@sanctuary-framework/mcp-server 1.2.0 → 1.2.1

package/dist/cli.cjs

@@ -398,23 +398,44 @@ var init_random = __esm({
   "src/core/random.ts"() {
   }
 });
-var FilesystemStorage;
+function bijectiveEncode(name) {
+  return name.replace(
+    SAFE_CHARS,
+    (ch) => "!" + ch.charCodeAt(0).toString(16).padStart(2, "0").toUpperCase()
+  );
+}
+function legacyNamespaceSanitize(name) {
+  return name.replace(/[^a-zA-Z0-9_-]/g, "_");
+}
+function legacyKeySanitize(name) {
+  return name.replace(/[^a-zA-Z0-9_.-]/g, "_");
+}
+var SAFE_CHARS, FilesystemStorage;
 var init_filesystem = __esm({
   "src/storage/filesystem.ts"() {
     init_random();
+    SAFE_CHARS = /[^A-Za-z0-9_.\-]/g;
     FilesystemStorage = class {
       basePath;
       constructor(basePath) {
         this.basePath = basePath;
       }
       entryPath(namespace, key) {
-        const safeNamespace = namespace.replace(/[^a-zA-Z0-9_-]/g, "_");
-        const safeKey = key.replace(/[^a-zA-Z0-9_.-]/g, "_");
+        const safeNamespace = bijectiveEncode(namespace);
+        const safeKey = bijectiveEncode(key);
         return path.join(this.basePath, safeNamespace, `${safeKey}.enc`);
       }
       namespacePath(namespace) {
-        const safeNamespace = namespace.replace(/[^a-zA-Z0-9_-]/g, "_");
-        return path.join(this.basePath, safeNamespace);
+        return path.join(this.basePath, bijectiveEncode(namespace));
+      }
+      // Legacy on-disk paths produced by the pre-#41 sanitizer. Returned for
+      // ENOENT-fallback in read/exists/delete; never written to.
+      legacyEntryPath(namespace, key) {
+        return path.join(
+          this.basePath,
+          legacyNamespaceSanitize(namespace),
+          `${legacyKeySanitize(key)}.enc`
+        );
       }
       async write(namespace, key, data) {
         const dirPath = this.namespacePath(namespace);
@@ -423,7 +444,13 @@ var init_filesystem = __esm({
         await promises.writeFile(filePath, data, { mode: 384 });
       }
       async read(namespace, key) {
-        const filePath = this.entryPath(namespace, key);
+        const buf = await this.readAtPath(this.entryPath(namespace, key));
+        if (buf !== null) return buf;
+        const legacy = this.legacyEntryPath(namespace, key);
+        if (legacy === this.entryPath(namespace, key)) return null;
+        return this.readAtPath(legacy);
+      }
+      async readAtPath(filePath) {
         try {
           const buf = await promises.readFile(filePath);
           return new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);
@@ -435,7 +462,13 @@ var init_filesystem = __esm({
         }
       }
       async delete(namespace, key, secureOverwrite = true) {
-        const filePath = this.entryPath(namespace, key);
+        const newPath = this.entryPath(namespace, key);
+        if (await this.deleteAtPath(newPath, secureOverwrite)) return true;
+        const legacy = this.legacyEntryPath(namespace, key);
+        if (legacy === newPath) return false;
+        return this.deleteAtPath(legacy, secureOverwrite);
+      }
+      async deleteAtPath(filePath, secureOverwrite) {
         try {
           if (secureOverwrite) {
             const fileStat = await promises.stat(filePath);
@@ -481,12 +514,19 @@ var init_filesystem = __esm({
         }
       }
       async exists(namespace, key) {
-        const filePath = this.entryPath(namespace, key);
+        const newPath = this.entryPath(namespace, key);
         try {
-          await promises.stat(filePath);
+          await promises.stat(newPath);
           return true;
         } catch {
-          return false;
+          const legacy = this.legacyEntryPath(namespace, key);
+          if (legacy === newPath) return false;
+          try {
+            await promises.stat(legacy);
+            return true;
+          } catch {
+            return false;
+          }
         }
       }
       async totalSize() {
@@ -843,6 +883,14 @@ var init_identity = __esm({
     init_random();
   }
 });
+
+// src/core/key-derivation.ts
+var key_derivation_exports = {};
+__export(key_derivation_exports, {
+  deriveMasterKey: () => deriveMasterKey,
+  deriveNamespaceKey: () => deriveNamespaceKey,
+  derivePurposeKey: () => derivePurposeKey
+});
 async function deriveMasterKey(passphrase, existingParams) {
   const salt = existingParams ? fromBase64url(existingParams.salt) : generateSalt();
   const params = existingParams ?? {
@@ -1503,6 +1551,11 @@ var init_router = __esm({
 });
 
 // src/l1-cognitive/tools.ts
+var tools_exports = {};
+__export(tools_exports, {
+  IdentityManager: () => IdentityManager,
+  createL1Tools: () => createL1Tools
+});
 function getReservedNamespaceViolation(namespace) {
   for (const prefix of RESERVED_NAMESPACE_PREFIXES2) {
     if (namespace === prefix || namespace.startsWith(prefix + "/")) {
@@ -4881,6 +4934,35 @@ var init_types = __esm({
   }
 });
 
+// src/mesh/constants.ts
+function isReservedEventType(s) {
+  return RESERVED_EVENT_TYPE_PREFIXES.some((p) => s.startsWith(p));
+}
+function isReservedExtensionKey(k) {
+  return RESERVED_EXTENSION_ENVELOPE_KEYS.includes(k);
+}
+var PROTOCOL_VERSION, SIGNATURE_SCHEME_V1, RESERVED_EVENT_TYPE_PREFIXES, RESERVED_EXTENSION_ENVELOPE_KEYS;
+var init_constants = __esm({
+  "src/mesh/constants.ts"() {
+    PROTOCOL_VERSION = "0.1";
+    SIGNATURE_SCHEME_V1 = "ed25519-v1";
+    RESERVED_EVENT_TYPE_PREFIXES = [
+      "EXTENSION_",
+      "cross_fortress_",
+      "multi_master_"
+    ];
+    RESERVED_EXTENSION_ENVELOPE_KEYS = [
+      "cross_fortress_read_grant",
+      "cross_fortress_read_query",
+      "cross_fortress_read_response",
+      "multi_master_policy_merge",
+      "audit_replication_full_n_way",
+      "auto_promote_canonical_audit",
+      "agent_live_migration"
+    ];
+  }
+});
+
 // src/shr/generator.ts
 function deriveL4Degradations(evidence, now = /* @__PURE__ */ new Date()) {
   const out = [];
@@ -5029,6 +5111,7 @@ function generateSHR(identityId, opts) {
   return {
     body,
     signed_by: identity.public_key,
+    signature_scheme: SIGNATURE_SCHEME_V1,
     signature: toBase64url(signatureBytes)
   };
 }
@@ -5039,6 +5122,7 @@ var init_generator = __esm({
     init_identity();
     init_encoding();
     init_key_derivation();
+    init_constants();
     DEFAULT_VALIDITY_MS = 60 * 60 * 1e3;
     DEFAULT_FRESHNESS_WINDOW_DAYS = 30;
     DEFAULT_LOW_TIER_DOMINANCE_THRESHOLD = 0.6;
@@ -7277,14 +7361,14 @@ function generateDashboardHTML(options) {
       // cookie (set by /auth/session and sent automatically by the
       // browser) or as a ?session= query parameter, both of which Stack
       // A's checkAuth honours. Loopback callers also bypass auth via the
-      // v0.10.2 _autoAuthLocalhost path, which is the path moltbook
+      // v0.10.2 _autoAuthLocalhost path, which is the path Mini1
       // hits when the dashboard is auto-opened on 127.0.0.1.
       //
       // The endpoint itself is /events \u2014 Stack A's route table mounts it
       // there, and the previous /api/events URL was a 404 in every real
       // boot from v0.10.0 through v0.10.4. The retry loop that result
       // produced is exactly the "status bar flashing blue continuously"
-      // moltbook reported on v0.10.4.
+      // Mini1 reported on v0.10.4.
       const eventSource = new EventSource(API_BASE + '/events');
 
       eventSource.addEventListener('init', (e) => {
@@ -10309,8 +10393,8 @@ var init_html = __esm({
 function isPolicySlot(value) {
   return typeof value === "string" && POLICY_SLOTS.includes(value);
 }
-var COMPILED_POLICY_SCHEMA_VERSION, POLICY_UPDATE_EVENT_TYPE, POLICY_SLOTS, CHANNEL_TEMPLATE_IDS, COUNTERPARTY_WILDCARD, BUDGET_UNITS;
-var init_constants = __esm({
+var COMPILED_POLICY_SCHEMA_VERSION, POLICY_UPDATE_EVENT_TYPE, POLICY_SLOTS, CHANNEL_TEMPLATE_IDS, BUDGET_UNITS;
+var init_constants2 = __esm({
   "src/policy-engine/constants.ts"() {
     COMPILED_POLICY_SCHEMA_VERSION = "0.1";
     POLICY_UPDATE_EVENT_TYPE = "policy_update";
@@ -10325,10 +10409,8 @@ var init_constants = __esm({
       "read-then-report",
       "scheduled-digest",
       "plan-draft-only",
-      "fortress-relay",
-      "concierge-loop"
+      "fortress-relay"
     ];
-    COUNTERPARTY_WILDCARD = "*";
     BUDGET_UNITS = ["tokens", "usd"];
   }
 });
@@ -10484,7 +10566,11 @@ function resolveTemplatesDir() {
   const thisFile = url.fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('cli.cjs', document.baseURI).href)));
   const thisDir = path.dirname(thisFile);
   if (thisDir.includes("/dist/")) {
-    return thisDir.replace("/dist/templates", "/src/templates");
+    const srcFallback = thisDir.replace("/dist/templates", "/src/templates");
+    if (fs.existsSync(path.join(thisDir, TEMPLATE_NAMES[0]))) {
+      return thisDir;
+    }
+    return srcFallback;
   }
   return thisDir;
 }
@@ -10551,7 +10637,7 @@ function getTemplateEntry(name) {
 var TEMPLATE_NAMES, TemplateValidationError, _cache;
 var init_registry = __esm({
   "src/templates/registry.ts"() {
-    init_constants();
+    init_constants2();
     TEMPLATE_NAMES = [
       "research-assistant",
       "coding-assistant",
@@ -10705,10 +10791,10 @@ function applyChannelTemplate(id, params) {
   if (!entry) throw new Error(`unknown channel template: ${id}`);
   return entry.factory(params);
 }
-var requestApproveAct, readThenReport, scheduledDigest, planDraftOnly, fortressRelay, conciergeLoop, REGISTRY;
+var requestApproveAct, readThenReport, scheduledDigest, planDraftOnly, fortressRelay, REGISTRY;
 var init_channel_templates = __esm({
   "src/policy-engine/channel-templates.ts"() {
-    init_constants();
+    init_constants2();
     init_null_policy();
     requestApproveAct = (params) => {
       const p = basePolicy(params);
@@ -10791,23 +10877,6 @@ var init_channel_templates = __esm({
       setRetentionDays(p, 90);
       return p;
     };
-    conciergeLoop = (params) => {
-      const p = basePolicy(params);
-      p.source_english = "Bidirectional Q&A with the operator. Reads local fortress state; never writes outward.";
-      grantOn(p, "memory", {
-        counterparty: params.counterparty,
-        action: "read",
-        scope: { local_fortress_state_only: true, ...params.scope ?? {} }
-      });
-      grantOn(p, "outputs", {
-        counterparty: params.counterparty || COUNTERPARTY_WILDCARD,
-        action: "read",
-        scope: { operator_chat_only: true, ...params.scope ?? {} }
-      });
-      p.egress = { allowlist: [] };
-      setRetentionDays(p, 14);
-      return p;
-    };
     REGISTRY = {
       "request-approve-act": {
         id: "request-approve-act",
@@ -10843,13 +10912,6 @@ var init_channel_templates = __esm({
         label: "Fortress relay",
         description: "Routes signed events between peer fortresses. Commits bind only when both sides sign.",
         factory: fortressRelay
-      },
-      "concierge-loop": {
-        id: "concierge-loop",
-        severity: "LOW",
-        label: "Concierge loop",
-        description: "Bidirectional Q&A with the operator. Reads local fortress state; never writes outward.",
-        factory: conciergeLoop
       }
     };
   }
@@ -10919,8 +10981,14 @@ function encode(value) {
 }
 function encodeArray(arr) {
   const parts = [];
-  for (const item of arr) {
-    parts.push(item === void 0 ? "null" : encode(item));
+  for (let i = 0; i < arr.length; i++) {
+    const item = arr[i];
+    if (item === void 0) {
+      throw new MeshCanonicalJsonError(
+        `canonicalize(): undefined is not a valid JSON value at array index ${i}`
+      );
+    }
+    parts.push(encode(item));
   }
   return "[" + parts.join(",") + "]";
 }
@@ -11238,45 +11306,17 @@ var init_canonical_policy = __esm({
   "src/policy-engine/canonical-policy.ts"() {
     init_canonical_json();
     init_encoding();
-    init_constants();
+    init_constants2();
     init_errors2();
   }
 });
-
-// src/mesh/constants.ts
-function isReservedEventType(s) {
-  return RESERVED_EVENT_TYPE_PREFIXES.some((p) => s.startsWith(p));
-}
-function isReservedExtensionKey(k) {
-  return RESERVED_EXTENSION_ENVELOPE_KEYS.includes(k);
-}
-var PROTOCOL_VERSION, RESERVED_EVENT_TYPE_PREFIXES, RESERVED_EXTENSION_ENVELOPE_KEYS;
-var init_constants2 = __esm({
-  "src/mesh/constants.ts"() {
-    PROTOCOL_VERSION = "0.1";
-    RESERVED_EVENT_TYPE_PREFIXES = [
-      "EXTENSION_",
-      "cross_fortress_",
-      "multi_master_"
-    ];
-    RESERVED_EXTENSION_ENVELOPE_KEYS = [
-      "cross_fortress_read_grant",
-      "cross_fortress_read_query",
-      "cross_fortress_read_response",
-      "multi_master_policy_merge",
-      "audit_replication_full_n_way",
-      "auto_promote_canonical_audit",
-      "agent_live_migration"
-    ];
-  }
-});
 var init_trust_root = __esm({
   "src/mesh/trust-root.ts"() {
     init_encoding();
     init_identity();
     init_random();
     init_canonical_json();
-    init_constants2();
+    init_constants();
     init_errors();
   }
 });
@@ -11329,7 +11369,7 @@ var init_envelope = __esm({
     init_encoding();
     init_random();
     init_canonical_json();
-    init_constants2();
+    init_constants();
     init_errors();
     init_trust_root();
   }
@@ -11359,7 +11399,7 @@ function packPolicyUpdate(params) {
 }
 var init_envelope2 = __esm({
   "src/policy-engine/envelope.ts"() {
-    init_constants();
+    init_constants2();
     init_canonical_policy();
     init_errors2();
     init_envelope();
@@ -11493,7 +11533,7 @@ function initTemplate(params) {
 var init_init = __esm({
   "src/templates/init.ts"() {
     init_channel_templates();
-    init_constants();
+    init_constants2();
     init_canonical_policy();
     init_envelope2();
     init_registry();
@@ -11771,7 +11811,7 @@ function deriveMachineKey(home) {
   return hkdf.hkdf(sha256.sha256, material, void 0, "sanctuary-passphrase-v1", 32);
 }
 async function defaultExec(cmd, args, input) {
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     const child = child_process.spawn(cmd, args, { stdio: ["pipe", "pipe", "pipe"] });
     let stdout = "";
     let stderr = "";
@@ -11782,7 +11822,7 @@ async function defaultExec(cmd, args, input) {
       stderr += d.toString();
     });
     child.on("error", reject);
-    child.on("close", (code) => resolve5({ stdout, stderr, code }));
+    child.on("close", (code) => resolve6({ stdout, stderr, code }));
     if (input !== void 0) {
       child.stdin.write(input);
     }
@@ -12904,7 +12944,7 @@ async function api(path, opts) {
   // /policies, /activity responses on subsequent GETs even when the
   // server-side state has changed (e.g. recent-failures buffer cleared
   // on substrate flip). The pre-rc.5 client used bare fetch with no
-  // cache control, which on moltbook Safari produced a stale view of
+  // cache control, which on Mini1 Safari produced a stale view of
   // server state and made the operator-visible badge color stick to
   // its prior value across substrate changes. Belt + suspenders:
   // cache: "no-store" turns off the response cache; the _t query
@@ -13066,12 +13106,6 @@ const CHANNEL_TEMPLATES = [
     severity: "MEDIUM",
     title: "Fortress relay",
     description: "Routes signed events between peer fortresses. Commits bind only when both sides sign."
-  },
-  {
-    id: "concierge-loop",
-    severity: "LOW",
-    title: "Concierge loop",
-    description: "Bidirectional Q&A with the operator. Reads local fortress state; never writes outward."
   }
 ];
 
@@ -13118,6 +13152,24 @@ function setRoute(route) {
   renderFortress();
 }
 
+// Renders the global attestation badge (Q1 layer 1, persistent across
+// surfaces). Tone is driven by state.topbarPills.attestation. Pending
+// state shows a dashed seal ring; verified shows solid; degraded shows
+// outlined core; unverified shows the broken-seal mark. Observation
+// language only; Castle Layer 1 enforcement ships in WP-V1.x-CASTLE-WALL.
+function renderTopbarAttestationBadge(stateName) {
+  const valid = stateName === "verified" || stateName === "degraded" || stateName === "unverified" || stateName === "pending";
+  const cls = valid ? stateName : "pending";
+  const ringDashed = cls === "pending" ? " dashed" : "";
+  return '<span class="att-global ' + cls + '" data-pill="attestation" title="Fortress attestation">' +
+    '<span class="seal">' +
+      '<span class="seal-ring' + ringDashed + '"></span>' +
+      '<span class="seal-core"></span>' +
+    '</span>' +
+    '<span class="label">' + escHtml(cls) + '</span>' +
+  '</span>';
+}
+
 function renderTopbar() {
   const pillEl = document.getElementById("topbar-pills");
   if (!pillEl) return;
@@ -13134,7 +13186,7 @@ function renderTopbar() {
     versionPill,
     '<span class="pill" data-pill="deployment">deployment: ' + escHtml(state.topbarPills.deployment) + '</span>',
     '<span class="pill" data-pill="mode">mode: ' + escHtml(state.topbarPills.mode) + '</span>',
-    '<span class="pill tone-' + escHtml(state.topbarPills.attestation) + '" data-pill="attestation">attestation: ' + escHtml(state.topbarPills.attestation) + '</span>'
+    renderTopbarAttestationBadge(state.topbarPills.attestation)
   ].join("");
   // Lockdown button three-state UX (binding addendum 3).
   const btn = document.getElementById("btn-lockdown");
@@ -13230,6 +13282,7 @@ function renderMain() {
     case "agent-detail": nextHtml = renderAgentDetail(); break;
     case "policy": nextHtml = renderPolicyCenter(); break;
     case "intelligence": nextHtml = renderIntelligenceCenter(); break;
+    case "attestation": nextHtml = renderAttestation(); break;
     case "privacy": nextHtml = renderPrivacyPage(); break;
     case "coordination": nextHtml = renderCoordinationPage(); break;
     case "health": nextHtml = renderHealthPage(); break;
@@ -13308,9 +13361,9 @@ function renderMain() {
 //   "Concierge unavailable; substrate not configured") sourced from the
 //   last response's served_by + display_label.
 const CONCIERGE_SUGGESTIONS = [
-  { id: "summarize-hour", label: "summarize the last hour", query: "Summarize what happened in this fortress in the last hour." },
-  { id: "agent-touched", label: "what has each agent touched today", query: "What has each wrapped agent done today? Group by agent." },
-  { id: "open-approvals", label: "any open approvals?", query: "Are there any open Tier 1 approvals or pending inbox items I should look at?" }
+  { id: "summarize-hour", category: "Summarize", label: "summarize the last hour", query: "Summarize what happened in this fortress in the last hour." },
+  { id: "agent-touched", category: "Inspect", label: "what has each agent touched today", query: "What has each wrapped agent done today? Group by agent." },
+  { id: "open-approvals", category: "Approvals", label: "any open approvals?", query: "Are there any open Tier 1 approvals or pending inbox items I should look at?" }
 ];
 
