Files

defiQUG 70a6d66e4d docs(stage2): mark R21 / Sankofa cutover done across 00-meta checklists

- REMAINING_TASKS_BREAKDOWN_MISSING_INFO §2 + step 4
- REMAINING_WORK_BREAKDOWN_AND_ANSWERS Sankofa Q&A + one-line summary
- REMAINING_COMPONENTS R21; operator-only + improvements + checklists

Made-with: Cursor

2026-03-27 15:40:45 -07:00

20 KiB

Raw Blame History

Remaining Components, Tasks, and Recommendations — Master List

Last Updated: 2026-02-13
Purpose: Single list of all remaining components/tasks to complete and all recommendations/suggestions to implement across the repo.

Completed (2026-02-13): OMNIS backend routes; dbis_core Redis/Prometheus/risk/PagerDuty/deal-execution tests; CCIPLogger decision; .bak (BAK_FILES_DEPRECATION); NPMplus HA and storage monitor alerts; deployment gaps; Smart accounts .env.example + runbook; TezosRelayService skeleton.

Completed in this pass (2026-02-12, 2026-02-13)

#	Item	Status
7	app-ethereum README: Document that local build requires BOLOS_SDK; use Docker or CI	✅ Done — note added in ~/projects/app-ethereum/README.md § Compilation
26	Run “from anywhere” checks	✅ Done — `run-completable-tasks-from-anywhere.sh` run: config validation OK, on-chain check 36/36 OK, validation OK, reconcile-env printed
27	Config validation	✅ Done — part of run above
R6	API keys in .env.example	✅ Already placeholders — root and token-aggregation use `your-coingecko-api-key` / `your-coinmarketcap-api-key`
R23 (partial)	Quick wins — add --dry-run	✅ Done — `run-completable-tasks-from-anywhere.sh` now supports `[--dry-run]` (prints four steps only; exit 0). Full run re-executed successfully.
One-liner	Re-run completable script	✅ Done — `./scripts/run-completable-tasks-from-anywhere.sh` and `... --dry-run` both exit 0.
2026-02-13	OMNIS backend (budgets, documents/upload, profile)	✅ Done
2026-02-13	dbis_core (Redis, Prometheus/risk, PagerDuty, deal-execution skipped)	✅ Done
2026-02-13	CCIPLogger decision, .bak BAK_FILES_DEPRECATION, NPMplus/storage alerts	✅ Done
2026-02-13	Deployment gaps, Smart accounts env+runbook, TezosRelayService skeleton	✅ Done
2026-02-13	Master Smart Contracts JSON — config/smart-contracts-master.json; relay + transaction-mirror + state-anchoring load from it; check-contracts-on-chain-138.sh uses JSON when available; .env.example points to master	✅ Done
2026-02-13	Token mapping (138↔Mainnet) — config/token-mapping.json, token-mapping-loader.cjs, relay config, TOKEN_MAPPING_AND_MAINNET_ADDRESSES.md, RELAY_BRIDGE_ADD_LINK_SUPPORT_RUNBOOK.md, CI validation, CHAIN138_TOKEN_ADDRESSES cross-chain section, CONTRACT_ADDRESSES_REFERENCE link	✅ Done

Task 19 (Multicall vs Oracle): Already documented in CONTRACT_ADDRESSES_REFERENCE — operator to verify on explorer and document result.

Still remaining: Ledger/Trust external steps; Blockscout verification (LAN); code placeholders per GAPS; Consensys/CoinGecko outreach; optional Ledger items when they confirm.

👉 For exact steps and answers to complete each remaining item: REMAINING_WORK_BREAKDOWN_AND_ANSWERS.md — prerequisites, who does it, concrete steps, and where to update when done.

Part 1 — Remaining components and tasks

1.1 Wallets (Chain 138)

#	Component / task	Owner / when	Reference
1	Ledger: Await Ledger’s response to Tally form; sign agreement and follow their integration steps	You / when Ledger replies	ADD_CHAIN138_TO_LEDGER_LIVE
2	Ledger: If Ledger asks for PR/code review — push materials from ~/projects/LedgerLive and share with Ledger	You / when Ledger asks	CHAIN138_WALLET_REPOSITORIES
3	Ledger: Execute Step 8 manual test plan (sync, receive, balance, broadcast, operations) once Chain 138 is in Ledger Live	You / after Ledger adds 138	LedgerLive/step-08-manual-tests
4	Trust Wallet: Open PR to trustwallet/wallet-core with registry entry from ~/projects/TrustWallet-Integration; run codegen and derivation tests	You / when ready	ADD_CHAIN138_TO_TRUST_WALLET
5	Trust Wallet (optional): Submit Chain 138 native token logos via assets.trustwallet.com	You / if needed	ADD_CHAIN138_TO_TRUST_WALLET § Optional
6	Chain 138 Snap: Run full E2E (Playwright + MetaMask Flask) when needed; unit tests already pass	Dev / optional	chain138-snap/TESTING_INSTRUCTIONS
7	app-ethereum: Document in README that local build requires `BOLOS_SDK` for contributors	✅ Done (2026-02-12)	CHAIN138_WALLET_PROJECTS_COMPLETION_REVIEW

