diff --git a/QUALITY_ANALYSIS.md b/QUALITY_ANALYSIS.md new file mode 100644 index 0000000..fcdcfba --- /dev/null +++ b/QUALITY_ANALYSIS.md @@ -0,0 +1,306 @@ +# Timmy Time — Senior Architect Quality Analysis +**Date:** 2026-02-21 +**Branch:** `claude/quality-analysis-mobile-testing-0zgPi` +**Test Suite:** 228/228 passing ✅ + +--- + +## Executive Summary + +Timmy Time has a strong Python backend skeleton and a working HTMX UI, but the project is at a **critical architectural fork**: a second, fully-detached React frontend was introduced that uses 100% mock/static data with zero API connectivity. This split creates the illusion of a richer app than exists. Completeness against the stated vision is **~35-40%**. The mobile HITL framework is the standout quality asset. + +--- + +## 1. Architecture Coherence — CRITICAL ⚠️ + +**Score: 3/10** + +### Finding: Dual Frontend, Zero Integration + +The project ships two separate UIs that both claim to be "Mission Control": + +| UI | Tech | Backend Connected? | +|----|------|--------------------| +| `src/dashboard/` | FastAPI + Jinja2 + HTMX | ✅ Yes — real Timmy chat, health, history | +| `dashboard-web/` | React + TypeScript + Vite | ❌ No — 100% static mock data | + +The React dashboard (`dashboard-web/client/src/lib/data.ts`) exports `MOCK_CHAT`, `MOCK_HEALTH`, `MOCK_NOTIFICATIONS`, `MOCK_TASKS`, `MOCK_WS_EVENTS` — every data source is hardcoded. There is **not a single `fetch()` call** to the FastAPI backend. The `ChatPanel` simulates responses with `setTimeout()`. The `StatusSidebar` shows a hardcoded Ollama status — it never calls `/health/status`. + +**Impact:** The React UI is a clickable mockup, not a product. A new developer would not know which frontend is authoritative. + +### Finding: React App Has No Build Config + +`dashboard-web/client/` contains `src/` and `index.html` but no `package.json`, `vite.config.ts`, or `tsconfig.json` in that directory. The app imports from `@/components/ui/*` (shadcn/ui) but the `components/ui/` directory does not exist in the repo. The React app is **not buildable as committed**. + +--- + +## 2. Completeness Against Vision — 35-40% + +**Score: 4/10** + +| Feature | Roadmap | Status | +|---------|---------|--------| +| Agno + Ollama + SQLite dashboard | v1.0.0 | ✅ Complete | +| HTMX chat with history | v1.0.0 | ✅ Complete | +| AirLLM big-brain backend | v1.0.0 | ✅ Complete | +| CLI (chat/think/status) | v1.0.0 | ✅ Complete | +| Swarm registry + coordinator | v2.0.0 | ⚠️ Skeleton only — no real agents | +| Agent personas (Echo, Mace, Forge…) | v2.0.0 | ❌ Catalog only — never instantiated | +| MCP tools integration | v2.0.0 | ❌ Not started | +| Voice NLU | v2.0.0 | ⚠️ Backend module — no live UI | +| Push notifications | v2.0.0 | ⚠️ Backend module — never triggered | +| Siri Shortcuts | v2.0.0 | ⚠️ Endpoint stub only | +| WebSocket live swarm feed | v2.0.0 | ⚠️ Server-side ready — no UI consumer | +| L402 / Lightning payments | v3.0.0 | ⚠️ Mock implementation only | +| Real LND gRPC backend | v3.0.0 | ❌ Not started | +| Single `.app` bundle | v3.0.0 | ❌ Not started | +| React dashboard (live data) | — | ❌ All mock data | +| Mobile HITL checklist | — | ✅ Complete (27 scenarios) | + +--- + +## 3. Mobile UX Audit + +**Score: 7/10 (HTMX UI) / 2/10 (React UI)** + +### HTMX Dashboard — Strong + +The HTMX-served dashboard has solid mobile foundations verified by the automated test suite: + +- ✅ `viewport-fit=cover` — Dynamic Island / notch support +- ✅ `apple-mobile-web-app-capable` — Home Screen PWA mode +- ✅ `safe-area-inset-top/bottom` — padding clears notch and home indicator +- ✅ `overscroll-behavior: none` — no rubber-band on main page +- ✅ `-webkit-overflow-scrolling: touch` — momentum scroll in chat +- ✅ `dvh` units — correct height on iOS with collapsing chrome +- ✅ 44px touch targets on SEND button and inputs +- ✅ `font-size: 16px` in mobile query — iOS zoom prevention +- ✅ `enterkeyhint="send"` — Send-labelled keyboard key +- ✅ HTMX `hx-sync="this:drop"` — double-tap protection +- ✅ HTMX `hx-disabled-elt` — in-flight button lockout + +### Gap: Mobile Quick Actions Page (`/mobile`) + +The `/mobile` route template shows a "Mobile only" page with quick action tiles and a JS-based chat — but it uses **CSS `display: none` on desktop** via `.mobile-only` with an `@media (min-width: 769px)` rule. The desktop fallback shows a placeholder. This is a valid progressive enhancement approach but the page is not linked from the main nav bar. + +### React Dashboard — Mobile Not Functional + +The React dashboard uses `hidden lg:flex` for the left sidebar (desktop only) and an `AnimatePresence` slide-in overlay for mobile. The mobile UX architecture is correct. However, because all data is mock, tapping "Chat" produces a simulated response from a setTimeout, not from Ollama. This is not tested and not usable. + +--- + +## 4. Human-in-the-Loop (HITL) Mobile Testing + +**Score: 8/10** + +The `/mobile-test` route is the standout quality feature. It provides: + +- 21 structured test scenarios across 7 categories (Layout, Touch, Chat, Health, Scroll, Notch, Live UI) +- PASS/FAIL/SKIP buttons with sessionStorage persistence across scroll +- Live pass rate counter and progress bar +- Accessible on any phone via local network URL +- ← MISSION CONTROL back-link for easy navigation + +**Gaps to improve:** +- No server-side results storage — results lost when tab closes +- No shareable/exportable report (screenshot required for handoff) +- React dashboard has no equivalent HITL page +- No automated Playwright/Selenium mobile tests that could catch regressions + +--- + +## 5. Security Assessment + +**Score: 5/10** + +### XSS Vulnerability — `/mobile` template + +`mobile.html` line ~85 uses raw `innerHTML` string interpolation with user-supplied message content: + +```javascript +// mobile.html — VULNERABLE +chat.innerHTML += ` +
+
${message}
+
+`; +``` + +If a user types ``, it executes. This is a stored XSS via `innerHTML`. Fix: use `document.createTextNode(message)` or escape HTML before insertion. + +The `swarm_live.html` has the same pattern with WebSocket data: +```javascript +container.innerHTML = agents.map(agent => `...${agent.name}...`).join(''); +``` +If agent names contain ` - - - - diff --git a/dashboard-web/client/src/App.tsx b/dashboard-web/client/src/App.tsx deleted file mode 100644 index 4a26f0f..0000000 --- a/dashboard-web/client/src/App.tsx +++ /dev/null @@ -1,44 +0,0 @@ -import { Toaster } from "@/components/ui/sonner"; -import { TooltipProvider } from "@/components/ui/tooltip"; -import NotFound from "@/pages/NotFound"; -import { Route, Switch } from "wouter"; -import ErrorBoundary from "./components/ErrorBoundary"; -import { ThemeProvider } from "./contexts/ThemeContext"; -import Dashboard from "./pages/Dashboard"; - -function Router() { - return ( - - - - - - ); -} - -function App() { - return ( - - - - - - - - - ); -} - -export default App; diff --git a/dashboard-web/client/src/components/ChatPanel.tsx b/dashboard-web/client/src/components/ChatPanel.tsx deleted file mode 100644 index c68877a..0000000 --- a/dashboard-web/client/src/components/ChatPanel.tsx +++ /dev/null @@ -1,186 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Chat interface - * Terminal-style command input with >_ prompt cursor - * Messages displayed with typewriter aesthetic, typing indicator - */ - -import { useState, useRef, useEffect } from "react"; -import { Button } from "@/components/ui/button"; -import { Send } from "lucide-react"; -import { MOCK_CHAT, type ChatMessage } from "@/lib/data"; -import { motion } from "framer-motion"; -import { toast } from "sonner"; - -export default function ChatPanel() { - const [messages, setMessages] = useState(MOCK_CHAT); - const [input, setInput] = useState(""); - const [isTyping, setIsTyping] = useState(false); - const scrollRef = useRef(null); - const inputRef = useRef(null); - - useEffect(() => { - if (scrollRef.current) { - scrollRef.current.scrollTop = scrollRef.current.scrollHeight; - } - }, [messages, isTyping]); - - const handleSend = () => { - if (!input.trim()) return; - - // Handle slash commands - if (input.startsWith("/")) { - const cmd = input.slice(1).trim().split(" ")[0]; - toast(`Command recognized: /${cmd}`, { - description: "Slash commands will be processed when connected to the backend.", - }); - setInput(""); - return; - } - - const userMsg: ChatMessage = { - id: `c-${Date.now()}`, - role: "user", - content: input, - timestamp: new Date().toISOString(), - }; - - setMessages(prev => [...prev, userMsg]); - setInput(""); - setIsTyping(true); - - // Simulate response with typing delay - setTimeout(() => { - setIsTyping(false); - const assistantMsg: ChatMessage = { - id: `c-${Date.now() + 1}`, - role: "assistant", - content: "I hear you, boss. Running locally on Ollama — no cloud, no telemetry. Your sovereignty is intact.\n\nThis is a demo interface. Connect me to your local Ollama instance to get real responses.\n\nSats are sovereignty, boss.", - timestamp: new Date().toISOString(), - }; - setMessages(prev => [...prev, assistantMsg]); - }, 1200); - }; - - const handleKeyDown = (e: React.KeyboardEvent) => { - if (e.key === "Enter" && !e.shiftKey) { - e.preventDefault(); - handleSend(); - } - }; - - return ( -
- {/* Messages area */} -
- {messages.map((msg, i) => ( - -
- {/* Role label */} -
- {msg.role === 'assistant' ? '// TIMMY' : - msg.role === 'system' ? '// SYSTEM' : - '// YOU'} -
- - {/* Message bubble */} -
- {msg.content.split('\n').map((line, j) => ( -

