@ibgib/space-gib 0.0.1 → 0.0.3

package/src/client/index.html

@@ -73,7 +73,7 @@
           <p class="placeholder-text">Left Panel Content</p>
         </div>
       </aside>
-      
+
       <!-- Left Resizer -->
       <div id="left-resizer" class="resizer resizer-v"></div>
 
@@ -103,15 +103,53 @@
           <!-- DEV TOOLS — remove or hide once WS sync is confirmed working -->
           <section class="dev-panel" id="dev-panel" aria-label="Developer tools">
             <h2 class="dev-panel-title">Dev Tools</h2>
-            <div class="dev-panel-row">
-              <button id="btn-print-dev-state" class="dev-btn">Print Dev State</button>
-              <button id="btn-create-domain-keystone" class="dev-btn">1. Create Domain Keystone (I)</button>
-              <button id="btn-create-test-ibgib" class="dev-btn" disabled>2. Create Test IbGib (X)</button>
-              <button id="btn-create-session-keystone" class="dev-btn" disabled>3. Create Session Keystone (S)</button>
-              <button id="btn-evolve-domain-keystone" class="dev-btn" disabled>4. Evolve Domain Keystone (I^I1)</button>
-              <button id="btn-perform-sync" class="dev-btn" disabled>5. Perform Sync Handshake (S)</button>
-              <button id="btn-test-ws" class="dev-btn">Test WebSocket Echo</button>
+
+            <!-- Row 00: Raw POC buttons -->
+            <div class="dev-panel-row-container">
+              <span class="dev-panel-row-label">00</span>
+              <div class="dev-panel-row">
+                <button id="btn-print-dev-state" class="dev-btn">Print Dev State</button>
+                <button id="btn-create-domain-keystone" class="dev-btn">1. Create Domain Keystone (I)</button>
+                <button id="btn-create-test-ibgib" class="dev-btn" disabled>2. Create Test IbGib (X)</button>
+                <button id="btn-create-session-keystone" class="dev-btn" disabled>3. Create Session Keystone
+                  (S)</button>
+                <button id="btn-evolve-domain-keystone" class="dev-btn" disabled>4. Evolve Domain Keystone
+                  (I^I1)</button>
+                <button id="btn-perform-sync" class="dev-btn" disabled>5. Perform Sync Handshake (S)</button>
+                <button id="btn-test-ws" class="dev-btn">Test WebSocket Echo</button>
+              </div>
             </div>
+
+            <!-- Row 1B: Phase 1B -->
+            <div class="dev-panel-row-container">
+              <span class="dev-panel-row-label">1B</span>
+              <div class="dev-panel-row">
+                <button id="btn-1b-setup" class="dev-btn">1B Setup</button>
+                <button id="btn-1b-sync" class="dev-btn" disabled>1B Sync</button>
+                <button id="btn-1b-check" class="dev-btn" disabled>1B Check</button>
+              </div>
+            </div>
+
+            <!-- Row 2B: Phase 2B -->
+            <div class="dev-panel-row-container">
+              <span class="dev-panel-row-label">2B</span>
+              <div class="dev-panel-row">
+                <button id="btn-2b-setup" class="dev-btn">2B Setup</button>
+                <button id="btn-2b-sync" class="dev-btn" disabled>2B Sync</button>
+                <button id="btn-2b-check" class="dev-btn" disabled>2B Check</button>
+              </div>
+            </div>
+
+            <!-- Row 3B: Phase 3B -->
+            <div class="dev-panel-row-container">
+              <span class="dev-panel-row-label">3B</span>
+              <div class="dev-panel-row">
+                <button id="btn-3b-setup" class="dev-btn">3B Setup</button>
+                <button id="btn-3b-sync" class="dev-btn" disabled>3B Sync</button>
+                <button id="btn-3b-check" class="dev-btn" disabled>3B Check</button>
+              </div>
+            </div>
+
             <pre id="dev-panel-log" class="dev-panel-log" aria-live="polite" aria-label="Dev log"></pre>
           </section>
         </div>

