Valeron · Platform Snapshot

Ecosystem View

Last updated: 2026-04-14 · source: Platform Foundation Polish (ADR-014 + ADR-015 accepted, Capture API split)

Single-page map of the Valeron platform. Use the tabs below to flip between the goal, the data flow, the current state of each component, the build plan, schema, role model, gotchas, and backlog. This is a living doc — regenerate it from a Claude session when the picture shifts.

Platform Infrastructure Readiness · 59/65 IN PROGRESS Platform Foundation Polish · 6/17 IN PROGRESS Demo Loop · 0/4 PENDING ADR-014 canonical pairing · ACCEPTED ADR-015 capture-api split · ACCEPTED

The demo loop

A real user signs up, pairs with a tracker and robot at a course, plays a Janice-driven round, sees videos in app, ends session, opens app.valeron.ai, logs in, sees the same data.

Beyond the demo loop, Platform Readiness (Feature #1) builds multi-tenant infrastructure for pilot deployments with role-based access, admin consoles, and production hardening.

Connectivity model

Cloud once at pairing, then dark for the round. Ferry syncs at end of day. Expect zero connectivity during play.

Authority

Session is cloud-created at start (via start-session edge function). Robot owns play-time data locally. Ferry syncs at end of day.

Course assignment

Robot's devices.course_id is the source of truth. Admin updates it when robot moves. No user selection.

Personas

Golfer Live

app.valeron.ai — sign up, pair, play, view rounds and videos.

Course Operator MVP Live

admin.valeron.ai — manage fleet, view sessions, user oversight for one course.

Valeron Admin MVP Live

admin.valeron.ai — fleet-wide view, all accounts, all courses, provisioning.

Detailed data flow

Full edge-labelled pipeline — cloud orchestrates pairing (ADR-014), robot runs the round, Capture Jetson handles vision. Per ADR-015, the Capture API is a standalone FastAPI service on the Capture Jetson; golfer pipeline stays untouched. User scans everything; robot has no display and does not scan QR codes. Dense by design — use fullscreen + zoom to trace a specific flow.

flowchart TB
    %% ========= CLIENT SURFACES (top row) =========
    subgraph Clients["Client surfaces"]
      direction LR
      WEB[web-platform-app
app.valeron.ai
Next.js · admin/ops]
      PILOT[mobile-golfer-app
React Native
ON HOLD · Apple Dev pending]
      FC[mobile-field-app
mobile web · Tailscale]
      MAP[web-mapper-app
course mapping tool]
      GOLFWEB[Golfer Web App
served by Janice at /golfer
ACTIVE golfer UX]
      PHONE[Golfer Phone
browser + camera]
    end

    %% ========= PLATFORM ROW ( Robot { Capture | Jetson } | Cloud ) =========
    subgraph Platform[" "]
      direction LR

      %% ----- ROBOT (physical unit — both Jetsons live here) -----
      subgraph Robot["Robot"]
        direction LR

        %% ----- CAPTURE JETSON -----
        subgraph CaptureJetson["Capture Jetson · ace00-capture"]
          direction TB
          CAPAPI[robot-capture-service · FastAPI
ACL-38 · ADR-015
/api/enroll · webhook emitter]
          PIPE[Shot Tracker Pipeline
C++ · dora-rs · Basler · OAK-D]
          CAPSOCK[[Unix sockets
/tmp/ace_capture_cmd.sock
/tmp/ace_capture_events.sock]]
          JSD2[systemd: robot-capture-service.service]
        end

        %% ----- ROBOT JETSON -----
        subgraph RobotJetson["Robot Jetson · ace00"]
          direction TB
          JANICE[Janice · FastAPI :8080
comms hub
pairing · auth · session store
webhook sink · golfer UI · FC UI]
          NAV[Nav Stack :8090
C++ autonomy]
          JSD1[systemd: janice.service]
        end
      end

      %% ----- CLOUD -----
      subgraph Cloud["Cloud · Supabase"]
        direction TB
        AUTH[Supabase Auth
Google · Apple · Magic Link]
        subgraph EdgeFns["Edge Functions · 9 deployed"]
          direction TB
          EFPAIR[pair]
          EFCON[connect]
          EFSS[start-session]
          EFES[end-session]
          EFEMS[end-my-session]
          EFADU[active-device-for-user]
          EFUBD[users-by-device]
          EFSESS[sessions]
          EFCRS[courses]
        end
        DB[(Postgres · pgvector · PostGIS
RLS on all tables)]
      end
    end