0 ? 'mt-2' : ''}> - {line || '\u00A0'} -

- ))} -
- - {/* Timestamp */} -
- {new Date(msg.timestamp).toLocaleTimeString()} -
-
- - ))} - - {/* Typing indicator */} - {isTyping && ( - -
-
- // TIMMY -
-
-
- - - - thinking... -
-
-
- - )} -
- - {/* Input area */} -
-
inputRef.current?.focus()} - > - >_ - setInput(e.target.value)} - onKeyDown={handleKeyDown} - placeholder="Type a message or /command..." - className="flex-1 bg-transparent text-[13px] text-foreground placeholder:text-muted-foreground outline-none" - style={{ fontSize: '16px' }} - disabled={isTyping} - /> - -
-
- ENTER to send - | - /help for commands - | - Local LLM — no cloud -
-
-
- ); -} diff --git a/dashboard-web/client/src/components/ContextPanel.tsx b/dashboard-web/client/src/components/ContextPanel.tsx deleted file mode 100644 index 8ad079f..0000000 --- a/dashboard-web/client/src/components/ContextPanel.tsx +++ /dev/null @@ -1,265 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Right context panel - * Shows details for selected agent or task, voice NLU, or roadmap - */ - -import { Badge } from "@/components/ui/badge"; -import { Button } from "@/components/ui/button"; -import { Separator } from "@/components/ui/separator"; -import { - AGENT_CATALOG, MOCK_TASKS, VOICE_INTENTS, ROADMAP, - type Agent, type Task -} from "@/lib/data"; -import { motion } from "framer-motion"; -import { - User, Zap, Mic, Map, ChevronRight, - CheckCircle, Clock, AlertCircle, Loader2, Gavel -} from "lucide-react"; -import { toast } from "sonner"; - -const HERO_IMG = "https://private-us-east-1.manuscdn.com/sessionFile/hmEvCGQLHKyGnx6qwMSEHn/sandbox/qiXHjJUmj8lqJymwhLI5B2-img-1_1771695716000_na1fn_aGVyby1iYW5uZXI.png?x-oss-process=image/resize,w_1920,h_1920/format,webp/quality,q_80&Expires=1798761600&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9wcml2YXRlLXVzLWVhc3QtMS5tYW51c2Nkbi5jb20vc2Vzc2lvbkZpbGUvaG1FdkNHUUxIS3lHbng2cXdNU0VIbi9zYW5kYm94L3FpWEhqSlVtajhscUp5bXdoTEk1QjItaW1nLTFfMTc3MTY5NTcxNjAwMF9uYTFmbl9hR1Z5YnkxaVlXNXVaWEkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLHdfMTkyMCxoXzE5MjAvZm9ybWF0LHdlYnAvcXVhbGl0eSxxXzgwIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzk4NzYxNjAwfX19XX0_&Key-Pair-Id=K2HSFNDJXOU9YS&Signature=Yeq1vIhtaEw73bIbDJlFsrAQeoce-YaWvid7nAdYEKAA41Xxzh8iioV-HmHsbldg~z674zIlRc0KeBIdV2hH2O8yBRN6KjP-BMO9QHDbGeBbTw3Bd5uEbh7GmZUXb7klkd0yStYYQcIjwTPBcJ7dMkiQ4AV1k5u63gQDm1FS-hqRGqzcS97ZQc0eSd3Ij2CKLrF7OXc4Xu6wB8CxzLD87mTdnvOtLobjHgvFdl6KVkUTIHjh97fL8YRlN5My6N3BGW-E8l-ZNVnWT22qfiHcpVD4kk6S6yu~v7OpBY3-1if3am5B2prST3bHxGMKsQlTwttr~xEpX4ZYF1dAJy0n2Q__"; - -interface ContextPanelProps { - selectedAgent: string | null; - selectedTask: string | null; -} - -export default function ContextPanel({ selectedAgent, selectedTask }: ContextPanelProps) { - const agent = selectedAgent ? AGENT_CATALOG.find(a => a.id === selectedAgent) : null; - const task = selectedTask ? MOCK_TASKS.find(t => t.id === selectedTask) : null; - - return ( -
- {/* Agent detail */} - {agent && } - - {/* Task detail */} - {task && } - - {/* Voice NLU */} - - - {/* Roadmap */} - -
- ); -} - -function AgentDetail({ agent }: { agent: Agent }) { - return ( - -
- - // AGENT DETAIL -
-
-
- - {agent.name} - - {agent.status.toUpperCase()} - -
- -
{agent.role}
- -

- {agent.description} -

- - - -
-
- Rate - {agent.rateSats === 0 ? ( - FREE - ) : ( - - - {agent.rateSats} sats/task - - )} -
-
- Capabilities - {agent.capabilities.length} -
-
- -
- {agent.capabilities.map(cap => ( - - {cap} - - ))} -
- - {agent.status === 'active' && ( - - )} -
- - ); -} - -function TaskDetail({ task }: { task: Task }) { - return ( - -
- - // TASK DETAIL -
-
-
- {task.id} - -
- -

- {task.description} -

- - - -
-
- Assigned - - {task.assignedAgent || 'Unassigned'} - -
-
- Created - - {new Date(task.createdAt).toLocaleString()} - -
- {task.completedAt && ( -
- Completed - - {new Date(task.completedAt).toLocaleString()} - -
- )} -
- - {task.result && ( - <> - -
-
Result
-

- {task.result} -

-
- - )} -
- - ); -} - -function TaskStatusBadge({ status }: { status: Task["status"] }) { - const colors: Record = { - pending: "bg-muted text-muted-foreground", - bidding: "bg-warning-amber/20 text-warning-amber border-warning-amber/30", - assigned: "bg-cyber-cyan/20 text-cyber-cyan border-cyber-cyan/30", - running: "bg-btc-orange/20 text-btc-orange border-btc-orange/30", - completed: "bg-electric-green/20 text-electric-green border-electric-green/30", - failed: "bg-danger-red/20 text-danger-red border-danger-red/30", - }; - return ( - - {status} - - ); -} - -function VoiceNLUPanel() { - return ( -
-
- - // VOICE NLU -
-
-

