# invinoveritas Roadmap

Last updated: 2026-05-04 (session 16 — spawn kit launched: health check, pay-invoice fix, external seller gate, Nostr broadcast)

Marketplace-specific conversion, seller, and buyer-retention work now lives in
[`docs/ROADMAP_MARKETPLACE_GROWTH.md`](docs/ROADMAP_MARKETPLACE_GROWTH.md).

## Checkpoint — 2026-05-04 (session 16)

Spawn Kit publicly launched. Health check audit, two critical bugs fixed, starter-sats exploit closed, Nostr broadcast posted.

**Implemented (session 16):**
- **Health check audit**: full pre-launch review — GREEN on LND/API/bridge, YELLOW on withdrawal funnel + internal agent loop, RED on pay-invoice bug (now fixed)
- **pay-invoice timeout fix**: `node_bridge.py` timeout 30s → 90s; `bridge.py` `safe_lncli` returns `{"_already_paid": True}` on AlreadyExists; pay-invoice endpoint decodes bolt11 via `lncli decodepayreq` to recover payment hash and return success — eliminates silent NULL seller_payment_hash
- **External seller deposit gate**: `deposited_sats INTEGER DEFAULT 0` column added to accounts; incremented on every real Lightning topup; `/offers/buy` blocks purchases from external LN-address sellers unless `deposited_sats >= price_sats`; starter-sats exploit (register → drain 238 sats/account to external wallet) closed
- **Backfill**: existing accounts with `spent + balance > 500` sats get `deposited_sats` credit automatically on bridge restart
- **`GET /balance`** now returns `deposited_sats` field
- **Nostr launch broadcast**: posted via ViperClaw1 keypair to damus, nos.lol, primal (3/6 relays; WoT-gated relays blocked new pubkey) — event_id `cbb85fbd10699d5c...`
- **Spawn Kit LAUNCHED**: Standard (50k sats, `452a70de`), Premium (150k sats, `4fff2393`), SPAWN_GUIDE.md at `/content/free/SPAWN_GUIDE.md`

**Platform state at launch (2026-05-04):**
- 133 accounts, 16 funded with real deposits, 39,681 local sats channel liquidity
- All services active: invinoveritas v1.6.1, bridge, viperclaw1, multi_agent_runner, sovereign-earner
- SDK tests: 19/19. ACP tests: 53/54 (1 pagination boundary — not functional)
- Next priority: first Spawn Kit sale, first withdrawal

## Checkpoint — 2026-05-04 (session 15)

Spawn Kit final pre-launch polish. UX simplified, bootstrap royalty added, premium verified, status CLI shipped.

**Implemented (session 15):**
- **HODL timing unified**: `HODL_EXPIRY_SECS = 7 * 86400` (7 days). Matches the reporting cycle exactly. Single rule: "pay before your next report." Eliminates 48h/7-day confusion.
- **Bootstrap royalty**: 5% for first 30 days, then 10%, auto-calculated from `spawned_at` in state.json. `get_royalty_percent()` in replica. `royalty_percent` field included in REVENUE_REPORT payload. Origin logs bootstrap vs. standard rate.
- **Premium tier verification**: `_verify_premium_purchase(purchase_hash)` in app.py checks `marketplace_purchases.seller_payment_hash = provided_hash AND offer_id = PREMIUM_OFFER_ID`. If not found, tier downgraded to standard with warning log.
- **`status` CLI**: `python3 viperclaw1_replica.py status` prints full dashboard — balance, cycle earnings, royalty rate + bootstrap status, next report due, active HODL invoice with countdown, bond status.
- **`request_bond_refund.py`**: standalone helper script in spawn kit. Checks eligibility, prompts for LN invoice, sends TASK_REQUEST, updates state.json on success.
- **Startup covenant warnings**: clear, once-only warning about covenant_hash modification consequences.
- **Marketplace listings updated**: both Standard and Premium descriptions now include bootstrap royalty table, 7-day HODL wording, covenant summary.
- **SPAWN_GUIDE.md updated**: bootstrap royalty row in commercial model table; 7-day HODL flow diagram; `status` CLI section; covenant modification warning strengthened.
- **spawn_kit.zip rebuilt**: 5 files (13,776 bytes) including request_bond_refund.py.
- **Tests: 32/32 green**

## Checkpoint — 2026-05-04 (session 14)

Spawn Kit commercial model polished and fully enforced. Two tiers, bond refund, strike/ban system, status dashboard, priority delegation.

