clawdie/clawdie-ai
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs(vault): update domedog findings — end-to-end PASS, bug found+fixed #16

Merged
clawdie merged 1 commit from docs/vault-domedog-proof-passed into main 2026-06-20 07:11:37 +02:00
Conversation 0 Commits 1 Files changed 1 +62 -50
clawdie commented 2026-06-20 07:07:50 +02:00
Owner
Copy link

What

Updates the domedog Vaultwarden findings to reflect the corrected end-to-end result, and documents the one real bug found + its fix.

Why

The first draft (PR #15) reported bw unlock failing with Decryption failed and concluded the master password was wrong. That was incorrect. A clean re-run (bw logout then re-test) shows unlock succeeds with the same password — it was never wrong. The earlier failure was a side effect of a stale logged-in session, not a password problem.

What changed

  • End-to-end PASS: login + unlock + fetch DEEPSEEK_API_KEY + write .env + re-lock. The full bootstrap → login → unlock → fetch → .env → re-lock chain is proven.
  • Test item: documents the DEEPSEEK_API_KEY login item (name = env var, value in password field) that validates the name-based retrieval contract.
  • One real bug found + fixed: clawdie-vault-fetch failed at bw config server when already logged in (Logout required treated as fatal). Fixed in clawdie-iso fix/vault-fetch-bw-config-when-logged-in (companion PR).
  • Setup state on domedog: bw path, staged helper location, bootstrap file location.
  • Carries forward the not-wired-yet follow-up: runtime consumption (agent reads the fetched .env at launch) is the next milestone.

Checks

npx prettier@3 --check docs/VAULTWARDEN-DOMEDOG-FINDINGS-2026-06-19.md   # clean
git diff --check

Cross-repo

Companion to clawdie-iso fix/vault-fetch-bw-config-when-logged-in — land together.

Co-Authored-By: Hermes & Sam <hello@clawdie.si>

## What Updates the domedog Vaultwarden findings to reflect the **corrected** end-to-end result, and documents the one real bug found + its fix. ## Why The first draft (PR #15) reported `bw unlock` failing with `Decryption failed` and concluded the master password was wrong. **That was incorrect.** A clean re-run (`bw logout` then re-test) shows unlock succeeds with the **same** password — it was never wrong. The earlier failure was a side effect of a stale logged-in session, not a password problem. ## What changed - **End-to-end PASS**: login + unlock + fetch `DEEPSEEK_API_KEY` + write `.env` + re-lock. The full `bootstrap → login → unlock → fetch → .env → re-lock` chain is proven. - **Test item**: documents the `DEEPSEEK_API_KEY` login item (name = env var, value in password field) that validates the name-based retrieval contract. - **One real bug found + fixed**: `clawdie-vault-fetch` failed at `bw config server` when already logged in (`Logout required` treated as fatal). Fixed in **clawdie-iso `fix/vault-fetch-bw-config-when-logged-in`** (companion PR). - **Setup state on domedog**: `bw` path, staged helper location, bootstrap file location. - **Carries forward** the not-wired-yet follow-up: runtime consumption (agent reads the fetched `.env` at launch) is the next milestone. ## Checks ```sh npx prettier@3 --check docs/VAULTWARDEN-DOMEDOG-FINDINGS-2026-06-19.md # clean git diff --check ``` ## Cross-repo Companion to **clawdie-iso `fix/vault-fetch-bw-config-when-logged-in`** — land together. Co-Authored-By: Hermes &amp; Sam &lt;hello@clawdie.si&gt;
clawdie added 1 commit 2026-06-20 07:07:52 +02:00
docs(vault): update domedog findings — end-to-end PASS, bug found+fixed
Some checks failed
CI / ci (pull_request) Has been cancelled
Details
c2d5b5224f 
Rewrite the findings to reflect the corrected outcome after the first draft
misdiagnosed unlock as a password failure:

- End-to-end chain PASS: login + unlock + fetch DEEPSEEK_API_KEY + write .env
  + re-lock. Master password was correct all along; the earlier 'decryption
  failed' was a stale logged-in session side effect.
- Document the one real bug: clawdie-vault-fetch failed at 'bw config server'
  when already logged in ('Logout required' treated as fatal). Fixed in
  clawdie-iso fix/vault-fetch-bw-config-when-logged-in.
- Record setup state on domedog (bw path, staged helper, bootstrap file).
- Carry forward the not-wired-yet follow-up: runtime consumption (agent reads
  the fetched .env at launch) is the next milestone.

Checks: prettier clean; git diff --check.

Co-Authored-By: Hermes & Sam <hello@clawdie.si>
clawdie merged commit 393b0c76c7 into main 2026-06-20 07:11:37 +02:00
clawdie deleted branch docs/vault-domedog-proof-passed 2026-06-20 07:11:40 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/clawdie-ai#16
No description provided.
Delete branch "docs/vault-domedog-proof-passed"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?