sprint-3: add CI workflow (Task #399) — closes HB#228/#231 build-drift gap#23
Merged
Conversation
txHash: 0x4c494fb7590dc6bade24ceca20ba76b064a4369e31b1f40018d4a5efbffaa599 ipfsCid: QmYfqV3hWbhoMDvATvMQSCcHFaWcJAxefgqryqso4kBVxd Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…tribution pack
Introduces the src/lib/audit-db.ts canonical 61-DAO dataset store
(extracted HB#328, never previously committed) with this session's
additions: Index Coop, Euler, Kwenta, Alchemix, Instadapp, Prisma
Finance, Goldfinch (58 → 61, all DeFi-category).
Publishes the Single-Whale Capture Cluster as a standalone research
finding split out of Four Architectures v2.5. Four distribution formats
all ready to post:
- agent/artifacts/research/single-whale-capture-cluster.md (IPFS
pinned at QmSGsB2ehjtcVMPCPfw5wNZ9H2hqiwuCiCgTMFe3q3z2bz, HB#395)
- docs/distribution/single-whale-capture-twitter.md (9 tweets, HB#396)
- docs/distribution/single-whale-capture-mirror.md (900 words, HB#402)
- docs/distribution/single-whale-capture-reddit.md (r/defi, HB#403)
Plus docs/distribution/index-coop-outlier-note.md — honest caveat
companion piece acknowledging Index Coop is the first DeFi-divisible
entry below Gini 0.80 and flagging it for refresh test before using
it to weaken the 11-of-11 drift finding.
docs/distribution/INDEX.md + posting-runbook.md refreshed to reflect
the new 22-piece inventory with Capture-cluster pieces promoted to
the week-1 posting block per the HB#406 rationale (stronger retail
hook than Four Architectures).
docs/OPERATOR-STATE.md is the Hudson-facing TL;DR dashboard updated
for HB#414 state: 3 retros across all agents, 57 tagged brain
lessons (zero untagged), #54 merge-vote flag, blocker #1 reframed
to promote the Capture-Reddit post as the new highest-leverage
operator action.
Also bundles the prior-session distribution files (four-architectures,
correlation-analysis, p47-voting, D-grade outreach templates,
temporal-stability-mirror, newsletter-pitch-bankless) which were on
disk but had never been committed to the repo — consolidating them
into a single tracked directory.
This commit is entirely additive:
- src/lib/audit-db.ts: new file, zero git history in this branch
- docs/OPERATOR-STATE.md: new file
- docs/distribution/: new directory, never previously tracked
- agent/artifacts/research/*.md: new file
No tracked file is modified. The 48 src/commands/**/*.ts + 50+
other tracked-file drifts against origin/main are pre-existing
local state not authored this session; they remain untouched.
Identity: first sentinel_01 commit correctly attributed to
ClawDAOBot via bot-identity.sh (PR #11 pattern). HB#385 commit
b443b77 is the prior mis-attributed commit; not rewriting per
bot-identity PR #11 precedent ("retroactive rewrite would require
force-push to main which is off-limits").
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0x28a42d9d314cf35cdf194999fd431ed6063392ee882176de32a2c52f9bd2011c ipfsCid: QmfXBcXyASDVkKaEQNqngUta6rRQTf2fKGUwkfX7mmmcEX Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
HB#434-435 additions (sentinel_01 post-PR-10-merge audit growth):
- Instadapp (0.893, 88v, 28% top) — normal DeFi
- Prisma Finance (0.810, 19v, 42% top) — boundary cluster
- Goldfinch (0.872, 20v, 50% top) — near-capture, boundary cluster
- Threshold (0.827, 53v, 23% top) — normal DeFi
- Notional (0.562, 5v, 48% top) — SECOND low-Gini DeFi-divisible
outlier (after Index Coop 0.675 from HB#387)
Dataset now at 63 DAOs. Notional + Index Coop flagged for HB~464
temporal refresh to test whether low-Gini DeFi-divisible DAOs drift
like their high-Gini peers or stay stable — either outcome is
publishable, and the pair makes the 'refresh both as a test set'
design clean.
Machine-readable v3.1 pinned to IPFS at
QmX1BKToGQfD8wat1TkJcxfxEUSSiL7wtjd86opHgKd5zQ. Includes delta.added
array and defiLowGiniOutliers summary so downstream consumers can
track changes across versions. Supersedes v3.0 (58 DAOs, HB#413).
docs/distribution/INDEX.md updated with the new pin.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Task #377 (HB#436 claim tx 0xefd3a0a7): build pop distribution
post-and-track skill. Turns out .claude/skills/post-thread/SKILL.md
already existed as a 99-line framework draft from before HB#436 but
had no implementation backing; evolving it into a real tool rather
than a net-new build.
NEW: agent/scripts/post-x-thread.mjs (281 lines)
- Markdown parser for **N/** block format (our standard
docs/distribution/*-twitter.md layout)
- JSON parser fallback for legacy { tweets: [...] } inputs
- 280-char validation per tweet
- Thread numbering gap detection (hard error)
- Placeholder detection (TODO/FIXME/{{)
- Dry-run default; --post opt-in
- 60-min rate limit via post-history.md read (--force bypass)
- Token resolution: POP_X_TOKEN env > ~/.pop-agent/x-token.txt
- X API v2 reply_to chaining with 1.1s inter-tweet delay
- Auto-creates/appends docs/distribution/post-history.md with
ISO timestamp + source file + first tweet id + thread URL
UPDATED: .claude/skills/post-thread/SKILL.md
- Points at agent/scripts/post-x-thread.mjs as implementation
- Documents markdown-preferred input format with real example
- Drops the stale QmPrGE... CID reference
- Replaces 4-var X API credential pattern with the simpler
POP_X_TOKEN / ~/.pop-agent/x-token.txt pattern matching the
bot-identity.sh precedent from PR #11
FIXED: docs/distribution/single-whale-capture-twitter.md
- Tweet 8 was 291 chars (11 over X's 280 limit); caught by the
new validator on first dry-run — excellent dogfood signal.
- Tightened to 270 chars without losing any meaning: "go on
record" > "go on the record", "very few voters" > "very few
active voters", "at that sample size" > "at sample size" style
compressions.
VERIFIED: full dry-run against single-whale-capture-twitter.md now
passes clean — 9 tweets parsed, all under 280, thread ready to post
when a token lands.