package/src/client/style.css

@@ -603,3 +603,29 @@ body::before {
     word-break: break-all;
     min-height: 3rem;
 }
+
+/* dev tools row styles */
+.dev-panel-row-container {
+    display: flex;
+    align-items: center;
+    gap: 1.25rem;
+    border-bottom: 1px solid rgba(255, 204, 68, 0.08);
+    padding-bottom: 0.85rem;
+}
+.dev-panel-row-container:last-of-type {
+    border-bottom: none;
+    padding-bottom: 0;
+}
+.dev-panel-row-label {
+    font-family: var(--font-mono);
+    font-size: 0.85rem;
+    font-weight: 700;
+    color: var(--clr-warn);
+    min-width: 2.2rem;
+    text-align: center;
+    border: 1px solid rgba(255, 204, 68, 0.25);
+    border-radius: var(--radius-sm);
+    padding: 0.25rem 0.45rem;
+    background: rgba(255, 204, 68, 0.06);
+    user-select: none;
+}

package/src/common/keystone-policies.json

@@ -0,0 +1,64 @@
+{
+  "$schema": "../../../../libs/core-gib/src/keystone/keystone-policy.schema.json",
+  "behaviorProfiles": {
+    "standard": {
+      "size": 200,
+      "replenish": "top-up",
+      "selectSequentially": 2,
+      "selectRandomly": 2,
+      "targetBindingChars": 5
+    },
+    "high-security": {
+      "size": 2000,
+      "replenish": "replace-all",
+      "selectSequentially": 5,
+      "selectRandomly": 5,
+      "targetBindingChars": 16
+    },
+    "session-connect": {
+      "size": 20,
+      "replenish": "top-up",
+      "selectSequentially": 2,
+      "selectRandomly": 2,
+      "targetBindingChars": 3
+    }
+  },
+  "pools": {
+    "sync": {
+      "id": "sync",
+      "allowedVerbs": [
+        "sync"
+      ],
+      "behaviorProfile": "standard",
+      "algo": "SHA-256",
+      "rounds": 1
+    },
+    "manage": {
+      "id": "manage",
+      "allowedVerbs": [
+        "manage"
+      ],
+      "behaviorProfile": "high-security",
+      "algo": "SHA-512",
+      "rounds": 10
+    },
+    "revoke": {
+      "id": "revoke",
+      "allowedVerbs": [
+        "revoke"
+      ],
+      "behaviorProfile": "high-security",
+      "algo": "SHA-512",
+      "rounds": 10
+    },
+    "connect": {
+      "id": "connect",
+      "allowedVerbs": [
+        "connect"
+      ],
+      "behaviorProfile": "session-connect",
+      "algo": "SHA-256",
+      "rounds": 1
+    }
+  }
+}

package/src/common/keystone-policies.mts

@@ -12,15 +12,39 @@
 
 import { HashAlgorithm } from '@ibgib/helper-gib/dist/helpers/utils-helper.mjs';
 import {
-    KeystoneReplenishStrategy,
-    KeystoneChallengeType,
-    KeystoneIbGib_V1,
-    KeystoneSolution
-} from '@ibgib/core-gib/dist/keystone/keystone-types.mjs';
-import { KeystoneStrategyFactory } from '@ibgib/core-gib/dist/keystone/strategy/keystone-strategy-factory.mjs';
+    SESSION_KEYSTONE_POLICY as CORE_SESSION_KEYSTONE_POLICY,
+    getConnectChallenge as coreGetConnectChallenge,
+    checkConnectSolution as coreCheckConnectSolution
+} from '@ibgib/core-gib/dist/sync/sync-peer/sync-peer-websocket/sync-peer-websocket-receiver/sync-websocket-peer-helpers.mjs';
+import { createPoolConfigFromJson, KeystonePoolTemplate, KeystoneBehaviorProfileTemplate } from '@ibgib/core-gib/dist/keystone/keystone-config-builder.mjs';
+import { KeystonePoolConfig } from '@ibgib/core-gib/dist/keystone/keystone-types.mjs';
+
+import rawPolicies from './keystone-policies.json' assert { type: 'json' };
 
