# Configuration & Setup

**Last Updated:** 2026-01-31  
**Document Version:** 1.0  
**Status:** Active Documentation

---

This directory contains setup and configuration guides.

**Master documentation (source of truth for URLs/VMIDs):** [MASTER_DOCUMENTATION_INDEX.md](../00-meta/MASTER_DOCUMENTATION_INDEX.md) — Use [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md) and [RPC_ENDPOINTS_MASTER.md](RPC_ENDPOINTS_MASTER.md) as the Bible when fixing placeholders or domain → VMID:port; only explorer.d-bis.org → 192.168.11.140.

**Current GRU V2 docs:** [GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md), [GRU_V2_IPFS_METADATA_RUNBOOK.md](GRU_V2_IPFS_METADATA_RUNBOOK.md), [GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md), and [THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md](THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md)

## Documents

- **[MCP_SETUP.md](MCP_SETUP.md)** ⭐⭐ - MCP Server configuration for Claude Desktop
- **[WORMHOLE_AI_RESOURCES_LLM_PLAYBOOK.md](WORMHOLE_AI_RESOURCES_LLM_PLAYBOOK.md)** — Wormhole AI doc bundles: URLs, tier ladder, Chain 138 vs Wormhole boundary, mirror script, MCP
- **[WORMHOLE_AI_RESOURCES_RAG.md](WORMHOLE_AI_RESOURCES_RAG.md)** — RAG / chunking strategy for `llms-full.jsonl` (category-first)
- **[naming-conventions/](naming-conventions/)** — UTRNF / GRU / Chain 138 symbol and registry naming (`01`–`04`, schema + examples; `scripts/validation/validate-naming-convention-registry-examples.sh` with `check-jsonschema`)
- **[ENV_STANDARDIZATION.md](ENV_STANDARDIZATION.md)** ⭐⭐ - Environment variable standardization
- **[CREDENTIALS_CONFIGURED.md](CREDENTIALS_CONFIGURED.md)** ⭐ - Credentials configuration guide
- **[SECRETS_KEYS_CONFIGURATION.md](SECRETS_KEYS_CONFIGURATION.md)** ⭐⭐ - Secrets and keys management
- **[SSH_SETUP.md](SSH_SETUP.md)** ⭐ - SSH key setup and configuration
- **[FINALIZE_TOKEN.md](FINALIZE_TOKEN.md)** ⭐ - Token finalization guide
- **[cloudflare/](cloudflare)** ⭐⭐⭐ - Cloudflare configuration documentation
- **[CLOUDFLARE_CREDENTIALS_BOTH_METHODS.md](CLOUDFLARE_CREDENTIALS_BOTH_METHODS.md)** ⭐⭐ - API token vs email+key; Certbot one method per file
- **[NPMPLUS_CERTBOT_CLOUDNS_CREDENTIALS.md](NPMPLUS_CERTBOT_CLOUDNS_CREDENTIALS.md)** ⭐ - ClouDNS credentials from .env for NPMplus Certbot DNS challenge
- **[NPMPLUS_PROXY_HOSTS_SNAPSHOT_2026-03.md](NPMPLUS_PROXY_HOSTS_SNAPSHOT_2026-03.md)** - Snapshot of NPMplus proxy destinations (IP:port) and VMID mapping (March 2026)
- **[NPMPLUS_CUSTOM_NGINX_CONFIG.md](NPMPLUS_CUSTOM_NGINX_CONFIG.md)** - NPMplus custom config: proxy variables, security headers (CSP with unsafe-eval for ethers.js), and caveat (do not add `location '/'`)
- **[NPMPLUS_UI_APIERROR_400_RUNBOOK.md](NPMPLUS_UI_APIERROR_400_RUNBOOK.md)** - NPMplus UI ApiError 400 on dashboard load: find failing request, test API with curl, logs, fixes
- **[E2E_DNS_FROM_LAN_RUNBOOK.md](E2E_DNS_FROM_LAN_RUNBOOK.md)** - Run E2E domain sweep from LAN when public DNS is unavailable: /etc/hosts option, DNS path, or bastion