NOT YET DONE (follow-up work for the same task or a new one):
- Real --post against a token (Hudson credential step still open)
- Reply/engagement watcher (separate long-running task)
- Parallel skills for Mirror, Reddit, Bankless newsletter — those
each need their own format/API
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
# Conflicts: # docs/distribution/INDEX.md # docs/distribution/single-whale-capture-twitter.md # src/lib/audit-db.ts
txHash: 0x81321d9216a6354b367f888e1a0448f6ea0d761c5db2d26409ae3cb72368b794 ipfsCid: QmdD33Eq9FM4WVJKrJh4ahCEEMrgSarCxHK3Yrxrb2xDZ5 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…robe Task #378 (HB#437 claim tx 0x7beedd8e): three-part deliverable was diagnose + mitigate in pop vote list + fix at root (or file upstream issue). This commit lands the mitigation. Diagnosis and upstream are covered in the function-level comment. ROOT CAUSE HYPOTHESIS (documented in src/commands/vote/list.ts probeExpiredActiveProposal jsdoc): The Gnosis subgraph indexer for the POP HybridVoting contract lags under bursty block production. The agent lifecycle uses sponsored tx bundles that can land multiple txs in adjacent blocks — a vote cast + announce + execute sequence spanning 3-4 blocks can outrun the indexer's polling window. Missed events don't retroactively re-fire, so the stale state persists indefinitely. Observed twice this session: - #54 (PR #10 merge): Ends-in decremented at ~30% wall-clock speed through HB#404-415 - #55/#56 (duplicate PR #14 merge): stuck at Active/0v for 13+ hours after actual on-chain execution Upstream fix belongs in the subgraph indexer (separate repo). This commit lands the client-side mitigation. MITIGATION: New helper `probeExpiredActiveProposal(contractAddr, proposalId, provider)` at src/commands/vote/list.ts. Called only when a proposal matches `status === 'Active' && endTimestamp < chainNow` (the subgraph-stale signature). Uses contract.callStatic.announceWinner to probe three outcomes: - callStatic succeeds → 'announceable' (ready to announce, no one has run it yet). Override displayStatus to "Announceable". - reverts with AlreadyExecuted → 'chain-ended' (already executed on-chain, subgraph just missed the events). Override to "Ended (chain)". - any other revert → 'unknown', fall through to subgraph state. Render loop wires the probe output into displayStatus + collects lagWarnings. Footer prints a warning block listing each lagged proposal + the detected chain state, with explanatory text telling the operator the proposals are correctly handled on-chain and just need indexer catchup. COST GUARD: only expired+active proposals pay the RPC cost. Normal active-and-not-expired proposals pay zero. Zombies pay one callStatic per list invocation — negligible. VERIFIED end-to-end: ran `pop vote list` against the live Argus org and both #55 and #56 now display as "Ended (chain)" with the warning footer correctly listing both. First successful dogfood of the mitigation before commit. NOT DONE (scoped out as follow-up): - Same mitigation in the DD (DirectDemocracy) branch of the render loop. DD uses a different contract with a different announce function signature — needs its own ABI path and callStatic probe. Adding in a follow-up commit to keep this PR focused. - Reading the actual winningOption from the contract post-lag — the current override just sets status, leaves winner as "-" from the stale subgraph data. Acceptable because operators mostly want to know "is this stuck or done" and the status answer is sufficient. - Upstream subgraph indexer fix — out of scope for this repo. Recommending filing an issue with the subgraph repo as a separate task if the lag pattern persists on new proposals. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
HB#437 (commit 113c490) shipped the mitigation for the hybrid branch only and flagged the DD branch as a scoped-out follow-up. DD uses a separate contract (DirectDemocracyVoting) with its own ABI — but as it turns out, the announceWinner(uint256) signature and the AlreadyExecuted() error are identical between hybrid and DD. The same probe helper works; just pass the DD ABI in. CHANGES: - Import DirectDemocracyVotingAbi alongside HybridVotingAbi - Generalize probeExpiredActiveProposal() to accept an optional `abi` parameter (default HybridVotingAbi, preserving callsite behavior) - DD render loop: capture ddContractAddr from org.directDemocracyVoting.id (parallel to hybridContractAddr), run the same status-correction probe + lagWarnings push with type='dd' so the footer distinguishes branches - `let` ddDisplayStatus instead of `const` so it can be overridden VERIFIED: yarn build clean, pop vote list still correctly flags #55 and #56 as hybrid Ended(chain) (no DD zombies in the current org state to exercise the DD path, but the render code is parallel to the hybrid branch and the probe helper is shared). Closes the HB#437 scoped-out follow-up for DD mitigation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Restoring Threshold + Notional (in v3.1 locally but reverted in
working tree between HB#435 and HB#439, reason unclear — possibly
a different agent's rollback or a branch reset). Plus 3 new
entries from the HB#439 audit scan:
- BendDAO (bendao.eth): Gini 0.587, 4 voters, 77.8% top voter.
Rare profile — low Gini but high top-voter concentration.
Cleanest illustration in the dataset of why Gini alone
misrepresents capture. Brain lesson filed under
topic:single-whale-cluster,topic:methodology.
- Drops DAO (dropsdao.eth): Gini 0.733, 31 voters, 27.5% top —
normal-concentration DeFi.
- Silo Finance (silofinance.eth): Gini 0.890, 85 voters, 21.4%
top — normal-concentration DeFi.
Machine-readable v3.2 pinned to IPFS at
QmZcakBwo1Aw4sN8sPanaftcra3cnbxQgDcefYeyG65yPT. Improved outlier
filter (gini<0.70 AND voters>=5) now correctly excludes dYdX
(1-voter degenerate case) — remaining genuine low-Gini-plus-
healthy-voters outliers are Index Coop (0.675, 22v) and Notional
(0.562, 5v). Supersedes v3.1 (Qm X1BK..., 63 DAOs, HB#435).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds a "BendDAO illustration" subsection to "Why we don't report Gini alone" in agent/artifacts/research/single-whale-capture-cluster.md. BendDAO was audited HB#439 and returned Gini 0.587 alongside 77.8% top voter share — the cleanest natural experiment in the dataset for why the Capture methodology uses top-voter-share rather than Gini alone. A conventional Gini-only DeFi report card would grade BendDAO at "moderate concentration" while top-voter-share correctly identifies it as a 78%-captured DAO. Mathematical explanation inline: Gini measures the area under the Lorenz curve for the full voter distribution; in a 4-voter population where one voter holds ~78% and the remaining three split 22% roughly evenly, the bottom of the Lorenz curve is flat (three voters at ~7% each look "equal" to each other), dragging Gini down even though the top voter's share alone is the only number that matters for governance outcomes. BendDAO is explicitly NOT added to the main cluster table — 4 voters across 3 proposals is too thin for reliable membership claim. Value is entirely methodological: it's the empirical proof that the double-statistic reporting choice (Gini + top-voter-share side by side) in v1 was load-bearing, not just stylistic. OTHER UPDATES: - Version header: v1 → v1.1, author window updated #287-394 → #287-440 - Sprint: 12 → 13 - "57-DAO" → "66-DAO" in the abstract - Adds dataset pin reference to v3.2 (QmZcakBwo1Aw4sN8sPanaftcra3cnbxQgDcefYeyG65yPT) - Adds supersedes pointer to v1 pin (QmSGsB2ehjtcVMPCPfw5wNZ9H2hqiwuCiCgTMFe3q3z2bz, HB#395) Pinned as QmXnWVMaG72jypv2wNHjRHkFYkLuNPDP5UFC1ec8b4YqhN (10099 bytes). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0x904f1cb4590b6c19471ac589d65cd84a5b40a4ef655ac3c85f1e928b1bf1bac5 ipfsCid: QmX83Z9LMX8t8tJ45M5u2z2MqtCixsc3Gx8PLLRBNznCNq Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds a new "Methodology limits for veToken protocols" section to
agent/artifacts/research/single-whale-capture-cluster.md addressing
a real measurement gap surfaced by reading task #380's Curve DAO
deep-dive audit (docs/audits/curve-dao.md, HB#380 argus_prime).
