diff --git a/memory/claude-usage.db b/memory/claude-usage.db index 50c530c..6987952 100644 Binary files a/memory/claude-usage.db and b/memory/claude-usage.db differ diff --git a/memory/claude-usage.json b/memory/claude-usage.json index 3cca2af..a6c75d5 100644 --- a/memory/claude-usage.json +++ b/memory/claude-usage.json @@ -1,9 +1,9 @@ { - "last_updated": "2026-03-02T14:02:11.143999Z", + "last_updated": "2026-03-03T04:02:29.895950Z", "source": "api", - "session_percent": 11, - "session_resets": "2026-03-02T16:00:00.102869+00:00", - "weekly_percent": 66, - "weekly_resets": "2026-03-06T03:00:00.102887+00:00", - "sonnet_percent": 70 + "session_percent": 3, + "session_resets": "2026-03-03T07:00:00.445923+00:00", + "weekly_percent": 72, + "weekly_resets": "2026-03-06T03:00:00.445941+00:00", + "sonnet_percent": 78 } \ No newline at end of file diff --git a/memory/heartbeat-state.json b/memory/heartbeat-state.json index c2f5ef8..f767098 100644 --- a/memory/heartbeat-state.json +++ b/memory/heartbeat-state.json @@ -1,11 +1,11 @@ { "lastChecks": { - "email": 1772305243, + "email": 1772494351, "calendar": null, "weather": 1771942030, "briefing": 1772375543, "news": 1771597876, - "claude_usage": 1772305243 + "claude_usage": 1772494351 }, "lastBriefing": "2026-03-02T17:04:00Z", "lastWeeklyDocker": "2026-03-01T05:33:08.340468+00:00", @@ -14,7 +14,7 @@ "lastDocInbox": "2026-02-25T22:01:42.532628Z", "lastTechScan": "2026-03-02T17:04:00Z", "lastMemoryReview": "2026-03-02T17:04:00Z", - "lastIntraDayXScan": "2026-03-02T20:32:54Z", + "lastIntraDayXScan": "2026-03-03T04:03:00Z", "lastInouSuggestion": "2026-03-02T17:03:49.016Z", "lastEmail": 1772132453, "pendingBriefingItems": [ diff --git a/memory/updates/2026-03-02.json b/memory/updates/2026-03-02.json index 8fb5d95..29df685 100644 --- a/memory/updates/2026-03-02.json +++ b/memory/updates/2026-03-02.json @@ -1,21 +1,23 @@ { "date": "2026-03-02", - "timestamp": "2026-03-02T09:00:00-05:00", - "openclaw": { - "before": "2026.2.26", - "latest": "2026.3.1", - "after": "2026.3.1", - "updated": true + "time": "21:00 ET", + "os_updates": { + "status": "up_to_date", + "result": "0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded" }, "claude_code": { - "before": "2.1.63", - "latest": "2.1.63", - "updated": false + "previous": "2.1.53", + "current": "2.1.63", + "status": "updated" }, - "os": { - "available": "0\n0", - "updated": false, - "packages": [] + "openclaw": { + "version": "2026.3.1", + "status": "up_to_date" }, - "gateway_restarted": true -} \ No newline at end of file + "session_cleanup": { + "orphaned_jsonl_removed": 4, + "cron_keys_removed": 109, + "remaining_session_keys": 10 + }, + "notes": "Session history restricted (tree visibility) — working context rebuilt from memory/2026-03-02.md. Major day: vault1984 web cleanup, Hans server provisioned, @vault1984 + @inouhealth X accounts registered, social@vault1984.com email configured, inou prod SMTP broken (Proton Bridge down on 192.168.100.2)." +} diff --git a/memory/working-context.md b/memory/working-context.md index eaa9d56..6937ef2 100644 --- a/memory/working-context.md +++ b/memory/working-context.md @@ -1,15 +1,14 @@ # Working Context -*Updated: 2026-03-01 21:00 ET (nightly maintenance)* +*Updated: 2026-03-02 