Skip to content

[codex] Recover programmatic privacy rail#10

Merged
williamclay8 merged 8 commits into
codex/five-products-audit-integrationfrom
codex/recovered-programmatic-privacy-rail
Jun 18, 2026
Merged

[codex] Recover programmatic privacy rail#10
williamclay8 merged 8 commits into
codex/five-products-audit-integrationfrom
codex/recovered-programmatic-privacy-rail

Conversation

@williamclay8

@williamclay8 williamclay8 commented Jun 18, 2026

Copy link
Copy Markdown
Owner

Summary

This draft PR publishes the recovered programmatic privacy rail chain from the quarantined Desktop checkout into a normal remote review branch.

Intentional parent note: 14c4513fc8373f437643e1743c06068cdeeac7f7 (Add June 13 and 16 research gates) is an intentional required parent for the three recovered commits. It was not present on GitHub, but the recovered commits depend on it.

Recovered chain:

  • 14c4513f Add June 13 and 16 research gates
  • 0752ba6c Add Solana privacy suite offline harness
  • 21065c97 Gate product actions on proof receipts
  • 2794e188 Fix actual-private Send proof receipt validation

Scope

  • Adds the fixture-only Solana privacy-suite offline harness.
  • Adds Rail 1 product action proof-receipt gating.
  • Tightens actual-private Send proof receipt validation.
  • Keeps Swap browser proof receipts separate in PR [codex] Add Swap browser proof receipts #9 (codex/swap-browser-proof-receipt-lane), because that lane was intentionally scoped away from Rail 1.

Recovery Notes

The source Desktop checkout at /Users/clay/Desktop/Vanta remains quarantined because many .git and working-tree files are iCloud/FileProvider compressed,dataless placeholders. Future Vanta PR and verification work should use the materialized clean clone/worktree path:

/Users/clay/Documents/Codex/2026-06-16/use-full-blast-subagents-to-research/vanta-swap-proof-worktree

Recovery verification already run:

  • git fsck --connectivity-only 2794e188fc2105bd84fbf1dcea37710b06b4a5c8

Verification Plan

Focused proof/harness gates to run on this PR branch:

  • npm run private-pool-v2:solana-privacy-suite-offline-harness-check
  • npm run private-pool-v2:protocol-client-check
  • npm run private-pool-v2:product-action-contract-check
  • npm run private-pool-v2:contract-check

Truth Boundary

Local/offline/dev proof gating only. This PR does not create production privacy, live deployment, audit acceptance, on-chain verifier acceptance, signing, broadcast, provider mutation, or real-funds evidence.

@williamclay8

williamclay8 commented Jun 18, 2026

Copy link
Copy Markdown
Owner Author

Verification update for PR #10:

Local focused gates on codex/recovered-programmatic-privacy-rail in the materialized clean clone:

  • PASS npm run private-pool-v2:solana-privacy-suite-offline-harness-check
  • PASS npm run private-pool-v2:protocol-client-check
  • FAIL npm run private-pool-v2:product-action-contract-check
    • Failure: Swap product action surface missing marker: createVantaPrivatePoolV2SwapToShieldedBrowserLocalProofReceipt
    • Interpretation: this is the intentional cross-branch separation from Swap PR [codex] Add Swap browser proof receipts #9 (codex/swap-browser-proof-receipt-lane). I am not sweeping the Swap marker into this recovered rail PR.
  • PASS npm run private-pool-v2:contract-check
  • PASS git diff --check

GitHub Actions on PR #10:

  • FAIL Privacy audit gates
  • FAIL Build and verify
  • Root cause observed in both failed jobs: usage-velocity-check tries to read /Users/clay/Desktop/Vanta/docs/goals/2026-05-14-claude-privacy-audit-tracker/state.yaml, which does not exist on the GitHub runner.
  • The Build and verify job did complete npm run build before failing later inside truth:privacy-claim-gate via the same twitter-intelligence:check / usage-velocity-check path.

Current PR state:

Merge remote-tracking branch 'origin/codex/five-products-audit-integr…
f892908 
…ation' into codex/recovered-programmatic-privacy-rail

# Conflicts:
#	package.json
#	src/pages/SwapPage.tsx
@williamclay8

williamclay8 commented Jun 18, 2026

Copy link
Copy Markdown
Owner Author

Merge follow-up pushed from clean worktree at f8929084.

Base origin/codex/five-products-audit-integration is now merged at 17ec180a. The selected package.json conflict was resolved by preserving the updated base superset: June 13/16/17 Twitter intelligence gates, recovered rail scripts/proof-gating wiring, current Swap marker wiring, and the repo-relative scripts/check-usage-velocity.mjs portability fix.

Local verification passed before push:

  • npm run usage-velocity-check
  • npm run privacy-audit:tracker-check
  • npm run private-pool-v2:solana-privacy-suite-offline-harness-check
  • npm run private-pool-v2:protocol-client-check
  • npm run private-pool-v2:contract-check
  • npm run private-pool-v2:product-action-contract-check
  • git diff --check
  • git diff --cached --check

Note: the product-action check now passes because the updated base already contains the Swap browser-proof marker content. PR #9 remains separate; this PR did not pull from PR #9 directly. The Desktop checkout remains quarantined.

@williamclay8

williamclay8 commented Jun 18, 2026

Copy link
Copy Markdown
Owner Author

Follow-up pushed at 4203413a: made the June 12/13 Twitter intelligence gates CI-portable.

What changed:

  • Added repo-local integration digests for June 12 and June 13 marker evidence.
  • Updated T10-T21 check scripts to read repo evidence first, with Clay-local Desktop/Hermes paths as fallback only.
  • No Swap PR [codex] Add Swap browser proof receipts #9 content was pulled directly into this branch; current product-action pass comes from the updated base already containing the Swap marker.

Local verification after the fix:

  • npm run privacy-audit:tracker-check
  • npm run usage-velocity-check
  • npm run private-pool-v2:solana-privacy-suite-offline-harness-check
  • npm run private-pool-v2:protocol-client-check
  • npm run private-pool-v2:contract-check
  • npm run private-pool-v2:product-action-contract-check
  • npm run build
  • git diff --check
  • git diff --cached --check

@williamclay8

williamclay8 commented Jun 18, 2026

Copy link
Copy Markdown
Owner Author

Follow-up pushed at 7ca9e7a0: installed the Noir toolchain in the privacy-audit-gates CI job too.

Reason: the tracker aggregate runs Noir-backed checks, and GitHub failed at spawnSync nargo ENOENT even though local verification passed and the build job already installed Noir. This keeps both CI jobs aligned.

@williamclay8

williamclay8 commented Jun 18, 2026

Copy link
Copy Markdown
Owner Author

Final CI receipt for 778b1e2a:

  • PR merge state: CLEAN
  • Privacy audit gates: PASS
  • Build and verify: PASS

Follow-up fixes included:

  • repo-local June 12/13 Twitter intelligence evidence for CI portability
  • Noir install in the privacy audit CI job
  • audit alias guard aligned with the conservative /.well-known/audit JSON (liveDeploymentVerified:false)

Desktop Vanta checkout remains quarantined; this was all done from the clean worktree.

@williamclay8 williamclay8 marked this pull request as ready for review June 18, 2026 14:20
@williamclay8 williamclay8 merged commit 5c85c1d into codex/five-products-audit-integration Jun 18, 2026
4 checks passed
@williamclay8 williamclay8 mentioned this pull request Jun 18, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@williamclay8 @claude