THE GAP: our Capture Cluster entries for Curve/Balancer/Frax/
Convex/Beethoven X/Kwenta come from Snapshot spaces (curve.eth,
balancer.eth, etc.). Snapshot captures off-chain signaling votes,
NOT the actual on-chain decisions. For veToken protocols, binding
decisions happen via GaugeController.vote_for_gauge_weights (for
emissions allocation) and separate Aragon Voting instances (for
protocol-level decisions) — both weighted by veCRV-equivalent
time-locked balances, NOT Snapshot vote counts. The two populations
are different, and the on-chain population is typically MORE
concentrated than the Snapshot signaling population.
WHAT THE NEW SECTION SAYS:
- Names the affected entries (Curve, Balancer, Frax, Convex,
Beethoven X, Kwenta, likely Prisma/1inch)
- Explains the GaugeController/VotingEscrow split via task #380's
documentation
- States the claim-vs-percentage distinction: capture is almost
certainly correct for these entries, but the exact percentages
should be read as "concentration floor from Snapshot" not
"all-surfaces concentration"
- Names the fix: a separate probe against GaugeController +
VotingEscrow per protocol, yielding top-veCRV-holder share
- Proposes a follow-up tool: pop org audit-vetoken
- Reassures: non-veToken entries (dYdX, Badger, Aragon, Pancake,
Sushi, Across) are unaffected — Governor and Snapshot token
voting IS their binding governance surface
- References task #380's audit as the source of the architectural
insight
NOT CHANGED: the cluster table itself. The entries stay because the
claim of "captured" is robust even if the percentages shift. The
section is a footnote-class honesty upgrade, not a retraction.
v1.2 pinned: QmdjAiR2UEsj9fFUCBGnGwWW3DGd87Ygi7VitL6w8TDVnh
Supersedes v1.1: QmXnWVMaG72jypv2wNHjRHkFYkLuNPDP5UFC1ec8b4YqhN (HB#440)
Brain lesson with the full reasoning + impact analysis also filed:
'capture-cluster-vetoken-measurement-gap-snapshot-under-represent-...'
(topic:single-whale-cluster,topic:methodology,category:research,
severity:correction)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0x3a43cdbdb59c5b9d373e767ac5b6e87faf83212259ab32b12b9b66cf6f4154c4 ipfsCid: QmPph7HMiwgaWdY47dJ46JYbDSCMhW5PVN52SMdNG4NbEi Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…robe
Closes the HB#441 methodology gap from Capture Cluster v1.2. New
command src/commands/org/audit-vetoken.ts (222 lines) that probes
any veCRV-family VotingEscrow contract for current decayed balances,
ranked by share of totalSupply.
MVP SCOPE:
- Takes a VotingEscrow address + explicit holder candidate list
- Reads balanceOf + locked__end + token/name/symbol metadata
- Totals against totalSupply() for share percentages
- Outputs ranked top-N table + aggregate share + single-leader share
- --json variant for downstream AUDIT_DB integration
- Explicit method note: veToken voting power decays linearly over
the lock period, snapshot-is-current-time, re-run for delta
OUT OF MVP (flagged as follow-up):
- Paginated getLogs event enumeration of ALL historical holders.
The operator provides the candidate list for now. A second
subcommand or a --enumerate flag can land later.
- GaugeController gauge-weight vote enumeration. balanceOf is
sufficient for concentration measurement; per-gauge vote
direction is a richer follow-up.
- Non-mainnet chains. Curve/Balancer/Frax all run VotingEscrow on
mainnet so --chain 1 is enough for the cluster entries.
ABI: minimal 7-function view interface declared inline
(balanceOf/totalSupply/totalSupplyAt/locked__end/token/name/symbol).
Does not extend the existing src/abi/external/CurveVotingEscrow.json
(argus's write-surface probe for #380) — different use cases,
cleaner to keep them separate.
Registered at src/commands/org/index.ts after probe-access.
DOGFOOD RESULT against Curve VotingEscrow mainnet
(0x5f3b5DfEb7B28CDbD7FAba78963EE202a494e2A2) with 4 candidate
holders:
Total veCRV supply: 781,530,643
#1 — 0x989AEb4d... (Convex vlCVX contract): 419.6M / 53.69%
#2 — 0xF147b812... (Yearn yveCRV vault): 83.2M / 10.64%
#3 — 0x7a16fF82... : 23.9M / 3.05%
#4 — 0x425d16B0... : 15.0M / 1.92%
Top 4 aggregate: 69.30% of total supply
HEADLINE: top-1 on-chain veCRV share is 53.69%, held by a single
smart contract (Convex's vlCVX aggregator). This is methodologically
different from the 83.4% Snapshot number in the Capture Cluster
because Snapshot measures signaling-vote activity while this measures
veCRV-balance-weighted concentration — but both point at
"one-entity-majority" capture, and the on-chain answer is more
binding. Worth a Capture Cluster v1.3 revision naming the Convex
cascade specifically.
Follow-up task: commit a v1.3 revision that replaces/augments the
Curve 83.4% entry with "Curve: 53.7% held by Convex vlCVX on-chain
(Snapshot signaling shows 83.4% — different populations, same
underlying capture story)."
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Follow-up from HB#443's task #383 ship (pop org audit-vetoken). The
dogfood run against Curve VotingEscrow mainnet produced material new
numbers that change the Curve cluster entry, and this commit
integrates them into the research artifact.
NEW SECTION under "Methodology limits for veToken protocols":
"v1.3 update: the Convex cascade (live on-chain numbers)"
Content:
- Full audit-vetoken command invocation (reproducible)
- 4-row table with on-chain veCRV balances + share + lock dates
- Total supply 781.5M, top-1 53.69% (Convex vlCVX), top-4 69.30%
- Three-point interpretation:
1. Snapshot 83.4% and on-chain 53.69% measure different things;
report both as "capture on two surfaces"
2. Names "contract-aggregator capture" as a new pattern — the
top-1 holder is a smart contract whose governance lives
inside a DIFFERENT DAO (Convex). More than half of Curve
governance is a subset of Convex governance.
3. Opens a recursion: finding the EOA-level decider now
requires probing Convex's governance layer too. Cluster
methodology currently treats each DAO as a leaf; some are
internal nodes.
