@onlineapps/service-wrapper 2.0.13 → 2.0.16

package/README.md

@@ -36,9 +36,9 @@ This package provides the infrastructure layer that sits between:
 ```
 [RabbitMQ Message] → [Service Wrapper] → [Service API Call] → [Business Logic]
                            ↑                    ↑                    ↑
-                    This package         OpenAPI spec        Your service
+                    This package         operations.json     Your service
                     Handles all          Defines API         Pure business
-                    infrastructure       interface           logic only
+                    infrastructure       mapping             logic only
 ```
 
 ## Usage
@@ -180,9 +180,9 @@ This follows Docker/Kubernetes best practices for configuration management while
 ## Service Requirements
 
 Your service needs:
-1. **OpenAPI specification** - Describes your API
+1. **Operations specification** - Describes your API operations ([Operations Standard](/docs/OPERATIONS_STANDARD.md))
 2. **Express app** - With business logic endpoints
-3. **Environment variables** - For configuration
+3. **Configuration files** - Service config and environment variables
 
 Your service should NOT have:
 - Workflow processing code

package/docs/MIGRATION_FROM_OPENAPI.md

@@ -0,0 +1,309 @@
+# Migration from OpenAPI to Operations Standard
+
+## Overview
+This guide helps you migrate existing services from OpenAPI specifications to the simpler Operations Standard.
+
+## Why Migrate?
+
+### Problems with OpenAPI
+- **Over-engineered** for internal microservices
+- **Complex** specification (100+ lines for simple operations)
+- **Slow parsing** and validation overhead
+- **Designed for external APIs**, not internal workflows
+- **Poor fit** for cookbook-based orchestration
+
+### Benefits of Operations Standard
+- ✅ **Simpler** - 10x less configuration
+- ✅ **Faster** - Direct JSON parsing
+- ✅ **Focused** - Only what workflows need
+- ✅ **Maintainable** - Easy to read and update
+- ✅ **Flexible** - Can generate OpenAPI if needed later
+
+## Migration Steps
+
+### Step 1: Create operations.json
+
+Transform your OpenAPI spec into Operations format:
+
+#### Before (OpenAPI - openapi.json):
+```json
+{
+  "openapi": "3.0.0",
+  "info": {
+    "title": "Hello Service",
+    "version": "1.0.0"
+  },
+  "paths": {
+    "/api/good-day": {
+      "post": {
+        "operationId": "goodDay",
+        "summary": "Generate good day greeting",
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "required": ["name"],
+                "properties": {
+                  "name": {
+                    "type": "string",
+                    "minLength": 1,
+                    "maxLength": 100
+                  }
+                }
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "Success",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "properties": {
+                    "message": { "type": "string" },
+                    "timestamp": { "type": "string", "format": "date-time" }
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
+```
+
+#### After (Operations - operations.json):
+```json
+{
+  "operations": {
+    "good-day": {
+      "description": "Generate good day greeting",
+      "endpoint": "/api/good-day",
+      "method": "POST",
+      "input": {
+        "name": {
+          "type": "string",
+          "required": true,
+          "minLength": 1,
+          "maxLength": 100
+        }
+      },
+      "output": {
+        "message": { "type": "string" },
+        "timestamp": { "type": "datetime" }
+      }
+    }
+  }
+}
+```
+
+**Result**: ~50 lines → ~15 lines (70% reduction)
+
+### Step 2: Update Directory Structure
+
+```bash
+# Old structure
+services/my-service/
+├── connector-config/
+│   ├── manifest.json
+│   └── openapi.json
+
+# New structure
+services/my-service/
+├── conn-config/
+│   ├── config.json
+│   └── operations.json
+```
+
+Move configuration:
+```bash
+cd services/my-service
+mkdir -p conn-config
+
+# If you have existing config, merge it
+mv connector-config/manifest.json conn-config/config.json
+
+# Create operations.json (see conversion below)
+# Delete old directory
+rm -rf connector-config/
+```
+
+### Step 3: Convert OpenAPI to Operations
+
+Use this mapping:
+
+| OpenAPI | Operations |
+|---------|-----------|
+| `paths[path][method].operationId` | `operations[operation-name]` |
+| `paths[path]` | `endpoint` |