- **[E2E_ENDPOINTS_LIST.md](E2E_ENDPOINTS_LIST.md)** - All E2E verification endpoints (domain, type, URL); list from CLI: `./scripts/verify/verify-end-to-end-routing.sh --list-endpoints --profile=public`
- **[GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md](GITEA_PLATFORM_AND_UPGRADE_RUNBOOK.md)** — Gitea as org forge (VMID 104), NPMplus, binary upgrades, `scripts/operator/upgrade-gitea-lxc.sh`
- **[GITEA_IP_CONFLICT_CHECK.md](GITEA_IP_CONFLICT_CHECK.md)** — Gitea IP (.31) vs other VMIDs; `IP_GITEA_INFRA` notes
- **[INFO_DEFI_ORACLE_IO_DEPLOYMENT.md](INFO_DEFI_ORACLE_IO_DEPLOYMENT.md)** - **`info.defi-oracle.io`** Chain 138 hub SPA (incl. `/governance`, `/ecosystem`, `/documentation`, `/solacenet`, `/disclosures`, agents): VMID **2410**, nginx **`/token-aggregation/`** proxy, `sync-info-defi-oracle-to-vmid2400.sh`, NPMplus, Cloudflare DNS (`set-info-defi-oracle-dns-to-vmid2400-tunnel.sh`), `purge-info-defi-oracle-cache.sh`, `pnpm run verify:info-defi-oracle-public`, CI `info-defi-oracle-138.yml` + `verify-info-defi-oracle-public.yml`, optional `pnpm run audit:info-defi-oracle-site`
- **[MEV_CONTROL_DEFI_ORACLE_IO_DEPLOYMENT.md](MEV_CONTROL_DEFI_ORACLE_IO_DEPLOYMENT.md)** — **`mev.defi-oracle.io`** MEV Control GUI (`MEV_Bot/mev-platform/gui`): `sync-mev-control-gui-defi-oracle.sh`, nginx `/api` → mev-admin-api, NPMplus + `set-mev-defi-oracle-dns.sh`
- **[MEV_CONTROL_LAN_BRINGUP_CHECKLIST.md](MEV_CONTROL_LAN_BRINGUP_CHECKLIST.md)** — concrete LAN operator checklist for the full MEV Control stack with **public GUI on CT `2410`** and a **dedicated backend CT on `r630-04`**: CT provisioning, env file, Docker infra, systemd units, migrations, supervisor, admin API, pipeline bring-up order, and public cutover verification
- **[MEV_CONTROL_COMPLETION_PUNCHLIST.md](MEV_CONTROL_COMPLETION_PUNCHLIST.md)** — live inventory of what is complete, partial, missing, stale-doc, or still needs validation for the MEV Control stack
- **[MEV_EXECUTION_VALUE_SOURCES_AND_READINESS.md](MEV_EXECUTION_VALUE_SOURCES_AND_READINESS.md)** — source-of-truth for which execution-critical values are already known, which are still missing, where they should come from, and how to verify readiness before promotion
- **[SOLACENET_PUBLIC_HUB.md](SOLACENET_PUBLIC_HUB.md)** — Public **SolaceNet** page (`/solacenet`) on the info hub plus `dbis_core/docs/solacenet/` markdown map
- **[PROXMOX_LOAD_BALANCING_RUNBOOK.md](PROXMOX_LOAD_BALANCING_RUNBOOK.md)** - Balance Proxmox load: migrate containers from r630-01 to r630-02/ml110; candidates, script, cluster vs backup/restore
- **[PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md](PROXMOX_ADD_THIRD_FOURTH_R630_DECISION.md)** - Add 3rd/4th R630 before migration? r630-03/04 status, HA/Ceph (3–4 nodes), order of operations
- **[ER605_ROUTER_CONFIGURATION.md](ER605_ROUTER_CONFIGURATION.md)** ⭐⭐ - ER605 router configuration