 // ---------------------------------------------------------------------------
-// 1. Session Keystone (S) Policies
+// 1. JSON Configuration Mapping & Hybrid Fallbacks
+// ---------------------------------------------------------------------------
+
+export const behaviorProfiles = rawPolicies.behaviorProfiles as Record<string, KeystoneBehaviorProfileTemplate>;
+export const pools = rawPolicies.pools as Record<string, KeystonePoolTemplate>;
+
+/**
+ * Resolves a pool config by key from the JSON policy file, with fallback behavior.
+ */
+export function getSpaceGibPoolConfig(poolKey: string, salt: string): KeystonePoolConfig {
+    const template = pools[poolKey];
+    if (!template) {
+        throw new Error(`Pool template not found in space-gib JSON config: ${poolKey}`);
+    }
+    return createPoolConfigFromJson({
+        template,
+        behaviorProfiles,
+        salt
+    });
+}
+
+// ---------------------------------------------------------------------------
+// 2. Compatibility Layer: Session Keystone (S) Policies
 // ---------------------------------------------------------------------------
 
 /**
@@ -31,12 +55,7 @@ export const SESSION_KEYSTONE_POLICY = {
     /**
      * Shared parameters across all session pools
      */
-    COMMON: {
-        ALGO: HashAlgorithm.sha_256,
-        TYPE: KeystoneChallengeType.hash_reveal_v1,
-        ROUNDS: 2,
-        REPLENISH: KeystoneReplenishStrategy.topUp,
-    },
+    COMMON: CORE_SESSION_KEYSTONE_POLICY.COMMON,
 
     /**
      * The primary authorization pool for sync actions (e.g. putting/getting ibgibs).
@@ -56,28 +75,16 @@ export const SESSION_KEYSTONE_POLICY = {
     /**
      * Dedicated pool for the WebSocket sync protocol handshake.
      */
-    HANDSHAKE_POOL: {
-        ID: 'handshake',
-        VERB: 'handshake',
-        SIZE: 10,
-        SELECT_SEQUENTIALLY: 2,
-        SELECT_RANDOMLY: 2,
-        TARGET_BINDING_CHARS: 0,
-        /** Number of IDs the server should demand during the handshake. */
-        SERVER_DEMAND_COUNT: 3,
-    }
+    CONNECT_POOL: CORE_SESSION_KEYSTONE_POLICY.CONNECT_POOL
 } as const;
 
 
 // ---------------------------------------------------------------------------
-// 2. Domain/Identity Keystone (I) Policies
+// 3. Compatibility Layer: Domain/Identity Keystone (I) Policies
 // ---------------------------------------------------------------------------
 
 /**
  * Server-side minimum requirements for long-lived primary identity keystones.
- *
- * [Nag] These are initial placeholder standards and should be reviewed for
- * production hardening.
  */
 export const DOMAIN_KEYSTONE_SECURITY_STANDARDS = {
     MIN_DEFAULT_POOL_SIZE: 50,
@@ -89,71 +96,17 @@ export const DOMAIN_KEYSTONE_SECURITY_STANDARDS = {
 
 
 // ---------------------------------------------------------------------------
-// 3. Upfront Picket-Fence Handshake Helpers
+// 4. Upfront Picket-Fence Connect Helpers
 // ---------------------------------------------------------------------------
 
 /**
  * Returns the lexicographically first challenge from the session keystone's
- * 'handshake' pool to be used as a deterministic, dynamic upfront pre-filter challenge.
+ * 'connect' pool to be used as a deterministic, dynamic upfront pre-filter challenge.
  */
-export function getHandshakeChallenge(keystone: KeystoneIbGib_V1): { challengeId: string; challenge: any } {
-    const handshakePool = (keystone.data?.challengePools ?? []).find(
-        (p) => p.id === SESSION_KEYSTONE_POLICY.HANDSHAKE_POOL.ID
-    );
-    if (!handshakePool) {
-        throw new Error(`Keystone missing "${SESSION_KEYSTONE_POLICY.HANDSHAKE_POOL.ID}" pool`);
-    }
-
-    const challengeIds = Object.keys(handshakePool.challenges).sort();
-    if (challengeIds.length === 0) {
-        throw new Error(`Handshake pool has no challenges`);
-    }
-
-    const challengeId = challengeIds[0];
-    const challenge = handshakePool.challenges[challengeId];
-    return { challengeId, challenge };
-}
+export const getConnectChallenge = coreGetConnectChallenge;
 
