PrivateDO
Search or ask AI
Operational Surface

Quick route navigation

Start
Guided onboarding and wallet-first flow
AI Assistant
Internal AI-style guide across routes, docs, and proof
Story
Hosted product video and why-us reel
Community
Join, updates, pilot interest, and support routing
Command Center
Create, vote, execute
Dashboard
Governance state and treasury
Proof
Baseline and V3 evidence
Security
Hardening and cryptography
Intelligence
Proposal, treasury, voting, RPC, and gaming analysis
Diagnostics
Runtime and artifact health
Custody
Multisig, authority transfer, and custody evidence
Analytics
Votes, proposals, actions
Services
Pilot, API, commercial packs
Engage
Buyer path, pilot motion, mainnet trajectory
Tracks
Competition readiness and fit
Search
Search routes, docs, tracks, and proof
Documents
Curated reviewer and trust docs
Diagnostics
Runtime surfaces
Reviewer bundle aware
Diagnostics
Generated artifacts, runtime checks, and reviewer bundle health in one place

This page keeps the operator story productized: what is packaged, what is proven, what is still pending-external, and how the verification chain stays coherent inside a professional operations shell.

Open command centerOpen dashboardOpen curated docs
Telemetry truth

Telemetry truth for diagnostics reviewers

Show packet freshness, indexed proposal scale, finalized counts, and the direct telemetry packet route before the deeper diagnostics surfaces.
Freshness
3d old
Indexed proposal count
41
Governance finalized
7/7
Confidential finalized
5/5
Open reviewer telemetry packetOpen diagnosticsOpen analytics
Loading telemetry runtime focus…
Reviewer telemetry quick links
Fast path from diagnostics into the telemetry packet, analytics summaries, and hosted-read proof without forcing the reviewer to infer the data corridor.
Open telemetry packetOpen diagnosticsOpen analyticsOpen hosted-read proofOpen read-node snapshot
Hosted-read proof strip

Runtime, integration, and reviewer proof tied to one infrastructure story

This strip keeps the RPC and telemetry story concrete: hosted reads, runtime evidence, integration proof, and trust surfaces remain linked so the infrastructure case reads like product value rather than hidden backend detail.

Runtime evidenceFrontier integrationsRead-node snapshotLaunch trust packet
Live proofs
2

Baseline proof and dedicated V3 proof packet are both reviewer-facing

ZK anchors
3

On-chain proof anchors exposed in the Devnet evidence path

Wallets
50

Multi-wallet Devnet rehearsal already captured and packaged

Commercial rails
4

Grant, fund, gaming, and enterprise service packs remain part of the UI

Loading diagnostics center…
Incident readiness

Monitoring, alerts, and a compact response loop belong in the product discipline

Operational maturity
Monitor what fails first

A full web app needs operational visibility behind the UI. The fastest way to lose trust is letting RPC, wallet, or instruction failures become invisible until users complain.

Track RPC failures and sustained latency regression.
Track wallet connection and signature failures.
Track failed governance instructions by route and action.
Alert on anomalies, not only outages

Repeated retries, duplicate execute attempts, and unexpected proposal-state transitions matter as much as hard downtime in a governance product.

Alert on repeated tx attempts or duplicate calls.
Alert on proposal state inconsistencies and blocked transitions.
Alert on treasury-action mismatches and execution anomalies.
Keep a small response loop

Incident handling should stay deterministic: detect, classify, contain, verify state, collect evidence, and publish the operator update without improvisation.

Keep a short operator runbook.
Preserve action-level logs for proposal and wallet flows.
Use diagnostics and proof routes as part of the response surface.
DiagnosticsProof centerIncident readiness runbook
Loading diagnostics metrics…
Analyst-grade data corridor

Export-ready summaries and hosted-read proof for reviewer-grade telemetry

Telemetry posture
Runtime evidence, diagnostics, and analytics now behave like one reviewer-safe telemetry corridor rather than three disconnected surfaces.
Hosted-read proof
Frontier integrations, read-node snapshot, and services packaging keep hosted reads visible as buyer and reviewer value.
Operational trust
Launch trust, custody truth, and runtime evidence remain close enough that data reviewers can inspect proof without leaving the product shell.
Export-ready route
The telemetry packet now gives a compact path into diagnostics, analytics, runtime evidence, and the hosted-read proof chain.
Open telemetry packetOpen read-node snapshotOpen diagnosticsOpen read-node opsOpen integrations

Launch blockers and readiness

Multisig + authority transfer
Pending external

Custody workspace and transfer runbooks are live; program authority and operational privileges still need final multisig transaction evidence.

