verifyhash 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -3
- package/cli/agent-hook.js +431 -0
- package/docs/ADOPT.md +15 -5
- package/docs/AGENT-HOOK.md +111 -0
- package/docs/PUBLISH-VERIFY-VH.md +45 -0
- package/examples/README.md +185 -0
- package/examples/policy.lenient.json +5 -0
- package/examples/policy.strict.json +6 -0
- package/examples/run.js +366 -0
- package/examples/sample-dataset/README.txt +10 -0
- package/examples/sample-dataset/corpus/cc-by-poem.txt +8 -0
- package/examples/sample-dataset/corpus/mit-notes.txt +4 -0
- package/examples/sample-dataset/data/unlabeled.txt +5 -0
- package/examples/sample-dataset/vendored/gpl-snippet.txt +5 -0
- package/examples/sample-dataset.hints.json +7 -0
- package/examples/sample-parcel/data/manifest-of-contents.txt +7 -0
- package/examples/sample-parcel/data/records.csv +4 -0
- package/examples/sample-parcel/delivery-note.txt +9 -0
- package/package.json +25 -3
- package/verifier/README.md +555 -0
- package/verifier/action/README.md +87 -0
- package/verifier/action/action.yml +146 -0
- package/verifier/build-standalone-html.js +1287 -0
- package/verifier/build-standalone.js +989 -0
- package/verifier/ci/journal.generic.sh +96 -0
- package/verifier/ci/journal.github-actions.yml +99 -0
- package/verifier/ci/reproduce-vh.generic.sh +59 -0
- package/verifier/ci/reproduce-vh.github-actions.yml +49 -0
- package/verifier/ci/verify-service.generic.sh +96 -0
- package/verifier/ci/verify-service.github-actions.yml +88 -0
- package/verifier/ci/verify-vh.generic.sh +75 -0
- package/verifier/ci/verify-vh.github-actions.yml +56 -0
- package/verifier/dist/BUILD-PROVENANCE.json +210 -0
- package/verifier/dist/seal-vh-standalone.js +876 -0
- package/verifier/dist/seal-vh-standalone.js.sha256 +1 -0
- package/verifier/dist/verify-vh-standalone.html +3373 -0
- package/verifier/dist/verify-vh-standalone.html.sha256 +1 -0
- package/verifier/dist/verify-vh-standalone.js +4121 -0
- package/verifier/dist/verify-vh-standalone.js.sha256 +1 -0
- package/verifier/lib/canonical.js +141 -0
- package/verifier/lib/keccak.js +30 -0
- package/verifier/lib/keccak256-vendored.js +206 -0
- package/verifier/lib/merkle.js +145 -0
- package/verifier/lib/revocation-core.js +606 -0
- package/verifier/lib/revocation.js +200 -0
- package/verifier/lib/seal-cli.js +374 -0
- package/verifier/lib/seal-evidence.js +237 -0
- package/verifier/lib/secp256k1-recover.js +249 -0
- package/verifier/package.json +39 -0
- package/verifier/verify-vh.js +2374 -0
- package/docs/ADOPTION.json +0 -11
- package/docs/AUDIT.md +0 -55
- package/docs/DECIDE.md +0 -47
- package/docs/DECISIONS-PENDING.md +0 -27
- package/docs/DEPLOY-PUBLIC-SITE.md +0 -301
- package/docs/ENGINE-LEDGER.json +0 -12
- package/docs/LOOP-AUDIT-2026-07-03.json +0 -580
- package/docs/LOOP-HARDENING-PLAN.md +0 -44
- package/docs/METRICS.jsonl +0 -31
- package/docs/MORNING.md +0 -204
- package/docs/STRATEGY-ARCHIVE.md +0 -5055
- package/docs/SUPERVISOR-RUNBOOK.md +0 -52
- package/docs/USAGE-BUDGET.json +0 -121
|
@@ -1,52 +0,0 @@
|
|
|
1
|
-
# Supervisor Runbook — operating the autonomous build loop
|
|
2
|
-
|
|
3
|
-
The committed, versioned protocol for the layer ABOVE the engine (the supervising Claude session / a
|
|
4
|
-
human operator). Memory files may point here; this file is the source of truth (audit 2026-07-03:
|
|
5
|
-
"memory is the wrong home for protocol state").