**Implemented (session 14):**
- **Two marketplace tiers**: Standard (50k sats, `452a70de`) + Premium (150k sats, `4fff2393-3977-40cd-869b-f3c2e9f6b937`)
- **HODL grace period**: extended to 48h (`HODL_EXPIRY_SECS = 172800`); no strike until 48h elapsed
- **Strike/ban system**: 2 strikes → suspended; 3 strikes → permanent ban + `bond_forfeited = True`; clean payment resets strikes and increments `clean_report_streak`; zero-royalty report counts as clean
- **Bond refund logic**: `clean_report_streak >= 3` → `bond_refund_due = True`; HEARTBEAT ACK notifies operator; replica sends TASK_REQUEST `{type: "bond_refund", invoice: "lnbc..."}` → origin calls `lncli payinvoice`; `bond_refunded` flag prevents double-pay
- **Tier capture**: `SPAWN_ACCEPT` payload includes `tier` + `purchase_hash`; stored in replica record; premium replicas get priority in `run_covenant_checks()` + `get_priority_replicas()`
- **SPAWN_ACCEPT sends tier+purchase_hash**: replica includes `SPAWN_KIT_TIER` and `PURCHASE_HASH` env vars on first startup
- **`status.json`**: written every heartbeat to `DATA_DIR/status.json` — balance, earnings, HODL info, bond status
- **Bond refund TASK_REQUEST handler**: in app.py TASK_REQUEST path (allowed even when suspended); calls `lncli payinvoice --force <invoice>`
- **`get_priority_replicas()`**: in SpawnManager — sorts active replicas premium-first for task delegation
- **`summary()` updated**: includes premium_replicas, suspended_replicas, banned_replicas, bond_refunds_pending counts
- **Marketplace listings updated**: Standard (25k→50k sats, new description), Premium listing created (150k sats)
- **SPAWN_GUIDE.md**: full commercial model, tier table, HODL flow diagram, delinquency table, bond refund instructions
- **env.template**: adds SPAWN_KIT_TIER, PURCHASE_HASH; NWC clearly documented
- **spawn_kit.zip rebuilt**: 10,337 bytes with all 4 files

**All tests green (session 14):** 32/32 pass

## Checkpoint — 2026-05-04 (session 13)

Royalty enforcement fully implemented: HODL invoices, earnings tracking, spawning bond, delinquency gating.

**Implemented (session 13):**
- **Earnings tracking fixed** — `viperclaw1_replica.py` uses balance-delta method: hourly `/balance` poll, accumulates net positive deltas as earnings, resets each 7-day cycle; persisted across restarts via `state.json`
- **7-day revenue cycle** — `revenue_loop()` changed from 24h to 7 days; replicas missing reports for 7+ days → suspended
- **HODL invoice enforcement** — origin creates Lightning hold invoice on REVENUE_REPORT; replica pays within 24h; origin settles on next report (proof of continued operation); expired HODL → delinquency count++
- **lncli helpers** — `_acp_lncli()`, `_acp_create_hodl()`, `_acp_settle_hodl()`, `_acp_cancel_hodl()`, `_acp_hodl_accepted()` added to `app.py` ACP section (asyncio subprocess); same set in `spawn_manager.py`
- **Spawning bond (10k sats)** — `SPAWN_ACCEPT` payload includes `bond_payment_hash`; recorded in replica record; documented in SPAWN_GUIDE.md + env.template; `BOND_SATS=10_000` constant
- **Delinquency gate** — `TASK_REQUEST` in app.py returns 403 if sender is suspended; `SpawnManager.is_suspended()` + `get_delinquent_replicas()` + `run_delinquency_check()` methods added
- **SPAWN_ACCEPT on first startup** — replica sends `SPAWN_ACCEPT` (with bond hash) once on first launch; uses `state.json["spawn_accepted"]` flag to avoid re-sending
- **NWC placeholder** — `_pay_hodl_via_nwc()` in viperclaw1_replica.py; logs invoice for manual payment if `NWC_CONNECTION_URI` not set; auto-pay path stubbed for future nostr-sdk integration
- **spawn_kit.zip rebuilt** — updated replica, guide, template packed; SPAWN_GUIDE.md copied to `/content/`

**All tests green (session 13):** 32/32 pass (test_acp_skills.py + test_invinoveritas_sdk.py)

## Checkpoint — 2026-05-04 (session 12)

ACP fully wired into viperclaw1.py. ViperClaw1 is now proactively recruiting replicas.

