loki-mode 7.14.0 → 7.16.0

package/dashboard/static/trust.html

@@ -0,0 +1,271 @@
+<!DOCTYPE html>
+<!--
+  Loki Mode - Trust trajectory panel (R4, zero-build standalone).
+
+  Self-contained: all CSS + JS inlined, no external resources. Fetches
+  /api/trust/trajectory and renders, per project over runs/time, whether the
+  agent is EARNING autonomy on THIS repo: council pass-rate, gate pass-rate,
+  iterations-to-completion, and (when recorded) human interventions, each with
+  an up/down/flat direction and an inline-SVG sparkline.
+
+  The story no competitor tells. Honest-data rule: with fewer than 2 runs this
+  shows "not enough history yet", never a fabricated trend.
+-->
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>Loki Mode - Trust Trajectory</title>
+<style>
+  :root {
+    --bg: #0f1115; --panel: #171a21; --panel-2: #1d2129; --border: #2a2f3a;
+    --text: #e7e9ee; --muted: #9aa1ad; --faint: #6b7280; --accent: #6f7bf7;
+    --green: #34d399; --red: #f87171; --amber: #fbbf24;
+    --mono: ui-monospace, "SF Mono", "Menlo", "Consolas", monospace;
+    --sans: 'Inter', system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
+  }
+  * { box-sizing: border-box; }
+  body { margin: 0; background: var(--bg); color: var(--text); font-family: var(--sans); line-height: 1.5; }
+  a { color: var(--accent); text-decoration: none; }
+  a:hover { text-decoration: underline; }
+  .wrap { max-width: 960px; margin: 0 auto; padding: 40px 20px 80px; }
+  .head { display: flex; align-items: baseline; justify-content: space-between; margin-bottom: 8px; }
+  h1 { font-size: 24px; font-weight: 650; letter-spacing: -0.3px; margin: 0; }
+  h2 { font-size: 15px; font-weight: 600; color: var(--muted); margin: 30px 0 12px; text-transform: uppercase; letter-spacing: 0.5px; }
+  .head a { font-size: 13px; }
+  .sub { color: var(--muted); font-size: 14px; margin: 0 0 26px; }
+  .cards { display: flex; gap: 14px; flex-wrap: wrap; }
+  .card { flex: 1 1 200px; background: var(--panel); border: 1px solid var(--border); border-radius: 12px; padding: 16px 18px; }
+  .card .label { color: var(--muted); font-size: 12px; text-transform: uppercase; letter-spacing: 0.5px; }
+  .card .val { font-family: var(--mono); font-size: 26px; font-weight: 650; margin-top: 6px; }
+  .card .note { color: var(--faint); font-size: 12px; margin-top: 4px; }
+  .axes { display: flex; flex-direction: column; gap: 12px; }
+  .axis { background: var(--panel); border: 1px solid var(--border); border-radius: 12px; padding: 16px 18px; display: flex; align-items: center; gap: 16px; }
+  .axis .meta { flex: 1 1 auto; min-width: 0; }
+  .axis .name { font-size: 14px; font-weight: 600; }
+  .axis .desc { color: var(--faint); font-size: 12px; margin-top: 2px; }
+  .axis .spark { flex: 0 0 200px; }
+  .axis .verdict { flex: 0 0 150px; text-align: right; }
+  .axis .dir { font-family: var(--mono); font-size: 14px; font-weight: 650; }
+  .axis .tag { font-size: 12px; margin-top: 2px; }
+  .dir.up { color: var(--green); }
+  .dir.down { color: var(--green); }
+  .dir.bad { color: var(--red); }
+  .dir.flat { color: var(--muted); }
+  .tag.good { color: var(--green); }
+  .tag.bad { color: var(--red); }
+  .tag.flat { color: var(--muted); }
+  .tag.na { color: var(--faint); }
+  svg { display: block; width: 100%; height: 40px; }
+  table { width: 100%; border-collapse: collapse; font-size: 13px; }
+  th, td { text-align: left; padding: 8px 10px; border-bottom: 1px solid var(--border); }