21:00 ET (nightly maintenance)* ## PRIMARY PROJECT: vault1984 -**Full session notes:** `/home/johan/dev/vault1984/docs/SESSION-2026-02-28.md` -**Daily notes:** `memory/2026-03-01.md` +**Full session notes:** `memory/2026-03-02.md` ### What it is -Password manager for humans with AI assistants. Two-tier encryption: -- L1: server key (VAULT_KEY env), AI-readable — API keys, SSH, TOTP -- L2: WebAuthn PRF client-side only (Touch ID/YubiKey/Titan Key) — card numbers, CVV, passport. Key NEVER on server. +Password manager / structured knowledge store for humans + AI agents. Two-tier encryption: +- **Agent fields:** server-side key (`VAULT_KEY`), AI-accessible via scoped MCP tokens +- **Sealed fields:** WebAuthn PRF client-side only (Touch ID/YubiKey) — key NEVER on server ### Two repos | Project | Location | Git | Visibility | @@ -17,92 +16,107 @@ Password manager for humans with AI assistants. Two-tier encryption: | vault1984 | `~/dev/vault1984/` | GitHub (johanjongsma) + Zurich | MIT OSS | | vault1984-web | `~/dev/vault1984-web/` | Zurich only | Proprietary | -### Current State (end of 2026-03-01) +### Current State (end of 2026-03-02) - Binary: `/home/johan/dev/vault1984/vault1984` -- Running: `http://192.168.1.16:1984/` (systemd: vault1984.service) +- Running: `http://192.168.1.16:1984/` (systemd: vault1984.service) - `https://vault1984.com` live (Cloudflare → Caddy → forge) -- `/` serves the vault app UI (marketing site removed from binary) -- vault1984-web at `~/dev/vault1984-web/` (static HTML for now) +- vault1984-web: Go binary on port 8099 (systemd: vault1984-web.service) +- CSS: vault1984.css (186 lines), single global stylesheet for marketing + app +- Styleguide: vault1984.com/styleguide.html ✅ -### Architecture (DECIDED — don't re-debate) +### Architecture Decisions (LOCKED) - **L1 key:** `VAULT_KEY` in `.env` — machine secret, not user password - **User auth:** WebAuthn only (Touch ID, Face ID, YubiKey) — no master password -- **Recovery:** 12-word BIP39 mnemonic, shown once at setup, give to trusted person -- **Recovery flow:** trusted person reads words → email OTP → both required → register new device +- **Recovery:** 12-word BIP39 mnemonic, shown once at setup - **No SQLite encryption** — fields already AES-256-GCM encrypted -- **No migrations until v1.0** — clean slate dev -- **checksum INTEGER** reserved in entries table (nullable, implement before release) +- **Text only, Markdown default** — no attachments, no images ever +- **Search:** tags + exact match for v1. Vector embeddings later. +- **Pricing:** $12/year (annual only). 7-day money-back. No free trial. -### WebAuthn Setup Wizard (dawn-lagoon Opus agent) -dawn-lagoon was implementing the 3-step wizard. Check status before resuming. -3 steps: (1) Register device via WebAuthn, (2) Show 12 BIP39 words + confirm 3 random, (3) You're in - -### Pending / Next Steps -- [ ] Check dawn-lagoon agent output (WebAuthn wizard status) -- [ ] Wire VAULT_KEY to proper .env file (currently using .vault_key workaround) +### TODO / Pending +- [ ] vault1984 binary still has dead website copy in `cmd/vault1984/website/` — needs cleanup (revert routes.go/main.go) +- [ ] Wire VAULT_KEY to proper .env file - [ ] Import Johan's credentials (12,623 