Operations

snapshot Jun 10, 11:43 PMread-only

Briefing, priorities, people, missions

Human operator workflows are separated from infrastructure protocols: daily briefing, action queue, graph operations, builder follow-up, and mission sync.

Mode

stabilize

10 priority items

briefing

WAOC needs focused activation today.

stabilize

Active missions are outpacing completed work. Review ownership and next actions.

priorities

10 open items

high

Mission backlog pressure

graph

5 pairing candidates

5 core

Relationship and builder operations stay human-owned while the system suggests evidence-backed next steps.

execution

10 readiness checks

ready

Trust Execution Readiness classifies opportunities before any real-world or state-changing work is allowed.

write preview

P6 watch

disabled

P6 adds durable write-intent, audit-log, memory-version, and approval foundations without deleting old data.

AI submit

7 draft payloads

blocked

AI Submit Bridge turns OneAI and model workbench drafts into audited WriteIntent records only after an operator explicitly submits them. Approval and commit remain separate.

P8.2 console

1 write inbox items

blocked

1 write-intent inbox items are reviewable in dry-run mode; submit remains disabled.

approval

Operator approvals

audited

Admin/steward can review pending builder claims, role requests, write intents, and security reviews through the production approval API.

1-7 upgrade

Production Layer 69

watch

Production Operating Layer tracks 7 infrastructure upgrades at score 69. 1 lane still need operator action before full production exposure.

agent access

0 API keys

blocked

0 tenants, 0 active API keys, 49 recent usage events, and 0 open security reviews are visible in production access.

self operating

Self-run 71

watch

Self-Operating Layer has 2/7 ready lanes, 1 blocked lanes, and remains operator-gated for approvals and commits.

cycle pack

5 safe candidates

30m

Operator Cycle Pack prepared 10 review candidates and 1 alerts without executing writes.

Controlled Self-Operating Layer

OneField can plan its own operating cycle

Self-Operating Layer has 2/7 ready lanes, 1 blocked lanes, and remains operator-gated for approvals and commits.

Cycle API

/api/agent/self-run-cycle

controlled-self-operating

Signal Scheduler

76 · ready

read-only

Plans recurring read-only pulls for OKX, Binance, X, Telegram, OneMission, and agent-local signals. Run scheduled signal refresh and compare freshness.

Ingestion Queue

59 · watch

read-only

Normalizes incoming signals into quality reports, evidence links, and memory candidates. Deduplicate by source id, timestamp, entity, and evidence trail before candidate review.

Autonomous Proposal Cycle

68 · watch

draft-only

OneAI can run a scheduled live task contract to create proposals and write-intent drafts. Generate proposals on a controlled interval and route them into inbox only.

Auto Policy Gate

82 · ready

classification-only

Separates low-risk reviewable items from blocked/high-risk items before any operator decision. Mark low-risk candidates as review-ready; never approve them automatically.

Controlled Automation Rules

38 · blocked

intent-prep

Defines which low-risk operations may be prepared automatically while commits stay gated. Prepare WriteIntent payloads for memory candidates with evidence; leave approval/commit disabled.

Operator Alert System

84 · watch

notify-only

Turns blocked gates, stale sources, failed auth, high risk, and missing evidence into operator-visible alerts. Generate daily alert digest from blockers and usage anomalies.

Self-Observability

87 · watch

diagnostic-only

Uses UsageEvent, source freshness, task acceptance, and blocked gates to describe where the system is stuck. Generate a self-diagnosis report and recommended operator actions each cycle.

Allowed Autonomy

Allowed

controlled

read external public/read-only signals

Allowed

controlled

normalize quality and evidence

Allowed

controlled

prepare proposals and write-intent drafts

Allowed

controlled

classify risk and evidence readiness

Allowed

controlled

record usage and diagnostics

Allowed

controlled

notify operators about blockers

Blocked Autonomy

Blocked

blocked

approve write intents

Blocked

blocked

commit memory, mission, graph, circle, or profile changes

Blocked

blocked

trade, withdraw, post, DM, or mutate external accounts

Blocked

blocked

create admin roles or bypass tenant/user permissions

Operator Cycle Pack

The next self-run cycle is prepared, not executed

Operator Cycle Pack prepared 10 review candidates and 1 alerts without executing writes.