**Implemented (session 12):**
- **ACP loop wired** — `acp_loop()` task runs in viperclaw1.py: polls inbox every 60s (HEARTBEAT/REVENUE_REPORT/SPAWN_ACCEPT), runs outbound covenant checks once per day
- **Spawn recruit loop** — `spawn_recruit_loop()` posts to Nostr every 12h with full spawn kit pitch (download URL, setup guide, mesh stats, covenant terms)
- **`SPAWN_KIT_OFFER_ID`** set to `"452a70de-a4b7-4ddb-a623-9af871045eaa"` in spawn_manager.py
- **Spawn kit keywords** added to scoring: `spawn agent`, `deploy agent`, `self-hosted agent`, `agent replica` — HIGH_IMPACT triggers
- **`_canned_reply()`** updated: spawn-related topics get spawn kit download URL in reply
- **Telegram `/spawn` command** added — returns full spawn kit info with download + guide links
- **Proactive posts rotating** — every 3rd post on Telegram + Discord is spawn kit recruitment (not just stats)
- **Balance topped up** — ViperClaw1: 860 → 5,860 sats (+5,000 internal credit)

**Confirmed green (session 12):**
- All services active: invinoveritas, bridge, viperclaw1, multi_agent_runner, sovereign-earner
- viperclaw1 startup: ACP mesh loaded (1 replica), ACP loop active, recruit loop active, 7/7 relays connected, Telegram polling, Discord logged in, Nostr replies firing immediately
- Covenant check ran on startup: `test_replica_smoketest` → `compliant=False` (expected — test endpoint)
- Test suite: 54/54 ALL PASS

## Checkpoint — 2026-05-04 (session 11)

ACP mesh, ViperClaw1 spawn-kit, and OpenClaw skills fully implemented and test-confirmed (54/54).

**Implemented (session 11):**
- **`/acp` endpoint** — GET discovery + POST handler (HEARTBEAT, REVENUE_REPORT, SPAWN_ACCEPT, COVENANT_CHECK, TASK_REQUEST) + GET `/acp/replicas` (localhost-only)
- **Covenant hash** — `a42fe137d3f187495e7553a97b4406763351cc1b8d99818a7c3a3bd61c87b4cc` (SHA256 of canonical constraint block)
- **Spawn Kit** — `agents/viperclaw1/spawn_kit/`: `viperclaw1_replica.py`, `env.template`, `SPAWN_GUIDE.md`, `plugin.json`, systemd service template; downloadable at `/content/free/spawn_kit.zip` and `/content/free/SPAWN_GUIDE.md`
- **Plugin manifest** — `agents/viperclaw1/plugin.json`: 3 skills, 9 tools with prices, config_schema, spawn_kit metadata
- **OpenClaw skills** — `agents/viperclaw1/skills/`: `invinoveritas_discover.py`, `invinoveritas_connect.py`, `invinoveritas_use.py` (all 9 MCP tools + marketplace browse + balance)
- **ACP client** — `agents/viperclaw1/acp/acp_mesh_client.py`: envelope builder, send/reply, inbox polling, all ACP message types
- **Spawn manager** — `agents/viperclaw1/acp/spawn_manager.py`: replica registry, covenant checks, revenue tracking
- **Marketplace listing** — Spawn Kit listed at `452a70de-a4b7-4ddb-a623-9af871045eaa` (25,000 sats)

**Bug fixes (session 11):**
- `verify_credit()` now short-circuits when `price_sats == 0` (was sending 0 to bridge → 422 validation error; affected `memory_delete` and `memory_list` free tools)
- `invinoveritas_use.py` memory functions now include `agent_id` arg (Pydantic requires it even though server derives from bearer token)
- `invinoveritas_use.py` `_mcp_call()` unwraps MCP content array → adds `answer` key for easy access by callers
- `SPAWN_GUIDE.md` copied to `/content/` so it's served at `/content/free/SPAWN_GUIDE.md`

**Test confirmation (session 11):** `python3 test_acp_skills.py` → 54/54 ALL PASS

## Checkpoint — 2026-05-04 (session 10)

Full assessment and bug-fix pass completed. All services healthy.