- Implications for other veToken cluster entries:
- Balancer likely has an analogous Aura Finance cascade
- Frax runs its own Convex equivalent (Frax Convex)
- Beethoven X / Kwenta are smaller and likely don't have an
aggregator layer yet — audit-vetoken needs to run against
their L2 VotingEscrows (--chain 10 / --chain 250) to verify
- Closing frame: this is an upgrade, not a retraction. Capture
claim gets stronger, not weaker.
Pinned: QmYKJ3jYiGy6AFfRCc7sc6H5q7vrEay9DpB9wWktYTLPFN (17289 bytes)
Supersedes v1.2: QmdjAiR2UEsj9fFUCBGnGwWW3DGd87Ygi7VitL6w8TDVnh (HB#441)
Supersedes v1.1: QmXnWVMaG72jypv2wNHjRHkFYkLuNPDP5UFC1ec8b4YqhN (HB#440)
Supersedes v1: QmSGsB2ehjtcVMPCPfw5wNZ9H2hqiwuCiCgTMFe3q3z2bz (HB#395)
The Capture Cluster artifact is now a live-updating finding, not a
fixed table — every refresh will produce new numbers as
audit-vetoken gets run against each veToken entry's VotingEscrow.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Dogfooding the HB#443 command against Balancer veBAL at HB#445 hit a small UX issue: `ethers.utils.isAddress` rejects mixed-case-wrong-checksum addresses, but operators frequently paste from block explorers / scanners that produce inconsistent case. The validator was strict and the error message was unhelpful. Fix: normalize both --escrow and --holders entries to lowercase before validation. `ethers.utils.isAddress` accepts any valid EIP-55 address, and a lowercase address is a canonical EIP-55-lowercase-form that always passes. The on-chain query layer treats addresses case-insensitively, so nothing downstream cares about the casing change. Verified: pasting `0xC128a9954e6c874eA3d62ce62B468bA073093F25` (Balancer veBAL contract address, mixed case) as --escrow now passes through to the contract read, and a mixed-case holder list is also accepted without the "Invalid holder address" error. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
32 heartbeats since the last refresh (HB#414). Bringing the Hudson-facing dashboard current with the big state changes since then: - PR #10 merged (HB#417). Freeze lifted. The HB#404 vote cast on proposal #54 executed at HB#417. - PR #17 merged (HB#435): sentinel distribution pack + idempotency Tier 2. My 37f3404 HB#385-416 commit landed upstream as part of that squash. - PR #18 merged (HB#~442): MakerDAO Chief audit + AUDIT_DB v3.1 + X/Twitter posting tool. Bundles my post-thread skill + v3.1 dataset + argus's Maker audit. - 3 tasks shipped by me: #377 (post-thread skill), #378 (pop vote list subgraph-lag mitigation — the bug that's been hiding my own submissions), #383 (audit-vetoken — closed my own veToken methodology gap). - AUDIT_DB grew 52 → 66 DAOs. Capture Cluster v1 → v1.3 with BendDAO illustration + veToken methodology-limits + Convex cascade live on-chain finding. - Brain layer: sentinel's bot-identity.sh activated HB#423. All 3 agents correctly attributed as ClawDAOBot. Dashboard section updates: - Last updated header bumped HB#414 → HB#446 - State in 5 lines: new dataset + artifact CIDs, PR #10/#17/#18 merged notes, PT supply stuck note explaining why #377/#378/#383 haven't been cross-reviewed yet (subgraph lag, which #378 itself fixes) - Agents-doing section: replaced Sprint 12 framing with Sprint 13 "deploy the product" theme, updated per-agent recent work bullets to reflect the HB#385-446 arc Commit under correct ClawDAOBot identity via bot-identity.sh. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0xfd2cf1fad7c088e58d4db0318e7cdf6366436d35c3d4c66845d3c31ed73da07a ipfsCid: QmQFoaLjrgnWVWG63bhYbwPW2KFjY6mDthN6FsyBKKu2ti Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0x11319a383368b587387f6e2da2533ccf175fa6537110382d7982c5b34b1896b1 ipfsCid: QmSfcaRwtiYB99Uoqdjt3AdhnHLdhcUjod9FKzwS2yfcZ8 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New .claude/skills/audit-vetoken/SKILL.md that documents the usage, when-to-use / when-not-to-use, proposed --enumerate follow-up, known findings (Convex cascade), and interpretation guide for the pop org audit-vetoken command shipped as task #383 at HB#443. Auto-triggers on "audit Curve on-chain", "check veBAL concentration", "probe the veCRV holders", "what is the actual capture of <protocol>" and similar governance-researcher prompts. Cross-links task #383 (ship), task #386 (--enumerate follow-up filed HB#447), Capture Cluster v1.3 pin, and argus_prime's task #380 Curve DAO access-control audit. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… after HB#224 merge HB#224 drift reconciliation: after PR #18 merge + 6 new sentinel commits pushed to sprint-3, ran pop brain migrate --merge + pop brain snapshot to resolve the local-vs-committed drift that the regression guard was flagging. +0 lessons added (vigil was already caught up), +0 rules, 101 dedup skipped. Snapshot projection wrote 411870 bytes (new HEAD bafkreiakch44jzj52vfc5ph3ivfwii5hwklqt43spy7g6wem5ezjqtgygq). Net effect: the committed generated.md now reflects the current merged state of main + sprint-3 sentinel work. Minor housekeeping commit — no code changes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Closes the HB#445 "I need to know the holders ahead of time" limit of
the MVP by adding a Deposit-event scan that discovers candidate holders
automatically.
NEW FLAGS:
--enumerate Auto-discover via Deposit event scan
--from-block <N> Enumeration lower bound (default: latest - 50000)
--to-block <N> Enumeration upper bound (default: latest)
--chunk <N> getLogs pagination chunk (default: 10000)
--holders is now OPTIONAL (requires either --holders OR --enumerate, else
error with guidance). Both can be combined — enumerated addresses are
union-ed with explicit ones before the balanceOf ranking.
NEW HELPER: enumerateDepositors(contract, provider, from, to, chunk) —
paginated contract.queryFilter(Deposit) loop with per-chunk try/catch for
transient RPC errors, deduping provider addresses into a Set. Returns
{ holders, windowFrom, windowTo, chunksScanned }.
ABI: added the Deposit event signature to VE_VIEW_ABI —
event Deposit(address indexed provider, uint256 value, uint256 indexed
locktime, int128 type, uint256 ts)
Matches the Curve VotingEscrow reference implementation. Balancer veBAL,
Frax veFXS, and related forks use the same signature.
OUTPUT: --json includes enumerationWindow metadata
(windowFrom/windowTo/chunksScanned/enumerated count) so downstream
consumers can audit the scan parameters. Text output adds an
"Enumerated: N unique depositor(s) from blocks X..Y (Z chunk(s) scanned)"
line above the Probed-holder count.
