status.md
1 # Implementation Status 2 3 Current state of ALPHA/DELTA Protocol implementation. 4 5 **Last Updated**: 2026-01-07 6 7 > **For Claude coding sessions**: Load `project/implementation/machine/status.cspec` instead (~80% fewer tokens). 8 > **cspec source**: `machine/status.cspec` 9 10 --- 11 12 ## Overview 13 14 | Component | Status | Progress | 15 |-----------|--------|----------| 16 | ALPHA Chain | In Progress | CLP module, Locked Pool implemented | 17 | DELTA Chain | In Progress | 6 programs implemented (oracle, exchange, perpetuals, governance, dividends, sax) | 18 | Unified Binary (adnet) | In Progress | 7-crate structure, IPC channels, CLI | 19 | AC/DC Installer | Complete | All 13 phases implemented | 20 | Cross-Chain Attestation | In Progress | IPC module, lock/unlock programs ready | 21 | Infrastructure | Complete | CI/CD operational | 22 | Documentation | In Progress | Spec v3.0 integration | 23 24 --- 25 26 ## ALPHA Chain 27 28 **Status**: In Progress - Rebrand Active 29 30 ### Completed 31 - [x] Fork Aleo repositories to `~/repos/ac-dc/` 32 - alphavm (Radicle: `rad:z4En6ATUCCDQCTP4Qx5NUKFKVmht4`) 33 - alphaos (Radicle: `rad:znAvWPuRS176eb1WPKNVatoGsFii`) 34 - adl (Radicle: `rad:zEZM4hLNNzeUHnzPVCv5y6Umhfyd`) 35 - adl-examples (Radicle: `rad:zqGk38cmVuUGGq6yPQ5ZAvrMcd5K`) 36 - sdk (Radicle: `rad:z2L4YxakKow8HeEBZsPc1knGEQgrd`) 37 - acdc-core (Radicle: `rad:z38sdq2ZyyTrFPw8nSueRYjEX7fdE`) 38 - [x] Address prefix change (`aleo1` → `ax1`) 39 - [x] Package renaming (`snarkvm-*` → `alphavm-*`, no hyphen in "alphavm") 40 - [x] Test file updates (`.aleo` → `.alpha` program references) 41 - [x] Repository renaming complete (snarkVM→alphavm, snarkOS→alphaos, leo→adl, leo-examples→adl-examples, aleo-std→acdc-core) 42 - [x] All repos CI passing 43 - [x] Push changes to Radicle (automated sync operational) 44 - [x] Version reset to v0.1.0 Foundation (tagged), working version v0.2.0 45 - [x] ADL dual-chain compiler (2026-01-03) 46 - Binary renamed from `leo` to `adl` 47 - Global `--chain` flag (alpha/delta) 48 - Chain-specific file extensions (`.alpha`/`.delta`) 49 - Chain-specific address prefixes (`ax1`/`dx1`) 50 - deltavm dependency added for compilation 51 - CI matrix testing for both chains 52 53 ### Implemented (2026-01-04) 54 - [x] **CLP Module** - Continuous Liveness Proof system (`alphaos/node/consensus/src/clp/`) 55 - `types.rs` - ClpConfig, ValidatorClpStatus, ResponseRateThreshold 56 - `challenge.rs` - ChallengeGenerator (60s interval, 30s response window) 57 - `response.rs` - ResponseHandler for signed validator responses 58 - `aggregator.rs` - ResponseAggregator for per-validator tracking 59 - `penalty.rs` - PenaltyEvaluator (warning <95%, minor slash <90%, major <80%) 60 - Disqualification after 3 consecutive failing epochs 61 - [x] **Locked AX Pool** (`locked_pool.alpha`) 62 - Lock AX for sAX minting on DELTA 63 - Process unlock attestations from DELTA 64 - Replay protection and finality verification 65 66 ### Implemented (2026-01-04) - Phase 7 67 - [x] **Consensus Config** (`alphaos/node/consensus/src/config.rs`) 68 - ConsensusConfig struct for runtime-configurable timing 69 - block_time_ms: Target block time (default 10s) 70 - max_batch_delay_ms: Max batch delay (default 2.5s) 71 - Factory methods: alpha_phase1(), alpha_phase2(), delta_phase1(), delta_phase2(), dev() 72 - DerivedTimings for calculated constants 73 - Validation for block time bounds (1-60s) 74 - Unit tests for all configurations 75 76 ### Implemented (2026-01-04) - Phase 6.1-6.2 (CLP Integration) 77 - [x] **CLP Consensus Integration** 78 - Added CLP fields to Consensus struct (config, generator, aggregator, evaluator) 79 - CLP components initialized in Consensus::new() 80 - Re-exported CLP types for external use 81 - [x] **CLP Network Events** (`alphaos/node/bft/events/src/`) 82 - `clp_challenge_event.rs` - ClpChallengeEvent (ID 16) 83 - `clp_response_event.rs` - ClpResponseEvent (ID 17) 84 - Stub handlers in gateway.rs for incoming CLP events 85 - Prop tests for serialization 86 87 ### Pending 88 - [ ] Phase 6.3-6.4: Challenge generation background task, response handling 89 - [ ] Phase 6.5-6.6: Epoch evaluation, LedgerService slashing methods 90 - [ ] Implement Governor system 91 92 --- 93 94 ## DELTA Chain 95 96 **Status**: In Progress - Programs Implemented 97 98 **Reference**: See Technical Specification v3.0, Part IV and `architecture/delta-chain.md` 99 100 ### Design Complete 101 - [x] DeltaVM architecture (full VM capabilities from alphavm fork) 102 - [x] Spot trading engine with order book 103 - [x] Perpetual futures (up to 50x fiat, 20x crypto leverage) 104 - [x] Hybrid privacy model (trading public, DX holdings private) 105 - [x] Oracle integration (Chainlink primary) 106 - [x] Governance module (DX voting) 107 - [x] Dividend distribution system 108 - [x] Fiat off-ramp process 109 110 ### Completed 111 - [x] Fork alphavm as deltavm 112 - Address prefix change (`ax1` → `dx1`) 113 - Package renaming (`alphavm-*` → `deltavm-*`) 114 - File extension updates (`.alpha` → `.delta`) 115 - Pushed to Forgejo: `http://code.ac-dc.network:3000/Alpha-Delta-Network/deltavm` 116 - [x] Fork alphaos as deltaos 117 - Package renaming (`alphaos-*` → `deltaos-*`) 118 - Configuration path updates 119 - Pushed to Forgejo: `http://code.ac-dc.network:3000/Alpha-Delta-Network/deltaos` 120 - [x] Set up CI pipelines for deltavm/deltaos 121 - Forgejo workflows configured (check, build, test) 122 - deltavm includes WASM build check 123 - deltaos includes node binary verification 124 - [x] Configure Radicle remotes for delta repos 125 - deltavm (Radicle: `rad:z2C8XpQLs34xFULYjf7sJjCRccrgZ`) 126 - deltaos (Radicle: `rad:z2vzrzyNghNJioXj4oTi6QNxLyLt6`) 127 128 ### DELTA Programs Implemented (2026-01-04) 129 - [x] **delta.oracle** - Source-agnostic FX price feed system 130 - Unified source registry (all sources equal, Chainlink pre-configured at launch) 131 - 21 required FX pairs (20 fiat + XAU/USD gold) 132 - TRIMMEAN aggregation for per-pair outlier rejection (20% trim) 133 - 6-block update interval (1 minute at 10s blocks) 134 - Governance actions 9-13 for source management (add/remove/deactivate/reactivate) 135 - Staleness checking (360 blocks = 1 hour max) 136 - AX rate derivation from FX pairs 137 - [x] **delta.exchange** - Spot trading order book 138 - Order types: Limit, Market, IOC, FOK, Post-Only 139 - Price-time priority FIFO matching 140 - Fee tiers based on 30-day volume (0.1% → 0.01%) 141 - Market registration and configuration 142 - [x] **delta.perpetuals** - Leveraged derivatives trading 143 - Leverage limits: 50x fiat, 20x major crypto, 10x alt 144 - Maintenance margins: 1.5% fiat, 3% major, 5% alt 145 - 8-hour funding rate settlements 146 - Insurance fund for liquidations 147 - [x] **delta.governance** - DX voting system 148 - Proposal threshold: 1M DX 149 - Voting threshold: 10K DX 150 - Standard (50%/10% quorum) and Critical (67%/20% quorum) proposals 151 - Timelock: 48h standard, 7 days critical 152 - Oracle governance actions (types 9-13): add/remove/deactivate/reactivate sources 153 - [x] **delta.dividends** - Revenue distribution 154 - Fee collection from exchange/perpetuals (70% to stakers) 155 - Per-epoch distribution to staked DX holders 156 - Epoch snapshots for stake weights 157 - Claimable dividends with audit trail 158 - [x] **delta.sax** - Synthetic AX token 159 - 1:1 backing with locked AX on ALPHA 160 - Lock attestation processing (mint on verified lock) 161 - Burn for unlock flow 162 - Standard transfer/approve/transferFrom 163 164 ### DeltaOS Oracle Module Implemented (2026-01-06) 165 - [x] **deltaos-node-oracle** crate (`deltaos/node/oracle/`) 166 - Generic HTTP price fetcher (source-agnostic) 167 - TRIMMEAN aggregation algorithm with manipulation resistance 168 - Unified source registry (loads from on-chain state) 169 - 6-block scheduler for price updates 170 - Transaction builder for oracle updates 171 - Mock price server for testing 172 - 55 tests passing (39 unit + 16 integration) 173 174 ### Pending Implementation 175 - [ ] Wire oracle module to DeltaRuntime event loop 176 - [ ] Integration testing with live chain 177 - [ ] Deploy programs to testnet 178 179 --- 180 181 ## Cross-Chain Attestation 182 183 **Status**: In Progress - Core Components Implemented 184 185 **Note**: This is an internal IPC module within the unified `adnet` binary, NOT an external bridge. 186 187 **Reference**: See Technical Specification v3.0, Part V and `architecture/bridge.md` 188 189 ### Design Complete 190 - [x] IPC-based communication between runtimes 191 - [x] sAX lock/unlock attestation flow 192 - [x] Governance outcome propagation 193 - [x] Finality requirements (3 blocks) 194 - [x] Failure handling (one runtime crash tolerance) 195 196 ### Implemented (2026-01-04) 197 - [x] **Locked AX Pool on ALPHA** (`locked_pool.alpha`) 198 - Lock AX for sAX minting 199 - Process unlock attestations from DELTA 200 - Finality verification (3 blocks) 201 - Replay protection for unlock IDs 202 - [x] **sAX Program on DELTA** (`delta.sax`) 203 - Process lock attestations from ALPHA 204 - Mint sAX on verified lock 205 - Burn sAX for unlock request 206 - Standard ERC-20 style interface 207 - [x] **IPC Module in adnet** (`adnet-ipc`) 208 - CrossChainMessage types (Lock, Unlock, Governance, StateRoot) 209 - mpsc channels for inter-runtime communication 210 - AttestationVerifier with merkle proof verification 211 - Attestation queue management 212 213 ### Pending Implementation 214 - [ ] Wire up IPC to runtime event loops 215 - [ ] Integration testing with both chains running 216 217 --- 218 219 ## Unified Binary (adnet) 220 221 **Status**: In Progress - Repository Created 222 223 **Repository**: http://code.ac-dc.network:3000/Alpha-Delta-Network/adnet 224 225 **Radicle**: `rad:z4TrFcogtv5eCBm5Repny6wdWqLzx` 226 227 ### Overview 228 The `adnet` binary is the unified dual-chain node that runs both ALPHA and DELTA 229 chains in a single process with internal IPC for cross-chain communication. 230 231 ### Structure (7 crates) 232 - [x] **adnet** - Main CLI binary with alpha/delta subcommands 233 - [x] **adnet-runtime** - Dual-chain orchestration 234 - [x] **adnet-ipc** - Cross-chain IPC channels 235 - [x] **adnet-consensus** - Consensus coordination (placeholder) 236 - [x] **adnet-network** - Unified P2P layer (placeholder) 237 - [x] **adnet-storage** - Dual-chain storage (placeholder) 238 - [x] **adnet-api** - REST APIs (placeholder) 239 240 ### Implemented (2026-01-04) 241 - [x] CLI structure with Commands enum 242 - `adnet start [--alpha-only | --delta-only]` 243 - `adnet alpha <command>` - ALPHA-specific 244 - `adnet delta <command>` - DELTA-specific 245 - `adnet status` - Combined status 246 - [x] Runtime configuration with block time validation 247 - DELTA block time must be a factor of ALPHA 248 - Configurable ports: ALPHA REST 3030, DELTA REST 4030 249 - P2P ports: ALPHA 4130, DELTA 4131 250 - [x] IPC message types and channels 251 - [x] CI workflow template 252 253 ### Implemented (2026-01-04) - Phase 5 & 7 254 - [x] **Dual-chain Runtime** (`adnet-runtime`) 255 - AlphaRuntime wrapper with IPC integration 256 - DeltaRuntime wrapper with IPC integration 257 - Cross-chain message handling (LockAttestation, UnlockAttestation, GovernanceOutcome) 258 - State root synchronization between chains 259 - [x] **Block Time Configuration** 260 - RuntimeConfig with enhanced validation 261 - Validates DELTA block time is a factor of ALPHA 262 - Factory methods: phase1() (10s/10s), phase2() (15s/3s), dev() (1s/1s) 263 - delta_blocks_per_alpha_block() helper for attestation alignment 264 - [x] **IPC Channel System** (`adnet-ipc`) 265 - Clone-able