PrivateDO
ConnectReviewSignVerify
Explore

Product navigation

Judge Route
Canonical reviewer path with product proof, integrations, awards context, and runtime evidence
Start
Guided onboarding and wallet-first flow
Learn
Workflow-first onboarding and product operating guide
Help
Product guide across routes, docs, and proof
Govern
Create, vote, and execute on Solana Testnet
Intelligence
Risk scoring, market context, and signer decision support
Treasury
Treasury health, solvency context, and agent policy routes
Payroll
Private payroll CSV, stablecoin choice, and auditor receipt flow
Gaming
Guilds, tournaments, inventory proposals, and reward operations
Compliance
Scoped compliance packs and bounded viewing-key evidence
Execute
Private payroll, vendor settlement, and treasury actions
Proof
Operation receipts, runtime logs, and verification routes
Developers
API docs, SDK starters, and integration surfaces
RPC Services
Hosted reads, relayer checks, QVAC status, and runtime endpoints
API Status
Backend health, visitor counters, and freshness endpoints
Command Center
Ops dashboard, indexed proposals, and readiness gates
Live State
Proposals, treasury, and action logs
Story
Live product story and fast explanation
Community
Join, updates, pilot interest, and support routing
Benefit
theMiracle wallet-placement benefit and Founding Governor access
Versus
PrivateDAO compared with Realms, Squads, Snapshot, and DAOhaus
Revenue
Self-hosted, managed SLA, and enterprise commercial tiers
Android
Mobile app, APK download, parity plan
Trust
Security, proof, and operating boundaries
Health
Runtime status and verification health
Custody
Multisig, authority transfer, and custody evidence
Analytics
Votes, proposals, actions
API & Pricing
Pilot, API, commercial packs
Engage
Buyer path, pilot motion, mainnet trajectory
Search
Search routes, docs, tracks, and proof
Docs
Curated reviewer and trust docs
Diagnostics
Runtime surfaces
Reviewer bundle aware
Diagnostics
Generated artifacts, runtime checks, and reviewer bundle health in one place

This page keeps the operator story productized: what is packaged, what is proven, what is actively being strengthened next, and how the verification chain stays coherent inside a professional operations shell.

Open governOpen executeOpen curated docs
Use diagnostics after you connect a Testnet wallet and run the product flow. This is where a visitor, reviewer, or operator can confirm the runtime result, inspect the data corridor, and see that the system is doing real work instead of presenting static claims.
Telemetry truth

Telemetry truth for diagnostics reviewers

Show packet freshness, indexed proposal scale, finalized counts, and the direct telemetry packet route before the deeper diagnostics surfaces.
Freshness
2d old
Indexed proposal count
17
Governance finalized
0/7
Confidential finalized
0/5
Open reviewer telemetry packetOpen diagnosticsOpen analytics
Reviewer telemetry quick links
Fast path from diagnostics into the telemetry packet, analytics summaries, and hosted-read proof without forcing the reviewer to infer the data corridor.
Open telemetry packetOpen diagnosticsOpen analyticsOpen hosted-read proofOpen read-node snapshot
Hosted-read proof strip

Runtime, integration, and reviewer proof tied to one infrastructure story

This strip keeps the RPC and telemetry story concrete: hosted reads, runtime evidence, integration proof, and trust surfaces remain linked so the infrastructure case reads like product value rather than hidden backend detail. A visitor should be able to connect a Testnet wallet, run the flow, and then use these routes to see why the system already behaves like production-intent infrastructure.

Runtime evidenceCore integrationsRead-node snapshotLaunch trust packet
Live proofs
2

Baseline proof and dedicated V3 proof packet are both reviewer-facing

ZK anchors
3

On-chain proof anchors exposed in the Testnet evidence path

Wallets
50

Multi-wallet Testnet rehearsal already captured and packaged

Commercial rails
4

Grant, fund, gaming, and enterprise service packs remain part of the UI

Incident readiness

Monitoring, alerts, and a compact response loop belong in the product discipline

Operational maturity
Monitor what fails first

A full web app needs operational visibility behind the UI. The fastest way to lose trust is letting RPC, wallet, or instruction failures become invisible until users complain.

Track RPC failures and sustained latency regression.
Track wallet connection and signature failures.
Track failed governance instructions by route and action.
Alert on anomalies, not only outages

Repeated retries, duplicate execute attempts, and unexpected proposal-state transitions matter as much as hard downtime in a governance product.

Alert on repeated tx attempts or duplicate calls.
Alert on proposal state inconsistencies and blocked transitions.
Alert on treasury-action mismatches and execution anomalies.
Keep a small response loop

Incident handling should stay deterministic: detect, classify, contain, verify state, collect evidence, and publish the operator update without improvisation.