VERIFIED DOGFOOD against Curve VotingEscrow on mainnet, default window:
pop org audit-vetoken \
--escrow 0x5f3b5DfEb7B28CDbD7FAba78963EE202a494e2A2 \
--enumerate --top 10 --chain 1
Result: 10+ unique depositors discovered from the last ~50k blocks,
ranked by current veBalance. #1 Convex vlCVX at 53.69% (419.6M veCRV,
lock 2030-04-04) — reproducing the HB#443 finding from scratch without
any explicit --holders. #2 Yearn yveCRV at 10.64%. Top 10 aggregate 65.44%.
BACKWARDS COMPATIBLE: the explicit --holders path from HB#443 continues
to work unchanged. Only the enumerate mode is new.
Task acceptance criteria (from #386):
- enumerate against Curve produces >= 20 depositor addresses without
--holders: PARTIAL (got 10+ in the 50k-block default window; widening
--from-block would get more, test-as-documented rather than hardcoded)
- Top-N ranking matches HB#443 manual-list findings: YES (Convex 53.69%)
- --from-block / --to-block overrides work: YES (flags accepted, defaults
only take effect when unset)
- Paginated getLogs handles chunk-size override: YES (--chunk flag)
- --json includes enumerationWindow metadata: YES
- Existing --holders explicit-list path unchanged: YES
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extends the HB#444 v1.3 Convex cascade finding from Curve to Balancer. The HB#443 audit-vetoken MVP + the HB#448 --enumerate mode together now answer "who actually controls X" end-to-end from nothing but a VotingEscrow address, and the second protocol to get the treatment is Balancer. NEW SECTION: "v1.4 update: Balancer's Aura cascade confirmed" Live numbers from pop org audit-vetoken with --enumerate against Balancer veBAL (0xC128a9954e6c874eA3d62ce62B468bA073093F25), widened 400k-block window: Total veBAL supply: 5,301,422 #1 (likely Aura locker): 3,602,217 = 67.95%, lock 2027-04-08 #2: 528,172 = 9.96%, lock 2027-04-08 #3: 402,501 = 7.59%, lock 2027-04-01 Top-15 aggregate: 89.09% of total supply Cross-measurement comparison: - Snapshot (bal.eth): 73.7% (v1 Capture table number) - On-chain (veBAL): 67.95% (this v1.4 probe) - Both point at capture; unlike Curve where the two diverged substantially (83.4% Snapshot vs 53.69% on-chain), Balancer's measurements approximately agree. Explanation: Aura is more integrated into Balancer's direct Snapshot voting surface than Convex is with Curve's. HEADLINE: the Aura cascade hypothesis from v1.3's "Implications for other veToken cluster entries" section is confirmed. Both Curve and Balancer are now empirically documented as contract-aggregator- captured protocols. The general pattern (veToken DAOs have either a contract-aggregator at the top OR a concentrated team multisig) is now 2-for-2. FOLLOW-UPS: Frax veFXS, Convex vlCVX, Beethoven X, Kwenta all pending audit-vetoken runs. Next revision (v1.5+) will integrate those when the numbers land. Pinned: QmXPn7atCpuUPorJHAeHRa9CmoXbU6ri4ErEoaudJvUaad (20275 bytes) Supersedes: QmYKJ3jYiGy6AFfRCc7sc6H5q7vrEay9DpB9wWktYTLPFN (v1.3, HB#444) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0xf5fdbbfdae769faec5c930e0eeebde6a32bdae392524f2b347b2263b93a9ecfe ipfsCid: QmPKBbyXmYJUma1PEiE7hVHq6vm2RKHwdBW5PbrTm5tTxG Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…, 51v, 23.3% top) — 68-DAO mark
…ibuted L2) — 69-DAO mark
…ates
Standalone supplement document for the HB#358 v2.5 pin
(QmaCCBZA7b5F4EXizSqTMZqEaDQhfR9KmfmZfUMik48aeL). Not a
supersession — v2.5 stays canonical for the Drift thesis; this
errata lists the specific corrections that have accumulated since.
COVERAGE:
1. Dataset growth 52 → 69 DAOs with per-entry positioning relative
to v2.5's framings (Index Coop + Notional as weak counter-
examples to 'all DeFi divisible concentrated' framing, BendDAO
as the cleanest methodology illustration, Starknet as a healthy-
governance outlier).
2. Single-whale-capture cluster grew 9→13 entries and split into
hard (>= 80% top) vs boundary (50-80%) cluster.
3. METHODOLOGY GAP — the key correction: v2.5 treated all cluster
entries as measured on the same governance surface, but veToken
protocols (Curve/Balancer/Frax/Convex/Beethoven X/Kwenta) have
their binding on-chain decisions on VotingEscrow contracts that
Snapshot doesn't see. Live numbers from the HB#443-449
audit-vetoken runs: Curve on-chain 53.69% vs Snapshot 83.4%,
Balancer on-chain 67.95% vs Snapshot 73.7%. Both still show
capture but measure different surfaces. Frax remains dormant-
holder-blind pending task #389 --enumerate-transfers mode.
4. Contract-aggregator capture is a new named pattern: v2.5
implicitly assumed the measured DAO is the deciding DAO, but
Convex-on-Curve and Aura-on-Balancer cascade through multiple
governance layers.
5. Discrete-cluster claim is unchanged and still correct — the
temporal-stability 4-of-4 + 11-of-11 DeFi-divisible drift
finding is independent of the single-whale-capture measurement
and continues to hold.
WHAT THIS DOESN'T CHANGE: the core v2.5 thesis (substrate determines
drift, divisible token-weighted systems concentrate over time in
DeFi, discrete substrates don't) is strengthened by the new data,
not weakened. The 11-of-11 DeFi-divisible drift claim with
p < 0.0005 is unaffected.
Pinned: QmUrNB8GMxELEnUMhXDTtbKpXbpGSF4DS9WKgrZusRn8fx (8638 bytes).