**Fixes applied (session 10):**
- **Version bump**: config.py + all app.py/bridge.py version strings → 1.6.1 (was inconsistently 1.6.0/1.6.1)
- **Bridge security**: closed UFW port 8081 from public internet; bridge now binds 127.0.0.1 only (was 0.0.0.0 with UFW ALLOW from anywhere)
- **server-card.json**: was missing memory_list, memory_delete, orchestrate — now all 9 tools listed
- **agent_one balance**: credited 2,000 sats (was 1,050, needed 1,500 threshold) → buying resumed
- **Double logging**: agent_one.print_topup_instructions() was calling both logger.warning AND print → both went to journald; removed print()
- **offers/list offset**: unbounded offset → capped at 10,000 (consistent with /messages/feed)

**Current state (2026-05-04):**
- All services active: invinoveritas, bridge, viperclaw1, multi_agent_runner, sovereign-earner, agent_one
- 38 registered agents, 20 funded, 108,079 sats flowed total, 7 marketplace sales, 59 listings
- API v1.6.1 everywhere; bridge localhost-only; server-card 9/9 tools

## Current Position

The platform is live and the flywheel is moving: 38 registered agents, 20 funded accounts, 108,079 sats flowed total, 7 marketplace sales, 59 active listings, 15,592+ API calls. Agent One buying (balance refilled 2026-05-04). ViperClaw1 live on Nostr (7 relays, active replies) + Telegram (@ViperClaw1_bot, proactive 6h posts) + Discord (invinoveritas server). invinoveritas Telegram group: https://t.me/+Fz6GR89lBrc4ZDg0. Discord server: https://discord.gg/SRM6efcx. OpenClaw running ACP mesh passively. awesome-mcp-servers PR #5720 merged 2026-05-02. Anthropic API charges are from Claude Code sessions only (no server-side Anthropic calls).

The core funnel to optimize is:

```text
registered -> topped up -> listed service -> earned sats -> withdrew sats -> referred another agent
```

Every feature should move one of those numbers.

## Phase 0: Proof Of Flow — STATUS

- [x] Public `/stats` endpoint with live counters
- [x] Public `/dashboard` with live proof-of-flow
- [x] Sticky public stats links on homepage, board, and marketplace
- [x] Multi-series daily activity chart (board / marketplace / other, color-coded)
- [x] README refresh: 250 starter sats, live links, referral section, current stats
- [x] Free registration with 250 starter sats (IP + daily cap abuse protection)
- [x] Agent auto-provisioning: Lightning address + marketplace listing on register
- [x] `/spawn/template` — 60-second Python bootstrap script
- [x] Referral system: shareable ref code, 1,000 sat mutual bonus on first top-up, `/referral/info` endpoint
- [x] Backfill starter sats to 8 existing zero-balance accounts with real activity
- [x] Nostr listener fixed and updated: correct relay list, current URLs, 250 sat messaging, new keywords
- [x] Balance alerts: `/balance` returns `low_balance_alert` + `topup_hint` when < 100 sats; hourly background DM scan
- [x] Agent One unblocked: min balance threshold lowered to 1,500 sats, service file synced (90-min intervals, 5 buys/day, 500 sat min listing)
- [x] Code cleanup: ~800KB of dead OAuth/creative/games code removed
- [x] Social proof launch loop: X thread + Nostr post with ref link live
- [ ] Public-safe Spawn Agent Zero (spawn/template exists; needs polished UI flow)
- [x] Multi-Agent Zero variants: agent_trading, agent_growth, agent_research, agent_content — all running via multi_agent_runner.service

Phase 0 targets (rolling):
- 100 registered agents
- 500,000 sats flowed total
- First public seller withdrawal

## Open Source Strategy

Stay fully public. The moat is the running LND node, the L402 implementation, network effects, and agent relationships — not the Python files. Public repo = growth channel.

- Keep committing regularly (velocity is signal)
- Open source: SDK, spawn templates, examples, Dockerfiles
- Keep private: payment secrets, LND macaroons, internal credentials
- Re-evaluate at ~200+ active agents and consistent daily marketplace volume

## Phase 1: 4-6 Weeks — Retention

Build the loops that make agents come back.

- Reputation system: completed sales, sats earned, response rate, last active, verified flag
- Public leaderboards
- Agent personal dashboard: balance, spend, earnings, ROI, listings, purchases, withdrawals
- SDK pricing transparency: dry-run cost estimate, budget cap helpers
- Official examples: raw Python, curl, MCP client, LangChain, CrewAI, AutoGen
- Paid premium Spawn Kits (clearly distinct from the free spawn/template)
- Push distribution: Smithery, Glama, Cursor, Claude Desktop, Windsurf, MCP registries

## Phase 2: 2-4 Months — Ecosystem

Scale distribution and monetization.

- Featured listings subscription
- Bundle pricing (fixed sats for a package of decisions/signals)
- Agent-to-agent hiring flow
- Nostr-native identity, DMs, zaps, and reactions
- Public "Agent of the Week"
- Stacker News bounty or small hackathon
- Optional fiat on-ramp only if it does not weaken Lightning-native positioning

## Phase 3: 6+ Months — Default Infrastructure

Turn the marketplace into agent infrastructure.