 // Direct-agent chat surface was removed in the v1.2 reshape; the
@@ -13327,59 +13380,316 @@ function renderDashboardConcierge() {
   const badge = c.badge && c.badge.displayLabel
     ? '<span class="pill mono concierge-badge" title="Substrate that served the most recent response">' + escHtml(c.badge.displayLabel) + '</span>'
     : '<span class="pill muted concierge-badge">Concierge: substrate not yet contacted</span>';
-  const messages = c.messages.length
+  const sendDisabled = c.sending ? ' disabled' : '';
+  const sendLabel = c.sending ? 'Sending...' : 'Send';
+  // Sprint Piece 2 PR 2: empty state lives INSIDE the concierge-history
+  // container so the DDD e2e selector .concierge-history matches both
+  // empty and active state. The container's flex layout hosts a single
+  // .concierge-empty child that fills the available height with a serif
+  // headline and a 3-up suggest grid; the grid replaces the v1.2 bottom
+  // chip row, which is retired with this polish.
+  const emptyState =
+    '<div class="concierge-empty">' +
+      '<div class="concierge-empty-headline">' +
+        '<h2>Where would you like to begin.</h2>' +
+        '<p>Ask anything about your fortress. Sanctuary holds your context, your agents, your policy. It will answer plainly, or hand you to the right surface.</p>' +
+      '</div>' +
+      '<div class="concierge-suggest-grid">' +
+        CONCIERGE_SUGGESTIONS.map(function (s) {
+          return '<button class="concierge-suggest" data-action="concierge-suggestion" data-suggestion-id="' + escHtml(s.id) + '"' + sendDisabled + '>' +
+            '<span class="label">' + escHtml(s.category || '') + '</span>' +
+            escHtml(s.label) +
+            '</button>';
+        }).join("") +
+      '</div>' +
+    '</div>';
+  const messagesHtml = c.messages.length
     ? c.messages.map(function (m) {
         const cls = m.role === "operator" ? "concierge-msg-operator" : "concierge-msg-concierge";
-        const author = m.role === "operator" ? "you" : "Sanctuary Fortress concierge";
+        const authorLabel = m.role === "operator" ? "you" : "sanctuary";
+        const metaParts = [];
+        if (m.created_at) metaParts.push(escHtml(shortTime(m.created_at)));
+        if (m.role === "concierge" && m.served_by) metaParts.push('substrate: ' + escHtml(m.served_by));
+        const meta = metaParts.length
+          ? '<div class="concierge-msg-meta"><span>' + metaParts.join(' · ') + '</span></div>'
+          : '';
         return '<div class="concierge-msg ' + cls + '">' +
-          '<div class="concierge-msg-author muted">' + escHtml(author) + ' · ' + escHtml(shortTime(m.created_at)) + '</div>' +
+          '<span class="concierge-msg-author">' + escHtml(authorLabel) + '</span>' +
           '<div class="concierge-msg-body">' + escHtml(m.body) + '</div>' +
+          meta +
           '</div>';
       }).join("\n")
-    : '<p class="muted concierge-empty">No messages yet. Ask the concierge anything about your fortress: it can summarize agent activity, surface open approvals, or describe the current policy.</p>';
+    : emptyState;
   const errorBanner = c.error
     ? '<div class="banner banner-warn">' + escHtml(c.error) + '</div>'
     : "";
-  const sendDisabled = c.sending ? ' disabled' : '';
-  const sendLabel = c.sending ? 'Sending...' : 'Send';
-  const chips = CONCIERGE_SUGGESTIONS.map(function (s) {
-    return '<button class="btn chip" data-action="concierge-suggestion" data-suggestion-id="' + escHtml(s.id) + '"' + sendDisabled + '>' + escHtml(s.label) + '</button>';
-  }).join("\n");
   const activeChatsPanel = renderActiveChatsPanel();
   return [
-    '<h1>Chat <span class="muted">/ This fortress</span></h1>',
-    activeChatsPanel,
-    '<div class="card concierge-card">',
-      '<div class="concierge-header">',
-        '<div class="concierge-persona"><strong>Sanctuary Fortress concierge</strong> <span class="muted">read-only over fortress state</span></div>',
-        badge,
+    '<div class="concierge-wrap">',
+      '<div class="page-head"><div>',
+        '<p class="eyebrow">Concierge</p>',
+        '<h1>Talk to your fortress.</h1>',
+        '<p class="sub">A direct line to Sanctuary, routed through the substrate you chose. Nothing leaves without your hand on it.</p>',
+      '</div></div>',
+      activeChatsPanel,
+      '<div class="card concierge-card">',
+        '<div class="concierge-header">',
+          '<div class="concierge-persona">',
+            '<div class="glyph-ring"></div>',
+            '<div class="concierge-persona-text"><strong>Sanctuary Fortress concierge</strong><small>read-only over fortress state</small></div>',
+          '</div>',
+          '<div class="concierge-meta">' + badge + '</div>',
+        '</div>',
+        errorBanner,
+        '<div class="concierge-history" id="concierge-history">' + messagesHtml + '</div>',
+        '<form class="concierge-composer" data-action="concierge-submit">',
+          '<div class="input-wrap">',
+            '<input type="text" name="concierge-input" placeholder="Type to Sanctuary. Enter to send." value="' + escHtml(c.composer) + '" data-action="concierge-input"' + sendDisabled + ' autocomplete="off">',
+            '<span class="composer-meta">Enter</span>',
+          '</div>',
+          '<button type="submit" class="btn btn-primary" data-action="concierge-send"' + sendDisabled + '>' + escHtml(sendLabel) + '</button>',
+        '</form>',
+        '<p class="muted concierge-foot">First time? <a href="#intelligence">Pick a substrate</a> to enable concierge replies.</p>',
       '</div>',
-      errorBanner,
-      '<div class="concierge-history" id="concierge-history">' + messages + '</div>',
-      '<form class="concierge-composer" data-action="concierge-submit">',
-        '<input type="text" name="concierge-input" placeholder="Ask the concierge about this fortress..." value="' + escHtml(c.composer) + '" data-action="concierge-input"' + sendDisabled + ' autocomplete="off">',
-        '<button type="submit" class="btn btn-primary" data-action="concierge-send"' + sendDisabled + '>' + escHtml(sendLabel) + '</button>',
-      '</form>',
-      '<div class="concierge-chips">' + chips + '</div>',
-      '<p class="muted concierge-foot">First time? <a href="#intelligence">Pick a substrate</a> to enable concierge replies.</p>',
     '</div>'
   ].join("");
 }
 
 // ── Render: agents list / detail ───────────────────────────────────────
+//
+// Sprint Piece 2 PR 4 polish: empty state uses .agents-empty with the
+// concentric icon-frame + a terminal-block CTA. Populated state uses the
+// .agents-layout grid with the .agents-list 4-column table (Agent /
+// State / Attestation / Last seen). The empty-state branch keeps the
+// literal '<h1>Agents</h1>' start and the "No wrapped agents yet." copy
+// because agents-empty-state-canary.test.ts pins both.
+function agentInitials(agentId) {
+  const tail = String(agentId || "").split(":").pop() || "";
+  const cleaned = tail.replace(/[^a-zA-Z0-9]/g, "");
+  return (cleaned.slice(0, 2) || "??").toUpperCase();
+}
+function agentStateClass(status) {
+  if (status === "active") return "live";
+  if (status === "locked_down" || status === "error") return "off";
+  return "idle";
+}
+// Per-agent attestation badge (Q1 layer 2). Square chip beside each
+// agent: a bounded glyph beside a bounded entity. Color and fill pattern
+// carry meaning together so the badge reads even monochrome. The "locked"
+// status maps to the unverified visual (rust + hatched mark) since a
+// locked-down agent has no current attestation; the inspect-pane copy
+// explains the distinction. Pure visual surface; no state derivation.
+function renderAgentAttestationBadge(status) {
+  let cls;
+  let label;
+  if (status === "active") { cls = "verified"; label = "verified"; }
+  else if (status === "locked_down") { cls = "unverified"; label = "locked"; }
+  else if (status === "error") { cls = "unverified"; label = "unverified"; }
+  else { cls = "degraded"; label = "degraded"; }
+  return '<span class="att-agent ' + cls + '" title="Agent attestation"><span class="mark"></span>' + escHtml(label) + '</span>';
+}
+// Per-action attestation tick (Q1 layer 3). Tiny inline shape on every
+// timeline row. Two-byte signature fragment is enough at low resolution;
+// the full signature is one click away. Neutral state shows a circle
+// instead of a tick when the signer was unreachable; the action is still
+// recorded. Visual surface only.
+function renderActionAttestationBadge(stateName, sig) {
+  const valid = stateName === "verified" || stateName === "degraded" || stateName === "unverified" || stateName === "neutral";
+  const cls = valid ? stateName : "neutral";
+  const sigText = sig ? String(sig) : "--";
+  return '<span class="att-action ' + cls + '" title="Action attestation">' +
+    '<span class="tick"></span>' +
+    '<span>' + escHtml(sigText) + '</span>' +
+  '</span>';
+}
+// Attestation gallery surface (Q1 four classes: global / per-agent /
+// per-action / per-transaction custody-provenance stub). Reference for
+// operators: shows what each badge looks like across verified, degraded,
+// unverified, and (where applicable) pending or neutral states. Pure
+// visual; no derivation, no live data. Castle Layer 3 cooperative-MCP UX
+// surface; Castle Layer 1 enforcement ships in WP-V1.x-CASTLE-WALL.
+function renderAttestation() {
+  return '<div class="att-gallery">' +
+    '<div class="page-head"><div>' +
+      '<p class="eyebrow">Attestation</p>' +
+      '<h1>Four classes of badge.</h1>' +
+      '<p class="sub">A signature you can see. From the whole fortress, down to a single action. Degrade, never destroy: a failed signature becomes neutral with a tooltip; the surface keeps working.</p>' +
+    '</div></div>' +
+    // Global
+    '<div class="att-section">' +
+      '<div class="att-section-head"><div>' +
+        '<h2>Global. The fortress itself.</h2>' +
+        '<p>Lives in the topbar. Visible on every surface. Tells you the fortress identity is currently signed and matches the binary you installed.</p>' +
+      '</div><span class="label">topbar</span></div>' +
+      attRow(renderTopbarAttestationBadge("verified"), "Verified", "Identity matches. Binary matches. Default state for a healthy fortress.") +
+      attRow(renderTopbarAttestationBadge("degraded"), "Degraded", "The signature is older than the staleness window, or one of two co-signers is unreachable. The fortress keeps running.") +
+      attRow(renderTopbarAttestationBadge("unverified"), "Unverified", "The signature did not validate. The surface still works; lockdown is still available; the badge tells you to investigate.") +
+      attRow(renderTopbarAttestationBadge("pending"), "Pending", "First-run state. Fortress is signing for the first time. Settles in seconds.") +
+    '</div>' +
+    // Per-agent
+    '<div class="att-section">' +
+      '<div class="att-section-head"><div>' +
+        '<h2>Per-agent. In the agents list and inspect pane.</h2>' +
+        '<p>A square chip beside each agent. Square because an agent is bounded; the fortress (a circle) contains it.</p>' +
+      '</div><span class="label">agents view</span></div>' +
+      '<div class="att-row">' +
+        '<div class="demo" style="display:flex; gap:8px; flex-wrap:wrap;">' +
+          renderAgentAttestationBadge("active") +
+          renderAgentAttestationBadgeForState("degraded", "degraded") +
+          renderAgentAttestationBadgeForState("unverified", "unverified") +
+        '</div>' +
+        '<div class="desc"><strong>Verified, degraded, unverified</strong>' +
+          '<small>Color and the fill pattern carry meaning together. A solid square reads "attested" at a glance; a hatched square reads "trouble" at a glance, even monochrome.</small>' +
+        '</div>' +
+      '</div>' +
+    '</div>' +
+    // Per-action
+    '<div class="att-section">' +
+      '<div class="att-section-head"><div>' +
+        '<h2>Per-action. Inline in the activity timeline.</h2>' +
+        '<p>Each entry in any timeline carries a small signature fragment. Hover to expand. A tick instead of a fill keeps the row visually quiet at low resolution.</p>' +
+      '</div><span class="label">timeline</span></div>' +
+      '<div class="att-row">' +
+        '<div class="demo" style="display:flex; gap:10px; flex-wrap:wrap; align-items:center;">' +
+          '<span style="font-size:13px; color:var(--ink-2);">14:22:08 doc-reviewer summarized intake.pdf</span>' +
+          renderActionAttestationBadge("verified", "9c7d..2a") +
+        '</div>' +
+        '<div class="desc"><strong>Verified action</strong>' +
+          '<small>The most common shape. Two-byte signature fragment is enough; the full signature is one click away.</small>' +
+        '</div>' +
+      '</div>' +
+      '<div class="att-row">' +
+        '<div class="demo" style="display:flex; gap:10px; align-items:center;">' +
+          '<span style="font-size:13px; color:var(--ink-2);">14:11:47 privacy filter redacted payload</span>' +
+          renderActionAttestationBadge("degraded", "b440..71") +
+        '</div>' +
+        '<div class="desc"><strong>Degraded action</strong>' +
+          '<small>The action signed, but the signature class was less than the policy preferred. Useful when a substrate is still warming up.</small>' +
+        '</div>' +
+      '</div>' +
+      '<div class="att-row">' +
+        '<div class="demo" style="display:flex; gap:10px; align-items:center;">' +
+          '<span style="font-size:13px; color:var(--ink-2);">14:09:02 agent attempted external link</span>' +
+          renderActionAttestationBadge("neutral", "--") +
+        '</div>' +
+        '<div class="desc"><strong>Neutral. Degrade, not destroy.</strong>' +
+          '<small>The signer was unreachable. Rather than hide the action, the badge becomes neutral and a tooltip explains. The action is still recorded.</small>' +
+        '</div>' +
+      '</div>' +
+    '</div>' +
+    // Custody stub
+    '<div class="att-section">' +
+      '<div class="att-section-head"><div>' +
+        '<h2>Custody. Stub for v1.x.</h2>' +
+        '<p>A fourth class, surfaced conservatively. Reserved for forthcoming custody-provenance signatures (x402 payment receipts, ERC-8004 identity assertions). Visible, dashed, clearly stubbed.</p>' +
+      '</div><span class="label">stub</span></div>' +
+      '<div class="att-row">' +
+        '<div class="demo">' +
+          '<span class="att-custody" title="Custody-provenance, v1.x">' +
+            '<span class="seal-stub"></span>' +
+            '<span class="stub-tag">custody. stub</span>' +
+          '</span>' +
+        '</div>' +
+        '<div class="desc"><strong>Custody. Stub.</strong>' +
+          '<small>Dashed border signals "shape reserved, content pending." Will populate when custody signatures land in a future release. Cannot be confused with a verified badge at any zoom level.</small>' +
+        '</div>' +
+      '</div>' +
+    '</div>' +
+    // Tooltip
+    '<div class="att-section">' +
+      '<div class="att-section-head"><div>' +
+        '<h2>Tooltip on failure.</h2>' +
+        '<p>A failed badge is never silent. The tooltip explains in plain language, suggests one action, and confirms the surface is still working.</p>' +
+      '</div><span class="label">degrade not destroy</span></div>' +
+      '<div class="att-row">' +
+        '<div class="demo">' +
+          '<span class="att-tooltip">The signer at sig.fortress.local did not respond in 4s. Your fortress kept working. Try: open Health to see the signer status.</span>' +
+        '</div>' +
+        '<div class="desc"><strong>Plain-language tooltip</strong>' +
+          '<small>Three lines, in order: what happened, what did not break, what to do. No jargon, no stack trace.</small>' +
+        '</div>' +
+      '</div>' +
+    '</div>' +
+  '</div>';
+}
+function attRow(demoHtml, strong, smallText) {
+  return '<div class="att-row">' +
+    '<div class="demo">' + demoHtml + '</div>' +
+    '<div class="desc"><strong>' + escHtml(strong) + '</strong>' +
+      '<small>' + escHtml(smallText) + '</small>' +
+    '</div>' +
+  '</div>';
+}
+// Gallery-only variant: render a per-agent badge for a given visual state
+// (verified / degraded / unverified) without going through the agent
+// status mapping. Used by renderAttestation to show all three states
+// side by side as design reference.
+function renderAgentAttestationBadgeForState(cls, label) {
+  return '<span class="att-agent ' + escHtml(cls) + '" title="Agent attestation"><span class="mark"></span>' + escHtml(label) + '</span>';
+}
+function relTimeFromIso(iso) {
+  if (!iso) return "";
+  const d = new Date(iso);
+  if (isNaN(d.getTime())) return iso;
+  const diffMs = Date.now() - d.getTime();
+  const diffSec = Math.max(0, Math.floor(diffMs / 1000));
+  if (diffSec < 60) return diffSec + "s ago";
+  const diffMin = Math.floor(diffSec / 60);
+  if (diffMin < 60) return diffMin + "m ago";
+  const diffHr = Math.floor(diffMin / 60);
+  if (diffHr < 24) return diffHr + "h ago";
+  const diffDay = Math.floor(diffHr / 24);
+  return diffDay + "d ago";
+}
 function renderAgentsList() {
-  if (!state.agents.length) return '<h1>Agents</h1><p class="muted">No wrapped agents yet. Run <code>sanctuary wrap</code> to wrap a harness.</p>';
+  if (!state.agents.length) return '<h1>Agents</h1>' +
+    '<div class="agents-empty">' +
+      '<div class="icon-frame"><div class="core"></div></div>' +
+      '<h2>No wrapped agents yet.</h2>' +
+      '<p>Wrap an agent to give it a portable identity, a charter, and approval gates. Run <code>sanctuary wrap</code> in any project where your agent lives.</p>' +
+      '<div class="terminal-block"><span class="cmd"><span class="prompt">$</span>sanctuary wrap</span></div>' +
+    '</div>';
+  const count = state.agents.length;
+  const subCopy = count + ' wrapped. Click one to inspect its activity, policy, and pending approvals.';
   const rows = state.agents.map(function (a) {
     const map = STATUS_MAP[a.status] || STATUS_MAP.unknown;
-    const reason = a.status_reason_class ? (REASON_LABELS[a.status_reason_class] || "") : "";
-    return '<div class="row">' +
-      '<span class="glyph ' + map.glyph + '"></span>' +
-      '<div class="grow"><strong>' + escHtml(a.agent_id) + '</strong> <span class="muted mono">' + escHtml(a.harness) + '</span></div>' +
-      '<span class="pill" title="' + escHtml(reason) + '">' + escHtml(map.label) + '</span>' +
-      '<button class="btn" data-action="open-agent" data-agent-id="' + escHtml(a.agent_id) + '">Open</button>' +
+    const dotCls = agentStateClass(a.status);
+    const initials = agentInitials(a.agent_id);
+    const role = escHtml(a.harness) + (a.model_provider && a.model_provider.model_id ? ' · ' + escHtml(a.model_provider.model_id) : '');
+    const isSelected = state.selectedAgentId === a.agent_id;
+    return '<div class="agent-row' + (isSelected ? ' selected' : '') + '" data-action="open-agent" data-agent-id="' + escHtml(a.agent_id) + '" role="button" tabindex="0" title="Open inspect panel for ' + escHtml(a.agent_id) + '">' +
+      '<div class="agent-identity">' +
+        '<div class="agent-glyph">' + escHtml(initials) + '</div>' +
+        '<div class="agent-name">' +
+          '<strong>' + escHtml(a.agent_id) + '</strong>' +
+          '<small>' + role + '</small>' +
+        '</div>' +
+      '</div>' +
+      '<span class="agent-state">' +
+        '<span class="state-dot ' + dotCls + '"></span>' +
+        escHtml(map.label) +
+      '</span>' +
+      renderAgentAttestationBadge(a.status) +
+      '<span class="agent-last">' + escHtml(relTimeFromIso(a.last_activity_at)) + '</span>' +
       '</div>';
   }).join("\n");
-  return '<h1>Agents</h1><div class="card">' + rows + '</div>';
+  return '<div class="agents-wrap">' +
+    '<div class="page-head">' +
+      '<div>' +
+        '<p class="eyebrow">Agents</p>' +
+        '<h1>Agents.</h1>' +
+        '<p class="sub">' + escHtml(subCopy) + '</p>' +
+      '</div>' +
+    '</div>' +
+    '<div class="agents-layout">' +
+      '<div class="agents-list">' +
+        '<div class="agents-list-head">' +
+          '<span>Agent</span><span>State</span><span>Attestation</span><span>Last seen</span>' +
+        '</div>' +
+        rows +
+      '</div>' +
+    '</div>' +
+  '</div>';
 }
 
 function renderAgentDetail() {
@@ -13390,7 +13700,10 @@ function renderAgentDetail() {
   const timeline = events.length
     ? events.map(function (e) {
         const t = renderTemplate(e.display_template_id, e.display_template_args);
-        return '<div class="row"><span class="muted">' + escHtml(shortTime(e.emitted_at)) + '</span><span>' + escHtml(t) + '</span></div>';
+        const badgeHtml = e.attestation
+          ? ' ' + renderActionAttestationBadge(e.attestation.state, e.attestation.fragment)
+          : '';
+        return '<div class="row"><span class="muted">' + escHtml(shortTime(e.emitted_at)) + '</span><span>' + escHtml(t) + badgeHtml + '</span></div>';
       }).join("\n")
     : '<p class="muted">No activity yet.</p>';
   // WP-V1.2 reshape click-to-inspect surface. Clicking "Open inspect
@@ -13434,53 +13747,99 @@ function renderAgentInspectPanel(agent) {
     : "";
 