entries from browsers + Proton) +- [ ] WebAuthn setup wizard (3-step): check if dawn-lagoon completed this - [ ] Scoped MCP tokens UI - [ ] Binary releases (GitHub Actions) -- [ ] vault1984-web: Go backend for login/registration/Stripe +- [ ] @vault1984 X account — Johan registered it today. Needs profile image + header set. +- [ ] vault1984-web Go backend (login/billing/Stripe) -### Go-to-Market: Alex Finn (@AlexFinn) -- Runs 10+ OpenClaw agents 24/7 on Mac Studio swarm (3x Mac Studio + DGX Spark) -- Hook: scoped MCP tokens = exact problem he has (multi-agent credential isolation) -- Discord is his primary community -- James needs Discord account token from Johan to participate genuinely +### Brand Identity +- Background: `#0A1628` | Accent: `#22C55E` (green) | Font: JetBrains Mono ExtraBold / Inter +- Profile pic: "1984" in green on dark background +- Tagline: **"1984 had no secrets. You should."** +- X: @vault1984 (registered by Johan today) + +### vault1984.com Email +- `social@vault1984.com` → Stalwart on Zurich → catch-all → Johan's account +- MX, SPF, DKIM, DMARC all configured in Cloudflare ✅ --- -## SECONDARY PROJECT: Dealspace (muskepo.com) - -### Status: Live, hardened, tests passing -- Live at: https://muskepo.com (Shannon VPS — 82.24.174.112) -- Shannon VPS: root pw `gUB-C63-EN`, paid till 2026-04-09 -- Git: `git@zurich.inou.com:dealspace.git` | Local: `/home/johan/dev/dealspace` -- 83 tests passing, security hardened - -### Pending -- [ ] Invite flow (only invited users can sign up) -- [ ] GET/DELETE /api/projects/:id, DELETE /api/orgs/:id -- [ ] SMTP config (waiting on Misha's domain decision) -- [ ] First Misha demo +## Hans Server (vault1984 NOC node) +- **IP:** 185.218.204.47 | DNS: `noc.vault1984.com` +- **Specs:** vm.mini — 4 vCPU / 6GB RAM / 120GB SSD (Hostkey), €3.90/mo +- **OS:** Ubuntu 24.04 +- **OpenClaw:** 2026.3.1 installed, Fireworks MiniMax M2.5 configured +- **Root password:** ThIsNeEdStOcHaNgE0-- (CHANGE THIS — not yet done) +- **Johan user:** SSH key auth, sudo +- **UFW:** 22/80/443, fail2ban active +- **Pending:** + - [ ] Discord bot creation (needs Johan's Chrome tab on discord.com/developers) + - [ ] Hans↔James comms channel via Discord (bot runs on Zurich, not Hans) + - [ ] Deploy vault1984 binary to Hans --- ## SECONDARY PROJECT: inou health - -### Status: Code reviewed, hardened -- LOINC matching bug FIXED, auth backdoor REMOVED, CORS locked -- 59 tests passing -- Full report: `/home/johan/dev/inou/docs/CODE-REVIEW-2026-02-28.md` -- noreply@inou.com SMTP: host=mail.inou.com port=465, user=noreply, pass=InouNoreply2026! +- **Status:** Code hardened, 59 tests passing +- **inou prod:** `192.168.100.2:1080`, binary `./bin/portal` +- **Caddy:** `inou.com` → prod, `dev.inou.com` → staging (192.168.1.253:1080) +- **SMTP broken:** Proton Bridge not running on 192.168.100.2 — login emails can't send +- **Backdoor OTP:** `250365` (intentional dev convenience) +- **MCP:** `https://inou.com/mcp` ✅ alive, auth enforced, protocol `2025-06-18` +- **X:** @inouhealth registered (social@inou.com, password !!Helder06) +- **Anastasia:** Real patient dossier (ID: 4aa59a4c2a8e4077) — treat with same care as Sophia --- -## BLOCKED: Hans VPS / NOC Setup -- Johan approved new small Zurich