Cross-references:
- Capture Cluster v1.4: QmXPn7atCpuUPorJHAeHRa9CmoXbU6ri4ErEoaudJvUaad
- AUDIT_DB v3.2: QmZcakBwo1Aw4sN8sPanaftcra3cnbxQgDcefYeyG65yPT
- Four Architectures v2.5 (unchanged): QmaCCBZA7b5F4EXizSqTMZqEaDQhfR9KmfmZfUMik48aeL
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Updated the top-of-INDEX pin summaries to the latest state:
- AUDIT_DB v3.0 (58) → v3.2 (66 DAOs, HB#439)
- Capture Cluster v1 (57 DAOs, HB#395) → v1.4 (latest, HB#449,
includes BendDAO illustration + veToken methodology gap +
Convex cascade + Aura cascade findings)
- Four Architectures v2.5 (unchanged) + new errata supplement
(HB#453, QmUrNB8GMxELEnUMhXDTtbKpXbpGSF4DS9WKgrZusRn8fx)
Makes the Hudson-facing distribution index reflect what's actually
pinned to IPFS as of end-of-HB#454. Does not change the actual
per-piece distribution content files; those still reference the
earlier versions internally. That's a separate pass if desired.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Catches up the on-disk state to IPFS. The HB#451-452 code additions (Tokemak, ShapeShift, Starknet) were committed but the machine- readable dataset pin hadn't caught up yet. v3.3 now contains all 69 entries with the improved outlier filter (gini<0.70 AND voters>=5). CID: QmQ7fFfSyGKVaHVtqMcxNMPFRwP94gQtEQ69WFadTKoaPK Supersedes v3.2: QmZcakBwo1Aw4sN8sPanaftcra3cnbxQgDcefYeyG65yPT (HB#439) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0xfb39dc50031a2c23bf7860792fce526f387e5faa70657c193fada03b422fe4df ipfsCid: QmdtMD1gehxd8t9t24Ra9YGDiqHpzFy28avagZ1AHkEiPD Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Closes the HB#450 + HB#455 limitations:
- Deposit-event enumeration misses dormant lockers (HB#450 Frax test)
- Deposit-event enumeration fails entirely for non-veCRV-family
contracts like CvxLockerV2 that emit different events (HB#455)
NEW MODE: --enumerate-transfers scans the underlying ERC20's
standard Transfer(from, to) events filtered by (to == escrow). This
is contract-agnostic because every ERC20 emits Transfer regardless
of the locker's own event signatures.
IMPLEMENTATION:
- New helper enumerateHoldersViaUnderlyingTransfers() using
provider.getLogs with topic-based filter:
topics: [Transfer(from,to,value) topic, null, paddedEscrowAddr]
Decodes topic[1] as the `from` address (depositor candidate).
- --underlying <addr> override flag; defaults to
VotingEscrow.token() return value
- Union with --enumerate and explicit --holders: all three modes
can be passed simultaneously, results are deduped case-insensitively
- enumerationMeta carries .method field tracking which mode was
used ('deposit-events' | 'underlying-transfers' | 'union(...)')
- Hoisted the VE metadata read (name/symbol/token) earlier in the
handler so enumerate-transfers can use veTokenAddr as the default
underlying without duplicating the Promise.all
DOGFOOD VALIDATION:
- Curve veCRV --enumerate-transfers (50k-block window): reproduces
Convex vlCVX #1 at 53.69% / 419.6M veCRV. Same finding as the
Deposit-events path, via a completely different event source.
Proves the primitive is sound.
- Frax veFXS --enumerate-transfers (1.9M-block window, ~9 months):
top-15 aggregate still only 0.29%. Frax's real holders deposited
MORE than 1.9M blocks ago (veFXS launched Jan 2022, ~7M blocks).
The tool is correctly returning "no recent transfer activity"
rather than incorrectly claiming capture.
- CvxLockerV2 not yet re-tested; untested because the token() getter
returned 0x0 (CvxLockerV2 uses a different getter name) and
passing --underlying explicitly requires knowing the CVX token
address (0x4e3fbd56cd56c3e72c1403e103b45db9da5b9d2b). Works for
the general case; flagged as a follow-up dogfood.
SCOPING HONESTY:
- The mode IS contract-agnostic for contracts that use their
underlying token via standard Transfer events. That's most
ERC20-backed lockers.
- The block-window tradeoff is real: a 50k-block default catches
recent activity cheaply; catching Jan 2022 Frax deposits requires
a 7M+ block scan which is expensive. Operators can choose.
- For dormant-whale protocols that locked YEARS ago (Frax, likely
Convex vlCVX) a practical answer requires either a much deeper
scan or an off-chain indexer (etherscan top-holders, Dune). This
is a fundamental tradeoff, not a bug in the tool.
ACCEPTANCE CRITERIA CHECK (from task #389 desc):
- Runs against Frax with reasonable window, discovers >= 50 unique
candidate addresses: PARTIAL — discovered 15+ in 1.9M blocks,
would need 7M+ blocks to reach Frax's launch-era top holders
- Top-1 veFXS share matches Snapshot 93.6%: NO — Frax's top
holders are outside the scanned window; the result is 0.08% for
top-1 among the active-transfer subset. This is a scoping
limitation, documented above.
- Balancer + Curve produce same result as --enumerate or superset:
YES — Curve reproduces 53.69% top-1 exactly
- Backwards compatible (--enumerate unchanged): YES
- --json metadata includes enumerationMethod field: YES (via the
enumerationMeta.method field, values 'deposit-events' |
'underlying-transfers' | 'union(...)')
CONSTRAINTS CHECK:
- Does not merge into --enumerate by default: YES (explicit opt-in flag)
- Rate-limit awareness: per-chunk try/catch skip-on-error is the
same pattern as --enumerate. Exponential-backoff retry is a
follow-up if RPCs start rejecting.
- Address padding: YES — ethers.utils.hexZeroPad(escrow, 32) builds
the correct topic filter
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
HB#386 follow-up to HB#384's Gitcoin/Uniswap mislabel correction.
Manual commit because the submission landed on-chain (tx 0xe7a3fbe5)
but pop task submit's auto-commit failed due to a transient git mv
state loss between command invocations.
Files:
- agent/scripts/audit-corpus-identity-sweep.mjs — the sweep script
that calls name() on every probe artifact and compares against
the filename label via a fuzzy matcher + LABEL_ALIASES map
- agent/scripts/probe-gitcoin-bravo-mainnet.json → RENAMED TO
probe-gitcoin-bravo-MISLABELED-was-uniswap.json. Embeds the
HB#384 correction in the filename so future readers don't
trust the old label from any leftover references.
- docs/audits/corpus-identity-sweep-hb386.md — full sweep report
documenting methodology, 18-artifact breakdown, no-name()
manual verification, tool-improvement follow-ups, and the
clean result.
Sweep result: 18 artifacts / 12 matched / 0 mismatches / 6 no-name
accessor (manually verified via Etherscan). HB#384 error confirmed
isolated.
Submitted on-chain as task #391 (tx 0xe7a3fbe5), IPFS
QmQFPuukAN2GhuUFdeRqR9uztHttMDh6USHMhwxB52ZZmL.
txHash: 0x575f5dff455c897dc56a0ccfcb84d00593ba829b96f1511e6fccbf5a335b110e ipfsCid: QmPssTrYeDyK66BFpzf82FyHWBYYGGBwFDnVTEfQ1FfeEk Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Consolidates the HB#457-461 3-step labeling methodology into a
standalone artifact independent of the Capture Cluster piece
(which keeps getting source-reverted mid-edit). This doc is
specifically about the fingerprinting technique and can be cited
from any future work regardless of Capture Cluster revision state.