handles for runtime use 266 - Fixed attestation.rs borrow checker issues 267 - LockAttestation, UnlockAttestation with merkle proofs 268 - AlphaStateRoot, DeltaStateRoot for synchronization 269 270 ### Pending Implementation 271 - [ ] Wire IPC to actual alphaos/deltaos runtimes 272 - [ ] Integration testing with both chains running 273 274 --- 275 276 ## AC/DC Unified Installer 277 278 **Status**: Complete - All 13 Phases Implemented 279 280 **Repository**: http://code.ac-dc.network:3000/Alpha-Delta-Network/ac-dc 281 282 ### Overview 283 The `ac-dc` binary is a unified installer and launcher for the ALPHA/DELTA Network. 284 It simplifies node deployment by handling system checks, installation, configuration, 285 service management, and monitoring. 286 287 ### Phase 1: Foundation (Complete) 288 - [x] Workspace structure with 18 modular crates 289 - [x] System requirements detection (CPU, RAM, storage, GPU, network) 290 - [x] Port availability checking 291 - [x] CLI with subcommands (check, install, setup, start, stop, monitor, etc.) 292 - [x] Colored terminal output with progress indicators 293 - [x] JSON output support for scripting 294 - [x] CI pipeline configured 295 - [x] Radicle remote configured (RID: `rad:z2abELoYCHCS5K1eJ3Mmu7xmozWf`) 296 297 ### Phase 2: Installation Engine (Complete) 298 - [x] `acdc-radicle` crate for Radicle node management (all installs include Radicle) 299 - [x] Binary download with SHA256 checksum verification 300 - [x] Source build option (Radicle-first clone with Git fallback) 301 - [x] Prerequisite installation (apt packages, Rust toolchain, CUDA toolkit) 302 - [x] Systemd service file generation (alphaos, deltaos, radicle-node) 303 - [x] Service user/directory creation 304 305 ### Phase 3: Setup Wizard (Complete) 306 - [x] Interactive step-by-step setup wizard 307 - [x] Role selection (Validator, Prover, Client) 308 - [x] Hardware validation against role requirements 309 - [x] Network selection (Mainnet, Testnet, Canary, Dev) 310 - [x] Port configuration with smart defaults 311 - [x] Key generation and management 312 - [x] Node configuration file generation (TOML) 313 - [x] Systemd service file generation 314 - [x] Logrotate and firewall configuration 315 316 ### Phase 4: Service Management (Complete) 317 - [x] Service control via systemctl (start/stop/restart/enable/disable/kill) 318 - [x] Status retrieval from systemd (uptime, memory, CPU, state) 319 - [x] Log viewing via journalctl (with filters, follow mode, JSON output) 320 - [x] Comprehensive health checks (service, REST API, P2P ports, memory, disk) 321 - [x] Quick health check for service status only 322 323 ### Phase 5: Monitoring & Metrics (Complete) 324 - [x] `acdc-monitor` crate for observability 325 - [x] Prometheus metrics endpoint (`:9100/metrics`) 326 - [x] Health check endpoint for load balancers 327 - [x] System metrics collection (CPU, memory, disk, network I/O) 328 - [x] Alert detection with configurable thresholds 329 - [x] Alert severity levels (Info, Warning, Critical) 330 - [x] Grafana dashboard JSON generation 331 - [x] CLI commands: `ac-dc monitor start|metrics|alerts|alert-test|dashboard|health` 332 - [x] Project documentation (README.md, architecture.md, crate docs) 333 334 ### Phase 6: Backup & Recovery (Complete) 335 - [x] `acdc-backup` crate with full/incremental/config/keys backup types 336 - [x] Local, S3, and SFTP backup destinations 337 - [x] Age encryption for secure key backups 338 - [x] Backup verification with checksum validation 339 - [x] Restore and preview functionality 340 - [x] Scheduled backups via systemd timers 341 - [x] Retention policy with automatic pruning 342 - [x] CLI commands: `ac-dc backup create|list|restore|preview|verify|delete|schedule|generate-key` 343 344 ### Phase 7: Fleet Management (Complete) 345 - [x] `acdc-fleet` crate for multi-node management 346 - [x] SSH-based remote command execution (russh) 347 - [x] Parallel and sequential execution modes 348 - [x] Rolling updates with configurable batch size 349 - [x] Health checks after rolling updates 350 - [x] Fleet status dashboard with node health 351 - [x] Fleet configuration in TOML format 352 - [x] CLI commands: `ac-dc fleet status|list|exec|update|add|remove|ping|init` 353 354 ### Phase 8: Network Tools (Complete) 355 - [x] `acdc-network` crate for network diagnostics 356 - [x] Network connectivity testing (DNS, internet, NAT detection) 357 - [x] External/local IP detection 358 - [x] Peer management (list, count, connect, disconnect) 359 - [x] Port availability checking for all node services 360 - [x] Sync status monitoring 361 - [x] TCP ping/latency measurement 362 - [x] CLI commands: `ac-dc network diagnostics|peers|ping|ports|sync|external-ip|local-ip` 363 364 ### Phase 9: Update System (Complete) 365 - [x] `acdc-update` crate for self-updates and component updates 366 - [x] Version checking and parsing (semver-compatible) 367 - [x] GitHub releases API integration 368 - [x] Self-update functionality (backup, download, replace binary) 369 - [x] Component updates (alphaos, deltaos, adl, sdk) 370 - [x] Platform detection (Linux/macOS/Windows, x86_64/aarch64) 371 - [x] Archive extraction (tar.gz, zip formats) 372 - [x] Rollback support with backup management 373 - [x] CLI commands: `ac-dc update check|self|component|list`, `ac-dc rollback [--list]` 374 375 ### Phase 10: Diagnostics & Troubleshooting (Complete) 376 - [x] `acdc-diagnostics` crate for issue detection and debugging 377 - [x] Log analysis module with pattern detection 378 - Connection errors, OOM, disk full, sync stalls 379 - Panics, database errors, consensus errors 380 - Journalctl JSON parsing with log file fallback 381 - [x] System diagnostics (CPU, memory, disk, network) 382 - Resource status evaluation (Ok/Warning/Critical thresholds) 383 - Process information collection 384 - [x] Issue detection with async check system 385 - Check types: Resource, Service, Network, Sync, Config, Security 386 - Severity levels: Info, Warning, Error, Critical 387 - Resolution suggestions for detected issues 388 - [x] Debug bundle generation for support tickets 389 - Creates tar.gz archive with diagnostics.json, system-info.txt, logs.txt 390 - Includes sanitized config and service status 391 - [x] CLI commands: `ac-dc diagnostics run|check|bundle|logs|system` 392 393 ### Phase 11: Security & Hardening (Complete) 394 - [x] `acdc-security` crate for security management 395 - [x] Firewall management (firewall.rs) 396 - UFW status, enable/disable, add/delete rules 397 - Configure firewall for node operation 398 - Required ports checking 399 - [x] TLS certificate management (tls.rs) 400 - Self-signed certificate generation (rcgen) 401 - Certificate info extraction (x509-parser) 402 - Let's Encrypt/certbot integration 403 - [x] Key rotation module (keys.rs) 404 - Key backup before rotation 405 - Permission checking and fixing 406 - Backup listing and restoration 407 - [x] Security audit module (audit.rs) 408 - Full audit with risk scoring 409 - Categories: Firewall, Permissions, Network, Auth, Certs, System, Service 410 - Severity levels: Info, Low, Medium, High, Critical 411 - [x] System hardening module (hardening.rs) 412 - SSH hardening (root login, password auth) 413 - Kernel hardening (ASLR, dmesg restrict) 414 - Network hardening (IP forward, SYN cookies) 415 - Auto-apply fixable settings 416 - [x] CLI commands: `ac-dc security audit|check|firewall|cert|keys|hardening` 417 418 ### Phase 12: Configuration Management (Complete) 419 - [x] `acdc-cfg` crate for configuration management 420 - [x] Validation module (validation.rs) 421 - Field type checking (string, integer, boolean) 422 - Value range validation with min/max bounds 423 - Allowed values enforcement for enums 424 - Regex pattern matching for formats 425 - Port conflict