+  th { color: var(--muted); font-weight: 600; font-size: 12px; text-transform: uppercase; letter-spacing: 0.4px; }
+  td.num, th.num { text-align: right; font-family: var(--mono); }
+  .badge { font-size: 12px; font-weight: 600; padding: 2px 8px; border-radius: 6px; border: 1px solid var(--border); }
+  .b-approve { color: var(--green); border-color: rgba(52,211,153,0.4); }
+  .b-reject { color: var(--red); border-color: rgba(248,113,113,0.4); }
+  .empty { color: var(--muted); background: var(--panel); border: 1px solid var(--border); border-radius: 12px; padding: 24px; text-align: center; }
+  .empty code { font-family: var(--mono); color: var(--text); background: var(--panel-2); padding: 2px 6px; border-radius: 5px; }
+  .headline { background: var(--panel); border: 1px solid var(--border); border-radius: 12px; padding: 18px; font-size: 15px; }
+  .headline.good { border-color: rgba(52,211,153,0.4); }
+  .headline.bad { border-color: rgba(248,113,113,0.4); }
+  .mono { font-family: var(--mono); }
+  .muted { color: var(--muted); }
+</style>
+</head>
+<body>
+<div class="wrap">
+  <div class="head">
+    <h1>Trust Trajectory</h1>
+    <a href="/">Back to dashboard</a>
+  </div>
+  <p class="sub">Is the agent earning autonomy on THIS repo? Council pass-rate, gate pass-rate, iterations-to-completion, and human interventions over your run history. Real council and RARV-C data, never a fabricated trend.</p>
+  <div id="content"><p class="sub">Loading...</p></div>
+</div>
+<script>
+(function () {
+  "use strict";
+  function esc(s) {
+    s = (s === null || s === undefined) ? "" : String(s);
+    return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;")
+            .replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+  }
+  function pct(n) {
+    if (n === null || n === undefined) return "n/a";
+    n = Number(n);
+    if (!isFinite(n)) return "n/a";
+    return (n * 100).toFixed(0) + "%";
+  }
+  function num(n) {
+    if (n === null || n === undefined) return "n/a";
+    n = Number(n);
+    if (!isFinite(n)) return "n/a";
+    return String(Math.round(n * 100) / 100);
+  }
+  function badgeClass(v) {
+    v = String(v || "").toUpperCase();
+    if (v.indexOf("APPROVE") === 0 || v.indexOf("COMPLETE") === 0 || v === "PASS" || v === "PASSED") return "b-approve";
+    if (v.indexOf("REJECT") === 0 || v.indexOf("BLOCK") === 0 || v === "FAIL") return "b-reject";
+    return "";
+  }
+  // Arrow glyphs only (no emoji): ^ up, v down, - flat.
+  function arrow(direction) {
+    if (direction === "up") return "^";
+    if (direction === "down") return "v";
+    return "-";
+  }
+  // Build an inline-SVG sparkline from a numeric series (nulls skipped).
+  function sparkline(values, higherIsBetter) {
+    var pts = [];
+    var idx = [];
+    for (var i = 0; i < values.length; i++) {
+      var v = values[i];
+      if (v === null || v === undefined || !isFinite(Number(v))) continue;
+      pts.push(Number(v)); idx.push(i);
+    }
+    if (pts.length === 0) return '<span class="muted" style="font-size:12px;">no data</span>';
+    var W = 200, H = 40, pad = 4;
+    var min = Math.min.apply(null, pts), max = Math.max.apply(null, pts);
+    var range = (max - min) || 1;
+    var coords = [];
+    for (var j = 0; j < pts.length; j++) {
+      var x = pts.length === 1 ? W / 2 : pad + (j / (pts.length - 1)) * (W - 2 * pad);
+      var y = H - pad - ((pts[j] - min) / range) * (H - 2 * pad);
+      coords.push(x.toFixed(1) + "," + y.toFixed(1));
+    }
+    // Color the line by whether the last value is better than the first.
