Skip to content

mainnet-readiness.generated.md

Latest commit

 

History

History
163 lines (134 loc) · 7.05 KB

mainnet-readiness.generated.md

File metadata and controls

163 lines (134 loc) · 7.05 KB

Mainnet Readiness Report

This report is generated from the canonical PrivateDAO registries and reviewer artifacts. It exists to summarize what is already verified inside the repository and what still remains outside repository scope before any production cutover.

Status note, 2026-05-06: this generated report includes legacy Devnet evidence from the pre-Anchor-1 migration surface. The current reviewer-facing Testnet program is EP9xE8MJZ6FfyEwLqns6HDdUZBknEa7WGYs1Jzsecuva; see docs/anchor-1-migration-evidence-2026-04-30.md and docs/testnet-lifecycle-rehearsal-2026-05-07.md. Production mainnet remains blocked until custody, audit, monitoring, and cutover evidence are recorded.

Current Identity

  • Project: PrivateDAO
  • Legacy Devnet Program ID: 5AhUsbQ4mJ8Xh7QJEomuS85qGgmK9iNvFqzF669Y7Psx
  • Current Testnet Program ID: EP9xE8MJZ6FfyEwLqns6HDdUZBknEa7WGYs1Jzsecuva
  • Verification wallet: 4Mm5YTRbJuyA8NcWM85wTnx6ZQMXNph2DSnzCCKLhsMD
  • Deploy transaction: 2CMEujY1CKnC8rH8BuLy4GvwYk3zfqMfAKaUjybcAvRhS1dnzg3Zd3GeMttBp4vkUbu69GkQtr3TWgbmBqGY8cyC
  • DAO PDA: FZV9KmpeY1B31XvszQypp5T6nQN5C44JDLM4QWBEDvhx
  • Governance mint: AZUkprJDfJPgAp7L4z3TpCV3KHqLiA8RjHAVhK9HCvDt
  • Treasury PDA: AZUroiNeGAjNdD84eEHnAKHHFwqAFmkjr2g1eoF7Ek5c
  • Proposal PDA: AegjmwkX1FknBJMDyH5yM6BMhyHsiUreNtz3d8iz3QrP
  • PDAO mint: AZUkprJDfJPgAp7L4z3TpCV3KHqLiA8RjHAVhK9HCvDt
  • PDAO token program: TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb
  • PDAO token account: F4q77ZMJdC7eoEUw3CCR7DbKGTggyExjuMGKBEiM2ct4
  • PDAO initial supply: 1000000

Verified Internal Surfaces

  • governanceLifecycle
  • confidentialPayoutSurface
  • refheProtocolSurface
  • backendReadNodeSurface
  • securityReasoning
  • supplyChainSurface
  • releaseCeremonySurface
  • runtimeEvidenceSurface
  • realDeviceRuntimeIntake
  • operationalEvidenceSurface
  • magicblockRuntimeSurface
  • confidentialManifestEncryption
  • releaseDrillSurface
  • artifactFreshness
  • zkCompanionStack
  • governanceHardeningV3
  • settlementHardeningV3
  • liveProofV3
  • reviewerSurface
  • operationsSurface
  • competitivePositioningSurface

Pending Or External Dependencies

  • strategyEngine -> not-in-repo
  • livePerformance -> not-in-repo
  • externalAudit -> pending
  • mainnetRollout -> pending

Mainnet Production Blocker Register

  • Register: docs/mainnet-blockers.json

  • Human-readable register: docs/mainnet-blockers.md

  • Current decision: blocked-external-steps

  • Production mainnet claim allowed: false

  • external-audit-completion -> pending-external (security, critical, required before mainnet-real-funds)

  • upgrade-authority-multisig -> pending-external (custody, critical, required before mainnet-real-funds)

  • production-monitoring-alerts -> pending-external (operations, high, required before mainnet-real-funds)

  • real-device-wallet-runtime -> pending-runtime-captures (runtime, high, required before mainnet-real-funds)

