Add self-hosted Umami analytics to replace the third-party cloud.umami.is
tracker. Creates @harb/analytics package with typed event helpers and
instruments the conversion funnel: CTA clicks (landing), wallet connect,
swap initiated, and stake created (web-app).
- Add Umami Docker service sharing existing postgres (separate DB)
- Add Caddy /analytics route to proxy Umami dashboard
- Configure via VITE_UMAMI_URL and VITE_UMAMI_WEBSITE_ID env vars
- Document setup and funnel events in docs/ENVIRONMENT.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Root cause: landing page CTA uses <KButton> (renders <button>), not <a>.
Test 07 was using getByRole('link') which never matched.
- Fix CTA locator: getByRole('button', { name: /get.*krk|get.*edge/i })
- Revert viewport-passing changes in tests 03, 06, and wallet-provider
to match master — these were untested and added risk
- Cross-browser now only runs test 07 (landing pages) which uses the
default { page } fixture — no wallet context needed
- Filter net::ERR_ from console error assertions (CI network noise)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Step timeout 900→1800s to accommodate 34 tests across 5 projects
- Remove test 06 (dashboard pages) from cross-browser specs — each
subtest creates a wallet context, making 4× browser runs too slow
- Cross-browser now runs 03 (GraphQL verification) + 07 (landing pages)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- launchOptions with --disable-dev-shm-usage and --no-sandbox are
Chromium-specific; passing them to Firefox/WebKit causes errors.
Move to chromium and android project use blocks only.
- Fix landing page CTA assertion to match actual button text
("Get $KRK", "Get Your Edge") instead of generic patterns.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add Playwright projects for Chromium, Firefox, WebKit, iPhone 14, and
Pixel 7 viewports. Chromium runs all specs (01-07); other projects run
read-only specs (03, 06, 07) after Chromium finishes, using project
dependencies to ensure chain state exists.
Coverage audit:
- Tests 01/02 already cover /app/get-krk, /app/cheats as part of flows
- Test 03 verifies GraphQL endpoints
- Test 06 covers wallet + position dashboards
- New test 07 adds landing page and docs smoke coverage
Changes:
- playwright.config.ts: 5 projects (3 desktop browsers + 2 mobile)
- wallet-provider.ts: accept optional viewport/screen for mobile contexts
- 03, 06 specs: pass project viewport to wallet context
- 07-landing-pages.spec.ts: new spec for landing homepage + docs
- e2e.yml: timeout 600→900s for cross-browser matrix, updated comments
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix misleading taxRate comment in AttackRunner.s.sol (index into TAX_RATES[], not raw rate)
- Clarify _validatePriceMovement NatSpec return doc in PriceOracle.sol
- Remove redundant double-cast uint256(uint256(...)) in OptimizerV3Push3Lib.sol
- Add Basescan URL source comments for SWAP_ROUTER and WETH addresses
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Update all AGENTS.md watermarks to HEAD (b276392)
- Clean up dust.jsonl: remove already-bundled items (601,627,739,741)
- Pending actions: promote #1099/#1100/#1101 to backlog, close stale
prediction issues #1020/#1103/#1107, comment on partial resolution
of #1022 (holdout resolved, user-test still empty)
Add formulas/AGENTS.md documenting sense vs act type distinction,
cron conventions, step ID naming rules, TOML structure skeleton,
and a how-to-add-a-new-formula walkthrough.
Add scripts/harb-evaluator/AGENTS.md covering the evaluator runtime:
directory layout, exit code convention, stack lifecycle, evidence
output, and how to add a new evaluator script.
Update root AGENTS.md directory map to link both new files.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add tools/push3-evolution/** to the transpiler-tests step's path filter
so that changes to push3-evolution also trigger transpiler tests.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- #864: Add comment documenting that MEMORY_FILE and REPORT_DIR both
resolve to $REPO_ROOT/tmp (intentional coupling, previously undocumented)
- #579: POOL die guard already present (added in a2f8996, issue #854)
- #775: feeDest address already corrected (fixed in 0e33d6c, issue #760)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- #989: Quote $VARIANT_IDX and $NEXT_IDX in printf '%03d' calls in
evolve.sh (SC2086 — no behavior change, style consistency)
- #612: Already resolved by commit 79a2e2e (fitness.sh switched from
deployments-local.json to broadcast JSON, eliminating dead Kraiken/Stake reads)
- #945: Already resolved by commit 052ad7a (manifest.schema.json
fitness_flags description corrected to "Comma-separated")
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Evolution can produce syntactically invalid seeds (e.g. missing
DYADIC.<= before EXEC.IF). These transpiler errors should not block
CI — only forge compilation failures of successfully transpiled seeds
are real regressions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Skip test/script compilation in seed-transpile-check since the test
file references getLiquidityParams() which only exists in the checked-in
stub, not in transpiler output.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Renumber test_transpiler_clamping.sh tests from 5-14 to 6-15 to avoid
overlap with test_inject_extraction.sh Test 5 (#1017).
Items #1012 (ts-node→tsx) and #986 (CI using npm test) were already
resolved by prior commits.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Wrap the fallback pool.observe() call in a try/catch so that pools with
insufficient observation history for both the primary (30s) and fallback
(6000s) intervals return false (price unstable) instead of reverting with
an opaque Uniswap V3 error. This prevents recenter() from failing for
unpermissioned callers on newly created pools.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Root cause: PRICE_STABILITY_INTERVAL (300s) was too long relative to
MIN_RECENTER_INTERVAL (60s). After any significant trade moving the tick
>1000 positions, the 5-minute TWAP lagged behind the current price by
hundreds of ticks, exceeding MAX_TICK_DEVIATION (50). Recenter reverted
with "price deviated from oracle" for ~285s — creating a window where
the LM could not reposition and adversary parasitic LP could extract
value from passive holders.
Fix: Reduce PRICE_STABILITY_INTERVAL from 300s to 30s. This ensures
TWAP converges within the 60s cooldown while still preventing same-block
manipulation (30s > ~12s Ethereum mainnet block time).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add SecurityInfo component displayed after LiveStats on the landing page:
- Unaudited badge with planned Q3 2026 audit date
- KRAIKEN Token and Stake contract addresses with copy-to-clipboard buttons
- BaseScan and source code links
- Responsive layout for mobile viewports
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Evidence file: change result to PENDING (not INCREASED) with delta_bps 0,
since this is a registration placeholder, not a measured run
- Attack file: add missing unstake for position 6 so all staking positions
are cleaned up
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implement the attack catalogue loop (step 5a) in red-team.sh that was
previously a forward spec in the formula. The loop replays every *.jsonl
attack file through AttackRunner.s.sol with snapshot revert between files,
records LM total ETH before/after each attack, and injects results into
the adversarial agent prompt so it knows which strategies are already
catalogued.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