Cadence

30m

dry-run-only

Safe queue

review-only candidates

Blocked queue

operator action required

Alerts

blocking and watch items

Executed

false

dry-run only

Low-risk Queue

signal

Review agent signal

High-quality signal with enough strength, confidence, and freshness for review. Mark as memory-review-ready only; no automatic commit.

signal

Review binance signal

High-quality signal with enough strength, confidence, and freshness for review. Mark as memory-review-ready only; no automatic commit.

signal

Review okx signal

High-quality signal with enough strength, confidence, and freshness for review. Mark as memory-review-ready only; no automatic commit.

signal

Review agent signal

High-quality signal with enough strength, confidence, and freshness for review. Mark as memory-review-ready only; no automatic commit.

signal

Review x signal

High-quality signal with enough strength, confidence, and freshness for review. Mark as memory-review-ready only; no automatic commit.

Blocked Queue

Controlled Automation Rules

operator

Defines which low-risk operations may be prepared automatically while commits stay gated. Prepare WriteIntent payloads for memory candidates with evidence; leave approval/commit disabled.

Review Agent Gateway

operator

Draft needs target-specific commit handler before execution. Submit to WriteIntent only after operator backup and evidence review.

Review Lee

operator

Draft needs target-specific commit handler before execution. Submit to WriteIntent only after operator backup and evidence review.

Review Write durable memory

operator

Draft needs target-specific commit handler before execution. Submit to WriteIntent only after operator backup and evidence review.

Review Create mission

operator

Draft needs target-specific commit handler before execution. Submit to WriteIntent only after operator backup and evidence review.

Review Modify relationship graph

operator

Draft needs target-specific commit handler before execution. Submit to WriteIntent only after operator backup and evidence review.

Operator Playbook

Refresh signals

/api/signals/radar

Open Signals and verify source freshness before accepting new memory candidates. Expected: Updated Signal Radar with quality and policy decisions.

Triage candidates

/command/memory#review

Review low-risk candidates with evidence ids and mark which should enter WriteIntent. Expected: Shortlist of memory/task candidates ready for controlled submission.

Generate proposals

/api/oneai/live-tasks

Run OneAI live task only when live task contract and usage budget are acceptable. Expected: Proposal inbox and write-intent drafts; no execution.

Submit safe drafts

/api/production/write-intents/from-ai-draft

Submit selected drafts as WriteIntent after backup and evidence review. Expected: Draft WriteIntent records awaiting approval.

Approve or reject

/api/production/approvals

Approve only when risk, evidence, rollback, and scope are acceptable. Expected: Approved/rejected intent with audit trail; still no automatic commit.

Automation Budget

Allowed now

dry-run

refresh public/read-only signal snapshots

Allowed now

dry-run

normalize evidence and quality reports

Allowed now

dry-run

rank low-risk memory/task candidates

Allowed now

dry-run

prepare dry-run proposal packages

Allowed now

dry-run

emit operator alerts and usage diagnostics

Needs approval

operator

create production WriteIntent

Needs approval

operator

approve or reject production change

Needs approval

operator

commit memory/task/graph/profile updates

Upgrade 1-7 Production Operating Layer

A living memory and coordination layer for networked AI.

Production Operating Layer tracks 7 infrastructure upgrades at score 69. 1 lane still need operator action before full production exposure.

Score

database

Realtime Signal Ingestion

100 · ready

read scope

OKX, Binance, X, Telegram, and OneMission become normalized evidence streams before memory use. Start storing ingestion receipts and quality summaries.

8 normalized signals, 4 configured/live sources.

Memory Lifecycle v2

67 · watch

read scope

Memory moves through candidate, review, confirmed, conflicted, revoked, archived, and exported states. Promote approved memory WriteIntent records through commit/version/revoke/archive handlers.

0 candidates, 4 review-required graph edges.

Agent API Key Gateway

62 · watch

read scope

External agents need tenant-scoped API keys, permission scopes, rate limits, audit logs, and revocation. Add create/revoke/list flows for scoped API keys after operator security review.

Tenant, ApiKey, UsageEvent, and BillingAccount tables are present in the production bridge schema.

Scoped Memory Query API

95 · ready

read scope

Agents query scoped context packs, not raw database rows or unrestricted user memory. Add tenant/user scopes, query budget, redaction, and result citations to every query response.

40 graph nodes and 20 graph edges are query-shapeable.

OneAI Task Loop

42 · blocked

read scope

OneAI/model drafts can become write intents, then move through approval and target-specific commit. Stabilize live task schema for memory, risk, coordination, and mission proposals.

7 normalized AI draft payloads are visible to the bridge.

Observability, Usage, Rate Limit

58 · watch

read scope

Production needs route-level events, model-call traces, rate-limit decisions, tenant usage, and billing meters. Instrument critical APIs with UsageEvent append-only records and operator-readable failure summaries.