 /**
  * Cryptographically validates the upfront picket-fence solution against the session keystone.
- * Verifies that the client solved the lexicographically first challenge from the 'handshake' pool.
+ * Verifies that the client solved the lexicographically first challenge from the 'connect' pool.
  */
-export async function checkHandshakeSolution(
-    keystone: KeystoneIbGib_V1,
-    solutionValue: string
-): Promise<boolean> {
-    const handshakePool = (keystone.data?.challengePools ?? []).find(
-        (p) => p.id === SESSION_KEYSTONE_POLICY.HANDSHAKE_POOL.ID
-    );
-    if (!handshakePool) {
-        return false;
-    }
-
-    const { challengeId, challenge } = getHandshakeChallenge(keystone);
-    const strategy = KeystoneStrategyFactory.create({ config: handshakePool.config });
-    const solution: KeystoneSolution = {
-        type: 'hash-reveal-v1',
-        challengeId,
-        poolId: SESSION_KEYSTONE_POLICY.HANDSHAKE_POOL.ID,
-        value: solutionValue
-    };
-
-    return await strategy.validateSolution({ solution, challenge });
-}
-
-// this is what we had by default inside the sync saga coordinator
-// const primaryPoolConfig: KeystonePoolConfig_HashV1 = {
-//     allowedVerbs: [KEYSTONE_VERB_MANAGE],
-//     id: SESSION_IDENTITY_KEYSTONE_PRIMARY_POOL_ID,
-//     salt: sagaId,
-//     behavior: {
-//         size: SESSION_IDENTITY_KEYSTONE_CONFIG_SIZE,  // Large pool for many signatures
-//         replenish: SESSION_IDENTITY_KEYSTONE_CONFIG_REPLENISH_STRATEGY,
-//         selectSequentially: SESSION_IDENTITY_KEYSTONE_CONFIG_SEQUENTIAL,
-//         selectRandomly: SESSION_IDENTITY_KEYSTONE_CONFIG_RANDOM,
-//         targetBindingChars: SESSION_IDENTITY_KEYSTONE_CONFIG_TARGET_BINDING,
-//     },
-//     type: KeystoneChallengeType.hash_reveal_v1,
-//     algo: SESSION_IDENTITY_KEYSTONE_CONFIG_ALGO,
-//     rounds: SESSION_IDENTITY_KEYSTONE_CONFIG_ROUNDS,
-// };
+export const checkConnectSolution = coreCheckConnectSolution;

package/src/server/serve-gib/handlers/api/debug/ws-echo.handler.mts

@@ -8,7 +8,7 @@
  *
  * This is a diagnostic-only endpoint. The goal is to confirm that:
  *   1. Traefik correctly forwards WS upgrade requests to the container
- *   2. The Node.js `upgrade` event fires and we can accept the handshake
+ *   2. The Node.js `upgrade` event fires and we can accept the connect handshake
  *   3. The browser client can open a wss:// connection and exchange frames
  *
  * Once WS sync is confirmed end-to-end, this handler can be removed or
@@ -30,7 +30,8 @@ import { extractErrorMsg } from '@ibgib/helper-gib/dist/helpers/utils-helper.mjs
 
 import { GLOBAL_LOG_A_LOT } from '../../../constants.mjs';
 import {
-    encodeTextFrame, decodeTextFrame, encodeCloseFrame, performHandshake
+    encodeTextFrame, decodeTextFrame, encodeCloseFrame, performConnect,
+    WebSocketFrameDecoder
 } from '../../ws/ws-helper.mjs';
 import { API_PATH_REGEXES } from '../../../../path-constants.mjs';
 
@@ -63,27 +64,27 @@ export function handleWsEchoUpgrade(req: IncomingMessage, socket: Socket, head:
     try {
         if (logalot) { console.log(`${lc_fn} starting...`); }
 
-        const ok = performHandshake(req, socket);
+        const ok = performConnect(req, socket);
         if (!ok) { return; }
 
