **ManagedStableUsdFeed (USDC / USD)** | `0xf072Ac13D45e6c83296ca18F3E04185B747DD6aa` | ✅ Deployed 2026-04-02 and promoted into the pilot on 2026-04-02 via `setPriceSource(USDC)`. Replaces bootstrap mock `0x102BAe3eBf3C8B93445F4B30c90728fd933CeC84`. | +| **ManagedStableUsdFeed (cUSDT / USD)** | `0x7c96E66F4a0713e327F9e73Cf2721f13DB29036C` | ✅ Deployed 2026-04-02 and promoted into the pilot on 2026-04-02 via `setPriceSource(cUSDT)`. Replaces bootstrap mock `0xd493Bb05e9ddf954E8285c6358ED03a2672A006d`. | +| **ManagedStableUsdFeed (cUSDC / USD)** | `0x291694095232CA80077125F64f6f73076e7910C1` | ✅ Deployed 2026-04-02 and promoted into the pilot on 2026-04-02 via `setPriceSource(cUSDC)`. Replaces bootstrap mock `0xcA85aFc0E24A8ebd69E138928567DcD363758E7A`. | +| **EnhancedSwapRouterV2** | `0xF1c93F54A5C2fc0d7766Ccb0Ad8f157DFB4C99Ce` | ✅ Deployed 2026-04-03. Public `/token-aggregation/api/v2/routes/internal-execution-plan` now targets this router for executable D3 pilot calldata. | +| **IntentBridgeCoordinatorV2** | `0x7D0022B7e8360172fd9C0bB6778113b7Ea3674E7` | ✅ Deployed 2026-04-03 alongside router-v2 for bridge-intent execution plans. | +| **DodoRouteExecutorAdapter** | `0x88495B3dccEA93b0633390fDE71992683121Fa62` | ✅ Deployed 2026-04-03. Canonical DODO V2 executor adapter for router-v2. | +| **DodoV3RouteExecutorAdapter** | `0x9Cb97adD29c52e3B81989BcA2E33D46074B530eF` | ✅ Deployed 2026-04-03. Canonical D3 / DODO v3 pilot executor adapter. Live proof swap via router-v2 tx `0x14cd60a226dbab0c96765fff23171569e5a2fc0e35bded03f92668951ced4b57`. | +| **UniswapV3RouteExecutorAdapter** | `0x960D6db4E78705f82995690548556fb2266308EA` | ✅ Deployed 2026-04-03. Router-v2 executor adapter. | +| **BalancerRouteExecutorAdapter** | `0x4E1B71B69188Ab45021c797039b4887a4924157A` | ✅ Deployed 2026-04-03. Router-v2 executor adapter. | +| **CurveRouteExecutorAdapter** | `0x5f0E07071c41ACcD2A1b1032D3bd49b323b9ADE6` | ✅ Deployed 2026-04-03. Router-v2 executor adapter. | +| **OneInchRouteExecutorAdapter** | `0x8168083d29b3293F215392A49D16e7FeF4a02600` | ✅ Deployed 2026-04-03. Router-v2 executor adapter. | +| **UniswapV3Factory** | `0x2f7219276e3ce367dB9ec74C1196a8ecEe67841C` | ✅ Upstream-native Uniswap v3 factory on Chain 138. Public planner now resolves the canonical `uniswap_v3` venue from this factory. | +| **UniswapV3NFTDescriptor** | `0x6F5fdE32DD2aC66B27e296EC9D6F4E79A3dE2947` | ✅ Upstream-native descriptor library. | +| **UniswapV3TokenDescriptor** | `0xca66DCAC4633555033F6fDDBE4234B6913c7ff51` | ✅ Upstream-native position descriptor. | +| **UniswapV3PositionManager** | `0x31b68BE5af4Df565Ce261dfe53D529005D947B48` | ✅ Upstream-native position manager. | +| **UniswapV3Router** | `0xde9cD8ee2811E6E64a41D5F68Be315d33995975E` | ✅ Canonical public upstream-native router on Chain 138 as of 2026-04-03. | +| **UniswapV3QuoterV2** | `0x6abbB1CEb2468e748a03A00CD6aA9BFE893AFa1f` | ✅ Canonical public upstream-native quoter on Chain 138 as of 2026-04-03. | +| **UniswapV3Pool_WETH_USDT** | `0xa893add35aEfe6A6d858EB01828bE4592f12C9F5` | ✅ Canonical fee-500 native `WETH/USDT` pool; seeded with ~`50 WETH` and `105,830 USDT`. | +| **UniswapV3Pool_WETH_USDC** | `0xEC745bfb6b3cd32f102d594E5F432d8d85B19391` | ✅ Canonical fee-500 native `WETH/USDC` pool; seeded with ~`50 WETH` and `105,830 USDC`. | +| **UniswapV3Pool_WETH_USDT (superseded fee-3000 bootstrap)** | `0x97eB7eB01327CF44C4d74a17EFA2130bc10C6Ab6` | ⚠️ Historical bootstrap pool from the first native seeding pass; keep only as an artifact, not a canonical route target. | +| **UniswapV3Pool_WETH_USDC (superseded fee-3000 bootstrap)** | `0xfc62B65028043c7168007Fd094D44097d13696Da` | ⚠️ Historical bootstrap pool from the first native seeding pass; keep only as an artifact, not a canonical route target. | +| **PilotUniswapV3Router / Quoter** | `0xD164D9cCfAcf5D9F91698f296aE0cd245D964384` | ✅ Still deployed, but superseded by the upstream-native Uniswap v3 router/quoter for public planner and canonical route selection. | +| **PilotBalancerVault** | `0x96423d7C1727698D8a25EbFB88131e9422d1a3C3` | ✅ Deployed and funded 2026-04-03. Pilot-compatible `Balancer` vault surface for Chain 138 `WETH/USDT` and `WETH/USDC`. Pool IDs: `0x877cd220759e8c94b82f55450c85d382ae06856c426b56d93092a420facbc324` (`WETH/USDT`), `0xd8dfb18a6baf9b29d8c2dbd74639db87ac558af120df5261dab8e2a5de69013b` (`WETH/USDC`). | +| **PilotCurve3Pool** | `0xE440Ec15805BE4C7BabCD17A63B8C8A08a492e0f` | ✅ Deployed and funded 2026-04-03. Pilot-compatible `Curve_3` stable-stable execution surface for Chain 138 `USDT/USDC`. | +| **PilotOneInchRouter** | `0x500B84b1Bc6F59C1898a5Fe538eA20A758757A4F` | ✅ Deployed and funded 2026-04-03. Pilot-compatible `1inch` execution surface for Chain 138 `WETH/USDT` and `WETH/USDC`. | +| **D3MM (superseded bootstrap)** | `0xE71Bc2cCb62dA5B18F88647db2b4a721Db416fc5` | ⚠️ Do not route through this pool. It was created against the placeholder `WETH9` path and is kept only as a deployment artifact. | +| **D3MM (canonical `WETH10` pilot pool)** | `0x6550A3a59070061a262a893A1D6F3F490afFDBDA` | ✅ Private pilot venue. Re-verified 2026-04-03 with `bash scripts/verify/check-dodo-v3-chain138.sh`: `querySellTokens(WETH10 -> USDT, 0.1)` ≈ `211.66049 USDT`, vault registration OK, and oracle source healthy. | + +**Important:** the public canonical stable-routing set for Chain 138 remains the DODO V2 DVM-backed PMM provider and the three canonical stable pools above. For the wider venue layer, **upstream-native Uniswap v3 is now the canonical public `uniswap_v3` path** on Chain 138, while the current `Balancer`, `Curve_3`, and `1inch` surfaces remain repo-managed pilot-compatible venues. DODO v3 remains the separate private D3 pilot lane. For public planner checks, use the routing asset `WETH` (`0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2`); the separate `CCIPWETH9Bridge` / `CCIPWETH10Bridge` addresses are transport surfaces, not swap-token aliases. + +**Verification helpers:** `bash scripts/verify/check-chain138-pilot-dex-venues.sh`, `bash scripts/verify/check-dodo-v3-chain138.sh`, `bash scripts/verify/check-dodo-v3-planner-visibility-chain138.sh`, and `bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh` + +### Cross-chain flash infrastructure (Chain 138) + +| Contract | Address | Status / Notes | +|----------|---------|----------------| +| **UniversalCCIPFlashBridgeAdapter** | `0xBe9e0B2d4cF6A3b2994d6f2f0904D2B165eB8ffC` | ✅ Deployed and Blockscout-verified 2026-04-03. Bridges flash-borrowed ERC-20 inventory through `UniversalCCIPBridge`. Create tx: `0x8cc4ba611a3d0a6e880f9e21f6390f67aadd6a234df1dc2828788ad775849844`. Verified at `2026-04-03T03:15:53Z`. | +| **CrossChainFlashRepayReceiver** | `0xD084b68cB4B1ef2cBA09CF99FB1B6552fd9b4859` | ✅ Deployed and Blockscout-verified 2026-04-03. Destination-side CCIP delivery leg. Create tx: `0xf1fc28c10956cf368ebfc3d1cdd3150caf8aceacae86964f547a91e66a801e33`. Verified at `2026-04-03T03:11:16Z`. | +| **CrossChainFlashVaultCreditReceiver** | `0x89F7a1fcbBe104BeE96Da4b4b6b7d3AF85f7E661` | ✅ Deployed and Blockscout-verified 2026-04-03. Source-side / same-chain liquidity refill leg for the flash vault. Create tx: `0x085e1cad6e8fbe6642db420563b7b75194a88ec6649fae99cd940c2a894ec1ad`. Verified at `2026-04-03T03:15:34Z`. | + +**Wiring:** the deployed adapter points at `UniversalCCIPBridge=0xCd42e8eD79Dc50599535d1de48d3dAFa0BE156F8`, and both receivers point at `CCIP_ROUTER=0x42DAb7b888Dd382bD5Adcf9E038dBF1fD03b4817`. + +**Verification helper:** `bash scripts/verify/check-cross-chain-flash-infra-chain138.sh` checks bytecode, bridge/router wiring, and Blockscout source-verification status for all three contracts. + +**Public mainnet flash-lender candidates for no-broadcast dry-runs:** `MAINNET_BALANCER_VAULT=0xBA12222222228d8Ba445958a75a0704d566BF2C8` and `MAINNET_AAVE_V3_POOL=0x87870Bca3F3fD6335C3F4ce8392D69350B4fA4E2` with `MAINNET_AAVE_V3_POOL_ADDRESSES_PROVIDER=0x2f39d218133AFaB8F2B819B1066c7E434Ad94E9e`. As of 2026-04-05, the live checker reads Balancer flash fee `0` and Aave `FLASHLOAN_PREMIUM_TOTAL() = 5`, plus live USDC/USDT balances from the Balancer vault and Aave reserve proxies. + +**Current dry-run gap:** the repo still does **not** record a canonical deployed `SimpleERC3156FlashVault` address for same-chain stablecoin flashes on Chain 138. Public PMM dry-runs that need a same-chain ERC-3156 lender still require `FLASH_VAULT` and `FLASH_VAULT_TOKEN` in env, or explicit `--flash-provider-address` / `--flash-provider-token-address` on `scripts/analytics/pmm-flash-push-break-even.mjs`. Use `bash scripts/verify/check-public-pmm-dry-run-readiness.sh` to see the current live/configured state and current public flash caps. ### Deployer / Admin (Chain 138) @@ -138,7 +242,7 @@ CHAIN_ID=138 { "chainId": 138, "chainName": "SMOM-DBIS-138", - "rpcUrls": ["https://rpc-core.d-bis.org"], + "rpcUrls": ["https://rpc-http-pub.d-bis.org"], "nativeCurrency": { "name": "ETH", "symbol": "ETH", @@ -174,7 +278,7 @@ Use these addresses in config and .env. **smom-dbis-138/.env** has been reconcil | UNIVERSAL_CCIP_BRIDGE | `0xCd42e8eD79Dc50599535d1de48d3dAFa0BE156F8` | | BRIDGE_ORCHESTRATOR | `0x89aB428c437f23bAB9781ff8Db8D3848e27EeD6c` | -**Multicall / Oracle Aggregator (operator to confirm):** Address `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` is documented as both. **Action:** Open [explorer](https://explorer.d-bis.org/address/0x99b3511a2d315a497c8112c1fdd8d508d4b1e506), confirm which contract is at this slot (Multicall vs Oracle Aggregator), and document the result here (e.g. "Verified: Multicall" or "Verified: Oracle Aggregator"). See [CONTRACT_NEXT_STEPS_LIST](CONTRACT_NEXT_STEPS_LIST.md) and [OPERATOR_ACTIONS](OPERATOR_ACTIONS.md). +**Multicall / Oracle Aggregator resolution:** Address `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` should now be treated as the live **Oracle Aggregator** slot on Chain 138. A 2026-04-02 Core RPC probe returned valid `latestAnswer()` and `latestRoundData()` responses, while Multicall-style `getEthBalance(address)` did not succeed. Use deployed Multicall `0xF4AA429BE277d1a1a1A744C9e5B3aD821a9b96f7` for new Multicall integrations. **Reconcile .env:** ~~Copy the canonical block from `.env.example` into `.env`.~~ **Done 2026-02-11.** One entry per variable; matches this table. @@ -186,11 +290,24 @@ Sends from Chain 138 to mainnet use the **relay** path (custom router + relay se | Contract (Ethereum Mainnet) | Address | Role | |-----------------------------|---------|------| -| **CCIPRelayRouter** | `0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb` | Receives relayed messages; forwards to bridge | +| **CCIPRelayRouter** | `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` | Active relay router; receives relayed messages and forwards to authorized bridges | | **CCIPRelayBridge** | `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` | Releases WETH to recipient; must be funded with WETH | Chain 138 WETH9 bridges (LINK fee and native ETH fee) have mainnet destination set to **CCIPRelayBridge**. Run the relay service so messages are delivered. The Mainnet bridge is **WETH9-only**; token mapping (138↔Mainnet) and which tokens are relay-supported: [TOKEN_MAPPING_AND_MAINNET_ADDRESSES.md](../07-ccip/TOKEN_MAPPING_AND_MAINNET_ADDRESSES.md). See [CCIP_BRIDGE_MAINNET_CONNECTION.md](../07-ccip/CCIP_BRIDGE_MAINNET_CONNECTION.md). +### Ethereum mainnet — optional GRU cW PMM + TRUU volatile rail (DODO) + +These are **not** Chain 138 contracts; they support the optional Mainnet **Truth (TRUU)** PMM lane documented in [MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md](../03-deployment/MAINNET_PMM_TRUU_CWUSD_PEG_AND_BOT_RUNBOOK.md) and `cross-chain-pmm-lps/config/deployment-status.json` (`chains."1"`). + +| Item | Address | Notes | +|------|---------|--------| +| **DODOPMMIntegration (Mainnet)** | `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` | Env: `DODO_PMM_INTEGRATION_MAINNET`. Etherscan source-verified 2026-04-11; provenance/runbook: [ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md](../03-deployment/ETHEREUM_MAINNET_DODOPMMINTEGRATION_VERIFICATION.md). | +| **TRUU** | `0xDAe0faFD65385E7775Cf75b1398735155EF6aCD2` | Anchor in `deployment-status.json`; 10 decimals | +| **PMM pool cWUSDT / TRUU** | `0x508E5e80B66204b8CD9869323Fdd3A289ea50993` | Volatile; `pmmPoolsVolatile[]` | +| **PMM pool cWUSDC / TRUU** | `0x9A632F35078b6A4A9bf27806Bb7aFfAA2F16C846` | Volatile; `pmmPoolsVolatile[]` | + +**cW token addresses on Mainnet** for this program: see `deployment-status.json` `chains."1".cwTokens` (e.g. cWUSDT, cWUSDC). + --- ## 📝 Notes diff --git a/docs/11-references/CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE.md b/docs/11-references/CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE.md index 4cccdaa2..8de62cb8 100644 --- a/docs/11-references/CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE.md +++ b/docs/11-references/CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE.md @@ -1,6 +1,6 @@ # Contract Next Steps and Recommendations — Complete -**Last updated:** 2026-02-12 +**Last updated:** 2026-04-03 **Purpose:** Single reference for all next steps (completed, operator action, pending) and all recommendations/suggestions for smart contracts across chains and projects. **Related:** [SMART_CONTRACTS_INVENTORY_ALL_CHAINS](SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md) | [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md) | [CONTRACT_INVENTORY_AND_VERIFICATION](CONTRACT_INVENTORY_AND_VERIFICATION.md) @@ -20,7 +20,10 @@ | Inconsistencies resolved (addresses, bridge fallbacks) | Done | See CONTRACT_INVENTORY_AND_VERIFICATION §7. | | Verification script and proxy | Done | `scripts/verify/run-contract-verification-with-proxy.sh`, `scripts/verify-contracts-blockscout.sh`, `config/contract-addresses.conf`. | | Canonical source of truth and .env reconciliation | Done | [CONTRACT_ADDRESSES_REFERENCE § Canonical source of truth](CONTRACT_ADDRESSES_REFERENCE.md#-canonical-source-of-truth-chain-138): single canonical address per contract; note to remove duplicate keys in `.env`. | -| On-chain check script (full canonical list) | Done | `scripts/verify/check-contracts-on-chain-138.sh` includes **59** Chain 138 addresses (core, CCIP, PMM, vault/reserve, CompliantFiatTokens; see CONTRACT_ADDRESSES_REFERENCE). **Run (uses RPC_URL_138):** `./scripts/verify/check-contracts-on-chain-138.sh`. Chain 138 deploys: use `--with-gas-price 1000000000`. | +| On-chain check script (full canonical list) | Done | `scripts/verify/check-contracts-on-chain-138.sh` now targets **67** canonical Chain 138 addresses (core, CCIP canonical+legacy, PMM, vault/reserve, CompliantFiatTokens, ISO20022Router, and the cross-chain flash trio; see CONTRACT_ADDRESSES_REFERENCE). **Run (uses RPC_URL_138):** `./scripts/verify/check-contracts-on-chain-138.sh`. Chain 138 deploys: use `--with-gas-price 1000000000`. | +| Cross-chain flash verification | Done | `scripts/verify/check-cross-chain-flash-infra-chain138.sh` validates bytecode, router/bridge wiring, and Blockscout verification for `UniversalCCIPFlashBridgeAdapter`, `CrossChainFlashRepayReceiver`, and `CrossChainFlashVaultCreditReceiver`. | +| DODO v3 pilot health verification | Done | `scripts/verify/check-dodo-v3-chain138.sh` validates the canonical private `WETH10` D3MM pool, vault registration, oracle source, and quote health. | +| DODO v3 planner visibility verification | Done | `scripts/verify/check-dodo-v3-planner-visibility-chain138.sh` confirms `dodo_v3` provider capability is live in planner-v2, planner quotes select the canonical `WETH10 -> USDT` pilot route, route-matrix visibility includes the canonical D3 pool, and internal execution-plan calldata now targets the live `EnhancedSwapRouterV2` D3 adapter path. | | Phased core (138) deployed | Done | 2026-02-11: UniversalAssetRegistry, GovernanceController, UniversalCCIPBridge, BridgeOrchestrator (proxies). Addresses in CONTRACT_ADDRESSES_REFERENCE and .env. | | Channel manager docs and runbooks (smom-dbis-138) | Done | Payment/state channel deployment, gas report, incident runbook, watchtower, future work; see smom-dbis-138 `docs/channels/` and `docs/deployment/PAYMENT_CHANNELS_DEPLOYMENT.md`. | @@ -28,12 +31,12 @@ | Step | Action | Command / reference | |------|--------|----------------------| -| Confirm every Chain 138 contract on-chain | Done via VMID 2101 | All 36 addresses checked (run `./scripts/verify/check-contracts-on-chain-138.sh`; uses `RPC_URL_138`). Re-run when new contracts are deployed. | -| Run Blockscout source verification | From host that can reach Blockscout (e.g. LAN) | `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh` | +| Confirm every Chain 138 contract on-chain | Done via VMID 2101 / Core RPC | Current canonical result is **75/75 present** (run `./scripts/verify/check-contracts-on-chain-138.sh`; uses `RPC_URL_138`). Re-run when new contracts are deployed. | +| Run Blockscout source verification | From host that can reach Blockscout (e.g. LAN) | `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh`. The cross-chain flash trio is already Blockscout-verified and covered by `bash scripts/verify/check-cross-chain-flash-infra-chain138.sh`. | | Reconcile .env (single source of truth) | **Done 2026-02-12:** CCIPWETH9_BRIDGE_CHAIN138 set to canonical `0x971c...`; added RPC_URL_138 (standard), MERCHANT_SETTLEMENT_REGISTRY, SETTLEMENT_REGISTRY_ADDRESS, WITHDRAWAL_ESCROW_ADDRESS, RESERVE_TOKEN_INTEGRATION, REGULATED_ENTITY_REGISTRY. One entry per variable. | [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md). Re-run reconciliation if new contracts are deployed. | | Verify Multicall vs Oracle Aggregator at same slot | Check explorer.d-bis.org for `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | CONTRACT_ADDRESSES_REFERENCE notes both; confirm on explorer and document which contract is at this slot. | | Deploy phased core (138) | **Done 2026-02-11** | UniversalAssetRegistry, GovernanceController, UniversalCCIPBridge, BridgeOrchestrator deployed (proxies). Addresses in [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md); re-run 01/02 only if redeploying. | -| Optional: deploy trustless bridge | If using trustless bridge stack | Deploy from `script/bridge/trustless/`; replace placeholders in `config/production/.env.production.example`. | +| Optional: expand trustless bridge | If extending beyond the already-live Chain 138 trustless deployment | Deploy from `script/bridge/trustless/`; replace placeholders in `config/production/.env.production.example`. | | Optional: mainnet/multichain deployments | If deploying to other chains | Use `DeployAll.s.sol` or chain-specific scripts; document addresses per chain. | ### Pending (when needed) @@ -42,11 +45,11 @@ |------|------|-----------| | CREATE2 / deterministic core | **Done 2026-02-11** — Deployed + setCCIPRouter(router) on Chain 138 | Addresses in [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md) § CREATE2 / Deterministic | | Vault / reserve / Keeper | When vault or reserve flow needed | `script/deploy/vault/`, `script/reserve/` | -| Dodo / swap integration | When DEX integration needed | `script/deploy/dex/`, `script/bridge/trustless/DeployEnhancedSwapRouter.s.sol` | +| Dodo / swap integration | When promoting beyond the current stable V2 public execution stack and private D3 pilot | `script/deploy/dex/`, `script/bridge/trustless/DeployEnhancedSwapRouter.s.sol`, `bash scripts/verify/check-dodo-v3-chain138.sh`, `bash scripts/verify/check-dodo-v3-planner-visibility-chain138.sh` | | eMoney / smart accounts | When eMoney or account abstraction needed | `script/emoney/`, `script/smart-accounts/` | | Firefly | Auto-deployed by Firefly | VMID 6200; no repo action. | | AddressMapper / MirrorManager (Chain 138) | **Done 2026-02-12** | Deployed at `0x439Fcb2d2ab2f890DCcAE50461Fa7d978F9Ffe1A`, `0x6eD905A30c552a6e003061A38FD52A5A427beE56`. TransactionMirror: use `forge create` with `--with-gas-price 1000000000` if script fails. | -| PaymentChannelManager / GenericStateChannelManager | When channel features needed on Mainnet or Chain-138 | Deploy via smom-dbis-138 `script/DeployPaymentChannelManager.s.sol`, `script/DeployGenericStateChannelManager.s.sol`; **Chain 138:** use `--with-gas-price 1000000000`. See smom-dbis-138 `docs/deployment/PAYMENT_CHANNELS_DEPLOYMENT.md`. | +| PaymentChannelManager / GenericStateChannelManager | When channel features are needed beyond the already-live Chain 138 deployment | Deploy via smom-dbis-138 `script/DeployPaymentChannelManager.s.sol`, `script/DeployGenericStateChannelManager.s.sol`; **Chain 138:** use `--with-gas-price 1000000000`. See smom-dbis-138 `docs/deployment/PAYMENT_CHANNELS_DEPLOYMENT.md`. | --- @@ -152,7 +155,7 @@ Manual verification: https://explorer.d-bis.org/address/
#verify-contrac | Task | Command | |------|--------| -| On-chain check (Chain 138) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` (26 addresses; use `SKIP_EXIT=1` for report-only when RPC unreachable) | +| On-chain check (Chain 138) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` (67-address canonical target; use `SKIP_EXIT=1` for report-only when RPC unreachable) | | Deployer balances (gas tokens) | `cd smom-dbis-138 && ./scripts/deployment/check-balances-gas-and-deploy.sh` | | Deployer tokens (all networks) | `cd smom-dbis-138 && ./scripts/deployment/list-deployer-tokens-all-networks.sh` | | Deploy phased core (138) | `cd smom-dbis-138 && ./scripts/deployment/check-balances-gas-and-deploy.sh --deploy` (uses GAS_PRICE_138=1000000000) | diff --git a/docs/11-references/CONTRACT_NEXT_STEPS_LIST.md b/docs/11-references/CONTRACT_NEXT_STEPS_LIST.md index 6a847210..ea7bc517 100644 --- a/docs/11-references/CONTRACT_NEXT_STEPS_LIST.md +++ b/docs/11-references/CONTRACT_NEXT_STEPS_LIST.md @@ -9,18 +9,18 @@ | # | Task | Type | Status | |---|------|------|--------| | 1 | **Chain 138 next steps (all in one)** | Operator | `./scripts/deployment/run-all-next-steps-chain138.sh` — preflight → mirror+pool → register c* as GRU → verify; use `--skip-mirror` if mirror exists. | -| 2 | On-chain check (**64** addresses; run check-contracts-on-chain-138.sh) | Operator | Run `./scripts/verify/check-contracts-on-chain-138.sh` from host with RPC | -| 3 | Blockscout source verification | Operator | Run from host that can reach Blockscout | +| 2 | On-chain check (**88** addresses; run check-contracts-on-chain-138.sh) | Operator | Run `./scripts/verify/check-contracts-on-chain-138.sh` from host with RPC | +| 3 | Blockscout source verification | Operator | Ongoing for any newly deployed contracts; current flash trio is already verified | | 4 | Reconcile .env | Repo | Done 2026-02-11 | | 5 | Multicall vs Oracle at 0x99b3... | Operator | Confirm on explorer; document in CONTRACT_ADDRESSES_REFERENCE | | 6 | Deploy phased core (138) | Optional | Done 2026-02-11 | -| 7 | Deploy trustless bridge | Optional | When needed; script/bridge/trustless/ | +| 7 | Deploy trustless bridge | Optional | Chain 138 `Lockbox138` is already live; expand or redeploy only when needed | | 8 | Mainnet/multichain deployments | Optional | DeployAll or chain scripts; document addresses | | 9 | CREATE2 / deterministic core | Pending | When needed | | 10 | Vault / reserve / Keeper | Pending | When needed | -| 11 | Dodo / swap integration | Pending | When needed | -| 12 | eMoney / smart accounts | Pending | When needed | -| 13 | PaymentChannelManager / GenericStateChannelManager | Pending | When needed; see PAYMENT_CHANNELS_DEPLOYMENT.md | +| 11 | Dodo / swap integration | Partial | Canonical DODO V2 stable routing is live; DODO v3 pilot plus planner-v2/public `/token-aggregation/api/v2` visibility and router-v2 execution are live/private; broader promotion and venue expansion remain | +| 12 | eMoney / smart accounts | Pending | When broader eMoney / AA rollout is needed | +| 13 | PaymentChannelManager / GenericStateChannelManager | Partial | Chain 138 deploy is already done; expand to additional chains or features when needed | --- @@ -33,7 +33,10 @@ - [x] Address inconsistencies resolved (CONTRACT_INVENTORY_AND_VERIFICATION §7) - [x] Verification script and proxy: `scripts/verify/run-contract-verification-with-proxy.sh`, etc. - [x] Canonical source of truth: [CONTRACT_ADDRESSES_REFERENCE § Canonical](CONTRACT_ADDRESSES_REFERENCE.md#-canonical-source-of-truth-chain-138) -- [x] On-chain check script: `scripts/verify/check-contracts-on-chain-138.sh` (36 addresses: canonical + channels/mirror/trustless + CREATE2) +- [x] On-chain check script: `scripts/verify/check-contracts-on-chain-138.sh` (current canonical target: 88 addresses, including ISO20022Router, the cross-chain flash trio, the deployed GRU USD V2 addresses, the router-v2 execution stack, the upstream-native Uniswap v3 deployment, and the funded pilot-compatible venue layer) +- [x] Cross-chain flash verifier: `scripts/verify/check-cross-chain-flash-infra-chain138.sh` (bytecode, wiring, Blockscout verification) +- [x] DODO v3 pilot verifier: `scripts/verify/check-dodo-v3-chain138.sh` (canonical D3MM pool, vault registration, oracle source, quote probe) +- [x] DODO v3 planner visibility verifier: `scripts/verify/check-dodo-v3-planner-visibility-chain138.sh` (provider capability, planner route, executable routePlan/internal execution plan, route matrix) - [x] Deployer balance & gas check: `smom-dbis-138/scripts/deployment/check-balances-gas-and-deploy.sh` - [x] Deployer tokens (all networks): `smom-dbis-138/scripts/deployment/list-deployer-tokens-all-networks.sh` - [x] Phased core (138) deployed 2026-02-11: UniversalAssetRegistry, GovernanceController, UniversalCCIPBridge, BridgeOrchestrator (see CONTRACT_ADDRESSES_REFERENCE) @@ -45,17 +48,19 @@ **Last run summary:** [OPERATOR_RUN_SUMMARY](OPERATOR_RUN_SUMMARY.md) (2026-02-11). From a host without LAN/VPN: on-chain check and Blockscout were run but RPC/Blockscout unreachable; .env verified reconciled; Multicall/Oracle not confirmed (explorer timeout). -- [x] **On-chain check:** Run `./scripts/verify/check-contracts-on-chain-138.sh` — **Done 2026-02-11** (26/26 OK). Re-run when new contracts are deployed. -- [ ] **Blockscout verification:** From host that can reach Blockscout: `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh`. Or verify each contract at https://explorer.d-bis.org/address/
#verify-contract. +- [x] **On-chain check:** Run `./scripts/verify/check-contracts-on-chain-138.sh` — current canonical result is **88/88 OK**. Re-run when new contracts are deployed. +- [ ] **Blockscout verification (broad sweep / new deploys):** From host that can reach Blockscout: `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh`. Or verify each contract at https://explorer.d-bis.org/address/
#verify-contract. The cross-chain flash trio is already verified and is checked by `bash scripts/verify/check-cross-chain-flash-infra-chain138.sh`. - [x] **Reconcile .env:** Verified 2026-02-11: `smom-dbis-138/.env` has one entry per variable and matches [CONTRACT_ADDRESSES_REFERENCE § Canonical](CONTRACT_ADDRESSES_REFERENCE.md#-canonical-source-of-truth-chain-138). No change needed. - [x] **Multicall vs Oracle at 0x99b3...:** **Done 2026-02-11.** Confirmed via RPC (`latestRoundData()` returns data, `getBlockNumber()` reverts): **Oracle Aggregator**. Documented in [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md). +- [x] **Cross-chain flash infra:** **Done 2026-04-03.** Deployed, wired, and Blockscout-verified; re-check with `bash scripts/verify/check-cross-chain-flash-infra-chain138.sh`. +- [x] **DODO v3 pilot health:** **Done 2026-04-03.** Canonical `WETH10` pilot pool is healthy; re-check with `bash scripts/verify/check-dodo-v3-chain138.sh`. --- ## Optional (when needed) - [x] ~~Deploy phased core (138)~~ — **Done 2026-02-11.** Addresses in CONTRACT_ADDRESSES_REFERENCE. To redeploy: `cd smom-dbis-138 && ./scripts/deployment/check-balances-gas-and-deploy.sh --deploy`. -- [ ] Deploy trustless bridge: from `script/bridge/trustless/`; update config/production placeholders. +- [ ] Expand trustless bridge beyond the current Chain 138 deployment: use `script/bridge/trustless/`; update config/production placeholders when extending the stack. - [ ] Mainnet/multichain: use DeployAll or chain-specific scripts; document addresses per chain. --- @@ -65,9 +70,9 @@ - [x] ~~AddressMapper / MirrorManager (Chain 138)~~ — Deployed 2026-02-12. TransactionMirror: deploy via `forge create` with `--with-gas-price 1000000000` if script fails. - [ ] CREATE2 / deterministic core (when needed) - [ ] Vault / reserve / Keeper -- [ ] Dodo / swap integration +- [ ] Public execution promotion of DODO / swap integration beyond the current stable V2 stack and private D3 pilot - [ ] eMoney / smart accounts -- [ ] PaymentChannelManager / GenericStateChannelManager (see smom-dbis-138 PAYMENT_CHANNELS_DEPLOYMENT.md). **Chain 138:** use `--with-gas-price 1000000000`. +- [ ] PaymentChannelManager / GenericStateChannelManager expansion beyond the already-deployed Chain 138 contracts (see smom-dbis-138 PAYMENT_CHANNELS_DEPLOYMENT.md). **Chain 138:** use `--with-gas-price 1000000000`. --- diff --git a/docs/11-references/CONTRACT_REMAINING_OPERATOR_ACTIONS.md b/docs/11-references/CONTRACT_REMAINING_OPERATOR_ACTIONS.md index 9cb0e70b..6a542dc1 100644 --- a/docs/11-references/CONTRACT_REMAINING_OPERATOR_ACTIONS.md +++ b/docs/11-references/CONTRACT_REMAINING_OPERATOR_ACTIONS.md @@ -6,7 +6,7 @@ Single list of actions that require an operator (network or explorer access). In - Full inventory: SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md - Canonical addresses: CONTRACT_ADDRESSES_REFERENCE.md -- On-chain check script: scripts/verify/check-contracts-on-chain-138.sh (26 addresses including phased core; SKIP_EXIT=1 for report-only) +- On-chain check script: `scripts/verify/check-contracts-on-chain-138.sh` (current canonical target `75/75`; use `SKIP_EXIT=1` for report-only) - Phased core (138) deployed 2026-02-11; .env reconciled (one entry per variable) - Inventory and verification: CONTRACT_INVENTORY_AND_VERIFICATION.md - Next steps: CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE.md @@ -16,7 +16,7 @@ Single list of actions that require an operator (network or explorer access). In **Single checklist:** [CONTRACT_NEXT_STEPS_LIST](CONTRACT_NEXT_STEPS_LIST.md). -1. Confirm all 26 Chain 138 contracts on-chain: run `./scripts/verify/check-contracts-on-chain-138.sh` from a host where RPC is reachable, or open each address on explorer.d-bis.org. Use `SKIP_EXIT=1` for report-only when RPC is unreachable. +1. Confirm the full current Chain 138 canonical inventory on-chain: run `./scripts/verify/check-contracts-on-chain-138.sh` from a host where RPC is reachable, or open each address on explorer.d-bis.org. Current operator-facing target is **75/75**. Use `SKIP_EXIT=1` for report-only when RPC is unreachable. 2. Run Blockscout source verification from a host that can reach Blockscout (see CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE Part 4). 3. ~~Reconcile `.env`~~ — **Done 2026-02-11.** One entry per variable; matches CONTRACT_ADDRESSES_REFERENCE. 