detection 426 - [x] Migration module (migration.rs) 427 - Version tracking in config files 428 - Migration path computation between versions 429 - Field additions/removals/renames across versions 430 - Automatic backup before migration 431 - Preview mode for dry-run 432 - [x] Profiles module (profiles.rs) 433 - Environment profiles: production, development, testing, staging 434 - Role profiles: validator, prover, client 435 - Nested value overrides with dot notation 436 - [x] Templates module (templates.rs) 437 - Built-in templates: node-basic, node-full, validator, prover, fleet 438 - Variable interpolation with {{name}} syntax 439 - Required vs optional variables with defaults 440 - Pattern validation for variable values 441 - [x] CLI commands: `ac-dc cfg validate|migrate|profile|template` 442 443 ### Phase 13: High-Availability Failover (Complete) 444 - [x] `acdc-ha` crate for master/slave HA failover 445 - [x] Configuration module (config.rs) 446 - HA pair configuration (master/slave roles) 447 - Heartbeat settings (interval, timeout, port) 448 - VIP configuration (Keepalived/VRRP) 449 - Sync paths and failover settings 450 - [x] Heartbeat module (heartbeat.rs) 451 - UDP heartbeat send/receive (1s interval) 452 - 5-second timeout detection 453 - Health metrics in payload (CPU, memory, block height) 454 - Sequence numbers for ordering 455 - [x] Sync module (sync.rs) 456 - Rsync-based ledger/keys synchronization 457 - Continuous sync daemon mode 458 - Block height lag monitoring 459 - Checksum verification 460 - [x] Failover module (failover.rs) 461 - Detection → Fencing → Promotion sequence 462 - Pre/post failover hooks 463 - ~26 second target failover time 464 - Manual and automatic failover triggers 465 - [x] VIP module (vip.rs) 466 - Keepalived (VRRP) integration 467 - Sub-second VIP failover 468 - Generates /etc/keepalived/keepalived.conf 469 - Cloud API support (placeholder) 470 - [x] Fencing module (fencing.rs) 471 - SSH-based remote service stop 472 - Node reachability verification 473 - Split-brain protection 474 - [x] Upgrade module (upgrade.rs) 475 - Zero-downtime upgrade workflow 476 - Slave-first upgrade → swap → old-master upgrade 477 - Pre-flight checks (disk space, health) 478 - Rollback on failure 479 - [x] CLI commands: `ac-dc ha init|status|failover|promote|demote|start|stop|sync|test-failover|upgrade` 480 481 ### Usage 482 ```bash 483 ac-dc check # Check system requirements 484 ac-dc check --ports # Also check port availability 485 ac-dc monitor start # Start Prometheus metrics server 486 ac-dc monitor metrics # Show current node metrics 487 ac-dc monitor alerts # Check for active alerts 488 ac-dc monitor dashboard # Generate Grafana dashboard 489 ac-dc fleet status # Show fleet status dashboard 490 ac-dc fleet exec "cmd" # Execute command across nodes 491 ac-dc network diagnostics # Run network diagnostics 492 ac-dc network peers list # List connected peers 493 ac-dc update check # Check for available updates 494 ac-dc update self # Update ac-dc binary 495 ac-dc update component adl # Update specific component 496 ac-dc rollback --list # List available rollbacks 497 ac-dc diagnostics run # Run full diagnostics check 498 ac-dc diagnostics check # Quick issue detection 499 ac-dc diagnostics bundle # Create debug bundle for support 500 ac-dc diagnostics logs node1 # Analyze node logs 501 ac-dc diagnostics system # System resource overview 502 ac-dc security audit # Full security audit with risk score 503 ac-dc security check # Quick security check 504 ac-dc security firewall status # Show firewall status 505 ac-dc security cert list # List TLS certificates 506 ac-dc security hardening status # Show hardening status 507 ac-dc cfg validate config.toml # Validate configuration file 508 ac-dc cfg migrate config.toml # Migrate config to latest version 509 ac-dc cfg profile list # List available profiles 510 ac-dc cfg