daarion-admin/microdao-daarion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔧 Add site/ to .gitignore (mkdocs build output)
Some checks failed
Build and Deploy Docs / build-and-deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Apple
2026-01-10 07:57:47 -08:00
parent fb4f4a16d5
commit eed1e30aca
385 changed files with 1 additions and 369105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

951
site/cursor/DOCX_UPDATE_INSTRUCTIONS/index.html
View File

@@ -1,951 +0,0 @@
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="canonical" href="https://IvanTytar.github.io/microdao-daarion/cursor/DOCX_UPDATE_INSTRUCTIONS/">
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<title>Інструкції для оновлення .docx документів - DAARION Documentation</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.66ac8b77.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#docx" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header md-header--shadow" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="DAARION Documentation" class="md-header__button md-logo" aria-label="DAARION Documentation" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg>
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
DAARION Documentation
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Інструкції для оновлення .docx документів
</span>
</div>
</div>
</div>
<script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="DAARION Documentation" class="md-nav__button md-logo" aria-label="DAARION Documentation" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg>
</a>
DAARION Documentation
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../public/" class="md-nav__link">
<span class="md-ellipsis">
Home
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../public/getting-started/" class="md-nav__link">
<span class="md-ellipsis">
Getting Started
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../public/architecture-overview/" class="md-nav__link">
<span class="md-ellipsis">
Architecture
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../public/daiS_daos_overview/" class="md-nav__link">
<span class="md-ellipsis">
DAIS & DAOS
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="">
<span class="md-ellipsis">
Internal
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Internal
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5_1" >
<label class="md-nav__link" for="__nav_5_1" id="__nav_5_1_label" tabindex="0">
<span class="md-ellipsis">
Infra
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_5_1_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5_1">
<span class="md-nav__icon md-icon"></span>
Infra
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../internal/infra/INFRA_AUTOMATION_PACK_V1/" class="md-nav__link">
<span class="md-ellipsis">
Infra Automation Pack v1
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../internal/infra/monitoring_overview/" class="md-nav__link">
<span class="md-ellipsis">
Monitoring Overview
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../internal/infra/nodes_registry_v0/" class="md-nav__link">
<span class="md-ellipsis">
Nodes Registry v0
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5_2" >
<label class="md-nav__link" for="__nav_5_2" id="__nav_5_2_label" tabindex="0">
<span class="md-ellipsis">
Specs
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_5_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5_2">
<span class="md-nav__icon md-icon"></span>
Specs
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../internal/specs/matrix_presence_aggregator/" class="md-nav__link">
<span class="md-ellipsis">
Matrix Presence Aggregator
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../internal/specs/city_map_spec/" class="md-nav__link">
<span class="md-ellipsis">
City Map Spec
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../internal/specs/node_join_protocol_draft/" class="md-nav__link">
<span class="md-ellipsis">
Node Join Protocol (Draft)
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#1-microdao-data-model-event-catalogdocx" class="md-nav__link">
<span class="md-ellipsis">
1. microdao — Data Model &amp; Event Catalog.docx
</span>
</a>
<nav class="md-nav" aria-label="1. microdao — Data Model & Event Catalog.docx">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-access-keys" class="md-nav__link">
<span class="md-ellipsis">
Крок 1: Додати новий розділ для таблиць access keys
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-event-catalog" class="md-nav__link">
<span class="md-ellipsis">
Крок 2: Додати події в Event Catalog
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#2-microdao-rbac-entitlements-mvpdocx" class="md-nav__link">
<span class="md-ellipsis">
2. microdao — RBAC і Entitlements (MVP).docx
</span>
</a>