         // Send the "connected" greeting
         socket.write(encodeTextFrame(JSON.stringify({ status: 'connected', msg: 'ws-echo ready' })));
 
         // Echo loop
+        const decoder = new WebSocketFrameDecoder();
         socket.on('data', (data: Buffer) => {
             try {
-                const text = decodeTextFrame(data);
-                if (text === null) {
-                    // Close frame or unsupported opcode — send close and end
-                    socket.write(encodeCloseFrame(1000));
-                    socket.end();
-                    return;
+                decoder.addChunk(data);
+                let frameText = decoder.nextFrame();
+                while (frameText !== null) {
+                    if (logalot) { console.log(`${lc_fn} echo: ${frameText}`); }
+                    socket.write(encodeTextFrame(JSON.stringify({ echo: frameText })));
+                    frameText = decoder.nextFrame();
                 }
-                if (logalot) { console.log(`${lc_fn} echo: ${text}`); }
-                socket.write(encodeTextFrame(JSON.stringify({ echo: text })));
             } catch (error) {
                 console.error(`${lc_fn} error in data handler: ${extractErrorMsg(error)}`);
-                socket.destroy();
+                socket.write(encodeCloseFrame(1000));
+                socket.end();
             }
         });
 

package/src/server/serve-gib/handlers/api/keystone/keystone-evolve.handler.mts

@@ -10,19 +10,16 @@
  * them to the domain metaspace to authorize the sync session.
  */
 
-import { extractErrorMsg, pretty } from '@ibgib/helper-gib/dist/helpers/utils-helper.mjs';
+import { extractErrorMsg } from '@ibgib/helper-gib/dist/helpers/utils-helper.mjs';
 import { getIbGibAddr } from '@ibgib/ts-gib/dist/helper.mjs';
-import { validateIbGibIntrinsically } from '@ibgib/ts-gib/dist/V1/validate-helper.mjs';
-import { getGibInfo } from '@ibgib/ts-gib/dist/V1/transforms/transform-helper.mjs';
 import { IbGib_V1 } from '@ibgib/ts-gib/dist/V1/types.mjs';
+import { validateAndRegisterEvolveKeystone } from '@ibgib/core-gib/dist/sync/sync-peer/sync-peer-websocket/sync-peer-websocket-receiver/sync-websocket-peer-helpers.mjs';
+import { KeystoneIbGib_V1 } from '@ibgib/core-gib/dist/keystone/keystone-types.mjs';
 
 import { GLOBAL_LOG_A_LOT } from '../../../constants.mjs';
 import { ServeGibHandlerWithMetaspaceBase } from '../../handler-base.mjs';
 import { API_PATH_REGEXES } from '../../../../path-constants.mjs';
-import { DomainInfo, ParamsWithDomain, RequestContext, ResponseResult } from '../../../types.mjs';
-import { KeystoneService_V1 } from '@ibgib/core-gib/dist/keystone/keystone-service-v1.mjs';
-import { KeystoneIbGib_V1 } from '@ibgib/core-gib/dist/keystone/keystone-types.mjs';
-import { IbGibSpaceAny } from '@ibgib/core-gib/dist/witness/space/space-base-v1.mjs';
+import { ParamsWithDomain, RequestContext, ResponseResult } from '../../../types.mjs';
 
 const logalot = GLOBAL_LOG_A_LOT || true;
 
@@ -50,8 +47,9 @@ export class KeystoneEvolveHandler extends ServeGibHandlerWithMetaspaceBase<Evol
                 domainAddr,
                 domainInfo: this.getDomainInfo({ domainAddr })
             };
+        } else {
+            return undefined;
         }
-        return undefined;
     }
 
     protected override async validateQueryParams({ queryParams }: { queryParams: any; }): Promise<string[]> {
@@ -82,142 +80,19 @@ export class KeystoneEvolveHandler extends ServeGibHandlerWithMetaspaceBase<Evol
                 return this.error(400, 'Invalid request. Body must contain keystoneIbGib (E: e234647f79282982c8012fe8015f5826)');
             }
 