+    var stroke = "#9aa1ad";
+    if (pts.length >= 2) {
+      var rising = pts[pts.length - 1] > pts[0];
+      var falling = pts[pts.length - 1] < pts[0];
+      if ((rising && higherIsBetter) || (falling && !higherIsBetter)) stroke = "#34d399";
+      else if ((rising && !higherIsBetter) || (falling && higherIsBetter)) stroke = "#f87171";
+    }
+    return '<svg viewBox="0 0 ' + W + ' ' + H + '" preserveAspectRatio="none">' +
+      '<polyline fill="none" stroke="' + stroke + '" stroke-width="2" points="' + coords.join(" ") + '"/>' +
+      '</svg>';
+  }
+
+  var AXIS_DESC = {
+    council_pass_rate: "Share of runs the 3-reviewer council approved",
+    gate_pass_rate: "Share of quality gates passed per run",
+    iterations: "RARV iterations needed to complete a run",
+    interventions: "Human interventions needed per run"
+  };
+
+  function renderAxis(key, ax, series) {
+    var label = ax.label || key;
+    var desc = AXIS_DESC[key] || "";
+    var values = series.map(function (s) { return s[key]; });
+    var spark = sparkline(values, !!ax.higher_is_better);
+    var verdict;
+    if (!ax.available) {
+      verdict = '<div class="dir flat">-</div><div class="tag na">no data</div>';
+    } else if (ax.insufficient) {
+      verdict = '<div class="dir flat">-</div><div class="tag na">need 2+ runs</div>';
+    } else {
+      var dir = ax.direction || "flat";
+      var dirClass = dir === "flat" ? "flat" : (ax.improving ? (dir === "up" ? "up" : "down") : "bad");
+      var tagClass = ax.improving === true ? "good" : (ax.improving === false ? "bad" : "flat");
+      var tagText = ax.improving === true ? "improving" : (ax.improving === false ? "regressing" : "stable");
+      var latestStr = ax.higher_is_better ? pct(ax.latest) : num(ax.latest);
+      verdict = '<div class="dir ' + dirClass + '">' + arrow(dir) + ' ' + esc(dir) + '</div>' +
+        '<div class="tag ' + tagClass + '">' + tagText + ' (now ' + esc(latestStr) + ')</div>';
+    }
+    return '<div class="axis">' +
+      '<div class="meta"><div class="name">' + esc(label) + '</div>' +
+        '<div class="desc">' + esc(desc) + (ax.higher_is_better ? " (higher is better)" : " (lower is better)") + '</div></div>' +
+      '<div class="spark">' + spark + '</div>' +
+      '<div class="verdict">' + verdict + '</div>' +
+    '</div>';
+  }
+
+  function renderRuns(series) {
+    var html = '<h2>Run history</h2>';
+    if (!series || series.length === 0) {
+      html += '<div class="empty">No completed runs yet. Trust trajectory comes' +
+        ' from proof-of-run artifacts (<code>.loki/proofs/</code>), written at' +
+        ' the end of each run.</div>';
+      return html;
+    }
+    var rows = "";
+    for (var i = 0; i < series.length; i++) {
+      var s = series[i];
+      var cp = s.council_pass_rate;
+      var verdict = (cp === 1) ? '<span class="badge b-approve">PASS</span>'
+        : (cp === 0 ? '<span class="badge b-reject">FAIL</span>' : '<span class="muted">-</span>');
+      rows += '<tr><td class="mono">' + esc(s.run_id) + '</td>' +
+        '<td class="muted">' + esc(s.generated_at || "") + '</td>' +
+        '<td>' + verdict + '</td>' +
+        '<td class="num">' + (s.gate_pass_rate === null || s.gate_pass_rate === undefined ? "-" : pct(s.gate_pass_rate)) + '</td>' +
+        '<td class="num">' + (s.iterations === null || s.iterations === undefined ? "-" : esc(s.iterations)) + '</td>' +
+        '<td class="num">' + (s.interventions === null || s.interventions === undefined ? "-" : esc(s.interventions)) + '</td></tr>';
+    }
+    html += '<table><thead><tr>' +
+      '<th>Run</th><th>When</th><th>Council</th><th class="num">Gates</th>' +
+      '<th class="num">Iters</th><th class="num">Interv.</th>' +
+      '</tr></thead><tbody>' + rows + '</tbody></table>';
+    return html;
+  }
+
+  function render(d) {
+    var c = document.getElementById("content");
+    if (d && d.available === false) {
+      c.innerHTML = '<div class="empty">Trust trajectory is unavailable in this' +