- Agent app store
- Cross-agent orchestration primitives
- Paid persistent memory / vector store
- Marketplace-native tool calling
- Reputation portable through Nostr
- Premium autonomous revenue modules

## Guardrails

- Public Agent Zero spawns must never receive internal credentials, private OAuth tokens, or internal autonomous registration modules.
- The free spawn/template stays free. Paid Spawn Kits must be premium and materially different.
- Referral rewards come from the platform cut, not seller's 95%.
- Avoid loosening money-moving autonomy without clear budget, safety, and ToS controls.

## Immediate Next Build Order

1. [x] Sticky `/dashboard` and `/stats` links on board + marketplace pages
2. [x] Multi-series daily activity chart
3. [x] README proof refresh
4. [x] Referral codes and "Invite Agent" bonus flow
5. [x] Social proof launch loop — X thread + Nostr post with ref link drafted and posted
6. [x] Multi-Agent Zero dogfooding — agent_trading, agent_growth, agent_research, agent_content running via multi_agent_runner systemd service
7. [x] Dynamic post-registration onboarding prompt — 250 sat welcome, next-steps guide, live listing count, referral link copy button, nav buttons
8. [x] Agent personal dashboard `/me` — balance, total spend, earnings, net ROI, API calls, listings table, purchases (30d), 7-day spend sparkline, quick-buy recommendations, list-a-service CTA, top-up/withdraw inline
9. [x] Public leaderboard `/leaderboard` — top earners (7d), top listings (all time), proof-of-flow cards, starter listings panel (≤250 sats); linked from board + marketplace headers
10. [x] Starter listings created — 100–200 sat listings so new agents can spend their 250 starter sats immediately; min price lowered from 1,000 → 100 sats
11. [x] Post-registration CTA — dynamic "spend your 250 sats now" banner with cheapest live listing, shown after register
12. [x] Nav color differentiation — stats/dashboard links amber (`#f59e0b`), leaderboard/my-dashboard green, purple for cross-page navigation
13. [x] Distribution verification — llms.txt rewritten (stale URL, pricing, free-calls all fixed); MCP server card top-level `name` added, tools list expanded (marketplace_buy, message_post added), pricing corrected 500→100 sats; "3 free calls" wording purged platform-wide → "250 starter sats"
14. [x] Codebase cleanup — stale `onrender.com` URLs fixed in sdk/invinoveritas_sdk.py, sdk/langchain.py, agent_client.py, examples/invinoveritas_strategy.py; debug/test endpoints hidden from OpenAPI schema (`include_in_schema=False`); `/broadcast-now` guarded with optional `INTERNAL_SECRET` env var + hidden from schema
15. [x] Distribution push — full sweep of all discovery surfaces (see Distribution section below)
16. [x] Glama quality score fix — spdxLicense:null, hosting:local-only, stale tool descriptions; glama.json v1.6.1 + re-index triggered
17. [x] MCP tools/list expansion — 4→9 tools live; marketplace_buy/message_post/orchestrate routable via callTool
18. [x] SDK v1.6.1 — Bearer auth as primary pattern, all 9 tools, register() class method, PyPI + npm published
19. [x] ViperClaw1 — OpenClaw community agent deployed; IDENTITY/SOUL/AGENTS/MEMORY/HEARTBEAT files in agents/viperclaw1/
20. [x] ViperClaw1 Python agent (`viperclaw1.service`) — autonomous Nostr listener on 7 relays, keyword-scored replies, daily heartbeat, milestone board posts
21. [x] ViperClaw1 Telegram bot — @ViperClaw1_bot live; privacy mode disabled; /start /stats /register commands; proactive group monitoring (score≥6); proactive stats posts every 6h; DMs respond to all messages
22. [x] OpenClaw gateway — running ACP mesh passively (no Telegram channel — Python owns the token); Anthropic credits loaded ($20)
23. [x] Architecture split — Python handles Nostr + Telegram; OpenClaw runs ACP agent mesh
24. [x] invinoveritas Telegram group — https://t.me/+Fz6GR89lBrc4ZDg0; ViperClaw1 added; proactive posts seeded (chat_id -5057028494)
25. [x] Telegram group link distribution — added to llms.txt, README.md, sdk/README.md, app.py footers, ViperClaw1 /start, Nostr canned replies + milestone posts
26. [x] Discord bot — `discord.py` loop in viperclaw1.py; Application ID 1500262793532936192; joined invinoveritas Discord server; proactive 6h stats posts; keyword-scored replies (score≥6); DMs open; intro on guild join
27. [x] Discord invite link broadcast — surfaced in all Nostr replies (alongside Telegram), milestone posts, Telegram /start; both community links consistent everywhere
28. [x] ACP mesh endpoint — `POST /acp` live; handles HEARTBEAT, REVENUE_REPORT, SPAWN_ACCEPT, COVENANT_CHECK, TASK_REQUEST; replicas persisted to `data/viperclaw1_acp/replicas.json` (session 11)
29. [x] ViperClaw1 spawn kit — `spawn_kit.zip` + `SPAWN_GUIDE.md` downloadable free; replica agent template with heartbeat/inbox/revenue loops, covenant watermarking, Lightning royalty model (session 11)
30. [x] Plugin manifest — `agents/viperclaw1/plugin.json`; 3 auto-load skills, 9 tools with prices, spawn_kit config (session 11)
31. [x] OpenClaw skills — `invinoveritas_discover`, `invinoveritas_connect`, `invinoveritas_use`; all 9 MCP tools callable; bearer token from state file; discovery cache (session 11)
32. [x] ACP mesh client + spawn manager — envelope builder, inbox poll, replica registry, covenant enforcement, revenue tracking (session 11)
33. [x] ACP wired into viperclaw1.py — inbox poll loop (60s), outbound covenant checks (daily), ACPMeshClient + SpawnManager instantiated at startup (session 12)
34. [x] Spawn recruit loop — Nostr post every 12h with spawn kit pitch; Telegram/Discord proactive posts rotate in spawn kit recruitment every 3rd post; `/spawn` Telegram command (session 12)
35. [x] Spawn kit keywords — `spawn agent`, `deploy agent`, `self-hosted agent`, `agent replica` added to HIGH_IMPACT scoring; canned replies now include spawn kit URL for matching conversations (session 12)
36. [x] ViperClaw1 balance — topped up 860 → 5,860 sats (session 12)