-            const addr = getIbGibAddr({ ibGib: keystoneIbGib });
-
-            // 1. Intrinsic hash validation
-            const intrinsicErrors = await validateIbGibIntrinsically({ ibGib: keystoneIbGib });
-            if (intrinsicErrors && intrinsicErrors.length > 0) {
-                return this.error(422, 'Intrinsic keystone validation failed. (E: 6efeb756cb0fb6c3187c8448c5035826)', { errors: intrinsicErrors });
-            }
-
-            // 2. Verify URL :domainAddr matches the keystone's tjp
-            const { tjpGib } = getGibInfo({ ibGibAddr: addr });
-            const expectedTjpGib = getGibInfo({ ibGibAddr: domainAddr }).punctiliarHash;
-            if (tjpGib !== expectedTjpGib) {
-                return this.error(422, `Keystone tjpGib (${tjpGib}) does not match URL domainAddr tjpGib (${expectedTjpGib}) (E: 703d3c64b7382f21f863c1e83533c826)`);
-            }
-
-            // 3. Load previous frame (the current tip in metaspace)
             const space = await reqCtx.metaspace.getLocalUserSpace({ lock: false });
             if (!space) {
                 return this.error(500, 'No local user space found (E: a1144e5d6cd9641fb82d6b359f131126)');
             }
-            const keystoneService = new KeystoneService_V1();
-            let prevIbGib: KeystoneIbGib_V1;
-            try {
-                prevIbGib = await keystoneService.getLatestKeystone({
-                    addr: domainAddr,
-                    metaspace: reqCtx.metaspace,
-                    space
-                });
-            } catch (error) {
-                return this.error(422, `Could not retrieve previous keystone tip for ${domainAddr} (E: bc2da8fb4dbda2c65851de9dd0b0eb26)`, { error: extractErrorMsg(error) });
-            }
 