- **Omada (TP-Link) retired (2026-04-04):** VMID 103 removed from Proxmox. Historical docs: [OMADA_API_SETUP.md](OMADA_API_SETUP.md), [OMADA_HARDWARE_CONFIGURATION_REVIEW.md](OMADA_HARDWARE_CONFIGURATION_REVIEW.md).
- **[UNIFI_API_SETUP.md](UNIFI_API_SETUP.md)** ⭐⭐ - UniFi Local API integration setup
- **[SITE_MANAGER_API_SETUP.md](SITE_MANAGER_API_SETUP.md)** ⭐⭐ - UniFi Site Manager Cloud API integration setup
- **[UNIFI_API_COMPARISON.md](UNIFI_API_COMPARISON.md)** ⭐⭐ - Comparison guide for all UniFi API types
- **[UNIFI_ENDPOINTS_REFERENCE.md](UNIFI_ENDPOINTS_REFERENCE.md)** ⭐⭐ - UniFi Local API endpoints reference
- **[UNIFI_CONFIGURATION_STATUS.md](UNIFI_CONFIGURATION_STATUS.md)** ⭐ - UniFi UDM Pro configuration status and API availability
- **[UDM_PRO_STATUS.md](UDM_PRO_STATUS.md)** ⭐⭐⭐ - **Single source of truth** for UDM Pro configuration status (completed/remaining tasks, progress tracking, key identifiers)
- **[UDM_PRO_CONFIGURATION_CHECKLIST.md](UDM_PRO_CONFIGURATION_CHECKLIST.md)** ⭐⭐⭐ - Complete UDM Pro configuration checklist (35 tasks)
- **[UDM_PRO_API_ENDPOINT_EXPLORATION.md](UDM_PRO_API_ENDPOINT_EXPLORATION.md)** ⭐⭐ - API endpoint exploration and availability testing
- **[UDM_PRO_API_FIREWALL_ENDPOINTS.md](UDM_PRO_API_FIREWALL_ENDPOINTS.md)** ⭐⭐⭐ - Firewall/ACL API endpoints documentation and configuration examples
- **[UDM_PRO_FIREWALL_API_LIMITATIONS.md](UDM_PRO_FIREWALL_API_LIMITATIONS.md)** ⭐⭐ - Firewall API limitations and workarounds
- **[UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md)** ⭐⭐⭐ - Manual firewall configuration guide for complex rules
- **[UDM_PRO_COMPLETE_MANUAL_GUIDE.md](UDM_PRO_COMPLETE_MANUAL_GUIDE.md)** ⭐⭐⭐ - Complete manual configuration guide (all remaining tasks)
- **[UDM_PRO_DHCP_RESERVATIONS_GUIDE.md](UDM_PRO_DHCP_RESERVATIONS_GUIDE.md)** ⭐⭐⭐ - DHCP static IP reservations configuration guide
- **[UDM_PRO_PORT_PROFILES_GUIDE.md](UDM_PRO_PORT_PROFILES_GUIDE.md)** ⭐⭐⭐ - Port profiles and VLAN trunking configuration guide
- **[UDM_PRO_SYSTEM_SETTINGS_GUIDE.md](UDM_PRO_SYSTEM_SETTINGS_GUIDE.md)** ⭐⭐ - System settings configuration guide (hostname, timezone, NTP, backups)
- **[UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md)** ⭐⭐⭐ - Manual firewall configuration guide (sovereign tenant isolation)
- **[cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md](cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md)** ⭐⭐ - Cloudflare Zero Trust integration
- **[cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md](cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md)** ⭐⭐⭐ - Mapping Cloudflare DNS to Proxmox LXC containers
- **[cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md](cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md)** ⭐⭐⭐ - DNS configuration for Mail, RPC/public surfaces, and Solace-era service records. Some entries are historical; confirm live RPC targets in [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md) and [RPC_ENDPOINTS_MASTER.md](RPC_ENDPOINTS_MASTER.md).

