## Problem
The project-level `.claude/settings.json` overrides the global `skipDangerousModePermissionPrompt` flag, causing Claude Code to show an interactive bypass-permissions confirmation dialog in worktrees. This blocks ALL non-interactive agent sessions on evolution.
## Root cause
Claude Code resolves settings per-project. When a `.claude/settings.json` exists in the repo, it takes precedence over `~/.claude/settings.json`. The harb repo has one (with supervisor hooks) but without `skipDangerousModePermissionPrompt: true`. Result: every agent tmux session shows a confirmation prompt and dies.
## Fix
Delete `.claude/settings.json` and `.claude/hooks/supervisor/` entirely:
- The supervisor hooks are legacy from claude-code-supervisor
- agent-session.sh injects its own hooks per worktree at runtime
- Disinto has no project-level `.claude/` and works fine
- Global `~/.claude/settings.json` has the correct flags
## Impact
**This unblocks all harb agents on evolution.** Currently zero PRs can be processed.
Reviewed-on: https://codeberg.org/johba/harb/pulls/1089
Fixes#1066
## Changes
Done. Here's what was changed:
**`evidence/README.md`**
- Added `"candidate_commit": "abc1234"` to the red-team schema JSON example
- Added `candidate_commit | string | Git commit SHA of the optimizer under test` row to the field table
**`scripts/harb-evaluator/red-team.sh`**
- Captures `CANDIDATE_COMMIT` from `git rev-parse HEAD` at startup (alongside existing `CANDIDATE_NAME`/`OPTIMIZER_PROFILE`)
- Added a new step (9a-pre) that writes `evidence/red-team/YYYY-MM-DD.json` at the end of each run, including `candidate_commit` plus all other schema fields (`candidate`, `optimizer_profile`, `lm_eth_before`, `lm_eth_after`, `eth_extracted`, `floor_held`, `verdict`, `attacks`)
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/harb/pulls/1075
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Fixes#1055
## Changes
That notification is for the earlier background task which already completed — I retrieved its output and used it to diagnose and fix the failing test. The work is done.
Reviewed-on: https://codeberg.org/johba/harb/pulls/1080
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Addresses re-review feedback:
1. Attack 4 (2050 ETH): delta_bps=3746 is from extreme slippage
through thin liquidity beyond concentrated positions, not just
1% fees. Insight corrected to explain the slippage mechanism.
2. Floor Ratchet: renamed to "initial phase only", insight explicitly
notes the 2000-trade oscillation variant is NOT tested here and
is tracked as follow-up issue #1082.
3. Added methodology field explaining snapshot-isolation semantics
(why lm_eth_after == lm_eth_before).
4. Restored two dropped strategies (discovery WETH consumption,
one-way sell) with notes that they are subsumed by other attacks.
Re: #1058
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 8 adversarial strategies failed to extract ETH from LiquidityManager.
LM ETH actually increased from ~1000 to ~1050 ETH due to fee income.
Key defense: 1% pool fee + atomic recenter + massive floor liquidity.
Closes#1058
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- getLiquidityParams() now reverts with "OptimizerV3Push3: not for production use" instead
of silently returning zeroed bear-mode defaults; LiquidityManager.recenter() already has
a try/catch fallback so backtesting is unaffected
- Added @custom:experimental NatSpec annotation to the contract marking it as a transpiler
harness / backtesting stub only
- DeployBase.sol now validates any pre-existing optimizer address by calling getLiquidityParams()
and reverting if it fails, blocking accidental wiring of OptimizerV3Push3 as a live optimizer
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Review flagged inconsistency: line 8 said 'bootstrap init' while the
journal (2026-03-20.md:13) and Strategic direction (line 26) both use
'disinto init'.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Planner journal entry from first cron-driven run.
Moved from disinto PR #390 — planner journals belong in the harb repo.