-            // 4. Validate Evolution Transition
-            const validationErrors = await keystoneService.validate({
-                currentIbGib: keystoneIbGib,
-                prevIbGib
+            // Delegate all intrinsic checks, transition rules, pool restrictions, and registration/persistence to core-gib helper
+            await validateAndRegisterEvolveKeystone({
+                domainAddr,
+                keystoneIbGib,
+                relatedIbGibs,
+                metaspace: reqCtx.metaspace,
+                space
             });
-            if (validationErrors && validationErrors.length > 0) {
-                return this.error(422, 'Keystone evolution validation failed', { errors: validationErrors });
-            }
-
-            // 5. Check Single Pool Restriction
-            const restrictionError = this.validateSinglePoolRestriction(keystoneIbGib);
-            if (restrictionError) {
-                return this.error(422, restrictionError); /* <<<< returns early */
-            }
-
-            // 6. Route by claim verb
-            const proofs = keystoneIbGib.data?.proofs ?? [];
-            if (proofs.length !== 1) { throw new Error(`(UNEXPECTED) evolving keystone with proofs.length !== 1? we just checked that the length of proofs was exactly 1 in checkSinglePoolRestriction (E: 3021bb0ce9783e27c8e3492820aeb926)`); }
-            const { claim } = proofs[0];
-            if (!claim) { throw new Error(`proof.claim is falsy (E: e1dd983db341185528a75768919ea826)`); }
-            const { verb } = claim;
-            if (!verb) { throw new Error(`(UNEXPECTED) claim.verb falsy? atow (05/15/2026) I thought all claims should have a verb. I could be wrong of course as it's still early days. (E: 933a9856d6625b547d7ec158d678a826)`); }
-
-            switch (verb) {
-                case 'sync':
-                    return await this.handleSyncEvolution(reqCtx, keystoneIbGib, relatedIbGibs, space);
-                default:
-                    throw new Error(`non-sync keystone evolution not yet implemented (E: 83cb29bf67d681542bfd486d0f91e726)`);
-                // return await this.handleDefaultEvolution(reqCtx, keystoneIbGib, space);
-            }
-        } catch (error) {
-            console.error(`${lc} ${extractErrorMsg(error)}`);
-            return this.error(500, `Internal error evolving keystone`, { details: extractErrorMsg(error) });
-        } finally {
-            if (logalot) { console.log(`${lc} complete.`); }
-        }
-    }
-
-    protected validateSinglePoolRestriction(keystoneIbGib: KeystoneIbGib_V1): string | undefined {
-        const proofs = keystoneIbGib.data?.proofs ?? [];
-        if (proofs.length === 0) {
-            return 'No proofs found in evolved keystone data';
-        }
-
-        const poolIds = new Set<string>();
-        for (const proof of proofs) {
-            for (const solution of proof.solutions || []) {
-                if (solution.poolId) {
-                    poolIds.add(solution.poolId);
-                }
-            }
-        }
-
-        if (poolIds.size > 1) {
-            return `Multiple pools evolved (${Array.from(poolIds).join(', ')}). Only one pool evolution allowed at a time.`;
-        }
-
-        return undefined; // no error
-    }
-
-    protected async handleSyncEvolution(
-        reqCtx: RequestContext<EvolveParams>,
-        keystoneIbGib: KeystoneIbGib_V1,
-        relatedIbGibs: IbGib_V1[],
-        space: IbGibSpaceAny
-    ): Promise<ResponseResult> {
-        const lc = `${this.lc}[${this.handleSyncEvolution.name}]`;
-        try {
-            if (logalot) { console.log(`${lc} starting... (I: 80cf7ba10a781fad87171b747de10826)`); }
-
-            if (logalot) { console.log(`${lc} starting...`); }
-
-            const proofs = keystoneIbGib.data?.proofs ?? [];
-            if (proofs.length !== 1) { throw new Error(`(UNEXPECTED) proofs.length !== 1? (E: ac9748a187f87455bc01fdeeb4363826)`); }
-            const claim = proofs[0].claim;
-            const sAddr = claim?.target;
-            if (!sAddr) {
-                return this.error(422, 'No target address found in sync claim');
-            }
-
-            // Validate S^Stjp (session keystone ibgib) from relatedIbGibs
-            const sIbGib = relatedIbGibs.find(ibGib => getIbGibAddr({ ibGib }) === sAddr) as KeystoneIbGib_V1 | undefined;
-            if (!sIbGib) {
-                return this.error(422, `Session keystone ${sAddr} must be provided in relatedIbGibs`);
-            }
-
-            const sIntrinsicErrors = await validateIbGibIntrinsically({ ibGib: sIbGib });
-            if (sIntrinsicErrors && sIntrinsicErrors.length > 0) {
-                return this.error(422, 'Intrinsic validation failed for S^Stjp', { errors: sIntrinsicErrors });
-            }
-
-            const keystoneService = new KeystoneService_V1();
-            const sGenesisErrors = await keystoneService.validateGenesisKeystone({ keystoneIbGib: sIbGib });
-            if (sGenesisErrors && sGenesisErrors.length > 0) {
-                return this.error(422, 'Genesis validation failed for S^Stjp', { errors: sGenesisErrors });
-            }
-
-            // Persist both I and S
-            await reqCtx.metaspace!.put({ ibGibs: [keystoneIbGib, sIbGib], space });
-            await reqCtx.metaspace!.registerNewIbGib({ ibGib: keystoneIbGib, space });
-            await reqCtx.metaspace!.registerNewIbGib({ ibGib: sIbGib, space });
-
-            const addr = getIbGibAddr({ ibGib: keystoneIbGib });
-            if (logalot) { console.log(`${lc} domain evolution stored and registered: ${addr}`); }
 
             return this.ok({
                 message: `Successfully evolved domain keystone with session keystone`,
@@ -225,37 +100,9 @@ export class KeystoneEvolveHandler extends ServeGibHandlerWithMetaspaceBase<Evol
 