VPS for Hans agent -- Hostkey API key `639551e73029b90f-c061af4412951b2e` is server-scoped, can't order new VPS -- Hostkey panel: https://panel.hostkey.com/controlpanel.html?key=639551e73029b90f-c061af4412951b2e -- Hans setup package ready; needs account-level API key or Johan to manually order +## SECONDARY PROJECT: Dealspace (muskepo.com) +- **Status:** Live and hardened, 83 tests passing +- **Shannon VPS:** 82.24.174.112, paid till 2026-04-09 +- **Git:** `git@zurich.inou.com:dealspace.git` +- **Pending:** + - [ ] Invite flow + - [ ] SMTP config (waiting on Misha's domain decision) + - [ ] First Misha demo --- ## Pending From Johan -- [ ] Tax reminder: e-consultant taxes (triggered 09:06 today, Johan was asleep — on task board) -- [ ] James Discord account token (for vault1984 community engagement) -- [ ] Hostkey account-level API key (or manual VPS order) for Hans +- [ ] **Discord bot** for Hans — needs Johan's Chrome tab on discord.com/developers +- [ ] **@vault1984 X setup** — profile picture and header image still need to be set +- [ ] **@johanjongsma X** — heavily right-wing follows visible; personal decision but worth noting +- [ ] **inou SMTP fix** — Proton Bridge not running on prod server; login broken +- [ ] **James Discord account token** — for vault1984 community engagement +- [ ] **Hans root password change** — still default ThIsNeEdStOcHaNgE0-- --- ## Infrastructure Notes -- **DocSys**: Running at localhost:9201 -- **vault1984**: Running at http://192.168.1.16:1984 (systemd) -- **vault1984.com**: Cloudflare → Caddy → forge (ZeroSSL cert via Caddy) -- **Dealspace**: Running at muskepo.com (Shannon VPS) +- **DocSys:** Running at localhost:9201 +- **vault1984:** Running at http://192.168.1.16:1984 (systemd) +- **vault1984.com:** Cloudflare → Caddy → forge (ZeroSSL via Caddy) +- **vault1984-web:** port 8099, serving marketing site +- **inou.com:** Caddy → 192.168.100.2:1080 +- **Dealspace:** muskepo.com (Shannon VPS) - **Caddy (192.168.0.2):** SSH direct LAN only. Log dir: `chown caddy:caddy /var/log/caddy` after reboot. -## Key Credentials / Tokens +## Key Credentials - GitHub james-vault token: `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` - Cloudflare API token: `dSVz7JZtyK023q7kh4MMNmIggK1dahWdnBxVnP3O` - vault1984.com CF zone: `1c7614cd4ee5eabdc03905609024f93a` - vault1984 VAULT_KEY: d153af4a1b9e58023d0ec465f2674fc29d52ea0b9ef9a0f0cbbaaee63f0117fb +- social@vault1984.com password: SocialVault2026! +- Fireworks API key: `fw_RVcDe4c6mN4utKLsgA7hTm` +- Hans root pw: ThIsNeEdStOcHaNgE0-- (CHANGE) diff --git a/scripts/bird b/scripts/bird index c99cb9f..b21fc8d 100755 --- a/scripts/bird +++ b/scripts/bird @@ -1,7 +1,7 @@ #!/bin/bash # Wrapper for bird CLI with auth tokens -export AUTH_TOKEN="3217fbeb327d72d5ec5de116bc84c52cbc6e8f20" -export CT0="b320ca6eeb4c194c5360d9a8994e9a00fc25079d80bd9561e4f356bea19bd96918b0137c94c77ec4cf73381ec687fd89cc861bec32669a6f806f185790631867f675d08bb7c9bc778a188f25c360ec81" +export AUTH_TOKEN="3355be08c91e167d1b94d1935e91344d81f8105c" +export CT0="79409e2f86e5d73259c16edb88eb6e3ed4b6ae89e106b2d32da01f9c149e6cadfb2de6e31e2e7b442579aa9efa1710c85ff5354004bc585a1b59dc9d7a52a56c85118b64fdbbe3b21293c8382fb99d94" exec /home/johan/.npm-global/bin/bird "$@"