From 7c3016cf06fb122007a437d4340e7ee83136c689 Mon Sep 17 00:00:00 2001 From: Sam & Claude Date: Sat, 20 Jun 2026 06:39:31 +0200 Subject: [PATCH] =?UTF-8?q?docs(hive):=20record=20first-proof=20policy=20?= =?UTF-8?q?=E2=80=94=20scratch=20jail=20+=20test=20collection=20until=20ha?= =?UTF-8?q?rdening?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit First proven end-to-end uses a scratch jail + throwaway test collection only; no real tenant data until path hardening (#92) lands. First-proof blockers are #88 (resolve collection by name) and #89 (per-call unlock); #92 is hardening. Co-Authored-By: Claude Opus 4.8 --- docs/HIVE-ONBOARDING.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/HIVE-ONBOARDING.md b/docs/HIVE-ONBOARDING.md index 6647bed..49ad2b9 100644 --- a/docs/HIVE-ONBOARDING.md +++ b/docs/HIVE-ONBOARDING.md @@ -115,6 +115,12 @@ Smallest path that is real: 3. **Spawner hook** — call vault-provision right after jail create. 4. **`mother` skill in layered-soul** — the genesis sequence above. +**First-proof policy.** The first proven end-to-end runs against a **scratch jail + a +throwaway test collection only** — no real tenant data until the path hardening lands +(canonicalize + allowed-root containment, colibri issue #92). The two first-proof blockers +are colibri **#88** (resolve the collection by name) and **#89** (per-call unlock); #92 is +hardening that follows. Tracker state lives on those issues. + **Overengineering traps to avoid for now:** a custom Bitwarden web UI (Vaultwarden's own UI + a Collection is enough to start), billing/metering, a native Bitwarden protocol in Rust, multi-region control plane, and recursive auto-spawn (gate it off until policy exists).