<nav class="md-nav" aria-label="2. microdao — RBAC і Entitlements (MVP).docx">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1" class="md-nav__link">
<span class="md-ellipsis">
Крок 1: Оновити формулу доступу
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-entitlements-bundles" class="md-nav__link">
<span class="md-ellipsis">
Крок 2: Додати мапінг Entitlements → bundles
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#3-microdao-security-architecture-threat-model-mvpdocx" class="md-nav__link">
<span class="md-ellipsis">
3. microdao — Security Architecture &amp; Threat Model (MVP).docx
</span>
</a>
<nav class="md-nav" aria-label="3. microdao — Security Architecture & Threat Model (MVP).docx">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-access-keys-policy-service" class="md-nav__link">
<span class="md-ellipsis">
Крок 1: Додати підрозділ про Access Keys &amp; Policy Service
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-access-keys" class="md-nav__link">
<span class="md-ellipsis">
Крок 2: Додати підрозділ про зберігання access keys
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3" class="md-nav__link">
<span class="md-ellipsis">
Крок 3: Додати абзац про агентний шар
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#4-walletstaking" class="md-nav__link">
<span class="md-ellipsis">
Крок 4: Додати абзац про Wallet/Staking
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#4" class="md-nav__link">
<span class="md-ellipsis">
4. Перевірка
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#5-markdown" class="md-nav__link">
<span class="md-ellipsis">
5. Посилання на Markdown документи
</span>
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="docx">Інструкції для оновлення .docx документів<a class="headerlink" href="#docx" title="Permanent link">&para;</a></h1>
<p>Цей документ містить інструкції для механічного оновлення Word документів (<code>.docx</code>), які не можна редагувати автоматично.</p>
<hr />
<h2 id="1-microdao-data-model-event-catalogdocx">1. <code>microdao — Data Model &amp; Event Catalog.docx</code><a class="headerlink" href="#1-microdao-data-model-event-catalogdocx" title="Permanent link">&para;</a></h2>
<h3 id="1-access-keys">Крок 1: Додати новий розділ для таблиць access keys<a class="headerlink" href="#1-access-keys" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> Після <code>Heading 3 "3.9 Integrations / Webhooks / Audit"</code></p>
<p><strong>Що додати:</strong></p>
<div class="codehilite"><pre><span></span><code>Heading 3: 3.10 Access Keys &amp; Capability Bundles
</code></pre></div>
<p><strong>SQL схема:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="k">create</span><span class="w"> </span><span class="k">table</span><span class="w"> </span><span class="n">access_keys</span><span class="w"> </span><span class="p">(</span>
<span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">primary</span><span class="w"> </span><span class="k">key</span><span class="p">,</span><span class="w"> </span><span class="c1">-- ak_...</span>
<span class="w"> </span><span class="n">subject_kind</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="p">,</span><span class="w"> </span><span class="c1">-- &#39;user&#39; | &#39;agent&#39; | &#39;integration&#39; | &#39;embassy&#39;</span>
<span class="w"> </span><span class="n">subject_id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="p">,</span><span class="w"> </span><span class="c1">-- u_/ag_/...</span>
<span class="w"> </span><span class="n">team_id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">null</span><span class="p">,</span><span class="w"> </span><span class="c1">-- t_..., якщо scoped до команди</span>
<span class="w"> </span><span class="n">name</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="p">,</span>
<span class="w"> </span><span class="n">status</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="w"> </span><span class="k">check</span><span class="w"> </span><span class="p">(</span><span class="n">status</span><span class="w"> </span><span class="k">in</span><span class="w"> </span><span class="p">(</span><span class="s1">&#39;active&#39;</span><span class="p">,</span><span class="s1">&#39;revoked&#39;</span><span class="p">,</span><span class="s1">&#39;expired&#39;</span><span class="p">)),</span>
<span class="w"> </span><span class="n">created_at</span><span class="w"> </span><span class="n">timestamptz</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="w"> </span><span class="k">default</span><span class="w"> </span><span class="n">now</span><span class="p">(),</span>
<span class="w"> </span><span class="n">expires_at</span><span class="w"> </span><span class="n">timestamptz</span><span class="w"> </span><span class="k">null</span><span class="p">,</span>
<span class="w"> </span><span class="n">last_used_at</span><span class="w"> </span><span class="n">timestamptz</span><span class="w"> </span><span class="k">null</span>