    %% ========= EOD TOOLS (pinned below) =========
    subgraph Ferry["End-of-day"]
      FERRY[desktop-ferry-app CLI · Tauri planned]
    end
    DB ~~~ FERRY

    %% ===== Phone / Cloud (LTE, clubhouse) =====
    PHONE -->|"1 · sign-in"| AUTH
    PHONE -->|"2 · scan tracker QR"| EFPAIR
    PHONE -->|"3 · scan robot QR
→ connect"| EFCON
    EFCON -->|"session + WiFi creds"| PHONE
    EFPAIR --> DB
    EFCON --> DB

    %% ===== Phone on robot AP =====
    PHONE -->|"4 · join robot AP
/golfer captive portal"| GOLFWEB
    GOLFWEB --- JANICE
    JANICE -->|"verify JWT · issue session token"| PHONE
    JANICE -.->|"WebSocket · new_shot
broadcast"| PHONE

    %% ===== Enrollment + shot pipeline =====
    JANICE -->|"POST /api/enroll/start
bearer-authed"| CAPAPI
    CAPAPI -->|"cmd socket"| CAPSOCK
    CAPSOCK --> PIPE
    PIPE -->|"event socket"| CAPSOCK
    CAPSOCK --> CAPAPI
    CAPAPI -->|"webhook
enrollment_complete
shot_complete
CAPTURE_WEBHOOK_SECRET"| JANICE

    %% ===== Janice → Cloud =====
    JANICE -->|"start-session"| EFSS
    JANICE -->|"end-my-session"| EFEMS
    JANICE -->|"sessions · shots upload
heartbeats"| EFSESS
    JANICE -->|"course data"| EFCRS
    EFSS --> DB
    EFES --> DB
    EFEMS --> DB
    EFADU --> DB
    EFUBD --> DB
    EFSESS --> DB
    EFCRS --> DB

    %% ===== Nav / local bridge =====
    JANICE <-->|"local HTTP"| NAV
    JSD1 -.-> JANICE
    JSD2 -.-> CAPAPI

    %% ===== Other client surfaces =====
    WEB -->|"auth + RLS reads"| AUTH
    WEB -->|"sessions · shots · storage"| DB
    MAP -->|"course_features publish"| DB
    FC -->|"operator nav mode
Tailscale"| JANICE
    PILOT -. future .-> AUTH

    %% ===== Ferry EOD =====
    FERRY -->|"pull local sessions"| JANICE
    FERRY -->|"batch upload"| EFSESS

    %% ===== styling =====
    classDef onhold fill:#0e1a12,stroke:#fcd34d,stroke-dasharray:4 3,color:#fcd34d;
    classDef active fill:#0e1a12,stroke:#9ac76a,color:#d7e7c5;
    class PILOT onhold;
    style Platform fill:transparent,stroke:transparent

Canonical pairing (ADR-014)

Golfer signs in on LTE · Supabase Auth
Scans tracker QR · phone calls pair
Scans robot QR · phone calls connect · cloud creates session + returns WiFi creds
Phone joins robot AP · captive portal opens Janice /golfer · JWT verified, session token issued
Visual onboarding · Janice → robot-capture-service · pipeline captures appearance vector · webhook back to Janice
Play · Capture Jetson detects shots · webhooks to Janice · WebSocket broadcast to phone

Capture API split (ADR-015)

robot-capture-service is a standalone FastAPI service on the Capture Jetson (separate systemd unit). It bridges Janice HTTP requests to the shot-tracker pipeline via two Unix sockets:

cmd.sock — API writes commands (enroll, capture) · pipeline reads
events.sock — pipeline writes events (enrollment_complete) · API reads and fires webhook to Janice
No Python imports shared with golfer repo · Brandon's capture_king branch unaffected

Component status

Grouped by repo. Each row tells you what works, what is planned, and what is drifting.

