johan
/
clawd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
clawd/memory/2026-03-02.md

175 lines
9.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 2026-03-02 Daily Notes
## vault1984 — Late night session (00:3001:30 ET)
### Architecture decision: Two separate Go binaries
- **vault1984** (`/home/johan/dev/vault1984`) — pure vault server binary. Runs in each AWS region. No billing, no marketing, no website.
- **vault1984-web** (`/home/johan/dev/vault1984-web`) — marketing website. Go binary serving static HTML from embed.FS. Runs on vault1984.com.
- Johan was clear: "the website will run its own Go, as we need login, billing etc etc"
- Previous session had created a mess by embedding both into the same binary.
### vault1984-web: Python server killed, replaced with Go
- Was running `python3 -m http.server 8099` (previous session left it). Johan: "python!? Are you kidding me?"
- Replaced with Go binary (`main.go` + `//go:embed *.html *.svg *.css`)
- Systemd service: `~/.config/systemd/user/vault1984-web.service`, port 8099
- Caddy proxies vault1984.com → 8099
- Committed to `git@zurich.inou.com:vault1984-web.git`
### hosted.html — Global infrastructure map
- Lives in `vault1984-web/`, served at vault1984.com/hosted.html
- Shows all 31 real AWS commercial regions on animated world map SVG
- Zürich highlighted in gold as HQ node
- **Bug fixed: Beijing removed** — `cn-north-1` is China partition (separate AWS account, Sinnet-operated). NOT a commercial region.
- **Added:** `mx-central-1` (Mexico City, 2023) and `ap-southeast-5` (Malaysia/KL, 2024) — both real commercial regions
- The detailed world map SVG lives in the original `vault1984-web/hosted.html` — do NOT replace with simplified blob paths
### vault1984 binary — partial mess still present
- Previous session added `cmd/vault1984/website/` (copy of marketing HTML) and updated routes.go to serve both
- This needs to be reverted — `vault1984` should be pure vault server, no marketing HTML
- TODO: revert routes.go and main.go changes, delete cmd/vault1984/website/
### AWS region knowledge
- 31 commercial regions as of early 2026 (not 30)
- China regions (`cn-north-1` Beijing, `cn-northwest-1` Ningxia) are a SEPARATE partition — not deployable with normal AWS account
- GovCloud regions also excluded from vault1984 deployment
- Newest regions: `mx-central-1` (Mexico, 2023), `ap-southeast-5` (Malaysia, 2024)
- GCP ARM doesn't go below t2a-standard-1 (1 vCPU, 4GB RAM) — AWS Graviton unique in offering ARM at nano size (0.5GB)
## vault1984-web map work (01:3002:20 ET)
### Two hosted.html files — don't confuse them
- **vault1984-web/hosted.html** — what vault1984.com actually serves (via port 8099). Old "Hostkey" era text. Has worldmap.svg. THIS is the file we edit.
- **vault1984/website/hosted.html** and **vault1984/cmd/vault1984/website/hosted.html** — dead copies with "Everywhere you are" / "30 AWS regions" text. NOT served. Ignore them.
- Earlier screenshots showed the cached "30 AWS regions" version from the headless browser — that was stale cache, not live content.
### worldmap.svg architecture
- Geography SVG paths (133KB) extracted to `/home/johan/dev/vault1984-web/worldmap.svg`
- Loaded via `<image href="/worldmap.svg" x="0" y="0" width="1000" height="460"/>` inside the SVG element
- Dots (circles) remain inline in hosted.html
- `fetch+DOMParser+importNode` approach failed in real Chrome — `<image href>` works everywhere
### Final region selection (21 regions, Johan-approved)
Removed from initial 31: Ohio, Oregon, Calgary, Ireland, Milan, Bahrain, Hyderabad, Melbourne, Osaka, Tokyo
**Kept:**
- Americas: Virginia, N.California, Montreal, Mexico City, São Paulo
- Europe: London, Paris, Frankfurt, Zürich (HQ/gold), Spain, Stockholm
- Middle East/Africa: UAE, Tel Aviv, Cape Town
- Asia Pacific: Mumbai, Singapore, Jakarta, Malaysia, Sydney, Seoul, Hong Kong
### Miller projection function (for future dot placement)
```js
const W=1000, H=460;
function project(lon, lat) {
const latR = Math.min(Math.abs(lat),85)*Math.PI/180*(lat<0?-1:1);
const miller = 1.25*Math.log(Math.tan(Math.PI/4+0.4*latR));
const maxMiller = 1.25*Math.log(Math.tan(Math.PI/4+0.4*80*Math.PI/180));
return [(lon+180)/360*W, H/2-(miller/(2*maxMiller))*H];
}
```
Zürich verification: project(8.5, 47.4) → (523.6, 117.6) ✓
### Dot format (SVG circles with staggered animation)
Each region = 3 circle elements: 2 pulse rings (fill=none) + 1 solid dot
HQ (Zürich) = 4 elements: 3 circles + inner black dot
Colors: green `#22C55E` for regions, gold `#D4AF37` for HQ
## Hostkey VPS — "Hans" (03:56 ET)
- **Provider:** Hostkey
- **Location:** Switzerland (Zürich region)
- **Purpose:** vault1984 Istanbul node (Turkey VPS via Hostkey, who confirmed they have Istanbul)
- **Name:** Hans
- **IP:** 185.218.204.47
- **Hostname:** vault1984 NOC (Hostkey label)
- **Root password:** ThIsNeEdStOcHaNgE0--
- **Specs:** vm.mini — 4 vCPU / 6GB RAM / 120GB SSD, €3.90/mo
- **OS:** Ubuntu 24.04
- **Note:** Johan is ordering this live right now. Change the password first thing after provisioning.