Keep a short operator runbook.
Preserve action-level logs for proposal and wallet flows.
Use diagnostics and proof routes as part of the response surface.
DiagnosticsProof centerIncident readiness runbook
Analyst-grade data corridor

Export-ready summaries and hosted-read proof for reviewer-grade telemetry

Telemetry posture
Runtime evidence, diagnostics, and analytics now behave like one reviewer-safe telemetry corridor rather than three disconnected surfaces.
Hosted-read proof
Core integrations, read-node snapshot, and services packaging keep hosted reads visible as buyer and reviewer value.
Operational trust
Launch trust, custody truth, and runtime evidence remain close enough that data reviewers can inspect proof without leaving the product shell.
Export-ready route
The telemetry export packet now gives a compact path into diagnostics, analytics, runtime evidence, and the hosted-read proof chain.
Open telemetry export packetOpen telemetry packetOpen read-node snapshotOpen diagnosticsOpen read-node opsOpen integrations

Release readiness map

Multisig + authority transfer
Tracked

Custody evidence is partially recorded in-product (4/6). External signatures and readouts are being pulled into the same readiness lane so reviewers can follow the operating progress directly.

External audit closure
External evidence next

Security review packet exists, and external sign-off remains an explicit hardening gate.

Real-device runtime captures
Capture expansion active

Wallet runtime templates are documented; production captures are still separated from claims.

Monitoring + alerting
Documented

Operational rules exist and are linked, but live deployment evidence remains outside the repo surface.

Strict custody ingestion

Record ceremony evidence in the exact shape needed by the canonical custody proof

4/6 gates
This surface no longer collects free-form notes only. It builds a strict, reviewer-safe JSON packet that maps directly into docs/multisig-setup-intake.json. Only public keys, public transaction signatures, and readout references belong here.
Define signer set
Repo-ready
Freeze the real 3-signer roster and backup procedures before any authority movement.
Record multisig package
Strict ingestion live
Collect the implementation, address, creation signature, rehearsal signature, and timelock references in one structured packet.
Capture authority transfer evidence
External execution next
Record the destination authority, transfer signature, and post-transfer readout reference for each operational surface.
Apply and rebuild canonical proof
Repo automation ready
Save the JSON packet into `docs/custody-evidence-intake.json` and run the apply command to update canonical proof artifacts.
Multisig package
Implementation, address, creation signature, and rehearsal signature
Next step
Need implementation, multisig address, creation signature, and rehearsal signature.
Threshold and timelock
Capture the final threshold and 48+ hour configuration evidence
Valid
Threshold and timelock evidence are fully recorded.
Signer roster
Record each signer slot with a real public key and backup confirmation
Valid
Slot 1 · founder-operator
Valid
Public key and backup discipline recorded.
Slot 2 · independent-security-or-ops-signer
Valid
Public key and backup discipline recorded.
Slot 3 · recovery-or-governance-signer
Valid
Public key and backup discipline recorded.
Authority transfer surfaces
Each surface needs destination authority, transfer signature, and post-transfer readout reference
program-upgrade-authority
EP9xE8MJZ6FfyEwLqns6HDdUZBknEa7WGYs1Jzsecuva
Valid
Destination, signature, and readout reference are all recorded.
dao-authority
EP9xE8MJZ6FfyEwLqns6HDdUZBknEa7WGYs1Jzsecuva
Next step
Need destination authority, transfer signature, readout text, and a reference link.
treasury-operator-authority
EP9xE8MJZ6FfyEwLqns6HDdUZBknEa7WGYs1Jzsecuva
Next step
Need destination authority, transfer signature, readout text, and a reference link.
Authority split

Mainnet requires a hard separation between upgrade authority, treasury authority, and admin authority. PrivateDAO should not carry a single-wallet super-admin posture into production.

Upgrade authority must be isolated from treasury execution.
Treasury authority must remain bound to proposal execution and treasury policy.
Admin authority should stay bounded and explicitly reduced before launch.
Production ceremony

Authority transfer has to be observable and reviewable. The credible path is a documented multisig ceremony with signer inventory, role assignment, and transaction-backed handoff evidence.

Create the production multisig and define signer roles.
Transfer upgrade authority with transaction evidence.
Transfer treasury authority and record the evidence path.
Launch boundary

Until the ceremony is complete, authority hardening remains part of the explicit production-gate surface. This is a strength when shown clearly rather than implied away.

Remove unnecessary single-signer powers.
Keep the next trust steps visible to reviewers and buyers.
Treat authority transfer as a trust event, not an internal note.

Strict intake packet

How to close this fast
When the real ceremony values arrive, download the JSON packet below, save it as docs/custody-evidence-intake.json, then run npm run apply:custody-evidence-intake. That command updates the canonical intake and rebuilds canonical custody proof, reviewer packet, and launch trust packet artifacts together.
Ingestion readiness
4/6 structured gates passed
ready-for-transfer
This local packet remains reviewer-safe. It accepts only public keys, public transaction signatures, and docs or explorer references.
Current packet preview
Multisig implementation: Squads Protocol v4
Multisig address: CALHrBqx6jbzcPn2NVcinqSAHeod65v9LcDuTxsdPqBv
Timelock configured hours: 48
Signer keys populated: 3/3
Authority transfers with signatures: 1/3
Never include secrets
No seed phrases, private keys, unencrypted keypair exports, or screenshots containing secret material belong in this packet.
Release readiness registerProduction custody ceremonyAuthority hardening briefOpen multisig setup intakeOpen canonical custody proofOpen reviewer packetOpen launch trust packetOpen authority transfer runbook