|
|
6
|
-
|
|
7
|
-
## Launch protocol (every run)
|
|
8
|
-
|
|
9
|
-
1. **Gate the engine (mechanical, mandatory):** `node scripts/pre-run-gate.cjs`
|
|
10
|
-
- Runs BOTH self-upgrade gates against the live `build-loop.workflow.js`, records the md5 in
|
|
11
|
-
`docs/ENGINE-LEDGER.json` (append-only). **Never launch on GATE-FAIL** — revert with
|
|
12
|
-
`cp build-loop.prev.js build-loop.workflow.js` and re-gate.
|
|
13
|
-
2. **Check the spend governor** (`docs/USAGE-BUDGET.json`):
|
|
14
|
-
- cooldown: `now - lastRunEndEpoch >= cooldownSeconds` (7200)
|
|
15
|
-
- cap: `spentTokens < ceilingTokens` (pause-and-wait at cap)
|
|
16
|
-
- window: if `now >= windowResetIso`, reset `spentTokens=0` and advance the window fields.
|
|
17
|
-
- NOTE (audit): the repo cap has never been the binding constraint — the SUBSCRIPTION weekly
|
|
18
|
-
allowance (esp. per-model Fable) is. Check that too before relaunching after a pause.
|
|
19
|
-
3. **Launch:** `Workflow({scriptPath: "<repo>/build-loop.workflow.js"})` — never two concurrent runs.
|
|
20
|
-
4. **Arm a stall net** (ScheduleWakeup ~40-60 min): confirm liveness via newest mtime under the run's
|
|
21
|
-
transcript dir + `git log` for new commits; re-arm each wakeup.
|
|
22
|
-
|
|
23
|
-
## Completion protocol (every run end)
|
|
24
|
-
|
|
25
|
-
1. Reconcile authoritative `subagent_tokens` from the task-notification into `docs/USAGE-BUDGET.json`:
|
|
26
|
-
`spentTokens += tokens`, append `runs[]` row `{runId, tokens, endEpoch, endIso, note}`, set
|
|
27
|
-
`lastRunEndEpoch/Iso`. (Until the engine writes its own row — planned fix — this is manual; be exact.)
|
|
28
|
-
2. Re-gate any engine swap: `node scripts/pre-run-gate.cjs` (this also updates the ledger). If FAIL →
|
|
29
|
-
revert to `build-loop.prev.js` and note it in the run record.
|
|
30
|
-
3. Commit the run record (scoped: the ledger + budget + any recovered planning files). Local only.
|
|
31
|
-
4. **Site auto-deploy (user-approved 2026-07-03):** if `node scripts/site-release.js --diff` shows
|
|
32
|
-
drift: `site-release.js` → `--check` → `sudo -n /usr/local/bin/verifyhash-deploy` → `--mark-deployed`
|
|
33
|
-
→ commit `site/DEPLOYED.json`. Notify the user one line (what went live + backup path).
|
|
34
|
-
5. Enforce cooldown/cap, then relaunch from step 1 of the Launch protocol — unless a pause is on
|
|
35
|
-
(check memory + the latest run-record note).
|
|
36
|
-
|
|
37
|
-
## Standing guardrails (unchanged by any of the above)
|
|
38
|
-
|
|
39
|
-
- Local commits only; **never `git push`** (also enforced by `.git/hooks/pre-push`) and never any
|
|
40
|
-
network git operation.
|
|
41
|
-
- The loop ENGINE never deploys, never holds keys or funds, never issues a token/coin/security.
|
|
42
|
-
- The SUPERVISOR may: publish the site via the narrow-sudo path above, and execute a **specific,
|
|
43
|
-
user-directed** on-chain deploy with user-provided, capped funds. Nothing standing, nothing autonomous.