- Supported voice intents — local regex-based NLU, no cloud. -

- {VOICE_INTENTS.map(intent => ( -
- - {intent.name} - -
- {intent.description} -
- "{intent.example}" -
-
-
- ))} -
-
- ); -} - -function RoadmapPanel() { - return ( -
-
- - // ROADMAP -
-
- {ROADMAP.map((item, i) => ( -
-
- - {i < ROADMAP.length - 1 && ( - - )} -
-
-
- {item.version} - {item.name} - {item.status === 'current' && ( - - CURRENT - - )} -
- {item.milestone} -
-
- ))} -
-
- ); -} diff --git a/dashboard-web/client/src/components/MarketplacePanel.tsx b/dashboard-web/client/src/components/MarketplacePanel.tsx deleted file mode 100644 index d6cabfd..0000000 --- a/dashboard-web/client/src/components/MarketplacePanel.tsx +++ /dev/null @@ -1,131 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Agent Marketplace - * Browse agents, see capabilities, hire with sats - * Lightning payment visualization as hero - */ - -import { ScrollArea } from "@/components/ui/scroll-area"; -import { Badge } from "@/components/ui/badge"; -import { Button } from "@/components/ui/button"; -import { AGENT_CATALOG, type Agent } from "@/lib/data"; -import { motion } from "framer-motion"; -import { Store, Zap, ChevronRight } from "lucide-react"; -import { toast } from "sonner"; - -const LIGHTNING_IMG = "https://private-us-east-1.manuscdn.com/sessionFile/hmEvCGQLHKyGnx6qwMSEHn/sandbox/qiXHjJUmj8lqJymwhLI5B2-img-3_1771695706000_na1fn_bGlnaHRuaW5nLXBheW1lbnQ.png?x-oss-process=image/resize,w_1920,h_1920/format,webp/quality,q_80&Expires=1798761600&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9wcml2YXRlLXVzLWVhc3QtMS5tYW51c2Nkbi5jb20vc2Vzc2lvbkZpbGUvaG1FdkNHUUxIS3lHbng2cXdNU0VIbi9zYW5kYm94L3FpWEhqSlVtajhscUp5bXdoTEk1QjItaW1nLTNfMTc3MTY5NTcwNjAwMF9uYTFmbl9iR2xuYUhSdWFXNW5MWEJoZVcxbGJuUS5wbmc~eC1vc3MtcHJvY2Vzcz1pbWFnZS9yZXNpemUsd18xOTIwLGhfMTkyMC9mb3JtYXQsd2VicC9xdWFsaXR5LHFfODAiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3OTg3NjE2MDB9fX1dfQ__&Key-Pair-Id=K2HSFNDJXOU9YS&Signature=gWuDcQJeJeaEupkqbE5tOSIOgB6A2LjDuU7w6nK8RzOSmeWWy~4AJVsm68hi--j22DFlv7hDWhZnoQ9WdyU0oCn3tIUFPaaamtcUY-9qBE3yw9VjAnBRJjG3ppnfVSFY-KaVvuX2hjkgzeknhsEmSuIo55yL6Y8c4CwsoVeLW7AloD9ou-2xBEKNObQqwRG~FP~cMMLOyNoPDzwclB8B~Imm3Qd~0-LAfKDp0nksbpBV87IN8YKsFxyAV5Bq~Mm-wqlGJZwBGzYfOPQQUNaTYZ2zzIidxTMNDLUE70fgc~oI2~0i2ebq-~8QFJwuLywTVycxV61BKssTsiOMBizE0g__"; - -interface MarketplacePanelProps { - onSelectAgent: (id: string) => void; -} - -export default function MarketplacePanel({ onSelectAgent }: MarketplacePanelProps) { - return ( - -
- {/* Hero banner */} -
- Lightning Network -
-
-
- // AGENT MARKETPLACE -
-

- Hire specialized agents with Lightning sats. Each agent bids on tasks - through the L402 auction system. No API keys — just sats. -

-
-
- - {/* Agent catalog */} -
- // AVAILABLE AGENTS -
-
- {AGENT_CATALOG.map((agent, i) => ( - -
-
-
- - {agent.name} -
- {agent.role} -
-
- {agent.rateSats === 0 ? ( - - FREE - - ) : ( -
- - {agent.rateSats} - sats/task -
- )} -
-
- -

- {agent.description} -

- -
- {agent.capabilities.map(cap => ( - - {cap} - - ))} -
- -
- - {agent.status.toUpperCase()} - - -
- - ))} -
-
- - ); -} diff --git a/dashboard-web/client/src/components/StatusSidebar.tsx b/dashboard-web/client/src/components/StatusSidebar.tsx deleted file mode 100644 index 3df2f4f..0000000 --- a/dashboard-web/client/src/components/StatusSidebar.tsx +++ /dev/null @@ -1,186 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Left sidebar with stacked status panels - * Each panel has a 2px Bitcoin orange top border and monospace headers - */ - -import { Activity, Bell, Zap, Users, ChevronRight } from "lucide-react"; -import { Badge } from "@/components/ui/badge"; -import { - AGENT_CATALOG, MOCK_HEALTH, MOCK_NOTIFICATIONS, -} from "@/lib/data"; - -interface StatusSidebarProps { - onSelectAgent: (id: string) => void; - selectedAgent: string | null; -} - -export default function StatusSidebar({ onSelectAgent, selectedAgent }: StatusSidebarProps) { - return ( -
- {/* System Health Panel */} -
-
- - // SYSTEM HEALTH -
-
- - - - - - - - - - - - - - - - - - - - - - - -
Ollama - - - - {MOCK_HEALTH.ollama.toUpperCase()} - - -
Model{MOCK_HEALTH.model}
Swarm - - - - {MOCK_HEALTH.swarmRegistry.toUpperCase()} - - -
Uptime{MOCK_HEALTH.uptime}
Tasks - {MOCK_HEALTH.completedTasks} - / - {MOCK_HEALTH.totalTasks} -
-
-
- - {/* Agents Panel */} -
-
- - // AGENTS -
-
- {AGENT_CATALOG.map((agent) => ( - - ))} -
-
- - {/* L402 Balance Panel */} -
-
- - // L402 TREASURY -
-
-
-
- ₿ {MOCK_HEALTH.l402Balance.toLocaleString()} -
-
satoshis available
-
- - - - - - - - - - - - - - - -
ProtocolL402 / Lightning
Macaroon - Valid -
NetworkTestnet
-
-
- - {/* Notifications Panel */} -
-
-
- - // NOTIFICATIONS -
- - {MOCK_NOTIFICATIONS.filter(n => !n.read).length} new - -
-
- {MOCK_NOTIFICATIONS.slice(0, 4).map((notif) => ( -
-
- {!notif.read && } - {notif.title} - - {getCategoryIcon(notif.category)} - -
-