+| `requestBody.content.schema.properties` | `input` |
+| `responses.200.content.schema.properties` | `output` |
+| `schema.required[]` | `field.required: true` |
+| `schema.minLength` | `minLength` |
+| `schema.maxLength` | `maxLength` |
+
+### Step 4: Update ServiceWrapper Initialization
+
+#### Before:
+```javascript
+const { ServiceWrapper } = require('@onlineapps/service-wrapper');
+const openApiSpec = require('./connector-config/openapi.json');
+
+const wrapper = new ServiceWrapper({
+  app,
+  server,
+  config,
+  openApiSpec  // OLD
+});
+```
+
+#### After:
+```javascript
+const { ServiceWrapper } = require('@onlineapps/service-wrapper');
+const operations = require('./conn-config/operations.json');
+
+const wrapper = new ServiceWrapper({
+  app,
+  server,
+  config,
+  operations  // NEW
+});
+```
+
+### Step 5: Update Specification Endpoint
+
+#### Before:
+```javascript
+app.get('/specification', (req, res) => {
+  const openapi = require('./connector-config/openapi.json');
+  res.json(openapi);
+});
+```
+
+#### After:
+```javascript
+app.get('/specification', (req, res) => {
+  const operations = require('./conn-config/operations.json');
+  res.json(operations);
+});
+```
+
+### Step 6: Update Documentation References
+
+Update all references:
+- `connector-config/` → `conn-config/`
+- `openapi.json` → `operations.json`
+- "OpenAPI specification" → "Operations specification"
+
+Files to check:
+- README.md
+- docker-compose.yml comments
+- Test files
+- Documentation
+
+### Step 7: Test
+
+```bash
+# 1. Check specification endpoint
+curl http://localhost:PORT/specification | jq .
+
+# 2. Verify operations are listed
+curl http://localhost:PORT/specification | jq '.operations | keys'
+
+# 3. Test each operation
+curl -X POST http://localhost:PORT/api/good-day \
+  -H "Content-Type: application/json" \
+  -d '{"name": "Test"}'
+
+# 4. Run test suite
+npm test
+```
+
+## Conversion Script
+
+You can use this Node.js script to help convert OpenAPI to Operations:
+
+```javascript
+// convert-openapi-to-operations.js
+const fs = require('fs');
+
+function convertOpenAPIToOperations(openapi) {
+  const operations = {};
+
+  Object.entries(openapi.paths || {}).forEach(([path, methods]) => {
+    Object.entries(methods).forEach(([method, spec]) => {
+      const operationId = spec.operationId || path.split('/').pop();
+
+      operations[operationId] = {
+        description: spec.summary || spec.description,
+        endpoint: path,
+        method: method.toUpperCase(),
+        input: convertSchema(spec.requestBody?.content?.['application/json']?.schema),
+        output: convertSchema(spec.responses?.['200']?.content?.['application/json']?.schema)
+      };
+    });
+  });
+
+  return { operations };
+}
+
+function convertSchema(schema) {
+  if (!schema?.properties) return {};
+
+  const result = {};
+  Object.entries(schema.properties).forEach(([name, prop]) => {
+    result[name] = {
+      type: prop.type,
+      required: schema.required?.includes(name) || false,
+      ...(prop.minLength && { minLength: prop.minLength }),
+      ...(prop.maxLength && { maxLength: prop.maxLength }),
+      ...(prop.description && { description: prop.description })
+    };
+  });
+
+  return result;
+}
+
+// Usage
+const openapi = require('./connector-config/openapi.json');
+const operations = convertOpenAPIToOperations(openapi);
+fs.writeFileSync('./conn-config/operations.json', JSON.stringify(operations, null, 2));
+console.log('Converted to operations.json');
+```
+
+## Validation
+
+After migration, verify:
+
+- [ ] `conn-config/operations.json` exists
+- [ ] All operations have required fields (description, endpoint, method)
+- [ ] Input/output schemas defined
+- [ ] ServiceWrapper initializes without errors
+- [ ] `/specification` endpoint returns operations
+- [ ] All API endpoints work
+- [ ] Tests pass
+- [ ] Documentation updated
+
+## Rollback
+
+If you need to rollback:
+
+1. Keep old `connector-config/` directory temporarily
+2. Restore old ServiceWrapper initialization
+3. Update references back
+
+## Need Help?
+
+- See [Operations Standard](/docs/OPERATIONS_STANDARD.md)
+- Check [hello-service](/services/hello-service/) as reference
+- Review [Service Template](/docs/SERVICE_TEMPLATE.md)
+
+---
+
+*Operations Standard simplifies service definitions while maintaining all necessary functionality for workflow orchestration.*