|
|
44
|
-
- Anything legal / funds / pricing / outward-facing stays `needs-human` (see `docs/DECISIONS-PENDING.md`).
|
|
45
|
-
|
|
46
|
-
## Known live state (2026-07-03)
|
|
47
|
-
|
|
48
|
-
- ContributionRegistry LIVE on Polygon mainnet: `0x77d8eF881D5aeEda64788968D13f9146fE1A609B`
|
|
49
|
-
(deployer `0xAA1C…B455`, key at `/home/loopdev/.verifyhash-deploy-key.txt` — user-owned; ~3.5 POL remains).
|
|
50
|
-
- verifyhash.com live-deployed via `/usr/local/bin/verifyhash-deploy` (root-owned; sudoers grant for that
|
|
51
|
-
one command only). Webroot backups: `/var/www/verifyhash.com/html.bak.<ts>`.
|
|
52
|
-
- Loop PAUSED after run wf_72ed879b-35c per user (subscription weekly usage); resume only on user go.
|
package/docs/USAGE-BUDGET.json
DELETED
|
@@ -1,121 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"_doc": "Loop spend governor. The /loop SUPERVISOR (not the engine) reads & enforces this at each relaunch boundary. A run is atomic once launched; cap is checked BEFORE launching the next. Tune any field freely.",
|
|
3
|
-
"windowDays": 7,
|
|
4
|
-
"windowStartIso": "2026-07-01T17:44:01Z",
|
|
5
|
-
"windowStartEpoch": 1782927841,
|
|
6
|
-
"windowResetIso": "2026-07-08T17:44:01Z",
|
|
7
|
-
"ceilingTokens": 120000000,
|
|
8
|
-
"cooldownSeconds": 7200,
|
|
9
|
-
"atCap": "pause-and-wait",
|
|
10
|
-
"estPerRunTokens": 5308720,
|
|
11
|
-
"spentTokens": 24638756,
|
|
12
|
-
"runs": [
|
|
13
|
-
{
|
|
14
|
-
"runId": "wf_7247856c-81c",
|
|
15
|
-
"tokens": 4337689,
|
|
16
|
-
"endEpoch": 1782332559,
|
|
17
|
-
"endIso": "2026-06-24T20:22:39Z"
|
|
18
|
-
},
|
|
19
|
-
{
|
|
20
|
-
"runId": "wf_231b8535-d68",
|
|
21
|
-
"tokens": 5308720,
|
|
22
|
-
"endEpoch": 1782354321,
|
|
23
|
-
"endIso": "2026-06-25T02:25:21Z"
|
|
24
|
-
},
|
|
25
|
-
{
|
|
26
|
-
"runId": "wf_1e4dd9f7-e36",
|
|
27
|
-
"tokens": 4570608,
|
|
28
|
-
"endEpoch": 1782374753,
|
|
29
|
-
"endIso": "2026-06-25T08:05:53Z"
|
|
30
|
-
},
|
|
31
|
-
{
|
|
32
|
-
"runId": "wf_574564f9-394",
|
|
33
|
-
"tokens": 4611799,
|
|
34
|
-
"endEpoch": 1782394073,
|
|
35
|
-
"endIso": "2026-06-25T13:27:53Z"
|
|
36
|
-
},
|
|
37
|
-
{
|
|
38
|
-
"runId": "wf_5df912fe-b52",
|
|
39
|
-
"tokens": 5395384,
|
|
40
|
-
"endEpoch": 1782418083,
|
|
41
|
-
"endIso": "2026-06-25T20:08:03Z"
|
|
42
|
-
},
|
|
43
|
-
{
|
|
44
|
-
"runId": "wf_4c16c5a7-142",
|
|
45
|
-
"tokens": 4717447,
|
|
46
|
-
"endEpoch": 1782435921,
|
|
47
|
-
"endIso": "2026-06-26T01:05:21Z"
|
|
48
|
-
},
|
|
49
|
-
{
|
|
50
|
-
"runId": "wf_c1d79f30-b27",
|
|
51
|
-
"tokens": 4789932,
|
|
52
|
-
"endEpoch": 1782454664,
|
|
53
|
-
"endIso": "2026-06-26T06:17:44Z"
|
|
54
|
-
},
|
|
55
|
-
{
|
|
56
|
-
