386 lines
15 KiB
JSON
386 lines
15 KiB
JSON
{
|
||
"schema_version": "agent_bounty_iwooos_onboarding_handoff_v1",
|
||
"status": "draft_waiting_owner_review",
|
||
"date": "2026-06-11",
|
||
"mode": "product_scope_handoff_only",
|
||
"source_evidence_refs": [
|
||
"docs/security/iwooos-posture-projection.snapshot.json",
|
||
"docs/workplans/2026-06-04-iwooos-security-governance-p0.md",
|
||
"apps/web/src/app/[locale]/iwooos/page.tsx",
|
||
"apps/web/messages/zh-TW.json",
|
||
"/Users/ogt/Documents/agent-bounty-protocol/README.md",
|
||
"/Users/ogt/Documents/agent-bounty-protocol/package.json",
|
||
"/Users/ogt/Documents/agent-bounty-protocol/apps/web/package.json",
|
||
"/Users/ogt/Documents/agent-bounty-protocol/packages/mcp-server/package.json",
|
||
"/Users/ogt/Documents/agent-bounty-protocol/packages/contracts/package.json",
|
||
"/Users/ogt/Documents/agent-bounty-protocol/docker-compose.yml"
|
||
],
|
||
"summary": {
|
||
"product_name": "agent-bounty-protocol",
|
||
"onboarding_handoff_package_ready": true,
|
||
"onboarding_handoff_completion_percent": 100,
|
||
"product_boundary_merged_into_awoooi": false,
|
||
"owner_response_received": false,
|
||
"owner_response_accepted": false,
|
||
"repo_refs_truth_accepted": false,
|
||
"data_classification_accepted": false,
|
||
"deployment_boundary_accepted": false,
|
||
"external_agent_boundary_accepted": false,
|
||
"runtime_gate_open": false,
|
||
"runtime_execution_authorized": false,
|
||
"production_deploy_authorized": false,
|
||
"repo_creation_authorized": false,
|
||
"refs_sync_authorized": false,
|
||
"workflow_modification_authorized": false,
|
||
"secret_value_collection_authorized": false,
|
||
"auto_claim_submit_authorized": false,
|
||
"bounty_payout_authorized": false,
|
||
"external_agent_autonomy_authorized": false,
|
||
"shared_database_authorized": false,
|
||
"shared_session_authorized": false,
|
||
"shared_rbac_authorized": false,
|
||
"action_buttons_allowed": false
|
||
},
|
||
"product_identity": {
|
||
"product_type": "M2M 交易閘道器、Agent Bounty / MCP / A2A 實驗產品",
|
||
"current_focus": "公開任務、agent 互動、MCP tool gateway、A2A negotiation、外部流量監控、scout、webhook、admin / treasury 與 cron automation 的只讀資安納管。",
|
||
"technical_stack": [
|
||
"Next.js 16 App Router",
|
||
"React 19",
|
||
"TypeScript",
|
||
"Prisma",
|
||
"PostgreSQL",
|
||
"Redis",
|
||
"Docker Compose",
|
||
"MCP SDK",
|
||
"A2A / Nostr / Waku / XMTP 類外部 agent 連線",
|
||
"Stripe / Ethers / webhook 類整合候選",
|
||
"Telegram / Discord / GitHub 通知或 webhook 候選"
|
||
],
|
||
"language_policy": "納入 IwoooS 與 AWOOOI 文件、前端內容、LOGBOOK 與 handoff 時一律使用繁體中文;程式符號、API、套件名稱、route 與 env-key 名稱可保留英文。"
|
||
},
|
||
"repo_scope": {
|
||
"active_workspace": {
|
||
"path": "/Users/ogt/Documents/agent-bounty-protocol",
|
||
"status_summary": "read_only_observed_dirty_workspace_on_main_with_51_modified_or_untracked_items; .env-like files exist but were not read",
|
||
"canonical_for_iwooos": false,
|
||
"forbidden_actions": [
|
||
"commit",
|
||
"rebase",
|
||
"push",
|
||
"delete_files",
|
||
"sync_refs",
|
||
"read_env_file",
|
||
"run_deploy_script",
|
||
"run_security_scan",
|
||
"start_cron_or_daemon"
|
||
]
|
||
},
|
||
"reference_worktree": {
|
||
"path": "/Users/ogt/Documents/agent-bounty-protocol",
|
||
"head_sha": "a1856d08bc2778f9b41076cd6175ff2389b2e5ca",
|
||
"origin_main_sha": "a1856d08bc2778f9b41076cd6175ff2389b2e5ca",
|
||
"main_sha": "a1856d08bc2778f9b41076cd6175ff2389b2e5ca",
|
||
"remote": "http://192.168.0.110:3001/wooo/agent-bounty-protocol.git",
|
||
"refs_truth_status": "waiting_owner_decision_due_dirty_workspace_and_internal_remote"
