3.9 KiB
name, description, metadata
| name | description | metadata | ||||
|---|---|---|---|---|---|---|
| alpha-hardening-navigation | Where the alpha-hardening plan lives, locked design decisions, and implementation order |
|
Active workstream (started 2026-07-04): alpha hardening of the money/trust path. Full handoff at /mnt/c/Users/popov/Downloads/neuron-tai-alpha-handoff-2026-07-04.md (note: its "planning artifacts missing" section is stale — ADRs 0016–0019 and .scratch/alpha-hardening/issues/ were created in commit 68e0572).
Navigation: .scratch/alpha-hardening/README.md = index + phase order; research-verifiable-inference.md §8 = layered fraud scheme, §9 = build-vs-adopt; ADR-0018 = flagship fraud design; docs/agents/issue-tracker.md = issue conventions (active work in .scratch/<slug>/).
Locked decisions (do not re-derive): TOPLOC ADOPT (pip install toploc, teacher-forced prefill, one canonical precision per model); audit 5% default escalating on anomaly/low-rep/disputes; blame via on-demand per-hop activation commitments + bisection (fixes validator _final_text_node bug — it blames only the last hop); reputation = persisted graduated ×0.8-per-strike multiplier affecting routing + audit rate; full pending forfeiture stays the primary penalty; accounting becomes tracker-authoritative (count tokens from the proxied stream, work units from tracker-assigned spans — node self-reports are untrusted); strikes/bans/reputation must survive restart (RegistryWallet is RAM-only today); multi-tracker money fixes (C2/C3/C4/A3/H1) designed in ADR-0019 but implementation deferred.
Implementation order (Bucket 1): 1) auth boundary + gossip auth (02, 01, 20) DONE — committed 81719ed (2026-07-05). Next: 2) A1/A5 persist strike/ban/reputation (05) → 3) C5+M1 starting credit 0 + spend cap (03) → 4) H2 tracker-authoritative accounting (04) → 5) C6 wallet binding proof (11) → fraud arc (06–10).
Auth foundation now available (commit 81719ed): packages/tracker/meshnet_tracker/auth.py = hive HMAC (sign_hive_request/verify_hive_request, X-Meshnet-Hive-Signature/Timestamp, 300s skew) + is_validator_token. In the handler: _require_role("admin"|"validator"), _resolve_identity() (validator token / admin session / client-key→no-role), _read_hive_authenticated_body(). TrackerServer(validator_service_token=, hive_secret=) also read from MESHNET_VALIDATOR_SERVICE_TOKEN / MESHNET_HIVE_SECRET; CLI --validator-service-token / --hive-secret. Outgoing gossip signed via _push_to_peers. Tests use these fixtures — reuse the pattern in 05/03/04.
Session-sequencing constraint (owner directive 2026-07-04): run issues test-first, one issue per session, do NOT refactor unrelated server.py areas, update the issue Status header when done. 05 is independent (touches contracts/accounts persistence); 03 and 04 both touch server.py billing/proxy — run them SERIALLY, never in parallel (merge-conflict risk in server.py). Do not start fraud arc 06–10 (needs persistence + real audit outcomes) or Bucket-2 12–15/17/21 (design-deferred / ready-for-human).
Ralph note: scripts/ralph_progress.py tracks docs/prd.json (35/35 done) and does NOT see .scratch/alpha-hardening/issues/. No ralph loop is running and no .ralph-tui/ state exists. To use the ralph dashboard for the alpha phase, migrate the ready-for-agent alpha issues into prd.json first; otherwise track via the Status: header in each issue file. Do NOT use ralph auto --parallel on server.py-touching issues.
Why: three audits agreed the alpha blockers are unauthenticated gossip (anyone can inject billing events), the free-credit faucet, and ephemeral bans.
How to apply: work test-first per issue acceptance criteria; use .venv; cryptography belongs in node deps (wallet.py imports it — causes many of the 24 "failures" in a fresh env). See project-status and autonomous-work-style.