"runId": "wf_63748963-3e7",
|
|
57
|
-
"tokens": 7723935,
|
|
58
|
-
"endEpoch": 1782482715,
|
|
59
|
-
"endIso": "2026-06-26T14:05:15Z"
|
|
60
|
-
},
|
|
61
|
-
{
|
|
62
|
-
"runId": "wf_6cd34703-102",
|
|
63
|
-
"tokens": 3913754,
|
|
64
|
-
"endEpoch": 1782502218,
|
|
65
|
-
"endIso": "2026-06-26T19:30:18Z"
|
|
66
|
-
},
|
|
67
|
-
{
|
|
68
|
-
"runId": "wf_eca980df-3d0",
|
|
69
|
-
"tokens": 12141525,
|
|
70
|
-
"tokensEstimated": true,
|
|
71
|
-
"note": "TaskStopped at user request (token-saving) on its 6th task; tokens estimated from transcript (output+input+cache_creation, excl. cache-reads)",
|
|
72
|
-
"endEpoch": 1782526595,
|
|
73
|
-
"endIso": "2026-06-27T02:16:35Z"
|
|
74
|
-
},
|
|
75
|
-
{
|
|
76
|
-
"runId": "wf_7265354b-ac9",
|
|
77
|
-
"tokens": 5660334,
|
|
78
|
-
"endEpoch": 1782890998,
|
|
79
|
-
"endIso": "2026-07-01T07:29:58Z",
|
|
80
|
-
"note": "8 tasks all VERIFIED (SDK-adoption arc T-56.2..T-59.1); Architect promoted engine #22 (usefulness min()->median); tokens authoritative from subagent_tokens"
|
|
81
|
-
},
|
|
82
|
-
{
|
|
83
|
-
"runId": "wf_5b304124-b3d",
|
|
84
|
-
"tokens": 2859078,
|
|
85
|
-
"endEpoch": 1782908347,
|
|
86
|
-
"endIso": "2026-07-01T12:19:07Z",
|
|
87
|
-
"note": "verify-as-a-service line: T-59.2 (serve-verify HTTP) + T-59.3 (CI drop-in) + T-60.1 (integrity-journal CORE) all VERIFIED/committed; T-60.2 (journal CLI verb) built+reviewed but its Critique panel, commit, and the run's Report/Manager/Architect phases FAILED on the subscription WEEKLY LIMIT ('resets 2pm UTC'). Engine unchanged (engineUpgrade none, md5 0bc9bbc9). tokens authoritative from subagent_tokens. endEpoch estimated (notification epoch lost across compaction; cooldown satisfied regardless)."
|
|
88
|
-
},
|
|
89
|
-
{
|
|
90
|
-
"runId": "wf_c9795182-acb",
|
|
91
|
-
"tokens": 6283496,
|
|
92
|
-
"endEpoch": 1782955200,
|
|
93
|
-
"endIso": "2026-07-02T01:20:00Z",
|
|
94
|
-
"note": "FINAL run before intentional loop STOP (user restarting session to enable Fable 5). ranTasks 6: VERIFIED T-60.3, T-61.3, T-62.1, T-62.2 (4); BLOCKED T-61.1 (auto-build x3) + T-63.1 (targeted 33/33 but full suite RED -> reverted, tree confirmed green 3314 passing). Strategist invented EPIC-61/62/63/64; EPIC-64 self-PARKED per qualityStall. engineUpgrade none; Manager/Reporter/Architect died on API 529 Overloaded so METRICS.jsonl line NOT written and these planning files were committed manually. tokens authoritative from subagent_tokens (agent_count 92, ~8.3h). WINDOW ROLLED at 2026-07-01T17:44:01Z: this is the only run in the new window, so spentTokens reset to 6283496; prior-window runs remain above for audit (pre-roll file in git history)."
