Operational History
This page exists for one reason: architecture docs rot when they try to be architecture, changelog, postmortem, and victory lap at the same time. Sanctum had started doing that. This is the drawer where the dated material goes so the doctrine pages can stay readable.
Key Milestones
Section titled “Key Milestones”| Date | Event | Why it mattered |
|---|---|---|
| 2026-03-22 | Living Force redesign after the bridge100 cascade | Dependency-aware healing, quarantine, and graph-based reasoning became first-class concepts |
| 2026-03-28 | Great Alignment | Service manifest validity and cross-system naming improved materially |
| 2026-03-30 | Bootstrap and Force Flow push | Notification routing, boot reliability, and test fixes moved from theory into operations |
| 2026-04-03 | Workspace and runtime audit consolidation | Canonical workspace catalog, runtime drift remediation, and audit pages landed |
| 2026-04-07 | Model routing overhaul and provider hardening | Five independent provider paths, self-healing fallbacks, Signal migration to native, fnm removal, vision/multimodal enablement, and OpenClaw 2026.4.5 |
| 2026-04-08 | DenchClaw updated to 2026.4.8 | Mac-side CRM gateway (Jocasta) updated from 2026.4.5 to latest. Three-day turnaround from the April 7 OpenClaw update. |
| 2026-04-08 | Backup retention policy implemented | Daily backups kept 14 days, then bi-weekly archives, everything else purged. Script at ~/.sanctum/scripts/backup-retention.sh, runs weekly via automated job. Initial cleanup freed ~23 GB from iCloud. |
| 2026-04-08 | Qui-Gon promoted to version watchdog | version-check.sh deployed to track OpenClaw, DenchClaw, DuckDB, signal-cli, Node.js, and sanctum-proxy across npm and Homebrew. Weekly Monday 7 AM LaunchAgent with Signal alerting. Born from the April 7 version drift incident where fnm-vs-Homebrew OpenClaw installs and a three-patch-behind DenchClaw caused confusion. |
| 2026-04-10 | Holocron release pipeline hardened | The Electron shell moved from “works on this machine if you squint” to explicit Developer ID signing, notarization, stapling, and release-safe installed-app validation. The extra App Store Connect cleanup key was revoked, because credential archaeology is not a growth industry. |
| 2026-04-13 | Military-Grade Omnichannel ETL Pipeline | Jocasta’s 5-channel (Email, iMessage, WhatsApp, Signal, Telegram) CRM sync completely overhauled. Added file locking, Force Flow dead-man alerts, timezone hardening, Keychain-based Telethon integration, and DB snapshots. |
| 2026-04-14 | Sanctum-wide pnpm migration | All Mac and VM core runtimes and workspaces migrated from npm-global/npm-local to workspace-owned pnpm. Eradicated package-lock.json files and legacy node_modules drift. Upgraded all systems to OpenClaw 2026.4.14. |
| 2026-04-17 | Full-Stack Health Sweep | A narrow CLI fix surfaced four hours of drift across nine components; several “healthy” services were not. |
| 2026-04-18 | Off-Catalogue Audit | Five services found running outside the manifest, five registered, the catalogue-sync-check guardrail born. |
| 2026-04-19 | The Reasoner That Went Quiet | Twenty-five hours of green probes, then silence on a real question — telemetry caught what probes could not. |
| 2026-04-20 | The A+ Roadmap Closes | Principles 1–6 all finished becoming code in a single day; HA failover finally tested in anger. |
| 2026-04-20 | Pressure Valve Trilogy | A kernel panic, a Rust daemon shipped before lunch, and the same daemon killing the service it was meant to protect by dinner. |
| 2026-04-21 | The mTLS Day | Morning brings five probes onto certs; late-night ships the sanctum-server router’s code; overnight proves the full failover matrix on the MBP shadow. |
| 2026-04-24 | Every Jedi Answers to Their Name | LM Studio coder-14b and the eight Jedi Council system prompts get a Living Force roll-call — memory-gated auto-load plus an hourly self-identification probe. |
| 2026-04-24 | Five Locks on the Voice Door | sanctum-xtts becomes sanctum-tts. Adapter dispatcher on :8007 with five independent defense layers — mTLS, bearer-token ACL, reference-clip pinning, Ed25519-signed WAVs, hashed audit log. |
| 2026-04-26 | Wisdom Informs Reflex | chitti grows the rest of its koshas (mood + posture + samskara + attention). Watchdog learns multi-action remediation; the picker rotates compose-up → colima-restart-then-up within minutes of deploy. Direction loops. Heart broken open. |
| 2026-04-26 | Pressure-Valve Trilogy Redux | Six days after the trilogy, the same shape on a different vector — the valve hammered LM Studio coder-14b every 2 minutes for hours because pick_candidate_from_rows didn’t filter on T-state. Three-line fix, two new tests, live-verified. Sweep surfaced two latent bugs the trilogy never closed: Colima 0.10.1 SSH-forwarding instability and the memory-vault re-shed loop (phase-4). |
| 2026-04-27 | Two Gates, One Subscription | Hub and mobile node now run the same claude-max-api-proxy on :3456. Retired the per-request CLI-spawn proxy on :2001, migrated five consumers, kept retired plist + script for archaeology. Each host has its own Max OAuth session — no cross-machine routing required for local consumers, tailnet routing available for failover. Capacity doctrine’s third leg now matches the first two. |
| 2026-04-27 | The Vajrayogini Cut | Two carryovers from the trilogy redux closed at the root, not papered over: Colima 0.10.1’s SSH ControlMaster lifecycle bug retired by migrating HA + outline to OrbStack (native networking, no SSH-forwarded ports, 3-second cold start); pressure-valve gained phase-4 shed-effectiveness gating so the memory-vault re-shed loop closes itself when sheds aren’t moving swap_used. 49 valve tests pass, all live-deployed. |
| 2026-04-28 | The Clean Stage | Three-layer permanent fix for git working-tree drift across every sanctum repo: canonical gitignore template, daily git-drift-sentinel LaunchAgent, refusal-grade pre-commit hook (sensitive=refuse, untracked=warn). yoda-voice-agent dropped from 10,782 untracked files to 1. Doctrine: “if it’s not in git, it’s either gitignored or it doesn’t exist. No third state.” |
Recurring Lessons
Section titled “Recurring Lessons”- A green test suite is useless if it is testing the wrong world.
- LaunchAgents drift quietly until someone looks at the target path instead of the plist name.
- Hardcoded coordinates always feel harmless right before they become archaeology.
- Dated migration notes do not belong in stable architecture prose.
Historical Documents
Section titled “Historical Documents”The original long-form narrative remains available as living-force.md for archival context. It is useful as history and incident narrative. It is not the best single source for the current system shape.