+        ' install. ' + esc((d.notes && d.notes[0]) || "") + '</div>';
+      return;
+    }
+    var series = d.series || [];
+    if (d.insufficient) {
+      var msg = '<div class="headline"><strong>Not enough history yet.</strong><br>' +
+        'Trust trajectory needs 2 or more recorded runs to show a direction. ' +
+        esc(d.runs_count || 0) + ' run(s) recorded so far. Run <code>loki start</code> again' +
+        ' and the trend appears here, derived from real council and gate results.</div>';
+      c.innerHTML = msg + renderRuns(series);
+      return;
+    }
+    var axes = d.axes || {};
+    var imp = d.improving_count || 0, reg = d.regressing_count || 0;
+    var hClass = (imp && !reg) ? "good" : (reg && !imp ? "bad" : "");
+    var headline;
+    if (imp && !reg) headline = "Trending more trustworthy: " + imp + " axis improving, none regressing on this repo.";
+    else if (reg && !imp) headline = "Trust regressing: " + reg + " axis regressing. Review recent runs.";
+    else if (imp || reg) headline = "Mixed: " + imp + " improving, " + reg + " regressing.";
+    else headline = "Stable: no significant change across axes yet.";
+
+    var cards = '<div class="cards">' +
+      '<div class="card"><div class="label">Runs analyzed</div>' +
+        '<div class="val">' + esc(d.runs_count || 0) + '</div>' +
+        '<div class="note">from .loki/proofs/</div></div>' +
+      '<div class="card"><div class="label">Improving axes</div>' +
+        '<div class="val" style="color:var(--green);">' + esc(imp) + '</div>' +
+        '<div class="note">good direction</div></div>' +
+      '<div class="card"><div class="label">Regressing axes</div>' +
+        '<div class="val" style="color:' + (reg ? 'var(--red)' : 'var(--muted)') + ';">' + esc(reg) + '</div>' +
+        '<div class="note">needs attention</div></div>' +
+      '</div>';
+
+    var axesHtml = '<h2>Earned-autonomy signals</h2><div class="axes">';
+    var order = ["council_pass_rate", "gate_pass_rate", "iterations", "interventions"];
+    for (var k = 0; k < order.length; k++) {
+      if (axes[order[k]]) axesHtml += renderAxis(order[k], axes[order[k]], series);
+    }
+    axesHtml += '</div>';
+
+    c.innerHTML = cards +
+      '<div class="headline ' + hClass + '" style="margin-top:14px;">' + esc(headline) + '</div>' +
+      axesHtml +
+      renderRuns(series);
+  }
+  function renderError(msg) {
+    document.getElementById("content").innerHTML =
+      '<div class="empty">Could not load trust data. ' + esc(msg || "") + "</div>";
+  }
+  fetch("/api/trust/trajectory", { headers: { "Accept": "application/json" } })
+    .then(function (r) { if (!r.ok) throw new Error("HTTP " + r.status); return r.json(); })
+    .then(function (d) { render(d || {}); })
+    .catch(function (e) { renderError(e && e.message); });
+})();
+</script>
+</body>
+</html>

package/docs/INSTALLATION.md

@@ -2,7 +2,7 @@
 
 The flagship product of [Autonomi](https://www.autonomi.dev/). Complete installation instructions for all platforms and use cases.
 
-**Version:** v7.14.0
+**Version:** v7.16.0
 
 ---
 

package/docs/OPEN-CORE-BOUNDARY.md

@@ -0,0 +1,58 @@
+# Loki Mode open-core boundary
+
+Loki Mode is and stays open source. This document draws the line between what is
+free forever and what hosted/paid/enterprise plans would add on top. R9 ships
+the SEAMS for that line; it does not ship a hosted backend, a license server, or
+any paywall on existing functionality.
+
+## Principle
+
+OSS is fully functional with zero hosted backend. Every capability Loki has
+today runs locally, free, with no account, no license key, and no network call
+to any Loki service. Hosted/paid features are ADDITIVE convenience and
+team/enterprise layers, never a removal or gating of something that is free
+today.
+
+## Free forever (OSS, the default)
+
+Everything that exists today, including:
+
+- The full RARV-C autonomous loop (`loki start`), all providers
+  (Claude/Cline/Codex/Aider), multi-project, dashboard, memory system.