<span class="p">);</span>
<span class="k">create</span><span class="w"> </span><span class="k">table</span><span class="w"> </span><span class="n">capabilities</span><span class="w"> </span><span class="p">(</span>
<span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">primary</span><span class="w"> </span><span class="k">key</span><span class="p">,</span><span class="w"> </span><span class="c1">-- cap_...</span>
<span class="w"> </span><span class="n">code</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="w"> </span><span class="k">unique</span><span class="p">,</span><span class="w"> </span><span class="c1">-- chat.message.send, wallet.stake.ringk, ...</span>
<span class="w"> </span><span class="n">description</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span>
<span class="p">);</span>
<span class="k">create</span><span class="w"> </span><span class="k">table</span><span class="w"> </span><span class="n">access_key_caps</span><span class="w"> </span><span class="p">(</span>
<span class="w"> </span><span class="n">key_id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">references</span><span class="w"> </span><span class="n">access_keys</span><span class="p">(</span><span class="n">id</span><span class="p">)</span><span class="w"> </span><span class="k">on</span><span class="w"> </span><span class="k">delete</span><span class="w"> </span><span class="k">cascade</span><span class="p">,</span>
<span class="w"> </span><span class="n">cap_id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">references</span><span class="w"> </span><span class="n">capabilities</span><span class="p">(</span><span class="n">id</span><span class="p">)</span><span class="w"> </span><span class="k">on</span><span class="w"> </span><span class="k">delete</span><span class="w"> </span><span class="k">cascade</span><span class="p">,</span>
<span class="w"> </span><span class="k">primary</span><span class="w"> </span><span class="k">key</span><span class="w"> </span><span class="p">(</span><span class="n">key_id</span><span class="p">,</span><span class="w"> </span><span class="n">cap_id</span><span class="p">)</span>
<span class="p">);</span>
<span class="k">create</span><span class="w"> </span><span class="k">table</span><span class="w"> </span><span class="n">bundles</span><span class="w"> </span><span class="p">(</span>
<span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">primary</span><span class="w"> </span><span class="k">key</span><span class="p">,</span><span class="w"> </span><span class="c1">-- bundle_...</span>
<span class="w"> </span><span class="n">name</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="w"> </span><span class="k">unique</span><span class="p">,</span><span class="w"> </span><span class="c1">-- role.Member / plan.Premium / agent.default</span>
<span class="w"> </span><span class="n">created_at</span><span class="w"> </span><span class="n">timestamptz</span><span class="w"> </span><span class="k">not</span><span class="w"> </span><span class="k">null</span><span class="w"> </span><span class="k">default</span><span class="w"> </span><span class="n">now</span><span class="p">()</span>
<span class="p">);</span>
<span class="k">create</span><span class="w"> </span><span class="k">table</span><span class="w"> </span><span class="n">bundle_caps</span><span class="w"> </span><span class="p">(</span>
<span class="w"> </span><span class="n">bundle_id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">references</span><span class="w"> </span><span class="n">bundles</span><span class="p">(</span><span class="n">id</span><span class="p">)</span><span class="w"> </span><span class="k">on</span><span class="w"> </span><span class="k">delete</span><span class="w"> </span><span class="k">cascade</span><span class="p">,</span>
<span class="w"> </span><span class="n">cap_id</span><span class="w"> </span><span class="nb">text</span><span class="w"> </span><span class="k">references</span><span class="w"> </span><span class="n">capabilities</span><span class="p">(</span><span class="n">id</span><span class="p">)</span><span class="w"> </span><span class="k">on</span><span class="w"> </span><span class="k">delete</span><span class="w"> </span><span class="k">cascade</span><span class="p">,</span>
<span class="w"> </span><span class="k">primary</span><span class="w"> </span><span class="k">key</span><span class="w"> </span><span class="p">(</span><span class="n">bundle_id</span><span class="p">,</span><span class="w"> </span><span class="n">cap_id</span><span class="p">)</span>
<span class="p">);</span>
</code></pre></div>
<hr />
<h3 id="2-event-catalog">Крок 2: Додати події в Event Catalog<a class="headerlink" href="#2-event-catalog" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>6.3 Події (JSON, скорочено)</code></p>