  • magicblock-refhe-source-receipts -> pending-integration (privacy-settlement, high, required before mainnet-real-funds)

  • mainnet-cutover-ceremony -> pending-external (release, high, required before mainnet-real-funds)

Launch Operations Checklist

  • Checklist: docs/launch-ops-checklist.json

  • Human-readable checklist: docs/launch-ops-checklist.md

  • Current decision: blocked-external-steps

  • Production mainnet claim allowed: false

  • create-production-multisig -> pending-external (custody, required before mainnet-real-funds)

  • transfer-program-upgrade-authority -> pending-external (custody, required before mainnet-real-funds)

  • configure-production-timelock -> repo-documented (governance, required before mainnet-real-funds)

  • backup-and-recovery-procedures -> repo-documented (operations, required before mainnet-real-funds)

  • monitoring-setup -> pending-external (operations, required before mainnet-real-funds)

  • alerting-rules -> repo-defined (operations, required before mainnet-real-funds)

  • operator-runbooks -> repo-documented (operations, required before mainnet-real-funds)

  • emergency-procedures -> repo-documented (operations, required before mainnet-real-funds)

  • real-device-testing -> pending-runtime-captures (runtime, required before mainnet-real-funds)

  • wallet-integration -> repo-documented (runtime, required before mainnet-real-funds)

  • end-to-end-flows -> devnet-proven (runtime, required before mainnet-real-funds)

Reviewer Artifact Summary

  • Verification gates tracked: 63
  • Gate count in review attestation: 63
  • Strategy package count: 12
  • Security package count: 18
  • ZK package count: 28
  • Proof package count: 82
  • Operations package count: 34
  • Runtime attestation: docs/runtime-attestation.generated.json
  • PDAO attestation: docs/pdao-attestation.generated.json
  • Go-live criteria: docs/go-live-criteria.md
  • Operational drillbook: docs/operational-drillbook.md
  • Go-live attestation: docs/go-live-attestation.generated.json
  • ZK stack version: 1
  • ZK layer count: 3
  • Integrity algorithm: sha256
  • Integrity entries: 143
  • Integrity aggregate sha256: c041cf2d4522fb46fb2fe9bc31f2673f4605d67b1214f1750ffa090066b94d1c

Additive Hardening V3

  • Governance hardening note: docs/governance-hardening-v3.md
  • Settlement hardening note: docs/settlement-hardening-v3.md
  • Dedicated V3 live proof: docs/test-wallet-live-proof-v3.generated.md
  • V3 boundary: real Devnet proof for the additive hardening path, not a production-custody or mainnet claim

Mainnet Conclusion

What is strong now:

  • the governance lifecycle is live on devnet
  • the additive V3 governance and settlement hardening paths are Devnet-proven
  • reviewer-facing proof and security artifacts are published
  • the zk companion stack is registry-backed, transcript-backed, and attested
  • the PDAO token surface is metadata-backed, attested, and bound to the canonical review package
  • the frontend, Android guide, and proof surfaces are integrated into one verification package

What still requires real-world completion before mainnet should be claimed:

  • external audit
  • production key custody and multisig enforcement
  • runtime wallet QA on real client environments
  • monitoring, alert delivery, and incident ownership in live infrastructure
  • operational cutover from devnet proof to mainnet execution

Canonical Commands

npm run build:mainnet-readiness-report
npm run build:deployment-attestation
npm run build:runtime-attestation
npm run build:go-live-attestation
npm run build:pdao-attestation
npm run verify:launch-ops
npm run verify:monitoring-alerts
npm run verify:mainnet-blockers
npm run verify:mainnet-readiness-report
npm run verify:deployment-attestation
npm run verify:runtime-attestation
npm run verify:go-live-attestation
npm run verify:pdao-attestation
npm run verify:pdao-live
npm run verify:all
bash scripts/check-mainnet-readiness.sh

Honest Boundary

This report is an internal readiness artifact.

It does not claim:

  • external audit completion
  • automatic mainnet approval
  • production rollout completion
  • custody policy enforcement outside the repository