|
||
},
|
||
"required_owner_answers": [
|
||
"canonical repo path / remote",
|
||
"dirty workspace WIP vs release candidate disposition",
|
||
"GitHub target metadata if needed",
|
||
"workflow / runner / webhook / secret name parity owner",
|
||
"production host / compose directory / domain / TLS owner",
|
||
"A2A / MCP / external agent autonomy boundary owner",
|
||
"treasury / payout / staking / Stripe / settlement data owner",
|
||
"traffic monitoring / Telegram / Discord / GitHub webhook notification owner"
|
||
]
|
||
},
|
||
"product_surfaces": [
|
||
{
|
||
"surface_id": "public-and-task-surface",
|
||
"routes": [
|
||
"/",
|
||
"/tasks/[id]",
|
||
"/tasks/create",
|
||
"/showcase",
|
||
"/showcase/[id]",
|
||
"/leaderboard",
|
||
"/explorer",
|
||
"/traffic",
|
||
"/ico"
|
||
],
|
||
"boundary": "public and marketplace-facing surface only; no bounty payout or external claim/submit authorization in this handoff"
|
||
},
|
||
{
|
||
"surface_id": "well-known-agent-metadata",
|
||
"routes": [
|
||
"/.well-known/agent-card.json",
|
||
"/.well-known/ai-plugin.json",
|
||
"/.well-known/mcp.json",
|
||
"/.well-known/openapi.yaml"
|
||
],
|
||
"boundary": "metadata can be indexed as route evidence; it does not authorize agent execution or credential exposure"
|
||
},
|
||
{
|
||
"surface_id": "mcp-and-open-task-api",
|
||
"routes": [
|
||
"/api/mcp/[tool]",
|
||
"/api/mcp/agent_card",
|
||
"/api/mcp/create_human_task",
|
||
"/api/mcp/submit_bid",
|
||
"/api/open-tasks"
|
||
],
|
||
"boundary": "MCP tool gateway requires owner response, auth boundary and abuse controls before any runtime use; this handoff is read-only"
|
||
},
|
||
{
|
||
"surface_id": "a2a-agent-protocol",
|
||
"routes": [
|
||
"/api/a2a/arbitrate",
|
||
"/api/a2a/directory/sync",
|
||
"/api/a2a/dispute",
|
||
"/api/a2a/launchpad/create",
|
||
"/api/a2a/launchpad/projects",
|
||
"/api/a2a/mcp/discover",
|
||
"/api/a2a/negotiate",
|
||
"/api/a2a/reputation/verify",
|
||
"/api/a2a/rpc",
|
||
"/api/a2a/settle",
|
||
"/api/a2a/staking/deposit",
|
||
"/api/a2a/staking/withdraw"
|
||
],
|
||
"boundary": "external agent, settlement, staking and dispute routes stay locked until owner approval and follow-up runtime gate"
|
||
},
|
||
{
|
||
"surface_id": "automation-and-cron",
|
||
"routes": [
|
||
"/api/cron/a2a-discovery",
|
||
"/api/cron/a2a-dispatcher",
|
||
"/api/cron/a2a-inviter",
|
||
"/api/cron/a2a-swarm",
|
||
"/api/cron/bidding-evaluator",
|
||
"/api/cron/judge-agent",
|
||
"/api/cron/lead-gen",
|
||
"/api/cron/reaper",
|
||
"/api/cron/self-replicate",
|
||
"/api/cron/sentience-check",
|
||
"/api/cron/treasury-alert"
|
||
],
|
||
"boundary": "cron and daemon behavior is observe-only in IwoooS; no schedule enable, external send, claim, submit, payout or self-replication is authorized"
|
||
},
|
||
{
|
||
"surface_id": "admin-and-treasury",
|
||
"routes": [
|
||
"/admin",
|
||
"/admin/traffic",
|
||
"/admin/treasury",
|
||
"/api/admin/health",
|
||
"/api/admin/simulate",
|
||
"/api/admin/treasury/stats",
|
||
"/api/admin/withdraw",
|
||
"/login"
|
||
],
|
||
"boundary": "admin, treasury and withdraw surfaces require RBAC / auth / financial owner response; IwoooS only lists them as scope"
|
||
},
|
||
{
|
||
"surface_id": "webhooks-and-traffic",
|
||
"routes": [
|
||
"/api/traffic",
|
||
"/api/webhooks/github",
|
||
"/api/webhooks/stripe",
|
||
"/api/scout/draft",
|
||
"/api/scout/issue-exists",
|
||
"/api/intents/stream",
|
||
"/api/v1/health"
|
||
],
|
||
"boundary": "traffic, scout and webhook evidence must be redacted metadata only; no webhook secret or payload body collection"