▶ web-platform-app Next.js · Vercel · app.valeron.ai

Golfer + admin shipped · connect landing live

OKSupabase SSR auth, middleware, hostname + role-based routing

OKMy Rounds page, round detail, hole videos, Clubhouse with weather widget

OK/connect landing page — robot QR target per ADR-014

OKAdmin route group + Fleet, Courses, Sessions, Users pages (Phase 2–3 shipped)

OKValeron Admin Console MVP + Operator Console MVP

▶ cloud-platform-service Supabase backend (project: ace_cloud)

9 edge functions, appearance_vectors online, edge hardening complete

OKTables: accounts, courses, devices, trackers, sessions, shots, profiles, memberships, course_features, publish_log, device_associations, map_sessions, captures, device_heartbeats, audit_log, incidents, appearance_vectors

OK9 edge functions deployed: pair, start-session, end-session, end-my-session, active-device-for-user, users-by-device, sessions, courses, connect (ACL-34)

OKAdmin-aware RLS + get_user_role() + memberships table (Phase 1 shipped)

OKPhase 7 edge function hardening (ACL-56, 58, 63) — JWT validation, CORS, input sanitization

OKappearance_vectors table (ACL-39) — per-user, per-session Re-ID storage

OKFirst real production session (2026-04-11)

OKPlatform docs fully audited, ADR-014 + ADR-015 accepted (2026-04-13)

▶ ace_supervisor (Janice) Python FastAPI · Robot Jetson · :8080 · comms hub

Comms hub · loop closed

OKAll phone↔robot comms flow through Janice — Capture Jetson is a dumb pipeline

OKGolfer web app (Svelte 5) served at /golfer — active golfer UX

OKField Control UI + operator UI served over Tailscale

OKSupabase JWT verification server-side via OIDC JWKS (offline-capable, cached)

OKWebhook sink for enrollment_complete + shot_complete (CAPTURE_WEBHOOK_SECRET bearer)

OKWebSocket broadcasts new_shot to phone during play

OKLow-level bridge to C++ nav stack :8090

OKRuns as janice.service (systemd)

OKace_onboard_api fully absorbed (archived repo)

▶ web-mapper-app (KYT) Next.js · course mapping tool

Works, undermapped

OKPublish flow to course_features

PartialOnly 2 courses have features

PartialNo completeness validation

▶ Capture Jetson ace00-capture · two-process, ADR-015

Two-board formal · API split accepted

OKShot tracker pipeline (C++ · dora-rs · Basler + OAK-D) — Brandon's capture_king branch, untouched

OKUnix socket bridge to API — /tmp/ace_capture_cmd.sock (commands in) + /tmp/ace_capture_events.sock (events out)

OKEnrollment UI via NiceGUI (dev/debug) — capture through robot-capture-service in prod

OKSSH: mbuibas@100.107.129.92 (Tailscale)

OKmock_capture for dev/demo still available on Janice side

▶ robot-capture-service FastAPI bridge · Capture Jetson · ADR-015 · ACL-38

Scaffold shipped, wiring in progress

OKLives in ace_devel/bridge/api/robot-capture-service/ — standalone Python project, separate from golfer repo

OKRuns as robot-capture-service.service (systemd) on Capture Jetson

OKEndpoints: /api/enroll/start, /api/enroll/status, webhook emitter

OKBearer-authed webhooks to Janice — CAPTURE_WEBHOOK_SECRET

PartialPipeline-side socket listener (~15 lines in perception_ds.py) pending integration

NextRe-ID gallery persistence into appearance_vectors table

▶ ace_pilot React Native · native golfer app (future)

On hold · Apple Dev license pending

HoldApple Developer enrollment pending — native rollout blocked

OKActive golfer UX runs on /golfer (served by Janice) — "build for native, test on web"

NextOnce license lands: port Svelte flows to RN, add NEHotspotConfiguration / Wi-Fi Suggestion for auto-join AP

▶ desktop-ferry-app TypeScript CLI · end-of-day sync

CLI working, Tauri planned

OKTypeScript CLI for end-of-day sync

TBDMulti-session enumeration (ACL-28)

TBDTauri desktop app (ACL-29)

▶ mobile-field-app Mobile web · field testing

Field testing tool

OKMobile web app for nav mode commands during field tests

Program progress

Platform Infrastructure Readiness — Feature #1, sequential phases (Phase 0 → 8). 59/65 IN PROGRESS

Platform Foundation Polish — Feature #4, post-PIR plateau work across three phases: Docs & Contracts, Testing Infrastructure, Developer Hygiene. IN PROGRESS · 6/17

Demo Loop — unphased post-PIR follow-ons migrated from AWE-* (ace_supervisor multi-session + desktop-ferry-app upload/Tauri). NOT STARTED · 0/4