4. Confirm at explorer which contract is at `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` (Multicall vs Oracle Aggregator) and document in CONTRACT_ADDRESSES_REFERENCE. diff --git a/docs/11-references/CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md b/docs/11-references/CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md new file mode 100644 index 00000000..83825abc --- /dev/null +++ b/docs/11-references/CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md @@ -0,0 +1,136 @@ +# Contract Verification And Publication Matrix (All Networks) + +**Generated:** 2026-04-11T21:10:30.092Z +**Authoritative sources:** `config/smart-contracts-master.json`, `cross-chain-pmm-lps/config/deployment-status.json` + +This matrix is the canonical repo-level inventory for **what still needs explorer verification and publication coverage across every network currently tracked in the workspace**. + +## Meaning + +- **Verification** = source or deployment metadata is verified on the network explorer used for that chain. +- **Publication** = the deployment is also reflected in the repo’s public inventories, token mappings, PMM status, and explorer-facing docs/config where applicable. +- **Pending** means the repo knows the address, but does not yet have a machine-confirmed proof here that explorer verification/publication is complete. + +## Chain Summary + +| Chain ID | Chain | Total Entries | Canonical Contracts | cW / Gas Mirrors | PMM Pools | Explorer | +| --- | --- | ---: | ---: | ---: | ---: | --- | +| 1 | Ethereum Mainnet | 36 | 3 | 14 | 13 | https://etherscan.io | +| 10 | Optimism | 21 | 0 | 14 | 2 | https://optimistic.etherscan.io | +| 25 | Cronos | 19 | 0 | 14 | 2 | https://cronoscan.com | +| 56 | BSC | 18 | 0 | 16 | 0 | https://bscscan.com | +| 100 | Gnosis | 18 | 0 | 14 | 0 | https://gnosisscan.io | +| 137 | Polygon | 22 | 0 | 15 | 2 | https://polygonscan.com | +| 138 | Chain 138 | 115 | 115 | 0 | 0 | https://blockscout.defi-oracle.io | +| 1111 | Wemix | 4 | 0 | 2 | 0 | https://explorer.wemix.com | +| 8453 | Base | 19 | 0 | 14 | 0 | https://basescan.org | +| 42161 | Arbitrum | 19 | 0 | 14 | 0 | https://arbiscan.io | +| 42220 | Celo | 19 | 0 | 16 | 0 | https://celoscan.io | +| 43114 | Avalanche | 19 | 0 | 16 | 0 | https://snowtrace.io | + +## Required operator path + +1. **Chain 138 canonical contracts** + - Run: `bash scripts/verify/run-contract-verification-with-proxy.sh` + - Recheck: `bash scripts/verify/check-contracts-on-chain-138.sh` +2. **Chain 138 DODO v3 pilot** + - Run: `bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh` +3. **Other EVM chains** + - Verify on the chain explorer shown below. + - If the repo owns the deployment, keep token/pool/mapping docs updated after explorer verification. +4. **Publication closure** + - Update `config/smart-contracts-master.json`, `cross-chain-pmm-lps/config/deployment-status.json`, token lists, and any chain-specific runbooks after verification is confirmed. + +## Inventory sample + +The JSON report in `reports/status/contract_verification_publish_matrix.json` contains the full set. The first 80 rows are shown here for readability. + +| Chain ID | Chain | Type | Label | Address | Verifier | Automation | Explorer | Verify | Publish | +| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | +| 1 | Ethereum Mainnet | anchor_token | TRUU | `0xDAe0faFD65385E7775Cf75b1398735155EF6aCD2` | etherscan | reference-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | anchor_token | USDC | `0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48` | etherscan | reference-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | anchor_token | USDT | `0xdAC17F958D2ee523a2206206994597C13D831ec7` | etherscan | reference-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | canonical_contract | CCIP_Relay_Bridge | `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` | etherscan | manual-or-external | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | canonical_contract | CCIP_Relay_Router | `0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb` | etherscan | manual-or-external | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | canonical_contract | DODOPMMIntegration_Mainnet | `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` | etherscan | manual-or-external | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWAUDC | `0x5020Db641B3Fc0dAbBc0c688C845bc4E3699f35F` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWBTC | `0xcb7c000000000000000000000000000000000001` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWCADC | `0x209FE32fe7B541751D190ae4e50cd005DcF8EDb4` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWCHFC | `0x0F91C5E6Ddd46403746aAC970D05d70FFe404780` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWEURC | `0xD4aEAa8cD3fB41Dc8437FaC7639B6d91B60A5e8d` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWEURT | `0x855d74FFB6CF75721a9bAbc8B2ed35c8119241dC` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWGBPC | `0xc074007dc0bfb384b1cf6426a56287ed23fe4d52` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWGBPT | `0x1dDF9970F01c76A692Fdba2706203E6f16e0C46F` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWJPYC | `0x07EEd0D7dD40984e47B9D3a3bdded1c536435582` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWUSDC | `0x2de5F116bFcE3d0f922d9C8351e0c5Fc24b9284a` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWUSDT | `0xaF5017d0163ecb99D9B5D94e3b4D7b09Af44D8AE` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWXAUC | `0x572Be0fa8CA0534d642A567CEDb398B771D8a715` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | cw_token | cWXAUT | `0xACE1DBF857549a11aF1322e1f91F2F64b029c906` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | gas_mirror | cWETH | `0xf6dc5587e18f27adff60e303fdd98f35b50fa8a5` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWAUDC/USDC | `0x6c1bD4F43c5f330E50B61DE81066dA7C61a9b5b4` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWCADC/USDC | `0xE0F35b5736FDd0a2F4B618621b0A08F8D8A3f92A` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWCHFC/USDC | `0x776Ca556deD3245984F504F4bef8Eeec55C50190` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWEURC/USDC | `0x0bC750F9c6DbDcd76B205695A356491b1B9ef098` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWGBPC/USDC | `0x5488042dF882893a3e7074453E2005CaDE4101b0` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWJPYC/USDC | `0x8A4187dF0A8FE855cC53A4F7B2D8346588Ee9794` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWUSDC/USDC | `0x69776fc607e9edA8042e320e7e43f54d06c68f0E` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWUSDC/USDT | `0xCC0fd27A40775c9AfcD2BBd3f7c902b0192c247A` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWUSDT/cWUSDC | `0xe944b7Cb012A0820c07f54D51e92f0e1C74168DB` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWUSDT/USDC | `0x27f3aE7EE71Be3d77bAf17d4435cF8B895DD25D2` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool | cWUSDT/USDT | `0x79156F6B7bf71a1B72D78189B540A89A6C13F6FC` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool_volatile | cWUSDC/TRUU | `0x9A632F35078b6A4A9bf27806Bb7aFfAA2F16C846` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | pmm_pool_volatile | cWUSDT/TRUU | `0x508E5e80B66204b8CD9869323Fdd3A289ea50993` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | reference_venue | balancer:cWETH/USDC | `0xba11000000000000000000000000000000000001` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | reference_venue | curve:cWETH/USDC | `0xc711000000000000000000000000000000000001` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 1 | Ethereum Mainnet | reference_venue | uniswap_v3:cWETH/WETH | `0x7111000000000000000000000000000000000001` | etherscan | inventory-only | https://etherscan.io | pending | pending | +| 10 | Optimism | anchor_token | USDC | `0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359` | etherscan-family | reference-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | anchor_token | USDT | `0xc2132D05D31c914a87C6611C10748AEb04B58e8F` | etherscan-family | reference-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWAUDC | `0x25603ae4bff0b71d637b3573d1b6657f5f6d17ef` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWBTC | `0xcb7c00000000000000000000000000000000000a` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWCADC | `0x9f6d2578003fe04e58a9819a4943732f2a203a61` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWCHFC | `0x4d9bc6c74ba65e37c4139f0aec9fc5ddff28dcc4` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWEURC | `0x4ab39b5bab7b463435209a9039bd40cf241f5a82` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWEURT | `0x6f521cd9fcf7884cd4e9486c7790e818638e09dd` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWGBPC | `0x3f8c409c6072a2b6a4ff17071927ba70f80c725f` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWGBPT | `0x456373d095d6b9260f01709f93fccf1d8aa14d11` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWJPYC | `0x8e54c52d34a684e22865ac9f2d7c27c30561a7b9` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWUSDC | `0x377a5FaA3162b3Fc6f4e267301A3c817bAd18105` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWUSDT | `0x04B2AE3c3bb3d70Df506FAd8717b0FBFC78ED7E6` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWXAUC | `0xddc4063f770f7c49d00b5a10fb552e922aa39b2c` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | cw_token | cWXAUT | `0x145e8e8c49b6a021969dd9d2c01c8fea44374f61` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | gas_mirror | cWETHL2 | `0x95007ec50d0766162f77848edf7bdc4eba147fb4` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | pmm_pool | cWUSDC/USDC | `0x8F1038dE06d799a30D16d8B0b0ADEe629e7d4547` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | pmm_pool | cWUSDT/USDT | `0xFCB0b0Ac36d67EDBA91100c75C27De945357CD62` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | reference_venue | balancer:cWETHL2/USDC | `0xba2100000000000000000000000000000000000a` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | reference_venue | curve:cWETHL2/USDC | `0xc72100000000000000000000000000000000000a` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 10 | Optimism | reference_venue | uniswap_v3:cWETHL2/WETH | `0x712100000000000000000000000000000000000a` | etherscan-family | inventory-only | https://optimistic.etherscan.io | pending | pending | +| 25 | Cronos | anchor_token | USDC | `0x3c499c542cEF5E3811e1192ce70d8cC03d5c3359` | etherscan-family | reference-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | anchor_token | USDT | `0xc2132D05D31c914a87C6611C10748AEb04B58e8F` | etherscan-family | reference-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWAUDC | `0xff3084410A732231472Ee9f93F5855dA89CC5254` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWBTC | `0xcb7c000000000000000000000000000000000019` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWCADC | `0x32aD687F24F77bF8C86605c202c829163Ac5Ab36` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWCHFC | `0xB55F49D6316322d5caA96D34C6e4b1003BD3E670` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWEURC | `0x7574d37F42528B47c88962931e48FC61608a4050` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWEURT | `0x9f833b4f1012F52eb3317b09922a79c6EdFca77D` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWGBPC | `0xe5c65A76A541368d3061fe9E7A2140cABB903dbF` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWGBPT | `0xBb58fa16bAc8E789f09C14243adEE6480D8213A2` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWJPYC | `0x52aD62B8bD01154e2A4E067F8Dc4144C9988d203` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWUSDC | `0x932566E5bB6BEBF6B035B94f3DE1f75f126304Ec` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWUSDT | `0x72948a7a813B60b37Cd0c920C4657DbFF54312b8` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWXAUC | `0xf1B771c95573113E993374c0c7cB2dc1a7908B12` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | cw_token | cWXAUT | `0xD517C0cF7013f988946A468c880Cc9F8e2A4BCbE` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | gas_mirror | cWCRO | `0x9b10eb0f77c45322dbd1fcb07176fd9a7609c164` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | pmm_pool | cWUSDC/USDC | `0x8F1038dE06d799a30D16d8B0b0ADEe629e7d4547` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | pmm_pool | cWUSDT/USDT | `0xFCB0b0Ac36d67EDBA91100c75C27De945357CD62` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 25 | Cronos | reference_venue | uniswap_v3:cWCRO/WCRO | `0x7161000000000000000000000000000000000019` | etherscan-family | inventory-only | https://cronoscan.com | pending | pending | +| 56 | BSC | anchor_token | USDT | `0x55d398326f99059fF775485246999027B3197955` | etherscan-family | reference-only | https://bscscan.com | pending | pending | +| 56 | BSC | cw_token | cWAUDC | `0x7062f35567BBAb4d98dc33af03B0d14Df42294D5` | etherscan-family | inventory-only | https://bscscan.com | pending | pending | +| 56 | BSC | cw_token | cWAUSDT | `0xe1a51Bc037a79AB36767561B147eb41780124934` | etherscan-family | inventory-only | https://bscscan.com | pending | pending | +| 56 | BSC | cw_token | cWBTC | `0xcb7c000000000000000000000000000000000038` | etherscan-family | inventory-only | https://bscscan.com | pending | pending | + +## Notes + +- Entries from `smart-contracts-master.json` are treated as the canonical deploy inventory. +- Entries from `deployment-status.json` are treated as required publication inventory, even when explorer verification may be external or manual. +- This matrix does **not** claim every address is already verified; it marks the repo-wide backlog explicitly so the status can be closed chain by chain instead of being lost in prose. + diff --git a/docs/11-references/CW_TOKENS_AND_NETWORKS.md b/docs/11-references/CW_TOKENS_AND_NETWORKS.md index 5c538e16..6d209277 100644 --- a/docs/11-references/CW_TOKENS_AND_NETWORKS.md +++ b/docs/11-references/CW_TOKENS_AND_NETWORKS.md @@ -2,7 +2,7 @@ **Purpose:** Single reference for all compliant wrapped tokens (cW*) and the networks where they are defined or deployed. -**Source of truth:** `config/token-mapping-multichain.json` (`cToCwSymbolMapping`), `smom-dbis-138/script/deploy/DeployCWTokens.s.sol`, and `smom-dbis-138/.env` (for recorded addresses). +**Source of truth:** `config/token-mapping-multichain.json` (`cToCwSymbolMapping`), `smom-dbis-138/script/deploy/DeployCWTokens.s.sol`, `smom-dbis-138/.env` (for recorded addresses), and `scripts/verify/check-cw-evm-deployment-mesh.sh` (for the current per-chain EVM deployment summary). --- @@ -12,18 +12,20 @@ All 12 cW* tokens are deployable via `DeployCWTokens.s.sol` (env flags `DEPLOY_C | cW* Token | Deploy script | Networks deployable (script) | Deployed on (addresses in .env) | |-----------|---------------|------------------------------|----------------------------------| -| **cWUSDT** | Yes | 1, 25, 56, 137, 100, 43114, 8453, 42161, 10 | All 9 chains (Mainnet, Cronos, BSC, Polygon, Gnosis, Avalanche, Base, Arbitrum, Optimism) | -| **cWUSDC** | Yes | 1, 25, 56, 137, 100, 43114, 8453, 42161, 10 | All 9 chains | -| **cWEURC** | Yes | 1, 25, 56, 137, 100, 43114, 8453, 42161, 10 | BSC, Polygon, Gnosis, Avalanche, Base, Optimism (Mainnet/Cronos/Arbitrum: deploy failed nonce/gas) | -| **cWEURT** | Yes | Same | Same as cWEURC | -| **cWGBPC** | Yes | Same | Same | -| **cWGBPT** | Yes | Same | Same | -| **cWAUDC** | Yes | Same | Same | -| **cWJPYC** | Yes | Same | Same | -| **cWCHFC** | Yes | Same | Same | -| **cWCADC** | Yes | Same | Same | -| **cWXAUC** | Yes | Same | Same | -| **cWXAUT** | Yes | Same | Same | +| **cWUSDT** | Yes | 1, 10, 25, 56, 100, 137, 42161, 42220, 43114, 8453, 1111 | All 10 loaded chains (Mainnet, Optimism, Cronos, BSC, Gnosis, Polygon, Arbitrum, Celo, Avalanche, Base); Wemix desired but not yet loaded | +| **cWUSDC** | Yes | Same | All 10 loaded chains | +| **cWEURC** | Yes | Same | All 10 loaded chains | +| **cWEURT** | Yes | Same | All 10 loaded chains | +| **cWGBPC** | Yes | Same | All 10 loaded chains | +| **cWGBPT** | Yes | Same | All 10 loaded chains | +| **cWAUDC** | Yes | Same | All 10 loaded chains | +| **cWJPYC** | Yes | Same | All 10 loaded chains | +| **cWCHFC** | Yes | Same | All 10 loaded chains | +| **cWCADC** | Yes | Same | All 10 loaded chains | +| **cWXAUC** | Yes | Same | All 10 loaded chains | +| **cWXAUT** | Yes | Same | All 10 loaded chains | + +**Current mesh status (2026-04-04):** the public EVM `cW*` deployment mesh is **12/12 on all 10 currently loaded public EVM chains**: **Mainnet, Optimism, Cronos, BSC, Gnosis, Polygon, Arbitrum, Celo, Avalanche, and Base**. `Wemix` remains the only desired public EVM target without a loaded `cW*` suite in `deployment-status.json`. --- @@ -37,11 +39,17 @@ All 12 cW* tokens are deployable via `DeployCWTokens.s.sol` (env flags `DEPLOY_C | 56 | BSC (BNB Chain) | | 100 | Gnosis Chain | | 137 | Polygon | +| 42220 | Celo | | 43114 | Avalanche C-Chain | | 8453 | Base | | 42161 | Arbitrum One | +| 1111 | Wemix | -Chains **42220** (Celo) and **1111** (Wemix) are in the token-mapping file for c*→cW* mapping but are not in the current `deploy-tokens-and-weth-all-chains-skip-canonical.sh` chain list for cW* deployment. **651940** (ALL Mainnet) is env-validation only; no cW* deploy from this repo. +Chains **1, 10, 25, 56, 100, 137, 42161, 42220, 43114, 8453, and 1111** are in the current `deploy-tokens-and-weth-all-chains-skip-canonical.sh` cW deployment list. Of those, `Wemix` is still pending live rollout because the destination bridge/funding state is not ready. **651940** (ALL Mainnet) is env-validation only; no cW* deploy from this repo. + +**Solana** (SVM mainnet-beta) is **not** an EIP-155 chain: it appears under `config/token-mapping-multichain.json` → `nonEvmNetworks` and `cross-chain-pmm-lps/config/chains.json` → `nonEvm` for registry/adapter tracking. The `DeployCWTokens` EVM flow and `pool-matrix` hub-stable rows do not apply until an SPL or bridge-wrapped asset program is specified. + +**ALL Mainnet XAU exception:** gold uses a destination-specific naming rule on **651940**. For the **138 -> 651940** corridor, the source leg wraps as **`cWXAUC` / `cWXAUT`**, but the bridge-minted ALL Mainnet representation is **`cWAXAUC` / `cWAXAUT`**, which unwraps to **`cAXAUC` / `cAXAUT`**. Treat these as ALL Mainnet-specific symbols, not generic public-chain `cW*` deploys from `DeployCWTokens.s.sol`. --- @@ -50,14 +58,15 @@ Chains **42220** (Celo) and **1111** (Wemix) are in the token-mapping file for c | Chain(s) | Bridge / receiver | Bridge code mints cW*? | Notes | |----------|-------------------|------------------------|-------| | **43114 (Avalanche)** | Dedicated AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75` | **Yes** | Proven live for the dedicated non-prefunded `cUSDT -> cWUSDT` corridor. Treat this as a chain-specific exception, not blanket proof for every cW destination chain. | -| Generic public-chain WETH receiver set (1, 25, 56, 137, 100, 43114, 8453, 42161, 10) | CCIPRelayBridge (Mainnet), CCIPWETH9_BRIDGE_* (others) | **No** | Current suite is WETH-only; `ccipReceive` only transfers the received token. Granting MINTER/BURNER to these addresses allows DeployCWTokens to run but does not enable cross-chain mint until the receiver is extended or a dedicated cW* receiver (e.g. TwoWayTokenBridgeL2) is deployed. See [CW_BRIDGE_APPROACH.md](../07-ccip/CW_BRIDGE_APPROACH.md) and [CW_BRIDGE_TASK_LIST.md](CW_BRIDGE_TASK_LIST.md). | +| **1 (Ethereum Mainnet)** | Relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` + `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5` | **Yes** | Live and canary-proven for both `cUSDC -> cWUSDC` and `cUSDT -> cWUSDT`. The legacy Mainnet `CCIPRelayBridge` remains WETH-only and should only be used for WETH release flows. | +| Generic public-chain WETH receiver set (25, 56, 137, 100, 43114, 8453, 42161, 10) | CCIPWETH9_BRIDGE_* / CCIPRelayBridge-style WETH receivers | **No** | Current legacy suite is WETH-only; `ccipReceive` only transfers the received token. Granting MINTER/BURNER to these addresses allows DeployCWTokens to run but does not enable cross-chain mint until the receiver is extended or a dedicated cW* receiver (e.g. TwoWayTokenBridgeL2) is deployed. See [CW_BRIDGE_APPROACH.md](../07-ccip/CW_BRIDGE_APPROACH.md) and [CW_BRIDGE_TASK_LIST.md](../00-meta/CW_BRIDGE_TASK_LIST.md). | | After Phase B or C | Extended bridge or TwoWayTokenBridgeL2 / CCIPReceiverCW | **Yes** (when implemented) | Per [CW_BRIDGE_APPROACH.md](../07-ccip/CW_BRIDGE_APPROACH.md), Option 2 (dedicated receiver) is chosen; deploy TwoWayTokenBridgeL2 or equivalent per chain and point `CW_BRIDGE_` to it for cW* mint/burn. | --- ## 3. How to deploy cWUSDT / cWUSDC -1. **Bridge addresses:** `CW_BRIDGE_ADDRESS` is left as default (zero). Per-chain `CW_BRIDGE_` are set in `smom-dbis-138/.env` from the deployed bridge suite (Mainnet: CCIPRelayBridge; other chains: CCIPWETH9_BRIDGE_*, or a dedicated cW receiver such as the proven AVAX cW bridge). That contract receives MINTER_ROLE and BURNER_ROLE when deploying cW*; only a dedicated cW-capable receiver enables mint-on-receive. +1. **Bridge addresses:** `CW_BRIDGE_ADDRESS` is left as default (zero). Per-chain `CW_BRIDGE_` values are set in `smom-dbis-138/.env` from the deployed bridge suite. Mainnet now uses the dedicated cW-capable `CWMultiTokenBridgeL2`; the legacy Mainnet `CCIPRelayBridge` remains WETH-only. Other chains still use `CCIPWETH9_BRIDGE_*` or a dedicated cW receiver such as the proven AVAX cW bridge. Only a dedicated cW-capable receiver enables mint-on-receive. 2. Run with `--deploy-cw`: ```bash cd smom-dbis-138 && ./scripts/deployment/deploy-tokens-and-weth-all-chains-skip-canonical.sh --deploy-cw diff --git a/docs/11-references/DEFI_ORACLE_META_MAINNET_PROJECT_DESCRIPTION.md b/docs/11-references/DEFI_ORACLE_META_MAINNET_PROJECT_DESCRIPTION.md index 41c6884b..4a26b4a9 100644 --- a/docs/11-references/DEFI_ORACLE_META_MAINNET_PROJECT_DESCRIPTION.md +++ b/docs/11-references/DEFI_ORACLE_META_MAINNET_PROJECT_DESCRIPTION.md @@ -1,6 +1,6 @@ # Defi Oracle Meta Mainnet (Chain ID 138) — Project Description -**Last Updated:** 2026-02-12 +**Last Updated:** 2026-04-02 **Purpose:** Reusable project descriptions for listings, Ledger, Chainlist, CoinGecko, outreach, and documentation. --- @@ -34,7 +34,7 @@ DeFi Oracle Meta Mainnet (Chain ID 138) is an enterprise-grade, EVM-compatible b **DeFi Oracle Meta Mainnet (Chain ID 138)** is a production-ready, EVM-compatible blockchain built on **Hyperledger Besu** with **QBFT consensus**. It provides immediate finality with approximately **2-second block time** and is designed for institutional DeFi with native oracle integration, cross-chain bridges, and compliant assets. -**Network:** Chain ID 138 (0x8a), native currency ETH (18 decimals), standard EVM derivation (SLIP-44: 60). EIP-155 and EIP-1559 supported. +**Network:** Chain ID 138 (0x8a), `networkId` 138 in [ethereum-lists/chains](https://github.com/ethereum-lists/chains/blob/master/_data/chains/eip155-138.json), native currency ETH (18 decimals), standard EVM derivation (SLIP-44: 60). EIP-155, EIP-1559, EIP-2718, and EIP-2930 supported. **Infrastructure:** Tiered architecture (validators, sentries, RPC nodes), public RPC endpoints (HTTPS and WebSocket), and **Blockscout** block explorer at https://explorer.d-bis.org. Information and docs: https://d-bis.org. @@ -54,13 +54,13 @@ Use for forms, tables, or “About” sections: |------|--------| | **Name** | Defi Oracle Meta Mainnet | | **Chain ID** | 138 (0x8a) | -| **Network ID** | 1 | +| **Network ID** | 138 (Chainlist / wallet metadata; see `eip155-138.json` on ethereum-lists/chains) | | **Consensus** | QBFT (Hyperledger Besu) | | **Block time** | ~2 seconds | | **Native currency** | ETH (18 decimals) | | **Explorer** | https://explorer.d-bis.org (Blockscout) | | **Info / docs** | https://d-bis.org | -| **EVM** | Yes (EIP-155, EIP-1559) | +| **EVM** | Yes (EIP-155, EIP-1559, EIP-2718, EIP-2930) | | **Derivation** | 44'/60' (standard EVM) | **Features:** Public RPC (HTTPS/WSS), CCIP bridges, compliant stablecoins, oracle feeds, Blockscout, Chainlist, MetaMask, thirdweb. @@ -73,7 +73,7 @@ Use for forms, tables, or “About” sections: https://rpc-http-pub.d-bis.org, https://rpc.d-bis.org, https://rpc2.d-bis.org, https://rpc.defi-oracle.io, https://rpc.public-0138.defi-oracle.io **RPC (WebSocket):** -wss://rpc-ws-pub.d-bis.org, wss://rpc.d-bis.org, wss://ws.rpc.d-bis.org, wss://ws.rpc2.d-bis.org, wss://wss.defi-oracle.io, wss://rpc.public-0138.defi-oracle.io +wss://rpc-ws-pub.d-bis.org, wss://rpc.d-bis.org, wss://ws.rpc.d-bis.org, wss://ws.rpc2.d-bis.org, wss://rpc.public-0138.defi-oracle.io, wss://wss.defi-oracle.io **Block explorer:** https://explorer.d-bis.org diff --git a/docs/11-references/DEPLOYED_COINS_TOKENS_AND_NETWORKS.md b/docs/11-references/DEPLOYED_COINS_TOKENS_AND_NETWORKS.md index ad6c9efd..f472d779 100644 --- a/docs/11-references/DEPLOYED_COINS_TOKENS_AND_NETWORKS.md +++ b/docs/11-references/DEPLOYED_COINS_TOKENS_AND_NETWORKS.md @@ -1,6 +1,6 @@ # Deployed Coins, Tokens, and Networks — Master Inventory -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-03 **Status:** Active Documentation --- @@ -13,7 +13,7 @@ Tokens are grouped into four **canonical categories**. Full definitions and symb |---|----------|--------|----------| | 1 | **Canonical 138 Compliant** | Chain 138 | Native ETH, WETH, WETH10, LINK, cUSDT, cUSDC, cEURT, cEURC, cGBPT, cGBPC, cAUDT, cAUDC, cJPYT, cJPYC, cCHFT, cCHFC, cCADT, cCADC, cAUSDT | | 2 | **ALL Mainnet (Alltra)** | Chain 651940 | Native, AUSDT, USDT, USDC, WETH, WALL, ACADT | -| 3 | **Compliant Wrapped (cW\*)** | Public blockchains (bridged from 138) | cWUSDT, cWUSDC, cWEURT, cWEURC, cWGBPT, cWGBPC, cWAUDT, cWAUDC, cWJPYT, cWJPYC, cWCHFT, cWCHFC, cWCADT, cWCADC, cWUSDW, cWEURW, cWGBPW, cWAUDW, cWJPYW, cWCHFW, cWCADW | +| 3 | **Compliant Wrapped (cW\*)** | Public blockchains (bridged from 138) | cWUSDT, cWUSDC, cWEURC, cWEURT, cWGBPC, cWGBPT, cWAUDC, cWJPYC, cWCHFC, cWCADC, cWXAUC, cWXAUT, plus corridor-specific extras such as cWAUSDT and cWUSDW where enabled | | 4 | **D-WIN W Tokens** | Cronos (25) / 138 / 651940 | USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW | --- @@ -41,6 +41,8 @@ Tokens are grouped into four **canonical categories**. Full definitions and symb - `token-lists/chainlists/chain-138.json` — Chainlist PR - `cross-chain-pmm-lps/config/chains.json` — PMM/LP hub chains +**Current cW mesh status (2026-04-03):** the tracked public EVM `cW*` mesh is now **12/12 on all 9 active public EVM chains**: Mainnet, Cronos, BSC, Gnosis, Polygon, Optimism, Arbitrum, Base, and Avalanche. Public-chain liquidity pools for those `cW*` assets remain undeployed in `deployment-status.json`. + --- ## Tokens by Chain @@ -68,6 +70,8 @@ Tokens are grouped into four **canonical categories**. Full definitions and symb | DAI | Dai Stablecoin | `0x6B175474E89094C44Da98b954EedeAC495271d0F` | 18 | | ETH-USD | ETH/USD Price Feed | `0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419` | 8 | +**GRU v2 public transport suite on Mainnet:** `cWUSDT`, `cWUSDC`, `cWEURC`, `cWEURT`, `cWGBPC`, `cWGBPT`, `cWAUDC`, `cWJPYC`, `cWCHFC`, `cWCADC`, `cWXAUC`, and `cWXAUT` are now all live. Use [CW_TOKENS_AND_NETWORKS.md](CW_TOKENS_AND_NETWORKS.md) and `token-lists/lists/ethereum-mainnet.tokenlist.json` for the current curated address set. + ### Chain 25 (Cronos) — ISO-4217 W Tokens | Symbol | Name | Address | Decimals | @@ -101,6 +105,7 @@ Tokens are grouped into four **canonical categories**. Full definitions and symb | Purpose | Path | |---------|------| | **Chain 138 token list** | `token-lists/lists/dbis-138.tokenlist.json` | +| **Ethereum Mainnet token list** | `token-lists/lists/ethereum-mainnet.tokenlist.json` | | **Cronos token list** | `token-lists/lists/cronos.tokenlist.json` | | **Multi-chain token list** | `explorer-monorepo/backend/api/rest/config/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json` | | **Network config** | `explorer-monorepo/backend/api/rest/config/metamask/DUAL_CHAIN_NETWORKS.json` | @@ -122,6 +127,7 @@ Tokens are grouped into four **canonical categories**. Full definitions and symb | `https://explorer.d-bis.org/api/v2/stats` | Blockscout stats | Blockscout on port 4000 | **Deploy config:** `./explorer-monorepo/scripts/deploy-explorer-config-to-vmid5000.sh` +The script now works from a workstation that can SSH to the Proxmox host for VMID `5000`; if local `pct` is unavailable it falls back to remote `pct` via `PROXMOX_HOST` automatically. --- diff --git a/docs/11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md b/docs/11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md index 0b17b798..5312cdfc 100644 --- a/docs/11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md +++ b/docs/11-references/DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md @@ -1,6 +1,6 @@ # Deployed Tokens, Bridges, DODO/Uniswap LPs — Status & Complete Routing Map -**Last Updated:** 2026-03-31 +**Last Updated:** 2026-04-04 **Purpose:** Single reference for (1) deployed tokens/coins and bridges per destination network, (2) DODO and Uniswap LPs with addresses, and (3) a complete mapping of all possible routes for routing **to** and **from** each chain. --- @@ -9,11 +9,12 @@ | Area | Status | Notes | |------|--------|-------| -| **Chain 138 tokens** | ✅ Live | cUSDT, cUSDC, WETH, WETH10, LINK; 10 more compliant tokens deployable (cEURC, cEURT, cGBP*, cAUD*, cJPY*, cCHF*, cCAD*, cAUSDT). | +| **Chain 138 tokens** | ✅ Live | cUSDT, cUSDC, cAUSDT, WETH, WETH10, LINK are live; the remaining compliant fiat expansion set is separately tracked for deployment or env completion. | | **Chain 138 DODO PMM** | ✅ Live | DODOPMMIntegration + 6 public pools are live on Chain 138: stable pairs plus the three public XAU pools. Official mirror `USDT/USDC` pools were corrected and funded locally. DODOPMMProvider remains deployed; routing cUSDT↔cUSDC and the live local direct/ XAU paths are active. | -| **Chain 138 → destination bridges** | ✅ CCIP + Alltra | CCIP WETH9/WETH10 to Ethereum, BSC, Polygon, Arbitrum, Optimism, Avalanche, Cronos, **Celo + Gnosis (2026-03-04)**. Gnosis: 0x4ab39b5BaB7b463435209A9039bd40Cf241F5a82 (WETH9), 0xC15ACdBAC59B3C7Cb4Ea4B3D58334A4b143B4b44 (WETH10). AlltraAdapter 138↔651940. Wemix pending (need 0.4 WEMIX). | -| **Destination tokens (cW\*)** | ⚠️ Partial / corridor-specific | cWUSDT, cWUSDC deployed on 9 chains (1, 25, 56, 137, 100, 43114, 8453, 42161, 10); cWEURC and others partial. `deployment-status.json` records token addresses and bridge availability, but the repo only proves a live non-prefunded cW corridor for Avalanche `cUSDT -> cWUSDT`; broader cW routing remains partial. | -| **Destination DODO/Uniswap LPs** | ⚠️ Partial graph / pools not live | cross-chain-pmm-lps **pool-matrix** defines cW*/USDC, cW*/USDT per chain; **deployment-status.json** now records deployed cW* token addresses and bridge availability, but PMM pool addresses are still empty. Public-chain edge pools and bot not live. | +| **Chain 138 → destination bridges** | ✅ Live EVM CCIP + Alltra | CCIP WETH9/WETH10 to Ethereum, BSC, Polygon, Arbitrum, Optimism, Base, Avalanche, Cronos, Gnosis, and Celo. AlltraAdapter 138↔651940. Wemix remains the only pending EVM CCIP destination. | +| **Truth / Tron / Solana / other non-EVM programs** | ⚠️ Separate from live CCIP route matrix | Truth on 138 is a registry adapter that points at the Ethereum ↔ Truth bridge story; Tron has a deployed non-EVM adapter on 138; Solana is now tracked as a desired non-EVM rollout target; Etherlink/Tezos, XDC Zero, and OP L2 remain scaffolded or separate programs rather than live rows in the CCIP destination table. | +| **Destination tokens (cW\*)** | ⚠️ Token mesh mostly complete / transport still partial | The public EVM `cW*` token mesh is now complete on the 10 currently loaded public EVM chains (1, 10, 25, 56, 100, 137, 42161, 42220, 43114, 8453). `deployment-status.json` records token addresses and bridge availability there, while `Wemix (1111)` remains the only desired public EVM target without a loaded suite. The repo now proves live non-prefunded cW corridors for Avalanche `cUSDT -> cWUSDT` and for Mainnet `cUSDC -> cWUSDC` plus `cUSDT -> cWUSDT`; broader cW transport routing remains partial. | +| **Destination DODO/Uniswap LPs** | ⚠️ Partial graph / first live DODO wave only | cross-chain-pmm-lps **pool-matrix** defines cW*/USDC, cW*/USDT per chain; **deployment-status.json** now records the first four live Mainnet DODO PMM USD bootstrap pools plus the first six non-USD Wave 1 rows `cWEURC/USDC`, `cWGBPC/USDC`, `cWAUDC/USDC`, `cWCADC/USDC`, `cWJPYC/USDC`, and `cWCHFC/USDC`. No public-chain `Uniswap`, `Balancer`, `Curve`, or `1inch` cW venues are asserted live yet, and the broader mesh is still incomplete. | | **Uniswap on 138** | ❌ | No Uniswap V2/V3 factory on Chain 138. | | **Uniswap on ALL Mainnet (651940)** | ⚠️ Env placeholders | HYDX DEX present; Uniswap V2/V3 and DODO env vars in dex-factories; no pool addresses in repo. | @@ -30,7 +31,8 @@ | LINK | `0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03` | 18 | ✅ | | cUSDT | `0x93E66202A11B1772E55407B32B44e5Cd8eda7f22` | 6 | ✅ | | cUSDC | `0xf22258f57794CC8E06237084b353Ab30fFfa640b` | 6 | ✅ | -| cEURC, cEURT, cGBPT, cGBPC, cAUDT, cAUDC, cJPYT, cJPYC, cCHFT, cCHFC, cCADT, cCADC, cAUSDT | Script / .env | 6 | ⏳ Deployable via DeployCompliantFiatTokens | +| cAUSDT | `0x5fdDF65733e3d590463F68f93Cf16E8c04081271` | 6 | ✅ Live | +| cEURC, cEURT, cGBPT, cGBPC, cAUDT, cAUDC, cJPYT, cJPYC, cCHFT, cCHFC, cCADT, cCADC | Script / .env | 6 | ⏳ Deployable via DeployCompliantFiatTokens | **Source:** [DEPLOYED_COINS_TOKENS_AND_NETWORKS.md](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md), [CHAIN138_TOKEN_ADDRESSES.md](CHAIN138_TOKEN_ADDRESSES.md). @@ -38,17 +40,17 @@ | Chain ID | Name | Tokens / bridges | |----------|------|-------------------| -| **1** | Ethereum Mainnet | WETH, USDT, USDC, DAI; CCIP WETH9/WETH10 bridges; relay router. cW* deployable. | -| **25** | Cronos | USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW (D-WIN W); cW* deployable. | -| **56** | BSC | cWUSDT, cWUSDC (and other cW* per CW_TOKENS_AND_NETWORKS). | -| **100** | Gnosis | cW* deployable. | -| **137** | Polygon | cW* deployable. | -| **10** | Optimism | cW* deployable. | -| **42161** | Arbitrum One | cW* deployable. | -| **8453** | Base | cW* deployable. | +| **1** | Ethereum Mainnet | WETH, USDT, USDC, DAI; CCIP WETH9/WETH10 bridges; relay router; dedicated Mainnet cW bridge; full cW* suite deployed. | +| **25** | Cronos | USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW (D-WIN W); full cW* suite deployed. | +| **56** | BSC | Full cW* suite deployed (including cWUSDT, cWUSDC, and the non-USD Wave 1 symbols). | +| **100** | Gnosis | Full cW* suite deployed. | +| **137** | Polygon | Full cW* suite deployed. | +| **10** | Optimism | Full cW* suite deployed. | +| **42161** | Arbitrum One | Full cW* suite deployed. | +| **8453** | Base | Full cW* suite deployed. | | **43114** | Avalanche C-Chain | cW* deployed; non-prefunded `cUSDT -> cWUSDT` corridor proven live. | -| **42220** | Celo | In pool-matrix; cW* not in deploy script chain list. | -| **1111** | Wemix | In pool-matrix; cW* not in deploy script chain list. | +| **42220** | Celo | Full cW* suite deployed. | +| **1111** | Wemix | Desired public EVM target; cW* suite not yet loaded in `deployment-status.json`. | | **651940** | ALL Mainnet (Alltra) | AUSDT, USDC, WETH, WALL; AlltraAdapter 138↔651940. | **Source:** [DEPLOYED_COINS_TOKENS_AND_NETWORKS.md](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md), [CW_TOKENS_AND_NETWORKS.md](CW_TOKENS_AND_NETWORKS.md), [cross-chain-pmm-lps/config/chains.json](../../cross-chain-pmm-lps/config/chains.json). @@ -61,7 +63,7 @@ | Destination | Bridge type | Contract (138) | Status | Notes | |-------------|-------------|----------------|--------|--------| -| Ethereum (1) | CCIP WETH9 / WETH10 | CCIPWETH9Bridge `0xcacfd227A040002e49e2e01626363071324f820a`, CCIPWETH10Bridge `0xe0E93247376aa097dB308B92e6Ba36bA015535D0` | ✅ | Relay path to mainnet (CCIPRelayBridge). | +| Ethereum (1) | CCIP WETH9 / WETH10 | CCIPWETH9Bridge `0xcacfd227A040002e49e2e01626363071324f820a`, CCIPWETH10Bridge `0xe0E93247376aa097dB308B92e6Ba36bA015535D0` | ✅ | WETH relay path remains on the legacy Mainnet relay bridge; dedicated Mainnet `CWMultiTokenBridgeL2` now handles `cUSDC -> cWUSDC` and `cUSDT -> cWUSDT`. | | BSC (56) | CCIP | Same bridges + addDestination(selector, receiver) | ✅ | Per CCIP_BRIDGE_DESTINATIONS_AND_LINK_FUNDING. | | Polygon (137) | CCIP | Same | ✅ | | | Arbitrum (42161) | CCIP | Same | ✅ | | @@ -69,6 +71,8 @@ | Avalanche (43114) | CCIP | Same | ✅ | WETH relay path live; dedicated non-prefunded `avax-cw` corridor for `cUSDT -> cWUSDT` also proven. | | Cronos (25) | CCIP | Same | ✅ | | | ALL Mainnet (651940) | AlltraAdapter | AlltraAdapter `0x66FEBA2fC9a0B47F26DD4284DAd24F970436B8Dc` | ✅ | 138 ↔ 651940. | +| Base (8453) | CCIP | Standard CCIPWETH9 / CCIPWETH10 destination pair | ✅ | Included in the live EVM CCIP matrix. | +| Gnosis (100) | CCIP | Gnosis WETH9 `0x4ab39b5BaB7b463435209A9039bd40Cf241F5a82`, Gnosis WETH10 `0xC15ACdBAC59B3C7Cb4Ea4B3D58334A4b143B4b44` | ✅ | Live; do not classify as merely config-ready. | | Celo (42220) | CCIP | CCIPWETH9Bridge `0xD3AD6831aacB5386B8A25BB8D8176a6C8a026f04`, CCIPWETH10Bridge `0xa4B9DD039565AeD9641D45b57061f99d9cA6Df08` (Celo); 138↔Celo destinations configured 2026-03-04 | ✅ | complete-config-ready-chains.sh Celo→138 OK. | | Wemix (1111) | CCIP | Bridge addresses in .env when deployed; deployer needs 0.4 WEMIX | ⏳ | Run deploy-bridges-config-ready-chains.sh wemix after funding. | @@ -81,6 +85,17 @@ **Source:** [CONTRACT_ADDRESSES_REFERENCE.md](CONTRACT_ADDRESSES_REFERENCE.md), [smom-dbis-138/docs/deployment/CCIP_BRIDGE_DESTINATIONS_AND_LINK_FUNDING.md](../../smom-dbis-138/docs/deployment/CCIP_BRIDGE_DESTINATIONS_AND_LINK_FUNDING.md). +### 3.3 Other bridge / adapter programs not part of the live CCIP destination table + +| Program | Classification | Status | Notes | +|---------|----------------|--------|-------| +| Truth Network | Registry adapter + Ethereum ↔ Truth bridge program | ⚠️ Partial / pointer only | `TruthNetworkAdapter` is deployed on 138 and registered in `ChainRegistry`, but the repo does not define a direct 138 ↔ Truth CCIP lane. | +| Tron | Non-EVM adapter + relay path | ⚠️ Partial / relay-dependent | `TRON_ADAPTER_CHAIN138` is deployed in the Chain 138 address inventory. Treat as adapter + off-chain relay, not a CCIP destination row. | +| Solana | Non-EVM adapter + relay path | ⚠️ Partial / relay-dependent | `SolanaAdapter` is present in `smom-dbis-138`, and Solana is now tracked in the rollout config as a desired deployment network. It is still outside the EVM cW pool mesh and needs an SPL or bridge-wrapped asset program before live GRU transport. | +| Etherlink / Tezos | Scaffold / feature-gated | ⏳ Planned / gated | `token-mapping-multichain.json` includes a `138 ↔ 42793` placeholder row; production depends on the remaining items in the Tezos / Etherlink plan. | +| XDC Network | Parallel bridge program | ⚠️ Separate program | Use the XDC Zero runbook, not the CCIP lane matrix. | +| OP Stack L2 | Future design | ⏳ Design only | Optional future L2 ↔ 138 design notes exist; not a live bridge lane. | + --- ## 4. DODO and Uniswap LPs — by chain @@ -89,15 +104,17 @@ | Pool pair | Pool address | Base token | Quote token | Status | Routing | |-----------|--------------|------------|-------------|--------|---------| -| cUSDT / cUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | cUSDT | cUSDC | ✅ Funded (live) | `10,000,000 / 10,000,000` reserves on the corrected live PMM integration. | -| cUSDT / USDT (official mirror) | `0x6fc60DEDc92a2047062294488539992710b99D71` | cUSDT | USDT | ✅ Funded (live) | Uses Chain 138 `USDT` mirror `0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1`; `10,000,000 / 10,000,000` reserves. | -| cUSDC / USDC (official mirror) | `0x0309178ae30302D83c76d6Dd402a684eF3160eec` | cUSDC | USDC | ✅ Funded (live) | Uses Chain 138 `USDC` mirror `0x71D6687F38b93CCad569Fa6352c876eea967201b`; `10,000,000 / 10,000,000` reserves. | +| cUSDT / cUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | cUSDT | cUSDC | ✅ Funded (live) | Recreated 2026-04-02 on the canonical official-DVM-backed PMM integration with `i=1e18`, `k=0`; now quotes at true 1:1 parity. | +| cUSDT / USDT (official mirror) | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | cUSDT | USDT | ✅ Funded (live) | Uses Chain 138 `USDT` mirror `0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1`; recreated 2026-04-02 with `i=1e18`, `k=0`. | +| cUSDC / USDC (official mirror) | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | cUSDC | USDC | ✅ Funded (live) | Uses Chain 138 `USDC` mirror `0x71D6687F38b93CCad569Fa6352c876eea967201b`; recreated 2026-04-02 with `i=1e18`, `k=0`. | | cUSDT / cXAUC | `0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0` | cUSDT | cXAUC | ✅ Funded (live) | Public XAU pool; reserves `2,666,965 / 519.477`. | | cUSDC / cXAUC | `0xEA9Ac6357CaCB42a83b9082B870610363B177cBa` | cUSDC | cXAUC | ✅ Funded (live) | Public XAU pool; reserves `1,000,000 / 194.782554`. | | cEURT / cXAUC | `0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf` | cEURT | cXAUC | ✅ Funded (live) | Public XAU pool; reserves `1,000,000 / 225.577676`. | -- **DODOPMMIntegration:** `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`. -- **DODOPMMProvider:** `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` (104/104 desired-state routes aligned). +- **DODO DVMFactory:** `0xc93870594C7f83A0aE076c2e30b494Efc526b68E`. +- **DODO Vending Machine / adapter:** `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C`. +- **DODOPMMIntegration:** `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`. +- **DODOPMMProvider:** `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` (current canonical stable-pool provider set). - **PrivatePoolRegistry:** `0xb27057B27db09e8Df353AF722c299f200519882A` with live XAU pools: - `cUSDT / cXAUC`: `0x94316511621430423a2cff0C036902BAB4aA70c2` - `cUSDC / cXAUC`: `0x7867D58567948e5b9908F1057055Ee4440de0851` @@ -120,7 +137,9 @@ **Designed (pool-matrix.json):** Per chain, first-tier pools: cWUSDT/USDC or cWUSDT/USDT, cWUSDC/USDC or cWUSDC/USDT, plus cWAUSDT, cWEURC, cWEURT, cWUSDW vs hub stable. Optional: cW*/USDT, cW*/DAI, cW*/BUSD, cW*/mUSD. -**Deployment status:** [cross-chain-pmm-lps/config/deployment-status.json](../../cross-chain-pmm-lps/config/deployment-status.json) — records cW* token addresses and bridge availability per chain, but PMM pool arrays are still empty. Public-chain edge pools and the stabilization bot are **not deployed**. +**Deployment status:** [cross-chain-pmm-lps/config/deployment-status.json](../../cross-chain-pmm-lps/config/deployment-status.json) now records the first live public-chain cW* pool wave on Mainnet DODO PMM: `cWUSDT/USDC`, `cWUSDC/USDC`, `cWUSDT/USDT`, `cWUSDC/USDT`, **`cWUSDT/cWUSDC`**, `cWEURC/USDC`, `cWGBPC/USDC`, `cWAUDC/USDC`, `cWCADC/USDC`, `cWJPYC/USDC`, and `cWCHFC/USDC`. Public-chain edge liquidity is still only partial, the stabilization bot is not documented as live, and the repo still does not assert any public cW* `Balancer`, `Curve`, `Uniswap`, or `1inch` venues. + +**Canonical public status surface:** `bash scripts/verify/check-gru-v2-public-protocols.sh` or the explorer-published JSON at `https://explorer.d-bis.org/config/GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json`. **Source:** [cross-chain-pmm-lps/config/pool-matrix.json](../../cross-chain-pmm-lps/config/pool-matrix.json), [cross-chain-pmm-lps/config/token-map.json](../../cross-chain-pmm-lps/config/token-map.json). @@ -134,8 +153,8 @@ |------------|----------|--------|--------| | cUSDT | cUSDC | DODOPMMIntegration / DODOPMMProvider → pool cUSDT/cUSDC | ✅ | | cUSDC | cUSDT | Same pool | ✅ | -| cUSDT | USDT (official mirror) | DODOPMMIntegration / pool `0x6fc60DEDc92a2047062294488539992710b99D71` | ✅ | -| cUSDC | USDC (official mirror) | DODOPMMIntegration / pool `0x0309178ae30302D83c76d6Dd402a684eF3160eec` | ✅ | +| cUSDT | USDT (official mirror) | DODOPMMIntegration / pool `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | ✅ | +| cUSDC | USDC (official mirror) | DODOPMMIntegration / pool `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | ✅ | | cUSDT | cXAUC | DODOPMMIntegration / pool `0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0` | ✅ | | cUSDC | cXAUC | DODOPMMIntegration / pool `0xEA9Ac6357CaCB42a83b9082B870610363B177cBa` | ✅ | | cEURT | cXAUC | DODOPMMIntegration / pool `0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf` | ✅ | @@ -144,11 +163,12 @@ | From (138) | To (chain) | Bridge | Destination asset | Destination LP (if any) | |------------|------------|--------|--------------------|---------------------------| -| WETH9 | 1, 56, 137, 10, 42161, 43114, 25 | CCIP WETH9 | WETH | Native DEX / cW* pool when deployed | -| WETH10 | Same | CCIP WETH10 | WETH | Same | +| WETH9 | 1, 10, 25, 56, 100, 137, 42161, 43114, 8453, 42220 | CCIP WETH9 | WETH | Native DEX / cW* pool when deployed | +| WETH10 | Same live EVM destination set | CCIP WETH10 | WETH | Same | | cUSDT | 43114 | Dedicated `avax-cw` relay + AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75` | cWUSDT | Direct recipient mint; same-chain cW*/USDT pools are not deployed | | cUSDT / cUSDC | 1, 25, 56, 100, 137, 10, 42161, 8453, 42220, 1111 | — | — | No blanket live direct route for compliant stables; use WETH hop or a specifically proven cW corridor | | Any (138) | 651940 | AlltraAdapter | AUSDT, WETH, WALL, etc. | ALL Mainnet DEX (env placeholders) | +| Any (138) | Truth / Tron / Solana / Etherlink / Tezos / XDC / OP L2 | See program-specific docs | — | These are separate programs or scaffolds; they are not part of the live CCIP EVM destination matrix. | ### 5.3 Cross-chain routing (destination → 138) @@ -162,8 +182,8 @@ | From | To | Route | Status | |------|-----|--------|--------| | 138 cUSDT | 43114 cWUSDT | Dedicated non-prefunded `avax-cw` bridge; destination mints to recipient | ✅ Live corridor | -| cW* (e.g. cWUSDT) | USDC / USDT (same chain) | Single-sided cW*/hub pool (pool-matrix) | ❌ Not deployed | -| USDC / USDT | cW* | Same pool (reverse) | ❌ Not deployed | +| cW* (e.g. cWUSDT) | USDC / USDT (same chain) | Single-sided cW*/hub pool (pool-matrix) | ⚠️ Partial: first Mainnet DODO wave is live; broader mesh remains undeployed | +| USDC / USDT | cW* | Same pool (reverse) | ⚠️ Partial: first Mainnet DODO wave is live; broader mesh remains undeployed | | cW* chain A | cW* chain B | Bridge cW* or bridge underlying + mint cW* on dest; depends on bridge and cW* deployment | ⏳ Depends on explicit bridge wiring | ### 5.5 Swap–bridge–swap (orchestration) @@ -182,12 +202,14 @@ | Chain ID | Name | Tokens deployed | Bridge from 138 | Bridge to 138 | DODO/Uniswap LPs | |----------|------|------------------|------------------|---------------|-------------------| | 138 | DeFi Oracle | cUSDT, cUSDC, cEURT, cXAUC, cXAUT, WETH, WETH10, LINK, official mirrors | — | — | DODO: 6 public pools live + 3 private XAU pools live | -| 1 | Ethereum | WETH, USDT, USDC, DAI | ✅ CCIP WETH9/10 | ✅ CCIP relay | Native DEX; cW* deployed, routing partial | +| 1 | Ethereum | WETH, USDT, USDC, DAI, full cW* suite | ✅ CCIP WETH9/10 + ✅ Mainnet cW mint corridors | ✅ CCIP relay + ✅ Mainnet cW return path | DODO PMM: 10 public cW* pools live in-repo | | 651940 | ALL Mainnet | AUSDT, USDC, WETH, WALL | ✅ AlltraAdapter | ✅ AlltraAdapter | Env placeholders; HYDX | | 25 | Cronos | USDW, EURW, …; cW* deployed | ✅ CCIP | ✅ CCIP | cW* edge pools not deployed | | 56, 100, 137, 10, 42161, 8453 | BSC, Gnosis, Polygon, Optimism, Arbitrum, Base | cW* deployed / partial | ✅ CCIP | ✅ CCIP | cW* pool-matrix; not deployed | | 43114 | Avalanche | cW* deployed; `cUSDT -> cWUSDT` corridor proven | ✅ CCIP WETH relay + ✅ `avax-cw` | ✅ CCIP | cW* edge pools not deployed | -| 42220, 1111 | Celo, Wemix | — | Config | Config | pool-matrix only | +| 42220 | Celo | full cW* suite deployed | ✅ CCIP | ✅ CCIP | cW* pool-matrix; public pools not deployed | +| 1111 | Wemix | — | ⏳ Pending | ⏳ Pending | pool-matrix only | +| non-EVM / separate programs | Truth, Tron, Solana, Etherlink, Tezos, XDC, OP L2 | program-specific | See canonical docs | See canonical docs | Do not read these as live CCIP destination rows | ### 6.2 Route matrix (to and from) @@ -214,6 +236,10 @@ | [PMM_DEX_ROUTING_STATUS.md](PMM_DEX_ROUTING_STATUS.md) | DEX/PMM routing status | | [CONTRACT_ADDRESSES_REFERENCE.md](CONTRACT_ADDRESSES_REFERENCE.md) | Contract and bridge addresses | | [ADDRESS_MATRIX_AND_STATUS.md](ADDRESS_MATRIX_AND_STATUS.md) | Correlated address matrix | +| [CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md](CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md) | Canonical bridge-program classification, including Truth, Tron, Etherlink/Tezos, XDC, and OP | +| [GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md](GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md) | Canonical public-network GRU v2 rollout summary for bridges + public cW protocol venues | +| `bash scripts/verify/check-cw-public-pool-status.sh` | Verifies the public cW deployment graph in `deployment-status.json`, including the first recorded Mainnet DODO PMM pool wave and whether any additional public-chain `pmmPools` have been promoted | +| `bash scripts/verify/check-gru-v2-public-protocols.sh` | Verifies the public EVM cW mesh, Wave 1 transport state, and the current public-protocol truth for Uniswap v3, Balancer, Curve 3, DODO PMM, and 1inch | | [DEFI_AGGREGATOR_DEX_ROUTING_FLOWS_DIAGRAM.md](../03-deployment/DEFI_AGGREGATOR_DEX_ROUTING_FLOWS_DIAGRAM.md) | Routing flow diagram | | [CW_TOKENS_AND_NETWORKS.md](CW_TOKENS_AND_NETWORKS.md) | cW* tokens and networks | | [cross-chain-pmm-lps/config/](../../cross-chain-pmm-lps/config/) | pool-matrix, deployment-status, token-map, chains | diff --git a/docs/11-references/DEPLOYER_CONTRACTS_INVENTORY_AND_VERIFICATION_STATUS.md b/docs/11-references/DEPLOYER_CONTRACTS_INVENTORY_AND_VERIFICATION_STATUS.md index bd43912b..0121b5ae 100644 --- a/docs/11-references/DEPLOYER_CONTRACTS_INVENTORY_AND_VERIFICATION_STATUS.md +++ b/docs/11-references/DEPLOYER_CONTRACTS_INVENTORY_AND_VERIFICATION_STATUS.md @@ -1,12 +1,17 @@ # Deployer Wallet — Complete Contract List by Network and Verification Status -> Historical note (2026-03-26): this inventory includes superseded PMM-address snapshots from earlier verification passes. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-02): this inventory may reference superseded PMM-address snapshots in older evidence. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. -**Last Updated:** 2026-02-27 +**Last Updated:** 2026-04-11 **Deployer address:** `0x4A666F96fC8764181194447A7dFdb7d471b301C8` **Purpose:** Single list of all contracts deployed by (or attributed to) the deployer wallet, the network each is on, and whether each is **verified** on the chain’s explorer (Blockscout for Chain 138). -**Verification:** For Chain 138, verification is done via Blockscout (https://explorer.d-bis.org). Run `./scripts/verify/run-contract-verification-with-proxy.sh` (from LAN with Blockscout reachable) or `./scripts/verify/check-contracts-on-chain-138.sh` to check/verify. **Verified** below means “source code verified on explorer”; **Not verified** means not yet submitted or not yet confirmed; **Unknown** means not yet checked in this repo. +**Verification:** For Chain 138, verification is done via Blockscout (https://explorer.d-bis.org). Run `./scripts/verify/run-contract-verification-with-proxy.sh` (from LAN with Blockscout reachable) or `./scripts/verify/check-contracts-on-chain-138.sh` to check/verify. Ethereum mainnet checks should use Etherscan API V2 / explorer status. **Verified** below means “source code verified on explorer”; **Not verified** means not yet submitted or not yet confirmed; **Unknown** means not yet checked in this repo. + +For the cross-network closure backlog, use the generated all-network matrix as the canonical tracking surface: + +- [CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS](CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md) +- [ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK](../03-deployment/ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK.md) --- @@ -54,8 +59,8 @@ Explorer: https://explorer.d-bis.org | Contract | Address | Deployed by | Verified | |----------|---------|-------------|----------| -| Multicall | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | Genesis | Unknown | -| Oracle Aggregator | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | Deployer (or same slot as Multicall) | Unknown | +| Oracle Aggregator (legacy slot) | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | Genesis / preserved | Unknown | +| Oracle Aggregator | `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | Live Chain 138 slot | Unknown | | Oracle Proxy | `0x3304b747e565a97ec8ac220b0b6a1f6ffdb837e6` | Deployer | Unknown | | Multicall (deploy 2026-02-13) | `0xF4AA429BE277d1a1a1A744C9e5B3aD821a9b96f7` | Deployer | Unknown | | Oracle Aggregator (deploy 2026-02-13) | `0xaFd9E25ff301a79feaBcc56F46969F34808358CE` | Deployer | Unknown | @@ -112,11 +117,11 @@ Explorer: https://explorer.d-bis.org | Contract | Address | Deployed by | Verified | |----------|---------|-------------|----------| -| DODOPMMIntegration | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` | Deployer | Unknown | -| DODOPMMProvider | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` | Deployer | Unknown | -| Pool cUSDT/cUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | Deployer | Unknown | -| Pool cUSDT/USDT | `0x6fc60DEDc92a2047062294488539992710b99D71` | Deployer | Unknown | -| Pool cUSDC/USDC | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | Deployer | Unknown | +| DODOPMMIntegration | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` | Deployer | Unknown | +| DODOPMMProvider | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` | Deployer | Unknown | +| Pool cUSDT/cUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | Deployer | Unknown | +| Pool cUSDT/USDT | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | Deployer | Unknown | +| Pool cUSDC/USDC | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | Deployer | Unknown | ### TransactionMirror @@ -140,6 +145,7 @@ Contracts used as **destinations** for Chain 138 CCIP/relay; may have been deplo |----------|---------|---------|-------------|----------| | CCIPRelayRouter | `0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb` | 1 (Ethereum Mainnet) | Unknown | Unknown | | CCIPRelayBridge | `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` | 1 (Ethereum Mainnet) | Unknown | Unknown | +| DODOPMMIntegration (Mainnet) | `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` | 1 (Ethereum Mainnet) | Deployer | Yes | Explorer: https://etherscan.io (or https://blockscan.com for multi-chain). @@ -147,7 +153,7 @@ Explorer: https://etherscan.io (or https://blockscan.com for multi-chain). ## Other networks (CCIP / cW* / Cronos) -Contracts on **other chains** (BSC, Polygon, Cronos, Arbitrum, Optimism, Avalanche, Base, Gnosis, Celo, Wemix) that the deployer may have deployed (e.g. CCIP WETH9/WETH10 bridges, cW* tokens, Cronos D-WIN W) are **not** listed here by address. Addresses are stored in `smom-dbis-138/.env` (e.g. `CCIPWETH9_BRIDGE_BSC`, `CWUSDT_MAINNET`, etc.). See [TOKENS_DEPLOYER_DEPLOYED_ON_OTHER_CHAINS.md](TOKENS_DEPLOYER_DEPLOYED_ON_OTHER_CHAINS.md) and [CW_TOKENS_AND_NETWORKS.md](CW_TOKENS_AND_NETWORKS.md). Verification status on those chains is **per-chain** (Etherscan, BscScan, Polygonscan, etc.) and not tracked in this doc. +Contracts on **other chains** (BSC, Polygon, Cronos, Arbitrum, Optimism, Avalanche, Base, Gnosis, Celo, Wemix) are now tracked through the generated all-network matrix rather than only by prose references. See [CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS](CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md). --- diff --git a/docs/11-references/DEPLOYER_TO_PUBLIC_STABLECOIN_ROUTES.md b/docs/11-references/DEPLOYER_TO_PUBLIC_STABLECOIN_ROUTES.md index 6a401db5..763fd691 100644 --- a/docs/11-references/DEPLOYER_TO_PUBLIC_STABLECOIN_ROUTES.md +++ b/docs/11-references/DEPLOYER_TO_PUBLIC_STABLECOIN_ROUTES.md @@ -1,8 +1,8 @@ # Routes: Deployer Wallet → Public-Network Stablecoins -> Historical note (2026-03-26): this route map originally captured a pre-correction PMM phase. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` and `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`. +> Historical note (2026-04-02): this route map originally captured a pre-correction PMM phase. The current canonical Chain 138 PMM stack is `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`. -**Last Updated:** 2026-03-31 +**Last Updated:** 2026-04-03 **Purpose:** Single reference for **all possible routes** from the deployer wallet as **source** (minted/held tokens on all blockchains) **to** public-network stablecoins (USDT, USDC, DAI, AUSDT, etc.) on each chain. Uses Master Documentation and verifiable sources only. **Deployer address (source):** `0x4A666F96fC8764181194447A7dFdb7d471b301C8` @@ -59,10 +59,10 @@ Tokens the deployer **can hold** as source (mintable to deployer on 138/Cronos, | From (deployer holds) | To (public stable on 138) | Route | Status | |------------------------|----------------------------|--------|--------| -| cUSDT | cUSDC | DODOPMMIntegration / pool `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | ✅ Live | +| cUSDT | cUSDC | DODOPMMIntegration / pool `0x9e89bAe009adf128782E19e8341996c596ac40dC` | ✅ Live | | cUSDC | cUSDT | Same pool | ✅ Live | -| cUSDT | “USDT (official)” | Pool `0x6fc60DEDc92a2047062294488539992710b99D71` is the funded intended canonical route; official USDT mirror is deployed on 138 | ✅ Live | -| cUSDC | “USDC (official)” | Pool `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` exists; official USDC mirror is deployed on 138 | ✅ Live | +| cUSDT | “USDT (official)” | Pool `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` is the funded canonical route; official USDT mirror is deployed on 138 | ✅ Live | +| cUSDC | “USDC (official)” | Pool `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` is the funded canonical route; official USDC mirror is deployed on 138 | ✅ Live | **Note:** On 138 the only “public” stablecoin destinations that exist are cUSDT and cUSDC. There is no native USDT/USDC contract on 138. @@ -79,7 +79,7 @@ Tokens the deployer **can hold** as source (mintable to deployer on 138/Cronos, | cUSDT | USDT / USDC / DAI | **No direct bridge.** Swap 138: cUSDT→cUSDC or cUSDT→WETH (no cUSDT→WETH pool documented); or cUSDT→cUSDC then no bridge for cUSDC. **Indirect:** cUSDT→cUSDC (DODO) then no 138→mainnet bridge for compliant stables. Use: **cUSDT/cUSDC → swap to WETH on 138 (no pool today)** then CCIP WETH→mainnet→DEX→USDT/USDC/DAI. | ⚠️ Swap leg on 138 to WETH not documented; bridge leg ✅ | | cUSDC | USDT / USDC / DAI | Same as cUSDT; need 138 cUSDC→WETH path (not in docs). Then CCIP WETH→mainnet→DEX. | ⚠️ Same | -**Mainnet relay:** CCIP messages to chain 1 go via CCIPRelayRouter `0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb` and CCIPRelayBridge `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` (releases WETH; **must be funded with Mainnet WETH** — see [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md)). +**Mainnet relay:** CCIP messages to chain 1 go via active CCIPRelayRouter `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` and CCIPRelayBridge `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` (releases WETH; **must be funded with Mainnet WETH** — see [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md)). --- @@ -97,11 +97,11 @@ Tokens the deployer **can hold** as source (mintable to deployer on 138/Cronos, |------------|--------------------------------------|--------|--------| | WETH9 / WETH10 | **BSC** WETH → USDT/USDC via DEX | Relay-backed first hop to BSC relay bridge `0x886C6A4ABC064dbf74E7caEc460b7eeC31F1b78C` | ✅ Live; **requires BSC relay WETH inventory** | | WETH9 / WETH10 | **Avalanche** WETH → USDT/USDC via DEX | Relay-backed first hop to AVAX relay bridge `0x3f8C409C6072a2B6a4Ff17071927bA70F80c725F` | ✅ Tiny-send live; **requires AVAX relay WETH inventory**. Native Avalanche bridge path failed on 2026-03-30. | -| WETH9 / WETH10 | **Gnosis, Polygon, Arbitrum, Optimism, Base, Cronos, Celo** WETH → USDT/USDC via DEX | Bootstrap Mainnet first, then send Mainnet → destination | ⚠️ Use **Mainnet hub**, not a direct first hop from Chain 138 | +| WETH9 / WETH10 | **Gnosis, Polygon, Arbitrum, Optimism, Base, Cronos, Celo** WETH → USDT/USDC via DEX | Bootstrap Mainnet first, then send Mainnet → destination | ⛔ Intended via **Mainnet hub**, not a direct first hop from Chain 138, but the current Mainnet `WETH9` public fan-out path is blocked. A direct `138 -> Arbitrum` send reached the source router without destination delivery, the latest `Mainnet -> Arbitrum` send from `MAINNET_CCIP_WETH9_BRIDGE=0xc9901ce2Ddb6490FAA183645147a87496d8b20B6` failed on-chain before any bridge event, and read-only `calculateFee()` preflights currently revert for the tracked selectors `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base`. | | WETH9 / WETH10 | Wemix USDT/USDC | Deploy bridge and seed gas first (deployer needs 0.4 WEMIX) | ⏳ Pending | | cUSDT / cUSDC | Any dest public stable | No direct bridge for compliant stables; must swap to WETH on 138 then CCIP (see 3.2). | ⚠️ Same as 3.2 | -**Live routing note (2026-03-30):** The current Chain 138 router emits `MessageSent` but does not natively deliver into public-chain `CCIPWETH9Bridge` / `CCIPWETH10Bridge` contracts. That is why direct first-hop guidance is limited to the relay-backed lanes and the Mainnet hub. +**Live routing note (2026-04-03 / 2026-04-04 UTC):** The current Chain 138 router emits `MessageSent` but does not natively deliver into public-chain `CCIPWETH9Bridge` / `CCIPWETH10Bridge` contracts. That is why direct first-hop guidance is limited to the relay-backed lanes and the Mainnet hub. The current Mainnet `WETH9` public fan-out leg is also blocked at the source bridge/router layer: the active Mainnet source bridge path reverted in tx `0x97df657f0e31341ca852666766e553650531bbcc86621246d041985d7261bb07` inside router `0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D`, and read-only `calculateFee()` preflights now also revert for the tracked selectors `BSC`, `Avalanche`, `Gnosis`, `Cronos`, `Celo`, `Polygon`, `Arbitrum`, `Optimism`, and `Base`. Treat `Mainnet -> public-chain` WETH9 fan-out as blocked until that source path is repaired or replaced. **Avalanche cW correction:** Separately from the public-stable routes above, the repo now proves a non-prefunded `cUSDT -> cWUSDT` corridor on Avalanche. That is a live lock/mint route to project `cWUSDT`, not a direct route to native Avalanche `USDT` / `USDC`, so it is tracked in [ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED](ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md) instead of being listed here as a public-stable destination. @@ -130,7 +130,8 @@ Tokens the deployer **can hold** as source (mintable to deployer on 138/Cronos, | 138 | WETH10 | 1 | USDT, USDC, DAI | Same; **CCIPRelayBridge must be funded with Mainnet WETH** | ✅ | | 138 | WETH9/10 | 56 | WETH → USDT/USDC via DEX | Relay-backed 138 → BSC → DEX; **requires BSC relay inventory** | ✅ | | 138 | WETH9/10 | 43114 | WETH → USDT/USDC via DEX | Relay-backed 138 → AVAX → DEX; **requires AVAX relay inventory** | ✅ Tiny-send only unless re-funded | -| 138 | WETH9/10 | 100, 137, 10, 42161, 8453, 25, 42220 | WETH → USDT/USDC via DEX | Bootstrap Mainnet first, then Mainnet → dest → DEX | ⚠️ | +| 138 | WETH9/10 | 100, 137, 10, 8453, 25, 42220 | WETH → USDT/USDC via DEX | Bootstrap Mainnet first, then Mainnet → dest → DEX | ⚠️ | +| 138 | WETH9/10 | 42161 | WETH → USDT/USDC via DEX | Intended `138 -> Mainnet -> Arbitrum -> DEX`, but current Mainnet source bridge/router path is blocked | ⛔ | | 138 | Any | 651940 | AUSDT, USDC | AlltraAdapter → 651940 DEX | ✅ | | 138 | cUSDT, cUSDC | Any | USDT, USDC (any chain) | Swap to WETH on 138 (no c*→WETH pool in docs) + CCIP WETH → dest DEX | ⚠️ Bridge leg ✅; 138 swap leg not documented | | Dest (1, 651940, 25, …) | Deployer-held token on that chain | Same | Public stable | Native DEX | ✅ | diff --git a/docs/11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md b/docs/11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md index 941f1351..61c18aa3 100644 --- a/docs/11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md +++ b/docs/11-references/DEPLOYER_WALLET_FUNDING_PLAN_PMM_POOLS.md @@ -1,8 +1,8 @@ # Deployer Wallet — Chain 138 Balances, Funding Plan (PMM Pools), and Tokens on All Networks -> Historical note (2026-03-26): this plan began on the earlier PMM stack. Use the canonical corrected pool addresses below and cross-check [LIQUIDITY_POOLS_MASTER_MAP.md](LIQUIDITY_POOLS_MASTER_MAP.md) before funding. +> Historical note (2026-04-02): this plan began on an earlier PMM stack. Use the canonical official DODO V2 DVM-backed pool addresses below and cross-check [LIQUIDITY_POOLS_MASTER_MAP.md](LIQUIDITY_POOLS_MASTER_MAP.md) before funding. -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-03 **Purpose:** Check deployer balances on ChainID 138, use **half** of balances for PMM liquidity pool funding; list all coins/tokens deployed by or associated with the deployer address on all networks. --- @@ -33,6 +33,8 @@ The script: - Prints **half** of each balance for use as the liquidity funding plan. - Outputs suggested `ADD_LIQUIDITY_*` env vars for [AddLiquidityPMMPoolsChain138](../../smom-dbis-138/script/dex/AddLiquidityPMMPoolsChain138.s.sol). +**Current live note (2026-04-03):** the public-rollout deployer funding gate now lives in [GRU_V2_DEPLOYER_FUNDING_STATUS.md](../03-deployment/GRU_V2_DEPLOYER_FUNDING_STATUS.md) and `bash scripts/verify/check-gru-v2-deployer-funding-status.sh`. The stable public Chain 138 RPC (`https://rpc-http-pub.d-bis.org`) currently shows the deployer heavily funded for native ETH, `cUSDT`, and `cUSDC`; the alternate public endpoint `https://rpc.public-0138.defi-oracle.io` is returning `502` and can produce false empty-wallet readings. + **Alternative:** Use [check-deployer-balance-blockscout-vs-rpc.sh](../../scripts/verify/check-deployer-balance-blockscout-vs-rpc.sh) for native balance only; or [list-deployer-tokens-all-networks.sh](../../smom-dbis-138/scripts/deployment/list-deployer-tokens-all-networks.sh) from `smom-dbis-138/` for all networks. The list script uses **fallback public RPCs** when env vars are unset, so it always prints every token line for Chain 138, Ethereum, ALL Mainnet, Cronos, Polygon, Base, Optimism, BSC, Avalanche, and Arbitrum. Use `PRIVATE_KEY` in .env to derive the deployer address, or set `DEPLOYER_ADDRESS=0x4A666F96fC8764181194447A7dFdb7d471b301C8` for read-only. --- @@ -45,9 +47,9 @@ The script: | Pool | Base | Quote | Pool address | |------|------|--------|--------------| -| cUSDT / cUSDC | cUSDT | cUSDC | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | -| cUSDT / USDT | cUSDT | USDT (official) | `0x6fc60DEDc92a2047062294488539992710b99D71` | -| cUSDC / USDC | cUSDC | USDC (official) | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | +| cUSDT / cUSDC | cUSDT | cUSDC | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | +| cUSDT / USDT | cUSDT | USDT (official mirror) | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | +| cUSDC / USDC | cUSDC | USDC (official mirror) | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | **Allocation (half of deployer balances):** @@ -87,7 +89,8 @@ Below: **tokens and coins** on each network where the deployer is the **document | cUSDT | Compliant Tether USD | `0x93E66202A11B1772E55407B32B44e5Cd8eda7f22` | 6 | Deployed | | cUSDC | Compliant USD Coin | `0xf22258f57794CC8E06237084b353Ab30fFfa640b` | 6 | Deployed | | cEURT, cEURC, cGBPT, cGBPC, cAUDT, cAUDC, cJPYT, cJPYC, cCHFT, cCHFC, cCADT, cCADC, cAUSDT | (Category 1 remainder) | Deploy / env | 6 | See [TOKEN_CATEGORIES_CANONICAL](TOKEN_CATEGORIES_CANONICAL.md) | -| USDT (official) | Tether (Chain 138) | `0x15DF1D5BFDD8Aa4b380445D4e3E9B38d34283619` | — | Reference | +| USDT (official mirror) | Tether USD (Chain 138) | `0x004b63A7B5b0E06f6bB6adb4a5F9f590BF3182D1` | 6 | Quote-side mirror used by the canonical cUSDT/USDT pool | +| USDC (official mirror) | USD Coin (Chain 138) | `0x71D6687F38b93CCad569Fa6352c876eea967201b` | 6 | Quote-side mirror used by the canonical cUSDC/USDC pool | ### Chain 1 (Ethereum Mainnet) @@ -153,3 +156,4 @@ The script **always lists** the tokens in the table below for each network. It u | [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md) | Networks and tokens by chain | | [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md) | Canonical contract list | | [LIQUIDITY_POOL_CONTROLS_RUNBOOK](../03-deployment/LIQUIDITY_POOL_CONTROLS_RUNBOOK.md) | How to add liquidity | +| [CHAIN138_GRID_6534_WALLET_FUNDING_PLAN](CHAIN138_GRID_6534_WALLET_FUNDING_PLAN.md) | Operator vs 6,534 soak grid wallets — native + ERC-20 batch funding | diff --git a/docs/11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md b/docs/11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md index 0e5d57e1..773afa73 100644 --- a/docs/11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md +++ b/docs/11-references/DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md @@ -11,15 +11,15 @@ | Chain | Status | Address | Notes | |-------|--------|---------|--------| | **Ethereum Mainnet** | Deployed | `0x4CF42c4F1dBa748601b8938be3E7ABD732E87cE9` | Receives mirrored Chain 138 transactions from the Transaction Mirroring Service. Frontend-dapp uses this address. Etherscan verification may still be pending (see docs/06-besu/TRANSACTIONMIRROR_VERIFICATION_STATUS.md). | -| **Chain 138** | **Not deployed** | — | Optional: deploy when mirror feature is needed on Chain 138. Script can hit Forge constructor-args decode bug; use `forge create` or `./scripts/deployment/deploy-transaction-mirror-chain138.sh`. Not included in the 36-address on-chain check. | +| **Chain 138** | **Deployed** | `0x7131F887DBEEb2e44c1Ed267D2A68b5b83285afc` | Live on Chain 138. Set `TRANSACTION_MIRROR_ADDRESS` in `smom-dbis-138/.env` for services that consume it. | -**Conclusion:** TransactionMirror is **fully deployed on Mainnet** (and used by the Transaction Mirroring Service). On **Chain 138** it is **not** deployed; it is optional and can be deployed when needed via the helper script. +**Conclusion:** TransactionMirror is deployed on both **Ethereum Mainnet** and **Chain 138**. --- ## 2. Currently Deployed (Relevant to DEX / Routing / Cross-Chain) -- **Chain 138:** CCIP bridges (CCIPWETH9/10), UniversalCCIPBridge, BridgeOrchestrator, AlltraAdapter, Lockbox138 (trustless), PaymentChannelManager, GenericStateChannelManager, AddressMapper, MirrorManager, Vault/Reserve system, MerchantSettlementRegistry, WithdrawalEscrow, phased core, CREATE2 deterministic set, **DODOPMMIntegration** (`0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`) and **DODOPMMProvider** (`0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`) with corrected desired-state mesh aligned. See [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md) and [ADDRESS_MATRIX_AND_STATUS](ADDRESS_MATRIX_AND_STATUS.md). +- **Chain 138:** CCIP bridges (CCIPWETH9/10), UniversalCCIPBridge, BridgeOrchestrator, AlltraAdapter, Lockbox138 (trustless), PaymentChannelManager, GenericStateChannelManager, AddressMapper, MirrorManager, Vault/Reserve system, MerchantSettlementRegistry, WithdrawalEscrow, phased core, CREATE2 deterministic set, **DODOPMMIntegration** (`0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`) and **DODOPMMProvider** (`0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`) on the canonical official DODO V2 DVM-backed stack. See [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md) and [ADDRESS_MATRIX_AND_STATUS](ADDRESS_MATRIX_AND_STATUS.md). - **alltra-lifi-settlement:** MerchantSettlementRegistry, WithdrawalEscrow (Chain 138). --- @@ -30,16 +30,16 @@ | Item | Location | Status | What’s needed | |------|----------|--------|----------------| -| **DODOPMMIntegration** | `smom-dbis-138/contracts/dex/DODOPMMIntegration.sol` | **Deployed** (Chain 138: `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`) | Corrected canonical integration with desired-state JSON sync path. See [PMM_DEX_ROUTING_STATUS](PMM_DEX_ROUTING_STATUS.md), [DODO_PMM_INTEGRATION](../../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md). | -| **DODOPMMProvider** | `smom-dbis-138/contracts/liquidity/providers/DODOPMMProvider.sol` | Placeholder | Implement oracle-driven `optimizePoolParameters` (or document flow); complete when DODO is integrated. See [NOT_CHANGED_BY_DESIGN_ACTIONABLE_STEPS](../00-meta/NOT_CHANGED_BY_DESIGN_ACTIONABLE_STEPS.md) §3. | +| **DODOPMMIntegration** | `smom-dbis-138/contracts/dex/DODOPMMIntegration.sol` | **Deployed** (Chain 138: `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`) | Canonical official DODO V2 DVM-backed integration. See [PMM_DEX_ROUTING_STATUS](PMM_DEX_ROUTING_STATUS.md), [DODO_PMM_INTEGRATION](../../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md). | +| **DODOPMMProvider** | `smom-dbis-138/contracts/liquidity/providers/DODOPMMProvider.sol` | **Deployed** (Chain 138: `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`) | Canonical provider with the three public stable pools registered. | | **Test** | `test/dex/DODOPMMIntegration.t.sol.bak` | Renamed to .bak | Restore/fix and re-enable when DODO integration is active (mockCall ambiguity was reason for .bak). | ### 3.2 Uniswap / Balancer / EnhancedSwapRouter | Item | Location | Status | What’s needed | |------|----------|--------|----------------| -| **EnhancedSwapRouter** | `smom-dbis-138/contracts/bridge/trustless/EnhancedSwapRouter.sol` | Exists; placeholders | Set Uniswap V3 quoter address and Balancer poolId when pools exist on chain. Deploy via `script/bridge/trustless/DeployEnhancedSwapRouter.s.sol`. Script is mainnet-oriented; for Chain 138 set quoter/pool env when pools exist. See [PLACEHOLDERS_AND_TBD](../PLACEHOLDERS_AND_TBD.md), [REQUIRED_FIXES_UPDATES_GAPS](../REQUIRED_FIXES_UPDATES_GAPS.md) §4. | -| **Uniswap/Curve services** | `alltra-lifi-settlement/src/payments/uniswap/uniswap.service.ts`, `curve.service.ts` | Stubs | Implement when Uniswap/Curve pools exist on 138/651940. See [TEZOS_CCIP_REMAINING_ITEMS](../07-ccip/TEZOS_CCIP_REMAINING_ITEMS.md) §8. | +| **EnhancedSwapRouterV2 + venue adapters** | `smom-dbis-138/contracts/bridge/trustless/EnhancedSwapRouterV2.sol` and `contracts/bridge/trustless/adapters/` | Live on Chain 138 | Router-v2 plus executor adapters are deployed, and pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are funded and planner-visible. Keep `bash scripts/verify/check-chain138-pilot-dex-venues.sh` green after venue/publication changes. | +| **Uniswap/Curve services** | `alltra-lifi-settlement/src/payments/uniswap/uniswap.service.ts`, `curve.service.ts` | Stubs | Service-layer adoption remains optional even though the pilot-compatible Chain 138 venue layer is live. See [TEZOS_CCIP_REMAINING_ITEMS](../07-ccip/TEZOS_CCIP_REMAINING_ITEMS.md) §8. | ### 3.3 Full Trustless Bridge Stack (Cross-Chain Liquidity / Atomic Swaps) @@ -80,8 +80,8 @@ See [ADDRESS_MATRIX_AND_STATUS](ADDRESS_MATRIX_AND_STATUS.md) §4: “INBOX_ETH, |------------|----------|--------------| | **Cross-chain bridge (CCIP)** | CCIP WETH9/10, UniversalCCIPBridge, AlltraAdapter | — | | **TransactionMirror** | Mainnet (0x4CF42...); optional on 138 | Chain 138: run deploy script if needed; Mainnet: confirm Etherscan verification | -| **Dodo PMM liquidity** | DODOPMMIntegration deployed (Mock DVM); pools not created | Create PMM pools; add liquidity; deploy DODOPMMProvider and register pools | -| **Uniswap/Balancer swaps** | — | Pools on 138/651940; deploy EnhancedSwapRouter with quoter/poolId; implement uniswap.service when pools exist | +| **Dodo PMM liquidity** | Canonical official DODO V2 DVM-backed integration/provider deployed; three stable pools funded | Decide legacy XAU/private pool posture; keep router-v2 venue verification current | +| **Uniswap/Balancer/Curve/1inch swaps** | Pilot-compatible venues live on Chain 138 and wired into router-v2 | Upstream-native protocol deployments remain optional future work; current live path is the funded Chain 138 pilot venue layer. For the Uniswap-native replacement track, use [CHAIN138_UNISWAP_V3_UPSTREAM_NATIVE_RUNBOOK](../03-deployment/CHAIN138_UNISWAP_V3_UPSTREAM_NATIVE_RUNBOOK.md) and `bash scripts/verify/check-chain138-uniswap-v3-upstream-native-readiness.sh`. | | **Full trustless atomic swap** | Lockbox138 | InboxETH, BondManager, ChallengeManager, LiquidityPoolETH, SwapRouter, BridgeSwapCoordinator, MULTISIG | | **Multi-chain routing** | LiFi (and config) | Jumper API when supported; Curve/Uniswap stubs when pools exist; quote service Fabric chainId | @@ -90,5 +90,5 @@ See [ADDRESS_MATRIX_AND_STATUS](ADDRESS_MATRIX_AND_STATUS.md) §4: “INBOX_ETH, ## 5. Commands and References - **Deploy TransactionMirror (Chain 138):** `./scripts/deployment/deploy-transaction-mirror-chain138.sh` (then set `TRANSACTION_MIRROR_ADDRESS` in .env). See [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) § TransactionMirror. -- **Deploy EnhancedSwapRouter / Dodo:** [OPERATOR_OPTIONAL_CHECKLIST](OPERATOR_OPTIONAL_CHECKLIST.md) §6 — `script/deploy/dex/`, `script/bridge/trustless/DeployEnhancedSwapRouter.s.sol`; Chain 138: `--with-gas-price 1000000000`. -- **On-chain check (36 addresses):** `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` — does not include TransactionMirror or DODO/EnhancedSwapRouter. +- **Router-v2 / venue verification:** `bash scripts/verify/check-chain138-pilot-dex-venues.sh` — proves the funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are bytecode-present, funded, and publicly routable on Chain 138. +- **On-chain check (88 addresses):** `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` — current canonical count includes TransactionMirror, the canonical stable PMM stack, ISO20022Router, the cross-chain flash trio, the deployed GRU USD V2 addresses, router-v2 execution stack, the upstream-native Uniswap v3 stack, and the remaining funded pilot-compatible venue layer. diff --git a/docs/11-references/EXPLORER_ACCESS_API_REFERENCE.md b/docs/11-references/EXPLORER_ACCESS_API_REFERENCE.md new file mode 100644 index 00000000..b7ba5c2c --- /dev/null +++ b/docs/11-references/EXPLORER_ACCESS_API_REFERENCE.md @@ -0,0 +1,339 @@ +# Explorer Access API Reference + +## Purpose + +This is the quick-reference markdown companion to the explorer REST OpenAPI spec. It focuses on the access-management endpoints used by the `/access` console and RPC product layer. + +Canonical machine-readable spec: + +- `explorer-monorepo/backend/api/rest/swagger.yaml` + +## Authentication types + +### Wallet auth + +Used for wallet-driven explorer tracks. + +- `POST /api/v1/auth/nonce` +- `POST /api/v1/auth/wallet` + +### User-session auth + +Used for the explorer access console. + +- `POST /api/v1/auth/register` +- `POST /api/v1/auth/login` +- `Authorization: Bearer ` for `/api/v1/access/*` + +## Endpoints + +### Register + +`POST /api/v1/auth/register` + +Request: + +```json +{ + "email": "dev@example.com", + "username": "devuser", + "password": "strong-password" +} +``` + +Response: + +```json +{ + "user": { + "id": "uuid", + "email": "dev@example.com", + "username": "devuser", + "is_admin": false + }, + "token": "jwt", + "expires_at": "2026-04-16T12:00:00Z" +} +``` + +### Login + +`POST /api/v1/auth/login` + +Request: + +```json +{ + "email": "dev@example.com", + "password": "strong-password" +} +``` + +### List products + +`GET /api/v1/access/products` + +Response shape: + +```json +{ + "products": [ + { + "slug": "thirdweb-rpc", + "name": "Thirdweb RPC", + "provider": "thirdweb", + "vmid": 2103, + "http_url": "http://192.168.11.217:8545", + "ws_url": "ws://192.168.11.217:8546", + "default_tier": "pro", + "requires_approval": false, + "billing_model": "subscription", + "description": "Thirdweb-oriented Chain 138 RPC lane...", + "use_cases": ["thirdweb integrations"], + "management_features": ["API token issuance"] + } + ] +} +``` + +### Current user + +`GET /api/v1/access/me` + +Headers: + +```http +Authorization: Bearer +``` + +### List subscriptions + +`GET /api/v1/access/subscriptions` + +### Create or request subscription + +`POST /api/v1/access/subscriptions` + +Request: + +```json +{ + "product_slug": "alltra-rpc", + "tier": "pro" +} +``` + +Behavior: + +- self-service products become `active` +- approval-gated products become `pending` + +### List API keys + +`GET /api/v1/access/api-keys` + +### Create API key + +`POST /api/v1/access/api-keys` + +Request: + +```json +{ + "name": "CI integration", + "tier": "pro", + "product_slug": "thirdweb-rpc", + "expires_days": 30, + "monthly_quota": 150000, + "scopes": ["rpc:read", "rpc:write"] +} +``` + +Response: + +```json +{ + "api_key": "ek_...", + "record": { + "id": "uuid", + "name": "CI integration [thirdweb-rpc]", + "tier": "pro", + "productSlug": "thirdweb-rpc", + "scopes": ["rpc:read", "rpc:write"], + "monthlyQuota": 100000, + "requestsUsed": 0, + "approved": true, + "rateLimitPerSecond": 20, + "rateLimitPerMinute": 1000, + "revoked": false, + "createdAt": "2026-04-09T12:00:00Z" + } +} +``` + +Important: + +- plaintext API keys are only returned at creation time +- approval-gated products will reject creation until subscription is active +- `scopes` can be narrowed from the product defaults +- `expires_days: 0` or omission means no expiry + +### Revoke API key + +`POST /api/v1/access/api-keys/{id}` + +Alternative: + +`DELETE /api/v1/access/api-keys/{id}` + +### Usage summary + +`GET /api/v1/access/usage` + +Response shape: + +```json +{ + "usage": [ + { + "product_slug": "thirdweb-rpc", + "active_keys": 2, + "requests_used": 1450, + "monthly_quota": 200000 + } + ] +} +``` + +### User audit feed + +`GET /api/v1/access/audit?limit=20` + +Returns recent validated API-key activity for the signed-in user. + +### Admin audit feed + +`GET /api/v1/access/admin/audit?limit=50&product=thirdweb-rpc` + +Returns recent validated API-key activity across the platform for access admins. `product` is optional. + +### Admin subscription review + +`GET /api/v1/access/admin/subscriptions?status=pending` + +Requires: + +- `Authorization: Bearer ` +- the signed-in email must be listed in `ACCESS_ADMIN_EMAILS` + +`POST /api/v1/access/admin/subscriptions` + +Request: + +```json +{ + "subscription_id": "uuid", + "status": "active", + "notes": "Approved for managed partner rollout" +} +``` + +Allowed `status` values: + +- `active` +- `suspended` +- `revoked` + +### Internal key validation + +`POST /api/v1/access/internal/validate-key` + +or + +`GET /api/v1/access/internal/validate-key` + +Headers: + +```http +X-Access-Internal-Secret: +``` + +Request: + +```json +{ + "api_key": "ek_...", + "method_name": "eth_call", + "request_count": 1, + "last_ip": "203.0.113.10" +} +``` + +Response: + +```json +{ + "valid": true, + "key": { + "apiKeyId": "uuid", + "userId": "uuid", + "tier": "pro", + "productSlug": "thirdweb-rpc", + "scopes": ["rpc:read", "rpc:write"], + "monthlyQuota": 100000, + "requestsUsed": 1451, + "rateLimitPerSecond": 20, + "rateLimitPerMinute": 1000 + } +} +``` + +For nginx `auth_request`, use the `GET` form with headers instead of a JSON body: + +```http +X-Access-Internal-Secret: +X-API-Key: ek_... +X-Access-Method: eth_call +X-Access-Request-Count: 1 +``` + +That flow returns `200` or `401` and may emit: + +```http +X-Validated-Product: thirdweb-rpc +X-Validated-Tier: pro +X-Validated-Scopes: rpc:read,rpc:write +X-Quota-Remaining: 98549 +``` + +## Error patterns + +The REST API uses a consistent error shape: + +```json +{ + "error": { + "code": "bad_request", + "message": "Unknown product" + } +} +``` + +Common access-layer errors: + +- `unauthorized` +- `bad_request` +- `subscription_required` +- `forbidden` +- `internal_error` + +## Current caveats + +- the access layer models subscriptions and quotas, but full edge enforcement is still separate work +- billing collection is not part of these endpoints yet +- admin approval workflow is exposed, but still driven by a simple email allowlist instead of a full RBAC system +- Thirdweb deployment orchestration is a separate backend/CI concern from these access endpoints + +Related reference: + +- [THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md](../04-configuration/THIRDWEB_EXPLORER_PORTAL_DEPLOYMENT_MODEL.md) diff --git a/docs/11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md b/docs/11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md index 0d71dce5..464ad6ea 100644 --- a/docs/11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md +++ b/docs/11-references/EXPLORER_TOKEN_LIST_CROSSCHECK.md @@ -1,6 +1,6 @@ # Explorer Token List Cross-Check -**Last Updated:** 2026-03-04 +**Last Updated:** 2026-04-02 **Purpose:** Cross-check the token list shown at [https://explorer.d-bis.org/tokens](https://explorer.d-bis.org/tokens) against repo token lists, canonical addresses, and CONTRACT_ADDRESSES_REFERENCE. --- @@ -91,13 +91,12 @@ and use `dbis-138.tokenlist.json` as the curated source. See §9. | cUSDC (0xf22258…) | Yes | Match | | cEURC (0x808596…) | Yes | Match | -**Missing from dbis-138.tokenlist.json but present on Explorer (Blockscout):** -cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT. -So the **curated token list is missing 9 compliant tokens** that exist on-chain and appear on the Explorer. +**Historical gap (closed 2026-02-28):** +cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT were initially missing from `dbis-138.tokenlist.json`, but have since been added. The remaining issue is Blockscout metadata quality for WETH9, not token-list coverage. ### 3.2 `explorer-monorepo/backend/config/metamask/DUAL_CHAIN_TOKEN_LIST.tokenlist.json` -Chain 138 entries: same 7 as dbis-138 (ETH-USD, WETH, WETH10, LINK, cUSDT, cUSDC, cEURC). So **same gap**: the 9 additional compliant tokens (cEURT, cGBP*, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT) are **not** in the MetaMask token list. +Chain 138 entries were originally the same 7 as `dbis-138`, but the additional compliant tokens were added on 2026-02-28. Keep this file focused on live Explorer cross-checks rather than the closed token-list gap. ### 3.3 `ADDRESS_MATRIX_AND_STATUS.md` / `CONTRACT_ADDRESSES_REFERENCE.md` @@ -163,11 +162,11 @@ Use this table to align token lists and docs with the Explorer (Blockscout) and | Source | cUSDT/cUSDC pool | cUSDT/USDT pool | cUSDC/USDC pool | |--------|------------------|-----------------|----------------| -| **ai-mcp-pmm-controller/config/allowlist-138.json** | `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | `0x6fc60DEDc92a2047062294488539992710b99D71` | `0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263` | +| **ai-mcp-pmm-controller/config/allowlist-138.json** | `0x9e89bAe009adf128782E19e8341996c596ac40dC` | `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` | `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` | | **LIQUIDITY_POOLS_MASTER_MAP.md** | Same | Same | Same | | **DEPLOYER_CONTRACTS_INVENTORY / ADDRESS_MATRIX** | Same | Same | Same | -**Result:** Pool addresses should treat `0x6fc60DEDc92a2047062294488539992710b99D71` as the intended funded canonical `cUSDT/USDT` pool. `cross-chain-pmm-lps/config/deployment-status.json` does not list Chain 138 pools (it tracks cW* edge pools on other chains); Chain 138 PMM state is in allowlist and docs. +**Result:** Pool addresses should treat `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` as the funded canonical `cUSDT/USDT` pool. `cross-chain-pmm-lps/config/deployment-status.json` does not list Chain 138 pools (it tracks cW* edge pools on other chains); Chain 138 PMM state is in allowlist and docs. --- @@ -177,7 +176,7 @@ Use this table to align token lists and docs with the Explorer (Blockscout) and | Check | Result | |-------|--------| -| **Contract** | DODOPMMIntegration at `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` (Chain 138) | +| **Contract** | DODOPMMIntegration at `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` (Chain 138) | | **Method** | `eth_call` to `compliantUSDT()` and `compliantUSDC()` (RPC: `http://192.168.11.211:8545`) | | **compliantUSDT()** | `0x93e66202a11b1772e55407b32b44e5cd8eda7f22` — matches §5 canonical cUSDT | | **compliantUSDC()** | `0xf22258f57794cc8e06237084b353ab30fffa640b` — matches §5 canonical cUSDC | diff --git a/docs/11-references/EXPLORER_TRANSACTION_COMPLIANCE_MATRIX.md b/docs/11-references/EXPLORER_TRANSACTION_COMPLIANCE_MATRIX.md new file mode 100644 index 00000000..0e2599e1 --- /dev/null +++ b/docs/11-references/EXPLORER_TRANSACTION_COMPLIANCE_MATRIX.md @@ -0,0 +1,111 @@ +# Explorer Transaction Compliance Matrix + +Purpose: define the first explorer-side heuristic for grading how well a transaction is evidenced, decoded, and aligned with the repo's GRU, x402, and ISO-20022 posture. + +This matrix is intentionally operational and observational. It is not a legal opinion, regulatory ruling, or substitute for off-chain compliance controls. + +## Scope + +Use this score to: +- triage transactions in the explorer +- understand how much structured evidence is visible +- highlight transactions that deserve deeper human review + +Do not use this score as: +- final regulatory approval +- final settlement approval +- a substitute for policy-engine, KYC, AML, or ledger review + +## Score + +Total: `100` + +### 1. Execution Integrity + +Weight: `25` + +Signals: +- success vs failure +- presence of mined execution context +- overall confidence that the transaction actually completed as intended + +### 2. Decode Clarity + +Weight: `15` + +Signals: +- method label is known +- decoded input parameters are visible +- explorer can show structured intent rather than raw calldata only + +### 3. Counterparty Traceability + +Weight: `15` + +Signals: +- sender visible +- recipient or created contract visible +- block anchoring visible +- timestamp visible + +### 4. Asset Posture + +Weight: `20` + +Signals: +- transferred assets appear GRU-aware +- transferred assets appear x402-ready where relevant +- transferred assets appear ISO-20022-aligned in the local explorer posture + +Notes: +- this is neutral rather than punitive for transactions that do not include token transfers +- this is an explorer-side view based on local GRU intelligence, not a final institutional judgment + +### 5. Audit Richness + +Weight: `15` + +Signals: +- token transfers indexed +- internal calls visible +- raw input visible +- decoded input visible + +### 6. Exception Hygiene + +Weight: `10` + +Signals: +- explicit revert reason +- failed execution +- obvious exception posture that lowers confidence + +## Grades + +- `A`: `90-100` +- `B`: `80-89` +- `C`: `70-79` +- `D`: `60-69` +- `E`: `<60` + +## Interpretation + +- `A` means the explorer has strong structured evidence and the transaction is easy to review operationally. +- `B` means the transaction is still strong, but some context is missing. +- `C` means the transaction is understandable but not richly evidenced. +- `D` means review confidence is thin. +- `E` means the explorer-visible posture is weak and deserves caution. + +## Current Limitations + +- The matrix does not ingest off-chain policy decisions. +- The matrix does not prove legal or regulatory sufficiency. +- The matrix does not parse full ISO-20022 payloads. +- The matrix depends on explorer indexing quality and local GRU intelligence coverage. + +## Next Upgrades + +- add log-level standards and event scoring +- add ISO correlation identifiers when available +- add bridge-lane and cross-chain settlement evidence +- add reserve and governance posture where directly linked to tx context diff --git a/docs/11-references/GLOSSARY.md b/docs/11-references/GLOSSARY.md index 3415af77..38af5fc9 100644 --- a/docs/11-references/GLOSSARY.md +++ b/docs/11-references/GLOSSARY.md @@ -91,17 +91,17 @@ Outbound network traffic leaving the internal network. Egress NAT pools map inte Ethereum node identifier, a unique address that identifies a blockchain node on the network. Format: `enode://@:` ### ER605 -TP-Link ER605 router, used as the edge router in this architecture. Two routers (ER605-A and ER605-B) provide redundancy. +TP-Link ER605 router. Historical edge-router reference; the current active edge is UDM Pro. ### ES216G -TP-Link ES216G managed switch, used for network switching and VLAN trunking. Three switches provide core, compute, and management connectivity. +TP-Link ES216G managed switch. Historical switching reference in older topology notes. --- ## F ### Failover -Automatic switching to a backup system when the primary system fails. ER605 routers support WAN failover. +Automatic switching to a backup system when the primary system fails. ### Firewall Network security system that controls incoming and outgoing network traffic based on predetermined security rules. @@ -202,7 +202,7 @@ A computer or virtual machine that participates in a network. In blockchain cont ## O ### Omada -TP-Link's network management system. Used for managing ER605 routers and ES216G switches. +TP-Link's network management system. Historical reference for the retired ER605 / ES216G-managed topology; not part of the current UDM Pro edge path. ### Oracle In blockchain context, a service that provides external data to smart contracts. Chainlink provides oracle services. @@ -296,7 +296,7 @@ A communication protocol that provides full-duplex communication over a single T Ubiquiti Dream Machine Pro; edge router replacing ER605 in current topology. Public IP 76.53.10.34; port forwards 76.53.10.36:80/443 to NPMplus 192.168.11.167. ### WAN (Wide Area Network) -A network that spans a large geographic area. In this architecture, WAN refers to internet connections on UDM Pro (or ER605). +A network that spans a large geographic area. In this architecture, WAN refers to internet connections on the active UDM Pro edge. --- diff --git a/docs/11-references/GRU_V2_NATIVE_TOKEN_COMPLETENESS_MATRIX.md b/docs/11-references/GRU_V2_NATIVE_TOKEN_COMPLETENESS_MATRIX.md new file mode 100644 index 00000000..570d0589 --- /dev/null +++ b/docs/11-references/GRU_V2_NATIVE_TOKEN_COMPLETENESS_MATRIX.md @@ -0,0 +1,87 @@ +# GRU v2 Native-Token Completeness Matrix + +**Last Updated:** 2026-04-07 +**Purpose:** Track whether each served network is merely mapped or is actually complete in the live GRU v2 ecosystem. + +**Columns** + +- `Mapped`: token and lane metadata exist in the config surfaces +- `Deployed`: token contracts are recorded as deployed on the target chain +- `Bridge Live`: the deployment graph marks bridge availability for the chain/lane +- `Liquidity Live`: the deployment graph records public liquidity for the target GRU v2 / `cW*` surface +- `Routing Visible`: the public routing / planner surfaces can expose and use the lane + +--- + +## 1. Summary + +As of 2026-04-07: + +- The desired public EVM target set is now loaded across **11** chains. +- **10 / 11** loaded public EVM chains carry the full GRU v2 core `cW*` suite. +- Only **1** public protocol family (`DODO PMM`) has active public `cW*` pools today. +- Wave 1 non-USD assets (`EUR`, `JPY`, `GBP`, `AUD`, `CAD`, `CHF`, `XAU`) remain **canonical-only** on Chain 138. +- Non-EVM GRU targets remain **planned / relay-dependent**, not live native-routing surfaces. + +Source snapshot: `bash scripts/verify/check-gru-v2-public-protocols.sh --json` on 2026-04-07. + +--- + +## 2. Public EVM completeness + +| Chain | Chain ID | Mapped | Deployed | Bridge Live | Liquidity Live | Routing Visible | Notes | +|------|----------|--------|----------|-------------|----------------|-----------------|-------| +| Ethereum Mainnet | `1` | Yes | Yes | Yes | Yes | Partial | `13` recorded `cW*` tokens; `10` public DODO PMM pools recorded. | +| Optimism | `10` | Yes | Yes | Yes | Yes | Partial | `13` tokens; `2` public PMM pools recorded. | +| Cronos | `25` | Yes | Yes | Yes | Yes | Partial | `13` tokens; `2` public PMM pools recorded. | +| BSC | `56` | Yes | Yes | Yes | No | Partial | `15` tokens; no public `cW*` pools recorded. | +| Gnosis Chain | `100` | Yes | Yes | Yes | No | Partial | `13` tokens; no public `cW*` pools recorded. | +| Polygon | `137` | Yes | Yes | Yes | Yes | Partial | `14` tokens; `2` public PMM pools recorded. | +| Arbitrum One | `42161` | Yes | Yes | Yes | No | Partial | `13` tokens; no public pools recorded; current hub bootstrap blocker remains. | +| Celo | `42220` | Yes | Yes | Yes | No | Partial | `15` tokens; no public `cW*` pools recorded. | +| Avalanche C-Chain | `43114` | Yes | Yes | Yes | No | Partial | `15` tokens; no public `cW*` pools recorded. | +| Base | `8453` | Yes | Yes | Yes | No | Partial | `13` tokens; no public pools recorded. | +| Wemix | `1111` | Partial | Partial | No | No | No | Only `1` `cW*` token recorded; full core suite not loaded. | + +--- + +## 3. Canonical-chain / special-chain native-family completeness + +| Chain | Chain ID | Mapped | Deployed | Bridge Live | Liquidity Live | Routing Visible | Notes | +|------|----------|--------|----------|-------------|----------------|-----------------|-------| +| Chain 138 | `138` | Yes | Yes | Internal / canonical | Yes | Yes | Canonical DODO PMM, D3MM pilot, upstream-native Uniswap v3, and pilot-compatible Balancer / Curve / 1inch are live. | +| ALL Mainnet | `651940` | Yes | Partial | Partial | Partial | Partial | Native tokens and corridors exist, but GRU v2 completeness is still corridor-specific and not equivalent to the fully promoted EVM core set. | + +--- + +## 4. Non-EVM completeness + +| Network | VM type | Mapped | Deployed | Bridge Live | Liquidity Live | Routing Visible | Notes | +|---------|---------|--------|----------|-------------|----------------|-----------------|-------| +| Solana | SVM | Planning-only | No | No | No | No | `config/deployer-gas-routes.json` still marks Solana as manual / planning-only. | +| Tezos / Etherlink | non-EVM / hybrid | Partial | Partial | Relay-dependent | No | Partial | Present in planning and bridge docs, but not a live native GRU v2 edge surface. | + +--- + +## 5. Asset-state completeness + +| Asset family | Canonical deployed on 138 | Active transport | Public liquidity recorded | Notes | +|-------------|----------------------------|------------------|--------------------------|-------| +| USD | Yes | Yes | Yes | The only live transport asset family today. | +| EUR | Yes | No | Partial | Public Mainnet DODO PMM row exists, but transport is not active. | +| JPY | Yes | No | Partial | Same posture as EUR. | +| GBP | Yes | No | Partial | Same posture as EUR. | +| AUD | Yes | No | Partial | Same posture as EUR. | +| CAD | Yes | No | Partial | Same posture as EUR. | +| CHF | Yes | No | Partial | Same posture as EUR. | +| XAU | Yes | No | No | Canonical-only; not promoted into active transport or public edge liquidity. | + +--- + +## 6. Open blockers + +- Wave 1 non-USD assets remain canonical-only on Chain 138. +- Public `cW*` protocol rollout is still concentrated in DODO PMM; Uniswap v3, Balancer, Curve 3, and 1inch are not live on the public `cW*` mesh. +- Wemix does not yet have the full GRU v2 core suite recorded in the deployment graph. +- Solana remains planning-only and non-EVM targets remain relay / adapter dependent. +- Arbitrum public-network bootstrap is still blocked on the current Mainnet hub leg. diff --git a/docs/11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md b/docs/11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md new file mode 100644 index 00000000..400443a6 --- /dev/null +++ b/docs/11-references/GRU_V2_PUBLIC_PROTOCOL_DEPLOYMENT_STATUS.md @@ -0,0 +1,202 @@ +# GRU V2 Public Protocol Deployment Status + +**Last Updated:** 2026-04-04 +**Purpose:** Single truthful status surface for the GRU v2 public-network rollout across the public EVM `cW*` token mesh, Wave 1 bridge/transport activation, and the public protocol venues that matter for live `cW*` liquidity. + +--- + +## Bottom line + +The public EVM `cW*` token mesh is complete on the currently loaded 10-chain public EVM set, but the broader public-network GRU v2 rollout is still partial: + +- `USD` is the only live transport asset today. +- `EUR`, `JPY`, `GBP`, `AUD`, `CAD`, `CHF`, and `XAU` are still canonical-only on Chain 138. +- The first live public `cW*` liquidity wave is now recorded on `Ethereum Mainnet` through `DODO PMM`, while `Uniswap v3`, `Balancer`, `Curve 3`, and `1inch` remain not live on the public `cW*` mesh. + +This is the status the explorer should publish and the docs should repeat. + +--- + +## Canonical verifier + +Run: + +```bash +bash scripts/verify/check-gru-v2-public-protocols.sh +``` + +Machine-readable: + +```bash +bash scripts/verify/check-gru-v2-public-protocols.sh --json +``` + +Explorer-published JSON: + +- `https://explorer.d-bis.org/config/GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json` +- `https://explorer.d-bis.org/config/GRU_V2_DEPLOYMENT_QUEUE.json` + +--- + +## Current public-network truth + +### 1. Token mesh + +- Desired public EVM targets in the rollout plan: `11` +- Currently loaded public EVM `cW*` chains: `10` +- Loaded chains with the full core 12-token `cW*` suite: `10` +- Desired but not yet loaded in `deployment-status.json`: `Wemix` + +The loaded set is: + +- `Ethereum Mainnet` +- `Optimism` +- `Cronos` +- `BSC` +- `Gnosis` +- `Polygon` +- `Base` +- `Arbitrum` +- `Celo` +- `Avalanche` + +### 2. Transport / bridges + +- `USD` is the only live transport asset. +- Wave 1 still has `7` canonical-only assets: + - `EUR` + - `JPY` + - `GBP` + - `AUD` + - `CAD` + - `CHF` + - `XAU` +- These assets already exist canonically on Chain 138 and have `cW*` symbols and public EVM token contracts, but they are not yet promoted into the active transport overlay. + +### 3. Public protocol venues + +For the public `cW*` mesh, the repo now records: + +- `Uniswap v3`: `0` active public `cW*` pools +- `Balancer`: `0` +- `Curve 3`: `0` +- `DODO PMM`: `11` +- `1inch`: `0` + +That status comes directly from `cross-chain-pmm-lps/config/deployment-status.json`. The currently recorded public `cW*` pools are the Mainnet DODO PMM pairs: + +- `cWUSDT / USDC` → `0x27f3aE7EE71Be3d77bAf17d4435cF8B895DD25D2` +- `cWUSDC / USDC` → `0x69776fc607e9edA8042e320e7e43f54d06c68f0E` +- `cWUSDT / USDT` → `0x79156F6B7bf71a1B72D78189B540A89A6C13F6FC` +- `cWUSDC / USDT` → `0xCC0fd27A40775c9AfcD2BBd3f7c902b0192c247A` +- `cWUSDT / cWUSDC` → `0xe944b7Cb012A0820c07f54D51e92f0e1C74168DB` +- `cWEURC / USDC` → `0x0bC750F9c6DbDcd76B205695A356491b1B9ef098` +- `cWGBPC / USDC` → `0x5488042dF882893a3e7074453E2005CaDE4101b0` +- `cWAUDC / USDC` → `0x6c1bD4F43c5f330E50B61DE81066dA7C61a9b5b4` +- `cWCADC / USDC` → `0xE0F35b5736FDd0a2F4B618621b0A08F8D8A3f92A` +- `cWJPYC / USDC` → `0x8A4187dF0A8FE855cC53A4F7B2D8346588Ee9794` +- `cWCHFC / USDC` → `0x776Ca556deD3245984F504F4bef8Eeec55C50190` + +Live execution proof now covers the full first Mainnet DODO bootstrap wave in both directions, plus six non-USD Wave 1 Mainnet pools: + +- `cWUSDT / USDC` + - `0xbb0d20a541dfaddcc2922dabcf418fe7e43b04ca203ae3cc70781bbf284267cd` → `0.001 cWUSDT -> 0.000998 USDC` + - reverse proof: `0x3c9fddd83f127a47a414b554bac85b8ebbd5c1327adb0da2d7f3dfc1e2fca32c` → `0.001 USDC -> 0.000999 cWUSDT` +- `cWUSDC / USDC` + - `0x0039e2f72f5cb4ff17177528912f78bf838741ef313f2e2c5898f95f3f18b727` → `0.001 USDC -> 0.000998 cWUSDC` + - reverse proof: `0x9f9456a3d988c96bd4d51c0e910fa6b14056145fa19ef88298695eff8fc9dcbd` → `0.0009 cWUSDC -> 0.000899 USDC` +- `cWUSDT / USDT` + - `0x400e5671c101ff5bdc3761a683b4bc70b16a25f79269c78782bbc7c07c9d801b` → `0.001 cWUSDT -> 0.000998 USDT` + - reverse proof: `0xaa12faf0f6b8fca76debde8da7be7933538527b334fe53f4840fbfbe29cb6055` → `0.001 USDT -> 0.000999 cWUSDT` +- `cWUSDC / USDT` + - `0x7eaf83f6b0858b7dae16724897d041654c91781c67937dce4bda0350d099c2e7` → `0.001 USDT -> 0.000998 cWUSDC` + - reverse proof: `0xc821b5a69c904ddd3ea09a3277ab7413b572e5e68aa94f088408e3da7c8e283f` → `0.0009 cWUSDC -> 0.000899 USDT` +- `cWEURC / USDC` + - pool-create proof: `0x4997e53bb35a3916fe808e816cd551cb5d695640eff09262fb31b7e262e86dc3` + - liquidity-seed proof: `0x6c98411c5da0a6a8f7524b230b275ed0055c21ef3bf233cc19c6169f5d1b8d7a` → `1.25 cWEURC + 1.439625 USDC` + - forward swap proof: `0x1c8e06047ca8459e02f1e8298661b22a75cca34f282c966d4fb430f5e8df808a` → `0.001 cWEURC -> 0.001149 USDC` + - reverse proof: `0xf18269ac2d42631582b3103828acbdacfa321cb39e65327dcd06c356b68c24a0` → `0.001 USDC -> 0.000868 cWEURC` +- `cWGBPC / USDC` + - pool-create proof: `0x02ded4ce880cda655fcfb6f83cbb72d596e6c8c3009bb3e8397deeb2c76462d5` + - base-mint proof: `0x66f98488e6bf0e43474dae10117e63bbd12288d6be8a229b3f47ab1ada65075e` + - liquidity-seed proof: `0x35413622cadfca90bb1eb98bca9f21035d21b60c3d8d9065375a97d95069daf5` → `0.125 cWGBPC + 0.163063 USDC` + - forward swap proof: `0xea885a0bbeda94d2143c7e324e84fc2081bae01471bd4d7aaa703aa33168ecab` → `0.001 cWGBPC -> 0.001292 USDC` + - reverse proof: `0x5d015907b95dd676afe5a1a8fad08610befbb868b79f15b1df9101a6167dd9f0` → `0.001 USDC -> 0.000773 cWGBPC` +- `cWAUDC / USDC` + - pool-create proof: `0xbec2550827d6e4df1f32e5ea8f5222b4232002552580ecb8bffbfcba5f0f44a6` + - base-mint proof: `0x219e0f6c5e5b1eaba0acf2781044eb1a2bc2d77e6d326828dd91aeffd1e2eeec` + - liquidity-seed proof: `0x018ed68e440514112a42f7a529b91548143e7da12f89782561c931dadd48ecb7` → `0.125 cWAUDC + 0.081250 USDC` + - forward swap proof: `0xd67b9ea132526c840bb454eef63ac240e44a89e0009926b257968060fd6a7ed4` → `0.001 cWAUDC -> 0.000644 USDC` + - reverse proof: `0x71049c141655cd7d72a600da5be030b640b4c968ceb70eb956e700ab7e00a595` → `0.001 USDC -> 0.001542 cWAUDC` +- `cWCADC / USDC` + - pool-create proof: `0xf9792bf9a6da5823b77dc8fc767f33ce565f94f4fd04f386bd5cf10fd418c84d` + - base-mint proof: `0xa01eddf1c9275bf009af37a70949acff2976bfc863b24ca4e98494bab2e70d5c` + - liquidity-seed proof: `0xae438aab70baf11d82926d4c1753197fc9290cc37758553590db2915936ea213` → `0.125 cWCADC + 0.091250 USDC` + - forward swap proof: `0x917153557fd98caf907129368094885bcaea8a79f961fb92b9414545057bf92a` → `0.001 cWCADC -> 0.000723 USDC` + - reverse proof: `0x94dedebd427e4d6361945cd1e9b5a9d71343ec99584a0831e11cfa3a736e3b73` → `0.001 USDC -> 0.001375 cWCADC` +- `cWJPYC / USDC` + - pool-create proof: `0xe292f2e8cab9ae56e948c74ed8a72808e7bd7209acbdada65606ebbb716e4e1f` + - base-mint proof: `0x47c44682572ab1c2d3fb8ba2a3c293d64c90b4c5846acc1b47c74b7eac941925` + - liquidity-seed proof: `0x59c73541ed0168dad2d8a3ed8be8aa6046fd66d654c211c161336d6e293f2eca` → `0.125 cWJPYC + 0.000838 USDC` + - forward swap proof: `0x8abb8effd324e2d3dead4fbdc7857fd6997e74f4c7901ecc6de3a8a837760113` → `0.001 cWJPYC -> 0.000006 USDC` + - reverse proof: `0x7fb415f7e3c3906f8c5ba08b41451f5a30e5809cb4788105af08b4e4e31e2cb8` → `0.000100 USDC -> 0.013398 cWJPYC` +- `cWCHFC / USDC` + - pool-create proof: `0x077ecc6b7ffc28faff37be75b8992f3b033eb76f14734bcb9d4acd7b8a3e6b61` + - base-mint proof: `0x139b910a1bebb1d2683b91326bfd6798a7eff1042ed72191810411b6efc92095` + - liquidity-seed proof: `0x14b0cde93a07f56c542e1a3a6f61126ddcbfba0ed997b234ed8fd85f0c847715` → `0.125 cWCHFC + 0.138250 USDC` + - forward swap proof: `0xb1159e8615c7a66aa10938909cb43d149781002d6f6133a7f1e997d3653fdc4f` → `0.001 cWCHFC -> 0.001096 USDC` + - reverse proof: `0x82ae8d2bfce43e67d3dd2570eda619c9d5b310a0b48b40c71e5813d793c8be8f` → `0.001 USDC -> 0.000911 cWCHFC` + +Repeatable operator helper: + +```bash +bash scripts/deployment/run-mainnet-public-dodo-cw-swap.sh \ + --pair=cweurc-usdc \ + --direction=base-to-quote \ + --amount=1000 \ + --dry-run +``` + +Important quote/read-path nuance: + +- the live Mainnet DODO pools can execute swaps +- direct hosted `querySellBase` / `querySellQuote` reads may still revert +- the repo now carries a reserve-fallback quote path in `DODOPMMProvider.sol` for future deployments +- the repeatable swap helper detects direct query success and otherwise uses a conservative reserve-based quote with explicit `quoteSource` output +- `bash scripts/verify/check-mainnet-public-dodo-cw-bootstrap-pools.sh` now verifies all `10` recorded Mainnet public DODO pools are still mapped, funded, and dry-run routable + +Important distinction: + +- `Chain 138` canonical routing is a separate surface. +- On Chain 138, `DODO PMM`, upstream-native `Uniswap v3`, and the funded pilot-compatible `Balancer`, `Curve 3`, and `1inch` venues are live. +- That does **not** mean public-chain `cW*` liquidity is live. + +--- + +## Remaining blockers + +- Add the Chain 138 `ETH` / `WETH` completion surface: + - freeze `ETH`, `WETH9`, and `WETH10` oracle policy + - keep wrapper parity inside the `0.00001` target band + - fund the first anchor pools: `cUSDT/cUSDC/USDT/USDC <-> WETH` + - expose the resulting market feed publicly +- Enable transport for Wave 1: `EUR`, `JPY`, `GBP`, `AUD`, `CAD`, `CHF`, `XAU` +- Extend the first public-chain `cW*` pool wave beyond the now-seeded Mainnet `cWEURC / USDC`, `cWGBPC / USDC`, `cWAUDC / USDC`, `cWCADC / USDC`, `cWJPYC / USDC`, and `cWCHFC / USDC` rows and keep filling the tracked public mesh +- Then expose the later pool waves into the public protocol rows for `Uniswap v3`, `Balancer`, `Curve 3`, and `1inch` +- Continue the ranked GRU backlog after Wave 1 +- Keep Solana and other non-EVM targets in the planned / relay-dependent bucket until they have real transport surfaces + +For the concrete remediation path for each blocker, use the queue JSON `resolutionMatrix` or the operator doc below. + +--- + +## Related + +- [DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md](DEPLOYED_TOKENS_BRIDGES_LPS_AND_ROUTING_STATUS.md) +- [PMM_DEX_ROUTING_STATUS.md](PMM_DEX_ROUTING_STATUS.md) +- [CW_TOKENS_AND_NETWORKS.md](CW_TOKENS_AND_NETWORKS.md) +- [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](../04-configuration/GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md) +- [GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md](../03-deployment/GRU_V2_PUBLIC_DEPLOYMENT_QUEUE.md) +- [GRU_V2_BLOCKER_RESOLUTION_MATRIX.md](../03-deployment/GRU_V2_BLOCKER_RESOLUTION_MATRIX.md) +- [CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md](../03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md) +- [REMAINING_SUMMARY.md](../00-meta/REMAINING_SUMMARY.md) diff --git a/docs/11-references/HARDWARE_INVENTORY_MASTER.md b/docs/11-references/HARDWARE_INVENTORY_MASTER.md index 23e9a4e0..87d0eede 100644 --- a/docs/11-references/HARDWARE_INVENTORY_MASTER.md +++ b/docs/11-references/HARDWARE_INVENTORY_MASTER.md @@ -1,7 +1,8 @@ # Hardware inventory — master reference -**Last updated:** 2026-03-03 -**Purpose:** Single source of truth for total server, workstation, switching, and gateway hardware. +**Last updated:** 2026-04-07 +**Purpose:** Single source of truth for total server, workstation, switching, and gateway hardware. +**Live cluster + LAN edge:** newest `reports/status/hardware_and_connected_inventory_*.md` (refreshed by `scripts/verify/poll-proxmox-cluster-hardware.sh` + LAN probes). --- @@ -9,8 +10,8 @@ | Type | Count | Model / notes | Role | |------|-------|----------------|------| -| **Dell PowerEdge R630** | **13** | 2-socket, ECC, 2.5" bays | Proxmox cluster nodes (r630-01 … r630-13); IP plan 192.168.11.11–23. Currently 2 active (r630-01, r630-02); r630-03/04 documented powered off. See [R630_13_NODE_DOD_HA_MASTER_PLAN.md](../02-architecture/R630_13_NODE_DOD_HA_MASTER_PLAN.md). | -| **Dell PowerEdge R750** | **3** | 2U, 2-socket, NVMe/SSD, GPU-capable | **GPU/AI tier** — assign IPs 192.168.11.24–.26; 2–4 PCIe GPUs per node (e.g. A6000, L40S) for ML/inference. *Alternative:* [2× XE9680](XE9680_VS_R750_DECISION.md) (16× A100 80GB) for heavy AI/training instead of 3× R750. | +| **Dell PowerEdge R630** | **13** | 2-socket, ECC, 2.5" bays | Proxmox cluster nodes (r630-01 … r630-13); IP plan 192.168.11.11–23. **Live in cluster (2026-04-07):** ml110 + **r630-01 … r630-04** (five votes, quorum OK). r630-05 … r630-13 not on LAN on last sweep. See [R630_13_NODE_DOD_HA_MASTER_PLAN.md](../02-architecture/R630_13_NODE_DOD_HA_MASTER_PLAN.md). | +| **Dell PowerEdge R750** | **3** | 2U, 2-socket, NVMe/SSD, GPU-capable | **GPU/AI tier** — planned IPs 192.168.11.24–.26. **As of 2026-04-07:** `.26` is **not** an R750; it hosts **VMID 105** legacy NPM (OpenResty). `.24`/`.25` unused on last ping sweep. *Alternative:* [2× XE9680](XE9680_VS_R750_DECISION.md) (16× A100 80GB) for heavy AI/training instead of 3× R750. | **R630 IP plan (13 nodes):** 192.168.11.11 – 192.168.11.23 (r630-01 … r630-13). **R750 IP suggestion:** 192.168.11.24 – 192.168.11.26 (r750-01, r750-02, r750-03). Document in `config/ip-addresses.conf` as nodes are brought online. @@ -21,9 +22,9 @@ | Type | Count | Model / notes | Role | |------|-------|----------------|------| -| **Dell Precision 7920** | **2** | Tower workstation, multi-GPU capable | Admin, dev, or build workstations; assign IPs in 192.168.11.x (e.g. .30–.31); connect to management LAN and/or 10G if NICs support. | +| **Dell Precision 7920** | **2** | Tower workstation, multi-GPU capable | Admin, dev, or build workstations; assign explicit unused IPs in 192.168.11.x when provisioned; connect to management LAN and/or 10G if NICs support. | -**7920 IP suggestion:** 192.168.11.30 – 192.168.11.31 (workstation-01, workstation-02). +**7920 IP note:** Do not assume `.30` or `.31`. `.30` is currently spare after Omada retirement, and `.31` is assigned to Gitea. --- @@ -52,6 +53,7 @@ ## References +- **Cluster + connected devices (automated):** [hardware_and_connected_inventory_20260407_214748.md](../../reports/status/hardware_and_connected_inventory_20260407_214748.md) (newer timestamped files may exist in `reports/status/`) - **13-node architecture:** [02-architecture/R630_13_NODE_DOD_HA_MASTER_PLAN.md](../02-architecture/R630_13_NODE_DOD_HA_MASTER_PLAN.md) - **Network + cabling checklist:** [13_NODE_NETWORK_AND_CABLING_CHECKLIST.md](13_NODE_NETWORK_AND_CABLING_CHECKLIST.md) - **Bring-online checklist:** [13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md](13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md) diff --git a/docs/11-references/LIQUIDITY_POOLS_MASTER_MAP.md b/docs/11-references/LIQUIDITY_POOLS_MASTER_MAP.md index 6732e626..71573c91 100644 --- a/docs/11-references/LIQUIDITY_POOLS_MASTER_MAP.md +++ b/docs/11-references/LIQUIDITY_POOLS_MASTER_MAP.md @@ -62,16 +62,16 @@ This document maps all **private**, **public**, **reserve**, and **stabilization | Pool Pair | Type | DEX | Status | Notes | |-----------|------|-----|--------|-------| -| cUSDT / cUSDC | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0xff8d3b8fDF7B112759F076B69f4271D4209C0849`; seeded `10,000,000 / 10,000,000` | -| cUSDT / USDT (official mirror) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0x6fc60DEDc92a2047062294488539992710b99D71`; seeded `10,000,000 / 10,000,000` | -| cUSDC / USDC (official mirror) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0x0309178ae30302D83c76d6Dd402a684eF3160eec`; seeded `10,000,000 / 10,000,000` | +| cUSDT / cUSDC | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0x9e89bAe009adf128782E19e8341996c596ac40dC`; seeded on the canonical official-DVM stack and recalibrated 2026-04-02 with `i=1e18`, `k=0` | +| cUSDT / USDT (official mirror) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`; seeded on the canonical official-DVM stack and recalibrated 2026-04-02 with `i=1e18`, `k=0` | +| cUSDC / USDC (official mirror) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`; seeded on the canonical official-DVM stack and recalibrated 2026-04-02 with `i=1e18`, `k=0` | | cUSDT / XAU (cXAUC) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0`; reserves `2,666,965 cUSDT / 519.477 cXAUC` | | cUSDC / XAU (cXAUC) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0xEA9Ac6357CaCB42a83b9082B870610363B177cBa`; reserves `1,000,000 cUSDC / 194.782554 cXAUC` | | cEURT / XAU (cXAUC) | Public | DODO PMM | ✅ **Funded (live)** | Pool: `0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf`; reserves `1,000,000 cEURT / 225.577676 cXAUC` | **Purpose:** User routing, price discovery, flash loan access. **Not** primary stabilization. -**Contracts:** `DODOPMMIntegration.sol` at `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`; **DODOPMMProvider** at `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`; public stable and public XAU pools are live and funded. **Full mesh:** [PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md](../03-deployment/PMM_FULL_MESH_AND_PUBLIC_SINGLE_SIDED_PLAN.md) and `create-pmm-full-mesh-chain138.sh` (all c* vs c* + optional c* vs official). **Add liquidity:** [ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md](../03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md). **Pre-deployment steps:** [PRE_DEPLOYMENT_CHECKLIST.md](../03-deployment/PRE_DEPLOYMENT_CHECKLIST.md). +**Contracts:** `DODOPMMIntegration.sol` at `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`; **DODOPMMProvider** at `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`; **DODO Vending Machine / adapter** at `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C`. Public stable pools above are the current canonical routing set and were rebuilt on 2026-04-02 with `i=1e18`, `k=0` for true 1:1 stable quoting. The XAU pools below remain deployed on the older PMM phase until explicitly migrated. **Add liquidity:** [ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md](../03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md). **Pre-deployment steps:** [PRE_DEPLOYMENT_CHECKLIST.md](../03-deployment/PRE_DEPLOYMENT_CHECKLIST.md). **Config:** `CHAIN_138_DODO_PMM_INTEGRATION` set in .env; `CHAIN_138_DODO_POOL_MANAGER`, `CHAIN_138_DODO_VENDING_MACHINE` (optional). **Source:** [VAULT_SYSTEM_MASTER_TECHNICAL_PLAN.md](../VAULT_SYSTEM_MASTER_TECHNICAL_PLAN.md) §4, [DODO_PMM_INTEGRATION.md](../../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md) @@ -169,9 +169,15 @@ Not liquidity pools per se; they support XAU triangulation for private mesh pari M1 tokens on Chain 138 (cUSDT, cUSDC, cAUSDT, cEURC, cEURT, cUSDW) are bridged to public chains as **cW\*** wrappers (cWUSDT, cWUSDC, etc.). The intended public-chain stabilization model uses **single-sided PMM edge pools** (cW* / USDC, cW* / USDT, etc.) plus a **bot-driven stabilization mesh** when those components are deployed. Specs, pool matrix, peg bands, and deployment recipe: +**Current repo reality:** `cross-chain-pmm-lps/config/deployment-status.json` records cW token addresses on the supported public EVM chains and now includes the first live Mainnet DODO PMM cW pools: `cWUSDT/USDC`, `cWUSDC/USDC`, `cWUSDT/USDT`, `cWUSDC/USDT`, **`cWUSDT/cWUSDC`** (`0xe944b7Cb012A0820c07f54D51e92f0e1C74168DB`, one vault, both swap directions), and the first six non-USD Wave 1 rows `cWEURC/USDC` (`0x0bC750F9c6DbDcd76B205695A356491b1B9ef098`), `cWGBPC/USDC` (`0x5488042dF882893a3e7074453E2005CaDE4101b0`), `cWAUDC/USDC` (`0x6c1bD4F43c5f330E50B61DE81066dA7C61a9b5b4`), `cWCADC/USDC` (`0xE0F35b5736FDd0a2F4B618621b0A08F8D8A3f92A`), `cWJPYC/USDC` (`0x8A4187dF0A8FE855cC53A4F7B2D8346588Ee9794`), and `cWCHFC/USDC` (`0x776Ca556deD3245984F504F4bef8Eeec55C50190`). The repo still does **not** currently assert any live public cW* `Balancer`, `Curve`, `Uniswap`, or `1inch` venues, and the broader multi-chain cW* mesh remains incomplete. Avalanche still has the proven `cUSDT -> cWUSDT` mint corridor, but not a documented same-chain cW* / stable pool there. + +**Design gap closed:** `cross-chain-pmm-lps/config/pool-matrix.json` now covers the full GRU Wave 1 wrapped set (`cWEURC`, `cWEURT`, `cWGBPC`, `cWGBPT`, `cWAUDC`, `cWJPYC`, `cWCHFC`, `cWCADC`, `cWXAUC`, `cWXAUT`) across the tracked public EVM chain set. The remaining work is now operator deployment and funding, not missing design coverage. + - **[cross-chain-pmm-lps/README.md](../../cross-chain-pmm-lps/README.md)** — Submodule overview and quick start - **[cross-chain-pmm-lps/docs/06-deployment-recipe.md](../../cross-chain-pmm-lps/docs/06-deployment-recipe.md)** — Step-by-step deployment - **[cross-chain-pmm-lps/config/](../../cross-chain-pmm-lps/config/)** — token-map.json, pool-matrix.json, peg-bands.json, chains.json +- `bash scripts/verify/check-cw-public-pool-status.sh` — quick repo-state proof that cW tokens may exist while public-chain cW pools remain undeployed +- `bash scripts/verify/check-gru-v2-deployment-queue.sh` — operator-grade queue for Wave 1 transport + first-tier public cW pool rollout See [SUBMODULE_RELATIONSHIP_MAP.md](SUBMODULE_RELATIONSHIP_MAP.md) for submodule status. diff --git a/docs/11-references/NETWORK_CONFIGURATION_MASTER.md b/docs/11-references/NETWORK_CONFIGURATION_MASTER.md index 2a3d3833..5539b5a9 100644 --- a/docs/11-references/NETWORK_CONFIGURATION_MASTER.md +++ b/docs/11-references/NETWORK_CONFIGURATION_MASTER.md @@ -1,11 +1,13 @@ # Network Configuration Master -**Last Updated:** 2026-02-12 +**Last Updated:** 2026-04-03 **Status:** 🟢 Active Master Reference **Purpose:** Single source of truth for all network configurations (UDM Pro edge, Proxmox hosts, NPMplus, port forwarding) **Recent:** Option B (RPC via Cloudflare Tunnel) active for 6 RPC hostnames. E2E: [05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md](../05-network/E2E_CLOUDFLARE_DOMAINS_RUNBOOK.md); Option B: [05-network/OPTION_B_RPC_VIA_TUNNEL_RUNBOOK.md](../05-network/OPTION_B_RPC_VIA_TUNNEL_RUNBOOK.md). +**Proxmox cluster (verified 2026-04-02):** Five nodes, **quorate** (`pvecm`): **ml110** `192.168.11.10`, **r630-01** `.11`, **r630-02** `.12`, **r630-03** `.13`, **r630-04** `.14` (`r630-04.sankofa.nexus`). **r630-03** / **r630-04** remain **empty of guests**; workload stays on `.10`–`.12`. **Template vs live (read-only):** `bash scripts/verify/audit-proxmox-operational-template.sh` now SSHs **all five** IPs by default (`config/ip-addresses.conf`); ML110 may skip if SSH is down or host repurposed. **2026-04-08:** `config/proxmox-operational-template.json` + `ALL_VMIDS_ENDPOINTS.md` include Order **VMID 10000/10001/10020** (Postgres primary/replica + Redis on r630-01). **Package baseline (operator run):** all five nodes upgraded toward **pve-manager 9.1.7** and kernel **6.17.13-2-pve** (`apt full-upgrade`, **one node at a time**, reboot where a new kernel was installed). **r630-03** and **r630-04** had **no-subscription** apt sources applied first (they previously hit **401** on `enterprise.proxmox.com` without a subscription). **Shared LVM thin storage:** `data` / `local-lvm` in `/etc/pve/storage.cfg` include **ml110,r630-01,r630-03,r630-04**; **r630-04** uses dual SSDs in VG `pve` (~467 GiB thin data) plus Ceph OSDs on four SSDs; **r630-03** uses **sda3+sdb** in VG `pve` (~1 TiB thin data); **r630-03** **sdc–sdh** are **LVM thin pools** **`thin1-r630-03`** … **`thin6-r630-03`** (~226 GiB each; provision script in repo). **Other workstations:** if SSH to **r630-04** fails with **host key changed**, run `bash scripts/verify/refresh-proxmox-host-key-r630-04.sh` (or `ssh-keygen -R 192.168.11.14`) after confirming the new key out-of-band. + --- ## Network Overview @@ -17,14 +19,21 @@ - **VLAN:** 11 (MGMT-LAN) - **DNS Servers:** 8.8.8.8, 8.8.4.4 -### Proxmox Hosts (192.168.11.11–12; ml110 repurposed) +### Proxmox Hosts (five-node cluster; ml110 still PVE until WAN-aggregator cutover) -| Host | IP Address | Role | Status | -|------|------------|------|--------| -| r630-01 | 192.168.11.11 | Infrastructure, RPC, Services, **CCIP Relay** | ✅ Active | -| r630-02 | 192.168.11.12 | Firefly, NPMplus secondary, MIM4U | ✅ Active | +| Host (short) | **Canonical FQDN** | IP Address | Role | Status | +|--------------|----------------------|------------|------|--------| +| ml110 | **ml110.sankofa.nexus** | 192.168.11.10 | Besu validators/RPC (Chain 138); **still Proxmox** in cluster | ✅ Active | +| r630-01 | **r630-01.sankofa.nexus** | 192.168.11.11 | Infrastructure, RPC, Services, **CCIP Relay** | ✅ Active | +| r630-02 | **r630-02.sankofa.nexus** | 192.168.11.12 | Firefly, NPMplus secondary, MIM4U, Blockscout | ✅ Active | +| r630-03 | **r630-03.sankofa.nexus** | 192.168.11.13 | **Spare** (no LXCs/VMs); **pve** ~1 TiB + **thin1-r630-03**…**thin6-r630-03** on 6×SSD | ✅ Active | +| r630-04 | **r630-04.sankofa.nexus** | 192.168.11.14 | **Spare** (no LXCs/VMs); **pve** thin ~467 GiB + Ceph OSDs | ✅ Active | -**ML110 (192.168.11.10) repurposed:** ML110 Gen9 is being converted to **OPNsense/pfSense** with 8–12 GbE, acting as **WAN aggregator** between 6–10 Spectrum cable modems and the 2× UDM Pro gateways. After repurpose, .10 is the firewall appliance (not Proxmox). See [ML110_OPNSENSE_PFSENSE_WAN_AGGREGATOR.md](ML110_OPNSENSE_PFSENSE_WAN_AGGREGATOR.md). **Before repurpose:** Migrate all containers/VMs off ml110 to r630-01/r630-02 (or other R630s); cluster will be 2 nodes until r630-03+ join. +**Naming:** Proxmox hypervisor **management DNS** uses **`short-hostname.sankofa.nexus`** (same label as the Host column + `.sankofa.nexus`; see `config/ip-addresses.conf` `PROXMOX_FQDN_*`). Use FQDN for SSH, TLS cert SANs, and docs; IPs remain the wire target on VLAN 11. **Verify / bootstrap:** `bash scripts/verify/check-proxmox-mgmt-fqdn.sh` (`--print-hosts` for `/etc/hosts`); `bash scripts/security/ensure-proxmox-ssh-access.sh` (`--fqdn` when DNS exists). + +**ML110 (192.168.11.10) repurposed:** ML110 Gen9 is being converted to **OPNsense/pfSense** with 8–12 GbE, acting as **WAN aggregator** between 6–10 Spectrum cable modems and the 2× UDM Pro gateways. After repurpose, .10 is the firewall appliance (not Proxmox). See [ML110_OPNSENSE_PFSENSE_WAN_AGGREGATOR.md](ML110_OPNSENSE_PFSENSE_WAN_AGGREGATOR.md). **Before repurpose:** Migrate all containers/VMs off ml110 to r630-01/r630-02 (or other R630s). **r630-03/04** are available as migration targets (no guests; local **data**/**local-lvm** storage live as of 2026-04-02). + +**ml110 LVM hygiene (2026-04-02):** Stale **thin** LVs on **ml110** named **`vm-2503-disk-0`**, **`vm-6201-disk-0`**, **`vm-9000-*`** were **removed** after cluster config check: **2503** / **6201** live disks are on **r630-01** / **r630-02** (`/etc/pve/nodes/.../lxc/*.conf`); **9000** had no **`vmlist`** entry. **ml110 `pve-guests.service`:** can stay **`activating (start)`** for days if **`startall`** wedges (historical **`cfs-lock` / `vzstart`** timeouts). That blocks **`apt`** during **`pve-manager` postinst** ( **`systemctl reload-or-restart pvescheduler`** waits on **`pve-guests`** ). **Unblock:** `systemctl list-jobs`, then **`systemctl cancel `** for **`pve-guests.service`** and **`pvescheduler.service`**, then **`dpkg --configure -a`** if needed. After a host reboot, confirm **validators** **1003** / **1004** are **running** (`pct start` if not). **CCIP Relay (r630-01):** Host service at `/opt/smom-dbis-138/services/relay`; relays Chain 138 → Mainnet; uses VMID 2201 (192.168.11.221) for RPC. See [07-ccip/CCIP_RELAY_DEPLOYMENT.md](../07-ccip/CCIP_RELAY_DEPLOYMENT.md). @@ -32,7 +41,7 @@ **NPMplus #1 (76.53.10.36, LXC VMID 10233):** 192.168.11.166 (eth0) and 192.168.11.167 (eth1). Only **192.168.11.167** is used in UDM Pro port forwarding: 76.53.10.36:80 → 192.168.11.167:80, 76.53.10.36:443 → 192.168.11.167:443. Main d-bis.org, explorer, Option B RPC (6 hostnames), MIM4U, etc. -**NPMplus #3 (76.53.10.38, LXC VMID 10235):** 192.168.11.169 (single NIC). Port forwarding: 76.53.10.38:80/81/443 → 192.168.11.169:80/81/443. **Nathan's core-2 RPC, All Mainnet (Alltra), and HYBX** nodes and services route here. Designated public IP: 76.53.10.42. See [04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md](../04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md). +**NPMplus #3 (76.53.10.38, LXC VMID 10235):** 192.168.11.169 (single NIC). Port forwarding: 76.53.10.38:80/81/443 → 192.168.11.169:80/81/443. **Nathan's core-2 RPC, All Mainnet (Alltra), and HYBX** nodes and services route here. Designated public IP: 76.53.10.42. Public service names are intended to use the Cloudflare tunnel / proxied `CNAME` path first, with the direct edge kept as management or fallback. See [04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md](../04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md). **NPMplus #4 (76.53.10.40, LXC VMID 10236):** 192.168.11.170. Port forwarding: 76.53.10.40:80/81/443 → 192.168.11.170:80/81/443; optional 22 → 192.168.11.59 (dev VM). **Dev/Codespaces:** Gitea, Cursor Remote SSH, Proxmox admin panels (pve.r630-01, pve.r630-02). Dedicated Cloudflare Tunnel. *(ml110 repurposed to OPNsense/pfSense WAN aggregator; no longer Proxmox.)* See [04-configuration/DEV_CODESPACES_76_53_10_40.md](../04-configuration/DEV_CODESPACES_76_53_10_40.md) and [04-configuration/DEV_CODESPACES_NEXT_STEPS_CHECKLIST.md](../04-configuration/DEV_CODESPACES_NEXT_STEPS_CHECKLIST.md). @@ -177,7 +186,7 @@ These IPs are **fixed and permanent**. Scripts and configs must use these values - **Gateway:** 76.53.10.33 (Spectrum CPE; nmap shows 21, 22, 23, 80, 110, 143, 443, 3389 **filtered** on .33) - **UDM Pro:** 76.53.10.34 (replaced ER605; edge router) - **Port forwarding:** 76.53.10.36:80/443 → 192.168.11.167:80/443 (NPMplus). **Origin for public traffic** = 76.53.10.36. Verify 76.53.10.36:80 and :443 are **open from the internet** before using Fastly or direct; see [05-network/EDGE_PORT_VERIFICATION_RUNBOOK.md](../05-network/EDGE_PORT_VERIFICATION_RUNBOOK.md). -- **NPMplus Alltra/HYBX:** 76.53.10.38:80/81/443 → 192.168.11.169:80/81/443 (port forward); 76.53.10.42 designated public IP. See [04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md](../04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md). +- **NPMplus Alltra/HYBX:** 76.53.10.38:80/81/443 → 192.168.11.169:80/81/443 (port forward); 76.53.10.42 designated public IP. Public DNS for Alltra/HYBX services should prefer proxied Cloudflare tunnel `CNAME`s rather than direct `A` records to the designated IP. See [04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md](../04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md). - **NPMplus Fourth (dev/Codespaces):** 76.53.10.40:80/81/443 → 192.168.11.170; optional 22 → 192.168.11.59. See [04-configuration/UDM_PRO_DEV_CODESPACES_PORT_FORWARD.md](../04-configuration/UDM_PRO_DEV_CODESPACES_PORT_FORWARD.md). - **Usable:** 76.53.10.35-46 (13 IPs) - **Status:** ✅ Active @@ -260,6 +269,8 @@ Direct to RPC Nodes (192.168.11.211-243:8545/8546) ## Related Documents - **[NETWORK_CONFIGURATION_MASTER.md](NETWORK_CONFIGURATION_MASTER.md)** (this doc) - IP matrix above +- **[IT_OPS_EDGE_DISCOVERY_IPS.md](../04-configuration/IT_OPS_EDGE_DISCOVERY_IPS.md)** - LAN discovery IPs (.23, .26 VMID 105 NPM, .2 UDM HA, workstations) for IT IPAM +- **[VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md](../03-deployment/VLAN_FLAT_11_TO_SEGMENTED_RUNBOOK.md)** - ordered migration from flat VLAN 11 to segmented VLANs (operator checklist) - **[HARDWARE_INVENTORY_MASTER.md](HARDWARE_INVENTORY_MASTER.md)** - 13× R630, 3× R750, 2× Dell 7920, 2× UDM Pro, 2× UniFi XG 10G, ml110 - **[13_NODE_NETWORK_AND_CABLING_CHECKLIST.md](13_NODE_NETWORK_AND_CABLING_CHECKLIST.md)** - VLANs, topology, XG port mapping - **[13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md](13_NODE_AND_ASSETS_BRING_ONLINE_CHECKLIST.md)** - Bring-online order for R630/R750/7920/UDM Pro #2 diff --git a/docs/11-references/OPERATOR_ACTIONS.md b/docs/11-references/OPERATOR_ACTIONS.md index 60adffe5..9b46cdd9 100644 --- a/docs/11-references/OPERATOR_ACTIONS.md +++ b/docs/11-references/OPERATOR_ACTIONS.md @@ -8,9 +8,13 @@ Remaining actions need network/explorer access. Docs and scripts in repo are com **Remaining (optional):** -1. **On-chain check:** Run `./scripts/verify/check-contracts-on-chain-138.sh` from a host with RPC access — **Done 2026-02-11** (26/26 OK). Re-run when new contracts deployed. -2. **Blockscout verification:** From host that can reach Blockscout — proxy script or direct forge / manual UI; see [OPERATOR_OPTIONAL_CHECKLIST](OPERATOR_OPTIONAL_CHECKLIST.md) § 1 and [BLOCKSCOUT_VERIFICATION_GUIDE](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md). +1. **On-chain check:** Run `./scripts/verify/check-contracts-on-chain-138.sh` from a host with RPC access — current canonical result is **86/86 OK**. Re-run when new contracts are deployed. +2. **Blockscout verification:** From host that can reach Blockscout — proxy script or direct forge / manual UI; see [OPERATOR_OPTIONAL_CHECKLIST](OPERATOR_OPTIONAL_CHECKLIST.md) § 1 and [BLOCKSCOUT_VERIFICATION_GUIDE](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md). The cross-chain flash trio is already verified and can be rechecked with `bash scripts/verify/check-cross-chain-flash-infra-chain138.sh`. The DODO v3 pilot verification helper is `bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh`; at present `D3Oracle`, `D3Vault`, `DODOApprove`, and `DODOApproveProxy` are fully source-verified, while `D3MMFactory` and `D3Proxy` currently expose bytecode-only metadata after verification submission. 3. ~~Reconcile `smom-dbis-138/.env`~~ — **Done 2026-02-11.** One entry per variable; matches CONTRACT_ADDRESSES_REFERENCE § Canonical. 4. ~~Multicall vs Oracle at 0x99b3...~~ — **Done 2026-02-11.** Confirmed Oracle Aggregator; documented in CONTRACT_ADDRESSES_REFERENCE. +5. ~~Cross-chain flash infra deploy + verify~~ — **Done 2026-04-03.** Recheck with `bash scripts/verify/check-cross-chain-flash-infra-chain138.sh`. +6. ~~DODO v3 pilot health~~ — **Done 2026-04-03.** Recheck with `bash scripts/verify/check-dodo-v3-chain138.sh`. +7. ~~DODO v3 stable-feed promotion~~ — **Done 2026-04-02.** Managed `USDT/USD`, `USDC/USD`, `cUSDT/USD`, and `cUSDC/USD` feeds are live in the pilot; recheck with `bash scripts/verify/check-dodo-v3-chain138.sh`. +8. ~~DODO v3 `WETH10` oracle promotion~~ — **Done 2026-04-02.** `D3Oracle` now uses `Oracle_Aggregator=0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` for `WETH10`; recheck with `bash scripts/verify/check-dodo-v3-chain138.sh`. -All other optional tasks (trustless bridge, mainnet, CREATE2, vault, Dodo, eMoney, channels): see [OPERATOR_OPTIONAL_CHECKLIST](OPERATOR_OPTIONAL_CHECKLIST.md). +All other optional tasks (broader trustless expansion, mainnet, CREATE2 expansion, vault, public Dodo promotion, eMoney, channels beyond the deployed Chain 138 set): see [OPERATOR_OPTIONAL_CHECKLIST](OPERATOR_OPTIONAL_CHECKLIST.md). For DODO v3 specifically, planner-v2 promotion, public `/token-aggregation/api/v2` publication, and router-v2 execution are now live for the canonical `WETH10 <-> USDT` pilot lane; the remaining promotion work is any later decision to move D3 beyond the current private-pilot posture into the canonical public execution set. diff --git a/docs/11-references/OPERATOR_OPTIONAL_CHECKLIST.md b/docs/11-references/OPERATOR_OPTIONAL_CHECKLIST.md index e83b00d7..b3a974f5 100644 --- a/docs/11-references/OPERATOR_OPTIONAL_CHECKLIST.md +++ b/docs/11-references/OPERATOR_OPTIONAL_CHECKLIST.md @@ -17,6 +17,10 @@ source smom-dbis-138/.env 2>/dev/null ``` - RPC and Blockscout must be reachable (set `RPC_URL_138` for Core; explorer.d-bis.org for Blockscout). - If submission returns "Invalid JSON", use Option B or C. +- **DODO v3 pilot helper:** `bash scripts/verify/verify-dodo-v3-chain138-blockscout.sh` + - Confirms the core DODO v3 pilot control plane on Chain 138. + - Current fully materialized Blockscout-verification set: `D3Oracle`, `D3Vault`, `DODOApprove`, `DODOApproveProxy`. + - Current explorer caveat: `D3MMFactory` and `D3Proxy` accept verification submissions but still expose bytecode-only metadata in Blockscout instead of the full source-verification fields. **Option B — Direct Forge (same host, explorer reachable):** ```bash diff --git a/docs/11-references/OPERATOR_RUN_SUMMARY.md b/docs/11-references/OPERATOR_RUN_SUMMARY.md index 77981033..ec8a26e0 100644 --- a/docs/11-references/OPERATOR_RUN_SUMMARY.md +++ b/docs/11-references/OPERATOR_RUN_SUMMARY.md @@ -1,5 +1,7 @@ # Operator actions — run summary +> Historical note: this document captures the 2026-02-11 operator pass. The current canonical Chain 138 bytecode target has since expanded to **67/67** and now includes the stable PMM stack, ISO20022Router, and the cross-chain flash trio. + **Date:** 2026-02-11 **Actions attempted:** All four operator actions from [CONTRACT_NEXT_STEPS_LIST](CONTRACT_NEXT_STEPS_LIST.md). @@ -11,7 +13,7 @@ |-------|----------------|-----| | **DNS** | `rpc-core.d-bis.org` / `explorer.d-bis.org` don't resolve off-LAN (e.g. "Could not resolve host"). | Run from VPN or a host with internal DNS; or pass a reachable RPC: `./scripts/verify/check-contracts-on-chain-138.sh `. | | **Private LAN** | Set `RPC_URL_138` (e.g. `http://192.168.11.211:8545`); Blockscout `192.168.11.140:4000`. Only reachable on 192.168.11.x LAN. | Run scripts from a host on that LAN or connected via VPN. | -| **Script behavior** | The on-chain check script now loads `config/ip-addresses.conf` and prints a clear **WARN** when RPC is unreachable. On LAN (no RPC arg), it uses that config and gets **26/26 OK**. | Use `SKIP_EXIT=1` for report-only when RPC is unreachable. | +| **Script behavior** | The on-chain check script now loads `config/ip-addresses.conf` and prints a clear **WARN** when RPC is unreachable. At the time of this run it reported **26/26 OK**; the current canonical target is **67/67**. | Use `SKIP_EXIT=1` for report-only when RPC is unreachable. | --- @@ -19,7 +21,7 @@ **Command run:** `./scripts/verify/check-contracts-on-chain-138.sh` (or with `https://rpc-core.d-bis.org` explicitly). -**Result (2026-02-11 re-run):** **26 present, 0 missing** when RPC was reachable. All 26 canonical addresses have bytecode on-chain. When RPC is unreachable, script reports all MISS and prints WARN. +**Result (2026-02-11 re-run):** **26 present, 0 missing** when RPC was reachable. At that time, all 26 canonical addresses had bytecode on-chain. The current canonical target is **67 present, 0 missing**. When RPC is unreachable, the script reports all MISS and prints WARN. **To re-run:** Run from a host with RPC access: `./scripts/verify/check-contracts-on-chain-138.sh` (uses `RPC_URL_138`), or pass URL as argument. Use `SKIP_EXIT=1` for report-only when RPC is unreachable. @@ -55,7 +57,7 @@ | Action | Status | From this host | To complete from LAN/VPN | |---------------------|---------------|------------------------|-------------------------------| -| On-chain check | **26/26 OK** (2026-02-11) | RPC reachable; all 26 addresses present | Re-run when new contracts deployed | +| On-chain check | **26/26 OK** (2026-02-11 historical run) | RPC reachable; all 26 addresses present at that time | Current target is **67/67**; re-run when new contracts deployed | | Blockscout verify | Attempted; submission can fail (Invalid JSON) | Proxy runs; Blockscout API may need manual verify | Manual verify at explorer or fix API | | Reconcile .env | **Done** | .env already matched | None | | Multicall vs Oracle | **Done** 2026-02-11 | Confirmed via RPC (Oracle Aggregator) | Documented in CONTRACT_ADDRESSES_REFERENCE | diff --git a/docs/11-references/PMM_DEX_ROUTING_STATUS.md b/docs/11-references/PMM_DEX_ROUTING_STATUS.md index 8d9d9d5c..18419759 100644 --- a/docs/11-references/PMM_DEX_ROUTING_STATUS.md +++ b/docs/11-references/PMM_DEX_ROUTING_STATUS.md @@ -1,18 +1,42 @@ # PMM Liquidity Pools & DEX/DeFi Routing — Full System Status -**Last Updated:** 2026-03-26 +**Last Updated:** 2026-04-03 **Purpose:** Single reference for DEX/DeFi and PMM liquidity pool routing — what is designed, deployed, and in use. --- -## Executive summary (updated 2026-03-26) +## Executive summary (updated 2026-04-01) -- **DODOPMMIntegration** is **deployed** on Chain 138 at `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`. The corrected canonical stack now has **104 desired-state pools aligned**. -- **DODOPMMProvider** is **deployed** at `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` with **104/104 provider routes aligned** to the integration. -- **Live funded public pools** are: cUSDT/cUSDC (`0xff8d3b8fDF7B112759F076B69f4271D4209C0849`), cUSDT/USDT (`0x6fc60DEDc92a2047062294488539992710b99D71`), cUSDC/USDC (`0x9f74Be42725f2Aa072a9E0CdCce0E7203C510263`), cUSDT/cXAUC (`0x94316511621430423a2cff0C036902BAB4aA70c2`), cUSDC/cXAUC (`0x7867D58567948e5b9908F1057055Ee4440de0851`), cEURT/cXAUC (`0x505403093826D494983A93b43Aa0B8601078A44e`). -- **EnhancedSwapRouter** is **not deployed**; multi-provider DEX routing (Uniswap/Balancer/Curve/1inch) is not live. -- **Token-aggregation** service is implemented and runnable (single-hop quotes; can index DODO pools). **Bridge quote API** (swap+bridge+swap) is implemented. -- **Full system status:** PMM liquidity and DODOPMMProvider routing are **deployed and in use** on Chain 138. Remaining: add liquidity to pools as needed; optionally deploy EnhancedSwapRouter when other DEX pools exist on 138. +- **DODOPMMIntegration** is **deployed** on Chain 138 at `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`. +- **DODOPMMProvider** is **deployed** at `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` and now points at the official DODO V2 DVM-backed integration. +- **Official DODO V2 DVMFactory** is **deployed** at `0xc93870594C7f83A0aE076c2e30b494Efc526b68E`; the canonical `DODO_VENDING_MACHINE_ADDRESS` / adapter is `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C`. +- **Canonical public pools on the current stack** are: + - cUSDT/cUSDC: `0x9e89bAe009adf128782E19e8341996c596ac40dC` — funded + - cUSDT/USDT: `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` — funded + - cUSDC/USDC: `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` — funded + - canonical stable-pair calibration: `i=1e18`, `k=0`, `lpFeeRate=10 bps`, `isOpenTWAP=false` +- **EnhancedSwapRouterV2** is **deployed** and the Chain 138 multi-provider venue layer is now live for the canonical upstream-native `Uniswap_v3` lane plus the funded pilot-compatible `Balancer`, `Curve_3`, and `1inch` execution venues. +- **Canonical planner exposure is live:** the published `/token-aggregation/api/v2` capability surface marks `uniswap_v3`, `balancer`, `curve`, and `one_inch` as live on Chain 138, and the canonical `WETH -> USDT` routing asset lane now resolves publicly through the **upstream-native Uniswap v3 router/quoter** (`0xde9...` / `0x6abb...`) and the corrected fee-500 pool `0xa893...`. This uses the routing token `WETH` (`0xC02a...`), not the separate `CCIPWETH9Bridge` / `CCIPWETH10Bridge` transport addresses. +- **Do not conflate Chain 138 venues with public-chain cW* liquidity:** the live `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues described here are for canonical Chain 138 routing lanes. The public-chain `cW*` **token mesh is live on the currently loaded 10-chain public EVM set**, and the first live public `cW*` pool wave is now recorded on Mainnet through `DODO PMM` (`cWUSDT/USDC`, `cWUSDC/USDC`, `cWUSDT/USDT`, `cWUSDC/USDT`, `cWUSDT/cWUSDC`, `cWEURC/USDC`, `cWGBPC/USDC`, `cWAUDC/USDC`, `cWCADC/USDC`, `cWJPYC/USDC`, `cWCHFC/USDC`). The broader public-chain `cW*` mesh is still partial and not yet live across `Uniswap`, `Balancer`, `Curve`, or `1inch`. +- **The full first Mainnet public DODO cW bootstrap wave is now exercised live in both directions:** using `DODOPMMIntegration_MAINNET=0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84`, the recorded bootstrap pools now have bidirectional proof swaps: + - `cWUSDT/USDC`: `0xbb0d20a541dfaddcc2922dabcf418fe7e43b04ca203ae3cc70781bbf284267cd` (`0.001 cWUSDT -> 0.000998 USDC`) and `0x3c9fddd83f127a47a414b554bac85b8ebbd5c1327adb0da2d7f3dfc1e2fca32c` (`0.001 USDC -> 0.000999 cWUSDT`) + - `cWUSDC/USDC`: `0x0039e2f72f5cb4ff17177528912f78bf838741ef313f2e2c5898f95f3f18b727` (`0.001 USDC -> 0.000998 cWUSDC`) and `0x9f9456a3d988c96bd4d51c0e910fa6b14056145fa19ef88298695eff8fc9dcbd` (`0.0009 cWUSDC -> 0.000899 USDC`) + - `cWUSDT/USDT`: `0x400e5671c101ff5bdc3761a683b4bc70b16a25f79269c78782bbc7c07c9d801b` (`0.001 cWUSDT -> 0.000998 USDT`) and `0xaa12faf0f6b8fca76debde8da7be7933538527b334fe53f4840fbfbe29cb6055` (`0.001 USDT -> 0.000999 cWUSDT`) + - `cWUSDC/USDT`: `0x7eaf83f6b0858b7dae16724897d041654c91781c67937dce4bda0350d099c2e7` (`0.001 USDT -> 0.000998 cWUSDC`) and `0xc821b5a69c904ddd3ea09a3277ab7413b572e5e68aa94f088408e3da7c8e283f` (`0.0009 cWUSDC -> 0.000899 USDT`) +- **The first non-USD Wave 1 Mainnet public DODO row is now live:** `cWEURC/USDC` pool `0x0bC750F9c6DbDcd76B205695A356491b1B9ef098` was created in `0x4997e53bb35a3916fe808e816cd551cb5d695640eff09262fb31b7e262e86dc3`, seeded in `0x6c98411c5da0a6a8f7524b230b275ed0055c21ef3bf233cc19c6169f5d1b8d7a` with `1.25 cWEURC` and `1.439625 USDC`, and exercised bidirectionally by `0x1c8e06047ca8459e02f1e8298661b22a75cca34f282c966d4fb430f5e8df808a` (`0.001 cWEURC -> 0.001149 USDC`) and `0xf18269ac2d42631582b3103828acbdacfa321cb39e65327dcd06c356b68c24a0` (`0.001 USDC -> 0.000868 cWEURC`). +- **The second non-USD Wave 1 Mainnet public DODO row is now live:** `cWGBPC/USDC` pool `0x5488042dF882893a3e7074453E2005CaDE4101b0` was created in `0x02ded4ce880cda655fcfb6f83cbb72d596e6c8c3009bb3e8397deeb2c76462d5`, base inventory was minted in `0x66f98488e6bf0e43474dae10117e63bbd12288d6be8a229b3f47ab1ada65075e`, the pool was seeded in `0x35413622cadfca90bb1eb98bca9f21035d21b60c3d8d9065375a97d95069daf5` with `0.125 cWGBPC` and `0.163063 USDC`, and it is now exercised bidirectionally by `0xea885a0bbeda94d2143c7e324e84fc2081bae01471bd4d7aaa703aa33168ecab` (`0.001 cWGBPC -> 0.001292 USDC`) and `0x5d015907b95dd676afe5a1a8fad08610befbb868b79f15b1df9101a6167dd9f0` (`0.001 USDC -> 0.000773 cWGBPC`). +- **The third non-USD Wave 1 Mainnet public DODO row is now live:** `cWAUDC/USDC` pool `0x6c1bD4F43c5f330E50B61DE81066dA7C61a9b5b4` was created in `0xbec2550827d6e4df1f32e5ea8f5222b4232002552580ecb8bffbfcba5f0f44a6`, base inventory was minted in `0x219e0f6c5e5b1eaba0acf2781044eb1a2bc2d77e6d326828dd91aeffd1e2eeec`, seeded in `0x018ed68e440514112a42f7a529b91548143e7da12f89782561c931dadd48ecb7` with `0.125 cWAUDC` and `0.081250 USDC`, and exercised bidirectionally by `0xd67b9ea132526c840bb454eef63ac240e44a89e0009926b257968060fd6a7ed4` (`0.001 cWAUDC -> 0.000644 USDC`) and `0x71049c141655cd7d72a600da5be030b640b4c968ceb70eb956e700ab7e00a595` (`0.001 USDC -> 0.001542 cWAUDC`). +- **The fourth non-USD Wave 1 Mainnet public DODO row is now live:** `cWCADC/USDC` pool `0xE0F35b5736FDd0a2F4B618621b0A08F8D8A3f92A` was created in `0xf9792bf9a6da5823b77dc8fc767f33ce565f94f4fd04f386bd5cf10fd418c84d`, base inventory was minted in `0xa01eddf1c9275bf009af37a70949acff2976bfc863b24ca4e98494bab2e70d5c`, seeded in `0xae438aab70baf11d82926d4c1753197fc9290cc37758553590db2915936ea213` with `0.125 cWCADC` and `0.091250 USDC`, and exercised bidirectionally by `0x917153557fd98caf907129368094885bcaea8a79f961fb92b9414545057bf92a` (`0.001 cWCADC -> 0.000723 USDC`) and `0x94dedebd427e4d6361945cd1e9b5a9d71343ec99584a0831e11cfa3a736e3b73` (`0.001 USDC -> 0.001375 cWCADC`). +- **The fifth non-USD Wave 1 Mainnet public DODO row is now live:** `cWJPYC/USDC` pool `0x8A4187dF0A8FE855cC53A4F7B2D8346588Ee9794` was created in `0xe292f2e8cab9ae56e948c74ed8a72808e7bd7209acbdada65606ebbb716e4e1f`, base inventory was minted in `0x47c44682572ab1c2d3fb8ba2a3c293d64c90b4c5846acc1b47c74b7eac941925`, seeded in `0x59c73541ed0168dad2d8a3ed8be8aa6046fd66d654c211c161336d6e293f2eca` with `0.125 cWJPYC` and `0.000838 USDC`, and exercised bidirectionally by `0x8abb8effd324e2d3dead4fbdc7857fd6997e74f4c7901ecc6de3a8a837760113` (`0.001 cWJPYC -> 0.000006 USDC`) and `0x7fb415f7e3c3906f8c5ba08b41451f5a30e5809cb4788105af08b4e4e31e2cb8` (`0.000100 USDC -> 0.013398 cWJPYC`). +- **The sixth non-USD Wave 1 Mainnet public DODO row is now live:** `cWCHFC/USDC` pool `0x776Ca556deD3245984F504F4bef8Eeec55C50190` was created in `0x077ecc6b7ffc28faff37be75b8992f3b033eb76f14734bcb9d4acd7b8a3e6b61`, base inventory was minted in `0x139b910a1bebb1d2683b91326bfd6798a7eff1042ed72191810411b6efc92095`, seeded in `0x14b0cde93a07f56c542e1a3a6f61126ddcbfba0ed997b234ed8fd85f0c847715` with `0.125 cWCHFC` and `0.138250 USDC`, and exercised bidirectionally by `0xb1159e8615c7a66aa10938909cb43d149781002d6f6133a7f1e997d3653fdc4f` (`0.001 cWCHFC -> 0.001096 USDC`) and `0x82ae8d2bfce43e67d3dd2570eda619c9d5b310a0b48b40c71e5813d793c8be8f` (`0.001 USDC -> 0.000911 cWCHFC`). +- **Quote/read-path nuance:** those same Mainnet pools can still revert on direct hosted `querySellBase` / `querySellQuote` reads. Treat affected rows as **partial DODO surface / integration-only** pools: reserve and mid-price getters may still work, but the public `querySell*` path and raw `sellBase` / `sellQuote` assumptions are not reliable. The repo now carries two fixes: `DODOPMMProvider.sol` has a reserve-based quote fallback for future deployments, and `bash scripts/deployment/run-mainnet-public-dodo-cw-swap.sh` now tries direct reads first, reports `quoteSource`, classifies the pool surface, and refuses unsafe raw direct fallback on integration-only pools. +- **Canonical public status surface:** use `bash scripts/verify/check-gru-v2-public-protocols.sh` or `https://explorer.d-bis.org/config/GRU_V2_PUBLIC_DEPLOYMENT_STATUS.json` for the GRU v2 public-network truth table. That explorer surface keeps the public EVM `cW*` token mesh, Wave 1 transport state, and the five public protocol rows aligned in one place. +- **Live router-v2 execution is proven beyond a single smoke test:** on 2026-04-03 the public planner/internal-execution