{notif.message}

-
- ))} -
-
-
- ); -} - -function getCategoryIcon(category: string): string { - switch (category) { - case "swarm": return "⚡"; - case "task": return "📋"; - case "agent": return "🤖"; - case "system": return "⚙️"; - case "payment": return "₿"; - default: return "•"; - } -} diff --git a/dashboard-web/client/src/components/SwarmPanel.tsx b/dashboard-web/client/src/components/SwarmPanel.tsx deleted file mode 100644 index 68da112..0000000 --- a/dashboard-web/client/src/components/SwarmPanel.tsx +++ /dev/null @@ -1,152 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Swarm management panel - * Shows agent constellation visualization and live event feed - */ - -import { ScrollArea } from "@/components/ui/scroll-area"; -import { Badge } from "@/components/ui/badge"; -import { AGENT_CATALOG, MOCK_WS_EVENTS, type Agent } from "@/lib/data"; -import { motion } from "framer-motion"; -import { Network, Radio, Zap } from "lucide-react"; - -const SWARM_IMG = "https://private-us-east-1.manuscdn.com/sessionFile/hmEvCGQLHKyGnx6qwMSEHn/sandbox/qiXHjJUmj8lqJymwhLI5B2-img-2_1771695716000_na1fn_c3dhcm0tbmV0d29yaw.png?x-oss-process=image/resize,w_1920,h_1920/format,webp/quality,q_80&Expires=1798761600&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9wcml2YXRlLXVzLWVhc3QtMS5tYW51c2Nkbi5jb20vc2Vzc2lvbkZpbGUvaG1FdkNHUUxIS3lHbng2cXdNU0VIbi9zYW5kYm94L3FpWEhqSlVtajhscUp5bXdoTEk1QjItaW1nLTJfMTc3MTY5NTcxNjAwMF9uYTFmbl9jM2RoY20wdGJtVjBkMjl5YXcucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLHdfMTkyMCxoXzE5MjAvZm9ybWF0LHdlYnAvcXVhbGl0eSxxXzgwIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNzk4NzYxNjAwfX19XX0_&Key-Pair-Id=K2HSFNDJXOU9YS&Signature=rJ6lQ-h3pSQDDcUkGSTmXY2409jDYW2LdC9FU2ifVTnfppMXRrupq2SRC4e5P~Q5zx2r1ckGCWAi954bOr62u43lAXcxXn-FbW7PPVhoh3hx2LqGQrPLbSNbMw0-2AYO~4iKbUa~7igW2XdxeErPWs-fNzAfukvyh84cIAroFaLTdRT3IZR0amkWG8KSg5WWvv80lv0fO-zthT6kZDfPrSAHg0Opvtzy00ll~0lPq8V69DK3BP51GxIBiUPShjD1WgSrJsLbB7TLpug5PgTeeBRx80W0I6HIVxmRWQBOdmM~ziHQyNs8EhtCD7lYks8izHxCquCsFTuflp9IdrCIAQ__"; - -interface SwarmPanelProps { - onSelectAgent: (id: string) => void; -} - -export default function SwarmPanel({ onSelectAgent }: SwarmPanelProps) { - const activeAgents = AGENT_CATALOG.filter(a => a.status === "active"); - const plannedAgents = AGENT_CATALOG.filter(a => a.status === "planned"); - - return ( -
- {/* Swarm visualization */} -
- {/* Network image */} -
- Swarm Network Topology -
-
-
- // SWARM TOPOLOGY -
-
- - - {activeAgents.length} active - - - - {plannedAgents.length} planned - - - - {AGENT_CATALOG.length} total - -
-
-
- - {/* Agent grid */} - -
-
- // REGISTERED AGENTS -
-
- {AGENT_CATALOG.map((agent, i) => ( - onSelectAgent(agent.id)} - className="panel text-left p-3 hover:bg-panel-hover transition-colors" - > -
- - {agent.name} - - {agent.status} - -
-
{agent.role}
-
- {agent.capabilities.map(cap => ( - - {cap} - - ))} -
- - ))} -
-
- -
- - {/* Live event feed */} -
-
- - // LIVE FEED - - - LIVE - -
- -
- {[...MOCK_WS_EVENTS].reverse().map((evt, i) => ( - -
- - {evt.event.replace(/_/g, ' ')} - - - {new Date(evt.timestamp).toLocaleTimeString()} - -
-
- {formatEventData(evt)} -
- - ))} -
- -
-
- ); -} - -function getEventColor(event: string): string { - if (event.includes('completed')) return 'text-electric-green'; - if (event.includes('assigned')) return 'text-btc-orange'; - if (event.includes('bid')) return 'text-warning-amber'; - if (event.includes('joined')) return 'text-cyber-cyan'; - if (event.includes('posted')) return 'text-foreground'; - return 'text-muted-foreground'; -} - -function formatEventData(evt: { event: string; data: Record }): string { - const d = evt.data; - if (evt.event === 'agent_joined') return `${d.name} joined the swarm`; - if (evt.event === 'task_posted') return `"${d.description}"`; - if (evt.event === 'task_assigned') return `→ ${d.agent_id}`; - if (evt.event === 'task_completed') return `✓ ${d.agent_id}: ${d.result}`; - if (evt.event === 'bid_submitted') return `${d.agent_id} bid ${d.bid_sats} sats`; - return JSON.stringify(d); -} diff --git a/dashboard-web/client/src/components/TasksPanel.tsx b/dashboard-web/client/src/components/TasksPanel.tsx deleted file mode 100644 index 0e00f2d..0000000 --- a/dashboard-web/client/src/components/TasksPanel.tsx +++ /dev/null @@ -1,151 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Task management panel - * Task list with status badges, filtering, and auction indicators - */ - -import { useState } from "react"; -import { ScrollArea } from "@/components/ui/scroll-area"; -import { Badge } from "@/components/ui/badge"; -import { Button } from "@/components/ui/button"; -import { MOCK_TASKS, type Task } from "@/lib/data"; -import { motion } from "framer-motion"; -import { ListTodo, Plus, Filter, Clock, CheckCircle, AlertCircle, Loader2, Gavel } from "lucide-react"; -import { toast } from "sonner"; - -interface TasksPanelProps { - onSelectTask: (id: string) => void; -} - -type StatusFilter = "all" | Task["status"]; - -export default function TasksPanel({ onSelectTask }: TasksPanelProps) { - const [filter, setFilter] = useState("all"); - const [tasks] = useState(MOCK_TASKS); - - const filtered = filter === "all" ? tasks : tasks.filter(t => t.status === filter); - - const statusCounts = { - all: tasks.length, - pending: tasks.filter(t => t.status === "pending").length, - bidding: tasks.filter(t => t.status === "bidding").length, - assigned: tasks.filter(t => t.status === "assigned").length, - running: tasks.filter(t => t.status === "running").length, - completed: tasks.filter(t => t.status === "completed").length, - failed: tasks.filter(t => t.status === "failed").length, - }; - - return ( -
- {/* Header with filters */} -
-
-
- - // TASK QUEUE -
- -
- - {/* Filter pills */} -
- {(["all", "pending", "bidding", "running", "completed"] as StatusFilter[]).map(s => ( - - ))} -
-
- - {/* Task list */} - -
- {filtered.map((task, i) => ( - onSelectTask(task.id)} - className="panel w-full text-left p-3 hover:bg-panel-hover transition-colors" - > -
- -
-
- {task.id} - -
-