- **Fireblocks Web3:** Submodule **[fireblocks-integration/](../fireblocks-integration/)** (Gitea: [d-bis/fireblocks-integration](https://gitea.d-bis.org/d-bis/fireblocks-integration)) — Dedicated RPC (VMID 2301), Console/SDK docs, `.env.example`. In-repo copy: [FIREBLOCKS_WEB3_INTEGRATION.md](FIREBLOCKS_WEB3_INTEGRATION.md) (operator/hosting ref).

**Price feed (MetaMask and all wallets):**
- **[PRICE_FEED_CHAIN138_METAMASK_AND_WALLETS.md](PRICE_FEED_CHAIN138_METAMASK_AND_WALLETS.md)** ⭐⭐⭐ - **Single reference** for adding Chain 138 USD prices to MetaMask and wallets: CoinGecko, CMC, Consensys outreach, on-chain oracle, Snap workaround.
- **[CHAIN138_PRICING_FEEDS_LIVE.md](CHAIN138_PRICING_FEEDS_LIVE.md)** — On-chain feed matrix (WETH mock, D3Oracle, ReserveSystem) and `fix-chain138-pricing-feeds.sh` operator repair.
- **[CHAIN138_EXTERNAL_LISTINGS_AND_REMAINING_FIXES.md](CHAIN138_EXTERNAL_LISTINGS_AND_REMAINING_FIXES.md)** — Operator fixes vs **CoinGecko / CMC / MetaMask** listing prerequisites and post-listing doc updates.

**Explorer tokens and GRU:**
- **[naming-conventions/README.md](naming-conventions/README.md)** — UTRNF token-role grammar, DBIS `c*` / `cW*` vs UTRNF collision matrix, bridge naming, registry JSON fields (Chain 138 + cross-chain); optional schema + examples validated by `scripts/validation/validate-naming-convention-registry-examples.sh` when `check-jsonschema` is installed.
- **[EXPLORER_TOKENS_GRU_POLICY.md](EXPLORER_TOKENS_GRU_POLICY.md)** ⭐⭐ - Policy: all c* tokens on [explorer.d-bis.org/tokens](https://explorer.d-bis.org/tokens) must be registered as GRU; token list and registration steps.
- **[GRU_REFERENCE_PRIMACY_AND_MESH_EXECUTION_MODEL.md](GRU_REFERENCE_PRIMACY_AND_MESH_EXECUTION_MODEL.md)** — Reference-first GRU/XDR vs public PMM mesh; integration map and implementation checklist (not shadow FX).
- **[C_TO_CW_MAPPER_MAPPING.md](C_TO_CW_MAPPER_MAPPING.md)** ⭐⭐ - c* → cW* mapping for mapper: symbol mapping and per-chain address mapping in `config/token-mapping-multichain.json`.

**DEX and aggregators (Chain 138 tokens and routing):**
- **[DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md](DEX_AND_AGGREGATORS_CHAIN138_EXPLAINER.md)** ⭐⭐⭐ - Using DEX and aggregators with Chain 138 coins/tokens; routing for DEXs; token-aggregation API, DODO PMM, swap–bridge–swap flows.
- **[CHAIN138_NATIVE_DODO_READ_SURFACE_VERIFIER.md](CHAIN138_NATIVE_DODO_READ_SURFACE_VERIFIER.md)** — Native DODO PMM / D3MM read-surface verifier for Chain 138 (`getVaultReserve`, `getPMMStateForCall`, `getTokenReserve`, `querySellTokens`)
- **[MEV_CHAIN138_LIVE_SMOKE_PACK.md](MEV_CHAIN138_LIVE_SMOKE_PACK.md)** — One-command public + native smoke pack for Chain 138 MEV health, freshness, venue coverage, pools, reserve state, and native DODO reads