+- 3-reviewer council + RARV-C closure (the trust engine).
+- proof-of-run generation and local inspection: `loki proof list|show|open`.
+- Sharing a proof to a GitHub Gist: `loki proof share <id>` (uses your own `gh`
+  auth; no Loki service involved).
+- Benchmark harness (`loki bench`), healing (`loki heal`), all CLI commands.
+- Self-hosting the hosted publish endpoint: `loki proof share --hosted` posts to
+  YOUR `LOKI_HOSTED_ENDPOINT`. Running your own endpoint is free.
+- Enterprise auth seams that already exist and are env-gated, not paywalled:
+  token auth (`LOKI_ENTERPRISE_AUTH`), OIDC/SSO (`LOKI_OIDC_*`), audit logging.
+
+The default tier is `oss` (`LOKI_TIER` unset or `oss`). In OSS tier the
+tier/license gate is a no-op that allows everything.
+
+## What hosted / paid / enterprise would add (seams, not yet built)
+
+These are the attachment points R9 reserves. None of them are live; none gate
+any free feature.
+
+| Capability | Seam (env / hook) | Status |
+|---|---|---|
+| Hosted proof publishing to a managed Loki URL (instead of a gist or self-hosted endpoint) | `LOKI_HOSTED_ENDPOINT` + `loki proof share --hosted` | Seam only. No official Loki endpoint exists. Operators can point it at their own. |
+| Tier / license entitlement | `LOKI_TIER` (default `oss`), `LOKI_LICENSE_KEY`, `loki_tier_gate` (bash) / `tierGate` (Bun) | Seam only. No verification backend. OSS = allow-all no-op. |
+| Managed team memory / cross-project sync | `LOKI_MANAGED_MEMORY` (pre-existing) | Pre-existing gated seam. |
+| Enterprise SSO / RBAC / audit retention | `LOKI_ENTERPRISE_AUTH`, `LOKI_OIDC_*` | Pre-existing env seams (free to self-configure). |
+
+A future hosted build would replace the honest stubs (no-op allow / "backend not
+available" messages) with real verification and a managed endpoint. Until then,
+the stubs are labeled honestly and never fabricate a hosted service or URL.
+
+## Integrity rules (binding for any future hosted work)
+
+1. Never gate or remove a feature that is free today.
+2. Never fabricate a hosted URL, a successful license verification, or a hosted
+   service that does not exist. Honest "not available yet" messaging only.
+3. OSS path must work with zero hosted env vars set.
+4. Any artifact published via a hosted seam must pass through the same redactor
+   the gist path uses (`proof_redact`); never publish an unredacted artifact.

package/docs/R4-TRUST-TRAJECTORY-DESIGN.md

@@ -0,0 +1,127 @@
+# R4: Visible Trust Trajectory - Design Note
+
+Status: implemented in worktree (not yet merged). Author: R4 release team.
+Verified against live source on 2026-06-03 (v7.8.3 worktree base; R1/R3/R5
+already shipped, so the arc is further along than the loki-plan doc states).
+
+## The story no competitor tells
+
+Devin, Cursor, Windsurf, Claude Code, Aider et al. show you a single run.
+None show you whether the agent is getting more trustworthy on YOUR repo over
+time. Loki already runs a 3-reviewer council + RARV-C closure on every run and
+persists the result. R4 makes the resulting TRUST TRAJECTORY visible:
+
+- council approve-rate trending UP
+- gate pass-rate trending UP
+- iterations-to-completion trending DOWN
+- human interventions trending DOWN
+
+If the agent is earning autonomy on this repo, the trajectory shows it. That is
+compounding, repo-specific proof of trust -> stickiness.
+
+## Honest-data rule (non-negotiable)
+
+Every number derives from REAL persisted run records. Never fabricate a trend.
+With fewer than 2 runs, the trajectory is reported as "not enough history yet"
+(insufficient=true), never a fake direction.
+
+## Data source (REUSED, not new)
+
+R3 already established `.loki/proofs/<run_id>/proof.json` as the persistent,
+one-per-run history record (written by `autonomy/lib/proof-generator.py` at run
+completion, on both success and failure, unless `LOKI_PROOF=0`). The R3 cost
+timeline endpoint (`dashboard/server.py` `/api/cost/timeline`) already mines
+this exact directory for per-run cost history.