   // State 2: panel loaded.
+  // Sprint Piece 2 PR 4 polish: outer wrapper combines .card with
+  // .inspect-pane (sticky right rail, internal scroll, sectioned body).
+  // The .card class is preserved so the rendered surface keeps its
+  // shared card chrome; .inspect-pane overrides .card padding so the
+  // inspect-head and inspect-body control their own spacing per design.
   if (panel) {
+    const dotCls = agentStateClass(agent.status);
+    const stateMap = STATUS_MAP[agent.status] || STATUS_MAP.unknown;
     const activity = (panel.recent_activity || []).slice(0, 20);
     const activityHtml = activity.length
-      ? activity.map(function (e) {
+      ? '<div class="timeline">' +
+        activity.map(function (e) {
           const t = renderTemplate(e.display_template_id, e.display_template_args);
-          return '<div class="row"><span class="muted mono">' + escHtml(shortTime(e.emitted_at)) + '</span><span>' + escHtml(t) + '</span></div>';
-        }).join("\n")
+          const badgeHtml = e.attestation
+            ? renderActionAttestationBadge(e.attestation.state, e.attestation.fragment)
+            : '';
+          return '<div class="timeline-item ok">' +
+            '<div class="ts">' + escHtml(shortTime(e.emitted_at)) + '</div>' +
+            '<div class="what">' + escHtml(t) + '</div>' +
+            (badgeHtml ? '<div class="att">' + badgeHtml + '</div>' : '') +
+            '</div>';
+        }).join("") +
+        '</div>'
       : '<p class="muted">No recent activity for this agent.</p>';
 
     const approvals = panel.pending_approvals || [];
     const approvalsHtml = approvals.length
       ? approvals.map(function (item) {
           const promptText = renderTemplate(item.display_template_id, item.display_template_args);
-          return '<div class="row">' +
-            '<span class="pill tone-info">' + escHtml(item.tier || "tier1") + '</span>' +
-            '<div class="grow">' + escHtml(promptText) + '</div>' +
-            '<button class="btn btn-primary" data-action="inbox-approve" data-item-id="' + escHtml(item.item_id) + '">Approve</button>' +
-            '<button class="btn" data-action="inbox-deny" data-item-id="' + escHtml(item.item_id) + '">Deny</button>' +
+          return '<div class="approval-row">' +
+            '<div class="what">' +
+              '<span class="pill tone-degraded">' + escHtml(item.tier || "tier1") + '</span>' +
+              escHtml(promptText) +
+            '</div>' +
+            '<div class="actions">' +
+              '<button class="btn" data-action="inbox-deny" data-item-id="' + escHtml(item.item_id) + '">Deny</button>' +
+              '<button class="btn btn-primary" data-action="inbox-approve" data-item-id="' + escHtml(item.item_id) + '">Approve once</button>' +
+            '</div>' +
             '</div>';
-        }).join("\n")
+        }).join("")
       : '<p class="muted">No pending approvals routed through this agent.</p>';
 
-    const policyLine = panel.policy_summary
-      ? '<dt>Policy</dt><dd class="mono">' + escHtml(panel.policy_summary.display_label || panel.policy_summary.policy_id) + '</dd>' +
+    const policySection = panel.policy_summary
+      ? '<div class="policy-line"><span class="k">Policy</span><span class="v">' + escHtml(panel.policy_summary.display_label || panel.policy_summary.policy_id) + '</span></div>' +
         (panel.policy_summary.channel_template_id
-          ? '<dt>Template</dt><dd class="mono">' + escHtml(panel.policy_summary.channel_template_id) + '</dd>'
+          ? '<div class="policy-line"><span class="k">Template</span><span class="v">' + escHtml(panel.policy_summary.channel_template_id) + '</span></div>'
           : '') +
-        '<dt>Bound</dt><dd class="mono">' + escHtml(shortTime(panel.policy_summary.bound_at)) + '</dd>'
-      : '<dt>Policy</dt><dd class="muted">No bound policy yet.</dd>';
-
-    return '<div class="card">' +
-      '<div class="concierge-header">' +
-        '<div class="concierge-persona"><strong>Inspect ' + escHtml(agent.agent_id) + '</strong> ' +
-          '<span class="muted">opened ' + escHtml(shortTime(panel.opened_at)) + '</span></div>' +
-        '<button class="btn" data-action="agent-inspect-open" data-agent-id="' + escHtml(agent.agent_id) + '">Refresh</button>' +
+        '<div class="policy-line"><span class="k">Bound</span><span class="v">' + escHtml(shortTime(panel.policy_summary.bound_at)) + '</span></div>'
+      : '<div class="policy-line"><span class="k">Policy</span><span class="v">No bound policy yet.</span></div>';
+
+    const modelLine = agent.model_provider
+      ? '<div class="policy-line"><span class="k">Model</span><span class="v">' + escHtml(agent.model_provider.vendor) + ' / ' + escHtml(agent.model_provider.model_id) + '</span></div>'
+      : '';
+
+    return '<div class="card inspect-pane">' +
+      '<div class="inspect-head">' +
+        '<div class="row1">' +
+          '<div class="agent-glyph">' + escHtml(agentInitials(agent.agent_id)) + '</div>' +
+          '<h3>' + escHtml(agent.agent_id) + '</h3>' +
+          '<span style="margin-left:auto;">' + renderAgentAttestationBadge(agent.status) + '</span>' +
+        '</div>' +
+        '<div class="meta">' +
+          '<span class="pill ' + (dotCls === "live" ? "tone-verified" : "tone-degraded") + '"><span class="state-dot ' + dotCls + '" style="margin-right:4px;"></span>' + escHtml(stateMap.label) + '</span>' +
+          '<span class="pill">opened ' + escHtml(shortTime(panel.opened_at)) + '</span>' +
+          '<button class="btn btn-quiet" data-action="agent-inspect-open" data-agent-id="' + escHtml(agent.agent_id) + '" title="Refresh inspect panel">Refresh</button>' +
+        '</div>' +
+      '</div>' +
+      '<div class="inspect-body">' +
+        errorBanner +
+        '<div class="inspect-section">' +
+          '<h4>Pending approvals' + (approvals.length ? ' <span class="count">' + approvals.length + '</span>' : '') + '</h4>' +
+          approvalsHtml +
+        '</div>' +
+        '<div class="inspect-section">' +
+          '<h4>Recent activity</h4>' +
+          activityHtml +
+        '</div>' +
+        '<div class="inspect-section">' +
+          '<h4>Policy summary</h4>' +
+          policySection +
+        '</div>' +
+        '<div class="inspect-section">' +
+          '<h4>Identity</h4>' +
+          '<div class="policy-line"><span class="k">Agent id</span><span class="v">' + escHtml(agent.agent_id) + '</span></div>' +
+          '<div class="policy-line"><span class="k">Harness</span><span class="v">' + escHtml(agent.harness) + '</span></div>' +
+          modelLine +
+          '<div class="policy-line"><span class="k">Wrapped at</span><span class="v">' + escHtml(shortTime(agent.wrapped_at)) + '</span></div>' +
+        '</div>' +
+        '<p class="muted" style="margin-top:10px;font-size:12px;">' +
+          '<a href="#activity?agent=' + escHtml(agent.agent_id) + '">View full activity</a> · ' +
+          '<a href="#policy">Edit policy</a>' +
+        '</p>' +
       '</div>' +
-      errorBanner +
-      '<h3>Pending approvals</h3>' +
-      approvalsHtml +
-      '<h3 style="margin-top:14px;">Recent activity</h3>' +
-      activityHtml +
-      '<h3 style="margin-top:14px;">Policy</h3>' +
-      '<dl class="kv">' + policyLine + '</dl>' +
-      '<p class="muted" style="margin-top:10px;font-size:12px;">' +
-        '<a href="#activity?agent=' + escHtml(agent.agent_id) + '">View full activity</a> · ' +
-        '<a href="#policy">Edit policy</a>' +
-      '</p>' +
     '</div>';
   }
 
@@ -13629,6 +13988,16 @@ function statusDotClass(status) {
   return "red";
 }
 
+// Card-grid polish (Sprint Piece 2 PR 3) maps the badge dot class onto
+// the shaped glyph token. Sage circle for ok, ochre triangle for warn,
+// rust diamond for fail. Keep aligned with .status-glyph rules in
+// html.ts and the .intel-card-status modifier classes.
+function statusGlyphClass(dotClass) {
+  if (dotClass === "green") return "ok";
+  if (dotClass === "yellow") return "warn";
+  return "fail";
+}
+
 function statusLabel(health) {
   if (health === "ok") return "Working";
   if (health === "degraded") return "Degraded";
@@ -13668,13 +14037,18 @@ function renderIntelligenceCenter() {
   }
   const status = state.intelligence.status;
   const config = state.intelligence.config || {};
-  const surfaceRows = SURFACES_ORDER.map(function (surfaceId) {
+  const surfaceCards = SURFACES_ORDER.map(function (surfaceId) {
     const surfaceStatus = (status.surfaces || []).find(function (s) { return s.surface === surfaceId; });
     if (!surfaceStatus) {
-      return '<div class="intel-row"><div class="intel-row-name">' + escHtml(SURFACE_LABELS[surfaceId] || surfaceId) +
-        '<small>' + escHtml(surfaceId) + '</small></div>' +
-        '<div class="intel-row-body muted">No status reported.</div>' +
-        '<div></div></div>';
+      return '<div class="intel-row intel-card" data-intel-surface="' + escHtml(surfaceId) + '">' +
+        '<div class="intel-card-head">' +
+          '<div class="intel-card-name">' +
+            '<strong>' + escHtml(SURFACE_LABELS[surfaceId] || surfaceId) + '</strong>' +
+            '<small>' + escHtml(surfaceId) + '</small>' +
+          '</div>' +
+        '</div>' +
+        '<div class="muted">No status reported.</div>' +
+      '</div>';
     }
     const substrate = surfaceStatus.chosen;
     const localPick = (config.local_model_picks || {})[surfaceId];
@@ -13692,41 +14066,62 @@ function renderIntelligenceCenter() {
       if (provider) currentBadge = currentBadge + " (" + (FRONTIER_PROVIDER_LABELS[provider] || provider) + ")";
     }
     const dotClass = statusDotClass((surfaceStatus.badge || {}).status || "red");
+    const glyphClass = statusGlyphClass(dotClass);
     const failures = surfaceStatus.recentFailures || [];
     const expanded = !!state.intelligence.expandedFailures[surfaceId];
-    let failuresBlock = "";
+
+    // Card foot. The failures toggle is the load-bearing affordance for
+    // the rc.6 ZZ test (button[data-action="intel-failures-toggle"] with
+    // text "recent failures (N)"). Pluralization is "failures" regardless
+    // of N for backward compatibility with the seeded test contract.
+    // Surface zero-failure state as a quiet mono note so the card still
+    // has visual rhythm in its foot row.
+    let footHtml;
     if (failures.length > 0) {
       const toggleLabel = (expanded ? "Hide" : "View") + " recent failures (" + failures.length + ")";
-      const list = expanded
-        ? '<ul class="intel-row-failures-list">' +
-            failures.slice().reverse().map(function (f) {
-              return '<li><span class="muted mono">' + escHtml(shortTime(f.ts)) + '</span> ' +
-                '<span class="pill warn">' + escHtml(f.failureClass) + '</span> ' +
-                '<span class="muted">' + escHtml(f.snippet) + '</span></li>';
-            }).join("") +
-          '</ul>'
-        : '';
-      failuresBlock =
-        '<div class="intel-row-failures">' +
-          '<button class="btn btn-link" data-action="intel-failures-toggle" data-intel-surface="' + escHtml(surfaceId) + '">' +
-            escHtml(toggleLabel) +
-          '</button>' +
-          list +
+      footHtml =
+        '<button class="intel-failures-toggle' + (expanded ? ' open' : '') + '" data-action="intel-failures-toggle" data-intel-surface="' + escHtml(surfaceId) + '">' +
+          '<span class="caret"></span>' +
+          escHtml(toggleLabel) +
+        '</button>';
+    } else {
+      footHtml = '<span class="muted mono" style="font-size: 11px;">no recent failures</span>';
+    }
+
+    let failuresBlock = "";
+    if (failures.length > 0 && expanded) {
+      const rows = failures.slice().reverse().map(function (f) {
+        return '<div class="intel-failure-row">' +
+          '<span class="ts">' + escHtml(shortTime(f.ts)) + '</span>' +
+          '<div>' +
+            '<div class="err-class">' + escHtml(f.failureClass) + '</div>' +
+            '<div>' + escHtml(f.snippet) + '</div>' +
+          '</div>' +
         '</div>';
+      }).join("");
+      failuresBlock = '<div class="intel-failures">' + rows + '</div>';
     }
-    return '<div class="intel-row" data-intel-surface="' + escHtml(surfaceId) + '">' +
-      '<div class="intel-row-name">' + escHtml(SURFACE_LABELS[surfaceId] || surfaceId) +
-        '<small>' + escHtml(surfaceId) + '</small></div>' +
-      '<div class="intel-row-body">' +
-        '<div class="intel-row-current">' +
-          '<span class="intel-status-dot ' + dotClass + '" title="' + escHtml(statusLabel(surfaceStatus.health)) + '"></span>' +
-          '<span class="pill">' + escHtml(currentBadge) + '</span>' +
-          '<span class="muted mono">' + escHtml(statusLabel(surfaceStatus.health)) + '</span>' +
+
+    return '<div class="intel-row intel-card" data-intel-surface="' + escHtml(surfaceId) + '">' +
+      '<div class="intel-card-head">' +
+        '<div class="intel-card-name">' +
+          '<strong>' + escHtml(SURFACE_LABELS[surfaceId] || surfaceId) + '</strong>' +
+          '<small>' + escHtml(surfaceId) + '</small>' +
+        '</div>' +
+        '<span class="intel-card-status ' + glyphClass + '" title="' + escHtml(statusLabel(surfaceStatus.health)) + '">' +
+          '<span class="status-glyph ' + glyphClass + '"></span>' +
+          escHtml(statusLabel(surfaceStatus.health)) +
+        '</span>' +
+      '</div>' +
+      '<div class="intel-substrate">' +
+        '<div class="sub-line primary">' +
+          '<span>' + escHtml(currentBadge) + '</span>' +
+          '<button class="btn-quiet" data-action="intel-picker-open" data-intel-surface="' + escHtml(surfaceId) + '">Change</button>' +
         '</div>' +
-        '<div class="intel-row-tradeoff">' + escHtml(substrateTradeoff(substrate)) + '</div>' +
-        failuresBlock +
       '</div>' +
-      '<div><button class="btn" data-action="intel-picker-open" data-intel-surface="' + escHtml(surfaceId) + '">Change</button></div>' +
+      '<div class="intel-row-tradeoff">' + escHtml(substrateTradeoff(substrate)) + '</div>' +
+      '<div class="intel-card-foot">' + footHtml + '</div>' +
+      failuresBlock +
     '</div>';
   }).join("\n");
 
@@ -13738,11 +14133,15 @@ function renderIntelligenceCenter() {
 
   const modal = state.intelligence.picker.open ? renderIntelligencePicker() : "";
 
-  return '<section class="intel-center">' +
-    '<p class="eyebrow">INTELLIGENCE</p>' +
-    '<h1>Intelligence Substrate</h1>' +
-    '<p class="intel-subtitle">Choose how Sanctuary thinks. Tradeoffs visible per surface. Multi-option framing is preserved: no single substrate is the right answer.</p>' +
-    '<section class="intel-panel"><h2>Surfaces</h2>' + surfaceRows + '</section>' +
+  return '<section class="intel-wrap">' +
+    '<div class="page-head">' +
+      '<div>' +
+        '<p class="eyebrow">Intelligence</p>' +
+        '<h1>Substrate routing.</h1>' +
+        '<p class="sub">Six surfaces, six choices. Each surface picks where its thinking happens. Local for privacy. Hosted for capability. Hybrid for both.</p>' +
+      '</div>' +
+    '</div>' +
+    '<div class="intel-grid">' + surfaceCards + '</div>' +
     '<section class="intel-panel"><h2>Host capability</h2>' +
       '<dl class="intel-hardware">' +
         '<dt>Total RAM</dt><dd>' + escHtml(hardware.totalRamGb || "?") + ' GB</dd>' +
@@ -14535,6 +14934,13 @@ document.addEventListener("click", function (ev) {
   const intelLocalModel = tgt.getAttribute("data-intel-local-model");
   const intelFrontierProvider = tgt.getAttribute("data-intel-frontier-provider");
   if (action === "lockdown") return void onLockdownClick();
+  if (action === "theme-toggle") {
+    const isDark = document.documentElement.getAttribute("data-theme") === "dark";
+    const next = isDark ? "light" : "dark";
+    sessionStorage.setItem(THEME_KEY, next);
+    applyTheme(next);
+    return;
+  }
   if (action === "intel-reload") { return void fetchIntelligenceState().then(rerender); }
   if (action === "intel-picker-open" && intelSurface) return void onIntelPickerOpen(intelSurface);
   if (action === "intel-picker-close") return onIntelPickerClose();
@@ -14688,12 +15094,30 @@ document.addEventListener("input", function (ev) {
 // then the dashboard view renders a static welcome card with no form
 // inputs that could be confused for a working command surface.
 
-// Theme: system preference only at v1.1.
+// Theme: explicit operator preference (sessionStorage) overrides system
+// pref. The toggle button in the topbar dispatches data-action
+// "theme-toggle" which writes the chosen theme and updates the
+// [data-theme] attribute. When no explicit choice exists, fall back to
+// system preference and track changes so dark-mode-at-sunset behavior
+// keeps working on macOS / Windows.
+const THEME_KEY = "sanctuary-v11-theme";
+function applyTheme(theme) {
+  if (theme === "dark") document.documentElement.setAttribute("data-theme", "dark");
+  else document.documentElement.removeAttribute("data-theme");
+}
+const explicitTheme = sessionStorage.getItem(THEME_KEY);
 const mq = window.matchMedia ? window.matchMedia("(prefers-color-scheme: dark)") : null;
-if (mq && mq.matches) document.documentElement.setAttribute("data-theme", "dark");
+if (explicitTheme === "dark" || explicitTheme === "light") {
+  applyTheme(explicitTheme);
+} else if (mq && mq.matches) {
+  applyTheme("dark");
+}
 if (mq) mq.addEventListener("change", function (e) {
-  if (e.matches) document.documentElement.setAttribute("data-theme", "dark");
-  else document.documentElement.removeAttribute("data-theme");
+  // Only honor system pref changes when the operator has not made an
+  // explicit choice. Once they toggle, the choice sticks for the
+  // session.
+  if (sessionStorage.getItem(THEME_KEY)) return;
+  applyTheme(e.matches ? "dark" : "light");
 });
 
