clawd/memory/MEMORY.md

# MEMORY.md — Long-term working context

This file supplements daily notes. Curated, actionable memories that persist across sessions.

## Core People & Projects

**vault1984** — inou's secure knowledge store with AI-native auth. Dual Go binaries: pure vault server (OSS) + vault1984-web (marketing/billing, proprietary). 21 AWS regions, Zürich HQ. WebAuthn only, BIP39 recovery. Text-only, Markdown default. Pricing: $12/yr (annual only). @vault1984 on X registered. @inouhealth registered for inou health.

**inou LLC** — Florida-registered entity owning vault1984 and inou brands. social@vault1984.com and social@inou.com both created on Stalwart (Zurich), alias to johan@jongsma.me. inou prod backdoor `250365` is intentional (dev/ops convenience).

**DealSpace / muskepo.com** — Misha's M&A deal workflow platform. Go + templ + HTMX + SQLite. Auth: Email OTP + backdoor `220402`. **Prod:** Amsterdam `82.24.174.112:9300` (Hans owns VPS ops — deploy/monitor/DB, 7 rolling snapshots). **Build pipeline:** Mira builds on forge, SCPs to Amsterdam staging. Webhook HMAC secret (Hans→Mira) still undelivered.

**inou health** — Medical imaging/advocacy platform. Prod: `192.168.100.2:1080` → inou.com. MCP at `https://inou.com/mcp` ✅. SMTP broken on prod (Proton Bridge not running). Real patients: Sophia (Johan's daughter) and Anastasia (German family, Ulm hospital, born 2020, hydrocephalus).

**agentchat** — Peer-to-peer coordination chat for the agent network. Go server, port 7777 on forge. James is maintainer. Repo: `git@zurich.inou.com:agentchat.git` → `/home/johan/dev/agentchat/`. v1.3: group + DM rooms, unread dots. All messages route to each agent's `main` session. Shared context repo: `git@zurich.inou.com:agentchat-context.git`. Every deploy → ntfy release note to `inou-alerts`.

**OpenClaw** — James's runtime, latest **2026.3.7** (GPT-5.4, Gemini Flash 3.1, ACP binding persistence, pluggable context engines).

## Agent Network

| Agent | Host | Model | Channel | Role |
|-------|------|-------|---------|------|
| James ⚡ | forge (192.168.1.16) | Anthropic Sonnet 4.6 | Discord + Telegram | CoS to Johan. agentchat maintainer. |
| Mira ✨ | forge (192.168.1.16) | (default) | Telegram @Mira_muskepo_bot | Misha's assistant. DealSpace builder. Workspace: `/home/johan/mira/` |
| Hans 🔧 | Zurich 185.218.204.47 + Amsterdam 82.24.174.112 | Fireworks MiniMax M2.5 | Discord | VPS ops for DealSpace. Was on MiniMax M2.5 before James switched. |

**Cross-agent comms:** agentchat (port 7777) is the primary channel. Discord is secondary (bots can't directly DM each other — Discord API filters bot-to-bot; workaround: allow each other's bot IDs in guild allowlist).

**Bot IDs:** James = `1478257984546144327`, Hans = `1478321168065761352`, Johan = `666836243262210068`. Guild = `1478270766007976009`.

## Infrastructure

- **forge (192.168.1.16):** James + Mira home. Intel i7-6700K, 64GB RAM, GTX 970 4GB
- **zurich (82.22.36.202):** Hans + git server + Stalwart mail + Uptime Kuma + ntfy
- **amsterdam (82.24.174.112):** DealSpace prod. Hans owns ops.
- **caddy proxy (192.168.0.2):** Reverse proxy for home network
- **inou prod (192.168.100.2:1080):** inou health platform

## OpenClaw Config Rules (learned the hard way)

- **Fireworks is NOT a native OC provider** — must define under `models.providers.fireworks` with `baseUrl`, `apiKey`, `api: openai-completions`
- **`gateway.mode: local`** must be set or gateway refuses to start
- **dmPolicy "open"** requires `allowFrom: ["*"]` — OC validates this, won't start without it
- **Never kill openclaw-gateway on forge directly** — it runs as `johan` user. Use `openclaw gateway restart` only. (`pkill` killed it in a Mar 3 incident; Opus had to repair.)

## Recent Decisions & Context

- **vault1984 search:** Vector embeddings at write time. Sealed fields unsearchable by design.
- **vault1984 scope:** Knowledge store for human+AI teams, not just passwords. Agent fields = AI memory.
- **vault1984-web CSS:** Single vault1984.css for marketing + app UI. Live styleguide at vault1984.com/styleguide.html. Tailwind fully removed. Nav/footer still copy-pasted (not templated yet).
- **vault1984 AWS regions:** 21 selected (not 30+). China (cn-north-*) is separate AWS partition — NOT deployable with normal account. GovCloud excluded.
- **DealSpace deploy model:** Hans owns Amsterdam VPS, Mira owns build pipeline — clean separation of concerns.
- **Mira MEMORY.md:** Still missing DealSpace/Misha context — needs to be created.
- **inou SMTP:** Proton Bridge not running on prod at 192.168.100.2 — open issue.
- **Spacebot/Andrew (192.168.1.17):** Runs Claude Sonnet 4.6 via Anthropic OAuth. Known issue: worker dispatch silent failure on multi-step tasks.

## Key Open Items

- [ ] **vault1984 credential import** — 12,623 entries from Proton Pass
- [ ] **vault1984 WebAuthn wizard** — 3-step setup
- [ ] **@vault1984 X** — profile image + header + first post
- [ ] **vault1984 deploy pipeline** — Hans needs to own vault1984 deploys (same model as DealSpace)
- [ ] **DealSpace webhook secret** — Hans → Johan → Mira handoff pending
- [ ] **DealSpace invite flow + SMTP** — not built
- [ ] **inou SMTP fix** — Proton Bridge not running on prod
- [ ] **Mira MEMORY.md** — DealSpace/Misha context
- [ ] **vault1984-web templating** — nav/footer still copy-pasted across 7 pages

## Stalwart Mail

- Spam filter hardened: DMARC+DKIM pass → INBOX (score -150, Sieve rule). Bayes disabled (was auto-poisoning from junk moves).
- vault1984.com domain added: social@vault1984.com live, catch-all → Johan. DKIM: Ed25519 selector `stalwart`.
- noreply@inou.com: Stalwart on Zurich, pass InouNoreply2026!

## Anthropic Claude Usage

Week resets Thursday ~10 PM ET. Monitor at start of each week to avoid pace overage.