+
+R4 mines the SAME directory for the trust signals already present in each
+proof.json:
+
+| Trust signal            | proof.json path                          | Notes |
+|-------------------------|------------------------------------------|-------|
+| council pass (per run)  | `council.final_verdict`                  | APPROVE/APPROVED/COMPLETE => pass |
+| council ratio (per run) | `council.reviewers[].vote` (APPROVE/...) | secondary signal when verdict absent |
+| gate pass-rate (per run)| `quality_gates.passed` / `.total`        | already aggregated by generator |
+| iterations (per run)    | `iterations` (int or {count})            | iterations-to-completion |
+| files changed (per run) | `files_changed.count`                    | context, not a trust axis |
+| timestamp               | `generated_at` (ISO 8601)                | ordering axis |
+
+Human interventions: there is no per-run intervention counter persisted in
+proof.json today. Rather than fabricate one or add new instrumentation in this
+slice, R4 reports interventions as a derived best-effort signal ONLY when the
+proof carries it (`council.interventions` or top-level `interventions`), and
+otherwise marks that axis `available=false` with an honest note. This keeps the
+honest-data rule intact and leaves a clean seam for a future per-run
+intervention counter (a one-line add in proof-generator.py).
+
+## Direction calculation (up / down / flat)
+
+For each numeric axis across the time-ordered run series:
+
+1. Split the series into an earlier half and a later half (median split; odd
+   counts drop the middle point so the two halves never overlap).
+2. Compare the mean of the later half vs the earlier half.
+3. delta = later_mean - earlier_mean. Direction:
+   - `flat` if |delta| <= epsilon (epsilon scaled per axis; rates use 0.01).
+   - `up` / `down` by sign of delta.
+4. "Good direction" is axis-specific: higher is better for council/gate pass
+   rates; lower is better for iterations + interventions. The `improving`
+   boolean encodes whether the direction is the good one, so the UI can color
+   green/red without re-encoding the per-axis polarity.
+
+Rationale for half-split vs least-squares slope: half-split is robust to a
+single noisy run, needs no float regression in bash, and is trivially testable
+with fixtures. A 2-run series degrades to last-vs-first, which is correct.
+
+## Persistence (under .loki/metrics/, REUSED dir)
+
+The aggregated trajectory is persisted to
+`.loki/metrics/trust-trajectory.json` (schema_version 1). This is a derived
+cache, written by the `loki trust` command and the dashboard endpoint so other
+surfaces can read a single source of truth. It is NOT authoritative state: it
+is always recomputable from `.loki/proofs/`. Deleting it loses nothing.
+
+## Surfaces
+
+1. CLI: `loki trust [--json]` (NEW Bun-native command, mirrors `loki kpis`
+   exactly). Falls through to a bash `cmd_trust` when bun is absent (kpis had
+   no bash fallback; R4 adds one because the Python derivation is shared and
+   trivial to call from bash, giving real bash+Bun parity).
+   - `loki kpis` stays a single-run snapshot. R4 does NOT duplicate it; `trust`
+     is the across-runs trajectory view. `loki kpis` output gains a one-line
+     pointer to `loki trust` (no behavior change).
+
+2. Dashboard endpoint: `GET /api/trust/trajectory` (NEW, mirrors
+   `/api/cost/timeline`). Reads `.loki/proofs/*/proof.json`, returns the
+   per-run series + per-axis direction + insufficient flag.
+
+3. Dashboard panel: standalone `dashboard/static/trust.html` + `/trust` route
+   (mirrors `cost.html` + `/cost`), plus a nav entry and SPA section in
+   `build-standalone.js` (mirrors the cost panel wiring exactly).
+
+4. WS push: the `_push_loki_state_loop` broadcasts a `trust_update` message
+   when the trajectory's overall improving-count changes (mirrors the R3
+   `budget_status` transition push). No new channel; reuses manager.broadcast.
+
+## Parity + no-duplication audit
+
+- Data: reuses `.loki/proofs/` (R1/R3). No new run-time instrumentation.