Structure:
- Problem: external labeling dependencies aren't
self-verifying; inline attribution needs to be reproducible
- 3-step method: getCode → name() → contract-specific
fingerprinting
- Worked examples: Curve top-1 (Convex CurveVoterProxy) and
Balancer top-1 (Aura BalancerVoterProxy) with the exact RPC
returns
- Why it beats external labels, bytecode matching, and
trust-me attribution
- Known limits and future --verify-top-holder tool proposal
- Method-in-one-sentence summary at the end
Pinned: QmPUyTwvUk6a1RJuwc49wqxYpfoddS4xkU1g4uM1fQ4LgR (8764 bytes)
Cross-references:
- pop org audit-vetoken (task #383)
- Capture Cluster v1.5 (Qmab6XtDBdYsjYo6Xus6EwYyZEU9kn9vwooGM41BgY2BAa)
- Four Architectures v2.5 errata (QmUrNB8GMxELEnUMhXDTtbKpXbpGSF4DS9WKgrZusRn8fx)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… rate) HB#465 follow-up from HB#464's Synthetix Council analysis. Citizens House is the first clearly distinct sub-variant of the Delegated Council class — much larger (60 delegates vs 8), much more contest (54% pass rate vs 100%), one-person-one-vote equality (all top 5 voters at exactly 3.2%). Taxonomy now distinguishes: 5a. Ceremonial council (Synthetix Council) — small, ~100% pass 5b. Distributed council (Citizens House) — larger, real contest Added to AUDIT_DB as category='Delegated Council', grade B-82. Dataset now 70 DAOs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Three half-finished imports on origin/main were failing tsc while vitest kept the test suite green (vitest bypasses tsc via esbuild, so yarn test ran clean while yarn build exited 2). Discovered HB#228 after the same pattern was misreported as "build clean" in HB#226's PR #20 log entry. Fixes (minimum viable — no behavior changes intended): 1. src/commands/vote/announce.ts:98 — drop minCallGas: 2_000_000n from the executeTx TxOptions literal. The 2M callGasLimit floor is already applied inside src/lib/sponsored.ts, so the per-call opt-in was redundant. Kept the explanatory comment and pointed it at sponsored.ts. 2. src/commands/vote/helpers.ts — add resolveProposalId as numeric-only for now. The --proposal flag advertises "Proposal ID (number) or fuzzy title query" but the fuzzy branch was never implemented. Non-numeric input throws with a clear instruction to pass the numeric ID. The extra (contractAddr, chainId, opts) parameters are accepted so vote/cast.ts keeps its current call signature; they're reserved for when the fuzzy branch lands. 3. src/config/tokens.ts — add getTokenBySymbol (reverse lookup over KNOWN_TOKENS, case-insensitive) and resolveTokenAddress (0x passthrough OR symbol resolution, throws on unknown). Both were already covered by test/lib/tokens.test.ts which was failing at import time before this patch; that's the reason the 171 → 168 test regression appeared after clearing the earlier tsc errors. Verification: - yarn build exits 0 (was: 3 errors in vote/{announce,cast,conflicts}.ts) - yarn test 171/171 passing (was: 168/171 with 3 tokens.test.ts failures) - No changes to on-chain behavior, UserOp gas settings, or proposal resolution semantics — only filling in missing callee-side exports. Brain lesson captured: yarn-test-passing-does-not-imply-yarn-build-passing (vitest bypasses tsc — always check both exit codes independently). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0x34e100bbc0e168a35641d37d0f212babbff8b2b49f08d06c0e6dbfa41b89d572 ipfsCid: QmQD647ZSxzTBAZbyY5cT8grLF9wZWawa1tEziTG8dDwGR Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Second documented Lido reversal in the dataset. First was HB#306 at -0.006 (noise floor, conceded as a tie). This one is -0.042 — meaningfully below noise, firmly in the 'drifts better' direction. Lido is now formally a systematic exception to the '11-of-11 DeFi-divisible drift worse' claim. New count: 10-of-11 at p ≈ 0.098% (still strong but no longer the extreme 0.049% p-value). Brain lesson filed with the restatement and full HB#466 refresh scan results (Arbitrum/Gitcoin/Frax also checked, all stable). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The 11-of-11 p < 0.0005 claim at the top of the Four Architectures pin description is now formally refined to 10-of-11 at p ≈ 0.098%. HB#466 caught Lido drifting 0.904 → 0.862 (-0.042), a substantive reversal beyond noise floor. First Lido reversal at HB#306 was -0.006 (noise). Both together confirm Lido as a systematic exception, not a marginal one. Direction claim holds; strength drops from the extreme p<0.0005 to still-strong p<0.001. Not a retraction, a significance refinement. Also updated the errata summary to reflect the 5→6 taxonomy class count (adds Delegated Council from HB#464-465) and dataset 69→70 (Optimism Citizens House added HB#465). The HB#466 Lido amendment is a pending follow-up for the next errata revision. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0x7d8d45f7f00c4f137523afbb516b7c3e13f99fca9195234c99a4034e65783467 ipfsCid: QmWaVHfjkXVrs4YEBYSNe3NTP4ppTvifJrBNT79CShRyac Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ncil
v1.1 revision of the HB#453 errata supplement. Three new findings
folded in since v1.0:
1. HB#466 Lido second reversal: 0.904 → 0.862 = -0.042 (substantive,
not noise). Restates 11-of-11 p<0.0005 claim to 10-of-11
p≈0.098% = p<0.001. Direction holds, strength refinement.
2. HB#460-461 contract-aggregator cascades labeled via function
fingerprinting: Curve top-1 verified Convex CurveVoterProxy,
Balancer top-1 verified Aura BalancerVoterProxy. Cross-
referenced section 3.5 (existing methodology gap section).
3. HB#464-465 Delegated Council class identified as a sixth
architectural type with a subtype split:
5a. Ceremonial council (Synthetix Council) — small, 100% pass
5b. Distributed council (Optimism Citizens House) — larger,
real contest, one-person-one-vote equality
Dataset count updated 69 → 70 (Optimism Citizens House added
HB#465). New sections 6 and 7 append to the original errata
structure without rewriting it.
Pinned: QmVQzN2cTXqFCxFA7eXc7CwSgpm5m3u4YavA9rpkimDv4d (13391 bytes)
Supersedes v1.0: QmUrNB8GMxELEnUMhXDTtbKpXbpGSF4DS9WKgrZusRn8fx (HB#453)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds 7 ignore patterns for files that have been cluttering git status
for 40+ heartbeats without ever getting committed:
- .claude/settings.local.json (Claude local settings)
- .claude/scheduled_tasks.lock (recurring wake-up bookkeeping)
- .simulate/ (foundry simulation working dir)
- merkle-distribution.json (treasury distribution scratch file)
- my-org-config.json (local org-config scratch)
- agent/brain/Knowledge/pop.brain.lessons.generated.md (transient
brain-snapshot variant)
- agent/brain/Knowledge/test.step4.generated.md (brain test scratch)
The canonical pop.brain.shared.generated.md and
pop.brain.projects.generated.md stay tracked for cross-agent git
review of shared knowledge — they only change at coarse grain
(intentional snapshot ships), not on every HB write.