- {task.description} -

-
- {task.assignedAgent && ( - - → {task.assignedAgent} - - )} - - - {new Date(task.createdAt).toLocaleTimeString()} - -
-
-
- - ))} - - {filtered.length === 0 && ( -
- No tasks matching filter "{filter}" -
- )} -
- -
- ); -} - -function StatusIcon({ status }: { status: Task["status"] }) { - const cls = "w-4 h-4 mt-0.5 flex-shrink-0"; - switch (status) { - case "pending": return ; - case "bidding": return ; - case "assigned": return ; - case "running": return ; - case "completed": return ; - case "failed": return ; - } -} - -function StatusBadge({ status }: { status: Task["status"] }) { - const colors: Record = { - pending: "bg-muted text-muted-foreground", - bidding: "bg-warning-amber/20 text-warning-amber border-warning-amber/30", - assigned: "bg-cyber-cyan/20 text-cyber-cyan border-cyber-cyan/30", - running: "bg-btc-orange/20 text-btc-orange border-btc-orange/30", - completed: "bg-electric-green/20 text-electric-green border-electric-green/30", - failed: "bg-danger-red/20 text-danger-red border-danger-red/30", - }; - - return ( - - {status} - - ); -} diff --git a/dashboard-web/client/src/components/TopBar.tsx b/dashboard-web/client/src/components/TopBar.tsx deleted file mode 100644 index a3ecc02..0000000 --- a/dashboard-web/client/src/components/TopBar.tsx +++ /dev/null @@ -1,83 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Top navigation bar - * Bitcoin orange accent line at top, system title, notification bell - */ - -import { Bell, Menu, Terminal, Zap } from "lucide-react"; -import { Badge } from "@/components/ui/badge"; -import { Button } from "@/components/ui/button"; -import { MOCK_HEALTH } from "@/lib/data"; - -interface TopBarProps { - unreadCount: number; - onToggleSidebar: () => void; -} - -export default function TopBar({ unreadCount, onToggleSidebar }: TopBarProps) { - return ( -
- {/* Mobile menu button */} - - - {/* Logo / Title */} -
- - - TIMMY TIME - - - MISSION CONTROL - -
- - {/* Spacer */} -
- - {/* Status indicators */} -
-
- - OLLAMA -
-
- - SWARM -
-
- - - {MOCK_HEALTH.l402Balance.toLocaleString()} sats - -
-
- - {/* Notifications */} - - - {/* Version */} - - v2.0.0 - -
- ); -} diff --git a/dashboard-web/client/src/index.css b/dashboard-web/client/src/index.css deleted file mode 100644 index 27a8b33..0000000 --- a/dashboard-web/client/src/index.css +++ /dev/null @@ -1,304 +0,0 @@ -@import "tailwindcss"; -@import "tw-animate-css"; - -@custom-variant dark (&:is(.dark *)); - -/* - * DESIGN: "Sovereign Terminal" — Hacker Aesthetic with Bitcoin Soul - * Base: True black (#000000) with blue tint on panels (#080c12) - * Primary: Bitcoin orange (#f7931a) - * Active/Health: Electric green (#39ff14) - * Text: White (#e8e8e8) > Steel gray (#6b7280) > Dark gray (#374151) - * Font: JetBrains Mono throughout - */ - -@theme inline { - --font-sans: 'JetBrains Mono', monospace; - --font-mono: 'Fira Code', 'JetBrains Mono', monospace; - --radius-sm: calc(var(--radius) - 4px); - --radius-md: calc(var(--radius) - 2px); - --radius-lg: var(--radius); - --radius-xl: calc(var(--radius) + 4px); - --color-background: var(--background); - --color-foreground: var(--foreground); - --color-card: var(--card); - --color-card-foreground: var(--card-foreground); - --color-popover: var(--popover); - --color-popover-foreground: var(--popover-foreground); - --color-primary: var(--primary); - --color-primary-foreground: var(--primary-foreground); - --color-secondary: var(--secondary); - --color-secondary-foreground: var(--secondary-foreground); - --color-muted: var(--muted); - --color-muted-foreground: var(--muted-foreground); - --color-accent: var(--accent); - --color-accent-foreground: var(--accent-foreground); - --color-destructive: var(--destructive); - --color-destructive-foreground: var(--destructive-foreground); - --color-border: var(--border); - --color-input: var(--input); - --color-ring: var(--ring); - --color-chart-1: var(--chart-1); - --color-chart-2: var(--chart-2); - --color-chart-3: var(--chart-3); - --color-chart-4: var(--chart-4); - --color-chart-5: var(--chart-5); - --color-sidebar: var(--sidebar); - --color-sidebar-foreground: var(--sidebar-foreground); - --color-sidebar-primary: var(--sidebar-primary); - --color-sidebar-primary-foreground: var(--sidebar-primary-foreground); - --color-sidebar-accent: var(--sidebar-accent); - --color-sidebar-accent-foreground: var(--sidebar-accent-foreground); - --color-sidebar-border: var(--sidebar-border); - --color-sidebar-ring: var(--sidebar-ring); - /* Custom sovereign colors */ - --color-btc-orange: oklch(0.75 0.18 55); - --color-btc-orange-dim: oklch(0.55 0.14 55); - --color-electric-green: oklch(0.85 0.3 145); - --color-electric-green-dim: oklch(0.55 0.2 145); - --color-cyber-cyan: oklch(0.8 0.15 200); - --color-warning-amber: oklch(0.8 0.18 80); - --color-danger-red: oklch(0.65 0.25 25); - --color-panel: oklch(0.12 0.01 260); - --color-panel-hover: oklch(0.16 0.01 260); -} - -:root { - --radius: 0.25rem; - --background: oklch(0.05 0.005 260); - --foreground: oklch(0.9 0.005 90); - --card: oklch(0.1 0.008 260); - --card-foreground: oklch(0.9 0.005 90); - --popover: oklch(0.12 0.01 260); - --popover-foreground: oklch(0.9 0.005 90); - --primary: oklch(0.75 0.18 55); - --primary-foreground: oklch(0.1 0.005 55); - --secondary: oklch(0.15 0.008 260); - --secondary-foreground: oklch(0.7 0.01 90); - --muted: oklch(0.18 0.008 260); - --muted-foreground: oklch(0.55 0.01 260); - --accent: oklch(0.15 0.01 260); - --accent-foreground: oklch(0.9 0.005 90); - --destructive: oklch(0.55 0.22 25); - --destructive-foreground: oklch(0.95 0 0); - --border: oklch(0.22 0.01 260); - --input: oklch(0.18 0.01 260); - --ring: oklch(0.75 0.18 55); - --chart-1: oklch(0.75 0.18 55); - --chart-2: oklch(0.85 0.3 145); - --chart-3: oklch(0.8 0.15 200); - --chart-4: oklch(0.8 0.18 80); - --chart-5: oklch(0.65 0.25 25); - --sidebar: oklch(0.08 0.008 260); - --sidebar-foreground: oklch(0.85 0.005 90); - --sidebar-primary: oklch(0.75 0.18 55); - --sidebar-primary-foreground: oklch(0.1 0.005 55); - --sidebar-accent: oklch(0.14 0.01 260); - --sidebar-accent-foreground: oklch(0.9 0.005 90); - --sidebar-border: oklch(0.2 0.01 260); - --sidebar-ring: oklch(0.75 0.18 55); -} - -/* Dark is the only theme — no light mode */ -.dark { - --background: oklch(0.05 0.005 260); - --foreground: oklch(0.9 0.005 90); - --card: oklch(0.1 0.008 260); - --card-foreground: oklch(0.9 0.005 90); - --popover: oklch(0.12 0.01 260); - --popover-foreground: oklch(0.9 0.005 90); - --primary: oklch(0.75 0.18 55); - --primary-foreground: oklch(0.1 0.005 55); - --secondary: oklch(0.15 0.008 260); - --secondary-foreground: oklch(0.7 0.01 90); - --muted: oklch(0.18 0.008 260); - --muted-foreground: oklch(0.55 0.01 260); - --accent: oklch(0.15 0.01 260); - --accent-foreground: oklch(0.9 0.005 90); - --destructive: oklch(0.55 0.22 25); - --destructive-foreground: oklch(0.95 0 0); - --border: oklch(0.22 0.01 260); - --input: oklch(0.18 0.01 260); - --ring: oklch(0.75 0.18 55); - --chart-1: oklch(0.75 0.18 55); - --chart-2: oklch(0.85 0.3 145); - --chart-3: oklch(0.8 0.15 200); - --chart-4: oklch(0.8 0.18 80); - --chart-5: oklch(0.65 0.25 25); - --sidebar: oklch(0.08 0.008 260); - --sidebar-foreground: oklch(0.85 0.005 90); - --sidebar-primary: oklch(0.75 0.18 55); - --sidebar-primary-foreground: oklch(0.1 0.005 55); - --sidebar-accent: oklch(0.14 0.01 260); - --sidebar-accent-foreground: oklch(0.9 0.005 90); - --sidebar-border: oklch(0.2 0.01 260); - --sidebar-ring: oklch(0.75 0.18 55); -} - -@layer base { - * { - @apply border-border outline-ring/50; - } - body { - @apply bg-background text-foreground; - font-family: 'JetBrains Mono', monospace; - -webkit-font-smoothing: antialiased; - -moz-osx-font-smoothing: grayscale; - } - button:not(:disabled), - [role="button"]:not([aria-disabled="true"]), - [type="button"]:not(:disabled), - [type="submit"]:not(:disabled), - [type="reset"]:not(:disabled), - a[href], - select:not(:disabled), - input[type="checkbox"]:not(:disabled), - input[type="radio"]:not(:disabled) { - @apply cursor-pointer; - } -} - -@layer components { - .container { - width: 100%; - margin-left: auto; - margin-right: auto; - padding-left: 1rem; - padding-right: 1rem; - } - - .flex { - min-height: 0; - min-width: 0; - } - - @media (min-width: 640px) { - .container { - padding-left: 1.5rem; - padding-right: 1.5rem; - } - } - - @media (min-width: 1024px) { - .container { - padding-left: 2rem; - padding-right: 2rem; - max-width: 1600px; - } - } - - /* Sovereign Terminal custom components */ - .panel { - @apply bg-card border border-border; - border-top: 2px solid var(--color-btc-orange); - } - - .panel-header { - @apply text-[11px] uppercase tracking-[0.15em] text-muted-foreground px-4 py-2 border-b border-border; - font-family: 'JetBrains Mono', monospace; - } - - .status-dot { - @apply inline-block w-2 h-2 rounded-full; - } - - .status-dot-active { - @apply bg-electric-green; - box-shadow: 0 0 6px var(--color-electric-green); - animation: pulse-glow 2s ease-in-out infinite; - } - - .status-dot-warning { - @apply bg-warning-amber; - box-shadow: 0 0 6px var(--color-warning-amber); - } - - .status-dot-danger { - @apply bg-danger-red; - box-shadow: 0 0 6px var(--color-danger-red); - } - - .status-dot-planned { - @apply bg-muted-foreground; - } - - .terminal-prompt { - @apply text-btc-orange font-semibold; - } - - .sat-amount { - @apply text-btc-orange font-mono font-medium; - } - - /* Scanline overlay */ - .scanline-overlay { - pointer-events: none; - position: fixed; - inset: 0; - z-index: 9999; - background: repeating-linear-gradient( - 0deg, - transparent, - transparent 2px, - rgba(0, 0, 0, 0.03) 2px, - rgba(0, 0, 0, 0.03) 4px - ); - opacity: 0.4; - } -} - -@keyframes pulse-glow { - 0%, 100% { opacity: 1; } - 50% { opacity: 0.6; } -} - -@keyframes typewriter-cursor { - 0%, 100% { opacity: 1; } - 50% { opacity: 0; } -} - -@keyframes scan-line { - 0% { transform: translateY(-100%); } - 100% { transform: translateY(100vh); } -} - -@keyframes fade-in-up { - from { - opacity: 0; - transform: translateY(8px); - } - to { - opacity: 1; - transform: translateY(0); - } -} - -@keyframes slide-in-right { - from { - opacity: 0; - transform: translateX(16px); - } - to { - opacity: 1; - transform: translateX(0); - } -} - -/* Custom scrollbar */ -::-webkit-scrollbar { - width: 6px; - height: 6px; -} - -::-webkit-scrollbar-track { - background: transparent; -} - -::-webkit-scrollbar-thumb { - background: oklch(0.3 0.01 260); - border-radius: 3px; -} - -::-webkit-scrollbar-thumb:hover { - background: oklch(0.4 0.01 260); -} diff --git a/dashboard-web/client/src/lib/data.ts b/dashboard-web/client/src/lib/data.ts deleted file mode 100644 index 4bcbc0d..0000000 --- a/dashboard-web/client/src/lib/data.ts +++ /dev/null @@ -1,280 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Hacker Aesthetic with Bitcoin Soul - * Static data for the dashboard — mirrors the Python backend models - */ - -export interface Agent { - id: string; - name: string; - role: string; - description: string; - capabilities: string[]; - rateSats: number; - status: "active" | "planned" | "offline"; -} - -export interface Task { - id: string; - description: string; - status: "pending" | "bidding" | "assigned" | "running" | "completed" | "failed"; - assignedAgent: string | null; - result: string | null; - createdAt: string; - completedAt: string | null; -} - -export interface Notification { - id: number; - title: string; - message: string; - category: "swarm" | "task" | "agent" | "system" | "payment"; - timestamp: string; - read: boolean; -} - -export interface ChatMessage { - id: string; - role: "user" | "assistant" | "system"; - content: string; - timestamp: string; -} - -export interface WSEvent { - event: string; - data: Record; - timestamp: string; -} - -// ── Agent Catalog ───────────────────────────────────────────────────────── -export const AGENT_CATALOG: Agent[] = [ - { - id: "timmy", - name: "Timmy", - role: "Sovereign Commander", - description: "Primary AI companion. Coordinates the swarm, manages tasks, and maintains sovereignty.", - capabilities: ["chat", "reasoning", "coordination"], - rateSats: 0, - status: "active", - }, - { - id: "echo", - name: "Echo", - role: "Research Analyst", - description: "Deep research and information synthesis. Reads, summarizes, and cross-references sources.", - capabilities: ["research", "summarization", "fact-checking"], - rateSats: 50, - status: "planned", - }, - { - id: "mace", - name: "Mace", - role: "Security Sentinel", - description: "Network security, threat assessment, and system hardening recommendations.", - capabilities: ["security", "monitoring", "threat-analysis"], - rateSats: 75, - status: "planned", - }, - { - id: "helm", - name: "Helm", - role: "System Navigator", - description: "Infrastructure management, deployment automation, and system configuration.", - capabilities: ["devops", "automation", "configuration"], - rateSats: 60, - status: "planned", - }, - { - id: "seer", - name: "Seer", - role: "Data Oracle", - description: "Data analysis, pattern recognition, and predictive insights from local datasets.", - capabilities: ["analytics", "visualization", "prediction"], - rateSats: 65, - status: "planned", - }, - { - id: "forge", - name: "Forge", - role: "Code Smith", - description: "Code generation, refactoring, debugging, and test writing.", - capabilities: ["coding", "debugging", "testing"], - rateSats: 55, - status: "planned", - }, - { - id: "quill", - name: "Quill", - role: "Content Scribe", - description: "Long-form writing, editing, documentation, and content creation.", - capabilities: ["writing", "editing", "documentation"], - rateSats: 45, - status: "planned", - }, -]; - -// ── Mock Tasks ──────────────────────────────────────────────────────────── -export const MOCK_TASKS: Task[] = [ - { - id: "t-001", - description: "Analyze Bitcoin whitepaper and summarize key innovations", - status: "completed", - assignedAgent: "timmy", - result: "Summary generated: 3 key innovations identified — decentralized consensus, proof-of-work, and UTXO model.", - createdAt: "2026-02-21T10:00:00Z", - completedAt: "2026-02-21T10:02:30Z", - }, - { - id: "t-002", - description: "Scan local network for open ports and vulnerabilities", - status: "bidding", - assignedAgent: null, - result: null, - createdAt: "2026-02-21T14:30:00Z", - completedAt: null, - }, - { - id: "t-003", - description: "Generate unit tests for the L402 proxy module", - status: "running", - assignedAgent: "forge", - result: null, - createdAt: "2026-02-21T15:00:00Z", - completedAt: null, - }, - { - id: "t-004", - description: "Write documentation for the swarm coordinator API", - status: "pending", - assignedAgent: null, - result: null, - createdAt: "2026-02-21T16:00:00Z", - completedAt: null, - }, - { - id: "t-005", - description: "Research self-custody best practices for 2026", - status: "assigned", - assignedAgent: "echo", - result: null, - createdAt: "2026-02-21T16:30:00Z", - completedAt: null, - }, -]; - -// ── Mock Notifications ──────────────────────────────────────────────────── -export const MOCK_NOTIFICATIONS: Notification[] = [ - { - id: 1, - title: "Swarm Online", - message: "Timmy coordinator initialized. Swarm registry active.", - category: "system", - timestamp: "2026-02-21T10:00:00Z", - read: true, - }, - { - id: 2, - title: "Task Completed", - message: "Bitcoin whitepaper analysis finished in 2m 30s.", - category: "task", - timestamp: "2026-02-21T10:02:30Z", - read: true, - }, - { - id: 3, - title: "Auction Started", - message: "Network scan task open for bidding. 