External audit closure
Pending external

Security review packet exists, but external sign-off is still an explicit blocker.

Real-device runtime captures
Pending external

Wallet runtime templates are documented; production captures are still separated from claims.

Monitoring + alerting
Documented

Operational rules exist and are linked, but live deployment evidence remains outside the repo surface.

Strict custody ingestion

Record ceremony evidence in the exact shape needed by the canonical custody proof

0/6 gates
This surface no longer collects free-form notes only. It builds a strict, reviewer-safe JSON packet that maps directly into docs/multisig-setup-intake.json. Only public keys, public transaction signatures, and readout references belong here.
Define signer set
Repo-ready
Freeze the real 3-signer roster and backup procedures before any authority movement.
Record multisig package
Strict ingestion live
Collect the implementation, address, creation signature, rehearsal signature, and timelock references in one structured packet.
Capture authority transfer evidence
External execution pending
Record the destination authority, transfer signature, and post-transfer readout reference for each operational surface.
Apply and rebuild canonical proof
Repo automation ready
Save the JSON packet into `docs/custody-evidence-intake.json` and run the apply command to update canonical proof artifacts.
Multisig package
Implementation, address, creation signature, and rehearsal signature
Pending
Need implementation, multisig address, creation signature, and rehearsal signature.
Threshold and timelock
Capture the final threshold and 48+ hour configuration evidence
Pending
Need exact 2-of-3 threshold, 48+ hour timelock, configuration signature, and reference URL.
Signer roster
Record each signer slot with a real public key and backup confirmation
Pending
Slot 1 · founder-operator
Pending
Need a real signer public key and backup confirmation.
Slot 2 · independent-security-or-ops-signer
Pending
Need a real signer public key and backup confirmation.
Slot 3 · recovery-or-governance-signer
Pending
Need a real signer public key and backup confirmation.
Authority transfer surfaces
Each surface needs destination authority, transfer signature, and post-transfer readout reference
program-upgrade-authority
5AhUsbQ4mJ8Xh7QJEomuS85qGgmK9iNvFqzF669Y7Psx
Pending
Need destination authority, transfer signature, readout text, and a reference link.
dao-authority
5AhUsbQ4mJ8Xh7QJEomuS85qGgmK9iNvFqzF669Y7Psx
Pending
Need destination authority, transfer signature, readout text, and a reference link.
treasury-operator-authority
5AhUsbQ4mJ8Xh7QJEomuS85qGgmK9iNvFqzF669Y7Psx
Pending
Need destination authority, transfer signature, readout text, and a reference link.
Authority split

Mainnet requires a hard separation between upgrade authority, treasury authority, and admin authority. PrivateDAO should not carry a single-wallet super-admin posture into production.

Upgrade authority must be isolated from treasury execution.
Treasury authority must remain bound to proposal execution and treasury policy.
Admin authority should stay bounded and explicitly reduced before launch.
Production ceremony

Authority transfer has to be observable and reviewable. The credible path is a documented multisig ceremony with signer inventory, role assignment, and transaction-backed handoff evidence.

Create the production multisig and define signer roles.
Transfer upgrade authority with transaction evidence.
Transfer treasury authority and record the evidence path.
Launch boundary

Until the ceremony is complete, authority hardening remains part of the explicit Mainnet blocker surface. This is a strength when shown honestly rather than implied away.

Remove unnecessary single-signer powers.
Keep pending steps visible to reviewers and buyers.
Treat authority transfer as a trust event, not an internal note.

Strict intake packet

How to close this fast
When the real ceremony values arrive, download the JSON packet below, save it as docs/custody-evidence-intake.json, then run npm run apply:custody-evidence-intake. That command updates the canonical intake and rebuilds canonical custody proof, reviewer packet, and launch trust packet artifacts together.
Ingestion readiness
0/6 structured gates passed
pending-external
This local packet remains reviewer-safe. It accepts only public keys, public transaction signatures, and docs or explorer references.
Current packet preview
Multisig implementation: pending-selection
Multisig address: Not recorded yet
Timelock configured hours: Not recorded yet
Signer keys populated: 0/3
Authority transfers with signatures: 0/3
Never include secrets
No seed phrases, private keys, unencrypted keypair exports, or screenshots containing secret material belong in this packet.
Mainnet blockersProduction custody ceremonyAuthority hardening briefOpen multisig setup intakeOpen canonical custody proofOpen reviewer packetOpen launch trust packetOpen authority transfer runbook