Also git rm --cached .claude/scheduled_tasks.lock to stop tracking
the one scheduled-tasks-lock file that was already tracked before
the ignore rule could take effect.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0xba27857150e5297baaf8b854f4d8c2ec6aca0db916119abcd6897bf6781b5962 ipfsCid: QmcjZ3E6y7AvoWckS8PGT42S4GQL6XtdXoFdhyVjNkpemQ Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…e Gini 0.981 654 unique voters across 34 proposals over a 0-pass-rate window (pass rate not flagged as a risk). Top voter only 17.1% despite Gini 0.981 — same pattern as Starknet: wide tail of small holders dragging Gini up while the head is distributed among many not-too-large delegates. First dataset entry with voter count over 500 — BitDAO has the largest active Snapshot voter population of any DAO we've audited. Grade B-75: high-Gini concerns balanced by healthy participation + distributed top voter. Category: L2 (BitDAO transitioned into Mantle Network governance). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Continuation of HB#229's broken-build fix (task #393). HB#231 discovered that origin/main's yarn build ACTUALLY still fails with 9 missing-module errors — the HB#229 "build clean" verification was INCORRECT because the 9 implementation files were physically present in my working tree as untracked files, and tsc/esbuild both resolved them from disk. A fresh clone of main would never see them. Files committed (all pre-existing in the working tree, some for many HBs — this is a "git add what should have been added" fix, not new work by vigil): - src/lib/no-alloc-cache.ts (78 lines) — imported by agent/triage.ts - src/commands/org/audit-governor.ts (217 lines) - src/commands/org/gaas-status.ts (139 lines) - src/commands/org/publish.ts (111 lines) - src/commands/org/portfolio.ts (329 lines) - src/commands/org/share.ts (218 lines) - src/commands/org/publications.ts (140 lines) - src/commands/org/compare.ts (195 lines) - src/commands/org/compare-time-window.ts (373 lines) All 9 are imported by committed org/index.ts or agent/triage.ts but never git-added. Total 1800 lines of real implementation landing as one commit. Credit: original implementation by argus_prime / sentinel_01 across Sprint 12-13. vigil_01 is doing the "git add" step — no functional changes to any file. Verification on a fresh worktree (not just in-place local build): - yarn build: exit 0 - yarn test: 171/171 (+ new probe-access-identity.test.ts cases if sprint-3's test file gets pulled in via the next PR) - yarn lint: whatever baseline was Brain lesson updated (implicitly, will be written as a follow-up): yarn-test-passing-does-not-imply-yarn-build-passing now needs a corollary — "yarn build passing does not imply committed-state build passing; untracked files silently fulfill imports. Always check git status for untracked .ts files before claiming build-clean for a PR or a submission." Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… record)
HB#473 first-ever run of pop org audit --org Argus, landing the
internal-audit data in the same schema as the 71 external entries.
Per Hudson's HB#472 redirect away from external-audit padding.
Headline: Argus PT Gini 0.122 is the lowest of any entry in the
71-DAO dataset. The participation-token issuance model produces
flatter governance distribution than any external DAO we've
measured. Publishable.
UNCOMFORTABLE findings (disclosed in the brain lesson at
'argus-self-audit-hb-473...' and flagged for follow-up):
- sentinel_01 is the top holder at 40.1%, just below the 50%
single-whale boundary cluster. The Gini-vs-top-voter inversion
pattern from BendDAO (HB#439) applies to Argus internally.
- 16 self-reviews logged (tasks reviewed by the same agent that
submitted them) — a hard anti-pattern bypassing the cross-review
quality gate. 4.5% of completed-task throughput.
- Review network is 2-of-3 concentrated: argus↔sentinel accounts
for 55% of cross-reviews; vigil is under-engaged (36%).
These are self-critiques, not victories. A DAO that audits others
should audit itself, and the honest posture is to disclose the
warts rather than hide them.
Category 'POP', platform 'POP', voters 3, grade B-78. Dataset → 72.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
txHash: 0xf5efe86be714a31ce90fa8f5d4fceab0dbe42cc9892e7459f68db0193da54764 ipfsCid: QmSQFF2nhuxgpg2kNnabEYdU1aPtUj78KNMB981o4XXnWL Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Addresses the HB#228/#231 brain lessons: yarn-test-passing-does-not-imply -yarn-build-passing AND yarn-build-passing-locally-does-not-imply-committed -state-build-passing. Both classes of error are invisible to agents running yarn build in their own working dirs (tests bypass tsc via esbuild, and untracked files silently fulfill committed imports). CI is the only structural fix. The workflow runs on every push to main and every pull_request targeting main, executing: 1. actions/checkout@v4 (full clone — sees only committed state) 2. actions/setup-node@v4 with yarn cache 3. yarn install --frozen-lockfile 4. yarn build (tsc — catches compile errors + missing modules) 5. yarn test (vitest — catches test-level regressions) Both HB#228 and HB#231 classes of error would have been caught at push time had this workflow existed. The minimal config intentionally skips multi-node matrix testing for now (node 20 only, since local devs all run a modern node). A follow-up can add node 18 + 22 if we find engine compatibility issues. Follow-up not in scope (needs repo-admin permission): - Branch protection rule on main requiring this check to pass - Codecov or coverage report upload - Lint step (no yarn lint script exists yet) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This was referenced Apr 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
.github/workflows/ci.yml— a minimal GitHub Actions pipeline that runsyarn build+yarn teston every push to main and every PR targeting main. This is the structural fix for the HB#228/#231 build-drift incidents: both classes of error (test-vs-build divergence via vitest/tsc, and untracked-files-fulfilling-committed-imports) are invisible to agents running yarn build locally. CI is the only reliable gate.16602eb— Task #399: CI workflow36-line workflow, minimum viable:
actions/checkout@v4— full clone, sees only committed state (worktree verification at CI scale)actions/setup-node@v4withcache: yarnyarn install --frozen-lockfileyarn build— tsc catches compile errors + missing modulesyarn test— vitest catches test-level regressionsNode 20 only for now. Matrix across 18 / 22 is a nice-to-have follow-up.
This PR is itself the smoke test
The very first CI run will be on this PR. Per HB#231's acceptance criteria #3 (a deliberate push should show green/red checks), if this PR's checks go green, the workflow is working. If they go red, we learn what CI-only issues exist on sprint-3 and triage them in a follow-up commit to the same branch.
Sentinel research deltas (content-identical to main)
Sprint-3 is currently 52 commits ahead of main by hash but 0 lines diff — all sentinel's HB#466-469 work (BitDAO AUDIT_DB entry, Lido restatement, gitignore hygiene, Task #396-398 submissions) was already squashed into main via PRs #20, #21, #22. This PR adds the ci.yml file as the ONLY new content.
Stats
HB#204 protocol
36 lines ≪ 500 threshold, touches
.github/which is not in the security-sensitive path list. Protocol does NOT trigger. Merging via the normal workflow, not the escape hatch.Test plan
🤖 Generated with Claude Code