 // Boot.
@@ -14717,9 +15141,11 @@ function renderDashboardV11Html(options = {}) {
   const fortressId = options.fortressId ?? "fortress";
   const sanctuaryVersion = options.sanctuaryVersion ?? SANCTUARY_VERSION;
   const embedClient = options.embedClient !== false;
-  const nav = NAV_ITEMS.map(
-    (n) => `<a href="#${n.id}" data-route="${n.id}"><span>${escHtml3(n.label)}</span></a>`
-  ).join("\n        ");
+  const nav = NAV_ITEMS.map((n) => {
+    const iconPath = NAV_ICON_PATHS[n.id] ?? "";
+    const icon = iconPath ? SVG_OPEN + iconPath + "</svg>" : "";
+    return `<a href="#${n.id}" data-route="${n.id}">${icon}<span>${escHtml3(n.label)}</span></a>`;
+  }).join("\n        ");
   const config = JSON.stringify({
     authToken,
     hubApiBase,
@@ -14751,8 +15177,12 @@ function renderDashboardV11Html(options = {}) {
         <span class="pill" data-pill="version">v${escHtml3(sanctuaryVersion)}</span>
         <span class="pill" data-pill="deployment">deployment: local</span>
         <span class="pill" data-pill="mode">mode: solo</span>
-        <span class="pill" data-pill="attestation">attestation: pending</span>
+        <span class="att-global pending" data-pill="attestation" title="Fortress attestation"><span class="seal"><span class="seal-ring dashed"></span><span class="seal-core"></span></span><span class="label">pending</span></span>
       </div>
+      <button class="btn btn-icon" id="btn-theme-toggle" data-action="theme-toggle" aria-label="Toggle theme" title="Toggle theme">
+        <span class="icon-moon">${THEME_ICON_MOON}</span>
+        <span class="icon-sun">${THEME_ICON_SUN}</span>
+      </button>
       <button class="btn btn-danger" id="btn-lockdown" data-action="lockdown">Lockdown</button>
     </header>
     <main class="main" id="main"><p class="muted">Loading dashboard.</p></main>
@@ -14764,7 +15194,7 @@ function renderDashboardV11Html(options = {}) {
 </body>
 </html>`;
 }
-var STYLES, NAV_ITEMS;
+var STYLES, NAV_ITEMS, NAV_ICON_PATHS, SVG_OPEN, THEME_ICON_MOON, THEME_ICON_SUN;
 var init_html2 = __esm({
   "src/dashboard/v1_1/html.ts"() {
     init_client();
@@ -14795,6 +15225,26 @@ var init_html2 = __esm({
   --rad: 6px;
   --rad-lg: 10px;
   --shadow: 0 1px 2px rgba(0,0,0,0.04), 0 0 0 1px rgba(0,0,0,0.02);
+  /* Type scale. Names are size-relative, not semantic, so refactors do
+     not need to invent new names. Existing rules used these literal px
+     values; tokens make future polish a one-line change. */
+  --text-xs: 11px;
+  --text-sm: 12px;
+  --text-base: 13px;
+  --text-md: 14px;
+  --text-lg: 16px;
+  --text-xl: 22px;
+  --text-display: 36px;
+  /* Spacing scale (4px multiples). Layout-specific magic numbers
+     (220px sidebar, 360px fortress rail, concierge-card heights) stay
+     as literals because the token system is for component padding /
+     margin / gap, not grid track sizing. */
+  --space-1: 4px;
+  --space-2: 8px;
+  --space-3: 12px;
+  --space-4: 16px;
+  --space-5: 24px;
+  --space-6: 32px;
 }
 [data-theme="dark"] {
   --paper: #121210;
@@ -14821,7 +15271,7 @@ var init_html2 = __esm({
 html, body { margin: 0; padding: 0; }
 body {
   font-family: var(--sans);
-  font-size: 14px;
+  font-size: var(--text-md);
   background: var(--paper);
   color: var(--ink);
   line-height: 1.45;
@@ -14842,20 +15292,27 @@ body {
     "sidebar main";
 }
 .sidebar { grid-area: sidebar; background: var(--paper-2); border-right: 1px solid var(--rule); padding: 12px 8px; }
-.sidebar h1 { font-family: var(--serif); font-size: 16px; margin: 4px 8px 16px; }
+.sidebar h1 { font-family: var(--serif); font-size: var(--text-lg); margin: 4px 8px 16px; }
 .sidebar nav { display: flex; flex-direction: column; gap: 2px; }
 .sidebar nav a {
-  display: block; padding: 6px 10px; border-radius: var(--rad);
-  color: var(--ink-2); text-decoration: none; font-size: 13px;
+  display: flex; align-items: center; gap: var(--space-2);
+  padding: 6px 10px; border-radius: var(--rad);
+  color: var(--ink-2); text-decoration: none; font-size: var(--text-base);
+}
+.sidebar nav a svg {
+  flex-shrink: 0; width: 16px; height: 16px;
+  color: var(--ink-3);
 }
 .sidebar nav a:hover { background: var(--paper-3); }
+.sidebar nav a:hover svg { color: var(--ink-2); }
 .sidebar nav a.active { background: var(--surface); color: var(--ink); border: 1px solid var(--rule); }
-.topbar { grid-area: topbar; display: flex; align-items: center; gap: 12px; padding: 0 16px; border-bottom: 1px solid var(--rule); background: var(--surface); }
-.topbar .brand { font-family: var(--serif); font-size: 14px; }
+.sidebar nav a.active svg { color: var(--ink); }
+.topbar { grid-area: topbar; display: flex; align-items: center; gap: var(--space-3); padding: 0 16px; border-bottom: 1px solid var(--rule); background: var(--surface); }
+.topbar .brand { font-family: var(--serif); font-size: var(--text-md); }
 .topbar .pills { display: flex; gap: 6px; flex: 1; }
 .pill {
   display: inline-flex; align-items: center; gap: 4px;
-  padding: 2px 8px; border-radius: 12px; font-size: 11px;
+  padding: 2px 8px; border-radius: 12px; font-size: var(--text-xs);
   font-family: var(--mono); border: 1px solid var(--rule);
   background: var(--surface-2); color: var(--ink-2);
 }
@@ -14867,7 +15324,7 @@ body {
   display: inline-flex; align-items: center; gap: 4px;
   padding: 4px 10px; border-radius: var(--rad);
   background: var(--surface); border: 1px solid var(--rule);
-  font-family: var(--sans); font-size: 12px; color: var(--ink);
+  font-family: var(--sans); font-size: var(--text-sm); color: var(--ink);
   cursor: pointer;
 }
 .btn:hover:not(:disabled) { background: var(--surface-2); }
@@ -14877,21 +15334,30 @@ body {
 .btn.btn-danger { background: var(--rust-bg); color: var(--rust); border-color: var(--rust); }
 .btn.tier1-pending { background: var(--ochre-bg); color: var(--ochre); border-color: var(--ochre); }
 .btn.tier1-engaged { background: var(--rust-bg); color: var(--rust); border-color: var(--rust); }
+.btn.btn-icon {
+  padding: 4px 6px;
+  display: inline-flex; align-items: center; justify-content: center;
+  color: var(--ink-2);
+}
+.btn.btn-icon svg { width: 16px; height: 16px; }
+.btn.btn-icon .icon-sun { display: none; }
+[data-theme="dark"] .btn.btn-icon .icon-moon { display: none; }
+[data-theme="dark"] .btn.btn-icon .icon-sun { display: inline; }
 .main { grid-area: main; overflow-y: auto; padding: 16px 24px; }
-.fortress { grid-area: fortress; overflow-y: auto; border-left: 1px solid var(--rule); background: var(--paper-2); padding: 12px; display: flex; flex-direction: column; gap: 10px; }
+.fortress { grid-area: fortress; overflow-y: auto; border-left: 1px solid var(--rule); background: var(--paper-2); padding: var(--space-3); display: flex; flex-direction: column; gap: 10px; }
 .app.route-full .fortress { display: none; }
 .card {
   background: var(--surface); border: 1px solid var(--rule);
-  border-radius: var(--rad); padding: 12px;
+  border-radius: var(--rad); padding: var(--space-3);
 }
-.card h3 { margin: 0 0 8px; font-size: 13px; font-weight: 600; color: var(--ink); }
+.card h3 { margin: 0 0 8px; font-size: var(--text-base); font-weight: 600; color: var(--ink); }
 .muted { color: var(--ink-3); }
-.mono { font-family: var(--mono); font-size: 12px; }
-.row { display: flex; align-items: center; gap: 8px; padding: 6px 0; border-bottom: 1px dashed var(--rule); }
+.mono { font-family: var(--mono); font-size: var(--text-sm); }
+.row { display: flex; align-items: center; gap: var(--space-2); padding: 6px 0; border-bottom: 1px dashed var(--rule); }
 .row:last-child { border-bottom: 0; }
 .row .grow { flex: 1; min-width: 0; }
 .agent-row { flex-direction: column; align-items: stretch; gap: 6px; }
-.agent-row-head { display: flex; align-items: center; gap: 8px; min-width: 0; }
+.agent-row-head { display: flex; align-items: center; gap: var(--space-2); min-width: 0; }
 .agent-row-head .grow { flex: 1; min-width: 0; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; }
 .agent-row-actions { display: flex; flex-wrap: wrap; gap: 4px; }
 /* Click-to-inspect affordance: the head sub-row of a fortress-column
@@ -14901,7 +15367,7 @@ body {
 .agent-row-head[data-action="agent-row-inspect-open"] { cursor: pointer; border-radius: var(--rad); padding: 4px 6px; margin: -4px -6px; }
 .agent-row-head[data-action="agent-row-inspect-open"]:hover { background: var(--paper-3); }
 .agent-row-head[data-action="agent-row-inspect-open"]:focus-visible { outline: 2px solid var(--ink-3); outline-offset: 1px; }
-.kv { display: grid; grid-template-columns: max-content 1fr; gap: 4px 12px; font-size: 12px; }
+.kv { display: grid; grid-template-columns: max-content 1fr; gap: 4px 12px; font-size: var(--text-sm); }
 .kv dt { color: var(--ink-3); }
 .kv dd { margin: 0; color: var(--ink); }
 .glyph { display: inline-block; width: 8px; height: 8px; border-radius: 50%; background: var(--ink-4); }
@@ -14912,74 +15378,74 @@ body {
 .toast {
   position: fixed; bottom: 16px; right: 16px;
   background: var(--ink); color: var(--paper); padding: 8px 12px;
-  border-radius: var(--rad); font-size: 12px; z-index: 1000;
+  border-radius: var(--rad); font-size: var(--text-sm); z-index: 1000;
   max-width: 360px;
 }
 .toast.error { background: var(--rust); color: var(--paper); }
-.layer-card { background: var(--surface-2); border: 1px solid var(--rule); border-radius: var(--rad); padding: 8px; }
-.layer-card h4 { margin: 0 0 4px; font-size: 12px; font-weight: 600; }
-.layer-card p { margin: 0; font-size: 11px; color: var(--ink-3); }
-.chat-thread { display: flex; flex-direction: column; gap: 8px; padding-bottom: 12px; }
+.layer-card { background: var(--surface-2); border: 1px solid var(--rule); border-radius: var(--rad); padding: var(--space-2); }
+.layer-card h4 { margin: 0 0 4px; font-size: var(--text-sm); font-weight: 600; }
+.layer-card p { margin: 0; font-size: var(--text-xs); color: var(--ink-3); }
+.chat-thread { display: flex; flex-direction: column; gap: var(--space-2); padding-bottom: 12px; }
 .chat-msg { padding: 8px 10px; border-radius: var(--rad); border: 1px solid var(--rule); background: var(--surface); max-width: 78%; }
-.chat-msg.system { background: var(--paper-3); color: var(--ink-3); font-size: 12px; max-width: 100%; }
+.chat-msg.system { background: var(--paper-3); color: var(--ink-3); font-size: var(--text-sm); max-width: 100%; }
 .chat-msg.agent { align-self: flex-start; }
 .chat-msg.operator { align-self: flex-end; background: var(--ink); color: var(--paper); }
 .chat-msg .meta { font-size: 10px; color: var(--ink-4); margin-top: 4px; }
-.composer { display: flex; gap: 8px; padding: 8px; border-top: 1px solid var(--rule); }
+.composer { display: flex; gap: var(--space-2); padding: var(--space-2); border-top: 1px solid var(--rule); }
 .composer input { flex: 1; padding: 6px 8px; border: 1px solid var(--rule); border-radius: var(--rad); font-family: var(--sans); }
 .wizard-step { padding: 10px; border: 1px solid var(--rule); border-radius: var(--rad); margin-bottom: 8px; background: var(--surface); }
 .wizard-step.active { border-color: var(--ink); }
 .wizard-step.done { background: var(--sage-bg); border-color: var(--sage); }
-.code-block { font-family: var(--mono); background: var(--paper-3); padding: 8px; border-radius: var(--rad); font-size: 12px; overflow-x: auto; }
+.code-block { font-family: var(--mono); background: var(--paper-3); padding: var(--space-2); border-radius: var(--rad); font-size: var(--text-sm); overflow-x: auto; }
 .policy-center { max-width: 980px; margin: 0 auto; }
-.policy-center .eyebrow { margin: 0 0 6px; color: var(--ink-3); font-family: var(--mono); font-size: 12px; letter-spacing: 0; }
-.policy-center h1 { font-family: var(--serif); font-size: 36px; line-height: 1.08; font-weight: 400; margin: 0 0 10px; }
+.policy-center .eyebrow { margin: 0 0 6px; color: var(--ink-3); font-family: var(--mono); font-size: var(--text-sm); letter-spacing: 0; }
+.policy-center h1 { font-family: var(--serif); font-size: var(--text-display); line-height: 1.08; font-weight: 400; margin: 0 0 10px; }
 .policy-subtitle { max-width: 860px; color: var(--ink-2); font-size: 15px; margin: 0 0 24px; }
 .policy-panel { background: var(--surface); border: 1px solid var(--rule); border-radius: var(--rad-lg); padding: 20px; margin: 18px 0; }
-.policy-panel h2 { font-family: var(--serif); font-size: 22px; font-weight: 400; margin: 0 0 14px; }
-.template-grid { display: grid; grid-template-columns: repeat(2, minmax(0, 1fr)); gap: 12px; }
+.policy-panel h2 { font-family: var(--serif); font-size: var(--text-xl); font-weight: 400; margin: 0 0 14px; }
+.template-grid { display: grid; grid-template-columns: repeat(2, minmax(0, 1fr)); gap: var(--space-3); }
 .template-card { background: var(--surface-2); border: 1px solid var(--rule); border-radius: var(--rad); padding: 14px; min-height: 132px; }
-.template-card-head { display: flex; justify-content: space-between; align-items: center; gap: 8px; margin-bottom: 12px; }
-.severity { border-radius: 999px; padding: 2px 9px; font-family: var(--mono); font-size: 11px; font-weight: 700; }
+.template-card-head { display: flex; justify-content: space-between; align-items: center; gap: var(--space-2); margin-bottom: 12px; }
+.severity { border-radius: 999px; padding: 2px 9px; font-family: var(--mono); font-size: var(--text-xs); font-weight: 700; }
 .severity.low { color: var(--sage); background: var(--sage-bg); }
 .severity.medium { color: var(--ochre); background: var(--ochre-bg); }
 .template-id { background: var(--paper-3); border-radius: var(--rad); padding: 2px 7px; color: var(--ink-3); }
-.template-card h3 { font-size: 16px; margin: 0 0 6px; }
-.template-card p { color: var(--ink-3); margin: 0; font-size: 14px; }
+.template-card h3 { font-size: var(--text-lg); margin: 0 0 6px; }
+.template-card p { color: var(--ink-3); margin: 0; font-size: var(--text-md); }
 .rules-scroll { overflow-x: auto; }
 .rules-table { width: 100%; border-collapse: collapse; min-width: 760px; }
-.rules-table th { text-align: left; color: var(--ink-3); font-family: var(--mono); font-size: 12px; letter-spacing: 0; padding: 8px 10px; border-bottom: 1px solid var(--rule); }
+.rules-table th { text-align: left; color: var(--ink-3); font-family: var(--mono); font-size: var(--text-sm); letter-spacing: 0; padding: 8px 10px; border-bottom: 1px solid var(--rule); }
 .rules-table td { padding: 12px 10px; border-bottom: 1px solid var(--rule); vertical-align: top; }
 .link-btn, .template-cell { border: 0; background: transparent; color: var(--ink); padding: 0; cursor: pointer; font: inherit; text-align: left; }
 .template-cell { font-family: var(--mono); max-width: 180px; overflow-wrap: anywhere; }
 .template-picker { position: absolute; z-index: 20; margin-top: 8px; width: min(420px, calc(100vw - 80px)); background: var(--surface); border: 1px solid var(--rule-2); border-radius: var(--rad); box-shadow: var(--shadow); padding: 10px; }
 .template-picker-options { display: grid; gap: 6px; max-height: 320px; overflow-y: auto; }
-.template-option { display: grid; grid-template-columns: 18px 1fr; gap: 8px; padding: 8px; border: 1px solid var(--rule); border-radius: var(--rad); background: var(--surface-2); }
+.template-option { display: grid; grid-template-columns: 18px 1fr; gap: var(--space-2); padding: var(--space-2); border: 1px solid var(--rule); border-radius: var(--rad); background: var(--surface-2); }
 .template-option small { display: block; color: var(--ink-3); margin-top: 2px; }
-.template-picker-actions { display: flex; justify-content: flex-end; gap: 8px; margin-top: 10px; }
+.template-picker-actions { display: flex; justify-content: flex-end; gap: var(--space-2); margin-top: 10px; }
 .allow-count { color: var(--sage); font-weight: 700; }
 .block-count { color: var(--rust); }
 .toggle-on { display: inline-block; width: 28px; height: 16px; border-radius: 999px; background: var(--sage); position: relative; }
 .toggle-on::after { content: ""; position: absolute; right: 2px; top: 2px; width: 12px; height: 12px; border-radius: 50%; background: var(--surface); }
 .error-text { color: var(--rust); margin: 8px 0 0; }
 .intel-center { max-width: 980px; margin: 0 auto; }
-.intel-center .eyebrow { margin: 0 0 6px; color: var(--ink-3); font-family: var(--mono); font-size: 12px; letter-spacing: 0; }
-.intel-center h1 { font-family: var(--serif); font-size: 36px; line-height: 1.08; font-weight: 400; margin: 0 0 10px; }
+.intel-center .eyebrow { margin: 0 0 6px; color: var(--ink-3); font-family: var(--mono); font-size: var(--text-sm); letter-spacing: 0; }
+.intel-center h1 { font-family: var(--serif); font-size: var(--text-display); line-height: 1.08; font-weight: 400; margin: 0 0 10px; }
 .intel-subtitle { max-width: 860px; color: var(--ink-2); font-size: 15px; margin: 0 0 24px; }
 .intel-panel { background: var(--surface); border: 1px solid var(--rule); border-radius: var(--rad-lg); padding: 20px; margin: 18px 0; }
-.intel-panel h2 { font-family: var(--serif); font-size: 22px; font-weight: 400; margin: 0 0 14px; }
-.intel-row { display: grid; grid-template-columns: 200px 1fr auto; gap: 16px; padding: 14px 0; border-bottom: 1px solid var(--rule); align-items: start; }
+.intel-panel h2 { font-family: var(--serif); font-size: var(--text-xl); font-weight: 400; margin: 0 0 14px; }
+.intel-row { display: grid; grid-template-columns: 200px 1fr auto; gap: var(--space-4); padding: 14px 0; border-bottom: 1px solid var(--rule); align-items: start; }
 .intel-row:last-child { border-bottom: 0; }
 .intel-row-name { font-weight: 600; }
-.intel-row-name small { display: block; color: var(--ink-3); font-weight: 400; font-size: 12px; margin-top: 2px; font-family: var(--mono); }
+.intel-row-name small { display: block; color: var(--ink-3); font-weight: 400; font-size: var(--text-sm); margin-top: 2px; font-family: var(--mono); }
 .intel-row-body { display: flex; flex-direction: column; gap: 6px; min-width: 0; }
-.intel-row-current { display: flex; gap: 8px; align-items: center; flex-wrap: wrap; }
-.intel-row-tradeoff { color: var(--ink-2); font-size: 13px; line-height: 1.5; }
+.intel-row-current { display: flex; gap: var(--space-2); align-items: center; flex-wrap: wrap; }
+.intel-row-tradeoff { color: var(--ink-2); font-size: var(--text-base); line-height: 1.5; }
 .intel-status-dot { display: inline-block; width: 10px; height: 10px; border-radius: 50%; }
 .intel-status-dot.green { background: var(--sage); }
 .intel-status-dot.yellow { background: var(--ochre); }
 .intel-status-dot.red { background: var(--rust); }
-.intel-hardware { display: grid; grid-template-columns: max-content 1fr; gap: 4px 16px; font-size: 13px; }
+.intel-hardware { display: grid; grid-template-columns: max-content 1fr; gap: 4px 16px; font-size: var(--text-base); }
 .intel-hardware dt { color: var(--ink-3); font-family: var(--mono); }
 .intel-hardware dd { margin: 0; }
 .intel-modal-backdrop {
@@ -14992,33 +15458,162 @@ body {
   box-shadow: 0 8px 32px rgba(0,0,0,0.18); padding: 24px;
   width: 100%; max-width: 640px;
 }
-.intel-modal h2 { font-family: var(--serif); font-size: 22px; font-weight: 400; margin: 0 0 8px; }
-.intel-modal-subtitle { color: var(--ink-3); margin: 0 0 18px; font-size: 13px; }
+.intel-modal h2 { font-family: var(--serif); font-size: var(--text-xl); font-weight: 400; margin: 0 0 8px; }
+.intel-modal-subtitle { color: var(--ink-3); margin: 0 0 18px; font-size: var(--text-base); }
 .intel-option {
-  border: 1px solid var(--rule); border-radius: var(--rad); padding: 12px;
+  border: 1px solid var(--rule); border-radius: var(--rad); padding: var(--space-3);
   margin-bottom: 10px; background: var(--surface-2); cursor: pointer;
   display: grid; grid-template-columns: 18px 1fr; gap: 10px; align-items: start;
 }
 .intel-option.selected { border-color: var(--ink); background: var(--surface); }
-.intel-option-body strong { display: block; font-size: 14px; margin-bottom: 4px; }
-.intel-option-body small { display: block; color: var(--ink-3); font-size: 12px; line-height: 1.5; }
+.intel-option-body strong { display: block; font-size: var(--text-md); margin-bottom: 4px; }
+.intel-option-body small { display: block; color: var(--ink-3); font-size: var(--text-sm); line-height: 1.5; }
 .intel-suboptions { margin-top: 10px; padding: 10px; background: var(--paper-3); border-radius: var(--rad); }
-.intel-suboptions label { display: block; margin: 6px 0; font-size: 13px; }
+.intel-suboptions label { display: block; margin: 6px 0; font-size: var(--text-base); }
 .intel-suboptions input[type="text"], .intel-suboptions input[type="password"] {
   width: 100%; padding: 6px 8px; border: 1px solid var(--rule); border-radius: var(--rad);
-  font-family: var(--mono); font-size: 12px; box-sizing: border-box;
+  font-family: var(--mono); font-size: var(--text-sm); box-sizing: border-box;
+}
+.intel-modal-actions { display: flex; justify-content: flex-end; gap: var(--space-2); margin-top: 18px; }
+/*
+ * Intelligence panel polish (Sprint Piece 2 PR 3). Card grid layout
+ * replaces the legacy 3-col row visual. The legacy .intel-row and
+ * .intel-status-dot rules above are retained for the e2e selector
+ * contract (.intel-row[data-intel-surface="..."]) and as the responsive
+ * fallback. Cards render as a flex column with a substrate inset,
+ * status badge with shaped glyph, and a recent-failures toggle in the
+ * card foot.
+ */
+.intel-wrap { max-width: 1000px; margin: 0 auto; }
+.intel-grid {
+  display: grid;
+  grid-template-columns: repeat(2, minmax(0, 1fr));
+  gap: 12px;
+}
+.intel-card {
+  background: var(--surface);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad-lg);
+  padding: 16px;
+  display: flex; flex-direction: column;
+  gap: 12px;
+}
+.intel-card-head {
+  display: flex; align-items: flex-start; justify-content: space-between;
+  gap: 10px;
 }
-.intel-modal-actions { display: flex; justify-content: flex-end; gap: 8px; margin-top: 18px; }
+.intel-card-name {
+  display: flex; flex-direction: column; gap: 2px;
+  min-width: 0;
+}
+.intel-card-name strong {
+  font-family: var(--serif); font-weight: 500;
+  font-size: 15px; letter-spacing: 0.005em;
+}
+.intel-card-name small {
+  color: var(--ink-3); font-size: 11px; font-family: var(--mono);
+}
+.intel-card-status {
+  display: inline-flex; align-items: center; gap: 6px;
+  font-family: var(--mono); font-size: 11px;
+  padding: 3px 9px; border-radius: 999px;
+  border: 1px solid var(--rule); background: var(--surface-2);
+  flex-shrink: 0;
+}
+.intel-card-status.ok { color: var(--sage); border-color: var(--sage); background: var(--sage-bg); }
+.intel-card-status.warn { color: var(--ochre); border-color: var(--ochre); background: var(--ochre-bg); }
+.intel-card-status.fail { color: var(--rust); border-color: var(--rust); background: var(--rust-bg); }
+.status-glyph {
+  width: 10px; height: 10px;
+  position: relative; flex-shrink: 0;
+}
+.status-glyph.ok::before {
+  content: ""; position: absolute; inset: 0;
+  border-radius: 50%; background: currentColor;
+}
+.status-glyph.warn::before {
+  content: ""; position: absolute; inset: 0;
+  background: currentColor;
+  clip-path: polygon(50% 0%, 100% 100%, 0% 100%);
+}
+.status-glyph.fail::before {
+  content: ""; position: absolute; inset: 1px;
+  background: currentColor;
+  clip-path: polygon(50% 0, 100% 50%, 50% 100%, 0 50%);
+}
+.intel-substrate {
+  display: flex; flex-direction: column; gap: 4px;
+  padding: 10px 12px;
+  background: var(--paper-2);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad);
+}
+.intel-substrate .sub-line {
+  display: flex; justify-content: space-between; align-items: center;
+  gap: 10px; font-size: 12px;
+}
+.intel-substrate .sub-line.primary {
+  font-family: var(--mono); font-size: 13px; color: var(--ink);
+}
+.intel-substrate .sub-line.secondary { color: var(--ink-3); font-size: 11px; }
+.intel-card-foot {
+  display: flex; align-items: center; justify-content: space-between;
+  gap: 8px; padding-top: 4px;
+}
+.intel-failures-toggle {
+  display: inline-flex; align-items: center; gap: 6px;
+  font-size: 12px; font-family: var(--mono);
+  color: var(--ink-3);
+  background: transparent; border: 0; padding: 0;
+  cursor: pointer;
+}
+.intel-failures-toggle:hover { color: var(--ink); }
+.intel-failures-toggle .caret {
+  display: inline-block; width: 0; height: 0;
+  border-left: 4px solid transparent;
+  border-right: 4px solid transparent;
+  border-top: 5px solid currentColor;
+  transition: transform 160ms ease;
+}
+.intel-failures-toggle.open .caret { transform: rotate(180deg); }
+.intel-failures {
+  border-top: 1px solid var(--rule);
+  padding-top: 12px;
+  display: flex; flex-direction: column;
+  gap: 8px;
+}
+.intel-failure-row {
+  display: grid; grid-template-columns: 88px 1fr; gap: 12px;
+  font-size: 12px; padding: 8px 10px;
+  border-radius: var(--rad);
+  background: var(--paper-2);
+  border: 1px solid var(--rule);
+}
+.intel-failure-row .ts {
+  font-family: var(--mono); font-size: 11px; color: var(--ink-3);
+}
+.intel-failure-row .err-class {
+  font-family: var(--mono); font-size: 10px;
+  letter-spacing: 0.04em; text-transform: uppercase;
+  color: var(--rust); margin-bottom: 2px;
+}
+.btn-quiet {
+  background: transparent; border: 1px solid var(--rule);
+  padding: 2px 6px; font-size: 11px;
+  border-radius: var(--rad); cursor: pointer;
+  color: var(--ink-2); font-family: var(--sans);
+}
+.btn-quiet:hover { background: var(--surface-2); color: var(--ink); }
 .banner-warn {
   background: var(--ochre-bg); color: var(--ochre); border: 1px solid var(--ochre);
-  border-radius: var(--rad); padding: 8px 12px; margin: 8px 0; font-size: 13px;
+  border-radius: var(--rad); padding: 8px 12px; margin: 8px 0; font-size: var(--text-base);
 }
 .banner-info {
   background: var(--indigo-bg); color: var(--indigo); border: 1px solid var(--indigo);
-  border-radius: var(--rad); padding: 8px 12px; margin: 8px 0; font-size: 13px;
+  border-radius: var(--rad); padding: 8px 12px; margin: 8px 0; font-size: var(--text-base);
 }
 .btn.chip {
-  border-radius: 999px; padding: 4px 12px; font-size: 12px;
+  border-radius: 999px; padding: 4px 12px; font-size: var(--text-sm);
   background: var(--surface-2); border-color: var(--rule);
 }
 .btn.chip:hover:not(:disabled) { background: var(--paper-3); }
@@ -15035,85 +15630,210 @@ body {
  * dynamically, but the input box is below the fold, so I still have
  * to scroll." rc.5 closes that with a structural layout fix.
  */
+/* Sprint Piece 2 PR 2 (2026-05-03): concierge surface polish.
+ * Translates Claude Design references at
+ * server/docs/design-refs/sprint-piece-2/surface-concierge.jsx and the
+ * Surface 1 block of surfaces.css. The bounded-card layout above is
+ * preserved verbatim because rc.5 and the DDD e2e suite depend on it;
+ * the Claude Design reference uses height: 720px for the card, but
+ * production keeps the calc-based bounded height so the card adapts
+ * to the operator viewport. The polish lands the persona glyph-ring,
+ * mono uppercase author labels, paper-2 background for concierge
+ * replies, suggest-grid empty-state cards, and the composer input-wrap
+ * with the keyboard-shortcut pill.
+ */
+.concierge-wrap { max-width: 880px; margin: 0 auto; }
+.page-head {
+  display: flex; align-items: flex-end; justify-content: space-between;
+  gap: var(--space-4);
+  margin-bottom: 18px; padding-bottom: 14px;
+  border-bottom: 1px solid var(--rule);
+}
+.page-head .eyebrow {
+  font-family: var(--mono); font-size: var(--text-xs);
+  letter-spacing: 0.08em; text-transform: uppercase;
+  color: var(--ink-3);
+  margin: 0 0 6px;
+}
+.page-head h1 {
+  font-family: var(--serif); font-weight: 400;
+  font-size: 28px; letter-spacing: -0.01em;
+  margin: 0 0 4px;
+}
+.page-head .sub {
+  color: var(--ink-3); margin: 0;
+  font-size: var(--text-base); max-width: 60ch;
+}
 .concierge-card {
   display: flex; flex-direction: column;
   height: calc(100vh - 180px);
   max-height: calc(100vh - 180px);
   min-height: 360px;
-  padding: 16px 18px;
+  padding: 18px 22px 14px;
   gap: 0;
 }
 .concierge-header {
   display: flex; align-items: center; justify-content: space-between;
-  gap: 12px; padding-bottom: 12px; border-bottom: 1px solid var(--rule);
+  gap: var(--space-3); padding-bottom: 14px;
+  border-bottom: 1px solid var(--rule);
   flex-wrap: wrap;
   flex-shrink: 0;
 }
-.concierge-persona {
-  display: flex; align-items: baseline; gap: 8px;
-  font-size: 14px;
+.concierge-persona { display: flex; align-items: center; gap: 10px; }
+.concierge-persona .glyph-ring {
+  width: 26px; height: 26px;
+  border: 1.5px solid var(--ink-2);
+  border-radius: 50%;
+  position: relative;
+  flex-shrink: 0;
+}
+.concierge-persona .glyph-ring::after {
+  content: ""; position: absolute; inset: 5px;
+  border-radius: 50%; background: var(--ink-2);
+}
+.concierge-persona-text { display: flex; flex-direction: column; }
+.concierge-persona-text strong {
+  font-family: var(--serif); font-weight: 500;
+  font-size: 15px; letter-spacing: 0.005em;
+}
+.concierge-persona-text small {
+  color: var(--ink-3); font-size: var(--text-xs);
+  font-family: var(--mono);
+}
+.concierge-meta {
+  display: flex; gap: 6px; align-items: center; flex-wrap: wrap;
 }
-.concierge-persona strong { font-size: 14px; }
 .concierge-badge { white-space: nowrap; }
 .concierge-history {
   flex: 1 1 auto;
   min-height: 0;
   overflow-y: auto;
-  padding: 14px 4px;
-  display: flex; flex-direction: column; gap: 14px;
+  padding: 18px 4px 6px;
+  display: flex; flex-direction: column; gap: 18px;
 }
 .concierge-msg {
-  display: flex; flex-direction: column; gap: 4px;
-  max-width: 80%;
+  display: flex; flex-direction: column; gap: 5px;
+  max-width: 78%;
 }
 .concierge-msg-author {
-  font-size: 11px;
+  font-size: 10px;
+  font-family: var(--mono);
+  letter-spacing: 0.04em;
+  text-transform: uppercase;
+  color: var(--ink-4);
 }
 .concierge-msg-body {
-  padding: 10px 14px; border-radius: 12px;
-  border: 1px solid var(--rule); background: var(--surface);
-  white-space: pre-wrap; word-wrap: break-word;
-  font-size: 14px; line-height: 1.5;
+  padding: 11px 14px;
+  border-radius: 12px;
+  border: 1px solid var(--rule);
+  background: var(--surface);
+  font-size: var(--text-md);
+  line-height: 1.55;
+  white-space: pre-wrap;
+  word-wrap: break-word;
 }
 .concierge-msg-concierge { align-self: flex-start; }
+.concierge-msg-concierge .concierge-msg-body {
+  background: var(--paper-2);
+}
 .concierge-msg-operator { align-self: flex-end; align-items: flex-end; }
 .concierge-msg-operator .concierge-msg-body {
   background: var(--ink); color: var(--paper); border-color: var(--ink);
 }
+.concierge-msg-meta {
+  display: flex; gap: 6px;
+  font-size: 10px;
+  color: var(--ink-4);
+  font-family: var(--mono);
+}
 .concierge-empty {
-  padding: 24px 8px; text-align: left;
-  font-size: 13px; line-height: 1.6;
+  flex: 1 1 auto;
+  display: flex; flex-direction: column; gap: 22px;
+  justify-content: center;
+  padding: 24px 12px;
+}
+.concierge-empty-headline { max-width: 52ch; }
+.concierge-empty-headline h2 {
+  font-family: var(--serif); font-weight: 400;
+  font-size: var(--text-xl); margin: 0 0 6px;
+  letter-spacing: -0.005em;
+}
+.concierge-empty-headline p {
+  color: var(--ink-3); margin: 0;
+  font-size: var(--text-md); line-height: 1.55;
+}
+.concierge-suggest-grid {
+  display: grid;
+  grid-template-columns: repeat(3, minmax(0, 1fr));
+  gap: 10px;
+}
+.concierge-suggest {
+  background: var(--surface);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad);
+  padding: 12px 14px;
+  font-size: var(--text-base);
+  cursor: pointer;
+  display: flex; flex-direction: column;
+  gap: 6px;
+  text-align: left;
+  font-family: var(--sans);
+  color: var(--ink);
+}
+.concierge-suggest:hover:not(:disabled) {
+  background: var(--surface-2);
+  border-color: var(--rule-2);
+}
+.concierge-suggest:disabled {
+  cursor: not-allowed; color: var(--ink-4); opacity: 0.7;
+}
+.concierge-suggest .label {
+  font-family: var(--mono);
+  font-size: 10px;
+  letter-spacing: 0.06em;
+  text-transform: uppercase;
+  color: var(--ink-3);
 }
 .concierge-composer {
   display: flex; gap: 10px; align-items: center;
-  padding: 12px 0 8px;
+  padding: 12px 0 4px;
   border-top: 1px solid var(--rule);
   flex-shrink: 0;
 }
+.concierge-composer .input-wrap {
+  flex: 1;
+  display: flex; align-items: center; gap: var(--space-2);
+  padding: 8px 12px;
+  border: 1px solid var(--rule);
+  border-radius: var(--rad);
+  background: var(--surface);
+}
+.concierge-composer .input-wrap:focus-within {
+  border-color: var(--ink-3);
+}
 .concierge-composer input {
   flex: 1; min-width: 0;
-  padding: 10px 14px;
-  border: 1px solid var(--rule); border-radius: var(--rad);
-  font-family: var(--sans); font-size: 14px;
-  background: var(--surface); color: var(--ink);
+  padding: 4px 0;
+  border: 0;
+  background: transparent;
+  color: var(--ink);
+  font-family: var(--sans);
+  font-size: var(--text-md);
+  outline: none;
 }
-.concierge-composer input:focus {
-  outline: none; border-color: var(--ink-3);
+.concierge-composer input::placeholder { color: var(--ink-4); }
+.concierge-composer .composer-meta {
+  font-family: var(--mono);
+  font-size: 10px;
+  color: var(--ink-4);
+  letter-spacing: 0.04em;
 }
 .concierge-composer .btn-primary {
-  padding: 8px 18px; font-size: 13px; flex-shrink: 0;
-}
-.concierge-chips {
-  display: flex; flex-wrap: wrap; gap: 6px;
-  padding: 10px 0 0;
-}
-.concierge-chips::before {
-  content: "Try:"; color: var(--ink-3); font-size: 12px;
-  align-self: center; margin-right: 4px;
+  padding: 8px 18px; font-size: var(--text-base); flex-shrink: 0;
 }
 .concierge-foot {
   margin: 12px 0 0; padding-top: 10px; border-top: 1px dashed var(--rule);
-  font-size: 12px;
+  font-size: var(--text-sm);
 }
 .concierge-foot a { color: var(--ink-2); }
 .tier1-approval-card {
@@ -15121,20 +15841,532 @@ body {
   border-radius: var(--rad); padding: 14px 16px; margin: 12px 0;
 }
 .tier1-approval-card h3 {
-  margin: 0 0 8px; color: var(--ochre); font-size: 14px;
+  margin: 0 0 8px; color: var(--ochre); font-size: var(--text-md);
 }
-.tier1-approval-card p { margin: 0 0 12px; font-size: 13px; }
+.tier1-approval-card p { margin: 0 0 12px; font-size: var(--text-base); }
 .tier1-approval-card .actions {
-  display: flex; gap: 8px; flex-wrap: wrap;
+  display: flex; gap: var(--space-2); flex-wrap: wrap;
+}
+/* Sprint Piece 2 PR 4 (2026-05-04): Agents view + Inspect pane polish.
+ * Translates Claude Design references at
+ * server/docs/design-refs/sprint-piece-2/surface-agents.jsx and the
+ * Surface 3 block of surfaces.css. The fortress-column .agent-row,
+ * .agent-row-head, and .agent-row-actions rules above are kept verbatim
+ * because Finding DD tests pin them; the new Agents-view list scopes
+ * its grid layout under .agents-list (descendant selector) so the
+ * fortress-column rules are unaffected. The inspect pane combines the
+ * existing .card surface with .inspect-pane structure (sticky right
+ * rail, internal scroll, sectioned body) for the agent-detail view.
+ */
+.agents-wrap { max-width: 1080px; margin: 0 auto; }
+.agents-layout {
+  display: grid;
+  grid-template-columns: 1fr 420px;
+  gap: 20px;
+  align-items: start;
+}
+.agents-list {
+  background: var(--surface);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad-lg);
+  overflow: hidden;
+}
+.agents-list-head {
+  display: grid;
+  grid-template-columns: minmax(0, 1fr) 110px 120px 88px;
+  gap: 12px;
+  padding: 10px 16px;
+  border-bottom: 1px solid var(--rule);
+  background: var(--paper-2);
+  font-family: var(--mono);
+  font-size: 10px;
+  letter-spacing: 0.06em;
+  text-transform: uppercase;
+  color: var(--ink-3);
+}
+.agents-list .agent-row {
+  display: grid;
+  grid-template-columns: minmax(0, 1fr) 110px 120px 88px;
+  gap: 12px;
+  padding: 14px 16px;
+  border-bottom: 1px solid var(--rule);
+  align-items: center;
+  cursor: pointer;
+  transition: background 120ms ease;
+}
+.agents-list .agent-row:last-child { border-bottom: 0; }
+.agents-list .agent-row:hover { background: var(--paper-2); }
+.agents-list .agent-row.selected {
+  background: var(--paper-2);
+  box-shadow: inset 3px 0 0 var(--ink);
+}
+.agent-identity { display: flex; align-items: center; gap: 10px; min-width: 0; }
+.agent-glyph {
+  width: 28px; height: 28px;
+  border-radius: var(--rad);
+  background: var(--paper-3);
+  border: 1px solid var(--rule);
+  display: grid; place-items: center;
+  flex-shrink: 0;
+  font-family: var(--mono);
+  font-size: 11px;
+  color: var(--ink-2);
+  font-weight: 600;
+}
+.agent-name {
+  display: flex; flex-direction: column; min-width: 0;
+}
+.agent-name strong {
+  font-size: var(--text-base); font-weight: 500;
+  white-space: nowrap; overflow: hidden; text-overflow: ellipsis;
+}
+.agent-name small {
+  font-family: var(--mono); font-size: var(--text-xs); color: var(--ink-3);
+  white-space: nowrap; overflow: hidden; text-overflow: ellipsis;
+  display: block;
+}
+.agent-state {
+  display: inline-flex; align-items: center; gap: 6px;
+  font-size: var(--text-xs);
+  font-family: var(--mono);
+}
+.state-dot {
+  width: 7px; height: 7px; border-radius: 50%;
+  background: var(--ink-4);
+}
+.state-dot.live { background: var(--sage); animation: pulse-soft 2.4s ease-in-out infinite; }
+.state-dot.idle { background: var(--ochre); }
+.state-dot.off { background: var(--ink-4); }
+@keyframes pulse-soft {
+  0%, 100% { box-shadow: 0 0 0 0 currentColor; opacity: 1; }
+  50% { box-shadow: 0 0 0 4px transparent; opacity: 0.7; }
+}
+.agent-last {
+  font-family: var(--mono); font-size: var(--text-xs); color: var(--ink-3);
+}
+/* Inspect pane (combined with .card outer wrapper for the
+ * renderAgentInspectPanel return-shape regex anchored in
+ * dashboard-welcome.test.ts:152). The .inspect-pane modifier overrides
+ * .card padding so internal sections control their own spacing.
+ */
+.inspect-pane {
+  padding: 0;
+  display: flex; flex-direction: column;
+  position: sticky;
+  top: 20px;
+  max-height: calc(100vh - 100px);
+  overflow: hidden;
+}
+.inspect-head {
+  padding: 16px 18px;
+  border-bottom: 1px solid var(--rule);
+  display: flex; flex-direction: column; gap: 10px;
+}
+.inspect-head .row1 {
+  display: flex; align-items: center; gap: 10px;
+}
+.inspect-head h3 {
+  font-family: var(--serif); font-weight: 500;
+  font-size: 17px; margin: 0;
+}
+.inspect-head .meta {
+  display: flex; gap: 6px; flex-wrap: wrap;
+}
+.inspect-body {
+  overflow-y: auto;
+  padding: 4px 18px 18px;
+}
+.inspect-section {
+  padding: 14px 0;
+  border-bottom: 1px solid var(--rule);
+}
+.inspect-section:last-child { border-bottom: 0; }
+.inspect-section h4 {
+  font-family: var(--mono);
+  font-size: 10px;
+  letter-spacing: 0.08em;
+  text-transform: uppercase;
+  color: var(--ink-3);
+  margin: 0 0 10px;
+  display: flex; align-items: center; justify-content: space-between;
+}
+.inspect-section h4 .count {
+  font-family: var(--mono);
+  background: var(--paper-3);
+  border-radius: 999px;
+  padding: 1px 7px;
+  color: var(--ink-2);
+  font-size: 10px;
+}
+.approval-row {
+  background: var(--ochre-bg);
+  border: 1px solid var(--ochre);
+  border-radius: var(--rad);
+  padding: 10px 12px;
+  margin-bottom: 8px;
+  display: flex; flex-direction: column; gap: 8px;
+}
+.approval-row .what { font-size: var(--text-base); color: var(--ink); }
+.approval-row .what .pill { margin-right: 6px; }
+.approval-row .why {
+  font-size: var(--text-sm); color: var(--ink-2);
+  padding-left: 10px;
+  border-left: 2px solid var(--ochre);
+}
+.approval-row .actions { display: flex; gap: 6px; justify-content: flex-end; }
+.timeline {
+  display: flex; flex-direction: column; gap: 0;
+  position: relative;
+  padding-left: 14px;
+}
+.timeline::before {
+  content: "";
+  position: absolute;
+  left: 4px; top: 6px; bottom: 6px;
+  width: 1px;
+  background: var(--rule);
+}
+.timeline-item {
+  position: relative;
+  padding: 6px 0 10px;
+  font-size: var(--text-sm);
+}
+.timeline-item::before {
+  content: "";
+  position: absolute;
+  left: -14px; top: 11px;
+  width: 8px; height: 8px;
+  border-radius: 50%;
+  background: var(--surface);
+  border: 1.5px solid var(--ink-4);
+}
+.timeline-item.ok::before { border-color: var(--sage); }
+.timeline-item.warn::before { border-color: var(--ochre); }
+.timeline-item.fail::before { border-color: var(--rust); }
+.timeline-item .ts {
+  font-family: var(--mono); font-size: 10px;
+  color: var(--ink-3);
+  letter-spacing: 0.02em;
 }
+.timeline-item .what {
+  margin-top: 2px; color: var(--ink); font-size: var(--text-base);
+}
+.timeline-item .att {
+  margin-top: 4px;
+  display: inline-flex;
+}
+.policy-line {
+  display: flex; justify-content: space-between; align-items: center;
+  padding: 5px 0; font-size: var(--text-base);
+  border-bottom: 1px dashed var(--rule);
+}
+.policy-line:last-child { border-bottom: 0; }
+.policy-line .k { color: var(--ink-3); }
+.policy-line .v { font-family: var(--mono); font-size: var(--text-sm); color: var(--ink); }
+/* Empty-state block for when no agents are wrapped. The
+ * renderAgentsList empty-state branch begins with the literal
+ * '<h1>Agents</h1>' (regex-pinned in agents-empty-state-canary.test.ts)
+ * and the "No wrapped agents yet." copy is preserved verbatim.
+ */
+.agents-empty {
+  background: var(--surface);
+  border: 1px dashed var(--rule-2);
+  border-radius: var(--rad-lg);
+  padding: 56px 40px;
+  text-align: center;
+  max-width: 720px;
+  margin: 32px auto;
+}
+.agents-empty .icon-frame {
+  width: 64px; height: 64px;
+  margin: 0 auto 18px;
+  border: 1px solid var(--rule);
+  border-radius: 50%;
+  display: grid; place-items: center;
+  position: relative;
+}
+.agents-empty .icon-frame::before,
+.agents-empty .icon-frame::after {
+  content: "";
+  position: absolute;
+  border: 1px solid var(--rule);
+  border-radius: 50%;
+}
+.agents-empty .icon-frame::before { inset: -8px; opacity: 0.6; }
+.agents-empty .icon-frame::after { inset: -16px; opacity: 0.3; }
+.agents-empty .icon-frame .core {
+  width: 22px; height: 22px;
+  background: var(--ink);
+  border-radius: 50%;
+}
+.agents-empty h2 {
+  font-family: var(--serif);
+  font-weight: 400;
+  font-size: var(--text-xl);
+  margin: 0 0 8px;
+}
+.agents-empty p {
+  color: var(--ink-3);
+  margin: 0 0 20px;
+  font-size: var(--text-md);
+  line-height: 1.55;
+  max-width: 50ch;
+  margin-left: auto; margin-right: auto;
+}
+.terminal-block {
+  text-align: left;
+  background: var(--paper-3);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad);
+  padding: 14px 16px;
+  font-family: var(--mono);
+  font-size: var(--text-base);
+  margin: 0 auto 16px;
+  max-width: 480px;
+  display: flex; align-items: center; justify-content: space-between;
+}
+.terminal-block .cmd { color: var(--ink); }
+.terminal-block .cmd .prompt { color: var(--ink-3); margin-right: 8px; user-select: none; }
+.copy-btn {
+  background: transparent; border: 0;
+  color: var(--ink-3); cursor: pointer;
+  font-family: var(--mono); font-size: var(--text-xs);
+  padding: 2px 6px;
+  border-radius: var(--rad);
+}
+.copy-btn:hover { color: var(--ink); background: var(--paper-2); }
+
+/* Surface 5. Attestation badge gallery. */
+.att-gallery {
+  display: flex; flex-direction: column; gap: 24px;
+  max-width: 1000px;
+  margin: 0 auto;
+}
+.att-section {
+  background: var(--surface);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad-lg);
+  padding: 22px 24px;
+}
+.att-section-head {
+  display: flex; justify-content: space-between; align-items: baseline;
+  gap: 12px;
+  margin-bottom: 16px;
+  padding-bottom: 12px;
+  border-bottom: 1px solid var(--rule);
+}
+.att-section-head h2 {
+  font-family: var(--serif);
+  font-weight: 400;
+  font-size: 19px;
+  margin: 0 0 4px;
+}
+.att-section-head p {
+  color: var(--ink-3);
+  margin: 0;
+  font-size: 13px;
+  line-height: 1.5;
+  max-width: 64ch;
+}
+.att-section-head .label {
+  font-family: var(--mono);
+  font-size: 10px;
+  letter-spacing: 0.08em;
+  text-transform: uppercase;
+  color: var(--ink-3);
+}
+.att-row {
+  display: grid;
+  grid-template-columns: 240px 1fr;
+  gap: 24px;
+  padding: 14px 0;
+  border-bottom: 1px dashed var(--rule);
+  align-items: center;
+}
+.att-row:last-child { border-bottom: 0; }
+.att-row .demo {
+  display: flex; align-items: center; justify-content: flex-start;
+  padding: 12px 16px;
+  background: var(--paper-2);
+  border: 1px solid var(--rule);
+  border-radius: var(--rad);
+  min-height: 56px;
+}
+.att-row .desc strong {
+  font-size: 13px; display: block; margin-bottom: 3px;
+}
+.att-row .desc small {
+  color: var(--ink-3); font-size: 12px;
+  line-height: 1.5;
+}
+
+/* Global persistent badge. Lives in the topbar across every surface. */
+.att-global {
+  display: inline-flex; align-items: center;
+  gap: 8px;
+  padding: 4px 10px 4px 6px;
+  border: 1px solid var(--rule);
+  border-radius: 999px;
+  background: var(--surface-2);
+  font-family: var(--mono);
+  font-size: 11px;
+  color: var(--ink-2);
+}
+.att-global.verified { border-color: var(--sage); background: var(--sage-bg); color: var(--sage); }
+.att-global.degraded { border-color: var(--ochre); background: var(--ochre-bg); color: var(--ochre); }
+.att-global.unverified { border-color: var(--rust); background: var(--rust-bg); color: var(--rust); }
+.att-global .seal {
+  width: 18px; height: 18px;
+  position: relative;
+  flex-shrink: 0;
+}
+.att-global .seal-ring {
+  position: absolute; inset: 0;
+  border: 1.5px solid currentColor;
+  border-radius: 50%;
+}
+.att-global .seal-ring.dashed { border-style: dashed; }
+.att-global .seal-core {
+  position: absolute; inset: 4px;
+  background: currentColor;
+  border-radius: 50%;
+  opacity: 0.85;
+}
+.att-global.degraded .seal-core { background: transparent; border: 1px solid currentColor; }
+.att-global.unverified .seal-core {
+  background: transparent;
+  border: 1px solid currentColor;
+}
+.att-global.unverified .seal-core::after {
+  content: ""; position: absolute; inset: 0;
+  background: currentColor; opacity: 0.4;
+  clip-path: polygon(0 0, 100% 100%, 100% 90%, 10% 0);
+}
+.att-global .label {
+  font-family: var(--mono);
+  font-size: 11px;
+  letter-spacing: 0.02em;
+  text-transform: uppercase;
+}
+.att-global .hash {
+  font-family: var(--mono);
+  font-size: 10px;
+  opacity: 0.7;
+  border-left: 1px solid currentColor;
+  padding-left: 8px;
+  margin-left: 2px;
+}
+
+/* Per-agent badge. Square chip beside each agent. */
+.att-agent {
+  display: inline-flex; align-items: center;
+  gap: 6px;
+  padding: 3px 7px;
+  border-radius: var(--rad);
+  border: 1px solid var(--rule);
+  background: var(--surface);
+  font-family: var(--mono);
+  font-size: 10px;
+  color: var(--ink-2);
+}
+.att-agent .mark {
+  width: 10px; height: 10px;
+  border: 1.5px solid currentColor;
+  border-radius: 2px;
+  position: relative;
+}
+.att-agent.verified { color: var(--sage); border-color: var(--sage); background: var(--sage-bg); }
+.att-agent.verified .mark { background: currentColor; }
+.att-agent.degraded { color: var(--ochre); border-color: var(--ochre); background: var(--ochre-bg); }
+.att-agent.unverified { color: var(--rust); border-color: var(--rust); background: var(--rust-bg); }
+.att-agent.unverified .mark {
+  background: repeating-linear-gradient(
+    45deg, currentColor, currentColor 1px,
+    transparent 1px, transparent 3px
+  );
+}
+
+/* Per-action badge. Tiny inline tick on timeline rows. */
+.att-action {
+  display: inline-flex; align-items: center; gap: 4px;
+  font-family: var(--mono);
+  font-size: 10px;
+  color: var(--ink-3);
+  padding: 1px 6px;
+  border-radius: 4px;
+  background: var(--paper-3);
+  border: 1px solid transparent;
+}
+.att-action .tick {
+  width: 6px; height: 6px;
+  border-radius: 1px;
+  background: currentColor;
+}
+.att-action.verified { color: var(--sage); }
+.att-action.degraded { color: var(--ochre); }
+.att-action.unverified { color: var(--rust); }
+.att-action.neutral .tick { background: var(--ink-4); border-radius: 50%; }
+
+/* Custody-provenance badge stub (v1.x). Visibly stubbed with dashed border. */
+.att-custody {
+  display: inline-flex; align-items: center; gap: 8px;
+  padding: 4px 10px 4px 6px;
+  border-radius: var(--rad);
+  border: 1px dashed var(--rule-2);
+  background: var(--paper-3);
+  color: var(--ink-3);
+  font-family: var(--mono);
+  font-size: 10px;
+}
+.att-custody .seal-stub {
+  width: 16px; height: 16px;
+  border: 1px dashed var(--ink-4);
+  border-radius: 50%;
+  position: relative;
+  flex-shrink: 0;
+}
+.att-custody .seal-stub::after {
+  content: ""; position: absolute; inset: 4px;
+  border: 1px dashed var(--ink-4);
+  border-radius: 50%;
+}
+.att-custody .stub-tag {
+  letter-spacing: 0.06em;
+  text-transform: uppercase;
+}
+
+/* Tooltip surface for badges. */
+.att-tooltip {
+  background: var(--ink);
+  color: var(--paper);
+  font-family: var(--mono);
+  font-size: 11px;
+  padding: 8px 10px;
+  border-radius: var(--rad);
+  max-width: 280px;
+  line-height: 1.5;
+  display: inline-block;
+}
+[data-theme="dark"] .att-tooltip {
+  background: var(--paper-3);
+  color: var(--ink);
+}
+
 @media (max-width: 1100px) {
   .app, .app.route-full { grid-template-columns: 56px 1fr; grid-template-areas: "sidebar topbar" "sidebar main"; }
   .fortress { display: none; }
   .sidebar h1, .sidebar nav a span { display: none; }
+  .sidebar nav a { justify-content: center; padding: 8px 6px; }
   .template-grid { grid-template-columns: 1fr; }
   .policy-center h1 { font-size: 30px; }
   .intel-center h1 { font-size: 30px; }
   .intel-row { grid-template-columns: 1fr; }
+  .intel-grid { grid-template-columns: 1fr; }
+  .intel-failure-row { grid-template-columns: 1fr; }
+  .agents-layout { grid-template-columns: 1fr; }
+  .agents-list-head, .agents-list .agent-row { grid-template-columns: minmax(0, 1fr) 90px 90px; }
+  .agents-list-head span:nth-child(4), .agents-list .agent-row > .agent-last { display: none; }
+  .inspect-pane { position: static; max-height: none; }
 }
 `;
     NAV_ITEMS = [
@@ -15142,11 +16374,26 @@ body {
       { id: "agents", label: "Agents" },
       { id: "policy", label: "Policy" },
       { id: "intelligence", label: "Intelligence" },
+      { id: "attestation", label: "Attestation" },
       { id: "privacy", label: "Privacy" },
       { id: "coordination", label: "Coordination" },
       { id: "health", label: "Health" },
       { id: "exit-drill", label: "Exit drill" }
     ];
+    NAV_ICON_PATHS = {
+      dashboard: '<rect x="2" y="2" width="5" height="5" rx="1"/><rect x="9" y="2" width="5" height="5" rx="1"/><rect x="2" y="9" width="5" height="5" rx="1"/><rect x="9" y="9" width="5" height="5" rx="1"/>',
+      agents: '<circle cx="6" cy="5.5" r="2.3"/><path d="M2 13.5c0-2.2 1.8-4 4-4s4 1.8 4 4"/><circle cx="11.5" cy="6" r="1.8"/><path d="M14 12.5c0-1.7-1.1-2.7-2.5-3"/>',
+      policy: '<path d="M4 2h5l3 3v9H4z"/><path d="M9 2v3h3"/><path d="M6 9h4M6 11.5h4"/>',
+      intelligence: '<rect x="3.5" y="3.5" width="9" height="9" rx="0.5"/><rect x="6" y="6" width="4" height="4"/><path d="M6 1.5v2M10 1.5v2M6 12.5v2M10 12.5v2M1.5 6h2M1.5 10h2M12.5 6h2M12.5 10h2"/>',
+      attestation: '<circle cx="8" cy="8" r="5.5"/><circle cx="8" cy="8" r="2.2"/><path d="M8 1.5v1.5M8 13v1.5M1.5 8h1.5M13 8h1.5"/>',
+      privacy: '<path d="M8 1.5L3 3v4.5c0 3 2.2 5.4 5 7 2.8-1.6 5-4 5-7V3z"/><path d="M6 8l1.5 1.5L10.5 6"/>',
+      coordination: '<circle cx="4" cy="3.5" r="1.4"/><circle cx="4" cy="12.5" r="1.4"/><circle cx="12" cy="8" r="1.4"/><path d="M4 4.9V11.1M4 5c0 3 3 3 6.7 3"/>',
+      health: '<path d="M2 8h2.5l1.5-4 3 8 1.5-4H14"/>',
+      "exit-drill": '<path d="M9.5 2H3v12h6.5"/><path d="M11 5l3 3-3 3"/><path d="M14 8H6.5"/>'
+    };
+    SVG_OPEN = '<svg viewBox="0 0 16 16" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true">';
+    THEME_ICON_MOON = SVG_OPEN + '<path d="M13 9.5A5.5 5.5 0 0 1 6.5 3 5.5 5.5 0 1 0 13 9.5z"/></svg>';
+    THEME_ICON_SUN = SVG_OPEN + '<circle cx="8" cy="8" r="2.5"/><path d="M8 1.5v2M8 12.5v2M1.5 8h2M12.5 8h2M3.2 3.2l1.4 1.4M11.4 11.4l1.4 1.4M3.2 12.8l1.4-1.4M11.4 4.6l1.4-1.4"/></svg>';
   }
 });
 