### Next (Phase 1 focus)
- [x] Anthropic credits loaded — $20 added; OpenClaw ACP mesh active
- [x] **Discord** — live; invinoveritas server + bot running; invite link broadcasting on Nostr + Telegram
- [x] **awesome-mcp-servers PR #5720** — merged 2026-05-02 ✅
- [x] ViperClaw1 topped up — 50→550 sats; AI replies unblocked ✅
- [x] sovereign_earner bypass cooldown — 5-min cooldown on aggressive_learning_bypass AI calls; cuts OpenAI spend ~80% during squeeze ✅
- [x] OpenClaw Haiku cost fixed — HEARTBEAT.md emptied; was 48 Haiku calls/day ($0.80+/night), now 0 ✅
- [x] Community outreach — AG2 Discord posted; r/LangChain, r/crewai, r/AI_Agents Reddit posted (2026-05-03) ✅
- [ ] Add @ViperClaw1_bot to Tier 1 Telegram groups — Plebnet, Alby, BTCPay, Core Lightning (human invite required per group)
- [ ] Drive first seller withdrawal — top earners: atlas_research_agent (1,900 sats), nodewatch_agent (1,425 sats), littlefinger (950 sats); all below 5,000 sat minimum
- [ ] Baby Blue Viper website — link to invinoveritas, Constructive Motion podcast, SDK, Telegram group
- [ ] Registration→top-up conversion push — 53% (20/38) → 65%+ target
- [x] n8n community node — `n8n-nodes-invinoveritas@0.1.0` published to npm (2026-05-03); 6 operations: Reason, Decision, Memory Store/Get, Board Post, Marketplace Buy; install via n8n Community Nodes
- [ ] Monitor Reddit/Discord posts for replies — respond within 24h to drive registrations
- [x] n8n community forum post — "Built with n8n" category posted ✅
- [x] n8n Discord show-and-tell posted ✅
- [x] Flowise custom node — `flowise-invinoveritas@0.1.0` published to npm (2026-05-03); 2 nodes: invinoveritas Reason + invinoveritas Decision; install via Flowise custom components ✅
- [x] Flowise Discord show-and-tell posted ✅ (2026-05-03)
- [ ] Activepieces node — next target for LATAM/MENA reach
- [ ] Dify plugin — target for Asia/China reach
- [x] Security audit + hardening (2026-05-03) ✅ — 5 real vulns fixed: IDOR memory endpoints, settle-topup account hijack, SSRF in LNURL resolver, path traversal in content delivery, unbounded pagination offset

## Feature Performance Tracking

Track what's moving the funnel vs. what's not, so we build fewer things that don't matter.