package/docs/STANDARDS_OVERVIEW.md

@@ -0,0 +1,226 @@
+# Service Wrapper Standards Overview
+
+## All Standards in One Place
+
+This document provides a comprehensive overview of all standards related to Service Wrapper and microservice development.
+
+## 📋 Standards Documents
+
+### 1. API Structure Standard
+**Location:** [API_STRUCTURE_STANDARD.md](./API_STRUCTURE_STANDARD.md)
+
+**Key Points:**
+- URL structure: `/`, `/health`, `/status`, `/specification`, `/api/*`
+- Service discovery endpoint returns metadata
+- Operations endpoint at `/specification`
+- Business logic under `/api/*`
+- No versioning in URLs
+
+### 2. Operations Schema Standard
+**Location:** [OPERATIONS_SCHEMA.md](./OPERATIONS_SCHEMA.md)
+
+**Key Points:**
+- Replaces OpenAPI for internal services
+- Located in `/conn-config/operations.json`
+- Defines input/output schemas for operations
+- Direct mapping to Cookbook workflow steps
+- Supports both internal and external APIs
+
+### 3. Configuration Standard
+**Location:** [CONFIGURATION_GUIDE.md](./CONFIGURATION_GUIDE.md)
+
+**Key Points:**
+- Configuration in `/conn-config/` directory
+- Three files: `config.json`, `operations.json`, `middleware.json`
+- Environment variable format: `${VAR:default}`
+- Parsed by ServiceWrapper directly
+
+### 4. Service Testing Standard
+**Location:** [SERVICE_TESTING_STANDARD.md](./SERVICE_TESTING_STANDARD.md)
+
+**Key Points:**
+- Unit tests for business logic
+- Component tests for connectors
+- Integration tests for MQ flows
+- E2E tests for complete workflows
+- Mock strategies for external dependencies
+
+### 5. Architecture Standards
+**Location:** [FINAL_ARCHITECTURE.md](./FINAL_ARCHITECTURE.md)
+
+**Key Points:**
+- Single-process architecture
+- ServiceWrapper as thin orchestration layer
+- Specialized connectors for infrastructure
+- HTTP-only communication pattern
+- No direct handler calls
+
+## 🏗️ Directory Structure Standards
+
+### Service Directory Layout
+```
+service-name/
+├── src/                    # Business logic only
+│   ├── app.js             # Express application
+│   └── routes/            # API endpoints
+├── conn-config/           # Configuration
+│   ├── config.json        # Service configuration
+│   ├── operations.json    # Operations specification
+│   └── middleware.json    # Middleware configuration
+├── test/                  # Tests
+│   ├── unit/             # Business logic tests
+│   ├── integration/      # API tests
+│   └── e2e/              # Full flow tests
+├── index.js              # Service entry point
+├── Dockerfile            # Container definition
+└── package.json          # Dependencies
+```
+
+## 🔌 Connector Standards
+
+### Naming Convention
+- Base connectors: `conn-base-*` (cache, monitoring)
+- Infrastructure: `conn-infra-*` (mq, error-handler)
+- Orchestration: `conn-orch-*` (registry, cookbook, orchestrator)
+
+### Package Naming
+- npm scope: `@onlineapps/`
+- Full name: `@onlineapps/conn-{layer}-{function}`
+
+## 📦 Package Standards
+
+### Version Management
+- Semantic versioning (MAJOR.MINOR.PATCH)
+- Breaking changes increment MAJOR
+- New features increment MINOR
+- Bug fixes increment PATCH
+
