mirror of
https://github.com/samvallad33/vestige.git
synced 2026-07-02 22:01:01 +02:00
Two deeper review findings (both blockers) + doc de-staling.
C2-deep: my earlier C2 made purge/delete TRACE as memory.write, but gate_writes
did `get_node(id) -> skip on None`, and purge had already DELETEd the row — so a
destructive removal still never opened a Memory PR (it was silently skipped).
The most security-critical write type couldn't be reviewed. Fix: a missing node
is now gateable for destructive decisions — gate_writes builds the WriteContext
from the decision itself (marks `forgets`, which classify_write gates), and the
PR records the removal with node.deleted=true. Proven live: purging a node opens
a PR (kind node_decayed, deleted true); test
gate_opens_pr_for_destructive_write_after_node_deleted_c2.
PRIV: gate_writes copied the FULL node.content into the PR diff + title, so a
real secret in a gated memory would leak into the memory_prs table, the
dashboard, and any exported proof bundle — defeating the point of gating
sensitive writes. Fix: the PR now stores a truncated content PREVIEW + an FNV
content HASH, and sensitive-topic/sensitive-node-type writes are fully REDACTED
("[redacted — sensitive content; review via risk signals]"). The reviewer still
sees the risk signals (why it opened) and a hash (to correlate), never the
secret. Tests gate_redacts_sensitive_content_in_pr_priv,
content_preview_redacts_sensitive_and_truncates, content_hash_is_stable. The
committed memory_pr.json + the whole proof bundle were re-captured and contain
no secret (verified by scan); the re-shot memory-prs.png shows the redaction.
DOC: REVIEW.md commit list is now git-log-based (no stale hashes); C2-deep + PRIV
added to the findings table; PROOF.md write/PR rows updated; test count -> 1007.
Gates: 1007 lib tests pass (+7 new regressions), clippy -D warnings clean,
dashboard check + build clean.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| black-box-dream.png | ||
| black-box.png | ||
| dream-producers.png | ||
| graph.png | ||
| memory-prs.png | ||
| README.md | ||
| receipts.png | ||
Proof Pack Screenshots
Captured with Playwright (@playwright/test, headless Chromium, 1440×1700 @2x)
from the live Vestige dashboard at http://localhost:5173/dashboard,
proxying to a real vestige-mcp server with real trace data.
| File | Tab | Shows |
|---|---|---|
black-box.png |
Black Box | spine header (WebSocket Connected), run picker (proof/proof2), timeline scrubber + colored ticks, current event detail, memory pulse, event producers (with honest dream.patch/sanhedrin.veto off-by-default states), receipts panel, full event log |
receipts.png |
Black Box → Receipts | a real ReceiptCard: receipt id, retrieved/suppressed/trust-floor, activation path, retrieved ids, "Open receipt in Cinema" |
memory-prs.png |
Memory PRs | killer line + quarantine-review note, Fast/Risk-Gated/Paranoid modes, status filters, PR rows, cognition diff, "Why this opened" signal (sensitive_topic), Decided: promote |
graph.png |
Graph | the live WebGL memory constellation + Memory Cinema button (unchanged) |
Re-capture: start the dev server (pnpm --filter @vestige/dashboard dev),
point its /api proxy at a running vestige-mcp with trace data, then run the
capture script (see PROOF.md "Reproduce").