Phase 0 Documentation & Contracts

COMPLETE

ACL-1SUPABASE.md rewrite✓

ACL-2SCHEMA.md corrections✓

Phase 1 Role Infrastructure

COMPLETE

ACL-3memberships table migration✓

ACL-4get_user_role() database function✓

ACL-5Admin-aware RLS policies✓

ACL-6Seed Matt as valeron_admin✓

ACL-7device_associations CREATE TABLE migration✓

ACL-8Middleware: hostname + role-based routing✓

ACL-9Admin route group + layout shell✓

Phase 2 Fleet + Courses

COMPLETE

ACL-10Fleet page (robots + trackers CRUD)✓

ACL-11Course detail (metadata + GeoJSON map + publish history)✓

ACL-12Shared admin components✓

ACL-21Valeron Admin Console MVP✓

Phase 3 Sessions + Users

COMPLETE

ACL-13Active sessions view + manual end-session✓

ACL-14Session history with filters✓

ACL-15Users page + role assignment✓

ACL-20Operator Console MVP✓

ACL-30Golfer stats✓

Phase 4 Production Hardening

COMPLETE

ACL-16Robot health heartbeat✓

ACL-17Incident alerting✓

ACL-18Audit log✓

ACL-19Security audit✓

ACL-22Edge function CI drift guard✓

ACL-23Postman/Newman API testing✓

ACL-24Course provisioning runbook✓

ACL-25Rename PIN_SECRET to JANICE_HMAC_SECRET✓

Demo Loop Unphased — post-PIR follow-ons · migrated from AWE-*

NOT STARTED · 0/4

ACL-26Shot position enrichment — point-in-polygon (ace_supervisor)

ACL-27Janice multi-session API (ace_supervisor)

ACL-28Ferry multi-session enumeration + upload (desktop-ferry-app)

ACL-29Tauri desktop wrapper for Ferry (desktop-ferry-app)

Phases 5–7 Canonical pairing · connect edge fn · edge hardening

COMPLETE

ACL-34connect edge function — cloud-orchestrated robot connection✓

ACL-38robot-capture-service FastAPI bridge — Janice ↔ Capture Jetson pipeline✓

ACL-39appearance_vectors table — per-user, per-session Re-ID storage✓

ACL-56Edge function JWT validation hardening✓

ACL-58CORS + rate-limit hardening✓

ACL-63Input sanitization + error boundaries✓

Platform Foundation Polish Feature #4 · 3 phases · post-PIR plateau work

IN PROGRESS · 6/17

Phase 1 · Docs & Contracts · 5/5 ✓

ACL-64Audit docs-platform against current reality✓

ACL-65OpenAPI specs for edge functions + Capture API✓

ACL-66Document webhook contracts✓

ACL-67Regenerate ecosystem diagram as Mermaid (this doc)✓

ACL-68Diagrams index refresh + Vercel deploy✓

Phase 2 · Testing Infrastructure · 0/5

ACL-69ADR-014 pairing flow smoke test (demo-loop gate)

ACL-70Capture API pytest suite

ACL-71Edge function integration test harness

ACL-79Fix enrollment_complete webhook Bearer auth (PR #184 ace_devel · pending review)

ACL-80Reconcile enrollment_complete field contract (sender ↔ receiver)

Phase 3 · Developer Hygiene · 0/7

ACL-72Enable Claude PR review bot on all Valeron repos

ACL-73Pre-commit hooks across all repos

ACL-74Enable Dependabot on all repos

ACL-75CI coverage parity audit

ACL-76Runbooks for top on-call scenarios

ACL-77CHANGELOG.md per repo

ACL-78Quarterly security audit cadence

Schema overview

Current Supabase tables as of 2026-04-14. Lane indicates the data domain.

Table	Lane	Status	Notes
accounts	Lane 1	OK	B2B customer accounts
courses	Lane 1	OK	8 courses, content thin
course_features	Lane 1	OK	~40 rows, 2 courses only
publish_log	Lane 1	OK	Snapshot history for rollback
devices	Lane 1	OK	1 device
trackers	Lane 1	OK	2 trackers
profiles	-	OK	2 users
sessions	Lane 2	OK	14+ incl 1 real (2026-04-11)
shots	Lane 2	OK	Seed data
device_associations	-	OK	UUID migration landed in Phase 1 (ACL-7)
memberships	-	OK	User ↔ account role map (ACL-3)
device_heartbeats	-	OK	Robot health pings (ACL-16)
audit_log	-	OK	Mutation history via triggers (ACL-18)
incidents	-	OK	Anomaly alerts (ACL-17)
appearance_vectors	Lane 2	OK	Per-user, per-session Re-ID (ACL-39)
map_sessions	-	OK	From web-mapper-app
captures	-	OK	From web-mapper-app

Storage

OK shot-videos bucket — stores uploaded MP4s from Ferry

Gotcha log

Things that surprised us, broke us, or are worth remembering. Newest first.