UsageEvent and AuditEventLog schemas exist; route instrumentation is the next step.

Security Review and Launch Gate

56 · watch

read scope

Every production expansion should pass secret redaction, data scope, agent authority, rollback, and abuse checks. Create operator checklist records for Agent API keys, realtime signals, billing, and external model providers.

SecurityReview records and approval routes are available.

Launch Sequence

Step 1

ordered

Keep external sources read-only and normalize signals into evidence.

Step 2

ordered

Route high-quality evidence into Memory Lifecycle v2.

Step 3

ordered

Expose scoped Memory Query API to OneAI and external agents.

Step 4

ordered

Submit AI drafts into WriteIntent, then approval, then target commit.

Step 5

ordered

Meter every agent/API/model call through UsageEvent and audit summaries.

Step 6

ordered

Open tenant API keys only after security review and revocation flows are visible.

Step 7

ordered

Expand write targets one by one after rollback and export are proven.

Guardrails

Boundary

enforced

No trading, withdrawal, private DM, raw secret, or unrestricted database scope is granted by this layer.

Boundary

enforced

Agent API keys must be tenant-scoped, revocable, rate-limited, and audited before external production use.

Boundary

enforced

Memory query returns scoped context packs with citations, not raw database dumps.

Boundary

enforced

OneAI can propose and submit write intents, but approval and commit remain separate.

P9 Agent API Key Gateway

Tenant-scoped access for external AI agents

0 tenants, 0 active API keys, 49 recent usage events, and 0 open security reviews are visible in production access.

Console API

/api/production/access

create / revoke / review

Tenants

isolated customer spaces

API keys

hashed, revocable

Usage

recent events

Billing

accounts

Security

reviews

Allowed Agent Scopes

read.context

scoped

Least-privilege scope for external AI agent access.

read.memory_query

scoped

Least-privilege scope for external AI agent access.

read.operator_pack

scoped

Least-privilege scope for external AI agent access.

read.signals

scoped

Least-privilege scope for external AI agent access.

draft.recommendation

scoped

Least-privilege scope for external AI agent access.

submit.write_intent

scoped

Least-privilege scope for external AI agent access.

Access Guardrails

Rule

enforced

Never store raw API keys; store only hashes.

Rule

enforced

Return a new API key token only once at creation time.

Rule

enforced

External agents must use least-privilege scopes and rate limits.

Rule

enforced

API keys can submit write intents only; they cannot approve or commit.

No external agent keys yet

empty

Create tenant-scoped API keys only after security review and operator approval.

P8.2 Operator Approval Console

Approve requests without bypassing safety gates

The approval API handles Builder claims, role upgrade requests, write-intent review, and security review resolution. Claim approval requires an existing durable User; role approval updates only durable Users; write-intent approval never commits target data.

API

/api/production/approvals

GET queue / POST decision

Builder claim

guarded

Approve only links an existing durable User to the claimed Builder and writes audit history.

Role request

role-gated

Approve updates User.role only after admin/steward review; steward cannot approve admin escalation.

Write intent

no commit

Approve records ApprovalDecision and status only; it does not commit memory, mission, graph, or profile changes.

Memory commit v1

memory

Approved memory write intents can now be committed through /api/production/write-intents/[id]/commit with version, revoke, archive, and audit records.

Security review

audited

Approve/reject resolves security review records with audit trace.

P8.5 AI Submit Bridge

AI drafts can enter production review

AI Submit Bridge turns OneAI and model workbench drafts into audited WriteIntent records only after an operator explicitly submits them. Approval and commit remain separate.

Submit endpoint

/api/production/write-intents/from-ai-draft

POST creates WriteIntent only

oneai

oneai draft source

model

model draft source

Auto approve

false

AI cannot approve itself

Auto commit

false

commit remains separate

oneai · circle

Review Agent Gateway

high

This target can become a WriteIntent now; target-specific commit remains a later handler.

1 evidence · commit-compatible false

oneai · graph

Review Lee

medium

This target can become a WriteIntent now; target-specific commit remains a later handler.

2 evidence · commit-compatible false

oneai · circle

Review Write durable memory

medium

This target can become a WriteIntent now; target-specific commit remains a later handler.

1 evidence · commit-compatible false

oneai · circle

Review Create mission

medium

This target can become a WriteIntent now; target-specific commit remains a later handler.

1 evidence · commit-compatible false

oneai · circle

Review Modify relationship graph

medium

This target can become a WriteIntent now; target-specific commit remains a later handler.

1 evidence · commit-compatible false

oneai · memory

Review Agent Gateway

medium

Memory payload is normalized for the memory commit path after approval.

