24 lines
1.0 KiB
Markdown
24 lines
1.0 KiB
Markdown
# Environment Invariants
|
|
|
|
These invariants must hold for staging and production.
|
|
|
|
## Required Invariants
|
|
|
|
1. Chain ID in backend config matches allowed chain ID in API and frontend expectations.
|
|
2. Membership contract address in backend matches deployment registry.
|
|
3. Quote currency policy matches configured token addresses.
|
|
4. Origin allowlist includes only approved domains.
|
|
5. Fail-closed default behavior enabled for unknown membership/entitlement states.
|
|
6. Org boundary enforcement enabled for workspace-bound paid actions.
|
|
7. Availability state machine policy loaded with `ACTIVE/GRACE/CONTINUITY/PARKED`.
|
|
8. `PARKED` policy blocks paid execution while preserving read/export routes.
|
|
|
|
## Verification Checklist
|
|
|
|
1. Intent endpoint returns expected chain and contract metadata.
|
|
2. Confirm endpoint rejects tx on wrong chain.
|
|
3. Checkout gate blocks non-members.
|
|
4. Runtime activation gate blocks non-active entitlements.
|
|
5. Boundary mismatch gate blocks paid execution.
|
|
6. `continuity` and `parked` transitions enforce expected behavior.
|