2026-04-13 Milestone

Platform Infrastructure Readiness — 59/59 tickets closed

Phase 0 through Phase 7 all complete. Admin-aware RLS, memberships, admin console MVPs, production hardening, canonical pairing support (ACL-34 connect edge fn, ACL-39 appearance_vectors), and edge function hardening (ACL-56/58/63) all shipped. Program rolls into "Platform Foundation Polish" for capture bridge and remaining seams.

2026-04-13 ADR

ADR-014 accepted — canonical pairing flow

Supersedes ADR-001 (derived PIN) and PAIRING_FLOW.md v3. User scans everything with phone — robot has no display and does not scan QR codes. New connect edge function creates session + returns WiFi creds. Appearance vector captured per session. No PIN, no HMAC-derived codes.

2026-04-13 ADR

ADR-015 accepted — Capture API split into separate FastAPI service

Two prior attempts to build the API inside the golfer repo diverged from Brandon's field-tested capture_king branch. robot-capture-service now lives standalone in ace_devel/bridge/api/, runs as its own systemd unit on the Capture Jetson, and bridges to the pipeline via two Unix sockets (cmd + events). ACL-38.

2026-04-13 Architecture

Two-board architecture is now formal

Robot Jetson (ace00) runs Janice + nav stack + golfer web app. Capture Jetson (ace00-capture) runs shot-tracker pipeline + robot-capture-service. They communicate over LAN/Tailscale via bearer-authed HTTP webhooks. Janice is the sole comms hub — phones only talk to Janice, Capture Jetson never serves the golfer directly.

2026-04-12 Housekeeping

All AWE-* tickets migrated to ACL-* in cloud-platform-service

cloud-platform-service (renamed from ace_cloud 2026-04-18, ADR-022 Phase E/10) is the cross-cutting kanban for platform infrastructure work. All AWE-* references in older docs refer to the same work items under new ACL-* identifiers. Linear `ACL` prefix retained across the rename.

2026-04-12 Docs

Platform docs fully audited

47 docs reviewed, 18 updated, SUPABASE.md rewritten from scratch, SCHEMA.md corrected to match production. This was Phase 0 of the build plan.

2026-04-13 Supersedes

ADR-001, ADR-012, ADR-013, PAIRING_FLOW.md all superseded by ADR-014

Derived-PIN, cloud-validated PIN, pro-shop pre-pairing, and robot-scans-phone-QR are all retired. ADR-014 is the single source of truth. If you see references to "pro-shop flow" or PIN derivation in old docs, ignore them.

2026-04-11 Milestone

First real production session

Session 87a654f8-ea14-4316-bcf3-b1bb1d63035a created 2026-04-11 19:27 UTC. Full Janice start-session path with real user, real tracker FK, real device UUID.

2026-04-11 Bug batch

Five latent bugs exposed once real requests started flowing

start-session schema drift (status='ended' vs 'completed'), JWT algorithm mismatch (RS256 vs ES256), sb_secret_ key format, pair gateway 401 (verify_jwt), robot_id contract ("robot-00" vs UUID). All fixed.

Resolved Fixed in Phase 1

device_associations.device_id type fix (ACL-7)

Legacy TEXT type was mismatched with devices.id (UUID). Resolved in Phase 1 when device_associations was rebuilt with the proper migration.

Work backlog

ACL-* tickets grouped by phase. Platform Infrastructure Readiness (Phase 0–7) closed out 2026-04-13.

Status as of 2026-04-14. See Build Plan tab for program-level progress.

Platform Infrastructure Readiness 59/65 closed · Phase 8 opened 2026-04-14

Platform Foundation Polish 6/17 closed · Phase 1 complete, Phase 2+3 pending

Demo Loop (post-PIR) 0/4 · all tickets in todo

Reconciled against Sidespace 2026-04-14. ACL-38 appears under Phases 5–7 (canonical pairing); ACL-26/27/28/29 are unfinished AWE-* migrations awaiting ace_supervisor + desktop-ferry-app work.