@@ -15855,7 +17102,7 @@ var init_dashboard = __esm({
           server = http.createServer(handler);
         }
         this.httpServer = server;
-        return new Promise((resolve5, reject) => {
+        return new Promise((resolve6, reject) => {
           const protocol = this.useTLS ? "https" : "http";
           const baseUrl = `${protocol}://${this.config.host}:${this.config.port}`;
           server.listen(this.config.port, this.config.host, () => {
@@ -15880,7 +17127,7 @@ var init_dashboard = __esm({
             if (shouldAutoOpen) {
               this.openInBrowser(sessionUrl);
             }
-            resolve5();
+            resolve6();
           });
           server.on("error", (err) => {
             if (err.code === "EADDRINUSE") {
@@ -15926,8 +17173,8 @@ var init_dashboard = __esm({
         }
         this.rateLimits.clear();
         if (this.httpServer) {
-          return new Promise((resolve5) => {
-            this.httpServer.close(() => resolve5());
+          return new Promise((resolve6) => {
+            this.httpServer.close(() => resolve6());
           });
         }
       }
@@ -15941,7 +17188,7 @@ var init_dashboard = __esm({
           `[Sanctuary] Approval required: ${request.operation} (Tier ${request.tier}) \u2014 open dashboard to respond
 `
         );
-        return new Promise((resolve5) => {
+        return new Promise((resolve6) => {
           const timer = setTimeout(() => {
             this.pending.delete(id);
             const response = {
@@ -15955,12 +17202,12 @@ var init_dashboard = __esm({
               decision: response.decision,
               decided_by: "timeout"
             });
-            resolve5(response);
+            resolve6(response);
           }, this.config.timeout_seconds * 1e3);
           const pending = {
             id,
             request,
-            resolve: resolve5,
+            resolve: resolve6,
             timer,
             created_at: (/* @__PURE__ */ new Date()).toISOString()
           };
@@ -16826,7 +18073,7 @@ var init_webhook = __esm({
        * Start the callback listener server.
        */
       async start() {
-        return new Promise((resolve5, reject) => {
+        return new Promise((resolve6, reject) => {
           this.callbackServer = http.createServer(
             (req, res) => this.handleCallback(req, res)
           );
@@ -16841,7 +18088,7 @@ var init_webhook = __esm({
 