**Chain 138 / Wallets (overview first; all repos in ~/projects/):**
- **[CHAIN138_WALLET_REPOSITORIES.md](CHAIN138_WALLET_REPOSITORIES.md)** ⭐⭐⭐ - **Canonical layout:** metamask-integration, LedgerLive, app-ethereum, TrustWallet-Integration each in `~/projects/`. All items **Yes / Completed.**
- **[CHAIN138_WALLET_ECOSYSTEM_AND_RATIONALE.md](CHAIN138_WALLET_ECOSYSTEM_AND_RATIONALE.md)** ⭐⭐⭐ - **Why** we have the MetaMask Snap, **why** we need Ledger Live when we already use App-Ethereum, Trust Wallet support; links to all wallet docs.
- **[ADD_CHAIN138_TO_LEDGER_LIVE.md](ADD_CHAIN138_TO_LEDGER_LIVE.md)** ⭐⭐ - Add Defi Oracle Meta Mainnet (Chain 138) to Ledger Live (request + materials).
- **[ADD_CHAIN138_TO_TRUST_WALLET.md](ADD_CHAIN138_TO_TRUST_WALLET.md)** ⭐⭐ - Add Chain 138 to Trust Wallet (user manual add via Chainlist; official Wallet Core PR steps; materials in ~/projects/TrustWallet-Integration).
- **[CHAIN138_WALLET_PROJECTS_COMPLETION_REVIEW.md](CHAIN138_WALLET_PROJECTS_COMPLETION_REVIEW.md)** ⭐⭐ - **Completion and test review:** all four projects verified; MetaMask E2E 7/7 + Snap unit tests pass; Ledger/app-ethereum/Trust status.

**Decision tree (which VLAN, service, deployment path):** [CONFIGURATION_DECISION_TREE.md](CONFIGURATION_DECISION_TREE.md) (local); canonical version with deployment paths: [../10-best-practices/CONFIGURATION_DECISION_TREE.md](../10-best-practices/CONFIGURATION_DECISION_TREE.md).

- **[FIXES_PREPARED.md](FIXES_PREPARED.md)** ⭐⭐⭐ - Single checklist of all fixes (required + optional) with copy-paste commands: UDM Pro Alltra/HYBX port forward, Alltra/HYBX 502 diagnosis, NPMplus certs, Explorer SSL, shellcheck, verification re-run.
- **[FULL_FIXES_PREPARED.md](FULL_FIXES_PREPARED.md)** ⭐⭐⭐ - Historical consolidated fixes snapshot from the migration/remediation window. Useful as execution history, not as the current fleet/task list.