1 evidence · commit-compatible true

model · memory

Review memory from Agent memory candidate loop ready

medium

Memory payload is normalized for the memory commit path after approval.

1 evidence · commit-compatible true

P8.2 Operator Write Console

Review write intents without touching production data

1 write-intent inbox items are reviewable in dry-run mode; submit remains disabled.

Submit enabled

false

blocked

Inbox

write-intent review items

Evidence reviews

evidence gate checks

Dry-run diffs

no production mutation

Roles

admin / steward / agent / external

ai_draft · memory

Review memory from Agent memory candidate loop ready

blocked

Dry-run evaluated memory with 3 blocked gates and risk score 54. No data was written. Rollback: Do not mutate existing records directly. If promoted, create additive memory records or versions linked to review:local:local-signal-memory-candidate.

1 evidence · 3 dry-run blocks · risk 54

Dry-run No-touch Proof

Proof

no-write

Dry-run does not call productionWriteService.createWriteIntent.

Proof

no-write

Dry-run does not call db.$transaction.

Proof

no-write

Dry-run does not execute Prisma writes.

Proof

no-write

Dry-run returns validation and gate results only.

Approval State Machine

pending

false

Operator can review but cannot submit until all gates pass.

needs_evidence

false

Evidence is missing or insufficient.

approved

false

Future state only; approval alone still cannot bypass backup, audit, and P6 gates.

rejected

false

Operator rejected the proposed write intent.

expired

false

Intent is outside its review window.

revoked

false

Consent or authorization was revoked.

blocked

false

One or more blocking gates remain active.

Role Boundary

admin

backup

Blocked: skip audit, skip rollback, run destructive migration

steward

review

Blocked: confirm backup, submit production write, approve own unsafe change

agent

read-only

Blocked: approve, confirm backup, submit, read raw secrets

external_ai

read-only

Blocked: approve, confirm backup, submit, access unscoped private memory

P6 Controlled Write Production

Write safely without losing old data

P6 controlled writes can preserve existing data by introducing durable write intents, persistent audit logs, memory versions, approvals, and backup-first migration discipline.

Write intents

false

ONEFIELD_P6_WRITES_ENABLED=true

migration

additive-only

0002_p6_controlled_writes

The P6 migration only creates new tables and indexes. It does not delete rows, drop columns, reset data, or modify existing business records.

backup

Backup required before writes

required

pg_dump "$DATABASE_URL" > backups/onefield-before-p6-$(date +%Y%m%d%H%M%S).sql

OneAI

Can propose, cannot commit

guarded

OneAI can submit or shape proposed write intent payloads, but commits remain blocked until human approval and audit-backed commit services are enabled.

schema

4 new safety tables

additive

AuditEventLog, WriteIntent, ApprovalDecision, FieldMemoryVersion

preserve

Builder

preserve

Existing identities remain the source of actor ownership.

version

FieldMemory

preserve

Future edits append FieldMemoryVersion rows instead of overwriting history silently.

intent

MissionLink

preserve

Future mission creation starts as WriteIntent before commit.

intent

Relation

preserve

Future graph mutations require targeted intent and evidence.

audit

AIInsight

preserve

AI outputs remain evidence and recommendations, not direct writes.

audit

AuditEventLog

preserve

Every future production write records actor, target, metadata, and before/after state.

intent

WriteIntent

preserve

Durable writes begin as reviewable, expiring intents.

AI Write Submit Readiness

AI can propose; operators decide when a write is safe

1 write-intent previews evaluated for manual submission readiness; automatic submission remains disabled.

Automatic submit

false

blocked

Previews

from promotable AI drafts

Blocked gates

unique manual checks still required

Endpoint

/api/production/write-intents

manual POST only after all gates pass

memory

Review memory from Agent memory candidate loop ready

blocked

preview_ready: Preview was generated from a promotable AI draft review item. session_required: Manual submission requires an authenticated admin or steward session. backup_required: backupConfirmed must remain false until an operator confirms a fresh database backup. p6_enabled: ONEFIELD_P6_WRITES_ENABLED must be true and database mode must be active before POST. evidence_required: 1 evidence ids are attached. human_approval: Human operator approval required.

2 pass · 4 blocked

Controlled Write Readiness

Future writes start as reviewable intents

8 write intent previews are defined. No write path is enabled; minimal pilot remains disabled until migration, audit, backup, and rollback are approved.

Pilot enabled

false

migration required before enable

Write intents

preview only

Approval states

workflow preview

Audit fields

before future writes

Rollback paths

target-specific

memory