1.2 Ledger integration — to add when Ledger confirms (LedgerLive repo)

#	Component / task	Action	Reference
8	Tokens (CAL)	After Ledger adds chain: follow Tokens integration; provide Chain 138 token addresses from LedgerLive/docs/CHAIN138_TOKEN_ADDRESSES.md	LedgerLive GAPS § 1
9	Swap (optional)	Only if Ledger/partner supports swap on 138; see Swap integration	GAPS § 2
10	Staking (optional)	Only if Chain 138 has staking and Ledger supports it	GAPS § 3
11	Clear Signing plugin (optional)	For Chain 138–specific contract calls (CCIP, bridge) so device shows human-readable descriptions	GAPS § 4
12	i18n (LLD/LLM)	Add error translation keys when adding currency; copy Ethereum family keys, add Chain 138–specific	GAPS § 5
13	live-common supported currencies	After cloning ledger-live, find where supported currencies are set and add `defi_oracle_meta_mainnet`	GAPS § 6
14	wallet-api	Check if Ethereum family already supports multiple chainIds; add 138 to allowed values if needed	GAPS § 7
15	App-ethereum icon	If Ledger requests network icon, follow Device App Kit deliverables (Icons)	GAPS § 9
16	E2E and integration tests	After integration, add or run E2E/integration tests in ledger-live monorepo for Chain 138	GAPS § 10
17	Confirm with Ledger	Step 6 config shape (e.g. `status: "active"`); Step 7 extend vs new family; Step 4 pubKey vs publicKey	GAPS Summary

1.3 Contracts and operator

#	Component / task	Action	Reference
18	Blockscout source verification	Run from host that can reach Blockscout: `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh`	CONTRACT_NEXT_STEPS § Operator
19	Verify Multicall vs Oracle Aggregator	Check explorer.d-bis.org for `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506`; document which contract is at this slot	CONTRACT_NEXT_STEPS § Operator
20	Periodic on-chain check	Re-run `./scripts/verify/check-contracts-on-chain-138.sh [RPC]` when new contracts are deployed	CONTRACT_NEXT_STEPS § 3.1
21	Optional: trustless bridge	Deploy from `script/bridge/trustless/` if using trustless bridge stack	CONTRACT_NEXT_STEPS § Pending
22	Optional: mainnet/multichain	Deploy to other chains; document addresses per chain	CONTRACT_NEXT_STEPS § Pending
23	Optional: PaymentChannelManager / GenericStateChannelManager	When channel features needed on Mainnet or Chain 138	CONTRACT_NEXT_STEPS § Pending

1.4 MetaMask / Consensys and listings

#	Component / task	Action	Reference
24	Consensys outreach	Continue business development for native Swaps/Bridge support for Chain 138 using CONSENSYS_OUTREACH_PACKAGE	METAMASK_CHAIN138_FEATURE_PARITY
25	CoinGecko / native MetaMask USD	Submit Chain 138 and tokens to CoinGecko (and optionally CMC) so MetaMask shows USD for Chain 138 tokens	Feature parity § 5; COINGECKO_SUBMISSION_GUIDE

1.5 Steps you can complete now (no LAN/VPN)

#	Task	Command / action	Reference
26	Run “from anywhere” checks	`./scripts/run-completable-tasks-from-anywhere.sh`	✅ Done (2026-02-12) — all 4 steps passed
27	Config validation	`./scripts/validation/validate-config-files.sh`	✅ Done (part of #26)
28	Tests	`cd smom-dbis-138 && forge test`; `cd alltra-lifi-settlement && forge test && npm run test:e2e -- --forceExit`	NEXT_STEPS_FOR_YOU § 2
29	Placeholders (code)**	Canonical addresses in token-aggregation; AlltraAdapter fee; smart accounts kit; quote service Fabric chainId; .bak deprecation	REQUIRED_FIXES_UPDATES_GAPS
30	API keys	Sign up at URLs in reports/API_KEYS_REQUIRED.md; add keys to `.env`	NEXT_STEPS_FOR_YOU § 2

Steps from Proxmox / LAN with secrets: When you have SSH to Proxmox (or LAN) and dotenv (PRIVATE_KEY, NPM_PASSWORD, RPC): deploy/verify contracts, backup, create VMs. Full list: STEPS_FROM_PROXMOX_OR_LAN_WITH_SECRETS. Script: ./scripts/run-all-operator-tasks-from-lan.sh [--deploy] [--create-vms]. VM creation runbook: PROXMOX_VM_CREATION_RUNBOOK.