**Smart contracts & ISO-20022 / Fin messaging:**
- **[SMART_CONTRACTS_ISO20022_FIN_METHODOLOGY.md](SMART_CONTRACTS_ISO20022_FIN_METHODOLOGY.md)** ⭐⭐⭐ - Methodology for smart contracts to accept ISO-20022 and SWIFT Fin messages: canonical format, mapping, validation, and contract interface.
- **[ISO20022_INTAKE_GATEWAY_CONTRACT_MULTI_NETWORK.md](ISO20022_INTAKE_GATEWAY_CONTRACT_MULTI_NETWORK.md)** ⭐⭐⭐ - How the intake/gateway contract receives ISO messages on different blockchain networks: relayer vs cross-chain (CCIP), same address (CREATE2), per-chain config.
- **[GRU_M00_DIAMOND_INSTITUTIONAL_SPEC.md](GRU_M00_DIAMOND_INSTITUTIONAL_SPEC.md)** ⭐⭐⭐ - GRU M00 Diamond institutional spec (§1–§8): topology, storage, facets, governance, markets, Pattern A/B, minimum checklist; token model A and Pattern A locked.
- **[GRU_M00_DIAMOND_FACET_MAP.md](GRU_M00_DIAMOND_FACET_MAP.md)** ⭐⭐⭐ - GRU M00 Diamond (ERC-2535) Token Factory: facet map, storage namespaces, governance levels 0–5, canonical symbol grammar (c/a/d, W rules). Whitepaper-ready.
- **[GRU_M00_DIAMOND_REVIEW_GAPS_AND_RECOMMENDATIONS.md](GRU_M00_DIAMOND_REVIEW_GAPS_AND_RECOMMENDATIONS.md)** ⭐⭐⭐ - Detailed review: missing components, functional wire-ins, naming alignment (a/d vs ac/vdc/sdc), checklist and recommendations.
- **[GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md](GRU_C_STAR_V2_STANDARDS_MATRIX_AND_IMPLEMENTATION_PLAN.md)** ⭐⭐⭐ - Concrete standards matrix and phased implementation plan for canonical `c* V2` tokens: x402 readiness, ERC-2612/ERC-3009, wrapper/vault boundaries, GRU M00 facet mapping, migration, and acceptance gates.
- **[GRU_V2_CHAIN138_READINESS.md](GRU_V2_CHAIN138_READINESS.md)** ⭐⭐⭐ - Live Chain 138 promotion gate for the deployed `cUSDT V2` / `cUSDC V2` assets: registry activation, versioning, `forwardCanonical`, and governance/supervision metadata ABI.
- **[THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md](THIRDWEB_ACCOUNT_ABSTRACTION_SUPPORT.md)** ⭐⭐⭐ - Repo execution policy for Thirdweb `ERC-4337`, `EIP-7702`, sponsorship, and x402 on Chain 138 and Mainnet, backed by a machine-readable matrix and verifier.
- **[GRU_STANDARDS_PROFILE.md](GRU_STANDARDS_PROFILE.md)** ⭐⭐⭐ - Machine-readable standards profile for canonical `c* V2`, mirrored `cW*`, x402 capability, governance/policy layers, and the broader ISO-4217-plus asset scope.
- **[GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md](GRU_FX_CURRENCY_ONBOARDING_CHECKLIST.md)** ⭐⭐⭐ - End-to-end checklist for creating and fully attaching a new FX `c*` currency into GRU, explorer metadata, transport, reserve policy, and routing.
- **[GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md](GRU_GLOBAL_PRIORITY_CROSS_CHAIN_ROLLOUT.md)** ⭐⭐⭐ - Tiered rollout plan for globally important fiat, commodity, and monetary-unit assets that may be deployed as canonical `c*` on Chain 138 and mirrored as `cW*` on destination chains.
- **[`../../config/gru-standards-profile.json`](../../config/gru-standards-profile.json)** ⭐⭐⭐ - Machine-readable source of truth for the repo-wide x402, EIP/ERC, transport, and governance standards that apply to GRU monetary assets.
- **[`../../config/gru-iso4217-currency-manifest.json`](../../config/gru-iso4217-currency-manifest.json)** ⭐⭐⭐ - Machine-readable canonical manifest for the supported GRU ISO-4217 and commodity currency set, including deployment, transport, and x402 lifecycle state.
- **[`../../config/gru-global-priority-currency-rollout.json`](../../config/gru-global-priority-currency-rollout.json)** ⭐⭐ - Machine-readable rollout queue for the ranked global-priority currency set; use with `scripts/verify/check-gru-global-priority-rollout.sh` before promoting new assets into the live manifest.
- **[GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md](GRU_STORAGE_GOVERNANCE_AND_SUPERVISION_STANDARD.md)** ⭐⭐⭐ - Storage namespaces, jurisdiction-aware governance review, supervision metadata, and upgrade notice periods (narrative companion to the governance supervision profile).