+### Publishing
+- Always test locally before publishing
+- Document breaking changes in changelog
+- Update dependent packages after publishing
+
+## 🔧 Environment Variables
+
+### Standard Variables
+```bash
+# Service Configuration
+PORT=3000                    # Service port
+NODE_ENV=production         # Environment
+
+# Infrastructure
+RABBITMQ_URL=amqp://...    # Message queue
+REGISTRY_URL=http://...    # Service registry
+REDIS_URL=redis://...      # Cache
+
+# Features
+MQ_ENABLED=true            # Enable MQ integration
+REGISTRY_ENABLED=true      # Enable registry
+MONITORING_ENABLED=true    # Enable monitoring
+```
+
+### Format in config.json
+```json
+{
+  "port": "${PORT:3000}",
+  "rabbitmq": "${RABBITMQ_URL:amqp://localhost:5672}"
+}
+```
+
+## 📝 Documentation Standards
+
+### Required Documentation
+1. **README.md** - Overview and usage
+2. **API.md** - API documentation (auto-generated)
+3. **Configuration docs** - In `/docs` directory
+4. **Inline comments** - Only when necessary
+
+### Documentation Style
+- Clear, concise explanations
+- Examples for complex concepts
+- Links to related documents
+- No duplication - reference source of truth
+
+## 🚀 Deployment Standards
+
+### Docker
+- Alpine-based images for size
+- Non-root user for security
+- Health checks included
+- Multi-stage builds for optimization
+
+### Health Checks
+- Endpoint at `/health`
+- Returns `{"status": "healthy", "timestamp": "..."}`
+- Checked every 30 seconds
+- 3 retries before marking unhealthy
+
+## 🔄 Workflow Standards
+
+### Cookbook Integration
+- Operations map to cookbook steps
+- Context passed between steps
+- Error handling with retries
+- Dead letter queue for failures
+
+### Message Queue
+- Queue naming: `{service-name}.workflow`
+- Prefetch limit: 10 messages
+- Acknowledgment after processing
+- Automatic retries with backoff
+
+## ✅ Code Quality Standards
+
+### Best Practices
+- No hardcoded values
+- Configuration from environment
+- Proper error handling
+- Logging at appropriate levels
+- Clean separation of concerns
+
+### What Services Should NOT Have
+- Workflow processing code
+- Message queue operations
+- Service registration logic
+- Infrastructure connectors
+- Environment variable parsing
+
+## 📊 Monitoring Standards
+
+### Metrics
+- Request count and duration
+- Error rates
+- Queue depth
+- Memory usage
+- CPU utilization
+
+### Logging
+- Structured JSON logs
+- Correlation IDs for tracing
+- Appropriate log levels
+- No sensitive data in logs
+
+## 🔐 Security Standards
+
+### Configuration
+- Secrets from environment only
+- No credentials in code
+- No credentials in config files
+- Secure defaults
+
+### Communication
+- HTTPS in production
+- Authentication tokens
+- Request validation
+- Rate limiting
+
+## 📚 References
+
+- [Installation Guide](./INSTALLATION_GUIDE.md) - How to set up services
+- [Performance Guide](./PERFORMANCE.md) - Optimization tips
+- [Process Flows](./PROCESS_FLOWS.md) - How everything works together
+- [Architecture Decision](./ARCHITECTURE_DECISION.md) - Why these choices
+
+---
+
+*This document serves as the single source of truth for all Service Wrapper standards.*