Reviewed-on: https://codeberg.org/johba/harb/pulls/1064
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Extract transpiler output into OptimizerV3Push3Lib so both OptimizerV3
and OptimizerV3Push3 delegate to the same canonical copy. Future
transpiler changes now require only one edit.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- contracts-local-fork and node-quality now depend on foundry-suite
(not just bootstrap-deps) to avoid concurrent writes to onchain/out/
and onchain/cache/ from parallel forge invocations
- Remove duplicate forge build from node-quality (artifacts already
exist from foundry-suite)
- evolution-tests changed to depends_on: [] — it only runs npm install
in tools/ dirs, no submodule dependency
- Remove vestigial PATH=/root/.foundry/bin export from transpiler-tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
kraiken-lib/src/abis.ts imports from onchain/out/ which requires
forge build. Previously produced by the sequential foundry-suite step;
now that steps run in parallel, node-quality must build contracts itself.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add require(shift == 0) guards to Optimizer.calculateParams and
OptimizerV3.calculateParams so non-zero shifts revert instead of being
silently discarded. OptimizerV3Push3 already had this guard.
Update IOptimizer.sol NatSpec to document that shift is reserved for
future use and must be 0 in all current implementations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use brace expansion in import.meta.glob pattern so Vite treats it as a
dynamic glob (returns {} when no files match) instead of compiling it
to a static import that errors when the gitignored file is absent in CI.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use import.meta.glob with eager loading instead of a static import so
config.ts degrades gracefully when the file is absent (gitignored).
Fixes the node-quality CI failure introduced when the file was removed
from the repo in this PR.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Widen rootDir from "." to ".." and include push3-transpiler sources so
tsc can resolve the ../push3-transpiler/src imports that mutate.ts and
test files use.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add onchain/deployments-local.json to .gitignore so it is no longer tracked
- Remove the stale committed file from git
- Update fitness.sh to read LM address from forge broadcast JSON
(DeployLocal.sol's run-latest.json) instead of the potentially stale
deployments-local.json, matching the approach deploy-optimizer.sh already uses
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add evolution-tests step to Woodpecker CI pipeline. The transpiler-tests
step already existed; the new step runs push3-evolution's vitest suite
and triggers on changes to either tools/push3-evolution or
tools/push3-transpiler (since evolution imports the transpiler's parser).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fixes#618
## Changes
Add stack depth validation in processExecIf() so asymmetric EXEC.IF branches (where one branch pushes more values than the other) throw an explicit error instead of silently padding with '0'. Error messages identify both branch depths for DYADIC and BOOLEAN stacks. Removed dead-code '0'/'false' fallbacks in buildAssignments and reconstruction. Updated existing unbalanced-branch tests to expect errors; added regression tests for error message content and BOOLEAN mismatch. All existing seed files (optimizer_v3.push3, optimizer_seed.push3) continue to transpile.
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/harb/pulls/1033
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
Add TypeScript unit test suite for the Push3 transpiler using Node's
built-in test runner (node:test) with tsx. 47 tests across 12 suites
covering parser, stack underflow/overflow, EXEC.IF balanced/unbalanced/
nested branching, arithmetic, boolean ops, name binding, and integration.
Update CI to run `npm test` (which now includes unit tests + existing
bash tests) and scope transpiler-tests step to only trigger on changes
to tools/push3-transpiler/**.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move overflow guard to the actual vulnerable site:
ThreePositionStrategy._computeFloorTickWithSignal() line 262 where
vwapX96 >> 32 is cast to int128 for _tickAtPriceRatio. Values
exceeding int128.max now skip mirror tick (fallback to scarcity/clamp)
instead of reverting.
Remove incorrect require from Optimizer._buildInputs() which guarded
a non-existent int256 cast path.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add address(0) guard to fee transfer condition in _scrapePositions so
that when feeDestination is uninitialized, fees accrue as deployable
liquidity instead of reverting on safeTransfer to the zero address.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Wrap mint_lp and burn_lp ops in _executeOp with try/catch to match
the soft-fail pattern used by buy, sell, stake, and unstake. Replace
burn_lp's require() with a soft return for out-of-range index validation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add max-iterations guard (60 polls × 5s = 5 min) to both cooldown
polling loops with explicit error on timeout
- Use LAST_RECENTER (already validated) as fallback instead of "0" for
post-seed-buy lastRecenterTime read, preventing silent cooldown skip
on transient RPC failure
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