|
|
95
|
-
},
|
|
96
|
-
{
|
|
97
|
-
"runId": "wf_07ba35e7-d72",
|
|
98
|
-
"tokens": 5192993,
|
|
99
|
-
"endEpoch": 1782981244,
|
|
100
|
-
"endIso": "2026-07-02T08:34:04Z",
|
|
101
|
-
"note": "FIRST FABLE-TRIAL run (engine #23): 8/8 VERIFIED, 0 blocked, ALL on attempt 1 — fableFirstShots 8/8 (100%) vs Opus baseline ~33%; avgUsefulness 3.88 (prior 3.38); converted both previously-BLOCKED tasks (T-61.1, T-63.1); completed EPIC-63 transparency log end-to-end; Strategist (Fable) invented EPIC-65 zero-install browser TrustLedger (T-65.1/2/3 shipped); Manager made 1 team change; Fable Architect shipped engine #24 (dissenter-only re-score = efficiency-audit finding #5), independently re-gated PASS+SMOKE-PASS, model pins intact. CHEAPER (5.19M vs 6.28M tokens) and FASTER (5.2h vs 8.3h) than the prior all-Opus run. 1 agent errored (absorbed). tokens authoritative from subagent_tokens."
|
|
102
|
-
},
|
|
103
|
-
{
|
|
104
|
-
"runId": "wf_1f634aeb-b9f",
|
|
105
|
-
"tokens": 7286045,
|
|
106
|
-
"endEpoch": 1783018585,
|
|
107
|
-
"endIso": "2026-07-02T18:56:25Z",
|
|
108
|
-
"note": "FABLE-TRIAL run 2 (engine #24): 8/8 VERIFIED, 0 blocked, ALL attempt 1 — fableFirstShots 8/8 (100%) AGAIN (cumulative 16/16 vs ~33% Opus baseline); avgUsefulness 4.13 / min 4 (best ever; 3.38->3.88->4.13); rework 4 with 0 reverted; 97/97 agents clean. Shipped: EPIC-66 browser verifier (in-memory seam + offline HTML page w/ 60s challenge, usefulness 5, + funnel wiring), EPIC-67 site-release assembler + drift visibility (--diff/--mark-deployed vs DEPLOYED.json), NEW Strategist-invented EPIC-68 AGENTTRACE (agent-session provenance: pure core + vh agent CLI w/ license-gated paid sign + zero-install verify). Manager: 2 team changes (TrustIntegrity AGENTTRACE clause). engineUpgrade none (md5 88bf8ee0 unchanged). tokens authoritative from subagent_tokens."
|
|
109
|
-
},
|
|
110
|
-
{
|
|
111
|
-
"runId": "wf_72ed879b-35c",
|
|
112
|
-
"tokens": 5876222,
|
|
113
|
-
"endEpoch": 1783054303,
|
|
114
|
-
"endIso": "2026-07-03T04:51:43Z",
|
|
115
|
-
"note": "FINAL run of the session; TaskStopped mid-8th-build by user to save weekly Fable usage (run was ~6.4h, unusually long). 7 tasks VERIFIED/committed (EPIC-69 T-69.1/2/3, EPIC-70 T-70.1/2/3 + one more); abandoned in-flight task git-stashed (recoverable). tokens AUTHORITATIVE from the workflow state json totalTokens (79 agents), NOT an estimate. Architect phase never reached, so NO engine swap this run (live md5 88bf8ee0 unchanged). Loop STOPPED after this per user; no relaunch until explicit go."
|
|
116
|
-
}
|
|
117
|
-
],
|
|
118
|
-
"note": "Max $200 plan, weekly allowance >> 40M. Cooldown is the primary lever; ceiling is a safe backstop (pause-at-cap, so erring low is harmless). Raise ceilingTokens or lower cooldownSeconds to go faster.",
|
|
119
|
-
"lastRunEndEpoch": 1783054303,
|
|
120
|
-
"lastRunEndIso": "2026-07-03T04:51:43Z"
|
|
121
|
-
}
|