manual_gate_workbench/manual_gate_workbench.md

8201 bytes
Bundle Index Verify JSON 
# SpaceCash Manual Gate Workbench

Generated: `2026-06-11T21:14:49Z`

> Read-only workbench. Do not mark manual gates complete without signed external evidence and explicit approval.

## Launch Decision

- Automated blockers cleared: `True`
- Manual gates ready: `False`
- Mainnet ready: `False`
- Launch authorization: `blocked`

## Current Readiness

- DB: `C:\Users\andre\scripts\the_workshop\projects\NORTHSTAR_PRIME\spacecash_devnet.sqlite3`
- Automated release candidate: `True`
- Automated blockers: `none`
- Manual blockers: `public_testnet_complete, external_security_review_complete, legal_compliance_review_complete, wallet_recovery_custody_policy_complete, production_deployment_runbook_complete`

## Gate Summary

| Gate | Ready | Blockers | Evidence Template |
| --- | --- | ---: | --- |
| Public Testnet | `False` | 16 | `_tmp/spacecash_public_testnet_evidence_template.json` |
| External Security Review | `False` | 21 | `_tmp/spacecash_security_review_evidence_template.json` |
| Legal And Compliance Review | `False` | 41 | `_tmp/spacecash_legal_compliance_evidence_template.json` |
| Wallet Recovery And Custody | `False` | 30 | `_tmp/spacecash_wallet_custody_evidence_template.json` |
| Production Deployment | `False` | 53 | `_tmp/spacecash_production_deployment_evidence_template.json` |

## Detailed Gate Work

### Public Testnet

- Gate ID: `public_testnet_complete`
- Evidence check: `public_testnet_ready`
- Template status: `not_run`
- Manual gate status: `not_complete`
- Blockers: `16`
- Required template sections: `minimums, protocol_hashes, final_report, nodes:3, scenarios:9, artifacts:6`

Top blockers:

- `checkpoint_quorum_not_passed`
- `duration_below_minimum`
- `final_report_not_approved`
- `guarded_import_not_passed`
- `incident_response_not_passed`
- `manual_gate_not_complete`
- `node_health_and_readiness_not_passed`
- `node_restart_recovery_not_passed`
- `nodes[0].not_independently_operated`
- `nodes[1].not_independently_operated`

Human action checklist:

- [ ] Recruit at least three independently operated public nodes with named operators and contacts.
- [ ] Publish the node setup package, operator checklist, incident log, and bootstrap peer plan.
- [ ] Run the public testnet for at least seven days.
- [ ] Collect node health, readiness, audit, chain manifest, checkpoint, and peer reports from every node.
- [ ] Pass every required scenario: signed transfer, product payment, checkpoint quorum, peer gossip, sync preview, guarded import, restart recovery, and incident response.
- [ ] Close or document all incidents and obtain a final reviewed testnet report.

### External Security Review

- Gate ID: `external_security_review_complete`
- Evidence check: `external_security_review_ready`
- Template status: `not_started`
- Manual gate status: `not_complete`
- Blockers: `21`
- Required template sections: `protocol_hashes, auditor, scope, closure, artifacts:3`

Top blockers:

- `auditor_missing`
- `checkpoint_quorum_not_closed`
- `closure_auditor_statement_missing`
- `closure_closed_at_missing`
- `closure_not_approved`
- `closure_not_closed`
- `consensus_spec_integrity_not_closed`
- `daemon_exposure_not_closed`
- `genesis_allocation_boundary_not_closed`
- `genesis_allocation_schema_not_closed`

Human action checklist:

- [ ] Select an independent reviewer or audit firm and archive the signed scope.
- [ ] Provide the source hash, security review packet hash, consensus spec, threat model, and mainnet gate docs.
- [ ] Cover signature payload binding, nonce replay, ledger supply, snapshot import, consensus integrity, monetary policy, genesis allocation, wallet custody, checkpoint quorum, and daemon exposure.
- [ ] Track every finding with severity, status, remediation notes, and evidence.
- [ ] Close all critical and high findings or document accepted risk with reviewer approval.
- [ ] Obtain a closure statement explicitly approving release readiness.