package/examples/README.md

@@ -0,0 +1,170 @@
+# Service Wrapper - Cookbook Examples
+
+Example cookbooks demonstrating service-wrapper workflow orchestration.
+
+## Overview
+
+These examples show how cookbooks are processed by service-wrapper to orchestrate operations across microservices.
+
+## Example Cookbooks
+
+### [cookbook-single-operation.json](cookbook-single-operation.json)
+Basic single-operation workflow.
+
+**Features:**
+- Single service call
+- Simple string output
+- Direct JSON response
+
+**Expected Output:**
+```json
+{
+  "message": "Good day, Igor! Welcome to our service!",
+  "timestamp": "2025-09-30T12:00:00Z",
+  "service": "hello-service"
+}
+```
+
+---
+
+### [cookbook-file-output.json](cookbook-file-output.json)
+Operation generating file output stored in MinIO.
+
+**Features:**
+- File generation (HTML/Markdown)
+- MinIO storage reference
+- `outputRef` for file retrieval
+
+**Expected Output:**
+```json
+{
+  "certificate": "<!DOCTYPE html>...",
+  "outputRef": "cert-7d4e8f9a.html",
+  "timestamp": "2025-09-30T12:00:00Z"
+}
+```
+
+---
+
+### [cookbook-multi-step.json](cookbook-multi-step.json)
+Multi-step workflow orchestration.
+
+**Features:**
+- Sequential step execution
+- Output passing between steps
+- Multiple operations in one workflow
+
+**Expected Output:**
+Each step output accumulated in final workflow result.
+
+---
+
+## Testing Workflows
+
+### Via API Gateway (Production-like)
+```bash
+curl -X POST http://localhost:33000/workflow \
+  -H "Content-Type: application/json" \
+  -d @examples/cookbook-single-operation.json
+```
+
+### Direct Service Test (Development)
+```bash
+# Test hello-service directly
+curl -X POST http://localhost:33199/api/good-day \
+  -H "Content-Type: application/json" \
+  -d '{"name": "Igor"}'
+```
+
+### Via RabbitMQ (Integration Test)
+```bash
+# Publish directly to workflow queue
+node scripts/publish-workflow.js examples/cookbook-single-operation.json
+```
+
+## Workflow Response Format
+
+```json
+{
+  "workflowId": "wf-2025-09-30-abc123",
+  "status": "completed",
+  "startTime": "2025-09-30T12:00:00Z",
+  "endTime": "2025-09-30T12:00:01Z",
+  "steps": [
+    {
+      "service": "hello-service",
+      "operation": "good-day",
+      "input": {...},
+      "output": {...},
+      "processingTime": 45,
+      "status": "success"
+    }
+  ]
+}
+```
+
+## Creating Custom Cookbooks
+
+### 1. Define Operation in Service
+
+Add to `conn-config/operations.json`:
+```json
+{
+  "my-operation": {
+    "description": "Custom operation",
+    "endpoint": "/api/my-operation",
+    "method": "POST",
+    "input": {
+      "param1": {
+        "type": "string",
+        "required": true
+      }
+    },
+    "output": {
+      "result": {
+        "type": "string"
+      }
+    }
+  }
+}
+```
+
+### 2. Implement Service Endpoint
+
+In service `src/routes/api.routes.js`:
+```javascript
+router.post('/my-operation', (req, res) => {
+  const { param1 } = req.body;
+  // Business logic
+  res.json({ result: "..." });
+});
+```
+
+### 3. Create Cookbook
+
+```json
+{
+  "cookbook": {
+    "version": "1.0",
+    "steps": [{
+      "service": "your-service",
+      "operation": "my-operation",
+      "input": { "param1": "value" }
+    }]
+  }
+}
+```
+
+### 4. Test
+```bash
+curl -X POST http://localhost:33000/workflow \
+  -H "Content-Type: application/json" \
+  -d @your-cookbook.json
+```
+
+## Related Documentation
+
+- [Operations Standard](/docs/OPERATIONS_STANDARD.md)
+- [Service Wrapper Configuration](../docs/CONFIGURATION_GUIDE.md)
+- [Workflow Module](/docs/modules/workflow.md)
+- [Hello Service Examples](/services/hello-service/docs/WORKFLOW_EXECUTION.md)