|
||
}
|
||
],
|
||
"owner_response_handoff": {
|
||
"status": "ready_not_dispatched",
|
||
"request_dispatch_authorized": false,
|
||
"required_response_fields": [
|
||
"product_owner_role_or_team",
|
||
"security_owner_role_or_team",
|
||
"source_control_owner_role_or_team",
|
||
"deployment_owner_role_or_team",
|
||
"data_classification_owner_role_or_team",
|
||
"external_agent_boundary_owner_role_or_team",
|
||
"settlement_or_treasury_owner_role_or_team",
|
||
"notification_owner_role_or_team",
|
||
"surface_scope",
|
||
"decision",
|
||
"decision_reason",
|
||
"redacted_evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"allowed_decisions": [
|
||
"confirm_observe_only",
|
||
"defer",
|
||
"reject",
|
||
"request_more_evidence"
|
||
],
|
||
"forbidden_inputs": [
|
||
".env content",
|
||
"database URL value",
|
||
"API key value",
|
||
"MCP API key value",
|
||
"E2B API key value",
|
||
"Telegram bot token value",
|
||
"Telegram chat id value",
|
||
"Discord webhook value",
|
||
"GitHub token value",
|
||
"Stripe secret value",
|
||
"wallet private key",
|
||
"seed phrase",
|
||
"cookie",
|
||
"session",
|
||
"auth header",
|
||
"raw webhook payload",
|
||
"raw traffic payload",
|
||
"raw agent prompt or transcript",
|
||
"claim or submit execution request",
|
||
"payout or withdraw execution request",
|
||
"deploy command request",
|
||
"compose restart request",
|
||
"DB migration request",
|
||
"repo push request",
|
||
"refs sync request"
|
||
],
|
||
"response_received": false,
|
||
"response_accepted": false
|
||
},
|
||
"independent_product_boundary": {
|
||
"must_remain_independent": true,
|
||
"forbidden_couplings": [
|
||
"share_awoooi_database",
|
||
"share_awoooi_session",
|
||
"bind_agent_bounty_rbac_to_awoooi_rbac_without_owner_review",
|
||
"depend_on_awoooi_runtime_for_agent_bounty_core_flow",
|
||
"treat_awooop_approval_as_agent_bounty_security_approval",
|
||
"direct_cross_database_join",
|
||
"auto_bridge_awooop_work_item_to_agent_claim_submit",
|
||
"auto_trigger_payout_or_withdrawal"
|
||
],
|
||
"allowed_future_integrations": [
|
||
"versioned API",
|
||
"Webhook event with redacted metadata",
|
||
"outbox pattern",
|
||
"import / export adapter",
|
||
"SSO / OAuth with product RBAC preserved",
|
||
"Anti-Corruption Layer",
|
||
"read-only AwoooP evidence mirror"
|
||
]
|
||
},
|
||
"data_classification_intake": [
|
||
{
|
||
"data_type": "task / bounty / solution metadata",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "metadata and field type only; no private task content, raw solution or unpublished code"
|
||
},
|
||
{
|
||
"data_type": "agent identity / reputation / negotiation state",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "agent id category and state transition summary only; no raw prompt, transcript, private key or token"
|
||
},
|
||
{
|
||
"data_type": "MCP tool calls / A2A protocol events",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "route, tool name and decision metadata only; no request body, credential, payload or generated secret"
|
||
},
|
||
{
|
||
"data_type": "webhook / traffic / scout evidence",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "source type, timestamp and redacted status only; no webhook secret, auth header or raw payload body"
|
||
},
|
||
{
|
||
"data_type": "settlement / staking / treasury / Stripe",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "capability and owner metadata only; no wallet private key, seed phrase, Stripe secret or payout instruction"
|
||
},
|
||
{
|
||
