edut/launcher
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
24 Commits 1 Branch 0 Tags 77 KiB
JavaScript 69.3%
HTML 23.1%
CSS 7.4%
Makefile 0.2%
main
Go to file
Joshua 79d166a695
Some checks are pending
check / launcher (push) Waiting to run
Details
Improve operator-first launcher errors and diagnostics labeling
2026-02-19 12:59:14 -08:00
.gitea/workflows Add launcher CI workflow 2026-02-17 20:55:08 -08:00
app Improve operator-first launcher errors and diagnostics labeling 2026-02-19 12:59:14 -08:00
docs Capture explicit operation mode in launcher install flow 2026-02-18 20:31:12 -08:00
.gitignore Add launcher repo hygiene and manifest check target 2026-02-17 20:48:33 -08:00
Makefile Add launcher local serve target 2026-02-17 20:51:26 -08:00
README.md Improve operator-first launcher errors and diagnostics labeling 2026-02-19 12:59:14 -08:00

README.md

EDUT Launcher

Free control-plane application for EDUT onboarding and entitlement-aware installs.

Scope

  1. Local wallet create/import/recovery UX.
  2. Device readiness checks.
  3. Membership status and governance install controls.
  4. Signed package download and verification orchestrator.
  5. Member app-channel inbox.

Primary v1 wallet behavior and acceptance criteria are specified in:

  • docs/wallet-v1-product-spec.md

Out of Scope

  1. Governance runtime internals.
  2. Paid module execution engines.

Boundary

Launcher never contains private kernel internals. It verifies and installs signed paid runtimes only after entitlement checks pass.

Local Harness (Current)

app/index.html now exposes a product-first control surface with advanced harness tooling preserved.

Top-level control surface:

  1. Connect wallet
  2. Activate membership
  3. Refresh status + feed
  4. Governance status
  5. Wallet/session/membership/designation/last-sync overview cards
  6. Pull-first updates feed + support ticket action
  7. Identity assurance visibility (none / crypto_direct_unattested / sponsored_unattested / onramp_attested)
  8. Explicit operator-visible mode toggles (Human mode / Auto mode) synced to governance operation_mode
  9. Wallet utility actions (Refresh balances, Copy address) with native + USDC balance visibility

Advanced integration controls (collapsible):

  1. API/chain connection settings
  2. Wallet intent + verify primitives
  3. Membership quote + confirm primitives
  4. Marketplace offer list + checkout quote/send/confirm primitives
  5. Member channel register/poll primitives
  6. Governance install + lease primitives (with explicit operation_mode)
  7. Raw response log for deterministic troubleshooting
  8. Wallet session lifecycle controls (manual refresh/revoke + automatic pre-expiry refresh)
  9. Deterministic fail-closed error messaging mapped from backend policy/error codes

Wallet automation helpers remain available in advanced controls:

  1. Connect wallet fills address from window.ethereum.
  2. Sign intent (EIP-712) signs the current intent payload and fills walletSignature.
  3. Sign payer proof signs distinct-payer ownership proof and fills payerProof.
  4. Send membership tx submits the quote transaction via eth_sendTransaction and fills confirmTxHash.
  5. Membership confirm can optionally attach on-ramp attestation fields (identity_assurance_level, identity_attested_by, identity_attestation_id) for provider-integrated flows.
  6. Wallet verify returns a session token; launcher forwards it on marketplace/member/governance API calls via bearer + X-Edut-Session.
  7. Launcher proactively refreshes wallet sessions before expiry and clears local session state on terminal session errors (invalid, expired, revoked, mismatch).

Policy behavior in launcher shell:

  1. Membership is required for all member-channel polling flows.
  2. onramp_attested identity assurance is required for owner support-ticket and governance install-token actions.
  3. Assurance state is displayed independently from membership state in the top summary cards.
  4. Owner-only buttons are UI-disabled until both membership is active and assurance is onramp_attested.
  5. Governance activation evidence must carry explicit signing authority class (identity_human or delegated).

Run locally:

cd /Users/vsg/Documents/VSG\ Codex/launcher/app
python3 -m http.server 4310

Then open http://127.0.0.1:4310 and point API base URL at running secretapi.