package/examples/cookbook-file-output.json

@@ -0,0 +1,16 @@
+{
+  "cookbook": {
+    "version": "1.0",
+    "description": "Operation with file output (MinIO storage)",
+    "steps": [
+      {
+        "service": "hello-service",
+        "operation": "hello-cert",
+        "input": {
+          "name": "Igor",
+          "format": "html"
+        }
+      }
+    ]
+  }
+}

package/examples/cookbook-multi-step.json

@@ -0,0 +1,23 @@
+{
+  "cookbook": {
+    "version": "1.0",
+    "description": "Multi-step workflow across services",
+    "steps": [
+      {
+        "service": "hello-service",
+        "operation": "good-day",
+        "input": {
+          "name": "Igor"
+        }
+      },
+      {
+        "service": "hello-service",
+        "operation": "hello-cert",
+        "input": {
+          "name": "Igor",
+          "format": "md"
+        }
+      }
+    ]
+  }
+}

package/examples/cookbook-single-operation.json

@@ -0,0 +1,15 @@
+{
+  "cookbook": {
+    "version": "1.0",
+    "description": "Single operation example",
+    "steps": [
+      {
+        "service": "hello-service",
+        "operation": "good-day",
+        "input": {
+          "name": "Igor"
+        }
+      }
+    ]
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@onlineapps/service-wrapper",
-  "version": "2.0.13",
+  "version": "2.0.16",
   "description": "Thin orchestration layer for microservices - delegates all infrastructure concerns to specialized connectors",
   "main": "src/index.js",
   "scripts": {
@@ -31,7 +31,7 @@
     "@onlineapps/conn-orch-api-mapper": "^1.0.0",
     "@onlineapps/conn-orch-cookbook": "^2.0.0",
     "@onlineapps/conn-orch-orchestrator": "^1.0.1",
-    "@onlineapps/conn-orch-registry": "^1.1.4",
+    "@onlineapps/conn-orch-registry": "^1.1.13",
     "@onlineapps/monitoring-core": "^1.0.0"
   },
   "devDependencies": {

package/src/ServiceWrapper.js

@@ -34,6 +34,7 @@ class ServiceWrapper {
    * @param {Object} options.server - HTTP server instance
    * @param {Object} options.config - Service and wrapper configuration
    * @param {Object} options.operations - Operations schema
+   * @param {Object} [options.validationProof=null] - Optional validation proof {hash, data}
    */
   constructor(options = {}) {
     this._validateOptions(options);
@@ -43,6 +44,7 @@ class ServiceWrapper {
     this.server = options.server;
     this.config = this._processConfig(options.config);
     this.operations = options.operations;
+    this.validationProof = options.validationProof || null;
 
     // Initialize connector placeholders
     this.mqClient = null;
@@ -165,9 +167,10 @@ class ServiceWrapper {
       }
 
       // 6. Initialize orchestrator for workflow processing
+      // NOTE: Orchestrator is prepared but workflow listeners will be started
+      // ONLY after receiving certificate from Registry (see _initializeRegistry)
       if (this.mqClient) {
         await this._initializeOrchestrator();
-        await this._subscribeToQueues();
       }
 
       this.isInitialized = true;
@@ -259,10 +262,16 @@ class ServiceWrapper {
       amqpUrl: mqUrl,
       serviceName: serviceName,
       version: this.config.service?.version || '1.0.0',
+      registryQueue: 'registry.register', // Use correct queue name
       registryUrl: registryUrl,
-      logger: this.logger || console
+      logger: this.logger || console,
+      validationProof: this.validationProof // Inject validation proof
     });
 