1.6 Code placeholders and TODOs (by project)

See Part 2 and GAPS_AND_RECOMMENDATIONS_CONSOLIDATED for full tables. Summary:

smom-dbis-138: AlltraAdapter fee, smart accounts kit (✅ env + runbook done), EnhancedSwapRouter, DODOPMMProvider, quote service Fabric chainId, TezosRelayService (✅ skeleton done; set TEZOS_MINTER_ADDRESS for real mint).
dbis_core: as4-settlement liquidity limits (future-work comments), arbitrage monitoring/Prometheus (✅ comment; add when stack up), risk-monitor (✅ stub), cache.service (✅ Redis when REDIS_URL), alert.service (✅ PagerDuty), deal-execution integration tests (✅ skipped with ticket).
OMNIS: Sankofa Phoenix SDK, authController token blacklisting, BudgetForm/MilestoneForm/AccountForm API (✅ done), DocumentUpload (✅ done), ProfileEditForm (✅ done), CI/CD and deploy.
the-order (legal-documents): court-efiling, e-signature, document-security.
Other: NPMplus HA alert (✅ done), storage monitor notifications (✅ done), CCIPLogger (✅ decision: omit unless monitoring).

Part 2 — Recommendations and suggestions to implement

2.1 Verification and source of truth (contracts)

#	Recommendation	Action
R1	Verify every deployed contract on Blockscout	Use BLOCKSCOUT_VERIFICATION_GUIDE and Forge Verification Proxy so source is public and matches bytecode.
R2	Single source of truth	Keep CONTRACT_ADDRESSES_REFERENCE and ADDRESS_MATRIX_AND_STATUS updated when new contracts are deployed or deprecated; reconcile duplicate .env entries.
R3	On-chain confirmation	Periodically run on-chain checklist or `check-contracts-on-chain-138.sh`; fix any MISSING/EMPTY.

2.2 Security and secrets

#	Recommendation	Action
R4	Deprecated bridge	Do not use CCIPWETH9Bridge at `0x89dd...`; use only `0x971c...` and set `CCIPWETH9_BRIDGE_CHAIN138` in env.
R5	Secrets	Never commit `.env` or private keys; use MASTER_SECRETS_INVENTORY; rotate any exposed keys.
R6	API keys in .env.example	✅ Done — root and token-aggregation use `your-coingecko-api-key` / `your-coinmarketcap-api-key`. Rotate any keys if they were ever committed.
R7	Access	Restrict deployer key and RPC admin access (RPC_URL_138 = Chain 138 Core) to operators who need them.

2.3 Deployment

#	Recommendation	Action
R8	RPC for deploy (Chain 138)	Set `RPC_URL_138` (Core, e.g. `http://192.168.11.211:8545` or `https://rpc-core.d-bis.org`); run from LAN/VPN if 192.168.11.x not reachable.
R9	Gas	Use `GAS_PRICE=1000000000` (or current network minimum) if min-gas-price errors; see CONTRACT_DEPLOYMENT_RUNBOOK.
R10	Order	Phased core: run 01_DeployCore first, set env, then 02_DeployBridges. alltra-lifi-settlement: deploy MerchantSettlementRegistry before WithdrawalEscrow.
R11	Nonce	If tx stuck, manage nonce explicitly; see DEPLOYMENT_STRATEGY_EVALUATION.

2.4 Documentation and runbooks

#	Recommendation	Action
R12	Runbooks in sync	Keep CONTRACT_DEPLOYMENT_RUNBOOK, BLOCKSCOUT_VERIFICATION_GUIDE, BLOCKSCOUT_FIX_RUNBOOK in sync with scripts and Blockscout URL.
R13	Per-chain addresses	When deploying to mainnet or other chains, document addresses in CONTRACT_ADDRESSES_REFERENCE or chain-specific doc and update ADDRESS_MATRIX_AND_STATUS.