15s auction window.", - category: "swarm", - timestamp: "2026-02-21T14:30:00Z", - read: false, - }, - { - id: 4, - title: "Agent Assigned", - message: "Forge won the bid for test generation at 55 sats.", - category: "agent", - timestamp: "2026-02-21T15:00:05Z", - read: false, - }, - { - id: 5, - title: "L402 Payment", - message: "Invoice settled: 75 sats for Mace security scan.", - category: "payment", - timestamp: "2026-02-21T15:30:00Z", - read: false, - }, -]; - -// ── Mock WebSocket Events ───────────────────────────────────────────────── -export const MOCK_WS_EVENTS: WSEvent[] = [ - { event: "agent_joined", data: { agent_id: "timmy", name: "Timmy" }, timestamp: "2026-02-21T10:00:00Z" }, - { event: "task_posted", data: { task_id: "t-001", description: "Analyze Bitcoin whitepaper" }, timestamp: "2026-02-21T10:00:05Z" }, - { event: "task_assigned", data: { task_id: "t-001", agent_id: "timmy" }, timestamp: "2026-02-21T10:00:10Z" }, - { event: "task_completed", data: { task_id: "t-001", agent_id: "timmy", result: "Analysis complete" }, timestamp: "2026-02-21T10:02:30Z" }, - { event: "task_posted", data: { task_id: "t-002", description: "Scan local network" }, timestamp: "2026-02-21T14:30:00Z" }, - { event: "bid_submitted", data: { task_id: "t-002", agent_id: "mace", bid_sats: 75 }, timestamp: "2026-02-21T14:30:05Z" }, - { event: "task_posted", data: { task_id: "t-003", description: "Generate unit tests" }, timestamp: "2026-02-21T15:00:00Z" }, - { event: "task_assigned", data: { task_id: "t-003", agent_id: "forge" }, timestamp: "2026-02-21T15:00:05Z" }, -]; - -// ── Mock Chat History ───────────────────────────────────────────────────── -export const MOCK_CHAT: ChatMessage[] = [ - { - id: "c-001", - role: "system", - content: "// TIMMY v1.0.0 — Sovereign Commander online\n// Ollama backend: llama3.2\n// All systems nominal. No cloud. No telemetry.", - timestamp: "2026-02-21T10:00:00Z", - }, - { - id: "c-002", - role: "user", - content: "What is sovereignty in the context of Bitcoin?", - timestamp: "2026-02-21T10:01:00Z", - }, - { - id: "c-003", - role: "assistant", - content: "Sovereignty in Bitcoin means self-custody — you hold your own keys, you validate your own transactions, you run your own node. No intermediary can freeze your funds, censor your payments, or inflate away your savings.\n\nThe same principle applies here: Timmy runs locally on your hardware, uses Ollama for inference, and stores everything in SQLite. No cloud dependency. No API keys to revoke. Your AI, your rules.\n\nSats are sovereignty, boss.", - timestamp: "2026-02-21T10:01:15Z", - }, -]; - -// ── System Health ───────────────────────────────────────────────────────── -export interface SystemHealth { - ollama: "up" | "down" | "unknown"; - model: string; - swarmRegistry: "active" | "inactive"; - activeAgents: number; - totalTasks: number; - completedTasks: number; - uptime: string; - l402Balance: number; -} - -export const MOCK_HEALTH: SystemHealth = { - ollama: "up", - model: "llama3.2", - swarmRegistry: "active", - activeAgents: 1, - totalTasks: 5, - completedTasks: 1, - uptime: "4h 21m", - l402Balance: 12_450, -}; - -// ── Voice NLU Intents ───────────────────────────────────────────────────── -export const VOICE_INTENTS = [ - { name: "chat", description: "General conversation", example: "Tell me about self-custody" }, - { name: "status", description: "System status query", example: "How are you?" }, - { name: "swarm", description: "Swarm management", example: "Spawn agent Echo" }, - { name: "task", description: "Task management", example: "Create task: scan network" }, - { name: "help", description: "List commands", example: "What can you do?" }, - { name: "voice", description: "Voice settings", example: "Speak slower" }, -]; - -// ── Roadmap ─────────────────────────────────────────────────────────────── -export const ROADMAP = [ - { version: "1.0.0", name: "Genesis", milestone: "Agno + Ollama + SQLite + Dashboard", status: "complete" as const }, - { version: "2.0.0", name: "Exodus", milestone: "MCP tools + multi-agent swarm", status: "current" as const }, - { version: "3.0.0", name: "Revelation", milestone: "Bitcoin Lightning treasury + single .app", status: "planned" as const }, -]; diff --git a/dashboard-web/client/src/main.tsx b/dashboard-web/client/src/main.tsx deleted file mode 100644 index 696e0d2..0000000 --- a/dashboard-web/client/src/main.tsx +++ /dev/null @@ -1,5 +0,0 @@ -import { createRoot } from "react-dom/client"; -import App from "./App"; -import "./index.css"; - -createRoot(document.getElementById("root")!).render(); diff --git a/dashboard-web/client/src/pages/Dashboard.tsx b/dashboard-web/client/src/pages/Dashboard.tsx deleted file mode 100644 index 506b44d..0000000 --- a/dashboard-web/client/src/pages/Dashboard.tsx +++ /dev/null @@ -1,181 +0,0 @@ -/* - * DESIGN: "Sovereign Terminal" — Hacker Aesthetic with Bitcoin Soul - * Three-column asymmetric layout: - * Left (narrow): Status cards — agents, health, notifications, L402 - * Center (wide): Active workspace — Chat, Swarm, Tasks, Marketplace tabs - * Right (medium): Context panel — details, auctions, invoices - */ - -import { useState } from "react"; -import { Tabs, TabsList, TabsTrigger, TabsContent } from "@/components/ui/tabs"; -import { ScrollArea } from "@/components/ui/scroll-area"; -import { Badge } from "@/components/ui/badge"; -import { motion, AnimatePresence } from "framer-motion"; -import { - Terminal, Cpu, Zap, Bell, Shield, - MessageSquare, Network, ListTodo, Store, - ChevronRight, Activity, Volume2 -} from "lucide-react"; - -import StatusSidebar from "@/components/StatusSidebar"; -import ChatPanel from "@/components/ChatPanel"; -import SwarmPanel from "@/components/SwarmPanel"; -import TasksPanel from "@/components/TasksPanel"; -import MarketplacePanel from "@/components/MarketplacePanel"; -import ContextPanel from "@/components/ContextPanel"; -import TopBar from "@/components/TopBar"; -import { MOCK_NOTIFICATIONS } from "@/lib/data"; - -type TabValue = "chat" | "swarm" | "tasks" | "marketplace"; - -export default function Dashboard() { - const [activeTab, setActiveTab] = useState("chat"); - const [selectedAgent, setSelectedAgent] = useState("timmy"); - const [selectedTask, setSelectedTask] = useState(null); - const [showMobileSidebar, setShowMobileSidebar] = useState(false); - const unreadCount = MOCK_NOTIFICATIONS.filter(n => !n.read).length; - - return ( -
- {/* Scanline overlay */} -
- - {/* Top bar */} - setShowMobileSidebar(!showMobileSidebar)} - /> - - {/* Main content */} -
- {/* Left sidebar — status panels */} - - - {/* Mobile sidebar overlay */} - - {showMobileSidebar && ( - <> - setShowMobileSidebar(false)} - /> - -
- { - setSelectedAgent(id); - setSelectedTask(null); - setShowMobileSidebar(false); - }} - selectedAgent={selectedAgent} - /> -
- - - )} - - - {/* Center workspace */} -
- setActiveTab(v as TabValue)} - className="flex-1 flex flex-col overflow-hidden" - > -
- - - - Chat - - - - Swarm - - - - Tasks - - - - Marketplace - - -
- -
- - - - - { - setSelectedAgent(id); - setSelectedTask(null); - }} - /> - - - { - setSelectedTask(id); - setSelectedAgent(null); - }} - /> - - - { - setSelectedAgent(id); - setSelectedTask(null); - }} - /> - -
- -
- - {/* Right context panel */} - -
-
- ); -} diff --git a/dashboard-web/client/src/pages/Home.tsx b/dashboard-web/client/src/pages/Home.tsx deleted file mode 100644 index 90e2319..0000000 --- a/dashboard-web/client/src/pages/Home.tsx +++ /dev/null @@ -1,5 +0,0 @@ -import { Redirect } from "wouter"; - -export default function Home() { - return ; -} diff --git a/dashboard-web/client/src/pages/NotFound.tsx b/dashboard-web/client/src/pages/NotFound.tsx deleted file mode 100644 index 2367d2e..0000000 --- a/dashboard-web/client/src/pages/NotFound.tsx +++ /dev/null @@ -1,32 +0,0 @@ -import { Button } from "@/components/ui/button"; -import { Terminal } from "lucide-react"; -import { useLocation } from "wouter"; - -export default function NotFound() { - const [, setLocation] = useLocation(); - - return ( -
-
- -
- // ERROR 404 -
-