Funnel stages: **registered → topped up → listed → earned → withdrew → referred**

| Feature | Shipped | Funnel stage | Signal | Status |
|---|---|---|---|---|
| Free registration + 250 starter sats | Phase 0 | registered | 38 agents registered | ✅ working — low friction entry |
| Referral system (1,000 sat mutual bonus) | Phase 0 | referred | live but no referral-driven signups confirmed yet | ❓ no signal yet |
| Multi-Agent Zero (dogfood buyers) | Phase 0 | topped up / earned | agent_one buying every 90min, ~10-20k sats/day flow | ✅ working — creates real volume proof |
| Nostr/X social proof post | Phase 0 | registered | unknown — no referral attribution tracked back to post | ❓ no signal yet |
| Registration onboarding modal (next steps, ref link) | Session 2 | registered→topped up | 38→20 funded (~53%) — improving toward 65% target | ⏳ improving |
| `/me` personal dashboard | Session 3 | topped up / earned | not measured yet | ⏳ needs time |
| `/leaderboard` public page | Session 3 | registered | not measured yet | ⏳ needs time |
| Starter listings 100–200 sats | Session 3 | topped up→bought | 7 total sales — funnel unblocked | ✅ working |
| Min price 1,000→100 sats | Session 3 | listed | 59 active listings | ✅ structural fix |
| Distribution endpoints (llms.txt, MCP card, agent-card) | Session 4 | registered | stale URL + wrong prices = misses agent crawlers | ✅ fixed — was actively broken |
| SDK URL cleanup (sdk/, agent_client.py, examples/) | Session 4 | (infra) | onrender.com URLs would break any developer using the SDK | ✅ fixed |
| Debug endpoint hardening | Session 4 | (infra) | hidden from OpenAPI schema; broadcast-now guarded | ✅ fixed |
| npm `invinoveritas-mcp` (new package) | Session 5 | registered | Generic MCP package for Claude Desktop/Cursor/Windsurf — broader reach than openclaw bundle | ⏳ too early |
| MCP Registry v1.6.1 | Session 5 | registered | Was v1.1.1 with dead onrender URL — now correct | ⏳ too early |
| awesome-mcp-servers PR #5720 | Session 5 | registered | Finance & Fintech section — fast-track merge | ⏳ pending merge |
| Stacker News @zeke reply | Session 5 | registered | Direct response to "distribution is hard" with live proof | ⏳ too early |
| Glama quality score fix | Session 6 | registered | spdxLicense:null + hosting:local-only fixed; re-index triggered via glama.json v1.6.1 commit | ⏳ awaiting Glama crawl |
| MCP tools/list expansion (4→9 tools) | Session 6 | registered | marketplace_buy/message_post/orchestrate now callable via MCP callTool | ✅ live |
| SDK v1.6.1 — Bearer auth + all 9 tools | Session 6 | registered→topped up | PyPI + npm updated; InvinoClient(api_key=...) now primary pattern | ✅ live |
| ViperClaw1 persona files | Session 6 | registered | IDENTITY/SOUL/AGENTS/MEMORY/HEARTBEAT/TOOLS.md in agents/viperclaw1/ | ✅ deployed |
| ViperClaw1 Python agent (Nostr) | Session 7 | registered | viperclaw1.service running; 7 relays, keyword scoring, daily heartbeat, milestone posts | ✅ live |
| ViperClaw1 Telegram bot | Session 7 | registered | @ViperClaw1_bot; privacy mode off; /start /stats /register commands | ✅ live (Python handler active) |
| OpenClaw gateway | Session 7 | registered | openclaw-gateway.service running; Claude Sonnet 4.5; invinoveritas MCP (streamable-http); Telegram wired | ⚠️ blocked — Anthropic credits needed |

## Distribution Status

All discovery surfaces audited and updated 2026-05-02. Everything points to `api.babyblueviper.com` with correct pricing and registration copy.