### Legal And Compliance Review

- Gate ID: `legal_compliance_review_complete`
- Evidence check: `legal_compliance_ready`
- Template status: `not_started`
- Manual gate status: `not_complete`
- Blockers: `41`
- Required template sections: `protocol_hashes, reviewer, scope, documents, distribution, final_decision, review_areas:11, artifacts:5`

Top blockers:

- `allocation_verifier_output_path_missing`
- `allocation_verifier_output_sha256_missing`
- `approved_use_case_missing`
- `consumer_protection_refunds_not_approved`
- `customer_support_not_approved`
- `engagement_letter_missing`
- `final_decision_decided_at_missing`
- `final_decision_not_approved`
- `final_decision_reviewer_statement_missing`
- `genesis_allocation_basis_not_approved`

Human action checklist:

- [ ] Engage legal or compliance review with a clear role, contact, and engagement record.
- [ ] Define intended use cases, prohibited use cases, allowed jurisdictions, and blocked jurisdictions.
- [ ] Review token/payment classification, treasury policy, genesis allocation basis, refunds, taxes, restricted products, support, privacy, marketing disclosures, jurisdiction availability, and terms.
- [ ] Approve terms, privacy policy, refund policy, restricted product policy, tax position, treasury controls, and fee policy.
- [ ] Confirm no investment, legal tender, exchange listing, or cash-out claims unless counsel explicitly approves them.
- [ ] Record the final decision and whether real-money use is authorized.

### Wallet Recovery And Custody

- Gate ID: `wallet_recovery_custody_policy_complete`
- Evidence check: `wallet_custody_ready`
- Template status: `not_started`
- Manual gate status: `not_complete`
- Blockers: `30`
- Required template sections: `reviewer, controls, final_approval, decisions:10, artifacts:3`

Top blockers:

- `address_versioning_not_approved`
- `address_versioning_path_missing`
- `backup_passphrase_warning_approved_not_confirmed`
- `backup_rotation_not_approved`
- `backup_rotation_path_missing`
- `backup_verification_flow_path_missing`
- `compromised_key_procedure_not_approved`
- `compromised_key_procedure_path_missing`
- `development_key_exclusion_not_approved`
- `development_keys_excluded_not_confirmed`

Human action checklist:

- [ ] Approve the recovery phrase or deterministic recovery standard.
- [ ] Approve address versioning, encrypted backup rotation, lost-key procedure, and compromised-key procedure.
- [ ] Document the hardware wallet or custody position and confirm whether custodial operations are allowed.
- [ ] Approve the user backup verification flow and private-key handling policy.
- [ ] Confirm development keys are excluded from production.
- [ ] Approve lost-key and backup-passphrase warnings for support and user-facing flows.

### Production Deployment

- Gate ID: `production_deployment_runbook_complete`
- Evidence check: `deployment_ready`
- Template status: `not_started`
- Manual gate status: `not_complete`
- Blockers: `53`
- Required template sections: `reviewer, controls, environment, readiness_inputs, final_approval, decisions:11, artifacts:4`

Top blockers:

- `approved_genesis_allocation_not_approved`
- `approved_genesis_allocation_sha256_missing`
- `backup_restore_not_approved`
- `backup_restore_rehearsal_path_missing`
- `backup_restore_rehearsed_not_confirmed`
- `bootstrap_peer_plan_path_missing`
- `bootstrap_peers_missing`
- `deployment_decisions_not_approved`
- `deployment_runbook_path_missing`
- `deployment_target_missing`

Human action checklist:

- [ ] Freeze the reviewed source hash and archive the release bundle with checksum verification.
- [ ] Approve the genesis allocation, node setup instructions, bootstrap peers, and validator rollout plan.
- [ ] Approve production HTTP controls, monitoring, alerting, on-call coverage, and incident contacts.
- [ ] Complete backup, snapshot, and restore rehearsal evidence.
- [ ] Approve rollback and public incident response procedures.
- [ ] Require post-deploy audit and verify launch-window, write-route, monitoring, rollback, backup, and archive confirmations.