 `
               );
-              resolve5();
+              resolve6();
             }
           );
           this.callbackServer.on("error", reject);
@@ -16861,8 +18108,8 @@ var init_webhook = __esm({
         }
         this.pending.clear();
         if (this.callbackServer) {
-          return new Promise((resolve5) => {
-            this.callbackServer.close(() => resolve5());
+          return new Promise((resolve6) => {
+            this.callbackServer.close(() => resolve6());
           });
         }
       }
@@ -16875,7 +18122,7 @@ var init_webhook = __esm({
           `[Sanctuary] Webhook approval sent: ${request.operation} (Tier ${request.tier}) \u2014 awaiting callback
 `
         );
-        return new Promise((resolve5) => {
+        return new Promise((resolve6) => {
           const timer = setTimeout(() => {
             this.pending.delete(id);
             const response = {
@@ -16884,12 +18131,12 @@ var init_webhook = __esm({
               decided_at: (/* @__PURE__ */ new Date()).toISOString(),
               decided_by: "timeout"
             };
-            resolve5(response);
+            resolve6(response);
           }, this.config.timeout_seconds * 1e3);
           const pending = {
             id,
             request,
-            resolve: resolve5,
+            resolve: resolve6,
             timer,
             created_at: (/* @__PURE__ */ new Date()).toISOString()
           };
@@ -18554,8 +19801,8 @@ function verifySHR(shr, now) {
   const errors = [];
   const warnings = [];
   const currentTime = /* @__PURE__ */ new Date();
-  if (!shr.body || !shr.signed_by || !shr.signature) {
-    errors.push("Missing required SHR fields (body, signed_by, or signature)");
+  if (!shr.body || !shr.signed_by || !shr.signature || !shr.signature_scheme) {
+    errors.push("Missing required SHR fields (body, signed_by, signature_scheme, or signature)");
     return {
       valid: false,
       errors,
@@ -18568,6 +19815,9 @@ function verifySHR(shr, now) {
   if (shr.body.shr_version !== "1.0") {
     errors.push(`Unsupported SHR version: ${shr.body.shr_version}`);
   }
+  if (shr.signature_scheme !== SIGNATURE_SCHEME_V1) {
+    errors.push(`Unsupported SHR signature_scheme: ${String(shr.signature_scheme)}`);
+  }
   const expiresAt = new Date(shr.body.expires_at);
   if (isNaN(expiresAt.getTime())) {
     errors.push("Invalid expires_at timestamp");
@@ -18629,6 +19879,7 @@ var init_verifier = __esm({
     init_types();
     init_identity();
     init_encoding();
+    init_constants();
   }
 });
 