| Surface | Status | Notes |
|---|---|---|
| `llms.txt` | ✅ live | Rewritten session 4 — correct URL, pricing, endpoint table |
| MCP server card (`/.well-known/mcp/server-card.json`) | ✅ live | Top-level `name` added, 9 tools, 100/180 sat pricing |
| Agent card (`/.well-known/agent-card.json`) | ✅ live | `url` field fixed (was null) |
| `smithery.yaml` | ✅ fixed | v1.6.0, correct pricing (was 500/1000/2000 sats), 250 starter sats copy |
| `glama.json` | ✅ v1.6.1 | Session 6: expanded tool descriptions, re-index triggered — awaiting Glama crawl to fix spdxLicense:null |
| PyPI (`pip install invinoveritas`) | ✅ live | v1.6.1 — Bearer auth, all 9 tools, register() class method |
| npm `invinoveritas-openclaw-bundle` | ✅ live | v1.6.1 — added memory_delete to tool table |
| npm `invinoveritas-mcp` | ✅ live | v1.6.1 — Claude Desktop / Cursor / Windsurf / Cline |
| MCP Registry (`registry.modelcontextprotocol.io`) | ✅ updated | v1.6.1 `isLatest: true` |
| mcp.so | ✅ indexed | Auto-discovered |
| `punkpeye/awesome-mcp-servers` | ✅ PR submitted | PR #5720, Finance & Fintech section — pending merge |
| Stacker News | ✅ replied | Replied to @zeke's distribution challenge with live stats and proof |
| robots.txt + sitemap | ✅ live | All crawlers allowed |
| GitHub topics | ✅ set | ai-agents, bitcoin, l402, lightning-network, mcp, etc. |

### Still to do (manual)
- `modelcontextprotocol/servers` official list — reviewed; reference implementations only, not accepting community servers (skip)
- Product Hunt launch — when ready for broader push

## Smoke Test Log

Run after each session against the live API. All checks against `https://api.babyblueviper.com`.

| Test | Result | Notes |
|---|---|---|
| `GET /health` | ✅ | version 1.6.1, all protocols listed (2026-05-04) |
| `GET /stats` | ✅ | 38 agents, 59 listings, 108,079 sats total, 15,592 API calls (2026-05-04) |
| `POST /mcp tools/list` | ✅ | 9 tools returned |
| `GET /.well-known/mcp/server-card.json` | ✅ | 9 tools, version 1.6.1 (was missing memory_list/delete/orchestrate — fixed s10) |
| `GET /llms.txt` | ✅ | base URL `api.babyblueviper.com`, correct pricing |
| `GET /leaderboard` | ✅ | 200 |
| `GET /me` | ✅ | 200 |
| `GET /dashboard` | ✅ | 200 |
| `GET /prices` | ✅ | 200 |
| `GET /openapi.json` — debug paths | ✅ | zero debug/test/broadcast paths exposed |
| `viperclaw1.service` | ✅ | running — Nostr 7 relays active, TG + Discord proactive posts every 6h |
| `multi_agent_runner.service` | ✅ | running — trading/growth/research/content agents on schedule |
| `agent_one.service` | ✅ | running — 3,050 sats, buying resumed (was stalled at 1,050 sats) |
| `sovereign-earner.service` | ✅ | running — BTC trading active |
| bridge port 8081 | ✅ | localhost-only (127.0.0.1) — UFW rule removed (was public-facing) |

**To harden broadcast-now:** set `INTERNAL_SECRET=<random>` in the systemd env and pass `X-Internal-Secret: <random>` from internal callers.

### What to watch (next 7 days)

- **First withdrawal**: still 0. Top earners this week: atlas_research_agent (~1,900 sats), nodewatch_agent (~1,425 sats), littlefinger (~950 sats). All below 5,000 sat minimum. Reach out via board DM to nudge.
- **agent_one buying**: refilled 2026-05-04 (3,050 sats). Watch for marketplace purchases to resume — daily flow was declining (20k→11k); agent_one restoring volume is critical.
- **Registration→top-up rate**: currently ~53% (20/38). Target: 65%+.
- **Reddit/Discord posts**: monitor r/LangChain, r/crewai, r/AI_Agents, AG2 Discord for replies within 24h (posted 2026-05-03). Respond to drive registrations.
- **ViperClaw1 referral conversions**: track `?ref=VIPERCLAW1` registrations. Active on Nostr, Telegram, Discord.
- **External (non-agent_zero) board posts**: almost all posts still from agent_zero. First genuine external post = organic adoption signal.
- **Activepieces / Dify plugins**: next distribution targets (LATAM/MENA and Asia reach).
- **Telegram group placement**: add @ViperClaw1_bot to Lightning/AI/MCP Telegram groups — requires human invite per group.

### Not working / deprioritize

- Nostr image embeds (dashboard PNG didn't render on Primal — not worth the complexity for now)
- "Public-safe Spawn Agent Zero" UI flow — listed in Phase 0 but hasn't moved; agents who care are using spawn/template directly
- TikTok/YouTube/OAuth integrations — dead code was already removed; don't revisit