clawdie/layered-soul
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
69 commits 1 branch 0 tags 890 KiB
Commit graph

5 commits

Author SHA1 Message Date
Hermes (debby)
848689a523 docs: OVH/GDPR compliance standing constraints + multi-tenant gates 
- HOST-MATRIX §4: four standing constraints (EU region, off-box backups, MFA, no contract republishing)
- HOST-MATRIX: multi-tenant checklist (GDPR docs, DPIA, DPA, insurance, sanctions)
- HIVE-ONBOARDING §9: cross-referenced multi-tenant gates
- Reference: OVH DPA + GTS compliance analysis
 2026-06-20 10:29:16 +02:00
Sam & Claude
058e4ce926 docs(host-matrix): add infrastructure cost provenance (Sam & Pi) 
Track hosting spend as a verified fleet fact alongside disk and hardware, seed TBD rows for osa/domedom/debby/proposed OVH build capacity/ML350p, and update HIVE status now that first-proof blockers are code-complete.\n\nValidation: npx --yes prettier@3 --check docs/HOST-MATRIX.md docs/HIVE-ONBOARDING.md; python3 scripts/layered_soul.py validate .
 2026-06-20 09:48:12 +02:00
Sam & Claude
4192574f74 docs(hive): add 2026-06-20 status block — MVP code-complete, first-proof path 
Persist the reconstructed plan: all four MVP steps code-complete on colibri main;
first proof is not code-blocked (interim manual runbook path); open work
categorized (hardening #100/#92, CLI-driveability #101/#102, naming #98/iso#70).
PR #90 (tenants table) closed as superseded — already on main.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-20 09:00:09 +02:00
Sam & Claude
7c3016cf06 docs(hive): record first-proof policy — scratch jail + test collection until hardening 
First proven end-to-end uses a scratch jail + throwaway test collection only; no
real tenant data until path hardening (#92) lands. First-proof blockers are #88
(resolve collection by name) and #89 (per-call unlock); #92 is hardening.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-20 06:39:31 +02:00
Sam & Claude
21a630cd93 docs(hive): add HIVE-ONBOARDING design — colibri-vault as the join-the-hive primitive 
Captures the strategy: promote the proven clawdie-vault-fetch flow into a
colibri-vault crate that provisions a jail's secrets, making 'spawn jail ->
vault-provision -> register' the single onboarding step.

- tenant = jail = bucket (1:1:1); Org Collections for multi-tenant isolation
- 'one key' ideal (customer provider key + operator org service-account)
- mother skill (genesis + policy-gated self-replication); colibri-vault is a limb
- moat = capability routing (one-key agent borrows the whole multi-OS swarm)
- security invariant: bootstraps on host, jails hold only resolved secrets
- lean MVP + explicit overengineering traps to avoid

Cross-linked from CAPABILITY-ROUTING. Building blocks LIVE, platform PLANNED.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-19 21:03:50 +02:00