Add <= 1e18 upper-bound check for all 8 input slots in the validation
loops of both Optimizer.calculateParams() and OptimizerV3Push3Lib.calculateParams().
Previously only slot 0 (percentageStaked) had an overflow guard —
slots 1-7 (averageTaxRate and future indicators) could silently accept
values > 1e18, violating the documented [0, 1e18] invariant.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Planner needs to know HOW to use resources, not just that they exist.
Adds action dispatch instructions, lists all available formulas, and
documents the port 8545 constraint for concurrent formula runs.
Supports disinto #544 (planner formula dispatch awareness).
Add SCHEMA.md documenting the JSONL attack file format with all operation
definitions, field types, and the burn_lp tokenId convention divergence
between AttackRunner (.positionIndex) and FitnessEvaluator (.tokenId).
Add schema-version header comments to all existing attack files and teach
both consumers to skip comment lines starting with //.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Make burn_lp ops fork-block-independent by using a 1-based positionIndex
(resolved at runtime from prior mint_lp ops) instead of hardcoded NFT
tokenIds. Mirrors the existing pattern used by unstake/_stakedPositionIds.
Also log a warning when burn_lp encounters zero liquidity instead of
silently becoming a no-op.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add infrastructure.weth to deployments-local.json output in both
bootstrap-common.sh (write_deployments_json) and bootstrap-light.sh,
so non-Base local forks get the correct WETH address from the
deployment file instead of silently falling back to the Base hardcode.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prerequisite tree seeded from VISION.md milestones with current issue state.
Top 3 constraints: contract safety (#1031/#997/#1067), OptimizerV3 tests (#1054),
evolution commits via PR (#1047).
RESOURCES.md lists evolution box, Codeberg accounts, CI, and RPC access.
Part of disinto #502 (planner v2).
Add `_hasRecenterTick` boolean guard to decouple bootstrap detection from
VWAP volume tracking. Before this fix, the bootstrap condition relied solely
on `cumulativeVolume == 0`, which made `lastRecenterTick==0` ambiguous:
it could mean "never recentered" or "previous recenter landed at tick 0
(price = 1.0 token ratio)".
The new guard ensures the direction comparison in the else-branch only
runs after a recenter has explicitly set `lastRecenterTick`, eliminating
the tick-0 ambiguity. Belt-and-suspenders: both `!_hasRecenterTick` and
`cumulativeVolume == 0` trigger bootstrap.
Tests added:
- test_hasRecenterTickGuardPreventsTick0Ambiguity
- test_vwapFrozenDuringBuyOnlyAfterSellRecenter
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add table-driven Foundry tests for OptimizerV3.calculateParams covering:
- Bear regime at 0%, 1%, 50%, 91% staking (all tax rates)
- Bull/bear boundary at 92% with tax index transitions
- Bull/bear at 95% with penalty=50 exact boundary
- EffIdx shift behavior at 96% (taxIdx 13→14 discontinuity)
- Bull at 97% with max tax, 100% always bull
- Edge cases: all-zero inputs, zero tax at high staking
- Mantissa overflow guard
- Unused slots ignored
- Fuzz: no reverts, output always exactly bear or bull
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Review feedback: d.get('fitness_flags') without a default preserves the
null vs absent distinction mandated by the manifest schema (string | null).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Two changes in evolve.sh pool-admission code:
1. Include `fitness_flags` from evaluator JSONL in the manifest entry dict
for newly admitted candidates (~line 866-874). Previously the field was
omitted, so downstream `effective_fitness()` could never zero-rate a new
candidate.
2. Use `effective_fitness(entry)` when appending new candidates to the
evolved ranking list (~line 907), so ZERO_RATED_FLAGS defence applies
at first admission — not only when re-ranking existing entries.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When `git apply --check` passes but `git apply` itself fails, the code
now checks STOP_REQUESTED before continuing to the next iteration,
consistent with the check at the end of the main loop.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add explicit timeout: 3s to bootstrap, webapp, and landing healthchecks
to avoid Docker's 30s default.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The production feeDest has contract bytecode on Base mainnet, not an EOA.