"data_type": "admin / login / traffic dashboard",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "role boundary and audit event type only; no account password, session, cookie or private user data"
|
||
},
|
||
{
|
||
"data_type": "cron / daemon / ecosystem hunter",
|
||
"status": "waiting_owner_classification",
|
||
"collection_rule": "schedule name, disabled/enabled intent and redacted endpoint refs only; no daemon start, claim, submit or external send"
|
||
}
|
||
],
|
||
"deployment_boundary": {
|
||
"public_host": "https://agent.wooo.work",
|
||
"production_mode": "Docker Compose candidate with owner confirmation required",
|
||
"compose_host_status": "README mentions 110; scripts and prior local deploy helpers mention 188; owner must confirm canonical host before any production claim",
|
||
"compose_directory_status": "waiting_owner_confirmation; no SSH, rsync, compose restart or deploy script was executed in this AWOOOI stage",
|
||
"internal_web_status": "docker-compose exposes web host port 3004 and agent host port 3001 in local evidence; do not publish internal URL in frontend",
|
||
"database_boundary": "Compose PostgreSQL and Redis services; .env-like files exist but were not read; no DB URL value collection",
|
||
"production_verification_in_this_awoooi_stage": false,
|
||
"deployment_authorized": false
|
||
},
|
||
"external_agent_boundary": {
|
||
"autonomy_authorized": false,
|
||
"claim_submit_authorized": false,
|
||
"payout_authorized": false,
|
||
"allowed_now": [
|
||
"display_read_only_scope",
|
||
"display_redacted_route_inventory",
|
||
"display_required_owner_response_fields",
|
||
"display_forbidden_actions",
|
||
"prepare_followup_review_candidate"
|
||
],
|
||
"blocked_until_owner_review": [
|
||
"AUTO_CLAIM",
|
||
"AUTO_SUBMIT",
|
||
"RUN_DAEMON",
|
||
"external MCP claim / submit",
|
||
"Nostr listener daemon",
|
||
"A2A dispatcher",
|
||
"self-replicate cron",
|
||
"treasury alert send",
|
||
"Stripe webhook secret validation change",
|
||
"payout / withdraw / staking action",
|
||
"GitHub issue comment or token use",
|
||
"Telegram / Discord notification send"
|
||
]
|
||
},
|
||
"acceptance_rules": [
|
||
"本 handoff 完成不代表 agent-bounty-protocol owner response 已收到或 accepted。",
|
||
"agent-bounty-protocol 納入 IwoooS 只代表全產品資安視野可見,不代表掃描、部署、修復、claim、submit、payout、withdraw、cron 或 runtime execution。",
|
||
"canonical repo、refs truth、workflow / secret name、GitHub target、compose host 與 production URL 仍需 owner response。",
|
||
"正式 URL、Docker Compose、health endpoint、MCP metadata 或 A2A routes 可見,不等於本段已做 production verification。",
|
||
"任何 .env、secret、DB URL、token、private key、seed phrase、cookie、session、auth header、webhook secret 都必須拒收或隔離。",
|
||
"未來若要改 agent-bounty-protocol production、deploy、compose、DB migration、cron、daemon、domain、TLS、MCP tool behavior 或 A2A automation,必須另開 owner approval 與 rollback / post-check。"
|
||
],
|
||
"forbidden_actions": [
|
||
"modify_agent_bounty_repo",
|
||
"commit_agent_bounty_changes",
|
||
"push_agent_bounty_refs",
|
||
"sync_refs",
|
||
"create_github_repo",
|
||
"change_workflow",
|
||
"collect_secret_value",
|
||
"read_env_file",
|
||
"deploy_production",
|
||
"restart_compose",
|
||
"run_db_migration",
|
||
"run_active_scan",
|
||
"run_credentialed_scan",
|
||
"start_daemon",
|
||
"enable_cron",
|
||
"auto_claim",
|
||
"auto_submit",
|
||
"send_external_agent_message",
|
||
"send_telegram_notification",
|
||
"send_discord_notification",
|
||
"post_github_comment",
|
||
"execute_payout",
|
||
"execute_withdrawal",
|
||
"share_database",
|
||
"share_session",
|
||
"bind_rbac",
|
||
"enable_runtime_gate",
|
||
"add_awooop_action_button"
|
||
]
|
||
}
|