path successfully executed `USDT -> WETH` swaps through `EnhancedSwapRouterV2` for notionals `10`, `50`, `100`, `250`, `500`, and `1000` USD. Tx hashes: `0x4e39d544c41e09a2bbabd5598dcd0e82e8496db6e712829284597f9a207dbae5`, `0xb30728ac35207d22ed2a0ba97b9e43a93c662a2eb33ce7acc16ff160a8483fe4`, `0x062446a59ab0be3141197738f3e6b74e9c882b57ab4cc636258859b5c5015ffc`, `0x0c817ae5bedd83cb86118f75b031ce4b5b6c5df8d20e49928a3ddfb26a0fdd68`, `0x9eacb773b6d399801e1bdebc55fe5171792a71d7fabb0351531be443b05883d4`, `0xe17ccb774188d77d5c6451cbf06437d6d338a45aa407fb56072a6bb123ddb6f8`. +- **Token-aggregation** service is implemented, running publicly on `explorer.d-bis.org`, and now persists the canonical Chain 138 stable pools on its standalone explorer deployment. **Bridge quote API** (swap+bridge+swap) is implemented. +- **GRU transport publication path is green again:** the public explorer deployment now resolves the GRU bridge/verifier/cap env block correctly, and `/token-aggregation/api/v1/bridge/preflight` reports `runtimeReadyTransportPairs: 21`, `blockedPairs: 0`. +- **DODO v3 / D3MM** is now deployed privately on Chain 138 (`D3Oracle=0xD7459aEa8bB53C83a1e90262777D730539A326F0`, `D3Vault=0x42b6867260Fb9eE6d09B7E0233A1fAD65D0133D1`, canonical `WETH10` pool `0x6550A3a59070061a262a893A1D6F3F490afFDBDA`) and direct proof swaps now succeed both through `D3Proxy` and through the live `EnhancedSwapRouterV2` D3 adapter path. Planner-v2 capability, generated route-matrix visibility, and the public `/token-aggregation/api/v2` publication path are live, with executable calldata now emitted for the canonical pilot pair. +- **ETH / WETH completion remains an active deployment program:** the repo already has live `ETH/USD`-anchored routing and the `WETH10 <-> USDT` pilot lane, but the completion gate still requires explicit real-time oracle policy for `ETH`, `WETH9`, and `WETH10`, wrapper-peg controls at the `0.00001` target, and funded `cUSDT/cUSDC/USDT/USDC <-> WETH` anchor pools so the public market feed is backed by real depth. +- **Full system status:** official DODO V2 PMM liquidity and DODOPMMProvider routing are **deployed and in use** on Chain 138. The public token-aggregation service now has a standalone lightweight schema bootstrap path for dedicated deployments, and router-v2 can execute through the canonical upstream-native `Uniswap_v3` venue plus the funded pilot-compatible `Balancer`, `Curve_3`, and `1inch` venues on Chain 138. Remaining: decide which legacy XAU/private pool references should stay canonical, and whether the pilot-compatible `Balancer`, `Curve_3`, and `1inch` venues should later be replaced by upstream-native protocol deployments. - **Optional items completed (2026-02-27 / 2026-03-01):** DeployCompliantFiatTokens (10 tokens on 138); Blockscout verification run; MCP allowlist-138 (`ai-mcp-pmm-controller/config/allowlist-138.json`); add-liquidity runbook ([ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK](../03-deployment/ADD_LIQUIDITY_PMM_CHAIN138_RUNBOOK.md)); token-aggregation canonical fallbacks for cEURC/cEURT/cGBP*/cAUDC/cJPYC/cCHFC/cCADC/cXAU*; ENV_EXAMPLE_CONTENT + CREATE2_FACTORY_ADDRESS; E2E routing verification run. --- @@ -24,10 +48,10 @@ | Layer | Description | Components | |-------|-------------|------------| | **On-chain multi-provider** | Size-based routing across DEXs for one leg (e.g. WETH↔stable) | EnhancedSwapRouter (Uniswap V3, Dodoex PMM, Balancer, Curve, 1inch) | -| **PMM pools (Chain 138)** | Desired-state full mesh with live funded public stable/XAU pools | DODOPMMIntegration, DODOPMMProvider | +| **PMM pools (Chain 138)** | Official DODO V2 DVM-backed public stable pools; legacy XAU/private pools still exist separately | DODOPMMIntegration, DODOPMMProvider | | **Token-aggregation API** | Single-hop quotes, pool indexing, reports | token-aggregation service (UniswapV2/V3 + DODO from DODOPMMIntegration) | | **Swap–bridge–swap** | Cross-chain: swap (source) → bridge → swap (destination) | SwapBridgeSwapCoordinator (on-chain), orchestration QuoteService (`POST /api/bridge/quote`) | -| **Public-chain cW* mesh** | cW* wrappers on public chains, single-sided PMM edge pools, bot-driven peg | cross-chain-pmm-lps (specs, simulation, deployment recipe) | +| **Public-chain cW* mesh** | cW* wrappers on public chains, intended single-sided PMM edge pools, bot-driven peg | cross-chain-pmm-lps (specs, simulation, deployment recipe). Current repo state: the first Mainnet DODO PMM cW pools are now recorded live, but the broader public mesh and later protocol waves are still incomplete | ### 1.2 Routing logic (EnhancedSwapRouter / Liquidity Engine) @@ -45,10 +69,16 @@ | Component | Status | Address / Notes | |-----------|--------|------------------| -| **DODOPMMIntegration** | Deployed | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` — corrected canonical integration. | -| **PMM pools (desired-state)** | **104 aligned** | Full desired-state JSON reconciled; live funded public pools are listed in [LIQUIDITY_POOLS_MASTER_MAP](LIQUIDITY_POOLS_MASTER_MAP.md). | -| **DODOPMMProvider** | **Deployed** | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`; 104/104 routes aligned to the corrected integration. | -| **EnhancedSwapRouter** | Not deployed | Deploy when Uniswap/Balancer pools exist on 138; configure quoter and Balancer poolId. | +| **DODOPMMIntegration** | Deployed | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` — canonical official DODO V2 DVM-backed integration. | +| **DODO DVMFactory** | Deployed | `0xc93870594C7f83A0aE076c2e30b494Efc526b68E` — self-deployed official DODO V2 DVM stack on Chain 138. | +| **DODO Vending Machine / Adapter** | Deployed | `0xb6D9EF3575bc48De3f011C310DC24d87bEC6087C` — adapter used by `DODOPMMIntegration`. | +| **PMM pools (current canonical stack)** | 3 created | Public pools are `0x9e89bAe009adf128782E19e8341996c596ac40dC` (cUSDT/cUSDC), `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66` (cUSDT/USDT), `0xc39B7D0F40838cbFb54649d327f49a6DAC964062` (cUSDC/USDC). | +| **DODOPMMProvider** | **Deployed** | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`; supports the three canonical stable pools above. | +| **D3Oracle** | Deployed (private pilot) | `0xD7459aEa8bB53C83a1e90262777D730539A326F0`; `WETH10` now uses live `Oracle_Aggregator=0x99b3511a2d315a497c8112c1fdd8d508d4b1e506`, and the stable assets use dedicated managed USD feeds. | +| **D3Vault / D3Proxy / D3MMFactory** | Deployed (private pilot) | `D3Vault=0x42b6867260Fb9eE6d09B7E0233A1fAD65D0133D1`, `D3Proxy=0xc9a11abB7C63d88546Be24D58a6d95e3762cB843`, `D3MMFactory=0x78470C7d2925B6738544E2DD4FE7c07CcA21AC31`. | +| **D3MM pools** | 2 created | `0xE71Bc2cCb62dA5B18F88647db2b4a721Db416fc5` is a superseded bootstrap pool on the placeholder `WETH9` path. `0x6550A3a59070061a262a893A1D6F3F490afFDBDA` is the canonical private `WETH10` pilot pool. | +| **EnhancedSwapRouterV2 + public venue layer** | Live | Router-v2 is deployed and the canonical upstream-native `Uniswap_v3` lane plus the funded pilot-compatible `Balancer`, `Curve_3`, and `1inch` venues are publicly exposed for the canonical Chain 138 routing asset lanes. | +| **Upstream-native Uniswap v3** | Live | Factory `0x2f72...`, router `0xde9...`, quoter `0x6abb...`, canonical fee-500 pools `0xa893...` (`WETH/USDT`) and `0xEC74...` (`WETH/USDC`). Public planner now selects this venue for the canonical `WETH -> USDT` lane. | | **LiquidityPoolETH** (trustless bridge) | Placeholder | Not deployed; config uses `0x0`. | **Doc note:** [LIQUIDITY_POOLS_MASTER_MAP.md](LIQUIDITY_POOLS_MASTER_MAP.md) and [ADDRESS_MATRIX_AND_STATUS.md](ADDRESS_MATRIX_AND_STATUS.md) list pool and DODOPMMProvider addresses. DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED reflects DODOPMMIntegration deployed and pools created. @@ -57,9 +87,9 @@ | Component | Status | Notes | |-----------|--------|--------| -| **Token-aggregation service** | Implemented & runnable | Indexes UniswapV2/V3 and DODO when `CHAIN_138_DODO_PMM_INTEGRATION` is set (set in smom-dbis-138/.env). Single-hop quote only; no N-hop pathfinding. | +| **Token-aggregation service** | Implemented & runnable | Indexes UniswapV2/V3 and DODO when `CHAIN_138_DODO_PMM_INTEGRATION` is set (set in smom-dbis-138/.env). The live explorer deployment now persists the three canonical Chain 138 stable pools via the standalone lightweight schema bootstrap. Single-hop quote only; no N-hop pathfinding. | | **Orchestration QuoteService** | Implemented | `POST /api/bridge/quote` with optional source/destination swap quotes; requires bridge registry and optional EnhancedSwapRouter addresses. | -| **Liquidity Engine (backend)** | Implemented | Depends on EnhancedSwapRouter being deployed; not usable for routing until router is live. | +| **Liquidity Engine (backend)** | Implemented / partially live | Planner-v2 and router-v2 are live for the published canonical lanes; broader venue/policy expansion remains optional follow-on work. | ### 2.3 Swap–bridge–swap & trustless stack @@ -73,7 +103,7 @@ | Component | Status | Notes | |-----------|--------|--------| -| **cross-chain-pmm-lps** | Design & tooling ready | Token map, pool topology, peg bands, simulation model, deployment recipe, safe inventory sizing. **Not deployed:** edge pools and bot v1/v2 are not documented as live. | +| **cross-chain-pmm-lps** | Partial live rollout | Token map, pool topology, peg bands, simulation model, deployment recipe, safe inventory sizing. The first Mainnet DODO PMM cW pools are now recorded in `deployment-status.json`, but the broader edge-pool mesh and bot v1/v2 remain incomplete. | --- @@ -82,10 +112,11 @@ | Capability | Available? | Where | |------------|------------|--------| | Single-hop quote (API) | Yes | `GET /api/v1/quote` (best direct pool for tokenIn/tokenOut) | -| Multi-provider choice (one leg) | No (router not deployed) | EnhancedSwapRouter would provide WETH↔stable across Uniswap/Dodo/Balancer/Curve/1inch | +| Multi-provider choice (one leg) | Yes (Chain 138 canonical lanes) | `EnhancedSwapRouterV2` is live for the canonical Chain 138 venue set (`Uniswap_v3`, DODO PMM, pilot-compatible `Balancer`, `Curve_3`, `1inch`) | | N-hop path (A→B→C on one chain) | No | No graph-based multi-hop swap API or on-chain pathfinder | | Swap–bridge–swap (cross-chain) | Yes (orchestration) | QuoteService; on-chain coordinator deployable when needed | | DODO PMM on-chain swaps | **Yes** | Pools created; DODOPMMProvider deployed; use getQuote/executeSwap or DODOPMMIntegration swap functions. | +| Public-chain cW* pool execution | No | cW tokens may be deployed, but the repo records no live Balancer, Curve, DODO edge, Uniswap, or 1inch cW* pool contracts on the public chains | --- @@ -93,17 +124,20 @@ | Area | Ready? | In use? | |------|--------|--------| -| **PMM liquidity pools (Chain 138)** | **Yes** | Corrected canonical stack deployed; 104 desired-state pools aligned; live funded public stable/XAU pools available. | -| **DEX routing (EnhancedSwapRouter)** | No | Contract not deployed; no Uniswap/Balancer pools on 138. | -| **Token-aggregation API** | Yes | Service can run; single-hop quotes; can index DODO pools once DODOPMMIntegration has pools. | +| **PMM liquidity pools (Chain 138)** | **Yes** | Official DODO V2 DVM-backed stack deployed; all three canonical public stable pools are funded on the current stack. | +| **DODO v3 / D3MM pilot** | Partial / private | Contracts are deployed and the corrected `WETH10` pool is seeded and tradable through `D3Proxy`; oracle promotion, planner-v2 visibility, generated route-matrix exposure, public `/token-aggregation/api/v2` publication, and router-v2 executable calldata are complete for the canonical pilot pair. | +| **DEX routing (EnhancedSwapRouterV2)** | Yes | Contract is deployed and in use. Canonical public `uniswap_v3` routing resolves through the upstream-native fee-500 pools; Balancer / Curve_3 / 1inch remain live pilot-compatible venues. | +| **Token-aggregation API** | Yes | Service is live publicly, serves single-hop quotes, and now persists the canonical DODO pool set on the explorer deployment. | | **Bridge quote (swap+bridge+swap)** | Partial | QuoteService implemented; coordinator and router optional; not full E2E flow. | | **Liquidity Engine (decision logic)** | No | Depends on EnhancedSwapRouter. | -| **Cross-chain cW* PMM mesh** | No | Design/simulation only; edge pools and bots not deployed. | +| **Cross-chain cW* PMM mesh** | Partial | First Mainnet DODO PMM cW pools are recorded live; broader public-chain pool rollout and bot automation are not complete. | **Conclusion:** PMM liquidity and DODOPMMProvider routing **are** deployed and in use on Chain 138. What is in place: -- **Live:** DODOPMMIntegration (Mock DVM), **three PMM pools created**, **DODOPMMProvider deployed** with pools registered, token-aggregation service, bridge/orchestration quote API. -- **Remaining:** Add liquidity to pools as needed; deploy EnhancedSwapRouter when Uniswap/Balancer pools exist on 138. +- **Live:** official DODO V2 DVMFactory + adapter, **three PMM stable pools funded on the canonical stack**, **DODOPMMProvider deployed** with pools registered, token-aggregation service, bridge/orchestration quote API. +- **Private but working:** DODO v3 / D3MM is deployed with a corrected `WETH10` pilot pool (`0x6550...`) that can quote and execute through `D3Proxy`, and its current oracle stack is now on the live Chain 138 oracle surfaces. Planner-v2 capability discovery, live quote selection, generated route-matrix visibility, public `/token-aggregation/api/v2` publication, and live `EnhancedSwapRouterV2` execution are now in place for the canonical pilot pair. +- **Still missing for full ETH market completion:** dedicated wrapper-peg controls and publicly documented depth-backed `WETH` anchor pools on Chain 138. See [CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md](../03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md). +- **Remaining:** decide whether DODO v3 should join the canonical public execution set beyond the current private pilot posture, extend router-v2/provider coverage beyond the canonical `WETH10 <-> USDT` lane, migrate or re-register any legacy XAU/private pools that should stay in the canonical routing set, and optionally replace the current pilot-compatible `Balancer`, `Curve_3`, and `1inch` venues with upstream-native deployments. - **Optional / later:** Full trustless stack (LiquidityPoolETH, etc.), cross-chain cW* edge pools and bots. --- @@ -112,11 +146,13 @@ **Full ordered steps:** See [PRE_DEPLOYMENT_CHECKLIST.md](../03-deployment/PRE_DEPLOYMENT_CHECKLIST.md). **Run Phase 1 + Phase 2 in parallel:** [NEXT_STEPS_PMM_FULL_PARITY_AND_ALL_POOLS.md](../03-deployment/NEXT_STEPS_PMM_FULL_PARITY_AND_ALL_POOLS.md) — use `./scripts/deployment/run-pmm-full-parity-all-phases.sh` from `smom-dbis-138/`. -1. **Create PMM pools (Chain 138):** Run `CreateCUSDTCUSDCPool.s.sol`, `CreateCUSDTUSDTPool.s.sol`, `CreateCUSDCUSDCPool.s.sol` (or `./scripts/deployment/create-all-pmm-pools-chain138.sh`), or `deploy-transaction-mirror-and-pmm-pool-after-txpool-clear.sh` for mirror + cUSDT/cUSDC only; ensure POOL_MANAGER_ROLE and nonce/RPC are correct. -2. **Add liquidity** to created pools via `forge script script/dex/AddLiquidityPMMPoolsChain138.s.sol:AddLiquidityPMMPoolsChain138` (set `ADD_LIQUIDITY_BASE_AMOUNT`, `ADD_LIQUIDITY_QUOTE_AMOUNT` in .env) or call `addLiquidity(pool, baseAmount, quoteAmount)` on DODOPMMIntegration. -3. **Deploy DODOPMMProvider** via `script/liquidity/DeployDODOPMMProvider.s.sol`, then register pools with `registerPool(tokenIn, tokenOut, pool)`. -4. **Optionally deploy EnhancedSwapRouter** when Uniswap/Balancer quoter/poolId are configured for 138. -5. **Update docs:** Add pool and DODOPMMProvider addresses to LIQUIDITY_POOLS_MASTER_MAP and CONTRACT_ADDRESSES_REFERENCE once created. +1. **Keep the canonical stable stack as the source of truth:** `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`, pools `0x9e89bAe009adf128782E19e8341996c596ac40dC`, `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`. +2. **Keep token-aggregation indexed on dedicated deployments:** if the service uses a standalone `token_aggregation` database, run `bash smom-dbis-138/services/token-aggregation/scripts/apply-lightweight-schema.sh` so `/tokens`, `/tokens/:address/pools`, and `/quote` persist the canonical DVM-backed pool set without relying only on fallback logic. +3. **Decide legacy XAU/public-private pool posture:** either migrate them onto the canonical integration/provider set or mark them explicitly as legacy so public routing inventories do not mix stacks. +4. **Keep the router-v2 venue layer verified:** run `bash scripts/verify/check-chain138-pilot-dex-venues.sh` after any venue funding or token-aggregation publication change. This proves bytecode, funding, public capability exposure, and canonical `WETH -> USDT` planner resolution through the native Uniswap v3 lane plus the pilot-compatible secondary venues. +5. **Use the live ladder script for execution proof:** `bash scripts/deployment/run-progressive-router-v2-swaps-chain138.sh` executes the public planner-v2 `internal-execution-plan` path through the live router and is the current operator-grade proof path for same-chain swaps up to `$1000`. +6. **If DODO v3 is promoted beyond a private pilot:** planner-v2/provider-capability promotion, public `/token-aggregation/api/v2` publication, and router-v2 execution are already in place for the canonical `WETH10 <-> USDT` lane; the remaining work is policy/public-promotion, broader venue coverage, and any migration of legacy XAU/private pools into the canonical set. +7. **Keep docs and verification aligned:** update LIQUIDITY_POOLS_MASTER_MAP, CONTRACT_ADDRESSES_REFERENCE, and runtime inventories whenever the canonical pool or provider set changes. --- @@ -131,5 +167,11 @@ | [DODO_PMM_INTEGRATION.md](../smom-dbis-138/docs/integration/DODO_PMM_INTEGRATION.md) | Pool creation and swap usage | | [DODO_PMM_NEXT_STEPS.md](../smom-dbis-138/docs/bridge/DODO_PMM_NEXT_STEPS.md) | Create-all-dodo-pools, SwapBridgeSwapCoordinator, bridge quote API | | [CONTRACT_DEPLOYMENT_RUNBOOK.md](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) | EnhancedSwapRouter & DODOPMMProvider config | +| `bash scripts/verify/check-chain138-pilot-dex-venues.sh` | Verifies pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are deployed, funded, publicly exposed, and routable on Chain 138 | +| `bash scripts/verify/check-cw-public-pool-status.sh` | Verifies that the public-chain cW deployment graph still has zero live `pmmPools` recorded across the supported chains | +| `bash scripts/verify/check-gru-v2-public-protocols.sh` | Verifies the public-network GRU v2 posture across the cW mesh, Wave 1 transport state, and the public protocol matrix | +| `bash scripts/deployment/run-mainnet-public-dodo-cw-swap.sh --pair=cwusdt-usdc --direction=base-to-quote --amount=5000 --dry-run` | Repeatable operator helper for the live public Mainnet DODO `cW*` bootstrap pools, with direct-query detection and reserve-fallback quoting | +| `bash scripts/verify/check-mainnet-public-dodo-cw-bootstrap-pools.sh` | Verifies the eleven recorded Mainnet DODO `cW*` bootstrap pools (USD rails, `cWUSDT/cWUSDC`, and non-USD Wave 1) are mapped, funded, and dry-run routable through the repeatable swap helper | | [LIQUIDITY_POOL_CONTROLS_RUNBOOK.md](../03-deployment/LIQUIDITY_POOL_CONTROLS_RUNBOOK.md) | DODO and trustless pool controls | +| [CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md](../03-deployment/CHAIN138_ETH_WETH_ORACLE_PEG_AND_LIQUIDITY_PLAN.md) | Ordered completion path for ETH/WETH oracle policy, peg controls, and anchor-pool depth on Chain 138 | | [cross-chain-pmm-lps/README.md](../../cross-chain-pmm-lps/README.md) | cW* mesh and deployment recipe | diff --git a/docs/11-references/POOL_ACCESS_DASHBOARD_API_MCP.md b/docs/11-references/POOL_ACCESS_DASHBOARD_API_MCP.md index 738cb894..c6159c8a 100644 --- a/docs/11-references/POOL_ACCESS_DASHBOARD_API_MCP.md +++ b/docs/11-references/POOL_ACCESS_DASHBOARD_API_MCP.md @@ -1,6 +1,6 @@ # Pool Access — Standard DODO Dashboard, API, and MCP -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-02 **Purpose:** Whether all designed pools (61 across 6 networks) can be accessed via the **standard DODO dashboard**, **API**, and **MCP**, and what is required. --- @@ -9,9 +9,9 @@ | Access method | Chain 138 pools | cW* edge pools (5 public chains) | Requirement | |---------------|------------------|-----------------------------------|-------------| -| **Standard DODO dashboard** | ❌ No | ⚠️ Only if real DODO + chain supported | 138 uses Mock DVM; dashboard does not support custom chain 138. | -| **API (token-aggregation)** | ✅ Yes | ✅ Yes (when env set) | Chain 138: set `CHAIN_138_DODO_PMM_INTEGRATION=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d`. cW* chains 1, 10, 56, 100, 137: added to dex-factories and chains.ts; set `CHAIN_*_DODO_PMM_INTEGRATION` or `CHAIN_*_DODO_POOL_MANAGER` and run indexer for those chains. | -| **MCP (ai-mcp-pmm-controller)** | ✅ Yes (after allowlist) | ⚠️ Per-chain + allowlist | Chain 138: MockDVMPool now has getOraclePrice, _K_, _LP_FEE_RATE_ so dodo_pmm_v2_like profile works; add each pool to allowlist and set RPC to 138. Other chains: one MCP instance per chain + allowlist. | +| **Standard DODO dashboard** | ❌ No | ⚠️ Only if real DODO + chain supported | Chain 138 is still a custom chain, so the standard DODO dashboard does not index it even though the pools now use the official DODO V2 DVM-backed stack. | +| **API (token-aggregation)** | ✅ Yes | ✅ Yes (when env set) | Chain 138: set `CHAIN_138_DODO_PMM_INTEGRATION=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`. cW* chains 1, 10, 56, 100, 137: added to dex-factories and chains.ts; set `CHAIN_*_DODO_PMM_INTEGRATION` or `CHAIN_*_DODO_POOL_MANAGER` and run indexer for those chains. | +| **MCP (ai-mcp-pmm-controller)** | ✅ Yes (after allowlist) | ⚠️ Per-chain + allowlist | Chain 138: official DODO V2-style pools can use the `dodo_pmm_v2_like` profile; add each pool to allowlist and set RPC to 138. Other chains: one MCP instance per chain + allowlist. | **Not all pools can be accessed by all three today.** Below is what works, what’s missing, and what to change. @@ -23,7 +23,7 @@ | Pool scope | Accessible? | Reason | |------------|-------------|--------| -| **Chain 138** (10 pools) | ❌ **No** | Chain 138 is a **custom/private** chain. The standard DODO dashboard only supports chains DODO officially supports (e.g. Ethereum, BSC, Polygon, Arbitrum). It does not connect to Chain 138 or index Mock DVM pools. | +| **Chain 138** (10 pools) | ❌ **No** | Chain 138 is a **custom/private** chain. The standard DODO dashboard only supports chains DODO officially supports (e.g. Ethereum, BSC, Polygon, Arbitrum). It does not connect to Chain 138 even though Chain 138 now uses the official DODO V2 DVM-backed contracts. | | **cW* edge pools** (51 on chains 1, 10, 56, 100, 137) | ⚠️ **Only if** | (1) Pools are **real DODO protocol** pools on that chain, and (2) DODO’s dashboard **supports that chain**. If you deploy via your own factory or a fork, they will not appear unless DODO adds your contracts/chain. | | **Private / bridge / other** | ❌ No | Private and bridge LPs are not part of the public DODO frontend. | @@ -37,7 +37,7 @@ | Pool scope | Accessible? | Requirement | |------------|-------------|-------------| -| **Chain 138** | ✅ **Yes** | Set `CHAIN_138_DODO_PMM_INTEGRATION=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` (and RPC) in the service env. The pool indexer uses `getAllPools()`, then `getPoolConfig`, `getPoolReserves`, `getPoolPriceOrOracle` per pool. Once pools exist and the indexer runs, they appear in `/api/v1/tokens`, `/api/v1/pools`, `/api/v1/quote`, and report endpoints. | +| **Chain 138** | ✅ **Yes** | Set `CHAIN_138_DODO_PMM_INTEGRATION=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` (and RPC) in the service env. The pool indexer uses `getAllPools()`, then `getPoolConfig`, `getPoolReserves`, `getPoolPriceOrOracle` per pool. Once pools exist and the indexer runs, they appear in `/api/v1/tokens`, `/api/v1/pools`, `/api/v1/quote`, and report endpoints. | | **ALL Mainnet (651940)** | ⚠️ **If configured** | Set `CHAIN_651940_DODO_POOL_MANAGER` (and optional `dodoPmmIntegration`) in dex-factories / env. Today no DODO pool list is documented for 651940. | | **cW* edge (chains 1, 10, 56, 100, 137)** | ✅ **Yes** (when env set) | `dex-factories.ts` and `chains.ts` now include chainIds 1, 10, 56, 100, 137. Set `CHAIN_*_DODO_PMM_INTEGRATION` or `CHAIN_*_DODO_POOL_MANAGER` (and `CHAIN_*_RPC_URL`) so the indexer can index DODO/pools on those chains. | @@ -51,7 +51,7 @@ | Pool scope | Accessible? | Requirement | |------------|-------------|-------------| -| **Chain 138** | ✅ **Yes** (after allowlist) | (1) **Allowlist:** Add each pool address and base/quote token to `config/allowlist.json` with profile `dodo_pmm_v2_like`. (2) **MockDVMPool** was updated to expose `getOraclePrice()`, `_K_`, `_LP_FEE_RATE_` so the existing MCP profile works. Pools created from a **new** MockDVMFactory (deployed after this change) are MCP-ready; pools from an existing factory may need a new factory deploy to get the updated pool bytecode. (3) Run MCP with `CHAIN=138` and `RPC_URL` pointing to Chain 138. | +| **Chain 138** | ✅ **Yes** (after allowlist) | (1) **Allowlist:** Add each pool address and base/quote token to `config/allowlist.json` with profile `dodo_pmm_v2_like`. (2) Run MCP with `CHAIN=138` and `RPC_URL` pointing to Chain 138. | | **cW* edge (each chain)** | ⚠️ **Per chain** | One MCP instance is single-chain (`CHAIN`, `RPC_URL`). For each of the 5 chains: run an MCP instance (or add multi-chain support), add that chain’s pool addresses to the allowlist, and use a profile that matches the pool interface (DODO v2–like or custom). | **Conclusion:** **Yes** for any pool **after** (1) allowlisting, (2) profile/interface alignment (Chain 138 needs mock profile or MockDVMPool stubs), (3) correct RPC per chain. @@ -67,13 +67,12 @@ ### API -- **Chain 138:** Set `CHAIN_138_DODO_PMM_INTEGRATION` and run the indexer; no code change needed. +- **Chain 138:** Set `CHAIN_138_DODO_PMM_INTEGRATION=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` and run the indexer; no code change needed. - **cW*:** Chain configs and DODO env-driven entries for 1, 10, 56, 100, 137 are in `dex-factories.ts` and `chains.ts`. Set `CHAIN_*_DODO_PMM_INTEGRATION` or `CHAIN_*_DODO_POOL_MANAGER` and `CHAIN_*_RPC_URL` per chain and run the indexer for those chains. ### MCP - **Chain 138:** - - `MockDVMPool.sol` now includes `getOraclePrice()`, `_K_`, and `_LP_FEE_RATE_` so the default `dodo_pmm_v2_like` profile works. - Add each pool to `allowlist.json` with base/quote tokens and profile `dodo_pmm_v2_like`. - Run MCP with `CHAIN=138` and Chain 138 `RPC_URL`. - **cW* (each chain):** @@ -87,9 +86,9 @@ | Access | Chain 138 (10) | cW* (51 on 5 chains) | |--------|-----------------|----------------------| -| **Standard DODO dashboard** | ❌ No (custom chain + Mock DVM) | ⚠️ Only if real DODO on supported chain | +| **Standard DODO dashboard** | ❌ No (custom chain) | ⚠️ Only if real DODO on supported chain | | **API** | ✅ Yes (set integration env, run indexer) | ✅ Yes when CHAIN_*_DODO_* and RPC env set for each chain | -| **MCP** | ✅ Yes after allowlist + RPC (MockDVMPool has profile-compatible view methods) | ⚠️ Yes per chain after allowlist + profile + RPC | +| **MCP** | ✅ Yes after allowlist + RPC | ⚠️ Yes per chain after allowlist + profile + RPC | So: **all pools can be accessed via API and MCP** once the above config and code changes are in place; **they cannot all be accessed by the standard DODO dashboard** (138 never; cW* only in the special case above). diff --git a/docs/11-references/PROTOCOL_SOURCE_ASSURANCE_MATRIX.md b/docs/11-references/PROTOCOL_SOURCE_ASSURANCE_MATRIX.md new file mode 100644 index 00000000..7c771b27 --- /dev/null +++ b/docs/11-references/PROTOCOL_SOURCE_ASSURANCE_MATRIX.md @@ -0,0 +1,106 @@ +# Protocol Source Assurance Matrix + +**Last Updated:** 2026-04-07 +**Purpose:** Track whether the protocol contracts currently used by the repo are proven to be the approved upstream-native families from the proper official sources. + +**Status meanings** + +- `Assured`: repo wiring and verification clearly point to the approved upstream family +- `Partial`: some proof exists, but the current venue or contract family is still transitional, pilot-compatible, or incompletely verified +- `Not Assured`: the repo itself still treats the venue as provisional, pilot-only, or not yet reconciled to the upstream family + +--- + +## 1. Matrix + +| Protocol | Current repo posture | Assurance status | Notes | +|---------|-----------------------|------------------|-------| +| DODO V2 PMM | Canonical Chain 138 PMM stack, Mainnet public `cW*` PMM wave | Partial | Strongly wired in the repo, but Mainnet public pool replacements and full-surface migration are still in progress. | +| DODO v3 / D3MM | Live on Chain 138 as canonical pilot venue | Partial | On-chain health and planner visibility are good, but the repo still treats D3MM as pilot/private and the Blockscout verification check currently fails. | +| Uniswap | Chain 138 upstream-native lane plus broader pilot-compatible venue layer | Partial | The repo explicitly says upstream-native replacements remain a separate track for some surfaces. | +| Balancer | Pilot-compatible Chain 138 venue layer | Not Assured | Bytecode and liquidity are present, but the repo still labels this layer pilot-compatible rather than fully upstream-native / latest-family assured. | +| Curve | Pilot-compatible Chain 138 venue layer | Not Assured | Same posture as Balancer. | +| 1inch | Pilot-compatible Chain 138 router surface | Not Assured | Planner and venue references exist, but not as a fully proven latest official contract-family integration. | + +--- + +## 2. Evidence from current repo state + +### DODO V2 PMM + +- Canonical stable PMM stack is still the default public PMM layer on Chain 138. +- Mainnet public `cW*` PMM rows are live, but the repo now carries migration work specifically because some pools expose partial DODO surfaces rather than full standard DODO behavior. + +References: + +- [PMM_DEX_ROUTING_STATUS](PMM_DEX_ROUTING_STATUS.md) +- [MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN](../03-deployment/MAINNET_STANDARD_DODO_POOL_MIGRATION_PLAN.md) + +### DODO v3 / D3MM + +Verified on 2026-04-07: + +- `bash scripts/verify/check-dodo-v3-chain138.sh` + - passed version / vault / oracle / quote checks + - failed on Blockscout source-verification assertion for `D3Oracle` +- `bash scripts/verify/check-dodo-v3-planner-visibility-chain138.sh` + - passed + - `provider=dodo_v3` + - `live=true` + - `quoteLive=true` + - `executionLive=true` + +Conclusion: D3MM is operationally real, but source-assurance remains incomplete. + +### Uniswap / Balancer / Curve / 1inch + +Verified on 2026-04-07: + +- `bash scripts/verify/check-chain138-pilot-dex-venues.sh` + - bytecode present for all configured venues + - liquidity present for all configured venues + - failed on the planner-capability parsing check even though the dedicated D3 planner visibility verifier passed separately + +The repo’s own docs still describe this layer as: + +- live on Chain 138 +- funded / planner-visible +- **pilot-compatible** +- with upstream-native replacements still optional future work for some venues + +Reference: + +- [DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED](DEX_AND_CROSS_CHAIN_CONTRACTS_NEEDED.md) + +--- + +## 3. Required remediation + +### DODO V2 PMM + +- Replace or migrate partial-surface Mainnet pools to full-surface canonical DODO pools. +- Reconcile integration mappings, env references, docs, and deployment graph rows to the replacement addresses. + +### DODO v3 / D3MM + +- Fix Blockscout/source-verification posture for canonical D3 contracts. +- Promote D3MM from pilot/private to canonical public execution where policy allows. +- Extend beyond the current `WETH10 <-> USDT` pilot lane. + +### Uniswap / Balancer / Curve / 1inch + +- Build a protocol-by-protocol upstream assurance table with: + - official upstream docs / repo + - approved contract family + - exact address in use + - proof or gap +- Replace pilot-compatible venue contracts where policy requires latest upstream-native families. +- Reconcile planner-capability verification so the venue verifier and planner visibility tests tell the same story. + +--- + +## 4. Current tested blockers + +- D3MM health is good, but Blockscout/source assurance is not yet clean. +- The venue verifier succeeds on bytecode and liquidity but currently fails on the planner-capability response parsing step. +- Mainnet DODO public pools still require migration / audit work before they can be treated as fully assured standard DODO venues everywhere. diff --git a/docs/11-references/PUBLICATION_ACTIONABLE_BACKLOG.md b/docs/11-references/PUBLICATION_ACTIONABLE_BACKLOG.md new file mode 100644 index 00000000..59a3424e --- /dev/null +++ b/docs/11-references/PUBLICATION_ACTIONABLE_BACKLOG.md @@ -0,0 +1,39 @@ +# Publication Actionable Backlog + +**Generated:** 2026-04-11T21:13:09.157Z + +This artifact separates the five requested publication packs into: + +- addresses we can honestly treat as **auto-submittable** from the repo +- addresses that are **manual or external** +- addresses that are only **inventory/reference tracking** + +## Chain Summary + +| Chain ID | Chain | Total Entries | Auto-submittable | Manual / External | Inventory / Reference | +| --- | --- | ---: | ---: | ---: | ---: | +| 1 | Ethereum Mainnet | 36 | 0 | 3 | 33 | +| 10 | Optimism | 21 | 0 | 0 | 21 | +| 56 | BSC | 18 | 0 | 0 | 18 | +| 137 | Polygon | 22 | 0 | 0 | 22 | +| 8453 | Base | 19 | 0 | 0 | 19 | + +## Auto-submittable backlog + +| Chain ID | Chain | Label | Address | Type | Automation | Explorer Status | Next Action | +| --- | --- | --- | --- | --- | --- | --- | --- | +| - | - | - | - | - | - | - | Automatic submission backlog is currently empty for the requested packs | + +## Manual or external backlog + +| Chain ID | Chain | Label | Address | Type | Automation | Explorer Status | Next Action | +| --- | --- | --- | --- | --- | --- | --- | --- | +| 1 | Ethereum Mainnet | CCIP_Relay_Bridge | `0xF9A32F37099c582D28b4dE7Fca6eaC1e5259f939` | canonical_contract | manual-or-external | verified | Manual or external closure only; missing repo-supported source bundle or ownership proof | +| 1 | Ethereum Mainnet | CCIP_Relay_Router | `0xAd9A228CcEB4cbB612cD165FFB72fE090ff10Afb` | canonical_contract | manual-or-external | unverified | Manual or external closure only; missing repo-supported source bundle or ownership proof | +| 1 | Ethereum Mainnet | DODOPMMIntegration_Mainnet | `0xa9F284eD010f4F7d7F8F201742b49b9f58e29b84` | canonical_contract | manual-or-external | verified | Manual or external closure only; missing repo-supported source bundle or ownership proof | + +## Closure note + +For the five requested packs, the repo-owned **automatic** submission pass is complete when the auto-submittable backlog is empty. +Any remaining rows in the manual/external table require source provenance, ownership confirmation, or a non-repo verification process before they can be closed honestly. + diff --git a/docs/11-references/PUBLICATION_PACK_EXPLORER_STATUS.md b/docs/11-references/PUBLICATION_PACK_EXPLORER_STATUS.md new file mode 100644 index 00000000..107810df --- /dev/null +++ b/docs/11-references/PUBLICATION_PACK_EXPLORER_STATUS.md @@ -0,0 +1,14 @@ +# Publication Pack Explorer Status + +**Generated:** 2026-04-11T21:11:57.224Z + +Live explorer verification status for the grouped publication packs. + +| Chain ID | Chain | Verified | Unverified | Unknown | Unsupported | Errors | Explorer | +| --- | --- | ---: | ---: | ---: | ---: | ---: | --- | +| 8453 | Base | 14 | 5 | 0 | 0 | 0 | https://basescan.org | +| 56 | BSC | 15 | 3 | 0 | 0 | 0 | https://bscscan.com | +| 1 | Ethereum Mainnet | 7 | 29 | 0 | 0 | 0 | https://etherscan.io | +| 10 | Optimism | 12 | 9 | 0 | 0 | 0 | https://optimistic.etherscan.io | +| 137 | Polygon | 12 | 10 | 0 | 0 | 0 | https://polygonscan.com | + diff --git a/docs/11-references/ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md b/docs/11-references/ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md index d88c68ae..0a88eaf3 100644 --- a/docs/11-references/ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md +++ b/docs/11-references/ROUTES_NO_PREFUNDED_BRIDGE_REQUIRED.md @@ -20,7 +20,7 @@ | **138 WETH → Ethereum Mainnet (1)** | CCIPRelayBridge on chain 1 **releases** WETH (does not mint). Mainnet WETH must be sent to the bridge before 138→Mainnet transfers can complete. See [DEPLOYER_TO_PUBLIC_STABLECOIN_ROUTES](DEPLOYER_TO_PUBLIC_STABLECOIN_ROUTES.md) §3.2 and [CCIP_BRIDGE_MAINNET_CONNECTION](../07-ccip/CCIP_BRIDGE_MAINNET_CONNECTION.md). | | **138 WETH → BSC (56)** | Current live BSC delivery is relay-backed and releases WETH from BSC bridge inventory. Do not treat the deployed native BSC bridge as proof of a direct no-prefund first hop from Chain 138. | | **138 WETH → Avalanche (43114)** | Current live AVAX delivery is relay-backed and releases WETH from AVAX bridge inventory. A native Avalanche bridge test on 2026-03-30 failed because the Chain 138 router and Avalanche bridge router do not match. See [NON_PREFUNDED_AVAX_MIGRATION_RUNBOOK](../07-ccip/NON_PREFUNDED_AVAX_MIGRATION_RUNBOOK.md). | -| **138 WETH → Gnosis / Cronos / Celo / Polygon / Arbitrum / Optimism / Base** | Native bridge deployments exist, but they are not proven direct first hops from the current Chain 138 router. Use the Mainnet hub or a cW mint path instead of treating them as no-prefund direct routes. | +| **138 WETH → Gnosis / Cronos / Celo / Polygon / Arbitrum / Optimism / Base** | Native bridge deployments exist, but they are not proven direct first hops from the current Chain 138 router. A live `138 -> Arbitrum` source send on 2026-04-04 produced `MessageSent` without destination delivery because the active relay remained Mainnet-only. Use the Mainnet hub or a cW mint path instead of treating them as no-prefund direct routes. | All routes below **do not** require pre-funding the destination bridge. @@ -32,7 +32,7 @@ No bridge is used; no pre-fund requirement. | From (chain) | To (same chain) | Mechanism | Status | |--------------|-----------------|------------|--------| -| **138 cUSDT** | 138 cUSDC | DODOPMMIntegration / pool `0xff8d3b8fDF7B112759F076B69f4271D4209C0849` | ✅ Live | +| **138 cUSDT** | 138 cUSDC | DODOPMMIntegration / pool `0x9e89bAe009adf128782E19e8341996c596ac40dC` | ✅ Live | | **138 cUSDC** | 138 cUSDT | Same pool | ✅ Live | | **Any chain** | Same chain public stable | Native DEX (Uniswap, etc.) — deployer or user holds token on that chain, swaps on DEX | ✅ Standard | @@ -65,14 +65,16 @@ There is **no blanket no-prefund WETH rule** for public-chain first hops from th **Per-chain, per-token confirmation:** See [CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN](CCIP_138_DESTINATION_RECEIVER_BY_CHAIN_AND_TOKEN.md) for the distinction between native bridge contract behavior and the current live Chain 138 route. -### 3.3 cW* (c* → cW* on public chains) — live AVAX corridor plus broader design +### 3.3 cW* (c* → cW* on public chains) — live AVAX corridor, plus live Mainnet cUSDC and cUSDT -Design rule: **lock cUSDT/cUSDC on 138, mint cWUSDT/cWUSDC on destination** in `ccipReceive`. No pre-funded pool; receiver has MINTER_ROLE and mints. The repo now proves that model end to end for the dedicated Avalanche `cUSDT -> cWUSDT` corridor, but it does **not** assert blanket live status for every cW destination chain. +Design rule: **lock cUSDT/cUSDC on 138, mint cWUSDT/cWUSDC on destination** in `ccipReceive`. No pre-funded pool; receiver has MINTER_ROLE and mints. The repo now proves that model end to end for the dedicated Avalanche `cUSDT -> cWUSDT` corridor and for the relay-backed Mainnet `cUSDC -> cWUSDC` and `cUSDT -> cWUSDT` corridors, but it does **not** assert blanket live status for every cW destination chain. | From (138) | To (destination chain) | Route | Status | |------------|------------------------|--------|--------| | cUSDT | 43114 cWUSDT | Dedicated `avax-cw` path: Chain 138 relay router `0xe75d26bc558a28442f30750c6d97bffb46f39abc` → AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75` → recipient mint | ✅ Live and proven E2E | -| cUSDT / cUSDC | cWUSDT / cWUSDC on chain (e.g. 56, 137, 1) | UniversalCCIPBridge or dedicated lock-and-send → destination TwoWayTokenBridgeL2 (or CCIPReceiverCW) → `ccipReceive` → `cW*.mint(recipient, amount)` | ⏳ Design / partial outside the proven AVAX corridor | +| cUSDC | 1 cWUSDC | Chain 138 `CWMultiTokenBridgeL1` `0x152ed3e9912161b76bdfd368d0c84b7c31c10de7` → Mainnet relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` → Mainnet `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5` → recipient mint | ✅ Live and canary-proven | +| cUSDT | 1 cWUSDT | Chain 138 `CWMultiTokenBridgeL1` `0x152ed3e9912161b76bdfd368d0c84b7c31c10de7` → Mainnet relay router `0x416564Ab73Ad5710855E98dC7bC7Bff7387285BA` → Mainnet `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5` → recipient mint | ✅ Live and canary-proven | +| cUSDT / cUSDC | cWUSDT / cWUSDC on chain (e.g. 56, 137) | UniversalCCIPBridge or dedicated lock-and-send → destination TwoWayTokenBridgeL2 (or CCIPReceiverCW) → `ccipReceive` → `cW*.mint(recipient, amount)` | ⏳ Design / partial outside the proven AVAX + Mainnet cUSDC/cUSDT corridors | **Sources:** [CW_BRIDGE_APPROACH](../07-ccip/CW_BRIDGE_APPROACH.md) — “lock c* on 138, mint cW* on destination”; receiver implements `ccipReceive` → `cW*.mint(recipient, amount)`. [NON_PREFUNDED_AVAX_MIGRATION_RUNBOOK](../07-ccip/NON_PREFUNDED_AVAX_MIGRATION_RUNBOOK.md) records the live AVAX contract set and tx proofs. diff --git a/docs/11-references/SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md b/docs/11-references/SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md index a3cbfd7d..34855ebc 100644 --- a/docs/11-references/SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md +++ b/docs/11-references/SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md @@ -3,6 +3,11 @@ **Last updated:** 2026-02-11 **Scope:** All smart contracts across all chains, projects, modules, and submodules — deployed and not deployed. +For the active verification/publication backlog, use: + +- [CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS](CONTRACT_VERIFICATION_AND_PUBLICATION_MATRIX_ALL_NETWORKS.md) +- [ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK](../03-deployment/ALL_NETWORK_CONTRACT_VERIFICATION_AND_PUBLICATION_RUNBOOK.md) + --- ## Chains and projects covered @@ -128,7 +133,7 @@ Summary: 2. **Deprecated:** Use CCIPWETH9Bridge `0xcacfd...` only; do not use `0x89dd...`. 3. **Phased core (138):** **Deployed 2026-02-11.** Addresses in CONTRACT_ADDRESSES_REFERENCE. To redeploy: run 01_DeployCore then 02_DeployBridges; set and document env. 4. **Trustless bridge:** Deploy from script/bridge/trustless/ when needed; update config/production placeholders. -5. **Mainnet/multichain:** Use DeployAll or chain-specific scripts; document addresses per chain. +5. **Mainnet/multichain:** Use DeployAll or chain-specific scripts; document addresses per chain and close them through the generated all-network verification/publication matrix. 6. **ALL Mainnet:** Use documented token addresses only; no deploy in repo. 7. **Keep docs updated:** CONTRACT_ADDRESSES_REFERENCE, CONTRACT_INVENTORY_AND_VERIFICATION, this file. diff --git a/docs/11-references/SMART_CONTRACTS_INVENTORY_SIMPLE.md b/docs/11-references/SMART_CONTRACTS_INVENTORY_SIMPLE.md index 149153d6..3286974a 100644 --- a/docs/11-references/SMART_CONTRACTS_INVENTORY_SIMPLE.md +++ b/docs/11-references/SMART_CONTRACTS_INVENTORY_SIMPLE.md @@ -2,7 +2,7 @@ **Chain:** 138 (SMOM-DBIS-138) **Explorer:** https://explorer.d-bis.org -**Last updated:** 2026-02-12 +**Last updated:** 2026-04-03 --- @@ -33,7 +33,7 @@ | **Trustless bridge** | LOCKBOX138 (deployed), INBOX_ETH, BOND_MANAGER, etc. | ⏳ Mainnet stack when needed | Chain 138: Lockbox138 only; rest mainnet | | **Phased core** | UniversalAssetRegistry, GovernanceController, UniversalCCIPBridge, BridgeOrchestrator | ✅ Deployed 2026-02-11 | See CONTRACT_ADDRESSES_REFERENCE | | **CREATE2 / deterministic** | CREATE2Factory, MirrorRegistry, AlltraAdapter | ✅ Deployed 2026-02-11 | See CONTRACT_ADDRESSES_REFERENCE | -| **Dodo / swap** | DODO_PMM, ENHANCED_SWAP_ROUTER, etc. | ⏳ Not deployed | Deploy when integrating Dodo/swap | +| **Dodo / swap** | Canonical DODO PMM stack plus optional router extensions | ✅ PMM live / ⏳ router extensions | Canonical stable PMM is live on `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`; `EnhancedSwapRouter` remains optional until live WETH-to-stable routes exist | | **Firefly** | (auto-deployed by Firefly) | ⏳ By Firefly | No action; VMID 6200 | --- @@ -42,7 +42,7 @@ **Full next steps, operator checklist, and all recommendations:** [CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE](CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE.md). -1. **Confirm on-chain** — Run `./scripts/verify/check-contracts-on-chain-138.sh` (36 addresses) or open each address at https://explorer.d-bis.org/address/
. +1. **Confirm on-chain** — Run `./scripts/verify/check-contracts-on-chain-138.sh` (current canonical target: 75 addresses) or open each address at https://explorer.d-bis.org/address/
. 2. **Verify source on Blockscout** — Use [BLOCKSCOUT_VERIFICATION_GUIDE](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md) and `scripts/verify/run-contract-verification-with-proxy.sh`. 3. **Do not use deprecated bridge** — Use **CCIPWETH9Bridge** at `0xcacfd227A040002e49e2e01626363071324f820a` only. 4. **If deploying more contracts** — Use **`--with-gas-price 1000000000`** for all `forge script`/`forge create` on Chain 138. Phased core: [CONTRACTS_TO_DEPLOY](CONTRACTS_TO_DEPLOY.md), [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md). RPC: Set `RPC_URL_138` in `smom-dbis-138/.env` (e.g. `http://192.168.11.211:8545` or `https://rpc-core.d-bis.org`). Set `PRIVATE_KEY` there too. diff --git a/docs/11-references/TOKENS_DEPLOYER_DEPLOYED_ON_OTHER_CHAINS.md b/docs/11-references/TOKENS_DEPLOYER_DEPLOYED_ON_OTHER_CHAINS.md index 3bac52fc..bdbaba64 100644 --- a/docs/11-references/TOKENS_DEPLOYER_DEPLOYED_ON_OTHER_CHAINS.md +++ b/docs/11-references/TOKENS_DEPLOYER_DEPLOYED_ON_OTHER_CHAINS.md @@ -1,6 +1,6 @@ # Tokens the Deployer Wallet Deployed on Other Blockchains -**Last Updated:** 2026-03-01 +**Last Updated:** 2026-04-04 **Purpose:** List all **token contracts** (ERC-20) that the deployer wallet (`0x4A666F96fC8764181194447A7dFdb7d471b301C8`) deployed on blockchains **other than Chain 138**. Use this to know where the deployer is contract owner/admin and can mint or manage tokens for liquidity and bridges. **Deployer address:** `0x4A666F96fC8764181194447A7dFdb7d471b301C8` @@ -11,7 +11,7 @@ | Token type | Deployed by our deployer on other chains? | Where / notes | |------------|------------------------------------------|----------------| -| **cW*** (compliant wrapped, e.g. cWUSDT, cWUSDC) | **Yes** (optional) | Use DeployCWTokens.s.sol and --deploy-cw; set CW_BRIDGE_ADDRESS. CompliantWrappedToken with MINTER/BURNER for bridge. | +| **cW*** (compliant wrapped, e.g. cWUSDT, cWUSDC) | **Yes** | Use DeployCWTokens.s.sol and `--deploy-cw`; set `CW_BRIDGE_ADDRESS`. Public EVM status today: **full 12-token suite on the 10 currently loaded public EVM chains**: Mainnet, Optimism, Cronos, BSC, Gnosis, Polygon, Base, Arbitrum, Celo, and Avalanche. Wemix remains a desired but still-unloaded target. | | **WETH9 / WETH10** | **Yes** | **Cronos (25):** documented addresses. **BSC, Polygon, Gnosis, Avalanche, Base, Arbitrum, Optimism:** only if DeployAll.s.sol was run with each chain’s RPC (addresses in .env). **Mainnet (1):** DeployAll skips WETH; uses .env. Wrap-only (no mint). | | **ETH** | **No** | Native gas token; not a contract. | | **c*** (compliant, e.g. cUSDT, cUSDC, cEURC) | **Yes** (optional) | Chain 138: DeployCompliantFiatTokens. Other chains: DeployCompliantFiatTokensForChain.s.sol and --deploy-c. | @@ -23,9 +23,9 @@ | Chain | Chain ID | Tokens deployed by deployer | Script | Mint / control | |-------|----------|-----------------------------|--------|-----------------| -| **Cronos** | 25 | **USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW** (7 D-WIN W) + optionally **WETH9, WETH10** | DeployISO4217WSystem.s.sol; DeployAll.s.sol | Mint via MintController (W tokens); WETH = wrap only | -| **Ethereum Mainnet** | 1 | **WETH9, WETH10** only if deployed by this repo (else from .env) | DeployAll.s.sol (skips WETH on Mainnet by default) | Wrap only | -| **BSC, Polygon, Gnosis, Avalanche, Base, Arbitrum, Optimism** | 56, 137, 100, 43114, 8453, 42161, 10 | **WETH9, WETH10** (if DeployAll was run with each chain’s RPC) | DeployAll.s.sol | Wrap only; addresses in .env per chain | +| **Cronos** | 25 | **Full 12-token cW suite** + **USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW** (7 D-WIN W) + optionally **WETH9, WETH10** | DeployCWTokens.s.sol; DeployISO4217WSystem.s.sol; DeployAll.s.sol | cW* mint/burn via bridge roles; W tokens mint via MintController; WETH = wrap only | +| **Ethereum Mainnet** | 1 | **Full 12-token cW suite** | DeployCWTokens.s.sol (Mainnet recovery path) | cW* mint/burn via bridge roles | +| **BSC, Polygon, Gnosis, Avalanche, Base, Arbitrum, Optimism, Celo** | 56, 137, 100, 43114, 8453, 42161, 10, 42220 | **Full 12-token cW suite** and optionally **WETH9, WETH10** (if DeployAll was run with each chain’s RPC) | DeployCWTokens.s.sol; DeployAll.s.sol | cW* mint/burn via bridge roles; WETH = wrap only | | **ALL Mainnet (Alltra)** | 651940 | None from this repo (AUSDT, USDC, WETH, WALL are ecosystem contracts) | — | — | **Chain 138** is not included here; see [CHAIN138_TOKEN_ADDRESSES](CHAIN138_TOKEN_ADDRESSES.md) and [TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER](TOKENS_AND_NETWORKS_MINTABLE_TO_DEPLOYER.md) for tokens the deployer deployed on 138. @@ -70,9 +70,18 @@ These are not mintable to an address; users wrap native CRO to get WETH. ## 2. Ethereum Mainnet (Chain 1) -**DeployAll.s.sol** on Mainnet is configured to **skip** deploying WETH9/WETH10 and the CCIP bridges (they are taken from `.env`). The only contract it deploys is **CCIPLogger** (and that is a logger, not a token). +Ethereum Mainnet now has the full **12-token cW suite** deployed by this repo’s deployer. The active recorded addresses live in `smom-dbis-138/.env`, and the curated wallet-facing list is now mirrored in `token-lists/lists/ethereum-mainnet.tokenlist.json`. -So in normal setup, **no token contracts** on Ethereum Mainnet are deployed by this deployer from this repo; WETH and others are canonical/mainnet contracts. If at some point WETH9/WETH10 were deployed by this deployer on Mainnet, their addresses would be in `WETH9_MAINNET` / `WETH10_MAINNET` in `.env`. +**Important nuance:** `DeployAll.s.sol` on Mainnet still **skips** deploying WETH9/WETH10 and the CCIP bridges (those remain canonical / env-driven). The Mainnet work completed here is the **cW transport-token deployment**, not a new Mainnet WETH deployment. + +Current Mainnet cW suite: + +- `cWUSDT`, `cWUSDC` +- `cWEURC`, `cWEURT` +- `cWGBPC`, `cWGBPT` +- `cWAUDC`, `cWJPYC` +- `cWCHFC`, `cWCADC` +- `cWXAUC`, `cWXAUT` --- @@ -85,7 +94,7 @@ So in normal setup, **no token contracts** on Ethereum Mainnet are deployed by t - **CCIPWETH9Bridge**, **CCIPWETH10Bridge** - **CCIPLogger** (placeholder) -So the **tokens** the deployer may have deployed on these chains are **WETH9** and **WETH10** only, and only if the script was run without pre-set addresses. Deployed addresses would be stored in `.env` (e.g. `WETH9_BSC`, `WETH10_BSC`, `WETH9_POLYGON`, …), not in the repo as a single canonical list. +Separately from that WETH helper path, these chains now also have the repo’s **full 12-token cW suite** recorded in `smom-dbis-138/.env` and mirrored into the public deployment graph (`cross-chain-pmm-lps/config/deployment-status.json`). WETH9/WETH10 remain optional wrap helpers; the `cW*` suite is the transport-token surface. **Mint:** WETH9/WETH10 are wrap-only (no arbitrary mint to deployer); users deposit native gas to get WETH. @@ -103,9 +112,9 @@ Tokens on ALL Mainnet (AUSDT, USDC, WETH, WALL, etc.) are **ecosystem/Alltra** c | Script | Chains | Tokens deployed | |--------|--------|------------------| -| **`scripts/deployment/deploy-tokens-and-weth-all-chains-skip-canonical.sh`** | 1, 25, 56, 137, 100, 43114, 8453, 42161, 10, 651940 | DeployAll (WETH9/WETH10) when not set; Cronos ISO-4217 W when USDW missing; **--deploy-c** runs cUSDT/cUSDC per chain (skip 138, 1); **--deploy-cw** runs cWUSDT/cWUSDC per chain; 651940 env validation only. Options: `--dry-run`, `--chain 25 56`, `--no-iso4217`, `--iso4217-only`, `--deploy-c`, `--deploy-cw`. | +| **`scripts/deployment/deploy-tokens-and-weth-all-chains-skip-canonical.sh`** | 1, 25, 56, 137, 100, 43114, 8453, 42161, 10, 651940 | DeployAll (WETH9/WETH10) when not set; Cronos ISO-4217 W when USDW missing; **--deploy-c** runs cUSDT/cUSDC per chain (skip 138, 1); **--deploy-cw** runs the full primary 12-token cW suite (`cWUSDT` … `cWXAUT`) per chain; 651940 env validation only. Options: `--dry-run`, `--chain 25 56`, `--no-iso4217`, `--iso4217-only`, `--deploy-c`, `--deploy-cw`. | | `script/deploy/DeployCompliantFiatTokensForChain.s.sol` | Any (e.g. 56, 137, 100) | cUSDT, cUSDC; optional cEURC, cEURT, … via env | -| `script/deploy/DeployCWTokens.s.sol` | Any | cWUSDT, cWUSDC (CompliantWrappedToken); requires CW_BRIDGE_ADDRESS | +| `script/deploy/DeployCWTokens.s.sol` | Any | Full primary 12-token cW suite (`cWUSDT`, `cWUSDC`, `cWEURC`, `cWEURT`, `cWGBPC`, `cWGBPT`, `cWAUDC`, `cWJPYC`, `cWCHFC`, `cWCADC`, `cWXAUC`, `cWXAUT`); requires CW_BRIDGE_ADDRESS | | `script/deploy/iso4217w/DeployISO4217WSystem.s.sol` | Any (typically Cronos 25) | USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW + MintController, TokenRegistry, etc. | | `script/DeployAll.s.sol` | 25, 56, 137, 100, 43114, 8453, 42161, 10 | WETH9, WETH10 (if not in .env) | | `script/DeployAll.s.sol` | 1 (Mainnet) | None (uses .env WETH9/WETH10); only CCIPLogger | @@ -124,16 +133,17 @@ The following items have been **brought within scope** and are implemented. - **All-chains script:** `deploy-tokens-and-weth-all-chains-skip-canonical.sh --deploy-c` For each chain (except 138 and 1), if `CUSDT_` / `CUSDC_` are unset, runs `DeployCompliantFiatTokensForChain` and prompts to set addresses in .env. -### 6.2 cW* (compliant wrapped: cWUSDT, cWUSDC) on public chains — **Implemented** +### 6.2 cW* (compliant wrapped primary suite) on public chains — **Implemented** - **Contract:** `smom-dbis-138/contracts/tokens/CompliantWrappedToken.sol` ERC-20 with `MINTER_ROLE` and `BURNER_ROLE`; only minter can mint, only burner can burn (e.g. bridge). - **Script:** `smom-dbis-138/script/deploy/DeployCWTokens.s.sol` - Deploys cWUSDT and cWUSDC, grants `MINTER_ROLE` and `BURNER_ROLE` to `CW_BRIDGE_ADDRESS`. -- **Env:** `CW_BRIDGE_ADDRESS` (required for deploy) or per-chain `CW_BRIDGE_`; after deploy set `CWUSDT_`, `CWUSDC_`. + Deploys the repo’s primary 12-token cW suite (`cWUSDT`, `cWUSDC`, `cWEURC`, `cWEURT`, `cWGBPC`, `cWGBPT`, `cWAUDC`, `cWJPYC`, `cWCHFC`, `cWCADC`, `cWXAUC`, `cWXAUT`) and grants `MINTER_ROLE` and `BURNER_ROLE` to `CW_BRIDGE_ADDRESS`. +- **Env:** `CW_BRIDGE_ADDRESS` (required for deploy) or per-chain `CW_BRIDGE_`; after deploy set the corresponding `CW*_` variables in `.env`. - **All-chains script:** `deploy-tokens-and-weth-all-chains-skip-canonical.sh --deploy-cw` - For each chain, if `CWUSDT_` is unset and bridge address is set, runs `DeployCWTokens` and prompts to set addresses in .env. -- **Current live bridge note:** cW* token deployment is implemented on multiple chains, but generic public-chain mint-on-receive still requires a dedicated cW-capable receiver. The proven live exception is Avalanche `cUSDT -> cWUSDT` via AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75`. + For each chain, if `CWUSDT_` is unset and bridge address is set, runs `DeployCWTokens` and prompts to set the full suite of `CW*_` addresses in `.env`. +- **Current live bridge note:** cW* token deployment is implemented on multiple chains, but generic public-chain mint-on-receive still requires a dedicated cW-capable receiver. The repo now proves live lock/mint corridors for Avalanche `cUSDT -> cWUSDT` via AVAX cW bridge `0x635002c5fb227160cd2eac926d1baa61847f3c75`, and for Mainnet `cUSDC -> cWUSDC` plus `cUSDT -> cWUSDT` via Mainnet `CWMultiTokenBridgeL2` `0x2bF74583206A49Be07E0E8A94197C12987AbD7B5`. +- **Current live token-state note:** the currently loaded public EVM cW token mesh is now **10/10 full sets** across Mainnet, Optimism, Cronos, BSC, Gnosis, Polygon, Base, Arbitrum, Celo, and Avalanche. `Wemix` remains outside the loaded mesh. ### 6.3 AUSDT and ALL Mainnet (651940) — **Implemented (env validation only)** diff --git a/docs/11-references/TOKEN_CATEGORIES_CANONICAL.md b/docs/11-references/TOKEN_CATEGORIES_CANONICAL.md index c4efd7a6..c14aee1b 100644 --- a/docs/11-references/TOKEN_CATEGORIES_CANONICAL.md +++ b/docs/11-references/TOKEN_CATEGORIES_CANONICAL.md @@ -1,7 +1,7 @@ # Token Categories — Canonical Reference -**Last Updated:** 2026-02-28 -**Status:** Authoritative list of token categories for Chain 138, ALL Mainnet, compliant wrapped (cW*), and D-WIN W tokens. +**Last Updated:** 2026-04-07 +**Status:** Authoritative list of token categories for Chain 138, ALL Mainnet, compliant wrapped (cW*), D-WIN W tokens, and gas-native GRU transport families. --- @@ -17,6 +17,8 @@ Tokens native to or deployed on **ChainID 138** (DeFi Oracle Meta Mainnet): nati | **LINK** | Chainlink Token | `0xb7721dD53A8c629d9f1Ba31a5819AFe250002b03` | | **cUSDT** | Compliant Tether USD | `0x93E66202A11B1772E55407B32B44e5Cd8eda7f22` | | **cUSDC** | Compliant USD Coin | `0xf22258f57794CC8E06237084b353Ab30fFfa640b` | +| **cAUSDT** | Compliant Alltra/USD T | `0x5fdDF65733e3d590463F68f93Cf16E8c04081271` | +| **cUSDW** | USD W (compliant hub; GRU / D-WIN-aligned) | `0xcA6BFa614935f1AB71c9aB106bAA6FBB6057095e` | | **cEURT** | Compliant Tether EUR | Deploy / env; see canonical-tokens.ts | | **cEURC** | Compliant Euro Coin | Deploy / env; see canonical-tokens.ts | | **cGBPT** | Compliant Tether GBP | Deploy / env | @@ -29,7 +31,6 @@ Tokens native to or deployed on **ChainID 138** (DeFi Oracle Meta Mainnet): nati | **cCHFC** | Compliant Swiss Franc | Deploy / env | | **cCADT** | Compliant Tether CAD | Deploy / env | | **cCADC** | Compliant Canadian Dollar (Coin) | Deploy / env | -| **cAUSDT** | Compliant Alltra/USD T | Deploy / env (e.g. ALL Mainnet bridge) | **Source of addresses:** [CHAIN138_TOKEN_ADDRESSES](CHAIN138_TOKEN_ADDRESSES.md), [canonical-tokens.ts](../../smom-dbis-138/services/token-aggregation/src/config/canonical-tokens.ts) (FALLBACK_ADDRESSES + env). @@ -51,6 +52,8 @@ Tokens on **ChainID 651940** (ALL Mainnet / Alltra): native gas token and ecosys **Source:** [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md). +For inbound gold corridors from Chain 138, ALL Mainnet uses a naming exception: the bridge-minted wrapped tokens are **`cWAXAUC`** / **`cWAXAUT`**, and unwrapping on ALL Mainnet lands as **`cAXAUC`** / **`cAXAUT`**. This is distinct from generic public-chain **`cWXAUC`** / **`cWXAUT`** naming and remains pair-specific until those ALL Mainnet gold contracts are deployed. + --- ## 3. Compliant Wrapped Tokens for Public Blockchains (cW*) @@ -73,6 +76,7 @@ Bridged representations of Canonical 138 Compliant tokens on **public chains** ( | **cWJPYC** | Wrapped cJPYC | | **cWCHFC** | Wrapped cCHFC | | **cWCADC** | Wrapped cCADC | +| **cWAUSDT** | Wrapped cAUSDT / Alltra USD transport mirror | | **cWUSDW** | Wrapped USDW (D-WIN W) | | **cWEURW** | Wrapped EURW | | **cWGBPW** | Wrapped GBPW | @@ -83,12 +87,30 @@ Bridged representations of Canonical 138 Compliant tokens on **public chains** ( **Context:** M1 tokens on Chain 138 (cUSDT, cUSDC, cEURT, cEURC, etc.) are bridged to public chains as **cW*** wrappers. The intended public-chain stabilization model uses single-sided PMM edge pools (cW* / USDC, cW* / USDT) plus a bot-driven mesh **when deployed**; broader edge-pool rollout is still partial. See [cross-chain-pmm-lps](../../cross-chain-pmm-lps/README.md), [LIQUIDITY_POOLS_MASTER_MAP](LIQUIDITY_POOLS_MASTER_MAP.md) § Public-chain cW* stabilization. +For **AUSDT**, the repo now models the live **ALL Mainnet AUSDT -> public cWAUSDT -> Chain 138 cAUSDT** corridor. BSC, Polygon, Avalanche, and Celo `cWAUSDT` mirrors are deployed and bridge-wired; public edge PMM pools for those mirrors remain a separate rollout. + +For **gold**, generic public-chain wrappers remain **`cWXAUC`** / **`cWXAUT`**, but the **ALL Mainnet** destination corridor is a special case: **`cWAXAUC`** / **`cWAXAUT`** are the bridge-minted wrapped assets on chain **651940**, and unwrapping there yields **`cAXAUC`** / **`cAXAUT`**. + --- ## 4. D-WIN W Tokens **ISO-4217 W** tokens (D-WIN W): multi-currency W tokens deployed e.g. on Cronos (Chain 25) and optionally Chain 138 / 651940. +### 4.1 Public “USD DWIN” (CMC-listed) vs Cronos ISO-4217W USDW + +Do **not** conflate these: + +| Asset | Where | Notes | +|-------|--------|--------| +| **USDW** (ISO-4217W script family) | Cronos **25** | Table below; `canonical-tokens.ts` **FALLBACK_ADDRESSES.USDW[25]** | +| **USDW** (“USD DWIN”, CMC) | **BSC 56** | Current: `0xed75ad08f416d4e53e4d45dd5140a4c8b84f39fb`; deprecated: `0xabddb950f2ae8430c5a818f8bb4ec09e3ae41253` | +| **USDW** (“USD DWIN”, CMC) | **Polygon 137** | Current: `0x3deb0c60f0be9d9b99da83a2b6b2ee790f5af37a`; deprecated: `0x60f7dd499956ec8fcea8ed80e9d7eade4ccdc417` | + +CMC documents a **1:1 swap** from old to new BSC and Polygon contracts; see [CoinMarketCap — USD DWIN](https://coinmarketcap.com/currencies/usd-dwin/). Repo pins: **`config/token-mapping-multichain.json`** → **`dwinUsdWinPublic`**. **GRU** flow: lock native DWIN USDW → mint **cWUSDW** → bridge ↔ **cUSDW** on Chain 138 — runbook **`docs/03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md`**. + +### 4.2 Cronos (and script-aligned) W table + | Symbol | Description | Cronos (25) address | |--------|-------------|----------------------| | **USDW** | USD W Token | `0x948690147D2e50ffe50C5d38C14125aD6a9FA036` | @@ -103,20 +125,41 @@ Bridged representations of Canonical 138 Compliant tokens on **public chains** ( --- +## 5. Gas-Native GRU Transport Families + +These are governance-approved GRU transport families that mirror public-chain gas assets while keeping Chain 138 as the canonical accounting layer. + +| Symbol | Description | Chain 138 address / status | +|--------|-------------|----------------------------| +| **cETH** | Ethereum mainnet gas family | `0xf8e9802a1766422e33a269556ad5fc032338eefc` | +| **cETHL2** | Ethereum L2 gas family | `0x18a6b163d255cc0cb32b99697843b487d059907d` | +| **cBNB** | BNB gas family | `0x94517875f32680984a5921da7abf78e22f65d70f` | +| **cPOL** | Polygon gas family | `0x19fec21edede9edb91d1fbec7c4095c5ac1fc10c` | +| **cAVAX** | Avalanche gas family | `0x9c8f6f4fe1e535e6f85a78ee95249ded5540a2d0` | +| **cCRO** | Cronos gas family | `0xfb48bb6c623571f9795b535b73f0d660e8643fd4` | +| **cXDAI** | Gnosis/xDAI gas family | `0xa39a59138f8a45b4a31455875b8a29ff31e76ec8` | +| **cCELO** | Celo gas family | `0x1814661dae0933bf397b1274f5a62411b94195c7` | +| **cWEMIX** | Wemix hub gas family | `0x4d82206bec5b4dfa17759ffede07e35f4f63a050` | + +These are formal GRU ecosystem assets, but they are not `c* V2` ISO-4217 payment tokens. They follow the gas-native transport policy set in `config/gru-transport-active.json` and are tracked in `config/gru-monetary-unit-manifest.json`. + +--- + ## Summary table | Category | Scope | Examples | |----------|--------|----------| | **1. Canonical 138 Compliant** | Chain 138 native + WETH, WETH10, LINK, cUSDT, cUSDC, cEURT, cEURC, cGBPT, cGBPC, cAUDT, cAUDC, cJPYT, cJPYC, cCHFT, cCHFC, cCADT, cCADC, cAUSDT | ETH, WETH, cUSDT, cUSDC | | **2. ALL Mainnet (Alltra)** | Chain 651940 | Native, AUSDT, USDT, USDC, WETH, WALL, ACADT | -| **3. Compliant Wrapped (cW*)** | Public chains (bridged from 138) | cWUSDT, cWUSDC, cWEURT, cWEURC, cWUSDW, … | -| **4. D-WIN W Tokens** | Cronos (25) / 138 / 651940 | USDW, EURW, GBPW, AUDW, JPYW, CHFW, CADW | +| **3. Compliant Wrapped (cW*)** | Public chains (bridged from 138) | cWUSDT, cWUSDC, cWAUSDT, cWEURT, cWEURC, cWUSDW, … | +| **4. D-WIN W Tokens** | Cronos (25) / 138 / 651940; plus CMC **USD DWIN** on BSC/Polygon (see 4.1) | USDW, EURW, …; **cUSDW** / **cWUSDW** for GRU hub | +| **5. Gas-Native GRU Families** | Chain 138 canonical gas-family mirrors for public chains | cETH, cETHL2, cBNB, cPOL, cAVAX, cCRO, cXDAI, cCELO, cWEMIX | --- ## Gaps and alignment notes -- **canonical-tokens.ts:** Defines **cEURC**, **cEURT**, **cGBPC**, **cGBPT**, **cAUDC**, **cJPYC**, **cCHFC**, **cCADC** (no **cAUDT**, **cJPYT**, **cCHFT**, **cCADT**, **cAUSDT** in the base list). Category 1 uses both T (Tether-style) and C (Coin-style): **cCADT** and **cCADC** for CAD; D-WIN is **CADW**; wrapped are **cWCADT**, **cWCADC**, **cWCADW**; Alltra is **ACADT**. **cAUSDT** is referenced in ISO4217 and tests but not in CANONICAL_TOKENS; add when Alltra/bridge compliant token is defined. +- **canonical-tokens.ts:** Defines **cEURC**, **cEURT**, **cGBPC**, **cGBPT**, **cAUDC**, **cJPYC**, **cCHFC**, **cCADC**, plus live **cAUSDT** and public-edge **cWAUSDT** mirrors. Category 1 still uses both T (Tether-style) and C (Coin-style): **cCADT** and **cCADC** for CAD; D-WIN is **CADW**; wrapped are **cWCADT**, **cWCADC**, **cWCADW**; Alltra is **ACADT**. - **FALLBACK_ADDRESSES** (canonical-tokens.ts): Only **cUSDC**, **cUSDT**, and the seven **D-WIN W** tokens (Cronos) have hardcoded addresses. All other Category 1 tokens rely on env (e.g. `cEURT_ADDRESS_138`). - **CHAIN138_TOKEN_ADDRESSES.md:** Lists only the five deployed tokens (WETH, WETH10, LINK, cUSDT, cUSDC). For the full Category 1 list and status, see this document. - **list-deployer-tokens-all-networks.sh:** Reports only tokens with known addresses (Chain 138: the five above + USDT official). When cEURT, cEURC, etc. are deployed, add their addresses to the script or source from a single config. @@ -125,6 +168,8 @@ Bridged representations of Canonical 138 Compliant tokens on **public chains** ( ## References +- [USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST](../03-deployment/USD_DWIN_CUSDW_CWUSDW_BRIDGE_CHECKLIST.md) — CMC USD DWIN addresses, mapper keys, GRU activation notes +- [AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST](../03-deployment/AUSDT_CAUSDT_CWAUSDT_BRIDGE_CHECKLIST.md) — ALL Mainnet AUSDT source pins, `cWAUSDT` mirrors, and `cAUSDT` activation gate - [CHAIN138_TOKEN_ADDRESSES](CHAIN138_TOKEN_ADDRESSES.md) — Chain 138 contract addresses (deployed subset) - [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md) — Networks and tokens by chain - [LIQUIDITY_POOLS_MASTER_MAP](LIQUIDITY_POOLS_MASTER_MAP.md) — cW* edge pools and stabilization diff --git a/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md b/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md index 0c3f31b6..ecfb20ad 100644 --- a/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md +++ b/docs/11-references/TOKEN_CONTRACT_DEPLOYMENTS_REMAINING.md @@ -1,6 +1,6 @@ # Token Contract Deployments — Remaining -**Last Updated:** 2026-02-28 +**Last Updated:** 2026-04-04 **Purpose:** Single list of all **remaining** token-related contract deployments (by category and chain). **Related:** [TOKEN_CATEGORIES_CANONICAL](TOKEN_CATEGORIES_CANONICAL.md), [DEPLOYED_COINS_TOKENS_AND_NETWORKS](DEPLOYED_COINS_TOKENS_AND_NETWORKS.md), [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md). @@ -10,21 +10,23 @@ | Category | Chain(s) | Status | Script / notes | |----------|----------|--------|----------------| -| **1. Canonical 138 Compliant (extra)** | 138 | Not deployed | DeployCompliantFiatTokens.s.sol | +| **1. Canonical 138 Compliant (extra)** | 138 | Mostly complete | `DeployCompliantFiatTokens.s.sol` is done; optional `cCADT` and follow-on vault extensions remain | | **2. ALL Mainnet (Alltra)** | 651940 | ACADT not deployed | No script in repo; TBD | -| **3. Compliant Wrapped (cW\*)** | 1, 56, 137, 10, 42161, etc. | Not deployed | Bridge + pool-matrix per chain | +| **3. Compliant Wrapped (cW\*)** | 1, 56, 137, 10, 42161, etc. | Token mesh largely complete | Remaining work is bridge promotion where needed plus PMM edge pools per chain | | **4. D-WIN W on 138 / 651940** | 138, 651940 | Optional | DeployISO4217WSystem or extend | | **5. Vault ac\* / vdc\* / sdc\*** | 138 | After base tokens | DeployAcVdcSdcVaults (extend for new base) | -| **6. cAUSDT** | 138 | Not deployed | Env / bridge when Alltra compliant token defined | +| **6. cAUSDT** | 138 | Live | Deployed at `0x5fdDF65733e3d590463F68f93Cf16E8c04081271`; remaining work is the public `cWAUSDT` pool rollout | --- -## 1. Canonical 138 Compliant — Remaining +## 1. Canonical 138 Compliant — Status and Remaining Items -Tokens in **Category 1** that do not yet have deployed addresses on Chain 138 (WETH, WETH10, LINK, cUSDT, cUSDC are already deployed). +The main Category 1 expansion deploy is complete on Chain 138. The remaining items here are optional additions and follow-on extensions. ### 1.1 DeployCompliantFiatTokens (CREATE2) +**Status:** Completed on 2026-02-27 for the scripted expansion set. + **Script:** `smom-dbis-138/script/deploy/DeployCompliantFiatTokens.s.sol` **Tokens deployed by script:** cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT. @@ -47,7 +49,13 @@ forge script script/deploy/DeployCompliantFiatTokens.s.sol:DeployCompliantFiatTo ### 1.3 cAUSDT (Compliant Alltra/USD T) -**Status:** No deployment script in repo. Referenced in [TOKEN_CATEGORIES_CANONICAL](TOKEN_CATEGORIES_CANONICAL.md) and ISO4217/tests. Deploy or configure via env when the Alltra/bridge compliant USD token is defined. +**Status:** Live on Chain 138 at `0x5fdDF65733e3d590463F68f93Cf16E8c04081271`. + +The remaining work is no longer the base-token deployment. It is the public transport and liquidity layer: + +1. Keep the `651940 AUSDT -> 138 cAUSDT` route and the `138 -> cWAUSDT` mappings aligned in config. +2. Maintain the live `cWAUSDT` transport mirrors on BSC, Polygon, Avalanche, and Celo. +3. Create and fund the planned public edge PMM pools where needed. --- @@ -70,7 +78,9 @@ AUSDT, USDT, USDC, WETH, WALL are already deployed on 651940. See [DEPLOYED_COIN **Tokens:** cWUSDT, cWUSDC, cWEURT, cWEURC, cWGBPT, cWGBPC, cWAUDT, cWAUDC, cWJPYT, cWJPYC, cWCHFT, cWCHFC, **cWCADT**, **cWCADC**, cWUSDW, cWEURW, cWGBPW, cWAUDW, cWJPYW, cWCHFW, **cWCADW**. -**Status:** No addresses in deployment-status; deployment from this repo not yet done. When a deployment path exists (bridge + factory or DODO): +**Status:** The tracked public-EVM `cW*` token mesh is now loaded for Mainnet, Cronos, BSC, Gnosis, Polygon, Optimism, Arbitrum, Base, Avalanche, and Celo. Remaining work is bridge promotion where needed and public edge pool deployment. + +When a new deployment path or new chain target is introduced: 1. Deploy or bridge cW* tokens per chain. 