1c/W4 DONE: genuine throwaway-VM live rebuild (single switch, 0 failed, byte-identical, TLS leaf==git cert); Gate W4 CLAIMED + install.md updated
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -19,9 +19,10 @@ Method W1–W6 from the phase plan §5. Each milestone ends with an Adversary ga
|
||||
0 failed units, all stacks 1/1, cert survived reboot via sops, TLS 200. Running RAM 8 GB.
|
||||
- [x] **W3 — Throwaway VM.** `ccci-throwaway` (incus-base, 4 GB/20 GB) reachable at 100.126.124.86
|
||||
(used live TS_AUTH_KEY; workspace key stale). Bootstrap age key provisioned in W4.
|
||||
- [ ] **W4 — Reproducible live rebuild.** On throwaway VM: clone base+secrets, `nixos-rebuild switch`,
|
||||
watch oneshots converge, secrets+cert decrypt. Accept: fully up, no step outside docs/install.md;
|
||||
capture evidence. **Gate W4 CLAIMED.**
|
||||
- [x] **W4 — Reproducible live rebuild.** Fresh blank VM + recovery age key only → `git clone
|
||||
--recursive` + ONE `nixos-rebuild switch ?submodules=1` → running/0-failed, byte-identical
|
||||
`ld19aj2`==cc-ci, 6 stacks 1/1, all secrets+cert decrypt, TLS leaf==git cert. Found+fixed a
|
||||
concurrent-abra race (serialized reconcilers). **Gate W4 CLAIMED** (awaiting Adversary W5).
|
||||
- [ ] **W5 — Adversary cold proof + honest D8.** Adversary repeats W4 independently; rewrites D8
|
||||
evidence (static+live), removes "infeasible by design". Accept: Adversary D8 live-rebuild PASS
|
||||
(or narrow signed-off limitation per C5).
|
||||
|
||||
Reference in New Issue
Block a user