@@ -23588,7 +24839,7 @@ async function runOpenAIPrivacyFilter(text, config) {
   return parsed;
 }
 function runCommand(command, input, timeoutMs) {
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     const child = child_process.spawn(command, [], {
       stdio: ["pipe", "pipe", "pipe"],
       shell: false
@@ -23619,7 +24870,7 @@ function runCommand(command, input, timeoutMs) {
         ));
         return;
       }
-      resolve5(stdout);
+      resolve6(stdout);
     });
     child.stdin.end(input);
   });
@@ -25495,13 +26746,13 @@ var init_proxy_router = __esm({
        * Call an upstream tool with a timeout.
        */
       async callWithTimeout(serverName, toolName, args, timeoutMs) {
-        return new Promise((resolve5, reject) => {
+        return new Promise((resolve6, reject) => {
           const timer = setTimeout(() => {
             reject(new Error(`Upstream tool call timed out after ${timeoutMs}ms`));
           }, timeoutMs);
           this.clientManager.callTool(serverName, toolName, args).then((result) => {
             clearTimeout(timer);
-            resolve5(result);
+            resolve6(result);
           }).catch((err) => {
             clearTimeout(timer);
             reject(err);
@@ -30006,8 +31257,6 @@ var init_inbox_aggregator = __esm({
   "src/hub/inbox-aggregator.ts"() {
   }
 });
-
-// src/hub/activity-feed.ts
 function categorizeOperation(layer, operation) {
   const op = operation.toLowerCase();
   if (op === "privacy_event" || op.startsWith("privacy_")) return "privacy";
@@ -30058,18 +31307,30 @@ function extractAgentIdHint(entry) {
   const value = details.agent_id;
   return typeof value === "string" && value.length > 0 ? value : void 0;
 }
+function deriveAttestationFragment(entryId) {
+  const hash2 = crypto.createHash("sha256").update(entryId).digest("hex");
+  return `${hash2.slice(0, 4)}..${hash2.slice(4, 6)}`;
+}
+function deriveAttestationState(entry) {
+  return entry.result === "success" ? "verified" : "degraded";
+}
 function projectEntry(entry) {
   const agentIdHint = extractAgentIdHint(entry);
   const category = categorizeOperation(entry.layer, entry.operation);
+  const entryId = `${entry.timestamp}|${entry.operation}|${entry.identity_id}`;
   return {
     version: "1.1",
-    entry_id: `${entry.timestamp}|${entry.operation}|${entry.identity_id}`,
+    entry_id: entryId,
     emitted_at: entry.timestamp,
     ...agentIdHint ? { agent_id: agentIdHint } : {},
     identity_id: entry.identity_id,
     category,
     display_template_id: templateIdFor(category, entry.operation),
-    display_template_args: buildTemplateArgs(entry, agentIdHint)
+    display_template_args: buildTemplateArgs(entry, agentIdHint),
+    attestation: {
+      state: deriveAttestationState(entry),
+      fragment: deriveAttestationFragment(entryId)
+    }
   };
 }
 async function aggregateActivity(sources, filter = {}) {
@@ -30134,7 +31395,7 @@ function snapshotForRecord(record, openInboxItemIds) {
 var HubService;
 var init_hub_service = __esm({
   "src/hub/hub-service.ts"() {
-    init_constants();
+    init_constants2();
     init_channel_templates();
     init_constants3();
     init_errors4();
@@ -33047,10 +34308,10 @@ var init_memory = __esm({
 });
 
 // src/contracts/v1.1/constants.ts
-var SIGNATURE_SCHEME_V1, EXIT_BUNDLE_MANIFEST_VERSION, EXIT_BUNDLE_ARTIFACT_KINDS;
+var SIGNATURE_SCHEME_V12, EXIT_BUNDLE_MANIFEST_VERSION, EXIT_BUNDLE_ARTIFACT_KINDS;
 var init_constants4 = __esm({
   "src/contracts/v1.1/constants.ts"() {
-    SIGNATURE_SCHEME_V1 = "ed25519-v1";
+    SIGNATURE_SCHEME_V12 = "ed25519-v1";
     EXIT_BUNDLE_MANIFEST_VERSION = "SANCTUARY_EXIT_BUNDLE_V1";
     EXIT_BUNDLE_ARTIFACT_KINDS = [
       "public_identity",
@@ -33243,7 +34504,7 @@ function verifyReputationArtifact(reputationArtifact, publicKeysByDid) {
     unverifiable_attestations: unverifiable
   };
 }
-async function verifyExitBundle(bundleDir) {
+async function verifyExitBundle(bundleDir, options = {}) {
   const root = path.resolve(bundleDir);
   let manifest;
   let manifestBytes;
@@ -33252,7 +34513,9 @@ async function verifyExitBundle(bundleDir) {
     manifestBytes = new Uint8Array(raw.buffer, raw.byteOffset, raw.byteLength);
     manifest = JSON.parse(Buffer.from(raw).toString("utf8"));
   } catch {
-    return fail(root, null, "other", ["manifest.json is missing or unreadable"]);
+    throw new InvalidExitBundleError(
+      `Not a valid SANCTUARY_EXIT_BUNDLE_V1 directory: manifest.json missing at ${path.join(root, "manifest.json")}`
+    );
   }
   const warnings = [];
   const unsupportedArtifacts = [];
@@ -33260,7 +34523,7 @@ async function verifyExitBundle(bundleDir) {
   if (!body || body.manifest_version !== EXIT_BUNDLE_MANIFEST_VERSION) {
     return fail(root, manifest, "manifest_unknown_version", warnings, unsupportedArtifacts);
   }
-  if (body.signature_scheme !== SIGNATURE_SCHEME_V1) {
+  if (body.signature_scheme !== SIGNATURE_SCHEME_V12) {
     return fail(
       root,
       manifest,
@@ -33420,9 +34683,16 @@ async function verifyExitBundle(bundleDir) {
   }
   const reputationFailed = reputation?.bundle_signature_valid === false || (reputation?.invalid_attestations ?? 0) > 0;
   const identityFailed = identity ? !identity.signature_valid : false;
+  const unverifiableCount = reputation?.unverifiable_attestations ?? 0;
+  const unverifiableFailed = unverifiableCount > 0 && !options.acceptUnverifiableAttestations;
+  if (unverifiableFailed) {
+    warnings.push(
+      `${unverifiableCount} reputation attestation(s) have unknown signer public keys; pass --accept-unverifiable-attestations to import anyway`
+    );
+  }
   return {
     version: "1.1",
-    passed: !reputationFailed && !identityFailed,
+    passed: !reputationFailed && !identityFailed && !unverifiableFailed,
     verified_at: (/* @__PURE__ */ new Date()).toISOString(),
     manifest_path: path.join(root, "manifest.json"),
     manifest_hash: sha256Hex2(manifestBytes),
@@ -33439,10 +34709,10 @@ async function verifyExitBundle(bundleDir) {
     identity,
     audit,
     reputation,
-    failure_class: reputationFailed || identityFailed ? "other" : void 0
+    failure_class: reputationFailed || identityFailed || unverifiableFailed ? "other" : void 0
   };
 }
-var PRIVATE_MATERIAL_KEYS;
+var InvalidExitBundleError, PRIVATE_MATERIAL_KEYS;
 var init_verifier2 = __esm({
   "src/exit/verifier.ts"() {
     init_constants4();
@@ -33450,6 +34720,12 @@ var init_verifier2 = __esm({
     init_encoding();
     init_hashing();
     init_canonical_json();
+    InvalidExitBundleError = class extends Error {
+      constructor(message) {
+        super(message);
+        this.name = "InvalidExitBundleError";
+      }
+    };
     PRIVATE_MATERIAL_KEYS = /* @__PURE__ */ new Set([
       "private_key",
       "privatekey",
@@ -33755,7 +35031,7 @@ async function exportExitBundle(opts) {
     ),
     artifacts_aggregate_hash_alg: "sha256",
     export_approval_audit_id: exportApprovalAuditId,
-    signature_scheme: SIGNATURE_SCHEME_V1
+    signature_scheme: SIGNATURE_SCHEME_V12
   };
   const signature = sign(
     canonicalizeToBytes(body),
@@ -33940,7 +35216,9 @@ async function stageArtifact(storage, namespace, key, value) {
   await storage.write(namespace, key, jsonBytes(value));
 }
 async function importExitBundle(opts) {
-  const verification = await verifyExitBundle(opts.bundleDir);
+  const verification = await verifyExitBundle(opts.bundleDir, {
+    acceptUnverifiableAttestations: opts.acceptUnverifiableAttestations
+  });
   if (!verification.passed) {
     return {
       verified: false,
@@ -34036,6 +35314,23 @@ async function importExitBundle(opts) {
       unsupported_artifacts: verification.unsupported_artifacts
     };
   }
+  if (conflicts.public_identity_exists && !opts.forceRebind) {
+    throw new ExitBundleImportError(
+      "IDENTITY_OVERWRITE_REFUSED",
+      "Importing this bundle would overwrite an existing fortress public identity. Pass forceRebind: true (CLI: --force-rebind) to confirm explicit replacement."
+    );
+  }
+  if (conflicts.public_identity_exists && opts.forceRebind && identityArtifact) {
+    opts.auditLog.append(
+      "l1",
+      "exit_bundle_force_rebind",
+      identityArtifact.json.bundle.identity_id,
+      {
+        manifest_version: manifest.body.manifest_version,
+        fortress_id: manifest.body.identity_binding.fortress_id
+      }
+    );
+  }
   const importId = importIdForManifest(manifest);
   const stagedArtifacts = [];
   if (identityArtifact) {
@@ -34146,7 +35441,7 @@ function exitBundleManifestShape() {
     manifest_version: EXIT_BUNDLE_MANIFEST_VERSION,
     artifacts: [...EXIT_BUNDLE_ARTIFACT_KINDS],
     hash_alg: "sha256",
-    signature_scheme: SIGNATURE_SCHEME_V1,
+    signature_scheme: SIGNATURE_SCHEME_V12,
     required_top_level_file: "manifest.json",
     artifact_paths: [
       "artifacts/public_identity.json",
@@ -34159,7 +35454,7 @@ function exitBundleManifestShape() {
     ]
   };
 }
-var ARTIFACT_DIR, EXIT_IMPORT_NAMESPACE, EXIT_PUBLIC_IDENTITIES_NAMESPACE, EXIT_AUDIT_RECEIPTS_NAMESPACE, EXIT_POLICY_SETS_NAMESPACE, EXIT_COMMITMENTS_NAMESPACE, EXIT_PLACEHOLDER_METADATA_NAMESPACE, PRIVACY_PLACEHOLDER_NAMESPACE;
+var ARTIFACT_DIR, EXIT_IMPORT_NAMESPACE, EXIT_PUBLIC_IDENTITIES_NAMESPACE, EXIT_AUDIT_RECEIPTS_NAMESPACE, EXIT_POLICY_SETS_NAMESPACE, EXIT_COMMITMENTS_NAMESPACE, EXIT_PLACEHOLDER_METADATA_NAMESPACE, PRIVACY_PLACEHOLDER_NAMESPACE, ExitBundleImportError;
 var init_bundle = __esm({
   "src/exit/bundle.ts"() {
     init_state_store();
@@ -34181,6 +35476,14 @@ var init_bundle = __esm({
     EXIT_COMMITMENTS_NAMESPACE = "_exit_commitments";
     EXIT_PLACEHOLDER_METADATA_NAMESPACE = "_exit_placeholder_metadata";
     PRIVACY_PLACEHOLDER_NAMESPACE = "_privacy_placeholder_vault";
+    ExitBundleImportError = class extends Error {
+      code;
+      constructor(code, message) {
+        super(message);
+        this.name = "ExitBundleImportError";
+        this.code = code;
+      }
+    };
   }
 });
 function write(stream, text) {
@@ -34279,6 +35582,11 @@ Options:
   --destination-identity-id <id>    Destination signer for re-keyed state
   --state-namespace <name>          Export a namespace; repeatable
   --conflict <skip|overwrite|version>
+  --force-rebind                    On import: explicitly replace an existing fortress
+                                    public identity (Tier 1 confirmation)
+  --accept-unverifiable-attestations
+                                    On import: accept reputation attestations whose
+                                    signer DID is not in the bundle (Tier 1 confirmation)
   --json
   --yes, -y                         Explicit non-interactive Tier 1 approval
   --help, -h
@@ -34307,7 +35615,22 @@ async function runExitCommand(args) {
         write(err, "Usage: sanctuary exit verify <dir>\n");
         return 2;
       }
-      const result = await verifyExitBundle(dir);
+      let result;
+      try {
+        result = await verifyExitBundle(dir, {
+          acceptUnverifiableAttestations: hasFlag(
+            argv,
+            "--accept-unverifiable-attestations"
+          )
+        });
+      } catch (e) {
+        if (e instanceof InvalidExitBundleError) {
+          write(err, `Error: ${e.message}
+`);
+          return 1;
+        }
+        throw e;
+      }
       if (json) {
         write(out, JSON.stringify(result, null, 2) + "\n");
       } else {
@@ -34385,9 +35708,15 @@ async function runExitCommand(args) {
         return 2;
       }
       const activate = hasFlag(argv, "--activate");
+      const forceRebind = hasFlag(argv, "--force-rebind");
+      const acceptUnverifiableAttestations = hasFlag(
+        argv,
+        "--accept-unverifiable-attestations"
+      );
       if (activate) {
+        const prompt2 = forceRebind ? "Tier 1 approval required: activate verified imported exit bundle AND replace the existing fortress public identity (force-rebind)?" : "Tier 1 approval required: activate verified imported exit bundle?";
         const approved = await confirmTier1(
-          "Tier 1 approval required: activate verified imported exit bundle?",
+          prompt2,
           hasFlag(argv, "--yes") || hasFlag(argv, "-y"),
           stdin,
           err
@@ -34396,6 +35725,18 @@ async function runExitCommand(args) {
           write(err, "Aborted.\n");
           return 1;
         }
+        if (acceptUnverifiableAttestations) {
+          const acceptApproved = await confirmTier1(
+            "Tier 1 approval required: accept unverifiable reputation attestations on import?",
+            hasFlag(argv, "--yes") || hasFlag(argv, "-y"),
+            stdin,
+            err
+          );
+          if (!acceptApproved) {
+            write(err, "Aborted.\n");
+            return 1;
+          }
+        }
       }
       const ctx = await openExitContext(argv, env);
       const conflict = flagValue(argv, "--conflict") ?? "skip";
@@ -34403,19 +35744,31 @@ async function runExitCommand(args) {
         write(err, "--conflict must be skip, overwrite, or version\n");
         return 2;
       }
-      const result = await importExitBundle({
-        bundleDir: dir,
-        storage: ctx.storage,
-        masterKey: ctx.masterKey,
-        identityManager: ctx.identityManager,
-        auditLog: ctx.auditLog,
-        reputationStore: ctx.reputationStore,
-        activate,
-        conflictResolution: conflict,
-        sourcePassphrase: flagValue(argv, "--source-passphrase"),
-        sourceRecoveryKey: flagValue(argv, "--source-recovery-key"),
-        destinationSignerIdentityId: flagValue(argv, "--destination-identity-id")
-      });
+      let result;
+      try {
+        result = await importExitBundle({
+          bundleDir: dir,
+          storage: ctx.storage,
+          masterKey: ctx.masterKey,
+          identityManager: ctx.identityManager,
+          auditLog: ctx.auditLog,
+          reputationStore: ctx.reputationStore,
+          activate,
+          forceRebind,
+          acceptUnverifiableAttestations,
+          conflictResolution: conflict,
+          sourcePassphrase: flagValue(argv, "--source-passphrase"),
+          sourceRecoveryKey: flagValue(argv, "--source-recovery-key"),
+          destinationSignerIdentityId: flagValue(argv, "--destination-identity-id")
+        });
+      } catch (e) {
+        if (e instanceof InvalidExitBundleError) {
+          write(err, `Error: ${e.message}
+`);
+          return 1;
+        }
+        throw e;
+      }
       if (json) write(out, JSON.stringify(result, null, 2) + "\n");
       else {
         write(out, `verified: ${result.verified}
@@ -34470,6 +35823,7 @@ var init_cli = __esm({
 // src/exit/index.ts
 var exit_exports = {};
 __export(exit_exports, {
+  ExitBundleImportError: () => ExitBundleImportError,
   exitBundleManifestShape: () => exitBundleManifestShape,
   exportExitBundle: () => exportExitBundle,
   importExitBundle: () => importExitBundle,
@@ -34526,11 +35880,11 @@ async function startDashboardServer(options) {
       }
     }
   });
-  await new Promise((resolve5, reject) => {
+  await new Promise((resolve6, reject) => {
     server.once("error", reject);
     server.listen(port, host, () => {
       server.off("error", reject);
-      resolve5();
+      resolve6();
     });
   });
   const actualPort = (() => {
@@ -34543,8 +35897,8 @@ async function startDashboardServer(options) {
     url,
     port: actualPort,
     host,
-    stop: () => new Promise((resolve5, reject) => {
-      server.close((err) => err ? reject(err) : resolve5());
+    stop: () => new Promise((resolve6, reject) => {
+      server.close((err) => err ? reject(err) : resolve6());
     }),
     publish,
     publishActivity: (entry) => publish({ type: "activity", data: entry }),
@@ -34692,7 +36046,7 @@ async function createSanctuaryServer(options) {
       const hasKeyParams = existingNamespaces.some((e) => e.key === "key-params");
       if (hasKeyParams) {
         throw new Error(
-          "Sanctuary: Found existing key derivation parameters but no recovery key hash.\nThis indicates a corrupted or incomplete installation.\nIf you previously used a passphrase, set SANCTUARY_PASSPHRASE to start."
+          "Sanctuary: passphrase required.\n\nThe fortress at this path uses passphrase-mode key derivation.\nSet SANCTUARY_PASSPHRASE in your environment, or run\n'sanctuary export-passphrase' to retrieve it from the macOS Keychain."
         );
       }
       masterKey = generateRandomKey();
@@ -35217,7 +36571,7 @@ Refusing to start the cocoon while the reset-history marker is unreadable.`
       clientManager.configure(enabledServers).catch((err) => {
         console.error(`[Sanctuary] Failed to configure upstream servers: ${err instanceof Error ? err.message : "unknown error"}`);
       });
-      await new Promise((resolve5) => setTimeout(resolve5, 2e3));
+      await new Promise((resolve6) => setTimeout(resolve6, 2e3));
       const proxiedTools = proxyRouter.getProxiedTools();
       if (proxiedTools.length > 0) {
         allTools.push(...proxiedTools);
@@ -36056,8 +37410,8 @@ async function runWrap(options, deps = {}) {
     passphraseValue = process.env.SANCTUARY_PASSPHRASE;
   } else {
     try {
-      const resolve5 = deps.resolvePassphrase ?? (() => getOrCreatePassphrase({ storagePath }));
-      const resolved = await resolve5();
+      const resolve6 = deps.resolvePassphrase ?? (() => getOrCreatePassphrase({ storagePath }));
+      const resolved = await resolve6();
       passphraseLocation = resolved.location;
       passphraseSource = resolved.source;
       passphraseValue = resolved.value;
@@ -36097,24 +37451,31 @@ async function runWrap(options, deps = {}) {
   }
   await promises.mkdir(storagePath, { recursive: true, mode: 448 });
   if (passphraseSource === "generated" && passphraseValue !== void 0) {
-    try {
-      await disclosePassphrase({
-        passphrase: passphraseValue,
-        storagePath,
-        fortressId: fortressIdFromStoragePath(storagePath),
-        // --no-open (CI / scripted) or non-TTY stdin both skip the prompt
-        // the same way init's --no-confirm does. Operator who scripted the
-        // call still gets the banner + the file; they will not see a hang.
-        mode: options.noOpen || process.stdin.isTTY !== true ? "no-confirm" : "interactive"
-      });
-    } catch (err) {
-      if (err instanceof PassphraseConfirmationDeclinedError || err instanceof PassphraseConfirmationNonInteractiveError) {
-        console.error(`
+    if (options.writePassphraseBackup) {
+      try {
+        await disclosePassphrase({
+          passphrase: passphraseValue,
+          storagePath: path.dirname(options.writePassphraseBackup),
+          fortressId: fortressIdFromStoragePath(storagePath),
+          mode: options.noOpen || process.stdin.isTTY !== true ? "no-confirm" : "interactive"
+        });
+      } catch (err) {
+        if (err instanceof PassphraseConfirmationDeclinedError || err instanceof PassphraseConfirmationNonInteractiveError) {
+          console.error(`
   Sanctuary wrap: ${err.message}
 `);
-        process.exit(2);
+          process.exit(2);
+        }
+        throw err;
       }
-      throw err;
+    } else {
+      process.stderr.write(
+        `
+  Passphrase stored in macOS Keychain.
+  Run 'sanctuary export-passphrase' to retrieve it.
+  To write a plaintext backup: sanctuary wrap ... --write-passphrase-backup <path>
+`
+      );
     }
   }
   const profile = createWrapProfile(upstreamServers);
@@ -36205,6 +37566,8 @@ async function runWrap(options, deps = {}) {
       serverCount: upstreamServers.length});
     return;
   }
+  let intelligenceHealthy;
+  let intelligenceError;
   const authToken = generateAuthToken();
   const startFn = deps.startDashboard ?? ((opts) => startDashboard({
     port: opts.port,
@@ -36240,6 +37603,30 @@ async function runWrap(options, deps = {}) {
         );
       }
       const wrapAuditLog = new AuditLog(v11Storage, derived.key);
+      try {
+        const { IdentityManager: IdentityManager2 } = await Promise.resolve().then(() => (init_tools(), tools_exports));
+        const { createIdentity: createIdentity2 } = await Promise.resolve().then(() => (init_identity(), identity_exports));
+        const { derivePurposeKey: derivePurposeKey2 } = await Promise.resolve().then(() => (init_key_derivation(), key_derivation_exports));
+        const identityMgr = new IdentityManager2(v11Storage, derived.key);
+        const loadResult = await identityMgr.load();
+        if (loadResult.loaded === 0) {
+          const identityEncKey = derivePurposeKey2(derived.key, "identity-encryption");
+          const { storedIdentity, publicIdentity } = createIdentity2(
+            "default",
+            identityEncKey,
+            "passphrase"
+          );
+          await identityMgr.save(storedIdentity);
+          wrapAuditLog.append("l1", "identity_create", publicIdentity.identity_id, {
+            label: "default",
+            source: "wrap-auto"
+          });
+        }
+      } catch (err) {
+        console.error(
+          `  Note: default identity not created at wrap time (${err.message}).`
+        );
+      }
       let wrapIntelligenceSelector;
       try {
         wrapIntelligenceSelector = new SubstrateSelector({
@@ -36249,7 +37636,10 @@ async function runWrap(options, deps = {}) {
           identityId: `fortress:${storagePath}`
         });
         await wrapIntelligenceSelector.load();
+        intelligenceHealthy = true;
       } catch (err) {
+        intelligenceHealthy = false;
+        intelligenceError = err.message;
         console.error(
           `  Note: Intelligence panel unavailable on wrap URL (${err.message}).`
         );
@@ -36317,7 +37707,10 @@ async function runWrap(options, deps = {}) {
     toolCount: countUpstreamTools(upstreamServers),
     serverCount: upstreamServers.length,
     dashboardUrl,
-    browserOpened: !options.noOpen});
+    browserOpened: !options.noOpen,
+    intelligenceHealthy,
+    intelligenceError
+  });
 }
 async function runCocoon(options) {
   console.error(
@@ -36373,12 +37766,12 @@ async function defaultOpenBrowser(url) {
     cmd = "xdg-open";
     args = [url];
   }
-  await new Promise((resolve5) => {
+  await new Promise((resolve6) => {
     const child = child_process.spawn(cmd, args, { stdio: "ignore", detached: true });
-    child.on("error", () => resolve5());
+    child.on("error", () => resolve6());
     child.on("spawn", () => {
       child.unref();
-      resolve5();
+      resolve6();
     });
   });
 }
@@ -36404,7 +37797,15 @@ function formatWrapSuccess(info) {
     lines.push(`  ${d("(browser auto-open suppressed)")}`);
   }
   lines.push("");
-  lines.push(`  ${b("Your agent is protected.")} L1 Full / L2 Degraded (no TEE) / L3 Full / L4 Full.`);
+  const l2Status = info.intelligenceHealthy === false ? "L2 Degraded (intelligence disabled)" : "L2 Degraded (no TEE)";
+  lines.push(`  ${b("Your agent is protected.")} L1 Full / ${l2Status} / L3 Full / L4 Full.`);
+  if (info.intelligenceHealthy === false && info.intelligenceError) {
+    const w = (s) => `\x1B[33m${s}\x1B[0m`;
+    lines.push("");
+    lines.push(`  ${w("\u26A0")} L2 intelligence disabled: ${info.intelligenceError}`);
+    lines.push(`    Concierge chat and substrate-driven explanations will not work until this is resolved.`);
+    lines.push(`    Run 'sanctuary intelligence diagnose' to inspect substrate config.`);
+  }
   lines.push("");
   return lines.join("\n");
 }
@@ -36428,9 +37829,16 @@ function formatWrapSuccessNoDashboard(info) {
     `  ${d("Dashboard spawn skipped per --no-dashboard. Run `sanctuary dashboard` separately for a persistent dashboard.")}`
   );
   lines.push("");
+  const l2Status = info.intelligenceHealthy === false ? "L2 Degraded (intelligence disabled)" : "L2 Degraded (no TEE)";
   lines.push(
-    `  ${b("Your agent is protected.")} L1 Full / L2 Degraded (no TEE) / L3 Full / L4 Full.`
+    `  ${b("Your agent is protected.")} L1 Full / ${l2Status} / L3 Full / L4 Full.`
   );
+  if (info.intelligenceHealthy === false && info.intelligenceError) {
+    const w = (s) => `\x1B[33m${s}\x1B[0m`;
+    lines.push("");
+    lines.push(`  ${w("\u26A0")} L2 intelligence disabled: ${info.intelligenceError}`);
+    lines.push(`    Run 'sanctuary intelligence diagnose' to inspect substrate config.`);
+  }
   lines.push("");
   return lines.join("\n");
 }
@@ -36630,7 +38038,22 @@ function rawConfigContainsSanctuary(raw, agentPlatform) {
 function parseWrapArgs(argv) {
   const options = {};
   for (let i = 0; i < argv.length; i++) {
-    switch (argv[i]) {
+    const arg = argv[i];
+    if (!arg.startsWith("-")) {
+      const suggestion = WRAP_HARNESS_FLAGS.find(
+        (f) => f.replace(/^--/, "") === arg
+      );
+      const hint = suggestion ? ` Did you mean ${suggestion}?` : "";
+      throw new Error(
+        `Unrecognized argument '${arg}'.${hint} Run 'sanctuary wrap --help' for valid flags.`
+      );
+    }
+    if (!WRAP_BOOLEAN_FLAGS.has(arg) && !WRAP_VALUE_FLAGS.has(arg)) {
+      throw new Error(
+        `Unrecognized flag '${arg}'. Run 'sanctuary wrap --help' for valid flags.`
+      );
+    }
+    switch (arg) {
       case "--wrap":
         options.wrap = argv[++i];
         break;
@@ -36673,6 +38096,9 @@ function parseWrapArgs(argv) {
       case "--dev-dist":
         options.devDist = argv[++i];
         break;
+      case "--write-passphrase-backup":
+        options.writePassphraseBackup = argv[++i];
+        break;
       case "--help":
       case "-h":
         printWrapHelp();
@@ -36732,7 +38158,7 @@ function printWrapHelp() {
     5. Every tool call is logged, scanned, and tier-gated
 `);
 }
-var COCOON_GOVERNOR_DEFAULTS, PORT_FALLBACK_ATTEMPTS, parseCocoonArgs;
+var COCOON_GOVERNOR_DEFAULTS, PORT_FALLBACK_ATTEMPTS, WRAP_VALUE_FLAGS, WRAP_BOOLEAN_FLAGS, WRAP_HARNESS_FLAGS, parseCocoonArgs;
 var init_cli2 = __esm({
   "src/cocoon/cli.ts"() {
     init_config_reader();
@@ -36755,6 +38181,28 @@ var init_cli2 = __esm({
       lifetime_limit: 1e3
     };
     PORT_FALLBACK_ATTEMPTS = 20;
+    WRAP_VALUE_FLAGS = /* @__PURE__ */ new Set([
+      "--wrap",
+      "--passphrase",
+      "--port",
+      "--fortress",
+      "--dev-dist",
+      "--write-passphrase-backup"
+    ]);
+    WRAP_BOOLEAN_FLAGS = /* @__PURE__ */ new Set([
+      "--openclaw",
+      "--hermes",
+      "--claude-code",
+      "--cursor",
+      "--cline",
+      "--unwrap",
+      "--dry-run",
+      "--no-open",
+      "--no-dashboard",
+      "--help",
+      "-h"
+    ]);
+    WRAP_HARNESS_FLAGS = ["--openclaw", "--hermes", "--claude-code", "--cursor", "--cline"];
     parseCocoonArgs = parseWrapArgs;
   }
 });
@@ -37652,7 +39100,7 @@ var init_backend_interface = __esm({
   }
 });
 async function runSecurity(args, input) {
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     const child = child_process.spawn(SECURITY_BIN, args, { stdio: ["pipe", "pipe", "pipe"] });
     let stdout = "";
     let stderr = "";
@@ -37674,7 +39122,7 @@ async function runSecurity(args, input) {
       reject(err);
     });
     child.on("close", (code) => {
-      resolve5({ stdout, stderr, code: code ?? -1 });
+      resolve6({ stdout, stderr, code: code ?? -1 });
     });
     if (input !== void 0) {
       child.stdin.write(input);
@@ -38750,7 +40198,7 @@ async function readValue(stdin, prompt2) {
   return await readFirstLine(stdin);
 }
 async function readFirstLine(stdin) {
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     const rl = readline.createInterface({ input: stdin });
     let resolved = false;
     const finish = (value) => {
@@ -38761,7 +40209,7 @@ async function readFirstLine(stdin) {
         rl.close();
       } catch {
       }
-      resolve5(value);
+      resolve6(value);
     };
     const deadline = setTimeout(() => {
       finish("");
@@ -38780,7 +40228,7 @@ async function promptSilently(stdin, prompt2) {
   process.stderr.write(`${prompt2}: `);
   stdin.setRawMode?.(true);
   stdin.resume();
-  return await new Promise((resolve5) => {
+  return await new Promise((resolve6) => {
     let buf = "";
     const onData = (chunk) => {
       const s = chunk.toString("utf8");
@@ -38790,7 +40238,7 @@ async function promptSilently(stdin, prompt2) {
           stdin.pause();
           stdin.off("data", onData);
           process.stderr.write("\n");
-          resolve5(buf);
+          resolve6(buf);
           return;
         }
         if (ch === "") {
@@ -39063,7 +40511,7 @@ async function probeTenantDashboard(tenant, options = {}) {
     return { running: false, status: null, reason: "no runtime.json" };
   }
   const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS4;
-  return await new Promise((resolve5) => {
+  return await new Promise((resolve6) => {
     const req = http.get(
       {
         host: rt.dashboard_host,
@@ -39075,9 +40523,9 @@ async function probeTenantDashboard(tenant, options = {}) {
         res.resume();
         const status = res.statusCode ?? 0;
         if (status > 0 && status < 500) {
-          resolve5({ running: true, status, reason: null });
+          resolve6({ running: true, status, reason: null });
         } else {
-          resolve5({
+          resolve6({
             running: false,
             status,
             reason: `dashboard returned ${status}`
@@ -39087,10 +40535,10 @@ async function probeTenantDashboard(tenant, options = {}) {
     );
     req.on("timeout", () => {
       req.destroy();
-      resolve5({ running: false, status: null, reason: "timeout" });
+      resolve6({ running: false, status: null, reason: "timeout" });
     });
     req.on("error", (err) => {
-      resolve5({
+      resolve6({
         running: false,
         status: null,
         reason: err.code ?? err.message
@@ -39752,7 +41200,7 @@ async function prompt(lines, err, question) {
   return await lines.next();
 }
 async function defaultExec2(cmd, args) {
-  return await new Promise((resolve5, reject) => {
+  return await new Promise((resolve6, reject) => {
     const child = child_process.spawn(cmd, args, { stdio: ["ignore", "pipe", "pipe"] });
     let stdout = "";
     let stderr = "";
@@ -39763,7 +41211,7 @@ async function defaultExec2(cmd, args) {
       stderr += d.toString();
     });
     child.on("error", reject);
-    child.on("close", (code) => resolve5({ stdout, stderr, code }));
+    child.on("close", (code) => resolve6({ stdout, stderr, code }));
   });
 }
 var LineReader;
@@ -39799,8 +41247,8 @@ var init_reset_passphrase = __esm({
           return Promise.resolve(this.queue.shift());
         }
         if (this.closed) return Promise.resolve("");
-        return new Promise((resolve5) => {
-          this.waiters.push(resolve5);
+        return new Promise((resolve6) => {
+          this.waiters.push(resolve6);
         });
       }
       close() {
@@ -39815,6 +41263,100 @@ var init_reset_passphrase = __esm({
   }
 });
 