profile apply production config.toml # Apply profile 511 ac-dc cfg template list # List available templates 512 ac-dc cfg template render node-basic --var node_name=mynode # Generate config 513 ac-dc ha init --master 192.168.1.10 --slave 192.168.1.11 --vip 192.168.1.100 # Init HA 514 ac-dc ha status # Show HA pair status 515 ac-dc ha failover # Trigger manual failover 516 ac-dc ha promote # Promote slave to master 517 ac-dc ha demote # Demote master to slave 518 ac-dc ha test-failover # Test failover (dry-run) 519 ac-dc ha upgrade 0.2.0 # Zero-downtime upgrade both nodes 520 ``` 521 522 --- 523 524 ## Infrastructure 525 526 **Status**: Complete 527 528 ### Completed 529 - [x] Initial repository structure 530 - [x] Reference Aleo source at `~/repos/aleo/` 531 - [x] Working fork at `~/repos/ac-dc/` 532 - [x] Forgejo CI/CD setup with native runner 533 - [x] CI workflows for ALPHA repos (alphavm, alphaos, adl, sdk, adl-examples, acdc-core) 534 - [x] Radicle remotes configured for ALPHA repos 535 - [x] Automated Forgejo → Radicle sync (every 15 min, CI-gated) 536 - [x] deltavm and deltaos repositories created on Forgejo 537 - [x] CI workflows for DELTA repos (deltavm, deltaos) 538 - [x] Radicle remotes for DELTA repos (deltavm, deltaos) 539 - [x] AC/DC unified installer repository created with CI 540 - [x] Integration test CI infrastructure (2026-01-03) 541 - alphaos: `build-test-binary` job with `test_network` feature + artifact upload 542 - ADL: `integration-test` job (matrix: alpha/delta chains) 543 - adl-examples: Matrix testing for both chains (`adl build --chain alpha/delta`) 544 - SDK: JS tests enabled (yarn installed on runner) 545 - [x] CI status monitoring script (`scripts/ci-status.sh`) 546 - Queries Forgejo API with authentication 547 - Usage: `./ci-status.sh adl 5` or `./ci-status.sh adl-examples 3` 548 - [x] CI runner health endpoint (2026-01-07) 549 - Public endpoint: `https://ci.ac-dc.network/health/status` 550 - Caddy reverse proxy with auto-TLS 551 - Metrics: runner status, jobs_running, jobs_last_hour, load_avg, memory, disk, sccache stats 552 - Updated every minute via cron 553 - [x] Claude PR Review Automation (2026-01-07) 554 - Standalone review service (`tools/claude-review-service.py`) 555 - Polls Forgejo API for open PRs every 5 minutes 556 - Runs Claude review on diffs, posts comments with approval/change labels 557 - Systemd service and timer deployed to ci.ac-dc.network 558 - Spec: `project/descriptive-docs/machine/Claude-CI-Serverside.cspec` 559 - **Pending**: Claude CLI credentials setup, org labels creation, branch protection rules 560 - [x] ADL devnet refactoring (2026-01-03) 561 - Removed legacy `snarkos` references 562 - CLI flags: `--node`, `--node-features`, `--node-version` 563 - Chain-specific binary selection via `ADL_CHAIN` env var 564 - CI no longer requires symlink workaround 565 - [x] Node integration tests (2026-01-03) 566 - deltaos: Added `build-test-binary` job (parity with alphaos) 567 - alphaos/deltaos: Added `node-integration` job 568 - Downloads test binary artifact 569 - Starts node in dev mode 570 - Verifies REST API responds at `/testnet/latest/height` 571 - Clean shutdown with 10-minute timeout 572 573 ### Future Integration Test Enhancements (Documented) 574 - [ ] BFT E2E tests for alphaos/deltaos 575 - Enable `#[ignore]` tests in `node/bft/tests/bft_e2e.rs` 576 - Add CI job with 60+ minute timeout 577 - [ ] VM integration tests (alphavm/deltavm) 578 - Add `integration-tests` crate to workspaces 579 - Test program deployment and credits transfer 580 - [ ] ADL CLI tests 581 - Restore commented tests in `adl/cli/tests/mod.rs` 582 - Requires creating example project (`./examples/pedersen-hash/`) 583 - [ ] SDK integration tests 584 - Remove `|| true` from test steps 585 - Add SDK-to-node integration tests 586 587 --- 588 589 ## Next Actions 590 591 See `next-steps.md` for prioritized task queue.