<p><strong>1. У список <code>topic</code> додати:</strong></p>
<ul>
<li><code>access_key.created</code></li>
<li><code>access_key.revoked</code></li>
<li><code>access_key.used</code></li>
</ul>
<p><strong>2. Нижче, де йдуть payload-схеми, додати JSON-схеми:</strong></p>
<p><strong>access_key.created:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1">// envelope.topic = &quot;access_key.created&quot;</span>
<span class="s">&quot;access_key_created&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;object&quot;</span><span class="p">,</span>
<span class="w"> </span><span class="s">&quot;properties&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s">&quot;key_id&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;subject_kind&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;subject_id&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;team_id&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s">&quot;string&quot;</span><span class="p">,</span><span class="s">&quot;null&quot;</span><span class="p">]</span><span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;required&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s">&quot;key_id&quot;</span><span class="p">,</span><span class="s">&quot;subject_kind&quot;</span><span class="p">,</span><span class="s">&quot;subject_id&quot;</span><span class="p">]</span>
<span class="p">}</span>
</code></pre></div>
<p><strong>access_key.revoked:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1">// envelope.topic = &quot;access_key.revoked&quot;</span>
<span class="s">&quot;access_key_revoked&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;object&quot;</span><span class="p">,</span>
<span class="w"> </span><span class="s">&quot;properties&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s">&quot;key_id&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;revoked_by&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;revoked_at&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;format&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;date-time&quot;</span><span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;required&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s">&quot;key_id&quot;</span><span class="p">,</span><span class="s">&quot;revoked_by&quot;</span><span class="p">,</span><span class="s">&quot;revoked_at&quot;</span><span class="p">]</span>
<span class="p">}</span>
</code></pre></div>
<p><strong>access_key.used:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1">// envelope.topic = &quot;access_key.used&quot;</span>
<span class="s">&quot;access_key_used&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;object&quot;</span><span class="p">,</span>
<span class="w"> </span><span class="s">&quot;properties&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="s">&quot;key_id&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;subject_id&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;action&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;resource_kind&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;ts&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="s">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;string&quot;</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;format&quot;</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;date-time&quot;</span><span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">},</span>
<span class="w"> </span><span class="s">&quot;required&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s">&quot;key_id&quot;</span><span class="p">,</span><span class="s">&quot;subject_id&quot;</span><span class="p">,</span><span class="s">&quot;action&quot;</span><span class="p">,</span><span class="s">&quot;resource_kind&quot;</span><span class="p">,</span><span class="s">&quot;ts&quot;</span><span class="p">]</span>
<span class="p">}</span>
</code></pre></div>
<hr />
<h2 id="2-microdao-rbac-entitlements-mvpdocx">2. <code>microdao — RBAC і Entitlements (MVP).docx</code><a class="headerlink" href="#2-microdao-rbac-entitlements-mvpdocx" title="Permanent link">&para;</a></h2>
<h3 id="1">Крок 1: Оновити формулу доступу<a class="headerlink" href="#1" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>2) Модель доступу</code></p>
<p><strong>Знайти:</strong> Нинішню формулу <code>allow = ...</code></p>
<p><strong>Замінити на:</strong></p>
<div class="codehilite"><pre><span></span><code>allow =
RBAC(role, action, resource)
∧ Entitlement(plan, RINGK_staked)
∧ Capability(key, action, resource)
∧ ACL(resource)
∧ Mode(public|confidential)
</code></pre></div>
<p><strong>Додати після формули:</strong></p>
<blockquote>
<p><code>Capability(key, …)</code> береться з bundles <code>bundle.role.*</code> + <code>bundle.plan.*</code> (детальніше див. <code>24_access_keys_capabilities_system.md</code>).</p>