Fix the contradictory comment flagged in review.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Document the FEE_DEST derivation in DeployBaseMainnet.sol and explain
why FitnessEvaluator.t.sol intentionally uses a different address.
The production address (0xf6a3...D9011) is correct — it has contract
bytecode on Base mainnet, so setFeeDestination() locks it permanently.
The test uses a keccak-derived EOA (0x8A91...9383) to avoid the locking
behaviour breaking snapshot/revert cycles in fork tests.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add `cleanup` step: removes per-generation candidate files and
generation_*.jsonl records after they are aggregated into the evidence
file, preventing disk exhaustion (cf. run #1025 at 91% usage).
- Rewrite `deliver` step with mandatory ordering:
1. `git checkout -- .` to discard unrelated working-tree modifications
before staging result files (evidence JSON, champion .push3, manifest).
2. Commit to branch `evidence/evolution-run-{run_id}` (not directly to main).
3. Push and create PR — if this fails, post an error comment and leave the
issue OPEN; do not proceed to step 4.
4. Post summary comment only after PR URL is confirmed, with mandatory
link to the PR.
- Update `products.evidence_file` delivery to PR branch (was "commit to main").
- Update `products.issue_comment` to enforce ordering and non-close-on-failure.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add scripts/harb-evaluator/run-resources.sh: collects disk, RAM,
Anthropic API usage, and Woodpecker CI queue metrics
- Add scripts/harb-evaluator/run-protocol.sh: collects TVL, fees,
position data, and rebalance events from LiquidityManager
- Fix run-protocol.toml: positions accessed via positions(uint8) not
named getters (floorPosition/anchorPosition/discoveryPosition)
- Fix event signature: Recentered(int24,bool) not Recenter(int24,int24,int24)
Addresses review findings: missing implementation files and contract
interface mismatch.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add seed-transpile-check CI step that loops over every *.push3 file in
tools/push3-evolution/seeds/, transpiles it via the Push3 transpiler,
and verifies the generated Solidity compiles with forge build. Fails
the build if any seed fails transpilation or compilation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## Problem
The project-level `.claude/settings.json` overrides the global `skipDangerousModePermissionPrompt` flag, causing Claude Code to show an interactive bypass-permissions confirmation dialog in worktrees. This blocks ALL non-interactive agent sessions on evolution.
## Root cause
Claude Code resolves settings per-project. When a `.claude/settings.json` exists in the repo, it takes precedence over `~/.claude/settings.json`. The harb repo has one (with supervisor hooks) but without `skipDangerousModePermissionPrompt: true`. Result: every agent tmux session shows a confirmation prompt and dies.
## Fix
Delete `.claude/settings.json` and `.claude/hooks/supervisor/` entirely:
- The supervisor hooks are legacy from claude-code-supervisor
- agent-session.sh injects its own hooks per worktree at runtime
- Disinto has no project-level `.claude/` and works fine
- Global `~/.claude/settings.json` has the correct flags
## Impact
**This unblocks all harb agents on evolution.** Currently zero PRs can be processed.
Reviewed-on: https://codeberg.org/johba/harb/pulls/1089
Fixes#1066
## Changes
Done. Here's what was changed:
**`evidence/README.md`**
- Added `"candidate_commit": "abc1234"` to the red-team schema JSON example
- Added `candidate_commit | string | Git commit SHA of the optimizer under test` row to the field table
**`scripts/harb-evaluator/red-team.sh`**
- Captures `CANDIDATE_COMMIT` from `git rev-parse HEAD` at startup (alongside existing `CANDIDATE_NAME`/`OPTIMIZER_PROFILE`)
- Added a new step (9a-pre) that writes `evidence/red-team/YYYY-MM-DD.json` at the end of each run, including `candidate_commit` plus all other schema fields (`candidate`, `optimizer_profile`, `lm_eth_before`, `lm_eth_after`, `eth_extracted`, `floor_held`, `verdict`, `attacks`)
Co-authored-by: openhands <openhands@all-hands.dev>
Reviewed-on: https://codeberg.org/johba/harb/pulls/1075
Reviewed-by: Disinto_bot <disinto_bot@noreply.codeberg.org>