2.5 Automation and CI/CD

#	Recommendation	Action
R14	Verification in pipeline	Run `run-contract-verification-with-proxy.sh` (or Blockscout verification) after deployments when Blockscout is reachable from CI.
R15	Deployment automation	Consider a single script that checks env, deploys, verifies, and updates config (see COMPREHENSIVE_RECOMMENDATIONS § Infrastructure).
R16	Config by environment	Use `.env.development` / `.env.staging` / `.env.production` or JSON configs per chain to avoid mixing addresses.

2.6 Monitoring and operations

#	Recommendation	Action
R17	Event monitoring	Monitor critical bridge/oracle events (e.g. TransferInitiated, TransferCompleted, price updates); see COMPREHENSIVE_RECOMMENDATIONS § Monitoring.
R18	Explorer health	Ensure Blockscout (VMID 5000) is up and `/api` is reachable; see EXPLORER_API_ACCESS and BLOCKSCOUT_FIX_RUNBOOK.

2.7 Testing and quality

#	Recommendation	Action
R19	Test before deploy	Run `forge test` in smom-dbis-138 and alltra-lifi-settlement before deploying; run integration tests where available.
R20	NatSpec	Add NatSpec to public contract functions for better verification and tooling (COMPREHENSIVE_RECOMMENDATIONS § Code Quality).

2.8 Configuration and DNS

#	Recommendation	Action
R21	Sankofa / The Order	Done 2026-03: NPMplus + docs (ALL_VMIDS, RPC_ENDPOINTS_MASTER, SANKOFA_CUTOVER_PLAN v1.1). HAProxy: `provision-order-haproxy-10210.sh`.
R22	Network placeholders	Document or configure blocks #2–#6 in NETWORK_ARCHITECTURE and NETWORK_CONFIGURATION_MASTER when assigned.

2.9 Quick wins (code)

#	Recommendation	Action
R23	Scripts	Add progress indicators; add `--dry-run` to scripts that lack it; extend config validation (see IMPLEMENTATION_CHECKLIST).

2.10 Token mapping (138↔Mainnet)

#	Recommendation	Action
R24	Token mapping source of truth	Keep config/token-mapping.json as single source of truth for Chain 138↔Mainnet token addresses. When adding a new token, update token-mapping.json and optionally CHAIN138_TOKEN_ADDRESSES. See TOKEN_MAPPING_AND_MAINNET_ADDRESSES.

Part 3 — Quick reference (key commands)

Task	Command
Completable from anywhere (all 4 steps)	`./scripts/run-completable-tasks-from-anywhere.sh` [`--dry-run`] — Exit 0 = success (Unix: 0 = OK, non-zero = failure). `--dry-run` prints commands only.
On-chain check (Chain 138)	`./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]`
Blockscout verification	`source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh`
Run completable tasks (no LAN)	`./scripts/run-completable-tasks-from-anywhere.sh`
MetaMask integration test	`cd ~/projects/metamask-integration && bash scripts/test-metamask-integration.sh`
Chain 138 Snap unit tests	`cd proxmox/metamask-integration/chain138-snap && pnpm run test`
Ledger manual checklist	`bash ~/projects/LedgerLive/step-08-manual-tests/run-checklist.sh`

Part 4 — References (source docs)

Doc	Content
BLITZKRIEG_SUPER_PRO_MAX_MASTER_PLAN	Single-path execution spine (Steps 0–19); §2 three-column flow, §3 trail, §5 recommendations
BLITZKRIEG_SOURCE_DOCUMENT_INDEX	Where to update when completed — full table of source docs and when to update each
NEXT_STEPS_FOR_YOU	What you need to do next (no infra)
CONTRACT_NEXT_STEPS_AND_RECOMMENDATIONS_COMPLETE	Contract operator actions, recommendations (Part 3), commands
GAPS_AND_RECOMMENDATIONS_CONSOLIDATED	Security, config, code placeholders, TODOs by project
LedgerLive GAPS_AND_MISSING_INTEGRATIONS	Ledger tokens, swap, staking, Clear Signing, i18n, E2E
CHAIN138_WALLET_PROJECTS_COMPLETION_REVIEW	Wallet projects test status and recommendations
PLACEHOLDERS_AND_COMPLETION_MASTER_LIST	Single list: all placeholders + what to complete
REQUIRED_FIXES_UPDATES_GAPS	Placeholders and required fixes
PLACEHOLDERS_AND_TBD	Placeholder list
CONTRACT_NEXT_STEPS_LIST	Single checklist (all items)
RECOMMENDATIONS_AND_SUGGESTIONS	Documentation, testing, automation
REMAINING_WORK_BREAKDOWN_AND_ANSWERS	Per-item breakdown: prerequisites, owner, steps to complete, where to update

20 KiB Raw Blame History Unescape Escape