+    // Initialize registry client connection
+    await this.registryClient.init();
+    console.log('Registry client initialized');
+
     // Register service
     const serviceInfo = {
       name: serviceName,
@@ -274,11 +283,39 @@ class ServiceWrapper {
       }
     };
 
-    await this.registryClient.register(serviceInfo);
-    console.log(`Service registered: ${serviceName}`);
+    // Validation proof is handled by RegistryClient.register() - no need to load here
+    // RegistryClient loads proof during init() and includes it in registration message
+
+    try {
+      const registrationResult = await this.registryClient.register(serviceInfo);
+      console.log(`Service registered: ${serviceName}`, registrationResult);
+
+      // Store certificate if received
+      if (registrationResult.certificate) {
+        this.certificate = registrationResult.certificate;
+        console.log(`✓ Certificate received: ${registrationResult.certificate.certificateId}`);
+      }
+
+      // CRITICAL: Only start workflow listeners after successful registration with certificate
+      if (registrationResult.success && registrationResult.certificate) {
+        console.log('✓ Certificate validated, starting workflow listeners...');
+        await this._startWorkflowListeners();
+      } else {
+        console.warn('⚠ Registration succeeded but no certificate received - workflow listeners NOT started');
+      }
+
+    } catch (error) {
+      console.error(`Service registration failed: ${error.message}`);
+      throw new Error(`Failed to register service ${serviceName}: ${error.message}`);
+    }
 
     // Start heartbeat
-    const heartbeatInterval = this.config.wrapper?.registry?.heartbeatInterval || 30000;
+    // Priority: ENV variable > config > default (10s)
+    const heartbeatInterval = parseInt(process.env.HEARTBEAT_INTERVAL) ||
+                               this.config.wrapper?.registry?.heartbeatInterval ||
+                               10000;
+    console.log(`[ServiceWrapper] Heartbeat interval set to ${heartbeatInterval}ms`);
+
     this.heartbeatTimer = setInterval(async () => {
       try {
         await this.registryClient.sendHeartbeat(serviceName);
@@ -385,10 +422,11 @@ class ServiceWrapper {
   }
 
   /**
-   * Subscribe to workflow queues
+   * Start workflow listeners - ONLY called after receiving certificate from Registry
+   * CRITICAL: Unregistered services MUST NOT consume workflow messages
    * @private
    */
-  async _subscribeToQueues() {
+  async _startWorkflowListeners() {
     const serviceName = this.config.service?.name || 'unnamed-service';
 
     // Subscribe to workflow.init queue (for all services)
@@ -558,6 +596,41 @@ class ServiceWrapper {
     }
   }
 
+  /**
+   * Load validation proof from file
+   * @returns {Object|null} Validation proof or null if not found
+   */
+  loadValidationProof() {
+    const fs = require('fs');
+    const path = require('path');
+
+    try {
+      // Look for .validation-proof.json in service root (process.cwd())
+      const proofPath = path.join(process.cwd(), '.validation-proof.json');
+
+      if (!fs.existsSync(proofPath)) {
+        console.warn('Validation proof not found:', proofPath);
+        return null;
+      }
+
+      const proofData = fs.readFileSync(proofPath, 'utf8');
+      const proof = JSON.parse(proofData);
+
+      // Basic validation
+      if (!proof.validationProof || !proof.validationData) {
+        console.warn('Invalid validation proof format');
+        return null;
+      }
+
+      console.log('✓ Validation proof loaded:', proof.validationProof.substring(0, 16) + '...');
+      return proof;
+
+    } catch (error) {
+      console.warn('Failed to load validation proof:', error.message);
+      return null;
+    }
+  }
+
   /**
    * Get wrapper status
    */