- **[`../../config/gru-governance-supervision-profile.json`](../../config/gru-governance-supervision-profile.json)** ⭐⭐⭐ - Machine-readable governance and supervision profile (roles, required asset metadata, references into standards profile and storage standard).
- **[GRU_M00_DIAMOND_DOCS_REVIEW_GAPS_AND_INCONSISTENCIES.md](GRU_M00_DIAMOND_DOCS_REVIEW_GAPS_AND_INCONSISTENCIES.md)** ⭐⭐ - Review of all GRU M00 Diamond docs: missing refs, link consistency, terminology, and follow-up list.
- **[DBIS Rail Technical Spec v1](../dbis-rail/DBIS_RAIL_TECHNICAL_SPEC_V1.md)** ⭐⭐⭐ - Bank-rail settlement and GRU mint orchestration on Chain 138: RootRegistry, ParticipantRegistry, SignerRegistry, SettlementRouter, GRU_MintController, MintAuth lifecycle, EIP-712 signer quorum (3-of-5), replay protection, and audit events.
- **[DBIS Rail Rulebook v1](../dbis-rail/DBIS_RAIL_RULEBOOK_V1.md)** ⭐⭐⭐ - Operational and compliance policy: good funds matrix, finality triggers per rail (wire/ACH/cash/internal), accounting sequence and deterministic accountingRef, MintAuth preconditions, reversal and exception handling, signer revocation timing, incident controls, audit and reporting standards.
- **[DBIS Rail Security Threat Model v1](../dbis-rail/DBIS_RAIL_SECURITY_THREAT_MODEL_V1.md)** ⭐⭐⭐ - Trust boundaries, authorization/ledger/router/mint/validator/off-chain threat categories, severity classification, mitigations, residual risk, versioning and review cycle.
- **[DBIS Rail Regulator-Facing Brief v1](../dbis-rail/DBIS_RAIL_REGULATOR_BRIEF_V1.md)** ⭐⭐⭐ - Institutional narrative for banks, examiners, counsel, risk committees: overview, governance, settlement lifecycle, good funds and finality, controls, risk posture, audit, residual risk disclosure, amendment process.
- **[DBIS Rail Audit Readiness Checklist v1](../dbis-rail/DBIS_RAIL_AUDIT_READINESS_CHECKLIST_V1.md)** ⭐⭐⭐ - Pre-audit control verification: mint path, authorization, signer governance, accounting/evidence, router controls, validator layer, emergency controls, documentation integrity.
- **[DBIS Rail Audit Readiness Results v1](../dbis-rail/DBIS_RAIL_AUDIT_READINESS_RESULTS_V1.md)** ⭐⭐ - Baseline checklist run: status per section, gaps, and prioritized remediation (rail contracts, mint path lock, tests, ops).
- **[DBIS Rail Control Mapping v1](../dbis-rail/DBIS_RAIL_CONTROL_MAPPING_V1.md)** ⭐⭐ - Control IDs mapped to checklist, Spec, Rulebook, and Threat Model for audit and SOC 2 / ISO 27001 alignment.
- **[DBIS Rail and Project Completion Master v1](../dbis-rail/DBIS_RAIL_AND_PROJECT_COMPLETION_MASTER_V1.md)** ⭐⭐ - Project and deployment status; full task list (required and optional) for DBIS Rail and project completion.
- **[Implementation coordination (transcript 540ae663)](../dbis-rail/IMPLEMENTATION_COORDINATION_WITH_TRANSCRIPT_540AE663.md)** ⭐⭐ - Coordinate implementations with PMM/DEX, tokens, GRU, cW*, deployments; maps Completion Master tasks to done/partial/open.
- **[../../config/dbis-institutional/README.md](../../config/dbis-institutional/README.md)** — JSON Schemas and examples: settlement events, address registry (LEI, IBAN, ISIN, ENS, WEB3-ETH-IBAN, Blockscout hints); narrative: [OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md](../03-deployment/OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md). Identifier policy (Chain 138 as SWIFT replacement, UETR hybrid): [OJK_BI_AUDIT_JVMTM_REMEDIATION_AND_UETR_POLICY.md](../03-deployment/OJK_BI_AUDIT_JVMTM_REMEDIATION_AND_UETR_POLICY.md).
- **[DBIS Rail Ledger Attestation Add-On v1.5](../dbis-rail/DBIS_RAIL_LEDGER_ATTESTATION_ADDON_V1_5.md)** ⭐⭐ - LPA state machine, reversal matrix, signer effectiveFromBlock/revokedAtBlock mandatory.
- **[DBIS Rail Conversion Router Spec v1.5](../dbis-rail/DBIS_RAIL_CONVERSION_ROUTER_SPEC_V1_5.md)** ⭐⭐ - SwapAuth, best execution/MEV, quote provenance, venue allowlist, sanctions/AML for swaps.
- **[DBIS Rail Stablecoin Policy v1.5](../dbis-rail/DBIS_RAIL_STABLECOIN_POLICY_V1_5.md)** ⭐⭐ - Canonical stablecoin definition, registry, routing and monitoring.
- **[DBIS Rail Hash Canonicalization and Test Vectors v1.5](../dbis-rail/DBIS_RAIL_HASH_CANONICALIZATION_AND_TEST_VECTORS_V1_5.md)** ⭐⭐ - LEB/LPA/ISO schemas, canonicalization rules, test vectors.