## vault1984 Styleguide (04:14 ET)
- **vault1984.css** is the single global stylesheet for ALL vault1984 web surfaces (marketing + app)
- Live at: https://vault1984.com/styleguide.html
- Source: `/home/johan/dev/vault1984-web/vault1984.css`
- Rules: one stylesheet, one width (--width:1280px via .container), one padding (--pad:2rem), CSS variables for everything, one rule per class
- Applicable to vault1984 app UI too — copy/symlink vault1984.css into vault1984/web/
## vault1984 — Beyond Passwords (04:44 ET)
**Key insight:** vault1984 is not a password manager with notes. It's a structured knowledge store for human+AI collaboration.
- Sealed fields = human-only (physical presence required): passwords, private notes, secrets
- Agent fields = AI-accessible (scoped tokens): anything James/Claude needs to read or act on
**Concrete uses:**
- James's working memory (project plans, rollout strategies, context)
- Shared reference data (infra details, credentials James needs)
- Any structured note an AI agent should be able to retrieve
- Not limited to passwords — limited only by what you want sealed vs agent-accessible
**Positioning implication:**
Proton Pass = secure notes for humans. vault1984 = knowledge store for human+AI teams.
This is a real differentiator — needs to surface in marketing copy.
## vault1984 — Storage & Pricing Implications (04:45 ET)
- Expanding to arbitrary attachments (passport scans, MRIs, tax docs) makes storage a real cost
- Current: $12/yr flat — works for passwords, breaks for files
- Needs: base storage allowance (e.g. 100MB) + tiered overage, OR storage-based tiers
- DICOM files alone can be 50MB+ — one power user could cost more than their subscription
- Decision pending: pricing model redesign before launching file attachments
## vault1984 — Text-only, Markdown default (04:47 ET)
- No attachment/image support — ever. Text only.
- Default format: Markdown
- Passport number etc = just type it in. No OCR, no uploads.
## vault1984 — The Memory/Encryption Tradeoff (04:48 ET)
- Sealed = private = AI-blind. Good for passwords. Useless as AI memory.
- Agent = AI-readable = scoped token access. Required for AI memory use case.
- This is a conscious design tradeoff, not a flaw — user chooses per-field.
- "James's memory in vault1984" = agent fields by definition.
## vault1984 — Search Problem (04:48 ET)
- Encrypted fields = ciphertext in SQLite = LIKE queries useless
- Agent fields: server holds key → can decrypt-then-search server-side (acceptable, server already has access)
- Sealed fields: server never has key → search impossible without client-side decrypt-all (doesn't scale)
- Options: (1) server-side decrypt+search for agent fields, (2) vector embeddings, (3) unencrypted tags + encrypted body
- Decision pending before building search
## vault1984 — Search Architecture Decision (04:51 ET)
- Decrypt-all-to-search = rejected (memory footprint, plaintext exposure)
- **Decision: vector embeddings at write time**
- On save: generate embedding of plaintext → store unencrypted alongside ciphertext
- On search: query embeddings (no decryption) → get record IDs → decrypt only matches
- Cost: one embedding per write (cheap). Search: fast, minimal memory, no bulk decrypt
- Sealed fields = unsearchable by design. User knows where they put it.
- Agent fields = searchable via embeddings
## Hans — OpenClaw + Discord Comms Channel (05:03 ET)
**Task queued for sleeping block**
### Goal
Set up a James↔Hans communication channel so I can send deploy commands and Hans reports back.
### Stack
- **Discord server**: private, owned by us — create it
- **Hans**: OpenClaw instance, bot connected to Discord
- **Model**: MiniMax M2.5 via Fireworks (`accounts/fireworks/models/minimax-m2p5`)
- **Fireworks key**: `fw_RVcDe4c6mN4utKLsgA7hTm`
- **No Anthropic tokens on Hans** — Fireworks only
### Hans's job description
- Receive deploy commands from James via Discord
- Execute them (pull new version, restart service)
- Report back status
- Simple, focused — not a general assistant
### Steps
1. Create private Discord server
2. Create Discord bot for Hans
3. Install OpenClaw on Hans (185.218.204.47)
4. Configure with Fireworks M2.5, Discord bot token
5. Test: James sends message → Hans executes → Hans replies
## @vault1984 on X — Available (05:19 ET)
- Handle @vault1984 does NOT exist — available for registration
- Only references: 2017 WikiLeaks/CIA hashtag use, 2016 @music_vault1984 (also gone)
- Action needed: Johan registers @vault1984 at x.com when ready
Reference in New Issue View Git Blame Copy Permalink