edut/launcher
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
27 Commits 1 Branch 0 Tags 104 KiB
JavaScript 69.2%
HTML 23.1%
CSS 7.4%
Makefile 0.3%
1f2c608980
Go to file
Joshua 1f2c608980
Some checks are pending
check / launcher (push) Waiting to run
Details
Align launcher docs to EDUT ID route and terminology
2026-02-19 14:49:39 -08:00
.gitea/workflows Add launcher CI workflow 2026-02-17 20:55:08 -08:00
app Switch launcher EDUT ID flow calls to /secret/id aliases 2026-02-19 14:47:50 -08:00
docs Align launcher docs to EDUT ID route and terminology 2026-02-19 14:49:39 -08:00
.gitignore Add launcher repo hygiene and manifest check target 2026-02-17 20:48:33 -08:00
Makefile Add launcher local serve target 2026-02-17 20:51:26 -08:00
README.md Align launcher docs to EDUT ID route and terminology 2026-02-19 14:49:39 -08:00

README.md

EDUT Launcher

Free control-plane application for EDUT onboarding and entitlement-aware installs.

Scope

  1. Local wallet create/import/recovery UX.
  2. Device readiness checks.
  3. EDUT ID status and governance install controls.
  4. Signed package download and verification orchestrator.
  5. Member app-channel inbox.

Primary v1 wallet behavior and acceptance criteria are specified in:

  • docs/wallet-v1-product-spec.md

Out of Scope

  1. Governance runtime internals.
  2. Paid module execution engines.

Boundary

Launcher never contains private kernel internals. It verifies and installs signed paid runtimes only after entitlement checks pass.

Local Harness (Current)

app/index.html now exposes a product-first control surface with advanced harness tooling preserved.

Top-level control surface:

  1. Connect wallet
  2. Activate EDUT ID
  3. Refresh status + feed
  4. Governance status
  5. Wallet/session/EDUT ID/designation/last-sync overview cards
  6. Pull-first updates feed + support ticket action
  7. Identity assurance visibility (none / crypto_direct_unattested / sponsored_unattested / onramp_attested)
  8. Explicit operator-visible mode toggles (Human mode / Auto mode) synced to governance operation_mode
  9. Wallet utility actions (Refresh balances, Copy address) with native + USDC balance visibility

Advanced integration controls (collapsible):

  1. API/chain connection settings
  2. Wallet intent + verify primitives
  3. EDUT ID quote + confirm primitives
  4. Marketplace offer list + checkout quote/send/confirm primitives
  5. Member channel register/poll primitives
  6. Governance install + lease primitives (with explicit operation_mode)
  7. Raw response log for deterministic troubleshooting
  8. Wallet session lifecycle controls (manual refresh/revoke + automatic pre-expiry refresh)
  9. Deterministic fail-closed error messaging mapped from backend policy/error codes

Wallet automation helpers remain available in advanced controls:

  1. Connect wallet fills address from window.ethereum.
  2. Sign intent (EIP-712) signs the current intent payload and fills walletSignature.
  3. Sign payer proof signs distinct-payer ownership proof and fills payerProof.
  4. Send EDUT ID tx submits the quote transaction via eth_sendTransaction and fills confirmTxHash.
  5. EDUT ID confirm can optionally attach on-ramp attestation fields (identity_assurance_level, identity_attested_by, identity_attestation_id) for provider-integrated flows.
  6. Wallet verify returns a session token; launcher forwards it on marketplace/member/governance API calls via bearer + X-Edut-Session.
  7. Launcher proactively refreshes wallet sessions before expiry and clears local session state on terminal session errors (invalid, expired, revoked, mismatch).

Policy behavior in launcher shell:

  1. EDUT ID is required for all member-channel polling flows.
  2. onramp_attested identity assurance is required for owner support-ticket and governance install-token actions.
  3. Assurance state is displayed independently from EDUT ID state in the top summary cards.
  4. Owner-only buttons are UI-disabled until both EDUT ID is active and assurance is onramp_attested.
  5. Governance activation evidence must carry explicit signing authority class (identity_human or delegated).

Run locally:

cd /Users/vsg/Documents/VSG\ Codex/launcher/app
python3 -m http.server 4310

Then open http://127.0.0.1:4310 and point API base URL at running secretapi.