+- Endpoint: new route, but copies the `/api/cost/timeline` read pattern and
+  the `_proofs_dir()` / `_safe_json_read` helpers verbatim in spirit.
+- Panel: new `trust.html`, structurally a sibling of `cost.html`.
+- CLI: new `trust`, structurally a sibling of `kpis`. `kpis` unchanged except a
+  one-line see-also.
+- Shared derivation: a single Python module
+  (`autonomy/lib/trust_trajectory.py`) is the source of truth; the dashboard
+  endpoint imports it, and the bash `cmd_trust` shells out to it. The Bun
+  command reimplements the same pure logic in TS (parity-tested), matching how
+  `kpis` has both a TS derivation and reads the same JSON the bash side writes.
+
+## Test plan
+
+- Python: `tests/test_trust_trajectory.py` - aggregation from fixture
+  proof.json files, direction calc (up/down/flat) per axis polarity, the
+  insufficient-history (<2 runs) case, no-PII (only derived numbers + run_id +
+  timestamps leave the function), malformed proof.json skipped not fatal.
+- TS: `loki-ts/tests/metrics/trust.test.ts` - same aggregation + direction
+  parity on identical fixtures, insufficient case, JSON/human formatting.
+- All mocked from on-disk fixtures. No provider calls, no paid calls.

package/docs/R9-OPEN-CORE-HOOKS-PLAN.md

@@ -0,0 +1,113 @@
+# R9: Hosted/paid open-core hooks - design note
+
+Status: SEAMS implemented (this worktree). NOT a live hosted backend.
+
+R9 in the competitive-stickiness arc is the open-core monetization layer: keep
+Loki fully open source and free, while adding the SEAMS where hosted, enterprise,
+and paid plans would attach later. R9 ships the seams only. There is no Loki
+hosted service, no license-verification backend, and no paid gate on any
+existing feature. Every honest stub is labeled as such.
+
+## What already existed (verified in source, pre-R9)
+
+- proof-of-run `public_url` seam: `autonomy/lib/proof-generator.py:392` writes
+  `"deployment": {"deployed_url": deployed_url, "public_url": None}`. The
+  `public_url` field is reserved and always null today (no hosted publish wrote
+  it). R9 does NOT populate it (see "Deliberate gaps").
+- `loki proof share --hosted` stub: BOTH routes errored "Hosted publishing is
+  not available yet (coming in R9)" -- bash `autonomy/loki` (share case in
+  `cmd_proof`) and Bun `loki-ts/src/commands/proof.ts` (`shareProof`). This was
+  the explicit seam to implement.
+- `loki proof share` (gist): default opt-in publish via `gh gist create`
+  through `_loki_gist_upload` (bash) / `shareProof` (Bun). Redaction-preview +
+  confirm. This is the free path and stays byte-unchanged.
+- `cmd_enterprise` (`autonomy/loki`): already env-driven feature flags
+  (`LOKI_ENTERPRISE_AUTH`, `LOKI_OIDC_ISSUER`/`LOKI_OIDC_CLIENT_ID`,
+  `LOKI_AUDIT_DISABLED`/`LOKI_ENTERPRISE_AUTH`). Good precedent: enterprise
+  features are env-gated seams, not paywalls. R9 follows the same pattern.
+- No `LOKI_TIER`, `LOKI_LICENSE_KEY`, or `LOKI_HOSTED_ENDPOINT` existed anywhere
+  before R9. All three are new with this change.
+- Redaction: the generator redacts the proof ONCE before writing index.html and
+  records `redaction.applied` in proof.json (`proof-generator.py`, module
+  `proof_redact`). The share path publishes the already-redacted artifact; it
+  does not run a second redaction pass.
+
+## What R9 adds (seams, no backend)
+
+1. Hosted proof-publish seam. `loki proof share --hosted <id>`:
+   - If `LOKI_HOSTED_ENDPOINT` is set: POST the ALREADY-REDACTED `index.html`
+     (the same bytes the gist path would publish) to that endpoint. On 2xx,
+     print the URL the endpoint returned (`url` or `public_url` JSON field), or,
+     if none, the endpoint itself + HTTP status. NEVER a fabricated URL.