Phase 0 — Documentation & Contracts

ACL-1 SUPABASE.md rewrite Done

ACL-2 SCHEMA.md corrections Done

Phase 1 — Role Infrastructure

ACL-3 memberships table migration Done

ACL-4 get_user_role() database function Done

ACL-5 Admin-aware RLS policies Done

ACL-6 Seed Matt as valeron_admin Done

ACL-7 device_associations CREATE TABLE migration Done

ACL-8 Middleware: hostname + role-based routing Done

ACL-9 Admin route group + layout shell Done

Phase 2 — Fleet + Courses

ACL-10 Fleet page (robots + trackers CRUD) Done

ACL-11 Course detail (metadata + GeoJSON map + publish history) Done

ACL-12 Shared admin components Done

ACL-21 Valeron Admin Console MVP Done

Phase 3 — Sessions + Users

ACL-13 Active sessions view + manual end-session Done

ACL-14 Session history with filters Done

ACL-15 Users page + role assignment Done

ACL-20 Operator Console MVP Done

ACL-30 Golfer stats Done

Phase 4 — Production Hardening

ACL-16 Robot health heartbeat Done

ACL-17 Incident alerting Done

ACL-18 Audit log Done

ACL-19 Security audit Done

ACL-22 Edge function CI drift guard Done

ACL-23 Postman/Newman API testing Done

ACL-24 Course provisioning runbook Done

ACL-25 Rename PIN_SECRET to JANICE_HMAC_SECRET Done

Demo Loop — Unphased (0/4 · migrated from AWE-*)

ACL-26 Shot position enrichment — point-in-polygon (ace_supervisor) Todo

ACL-27 Janice multi-session API (ace_supervisor) Todo

ACL-28 Ferry multi-session enumeration + upload (desktop-ferry-app) Todo

ACL-29 Tauri desktop wrapper for Ferry (desktop-ferry-app) Todo

Phases 5–7 — Canonical pairing + edge hardening

ACL-34 connect edge function (cloud-orchestrated robot connection) Done

ACL-38 robot-capture-service FastAPI bridge (ADR-015) Done

ACL-39 appearance_vectors table Done

ACL-56 Edge function JWT validation hardening Done

ACL-58 CORS + rate-limit hardening Done

ACL-63 Input sanitization + error boundaries Done

Foundation Polish · Phase 1 — Docs & Contracts (5/5 ✓)

ACL-64 Audit docs-platform against current reality Done

ACL-65 OpenAPI specs for edge functions + Capture API Done

ACL-66 Document webhook contracts Done

ACL-67 Regenerate ecosystem diagram as Mermaid (this doc) Done

ACL-68 Diagrams index refresh + Vercel deploy Done

Foundation Polish · Phase 2 — Testing Infrastructure (0/5)

ACL-69 ADR-014 pairing flow smoke test (demo-loop gate) Todo

ACL-70 Capture API pytest suite Todo

ACL-71 Edge function integration test harness Todo

ACL-79 Fix enrollment_complete webhook Bearer auth (PR #184 ace_devel · pending review) Doing

ACL-80 Reconcile enrollment_complete field contract (sender ↔ receiver) Todo

Foundation Polish · Phase 3 — Developer Hygiene (0/7)

ACL-72 Enable Claude PR review bot on all Valeron repos Todo

ACL-73 Pre-commit hooks across all repos Todo

ACL-74 Enable Dependabot on all repos Todo

ACL-75 CI coverage parity audit Todo

ACL-76 Runbooks for top on-call scenarios Todo

ACL-77 CHANGELOG.md per repo Todo

ACL-78 Quarterly security audit cadence Todo

Architecture

Detailed data flow

Component status

Program progress

Schema overview

Role hierarchy

Gotcha log

Platform Infrastructure Readiness — 59/59 tickets closed

ADR-014 accepted — canonical pairing flow

ADR-015 accepted — Capture API split into separate FastAPI service

Two-board architecture is now formal

All AWE-* tickets migrated to ACL-* in cloud-platform-service

Platform docs fully audited

ADR-001, ADR-012, ADR-013, PAIRING_FLOW.md all superseded by ADR-014

First real production session

Five latent bugs exposed once real requests started flowing

device_associations.device_id type fix (ACL-7)

Work backlog