2. Create and fund PMM edge pools per [cross-chain-pmm-lps](https://gitea.d-bis.org/d-bis/cross-chain-pmm-lps) pool-matrix and [LIQUIDITY_POOLS_MASTER_MAP](LIQUIDITY_POOLS_MASTER_MAP.md). @@ -102,7 +112,7 @@ AUSDT, USDT, USDC, WETH, WALL are already deployed on 651940. See [DEPLOYED_COIN **Current scope:** Creates vaults for **acUSDC**, **acUSDT** (and corresponding vdc/sdc). Run after DeployVaultSystem and when cUSDC/cUSDT addresses are set. -**Remaining:** After deploying **DeployCompliantFiatTokens** (cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT), extend DeployAcVdcSdcVaults (or add a new script) to create ac*/vdc*/sdc* for each new base token. See [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) § Vault ac* / vdc* / sdc*. +**Remaining:** Extend DeployAcVdcSdcVaults (or add a new script) to create ac*/vdc*/sdc* for each deployed non-core base token such as cEURC, cEURT, cGBPC, cGBPT, cAUDC, cJPYC, cCHFC, cCADC, cXAUC, cXAUT, and cAUSDT. See [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) § Vault ac* / vdc* / sdc*. --- diff --git a/docs/12-quick-reference/QUICK_REFERENCE_CARDS.md b/docs/12-quick-reference/QUICK_REFERENCE_CARDS.md index 5d9c8362..39ed5c4d 100644 --- a/docs/12-quick-reference/QUICK_REFERENCE_CARDS.md +++ b/docs/12-quick-reference/QUICK_REFERENCE_CARDS.md @@ -34,8 +34,8 @@ | 100–130 | Infrastructure, monitoring | | 1000–1499 | Besu validators | | 1500–1999 | Besu sentries | -| 2101, 2201, 2301–2308 | RPC nodes | -| 2400–2505 | RPC / NGINX public (2506–2508 destroyed 2026-02-08) | +| 2101–2103, 2201, 2301, 2303–2308 | Core/public/private RPC nodes | +| 2400–2403, 2420, 2430, 2440, 2460, 2470, 2480 | Thirdweb + edge permissioned/private RPC nodes | | 5000 | Explorer (Blockscout) | | 7810–7811 | MIM4U | | 10233 | NPMplus LXC | @@ -61,7 +61,7 @@ | Item | Value | |------|-------| -| **On-chain check** | `./scripts/verify/check-contracts-on-chain-138.sh` (uses `RPC_URL_138`, 36 addresses) | +| **On-chain check** | `./scripts/verify/check-contracts-on-chain-138.sh` (uses `RPC_URL_138`, current canonical target `75/75`) | | **Deploy (Forge)** | Always use `--with-gas-price 1000000000` on Chain 138 | | **Addresses** | [CONTRACT_ADDRESSES_REFERENCE](../11-references/CONTRACT_ADDRESSES_REFERENCE.md), [ADDRESS_MATRIX_AND_STATUS](../11-references/ADDRESS_MATRIX_AND_STATUS.md) | @@ -130,7 +130,7 @@ Expected: Table with columns VMID, status, name, type (e.g. `running`, `ubuntu-2 | Service down | `systemctl status `, logs | | Network / no connectivity | `ping`, `curl`, DNS, firewall | | Consensus / QBFT | [QBFT_TROUBLESHOOTING.md](../09-troubleshooting/QBFT_TROUBLESHOOTING.md) | -| RPC not responding | Check VMID 2400–2505, NGINX, Cloudflare tunnel | +| RPC not responding | Check current RPC fleet (`2101`-`2103`, `2201`, `2301`/`2303`-`2308`, `2400`-`2403`, `2420`/`2430`/`2440`, `2460`/`2470`/`2480`), NGINX, Cloudflare tunnel | | Cloudflare tunnel | [CLOUDFLARE_ROUTING_MASTER.md](../05-network/CLOUDFLARE_ROUTING_MASTER.md) | **See:** [TROUBLESHOOTING_FAQ.md](../09-troubleshooting/TROUBLESHOOTING_FAQ.md). diff --git a/docs/12-quick-reference/TROUBLESHOOTING_QUICK_REFERENCE.md b/docs/12-quick-reference/TROUBLESHOOTING_QUICK_REFERENCE.md index 9ec75737..17eae231 100644 --- a/docs/12-quick-reference/TROUBLESHOOTING_QUICK_REFERENCE.md +++ b/docs/12-quick-reference/TROUBLESHOOTING_QUICK_REFERENCE.md @@ -165,7 +165,7 @@ curl -X POST http://localhost:8545 -H "Content-Type: application/json" \ #### RPC Endpoint ```bash # Check RPC container -pct status 2500 +pct status 2101 # Check Nginx pct exec 105 nginx -t diff --git a/docs/12-quick-reference/VALIDATED_SET_QUICK_REFERENCE.md b/docs/12-quick-reference/VALIDATED_SET_QUICK_REFERENCE.md index 3a7e2bbc..c1862f22 100644 --- a/docs/12-quick-reference/VALIDATED_SET_QUICK_REFERENCE.md +++ b/docs/12-quick-reference/VALIDATED_SET_QUICK_REFERENCE.md @@ -38,7 +38,7 @@ sudo ./scripts/health/check-node-health.sh ### Check All Services ```bash -for vmid in 1000 1001 1002 1003 1004 1500 1501 1502 1503 2500 2501 2502; do +for vmid in 1000 1001 1002 1003 1004 1500 1501 1502 1503 2101 2201 2301; do echo "=== Container $vmid ===" pct exec $vmid -- systemctl status besu-validator besu-sentry besu-rpc --no-pager 2>/dev/null | head -5 done @@ -50,7 +50,7 @@ done |------------|------|--------------| | 1000-1004 | Validators | besu-validator | | 1500-1503 | Sentries | besu-sentry | -| 2500-2502 | RPC Nodes | besu-rpc | +| 2101/2201/2301 | Core/Public/Private RPC | besu-rpc | ## Script Options diff --git a/docs/GALATIC_SUMMARY.md b/docs/GALATIC_SUMMARY.md index bcd7de96..7de2cc3d 100644 --- a/docs/GALATIC_SUMMARY.md +++ b/docs/GALATIC_SUMMARY.md @@ -1,7 +1,7 @@ # Galatic Summary — Chain 138 Ecosystem, Routing, and Integrations **Audience:** Galatic -**Last Updated:** 2026-03-26 +**Last Updated:** 2026-04-02 **Purpose:** Single reference for what is built, all available routing (DEX and aggregators), On-Ramp/Off-Ramp, Fireblocks, and other integrations. --- @@ -31,13 +31,15 @@ | **Stablecoins** | Compliant cUSDT, cUSDC | Deployed | cUSDT, cUSDC; optional cEURC, cEURT, cGBP*, cAUDC, cJPYC, cCHFC, cCADC, cXAU* | | **Bridges** | Bridge Vault (multi-chain stablecoin) | Deployed | `0x31884f84555210FFB36a19D2471b8eBc7372d0A8` | | **CCIP** | CCIP WETH9/WETH10 bridges (138 ↔ Ethereum L2s) | Deployed | Deterministic addresses; LINK-funded | -| **PMM / DEX** | DODOPMMIntegration | Deployed | `0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` (corrected canonical stack) | -| **PMM pools** | Full desired-state Chain 138 PMM inventory | Created | `104` pools reconciled and aligned | -| **PMM routing** | DODOPMMProvider | Deployed | `0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381`; `104` aligned routes | +| **PMM / DEX** | DODOPMMIntegration | Deployed | `0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895` (canonical official-DVM-backed stable stack) | +| **PMM pools** | Canonical public stable pools + retained XAU pools | Live | Stable: cUSDT/cUSDC `0x9e89bAe009adf128782E19e8341996c596ac40dC`, cUSDT/USDT `0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66`, cUSDC/USDC `0xc39B7D0F40838cbFb54649d327f49a6DAC964062`; public XAU pools remain on the older PMM phase | +| **PMM routing** | DODOPMMProvider | Deployed | `0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e`; supports the canonical stable pool set | | **Registry** | ChainRegistry (UUPS proxy) | Deployed | `0x6949137625CA923A4e9C80D5bc7DF673f9bbb84F`; EVM + non-EVM chain registry | -| **Truth Network** | TruthNetworkAdapter (non-EVM) | Deployed | `0x7880Ef14887a0567807AcF785eC92553D014930f`; Truth registered in ChainRegistry | +| **Truth Network** | TruthNetworkAdapter (non-EVM) | Deployed | `0x7880Ef14887a0567807AcF785eC92553D014930f`; Truth registered in ChainRegistry, but this is a registry/pointer attachment to the Ethereum ↔ Truth bridge story, not a direct 138 ↔ Truth CCIP lane | +| **Tron** | TronAdapter (non-EVM) | Deployed | `0x28a94FB4bC415Ac3273211429338f768074CBEF6`; relay/off-chain wiring still defines end-to-end usability | +| **Solana** | SolanaAdapter (non-EVM / SVM) | Contract in repo | `SolanaAdapter` in `smom-dbis-138`; list under `token-mapping-multichain.json` → `nonEvmNetworks` (no EIP-155 id); deploy address in inventory when registered on 138 | | **Trustless bridge** | Lockbox138 | Deployed | `0xFce6f50B312B3D936Ea9693C5C9531CF92a3324c` | -| **Multi-provider DEX router** | EnhancedSwapRouter | Not deployed | For Uniswap/Balancer/Curve/1inch when pools exist on 138 | +| **Multi-provider DEX router** | EnhancedSwapRouterV2 + pilot venue layer | Live | Router-v2 plus funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are live on 138; public planner/execution uses the canonical routing asset `WETH` lane | | **Swap–bridge–swap** | SwapBridgeSwapCoordinator | Script exists | Deploy when E2E swap+bridge+swap flow is needed | **References:** @@ -66,12 +68,14 @@ - **Live today:** - **DODO-style PMM** via **DODOPMMIntegration** and **DODOPMMProvider**. - - **Canonical corrected stack:** full JSON-defined PMM inventory live on Chain 138. + - **Canonical current stable stack:** cUSDT/cUSDC, cUSDT/USDT, and cUSDC/USDC are live on the official-DVM-backed integration; retained public XAU pools remain on the older PMM phase. - Swaps: use pool address + `swapCUSDTForUSDC`, `swapCUSDTForUSDT`, `swapCUSDCForUSDC`, etc., with approval on the integration contract. -- **Designed, not deployed:** - - **EnhancedSwapRouter** — size/slippage/liquidity-based routing across Uniswap V3, Dodoex PMM, Balancer, Curve, 1inch. To be used when Uniswap/Balancer/Curve pools exist on 138. +- **Live pilot-compatible venue layer:** + - **EnhancedSwapRouterV2** now routes across DODO V2 PMM, DODO v3 pilot, and the funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues on 138. Public planner visibility is live at `/token-aggregation/api/v2`, and the canonical `WETH -> USDT` lane currently resolves through the pilot `Uniswap_v3` venue. +- **Important boundary:** + - Those live `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are **Chain 138 canonical routing venues**, not public-chain `cW*` pool venues. The repo still treats public-chain `cW*` PMM/AMM liquidity as design-only until edge pools are actually deployed. -**Routing logic (when EnhancedSwapRouter is deployed):** +**Routing logic (router-v2 / planner-v2):** - By size: small (<$10k) → Uniswap V3 / Dodoex; medium ($10k–$100k) → Dodoex → Balancer → Uniswap V3; large (>$100k) → Dodoex → Curve → Balancer. - By slippage/liquidity: low slippage → Dodoex (PMM); medium → Balancer; high → Curve. @@ -112,11 +116,12 @@ | Capability | Available | Where | |------------|------------|--------| | Single-hop quote (API) | Yes | `GET /api/v1/quote` | -| DODO PMM on-chain swaps | Yes | DODOPMMIntegration + corrected DODOPMMProvider; 104 aligned pools | -| Multi-provider one-leg routing | No (router not deployed) | Would be EnhancedSwapRouter | +| DODO PMM on-chain swaps | Yes | DODOPMMIntegration + DODOPMMProvider on the canonical stable stack; direct stable and retained XAU routes are live | +| Multi-provider one-leg routing | Yes (Chain 138 canonical lanes) | EnhancedSwapRouterV2 on Chain 138 for canonical `WETH` / stable and related lanes | | N-hop path (A→B→C on one chain) | No | No graph-based multi-hop API | | Swap–bridge–swap (cross-chain) | Yes (orchestration) | QuoteService + optional SwapBridgeSwapCoordinator | | 1inch / ParaSwap / 0x on 138 | No | Aggregators do not support Chain 138 yet | +| Public-chain cW* pools | No | cW tokens/bridges exist in places, but the repo does not record live cW* pool contracts on Balancer, Curve, DODO edge, Uniswap, or 1inch | --- @@ -189,15 +194,24 @@ | Bridge | Scope | Tokens | Notes | |--------|--------|--------|--------| -| **CCIP** | 138 ↔ Ethereum, Optimism, Polygon, Arbitrum, Base, BSC, Avalanche; Gnosis, Celo, Wemix config-ready | WETH, WETH10, cUSDT, cUSDC, LINK | Fees in LINK; deterministic receiver addresses | +| **CCIP (live EVM matrix)** | 138 ↔ Ethereum, Optimism, Polygon, Arbitrum, Base, BSC, Avalanche, Cronos, Gnosis, Celo | WETH, WETH10, cUSDT, cUSDC, LINK | Fees in LINK; deterministic receiver addresses; use the deployed-tokens status doc as canonical live-state reference | +| **CCIP (pending EVM)** | 138 ↔ Wemix | WETH, WETH10, cUSDT, cUSDC, LINK | Repo wiring exists, but operator completion is still pending | | **Bridge Vault** | Multi-chain stablecoin (Ethereum, Polygon, BNB) | cUSDT, cUSDC | Vault: `0x31884f84555210FFB36a19D2471b8eBc7372d0A8` | -| **Truth Network** | Ethereum ↔ Truth (Substrate); adapter on 138 | TRUU (lift/burn) | TruthNetworkAdapter on 138; Truth registered in ChainRegistry | +| **Truth Network** | Ethereum ↔ Truth (Substrate); adapter on 138 | TRUU (lift/burn) | TruthNetworkAdapter on 138; Chain 138 is registry/pointer only today, not a normal CCIP destination | +| **Tron** | Chain 138 non-EVM adapter program | Tron-side relay assets | `TronAdapter` exists on 138; treat as adapter + off-chain relay program, not CCIP | +| **Solana** | SVM mainnet-beta; non-EVM adapter pattern | TBD per relay | `SolanaAdapter` in repo; CAIP-2 `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp`; not a CCIP EVM destination | | **AlltraAdapter** | ALL Mainnet (651940) | Custom | CCIP/Li.Fi not supported on 651940 | +| **Etherlink / Tezos** | Feature-gated scaffold | TBD | Placeholder token mapping + remaining-items plan exist; not a finished public bridge lane | +| **XDC Zero** | Chain 138 ↔ XDC Network | XDC Zero program assets | Parallel to CCIP | +| **OP Stack L2** | Optional future 138 bridge design | TBD | Design notes only; not live | **References:** - [CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION](11-references/CHAINS_AND_PROTOCOLS_BRIDGE_INTEGRATION.md) - [CCIP_CHAIN_SELECTORS](11-references/CCIP_CHAIN_SELECTORS.md) -- docs/07-ccip (Truth, config-ready chains, runbooks) +- [TRUTH_NETWORK_BRIDGE_SPEC](07-ccip/TRUTH_NETWORK_BRIDGE_SPEC.md) +- [TEZOS_CCIP_REMAINING_ITEMS](07-ccip/TEZOS_CCIP_REMAINING_ITEMS.md) +- [CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK](03-deployment/CHAIN138_XDC_ZERO_BRIDGE_RUNBOOK.md) +- [OP_STACK_L2_AND_BESU138_BRIDGE_NOTES](03-deployment/OP_STACK_L2_AND_BESU138_BRIDGE_NOTES.md) --- diff --git a/docs/TODO.md b/docs/TODO.md index bf6b2bab..6e86cdde 100644 --- a/docs/TODO.md +++ b/docs/TODO.md @@ -12,6 +12,7 @@ - Chain 138 settlement rail - FireFly / Fabric / Indy runtime decisions - additional Hyperledger layers such as Aries, AnonCreds, Ursa, Cacti, and Caliper +- **[00-meta/GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md](00-meta/GRU_V2_D3MM_EDGE_AND_PROTOCOL_ASSURANCE_TASKS.md)** — Current GRU v2 rollout tasks for D3MM promotion, public-edge venue expansion, native-token completeness, and protocol-source assurance. ## Subproject TODOs diff --git a/docs/dbis-rail/DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md b/docs/dbis-rail/DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md index 7b920bee..b866665f 100644 --- a/docs/dbis-rail/DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md +++ b/docs/dbis-rail/DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md @@ -92,7 +92,7 @@ Every task below is to be completed; optional items are explicitly marked so pri | C1 | Ensure Phase 0 prerequisites: RPC 2101 writable, deployer funded, .env correct, POOL_MANAGER_ROLE, no stuck txs, forge build, test all contracts before deploy. | [DEPLOYMENT_ORDER_OF_OPERATIONS](../03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md) Phase 0. **Partial:** preflight, run-before-deploy-checks, test-all-contracts exist ([coordination](IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md)). | | C2 | Complete Phase 2 if not done: TransactionMirror, all three PMM pools, register c* as GRU; set addresses in .env. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 2. **Done** per [coordination](IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md). | | C3 | Complete Phase 3: DODOPMMProvider deploy and pool registration; token-aggregation env; optional liquidity and MCP allowlist. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 3. **Done** per [coordination](IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md). | -| C4 | Run on-chain verification: `./scripts/verify/check-contracts-on-chain-138.sh`; target **64/64** when applicable (current script list; includes ISO20022Router). | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 6.1. | +| C4 | Run on-chain verification: `./scripts/verify/check-contracts-on-chain-138.sh`; target **67/67** on the current canonical script list (includes ISO20022Router and the cross-chain flash trio). | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 6.1. | | C5 | Run Blockscout verification: `./scripts/verify/run-contract-verification-with-proxy.sh`; update CONTRACT_ADDRESSES_REFERENCE and LIQUIDITY_POOLS_MASTER_MAP. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 6.2–6.3; R1–R3. | | C6 | Reconcile Multicall vs Oracle Aggregator at `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` on explorer and document in CONTRACT_ADDRESSES_REFERENCE. | CONTRACT_ADDRESSES_REFERENCE note. | @@ -102,7 +102,7 @@ Every task below is to be completed; optional items are explicitly marked so pri | # | Task | Evidence / reference | |---|------|----------------------| -| D1 | Deploy EnhancedSwapRouter (Chain 138) when Uniswap V3 / Balancer pools exist; configure post-deploy. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 4.1; GALATIC_SUMMARY. | +| D1 | Keep router-v2 and the Chain 138 pilot venue layer verified and aligned with publication. | `EnhancedSwapRouterV2` plus funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venues are live. Verify with `bash scripts/verify/check-chain138-pilot-dex-venues.sh`; current status in GALATIC_SUMMARY / PMM_DEX_ROUTING_STATUS. | | D2 | Deploy trustless stack (Lockbox138 + Mainnet): InboxETH, BondManager, etc.; set INBOX_ETH, BOND_MANAGER in config. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 4.2; OPTIONAL_DEPLOYMENTS_START_HERE. | | D3 | CCIP other chains (Gnosis, Celo, Wemix): deploy WETH bridges per chain; add 138↔chain; fund LINK. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 4.3. | | D4 | LINK on Mainnet relay: add LINK support per relay runbook. | DEPLOYMENT_ORDER_OF_OPERATIONS Phase 4.4. | diff --git a/docs/dbis-rail/IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md b/docs/dbis-rail/IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md index 2f92bd15..481b0116 100644 --- a/docs/dbis-rail/IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md +++ b/docs/dbis-rail/IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md @@ -8,10 +8,7 @@ **Transcript reference:** `agent-transcripts/540ae663-7cb4-44f3-bc48-4a1d3ea44d54` (PMM/DEX, tokens, GRU, cW*, deployments). -> Historical note: the PMM addresses recorded in the original transcript are now superseded by the corrected canonical Chain 138 stack: -> `DODOPMMIntegration=0x5BDc62f1ae7D630c37A8B363a1d49845356Ee72d` -> `DODOPMMProvider=0x5CAe6Ce155b7f08D3a956F5Dc82fC9945f29B381` -> Use current canonical references for live operations; keep the transcript addresses only as historical record. +> Historical note (2026-04-05): transcript-era PMM addresses are historical. **Live canonical** stable stack: `DODOPMMIntegration=0x86ADA6Ef91A3B450F89f2b751e93B1b7A3218895`, `DODOPMMProvider=0x3f729632E9553EBacCdE2e9b4c8F2B285b014F2e` ([CONTRACT_ADDRESSES_REFERENCE.md](../11-references/CONTRACT_ADDRESSES_REFERENCE.md)). Intermediate “corrected” rows (`0x5BDc62f1…` / `0x5CAe6Ce1…`) are legacy/supplemental relative to that stack. --- @@ -106,7 +103,7 @@ When implementing from [DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md](DBIS_RAIL | C1 | Partial | Preflight, env, test-all-contracts, run-before-deploy-checks exist; ensure RPC 2101 writable, POOL_MANAGER_ROLE per runbook. | | C2 | Done | TransactionMirror deployed; all three PMM pools created; c* registered as GRU; set-dotenv script and RegisterGRUCompliantTokens run. | | C3 | Done | DODOPMMProvider deployed and pools registered; token-aggregation env; MCP allowlist-138; add-liquidity runbook. | -| C4 | Partial | check-contracts-on-chain-138.sh used; confirm **64/64** (or current count per script) after any new deploy. | +| C4 | Partial | `check-contracts-on-chain-138.sh` used; confirm **67/67** on the current canonical inventory after any new deploy. | | C5 | Partial | Blockscout verification run in transcript; update CONTRACT_ADDRESSES_REFERENCE and LIQUIDITY_POOLS_MASTER_MAP as needed. | | C6 | Open | Reconcile Multicall vs Oracle Aggregator at documented address. | @@ -114,7 +111,7 @@ When implementing from [DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md](DBIS_RAIL | Task | Status | Coordination note | |------|--------|-------------------| -| D1 | Open | EnhancedSwapRouter not deployed; deploy when Uniswap/Balancer on 138. | +| D1 | Closed | `EnhancedSwapRouterV2` is live and the funded pilot-compatible `Uniswap_v3`, `Balancer`, `Curve_3`, and `1inch` venue layer is publicly routable on Chain 138. Keep `bash scripts/verify/check-chain138-pilot-dex-venues.sh` green after venue/publication changes. | | D2 | Open | Trustless stack (InboxETH, BondManager, etc.) not deployed. | | D3 | Open | CCIP other chains per DEPLOYMENT_ORDER. | | D4 | Open | LINK relay support per runbook. | diff --git a/explorer-monorepo b/explorer-monorepo index bdae5a9f..f46bd213 160000 --- a/explorer-monorepo +++ b/explorer-monorepo @@ -1 +1 @@ -Subproject commit bdae5a9f6e8e2a357a4f33f5159045e35ae31ec3 +Subproject commit f46bd213badc9d0ef9e7c0ce87e6f64dc262e70d diff --git a/info-defi-oracle-138/README.md b/info-defi-oracle-138/README.md index 7a3c2021..8fd284b8 100644 --- a/info-defi-oracle-138/README.md +++ b/info-defi-oracle-138/README.md @@ -1,6 +1,6 @@ # info.defi-oracle.io — Chain 138 public hub -Static SPA (Vite + React) for **https://info.defi-oracle.io**: compliant **c\*** tokens, **cW\*** registry (from `cross-chain-pmm-lps/config/deployment-status.json`), live **pools** and **quotes** from the token-aggregation API, **CCIP routing** tables, and wallet **swapExactIn** on `DODOPMMIntegration`. +Static SPA (Vite + React) for **https://info.defi-oracle.io**, aimed at **regulated financial entities** and **payment/settlement** infrastructure (cross-border payments and settlements; **Compliant Digital Assets**—not retail **crypto** positioning). **Governance** (`/governance`): DeFi Oracle, LLC technical architecture; international supervisory governance; DBIS / International Commerce Courts / GRU enforcement narrative. **Ecosystem** (`/ecosystem`), **Documentation** (`/documentation` — public vs authenticated portal), **SolaceNet** (`/solacenet` — capability/policy plane and rails governance, public summary). Features: **c\*** / **cW\***, token-aggregation API, **pools**, **quotes**, **CCIP routing**, **`DODOPMMIntegration`** swaps, **Disclosures**, **Agents** (`llms.txt`, `agent-hints.json`). ## Develop @@ -16,13 +16,14 @@ Open http://localhost:5180 | Variable | Purpose | |----------|---------| -| `VITE_TOKEN_AGGREGATION_API_BASE` | Token-aggregation origin (default `https://dbis-api.d-bis.org`). The client also tries the same host with `/token-aggregation` prefix and `https://explorer.d-bis.org` variants until one returns HTTP 200. | +| `VITE_TOKEN_AGGREGATION_API_BASE` | Optional override for token-aggregation origin. If unset in the browser, the client uses **`{window.location.origin}/token-aggregation`** (nginx on the dedicated info LXC proxies this to Blockscout). Falls back to `https://explorer.d-bis.org/token-aggregation` when `location` is unavailable (tests). Dev server proxies `/token-aggregation` → Blockscout per `vite.config.ts`. | | `VITE_RPC_URL_138` | Chain 138 RPC for wallet / reads (default `https://rpc.defi-oracle.io`) | Example: ```bash -export VITE_TOKEN_AGGREGATION_API_BASE=https://dbis-api.d-bis.org +# Only if you are not using same-origin /token-aggregation on the deploy host: +# export VITE_TOKEN_AGGREGATION_API_BASE=https://explorer.d-bis.org/token-aggregation export VITE_RPC_URL_138=https://rpc.defi-oracle.io pnpm --filter info-defi-oracle-138 build ``` @@ -37,16 +38,33 @@ Output: `info-defi-oracle-138/dist/` — deploy as static files (any CDN, Nginx, ## Deploy `info.defi-oracle.io` -1. **DNS:** Point `info.defi-oracle.io` (A/AAAA or CNAME) to your edge (Cloudflare, NPMplus host, etc.). -2. **TLS:** Issue certificate for `info.defi-oracle.io` (same pattern as `rpc.defi-oracle.io`). -3. **NPMplus (or Nginx):** Proxy host → upstream serving `dist/` with `try_files $uri $uri/ /index.html` for SPA routes. -4. **API:** Ensure `VITE_TOKEN_AGGREGATION_API_BASE` at build time points to a **public** token-aggregation URL that allows browser CORS (service already uses `cors()`). +Use a **dedicated small LXC** for static nginx (default **VMID 2410**, **192.168.11.218** — not ThirdWeb **2400**). From repo root: + +1. `bash scripts/deployment/provision-info-defi-oracle-web-lxc.sh` (once) +2. `bash scripts/deployment/sync-info-defi-oracle-to-vmid2400.sh` (each release) +3. **NPMplus:** `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` (upstream defaults to `IP_INFO_DEFI_ORACLE_WEB`) +4. **DNS / TLS:** See `docs/04-configuration/INFO_DEFI_ORACLE_IO_DEPLOYMENT.md` +5. **API:** Prefer **no** `VITE_TOKEN_AGGREGATION_API_BASE` so the SPA uses same-origin **`/token-aggregation/`** (reverse-proxied on the LXC). Set the variable only for special builds that must call a fixed external API (ensure CORS if cross-origin). See also: `docs/04-configuration/E2E_ENDPOINTS_LIST.md` (dbis-api hosts), `docs/04-configuration/ALL_VMIDS_ENDPOINTS.md` (VMID targets). +## Post-deploy check (public) + +After uploading `dist/` to the edge: + +```bash +bash scripts/verify/check-info-defi-oracle-public.sh +``` + +The script checks SPA routes, agent static files, and **`/token-aggregation/api/v1/networks`**. Use `INFO_SITE_BASE=https://your-staging-host` for non-production URLs. + ## Refreshing cW\* addresses -cW\* tables are **bundled at build** from `cross-chain-pmm-lps/config/deployment-status.json`. Rebuild and redeploy after registry changes. +The Tokens page now prefers the live token-aggregation endpoint `GET /api/v1/report/cw-registry` and only falls back to the bundled registry when that endpoint is unavailable. + +## Gas-native registry + +The Tokens page also prefers the live token-aggregation endpoint `GET /api/v1/report/gas-registry` for gas-family rollout state, including `eth_mainnet` vs `eth_l2`, backing mode, quote symbols, and runtime lane readiness. When that endpoint is unavailable, the site falls back to the bundled rollout metadata derived from repo config. ## Canonical on-chain addresses diff --git a/info-defi-oracle-138/index.html b/info-defi-oracle-138/index.html index 76fdf531..56d9b37b 100644 --- a/info-defi-oracle-138/index.html +++ b/info-defi-oracle-138/index.html @@ -6,9 +6,27 @@ info.defi-oracle.io — Chain 138 + + + + + + + + + https://info.defi-oracle.io/ + https://info.defi-oracle.io/tokens + https://info.defi-oracle.io/pools + https://info.defi-oracle.io/swap + https://info.defi-oracle.io/routing + https://info.defi-oracle.io/governance + https://info.defi-oracle.io/ecosystem + https://info.defi-oracle.io/documentation + https://info.defi-oracle.io/solacenet + https://info.defi-oracle.io/agents + https://info.defi-oracle.io/disclosures + https://info.defi-oracle.io/llms.txt + https://info.defi-oracle.io/agent-hints.json + diff --git a/info-defi-oracle-138/src/App.tsx b/info-defi-oracle-138/src/App.tsx index d5cf23db..db7d87bc 100644 --- a/info-defi-oracle-138/src/App.tsx +++ b/info-defi-oracle-138/src/App.tsx @@ -5,6 +5,12 @@ import { TokensPage } from '@/pages/TokensPage'; import { PoolsPage } from '@/pages/PoolsPage'; import { SwapPage } from '@/pages/SwapPage'; import { RoutingPage } from '@/pages/RoutingPage'; +import { AgentsPage } from '@/pages/AgentsPage'; +import { DisclosuresPage } from '@/pages/DisclosuresPage'; +import { GovernancePage } from '@/pages/GovernancePage'; +import { EcosystemPage } from '@/pages/EcosystemPage'; +import { DocumentationPage } from '@/pages/DocumentationPage'; +import { SolaceNetPage } from '@/pages/SolaceNetPage'; export function App() { return ( @@ -17,6 +23,12 @@ export function App() { } /> } /> } /> + } /> + } /> + } /> + } /> + } /> + } /> } /> diff --git a/info-defi-oracle-138/src/abi/integration.ts b/info-defi-oracle-138/src/abi/integration.ts index 14674c2e..060c0eda 100644 --- a/info-defi-oracle-138/src/abi/integration.ts +++ b/info-defi-oracle-138/src/abi/integration.ts @@ -1,3 +1,47 @@ +/** Minimal DVM / PMM pool surface for on-chain quotes (matches DODOPMMIntegration.sol IDODOPMMPool). */ +export const dodoPmmPoolAbi = [ + { + name: '_BASE_TOKEN_', + type: 'function', + stateMutability: 'view', + inputs: [], + outputs: [{ type: 'address' }], + }, + { + name: '_QUOTE_TOKEN_', + type: 'function', + stateMutability: 'view', + inputs: [], + outputs: [{ type: 'address' }], + }, + { + name: 'querySellBase', + type: 'function', + stateMutability: 'view', + inputs: [ + { name: 'trader', type: 'address' }, + { name: 'payBaseAmount', type: 'uint256' }, + ], + outputs: [ + { name: 'receiveQuoteAmount', type: 'uint256' }, + { name: 'mtFee', type: 'uint256' }, + ], + }, + { + name: 'querySellQuote', + type: 'function', + stateMutability: 'view', + inputs: [ + { name: 'trader', type: 'address' }, + { name: 'payQuoteAmount', type: 'uint256' }, + ], + outputs: [ + { name: 'receiveBaseAmount', type: 'uint256' }, + { name: 'mtFee', type: 'uint256' }, + ], + }, +] as const; + export const dodopmmIntegrationAbi = [ { name: 'swapExactIn', diff --git a/info-defi-oracle-138/src/api/client.ts b/info-defi-oracle-138/src/api/client.ts index 52ca8a49..cf3e073e 100644 --- a/info-defi-oracle-138/src/api/client.ts +++ b/info-defi-oracle-138/src/api/client.ts @@ -1,4 +1,7 @@ -import { TOKEN_AGGREGATION_BASE } from '@/config'; +import { getTokenAggregationBase } from '@/config'; + +/** Direct LAN Blockscout path when page is served over HTTP (no mixed-content risk). */ +const LAN_BLOCKSCOUT_TOKEN_AGGREGATION = 'http://192.168.11.140/token-aggregation'; export class ApiError extends Error { constructor( @@ -10,9 +13,9 @@ export class ApiError extends Error { } } -/** Try primary URL, then /token-aggregation prefix on same origin, then public explorer hosts. */ +/** Try primary (env or same-origin proxy), optional direct LAN IP on http:, then public explorer. */ function aggregationBases(): string[] { - const primary = TOKEN_AGGREGATION_BASE.replace(/\/$/, ''); + const primary = getTokenAggregationBase().replace(/\/$/, ''); let origin = ''; try { origin = new URL(primary).origin; @@ -21,10 +24,16 @@ function aggregationBases(): string[] { } const list = [ primary, - ...(origin ? [`${origin}/token-aggregation`] : []), - 'https://explorer.d-bis.org', - 'https://explorer.d-bis.org/token-aggregation', - ].filter(Boolean); + ...(origin && !primary.includes('/token-aggregation') ? [`${origin}/token-aggregation`] : []), + ]; + if ( + typeof globalThis !== 'undefined' && + 'location' in globalThis && + (globalThis as unknown as { location?: { protocol?: string } }).location?.protocol === 'http:' + ) { + list.push(LAN_BLOCKSCOUT_TOKEN_AGGREGATION); + } + list.push('https://explorer.d-bis.org/token-aggregation'); return [...new Set(list)]; } @@ -32,9 +41,10 @@ export async function fetchApi(path: string): Promise { const p = path.startsWith('/') ? path : `/${path}`; let last: Error | null = null; for (const base of aggregationBases()) { - const url = `${base}${p}`; + const url = new URL(`${base}${p}`); + url.searchParams.set('refresh', '1'); try { - const res = await fetch(url); + const res = await fetch(url.toString(), { cache: 'no-store' }); if (!res.ok) { const text = await res.text().catch(() => ''); last = new ApiError(text || res.statusText, res.status); diff --git a/info-defi-oracle-138/src/api/types.ts b/info-defi-oracle-138/src/api/types.ts index f686e719..1d89d62a 100644 --- a/info-defi-oracle-138/src/api/types.ts +++ b/info-defi-oracle-138/src/api/types.ts @@ -3,6 +3,8 @@ export type TokenRow = { symbol?: string; name?: string; decimals?: number; + currencyCode?: string; + registryFamily?: string; hasDodoPool?: boolean; pmmPool?: string | null; market?: { priceUsd?: string; volume24h?: string; tvl?: string }; @@ -30,6 +32,10 @@ export type QuoteResponse = { amountOut: string | null; poolAddress?: string | null; dexType?: string | null; + executorAddress?: string | null; + /** token-aggregation: `pmm-onchain` when Chain 138 DODO used RPC querySell*; else `constant-product`. */ + /** REST quote path: PMM on-chain when RPC configured; `identity` when tokenIn === tokenOut */ + quoteEngine?: 'constant-product' | 'pmm-onchain' | 'identity' | null; error?: string; }; @@ -59,3 +65,64 @@ export type NetworksResponse = { blockExplorerUrls?: string[]; }>; }; + +export type CwRegistryResponse = { + source: string; + complete: boolean; + version?: string; + updated?: string; + lastModified?: string; + chains: Array<{ + chainId: number; + chainIdText: string; + name: string; + tokens: Array<{ + symbol: string; + address: string; + }>; + }>; +}; + +export type GasRegistryResponse = { + source: string; + complete: boolean; + version?: string; + updated?: string; + lastModified?: string; + chainId?: number; + chainName?: string; + gasAssetFamilies: Array<{ + familyKey: string; + canonicalSymbol138: string; + mirroredSymbol: string; + assetClass?: string; + laneGroup?: string; + backingMode?: string; + redeemPolicy?: string; + wrappedNativeQuoteSymbol?: string; + stableQuoteSymbol?: string; + referenceVenue?: string; + originChains?: Array<{ + chainId: number; + chainName?: string; + canonical?: string; + mirrored?: string; + }>; + }>; + runtimePairs: Array<{ + key: string; + destinationChainId: number; + destinationChainName?: string; + familyKey?: string; + canonicalSymbol?: string; + mirroredSymbol?: string; + wrappedNativeQuoteSymbol?: string; + stableQuoteSymbol?: string; + backingMode?: string; + redeemPolicy?: string; + runtimeReady?: boolean; + supplyInvariantSatisfied?: boolean; + eligibilityBlockers?: string[]; + runtimeMissingRequirements?: string[]; + }>; +}; diff --git a/info-defi-oracle-138/src/components/BridgeTopologyViz.tsx b/info-defi-oracle-138/src/components/BridgeTopologyViz.tsx new file mode 100644 index 00000000..af67e5a1 --- /dev/null +++ b/info-defi-oracle-138/src/components/BridgeTopologyViz.tsx @@ -0,0 +1,207 @@ +import { useId, useMemo, useState } from 'react'; +import type { BridgeRoutesResponse } from '@/api/types'; +import { CHAIN_ID } from '@/config'; + +function parseLabel(label: string): { short: string; chainHint?: string } { + const m = label.match(/^(.+?)\s*\((\d+)\)\s*$/); + if (m) return { short: m[1].trim(), chainHint: m[2] }; + return { short: label }; +} + +type Layer = 'weth9' | 'weth10' | 'trustless'; + +const LAYER_HELP: Record = { + weth9: 'WETH9 destination routers (CCIP)', + weth10: 'WETH10 destination routers (CCIP)', + trustless: 'Trustless lockbox destination routers when present in API payload', +}; + +type Props = { + data?: BridgeRoutesResponse | null; + className?: string; + /** If false, only WETH9 is shown (no tabs). */ + showLayerTabs?: boolean; +}; + +function routeEntries(data: BridgeRoutesResponse | null | undefined, layer: Layer): [string, string][] { + const r = data?.routes; + if (!r) return []; + if (layer === 'trustless') { + const t = r.trustless; + return t && typeof t === 'object' ? Object.entries(t as Record) : []; + } + const m = r[layer]; + return m && typeof m === 'object' ? Object.entries(m as Record) : []; +} + +/** Hub-and-spoke SVG: Chain 138 center; WETH9 / WETH10 / trustless layers via tabs. */ +export function BridgeTopologyViz({ data, className, showLayerTabs = true }: Props) { + const reactId = useId(); + const uid = useMemo(() => reactId.replace(/\W/g, ''), [reactId]); + const [layer, setLayer] = useState('weth9'); + + const activeLayer = showLayerTabs ? layer : 'weth9'; + const entries = routeEntries(data ?? null, activeLayer); + const n = Math.max(entries.length, 1); + const cx = 200; + const cy = 200; + const r = 132; + const hubR = 44; + + const nodes = entries.map((pair, i) => { + const angle = (2 * Math.PI * i) / n - Math.PI / 2; + const x = cx + r * Math.cos(angle); + const y = cy + r * Math.sin(angle); + const { short, chainHint } = parseLabel(pair[0]); + return { key: pair[0], x, y, short, chainHint, full: pair[0] }; + }); + + const gradId = `${uid}-bridge-edge`; + const glowId = `${uid}-hub-glow`; + + return ( +
+
+ Cross-chain topology + {LAYER_HELP[activeLayer]} — hub Chain {CHAIN_ID} +
+ {showLayerTabs && ( +
+ {(['weth9', 'weth10', 'trustless'] as const).map((key) => ( + + ))} +
+ )} + + + + + + + + + + + + + + + + {nodes.map((node) => ( + + ))} + + + + + Chain + + + {CHAIN_ID} + + + {nodes.map((node) => ( + + + + {node.short.length > 14 ? `${node.short.slice(0, 12)}…` : node.short} + + {node.chainHint && ( + + {node.chainHint} + + )} + {node.full} + + ))} + + {entries.length === 0 && ( + + {activeLayer === 'trustless' + ? 'No trustless destinations in this payload' + : 'No route data — API or fallback JSON missing'} + + )} + +
+ ); +} diff --git a/info-defi-oracle-138/src/components/Layout.tsx b/info-defi-oracle-138/src/components/Layout.tsx index 5940e8fe..6b0b022b 100644 --- a/info-defi-oracle-138/src/components/Layout.tsx +++ b/info-defi-oracle-138/src/components/Layout.tsx @@ -1,5 +1,5 @@ -import { NavLink, Outlet } from 'react-router-dom'; -import { CHAIN_ID, EXPLORER_BASE, TOKEN_AGGREGATION_BASE } from '@/config'; +import { Link, NavLink, Outlet } from 'react-router-dom'; +import { CHAIN_ID, EXPLORER_BASE, getTokenAggregationBase } from '@/config'; const linkClass = ({ isActive }: { isActive: boolean }) => (isActive ? 'active' : undefined); @@ -27,13 +27,43 @@ export function Layout() { Routing + + Governance + + + Ecosystem + + + Docs + + + SolaceNet + + + Agents + + + Disclosures + - +
+ +