+// src/cli/intelligence.ts
+var intelligence_exports = {};
+__export(intelligence_exports, {
+  runIntelligenceCommand: () => runIntelligenceCommand
+});
+async function runIntelligenceCommand(opts) {
+  const subcommand = opts.argv[0];
+  if (subcommand === "diagnose" || subcommand === void 0) {
+    return runDiagnose();
+  }
+  if (subcommand === "--help" || subcommand === "-h") {
+    printHelp2();
+    return 0;
+  }
+  console.error(`Unknown intelligence subcommand: ${subcommand}`);
+  printHelp2();
+  return 2;
+}
+function printHelp2() {
+  console.error(`
+Usage: sanctuary intelligence <subcommand>
+
+Subcommands:
+  diagnose    Print intelligence substrate config and last error.
+  --help      Show this help.
+`);
+}
+async function runDiagnose() {
+  const storagePath = path.resolve(
+    process.env.SANCTUARY_STORAGE_PATH ?? process.env.SANCTUARY_FORTRESS_PATH ?? `${process.env.HOME}/.sanctuary`
+  );
+  console.error(`Intelligence substrate diagnostics`);
+  console.error(`Fortress: ${storagePath}`);
+  console.error("");
+  const intelligenceDir = path.resolve(storagePath, "state", "_intelligence");
+  if (!fs.existsSync(intelligenceDir)) {
+    console.error(
+      `No intelligence config directory found at ${intelligenceDir}.`
+    );
+    console.error(
+      "Intelligence substrate may not have been initialized yet."
+    );
+    console.error(
+      "Ensure at least one substrate API key is set in your environment:"
+    );
+    console.error(
+      "  ANTHROPIC_API_KEY, OPENAI_API_KEY, VENICE_API_KEY, or OLLAMA_HOST"
+    );
+    return 1;
+  }
+  try {
+    const entries = fs.readdirSync(intelligenceDir);
+    console.error(`Intelligence config entries: ${entries.length}`);
+    for (const entry of entries) {
+      console.error(`  ${entry}`);
+    }
+  } catch {
+    console.error(`Could not read intelligence config directory.`);
+  }
+  const auditDir = path.resolve(storagePath, "state", "_audit");
+  if (fs.existsSync(auditDir)) {
+    try {
+      const auditFiles = fs.readdirSync(auditDir).sort().reverse();
+      const recentFiles = auditFiles.slice(0, 20);
+      console.error("");
+      console.error(`Recent audit entries (${recentFiles.length} of ${auditFiles.length}):`);
+      for (const file of recentFiles) {
+        console.error(`  ${file}`);
+      }
+    } catch {
+      console.error(`Could not read audit directory.`);
+    }
+  }
+  console.error("");
+  console.error("Substrate environment check:");
+  const keys = [
+    "ANTHROPIC_API_KEY",
+    "OPENAI_API_KEY",
+    "VENICE_API_KEY",
+    "OLLAMA_HOST"
+  ];
+  for (const key of keys) {
+    const val = process.env[key];
+    console.error(
+      `  ${key}: ${val ? `set (${val.slice(0, 4)}...)` : "not set"}`
+    );
+  }
+  return 0;
+}
+var init_intelligence = __esm({
+  "src/cli/intelligence.ts"() {
+  }
+});
+
 // src/mcp/broker-server.ts
 var broker_server_exports = {};
 __export(broker_server_exports, {
@@ -40105,11 +41647,11 @@ async function startMultiDashboardServer(options = {}) {
       }
     }
   });
-  await new Promise((resolve5, reject) => {
+  await new Promise((resolve6, reject) => {
     server.once("error", reject);
     server.listen(port, host, () => {
       server.off("error", reject);
-      resolve5();
+      resolve6();
     });
   });
   const addr = server.address();
@@ -40118,8 +41660,8 @@ async function startMultiDashboardServer(options = {}) {
     url: `http://${host}:${actualPort}`,
     port: actualPort,
     host,
-    stop: () => new Promise((resolve5, reject) => {
-      server.close((err) => err ? reject(err) : resolve5());
+    stop: () => new Promise((resolve6, reject) => {
+      server.close((err) => err ? reject(err) : resolve6());
     })
   };
 }
@@ -40519,7 +42061,7 @@ function formatUpdateMessage(current, latest) {
   return `[Sanctuary] Update available: ${current} \u2192 ${latest}. Run: npx @sanctuary-framework/mcp-server@latest`;
 }
 function fetchLatestVersion(currentVersion) {
-  return new Promise((resolve5) => {
+  return new Promise((resolve6) => {
     const req = https.get(
       REGISTRY_URL,
       {
@@ -40529,7 +42071,7 @@ function fetchLatestVersion(currentVersion) {
       (res) => {
         if (res.statusCode !== 200) {
           res.resume();
-          resolve5(null);
+          resolve6(null);
           return;
         }
         let data = "";
@@ -40538,7 +42080,7 @@ function fetchLatestVersion(currentVersion) {
           data += chunk;
           if (data.length > 32768) {
             res.destroy();
-            resolve5(null);
+            resolve6(null);
           }
         });
         res.on("end", () => {
@@ -40546,20 +42088,20 @@ function fetchLatestVersion(currentVersion) {
             const json = JSON.parse(data);
             const latest = json.version;
             if (typeof latest === "string" && isNewerVersion(currentVersion, latest)) {
-              resolve5(latest);
+              resolve6(latest);
             } else {
-              resolve5(null);
+              resolve6(null);
             }
           } catch {
-            resolve5(null);
+            resolve6(null);
           }
         });
       }
     );
-    req.on("error", () => resolve5(null));
+    req.on("error", () => resolve6(null));
     req.on("timeout", () => {
       req.destroy();
-      resolve5(null);
+      resolve6(null);
     });
   });
 }
@@ -40652,6 +42194,11 @@ async function main() {
     const code = await runResetPassphraseCommand2({ argv: args.slice(1) });
     process.exit(code);
   }
+  if (args[0] === "intelligence") {
+    const { runIntelligenceCommand: runIntelligenceCommand2 } = await Promise.resolve().then(() => (init_intelligence(), intelligence_exports));
+    const code = await runIntelligenceCommand2({ argv: args.slice(1) });
+    process.exit(code);
+  }
   if (args[0] === "broker-server") {
     const { openBroker: openBroker2 } = await Promise.resolve().then(() => (init_open(), open_exports));
     const { createBrokerMcpServer: createBrokerMcpServer2 } = await Promise.resolve().then(() => (init_broker_server(), broker_server_exports));
@@ -40675,7 +42222,7 @@ async function main() {
       );
       passphrase = args[++i];
     } else if (args[i] === "--help" || args[i] === "-h") {
-      printHelp2();
+      printHelp3();
       process.exit(0);
     } else if (args[i] === "--version" || args[i] === "-v") {
       console.log(`@sanctuary-framework/mcp-server ${PKG_VERSION4}`);
@@ -40820,7 +42367,7 @@ async function runExportPassphrase(args) {
   }
   process.stdout.write(stored.value + "\n");
 }
-function printHelp2() {
+function printHelp3() {
   console.log(`
 @sanctuary-framework/mcp-server v${PKG_VERSION4}