- Route not found -

-

- The requested path does not exist in Mission Control. - Check the URL or return to the dashboard. -

- -
-
- ); -} diff --git a/src/dashboard/templates/mobile.html b/src/dashboard/templates/mobile.html index b2e724c..4ab71ae 100644 --- a/src/dashboard/templates/mobile.html +++ b/src/dashboard/templates/mobile.html @@ -159,13 +159,17 @@ async function sendMobileMessage(event) { const chat = document.getElementById('mobile-chat'); - // Add user message - chat.innerHTML += ` -
-
You
-
${message}
-
- `; + // Add user message — use DOM methods to avoid XSS + const userDiv = document.createElement('div'); + userDiv.className = 'chat-message user'; + const userMeta = document.createElement('div'); + userMeta.className = 'chat-meta'; + userMeta.textContent = 'You'; + const userText = document.createElement('div'); + userText.textContent = message; // textContent escapes HTML + userDiv.appendChild(userMeta); + userDiv.appendChild(userText); + chat.appendChild(userDiv); chat.scrollTop = chat.scrollHeight; input.value = ''; diff --git a/src/dashboard/templates/swarm_live.html b/src/dashboard/templates/swarm_live.html index 10cea80..23ec422 100644 --- a/src/dashboard/templates/swarm_live.html +++ b/src/dashboard/templates/swarm_live.html @@ -104,50 +104,69 @@ function handleMessage(message) { } } +// Safe text setter — avoids XSS when inserting user/server data into DOM +function _t(el, text) { el.textContent = text; return el; } +function _el(tag, cls) { const e = document.createElement(tag); if (cls) e.className = cls; return e; } + function updateAgentsList(agents) { const container = document.getElementById('agents-list'); - + container.innerHTML = ''; + if (!agents || agents.length === 0) { - container.innerHTML = '

No agents registered

'; + const p = _el('p'); p.style.color = 'var(--text-muted)'; + _t(p, 'No agents registered'); + container.appendChild(p); return; } - - container.innerHTML = agents.map(agent => ` -
-
${agent.name.charAt(0).toUpperCase()}
-
-
${agent.name}
-
${agent.description || 'No description'}
-
- ${agent.status} - ${agent.min_bid} sats min bid - | ${agent.tasks_completed} tasks - | ${agent.total_earned} sats earned -
-
-
- `).join(''); + + agents.forEach(agent => { + const card = _el('div', 'agent-card'); + const avatar = _el('div', 'agent-avatar'); + _t(avatar, (agent.name || '?').charAt(0).toUpperCase()); + const info = _el('div', 'agent-info'); + const name = _el('div', 'agent-name'); + _t(name, agent.name || ''); + const desc = _el('div', 'agent-meta'); + _t(desc, agent.description || 'No description'); + const meta = _el('div', 'agent-meta'); + const badge = _el('span', `badge badge-${agent.status === 'active' ? 'success' : agent.status === 'busy' ? 'warning' : 'danger'}`); + _t(badge, agent.status || ''); + const stats = _el('span'); + _t(stats, ` ${agent.min_bid ?? 0} sats min bid | ${agent.tasks_completed ?? 0} tasks | ${agent.total_earned ?? 0} sats earned`); + meta.appendChild(badge); + meta.appendChild(stats); + info.appendChild(name); + info.appendChild(desc); + info.appendChild(meta); + card.appendChild(avatar); + card.appendChild(info); + container.appendChild(card); + }); } function updateAuctionsList(auctions) { const container = document.getElementById('auctions-list'); - + container.innerHTML = ''; + if (!auctions || auctions.length === 0) { - container.innerHTML = '

No active auctions

'; + const p = _el('p'); p.style.color = 'var(--text-muted)'; + _t(p, 'No active auctions'); + container.appendChild(p); return; } - - container.innerHTML = auctions.map(auction => ` -
-
-
Task ${auction.task_id.slice(0, 8)}
-
- ${Math.round(auction.time_remaining)}s remaining - | ${auction.bid_count} bids -
-
-
- `).join(''); + + auctions.forEach(auction => { + const card = _el('div', 'agent-card'); + const info = _el('div', 'agent-info'); + const name = _el('div', 'agent-name'); + _t(name, 'Task ' + String(auction.task_id || '').slice(0, 8)); + const meta = _el('div', 'agent-meta'); + _t(meta, `${Math.round(auction.time_remaining ?? 0)}s remaining | ${auction.bid_count ?? 0} bids`); + info.appendChild(name); + info.appendChild(meta); + card.appendChild(info); + container.appendChild(card); + }); } function addLog(message, type = 'info') { diff --git a/tests/test_mobile_scenarios.py b/tests/test_mobile_scenarios.py index 84a7ceb..1e15e73 100644 --- a/tests/test_mobile_scenarios.py +++ b/tests/test_mobile_scenarios.py @@ -279,3 +279,55 @@ def test_M605_health_status_passes_model_to_template(client): # The default model is llama3.2 — it should appear in the partial from settings, not hardcoded assert response.status_code == 200 assert "llama3.2" in response.text # rendered via template variable, not hardcoded literal + + +# ── M7xx — XSS prevention ───────────────────────────────────────────────────── + +def _mobile_html() -> str: + """Read the mobile template source.""" + path = Path(__file__).parent.parent / "src" / "dashboard" / "templates" / "mobile.html" + return path.read_text() + + +def _swarm_live_html() -> str: + """Read the swarm live template source.""" + path = Path(__file__).parent.parent / "src" / "dashboard" / "templates" / "swarm_live.html" + return path.read_text() + + +def test_M701_mobile_chat_no_raw_message_interpolation(): + """mobile.html must not interpolate ${message} directly into innerHTML — XSS risk.""" + html = _mobile_html() + # The vulnerable pattern is `${message}` inside a template literal assigned to innerHTML + # After the fix, message must only appear via textContent assignment + assert "textContent = message" in html or "textContent=message" in html, ( + "mobile.html still uses innerHTML + ${message} interpolation — XSS vulnerability" + ) + + +def test_M702_mobile_chat_user_input_not_in_innerhtml_template_literal(): + """${message} must not appear inside a backtick string that is assigned to innerHTML.""" + html = _mobile_html() + # Find all innerHTML += `...` blocks and verify none contain ${message} + blocks = re.findall(r"innerHTML\s*\+=?\s*`([^`]*)`", html, re.DOTALL) + for block in blocks: + assert "${message}" not in block, ( + "innerHTML template literal still contains ${message} — XSS vulnerability" + ) + + +def test_M703_swarm_live_agent_name_not_interpolated_in_innerhtml(): + """swarm_live.html must not put ${agent.name} inside innerHTML template literals.""" + html = _swarm_live_html() + blocks = re.findall(r"innerHTML\s*=\s*agents\.map\([^;]+\)\.join\([^)]*\)", html, re.DOTALL) + assert len(blocks) == 0, ( + "swarm_live.html still uses innerHTML=agents.map(…) with interpolated agent data — XSS vulnerability" + ) + + +def test_M704_swarm_live_uses_textcontent_for_agent_data(): + """swarm_live.html must use textContent (not innerHTML) to set agent name/description.""" + html = _swarm_live_html() + assert "textContent" in html, ( + "swarm_live.html does not use textContent — agent data may be raw-interpolated into DOM" + )