**Mainnet liquidity & ramps (priority):**
- **[MAINNET_RAMP_USER_FLOWS.md](MAINNET_RAMP_USER_FLOWS.md)** ⭐⭐ - On-ramp (buy on mainnet → bridge to 138) and off-ramp (138→mainnet → sell) user flows. Companion/dApp link target.
- **Priority plan:** [MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md](../00-meta/MAINNET_LIQUIDITY_AND_RAMPS_PRIORITY.md) - Obtain liquid on mainnet (fund LP + relay bridge), then wire off/on-ramps.
- **[BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md](BTC_SETTLEMENT_CHANGELLY_ATOMIC_PATHWAYS.md)** — Chain 138 → native BTC via **Changelly** (partner API) or **Atomic Wallet** (user swap); companion config [`config/btc-settlement-pathways.json`](../../config/btc-settlement-pathways.json).

**Explorer (explorer.d-bis.org):**
- **[EXPLORER_FUNCTIONALITY_REVIEW.md](EXPLORER_FUNCTIONALITY_REVIEW.md)** - Routes, API URLs, contract verification, Snap send HTTPS.
- **[EXPLORER_GAPS_AND_RECOMMENDATIONS.md](EXPLORER_GAPS_AND_RECOMMENDATIONS.md)** - Loading on all pages, bridge/lanes, **Verify & Publish** (UI) and batch verification (Forge + proxy), user/API key issuance, operator checklist.
- **[EXPLORER_WALLET_LINK_QUICK_WIN.md](EXPLORER_WALLET_LINK_QUICK_WIN.md)** — Add Wallet link to explorer navbar (quick win runbook)
- **[EXPLORER_TROUBLESHOOTING.md](EXPLORER_TROUBLESHOOTING.md)** - SSL, NPMplus, 502/verification failures, common errors.
- **Contract verification (Forge + Blockscout):** [../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md) — proxy, manual UI, 502/HTML troubleshooting.

## Quick Reference

**Initial Setup:**
1. MCP_SETUP.md - Configure MCP Server
2. ENV_STANDARDIZATION.md - Standardize environment variables
3. CREDENTIALS_CONFIGURED.md - Configure credentials

**Network Configuration:**
1. **Edge:** UDM Pro (76.53.10.34, replaced ER605). Port forward 76.53.10.36:80/443 → 192.168.11.167 (NPMplus). Proxmox hosts: 192.168.11.10–12. NPMplus: .166 and .167; only .167 in UDM Pro. See [../11-references/NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md).
2. ER605_ROUTER_CONFIGURATION.md - ER605 reference (replaced by UDM Pro)
3. CLOUDFLARE_ZERO_TRUST_GUIDE.md - Set up Cloudflare Zero Trust

## Related Documentation

- **[../01-getting-started/](../01-getting-started/)** - Getting started
- **[../02-architecture/](../02-architecture/)** - Architecture reference
- **[../05-network/](../05-network/)** - Network infrastructure