</blockquote>
<hr />
<h3 id="2-entitlements-bundles">Крок 2: Додати мапінг Entitlements → bundles<a class="headerlink" href="#2-entitlements-bundles" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>6) Entitlements від RINGK (стейк)</code>, в кінці розділу</p>
<p><strong>Додати:</strong></p>
<blockquote>
<p><strong>Мапінг Entitlements → capability-bundles</strong></p>
<ul>
<li>плани <code>Freemium/Casual/Premium/Platformium</code> відповідають <code>bundle.plan.*</code>;</li>
<li>множники від стейку RINGK впливають на квоти для capabilities (<code>chat.message.send</code>, <code>agent.run.invoke</code>, <code>router.invoke</code>, <code>wallet.payout.claim</code>).</li>
</ul>
</blockquote>
<hr />
<h2 id="3-microdao-security-architecture-threat-model-mvpdocx">3. <code>microdao — Security Architecture &amp; Threat Model (MVP).docx</code><a class="headerlink" href="#3-microdao-security-architecture-threat-model-mvpdocx" title="Permanent link">&para;</a></h2>
<h3 id="1-access-keys-policy-service">Крок 1: Додати підрозділ про Access Keys &amp; Policy Service<a class="headerlink" href="#1-access-keys-policy-service" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>5. Авторизація</code>, після першого підрозділу (5.1/5.2)</p>
<p><strong>Додати:</strong></p>
<div class="codehilite"><pre><span></span><code>Heading 3: 5.x Access Keys &amp; Policy Service (PDP/PEP)
</code></pre></div>
<p><strong>Текст:</strong></p>
<ul>
<li>Access keys перевіряються через PDP (Policy Decision Point / Policy Service)</li>
<li>PEP (Policy Enforcement Point) живе в API Gateway та сервісах</li>
<li>Використовується capability-token (JWT/opaque), який несе:</li>
<li><code>sub</code> (user/agent/integration ID)</li>
<li><code>team_id</code></li>
<li>стиснений список <code>caps</code> (capabilities)</li>
</ul>
<hr />
<h3 id="2-access-keys">Крок 2: Додати підрозділ про зберігання access keys<a class="headerlink" href="#2-access-keys" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>8. Зберігання та доступ</code></p>
<p><strong>Додати:</strong></p>
<div class="codehilite"><pre><span></span><code>Heading 3: 8.x Зберігання access keys
</code></pre></div>
<p><strong>Текст:</strong></p>
<ul>
<li>Метадані зберігаються в таблиці <code>access_keys</code> (див. Data Model)</li>
<li>Секрети (<code>secret</code>) зашифровані через KMS/HSM</li>
<li>One-time reveal: після створення ключ не показується повторно</li>
<li>Ротація: обов'язковий <code>expires_at</code>, періодична ротація ключів</li>
</ul>
<hr />
<h3 id="3">Крок 3: Додати абзац про агентний шар<a class="headerlink" href="#3" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>11. Агентний шар</code></p>
<p><strong>Додати:</strong></p>
<blockquote>
<p>Всі приватні агенти працюють виключно через Agent Access Keys з мінімальними capabilities. Для <code>mode='confidential'</code> агенти не отримують plaintext-повідомлень, тільки summary/embeddings (узгоджено з E2EE моделлю).</p>
</blockquote>
<hr />
<h3 id="4-walletstaking">Крок 4: Додати абзац про Wallet/Staking<a class="headerlink" href="#4-walletstaking" title="Permanent link">&para;</a></h3>
<p><strong>Де:</strong> У розділі <code>12. Wallet/Staking/Токени</code></p>
<p><strong>Додати:</strong></p>
<blockquote>
<p>Всі операції гаманця (<code>wallet.balance.view</code>, <code>wallet.stake.ringk</code>, <code>wallet.payout.claim</code>) завжди проходять через capability-check для ключа (user/agent). Перевірка виконується через PDP перед виконанням операції.</p>
</blockquote>
<hr />
<h2 id="4">4. Перевірка<a class="headerlink" href="#4" title="Permanent link">&para;</a></h2>
<p>Після оновлення всіх <code>.docx</code> файлів перевір:</p>
<ul>
<li>У Data Model додано розділ 3.10 з таблицями access keys</li>
<li>У Event Catalog додано 3 нові topics та їх JSON-схеми</li>
<li>У RBAC оновлено формулу доступу та додано мапінг Entitlements → bundles</li>
<li>У Security Architecture додано 4 нові розділи/абзаци про Access Keys</li>
</ul>
<hr />
<h2 id="5-markdown">5. Посилання на Markdown документи<a class="headerlink" href="#5-markdown" title="Permanent link">&para;</a></h2>
<p>Всі деталі вже є в Markdown документах:</p>
<ul>
<li><code>24_access_keys_capabilities_system.md</code> — повна специфікація</li>
<li><code>DAARION_city_platforms_catalog.md</code> — мапінг платформ</li>
<li><code>28_flows_wallet_embassy_energy_union.md</code> — sequence-діаграми</li>
</ul>
<hr />
<p><strong>Версія:</strong> 1.0<br />
<strong>Останнє оновлення:</strong> 2024-11-14</p>
</article>
</div>
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
</div>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.sections", "navigation.instant", "content.code.copy"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.3220b9d7.min.js"></script>
</body>
</html>