         } catch (error) {
             console.error(`${lc} ${extractErrorMsg(error)}`);
-            throw error;
+            return this.error(422, `Evolve validation/persistence failed: ${extractErrorMsg(error)}`);
         } finally {
             if (logalot) { console.log(`${lc} complete.`); }
         }
     }
-
-    protected async handleDefaultEvolution(
-        reqCtx: RequestContext<EvolveParams>,
-        keystoneIbGib: KeystoneIbGib_V1,
-        space: IbGibSpaceAny
-    ): Promise<ResponseResult> {
-        const lc = `${this.lc}[${this.handleDefaultEvolution.name}]`;
-        try {
-            if (logalot) { console.log(`${lc} starting... (I: 8b755b4087b16c0d760d3ca397fad726)`); }
-
-            // Persist only I
-            await reqCtx.metaspace!.put({ ibGibs: [keystoneIbGib], space });
-            await reqCtx.metaspace!.registerNewIbGib({ ibGib: keystoneIbGib, space });
-
-            const addr = getIbGibAddr({ ibGib: keystoneIbGib });
-            if (logalot) { console.log(`${lc} domain evolution stored and registered: ${addr} (I: 990d686a19d645afaa624e386caac826)`); }
-
-            return this.ok({
-                message: `Successfully evolved domain keystone. (I: 4cd058a08a171069982a7f3808cbe826)`,
-            });
-        } catch (error) {
-            console.error(`${lc} ${extractErrorMsg(error)}`);
-            throw error;
-        } finally {
-            if (logalot) { console.log(`${lc} complete.`); }
-        }
-    }
-
 }

package/src/server/serve-gib/handlers/api/keystone/keystone-genesis.handler.mts

@@ -74,12 +74,12 @@ export class KeystoneGenesisHandler extends ServeGibHandlerBase<undefined, undef
             try {
                 parsed = JSON.parse(reqCtx.body);
             } catch {
-                return this.error(400, 'Request body must be valid JSON');
+                return this.error(400, 'Request body must be valid JSON (E: dd8618857568f8fc5e9c62b8ed135826)');
             }
 
             const { keystoneIbGib } = parsed;
             if (!keystoneIbGib) {
-                return this.error(400, 'Body must contain keystoneIbGib');
+                return this.error(400, 'Body must contain keystoneIbGib (E: 9c8c5d979d7842cd716ba64f69349c26)');
             }
 
             // ----------------------------------------------------------------
@@ -87,7 +87,7 @@ export class KeystoneGenesisHandler extends ServeGibHandlerBase<undefined, undef
             // ----------------------------------------------------------------
             const intrinsicErrors = await validateIbGibIntrinsically({ ibGib: keystoneIbGib });
             if (intrinsicErrors) {
-                return this.error(422, 'Intrinsic keystone validation failed', { errors: intrinsicErrors });
+                return this.error(422, 'Intrinsic keystone validation failed (E: 76d388e198f23a87dd6596f59c36e826)', { errors: intrinsicErrors });
             }
 
             // ----------------------------------------------------------------
@@ -98,7 +98,7 @@ export class KeystoneGenesisHandler extends ServeGibHandlerBase<undefined, undef
                 keystoneIbGib
             });
             if (keystoneErrors && keystoneErrors.length > 0) {
-                return this.error(422, 'Keystone genesis validation failed', { errors: keystoneErrors });
+                return this.error(422, `Keystone genesis validation failed. Errors: ${keystoneErrors} (E: 8384285be7a8ab0d41cfd1df2e2aa826)`, { errors: keystoneErrors });
             }
 
             // ----------------------------------------------------------------
@@ -108,12 +108,12 @@ export class KeystoneGenesisHandler extends ServeGibHandlerBase<undefined, undef
             const { tjpGib, punctiliarHash } = getGibInfo({ ibGibAddr: addr });
             const domainGib = tjpGib || punctiliarHash;
             if (!domainGib) {
-                return this.error(422, `Could not extract domain identifier from keystone address: ${addr}`);
+                return this.error(422, `Could not extract domain identifier from keystone address: ${addr} (E: 2758588a6d7cc77f078e97989feed326)`);
             }
 
             const domainRootPath = getDomainRootPath(domainGib, reqCtx.dataDir);
             if (existsSync(domainRootPath)) {
-                return this.error(409, `Domain already exists for this keystone (tjpGib: ${domainGib}). Use PUT /api/keystone/evolve/:domainAddr to evolve.`);
+                return this.error(409, `Domain already exists for this keystone (tjpGib: ${domainGib}). Use PUT /api/keystone/evolve/:domainAddr to evolve. (E: 1c56c8885781c86df89cbdfc1b310626)`);
             }
 
             // ----------------------------------------------------------------