+   - If `LOKI_HOSTED_ENDPOINT` is NOT set: print an honest "Hosted publishing
+     backend not available" message (there is no official Loki hosted service
+     yet), tell the user to set the env var or use the gist path, and exit
+     non-zero. We do NOT silent-fall-back to gist when the user explicitly asked
+     for `--hosted` (see "Fallback decision").
+   - If proof.json reports `redaction.applied == false`: refuse to publish.
+   - bash: `_loki_hosted_publish_proof` (curl). Bun:
+     `hostedPublishProof` (fetch). Parity-matched messages + exit codes.
+
+2. Tier/license hook. `LOKI_TIER` (default `oss`) + optional `LOKI_LICENSE_KEY`:
+   - bash `loki_tier_gate <capability>`; Bun `tierGate(capability)` in
+     `loki-ts/src/util/tier.ts`.
+   - OSS (the default): always ALLOW, zero notes, no network, no license. This
+     is a pure no-op for every OSS user.
+   - Non-OSS without a license key: NOT allowed (honest -- we cannot verify an
+     entitlement; there is no backend). Never a fabricated grant.
+   - Non-OSS with a license key: allow, but flag that the verification backend
+     does not exist yet. We do NOT pretend the key was verified.
+   - WIRING: the gate is called ONLY from the opt-in `--hosted` seam. It is not
+     wired into any existing command path, so it cannot gate a free feature.
+
+3. Open-core boundary doc: `docs/OPEN-CORE-BOUNDARY.md` -- what is free forever
+   vs. what hosted/paid would add.
+
+## Fallback decision (reconciled)
+
+The task phrased the fallback two ways. We follow the precise deliverable:
+`share --hosted` with no endpoint prints "set LOKI_HOSTED_ENDPOINT or use gist"
+and EXITS non-zero. We do NOT silently publish to gist when the user explicitly
+asked for `--hosted`. Rationale: silent fallback would surprise a user who
+intended a private/hosted destination by publishing to a public gist instead.
+The plain `loki proof share <id>` (no flag) remains the gist path, unchanged.
+
+## OSS-unchanged guarantee
+
+- The default `loki proof share` (no `--hosted`) gist path is byte-identical:
+  `--hosted` is captured as a mode flag during arg-parse and branches only AFTER
+  id + html validation; the gist code below it is untouched.
+- `LOKI_TIER` unset vs set produces identical output/exit for existing commands
+  (asserted in tests).
+- No existing env var, command, or default changed behavior.
+
+## Deliberate gaps (honest, not omissions)
+
+- No live Loki hosted backend, no SaaS, no license server. `--hosted` only works
+  against an endpoint the operator supplies. This is by design for R9.
+- `public_url` in proof.json is NOT written back after a hosted publish.
+  Mutating the frozen R1 proof artifact post-hoc is risk we deliberately skip;
+  the published URL is printed to the user instead. A future release can wire
+  write-back once the artifact-mutation story is designed.
+- The tier gate does not verify license keys (no backend). It is a seam only.
+- No retries/backoff on the hosted POST (clean client stub, not a transport
+  library).
+
+## Tests
+
+`loki-ts/tests/commands/proof_hosted_r9.test.ts` (mock endpoint via Bun.serve,
+no network): tier gate OSS allow-all + honest non-OSS; hosted POST hits the
+mocked endpoint with the redacted payload (both bash + Bun routes); honest
+no-endpoint message + non-zero exit; non-2xx honest error; unredacted-proof
+refusal; license-key auth header; OSS-not-gated guarantee (identical output with
+LOKI_TIER unset vs enterprise). Existing `proof.test.ts` parity unchanged.
+
+## Files changed
+
+- `autonomy/loki` (bash): `loki_tier_gate`, `_loki_hosted_publish_proof`,
+  `--hosted` branch in `cmd_proof` share, help text.
+- `loki-ts/src/util/tier.ts` (new): `tierGate`, `currentTier`.
+- `loki-ts/src/commands/proof.ts` (Bun): `hostedPublishProof`, `--hosted`
+  branch, help text.
+- `docs/OPEN-CORE-BOUNDARY.md` (new).
+- `loki-ts/tests/commands/proof_hosted_r9.test.ts` (new).