Production Checklist

Use this list before enabling write operations in production.

Configuration

• [ ] network is set intentionally (mainnet vs calibration)
• [ ] maxSpendUSDFC is explicitly set
• [ ] renewThresholdDays and safetyMarginPct are tuned
• [ ] attestOnChain is enabled if auditability is required
• [ ] identityPath is unique per agent instance
• [ ] Provider mode is explicit (synapse, storacha, or mock for non-prod testing only)

Keys and Secrets

• [ ] Operator private key is stored in a secure secret manager
• [ ] Vincent API key is scoped to expected operations
• [ ] Secrets are never logged in plaintext
• [ ] Rotation plan exists for both keys

Reliability

• [ ] Retry and alerting strategy exists around store/retrieve/renew
• [ ] Periodic renewal job is scheduled and monitored
• [ ] Health checks probe MCP and any supporting services
• [ ] Fallback behavior is defined when provider access fails
• [ ] Auto-funding strategy is decided (autoFund on/off) and documented
• [ ] Funding timeout/poll values are configured for unattended agents

Security and Access

• [ ] Delegation tokens use short TTLs
• [ ] Verification is enforced before delegated read
• [ ] Sensitive payloads default to encrypt: true
• [ ] Audit logs capture CID, operation type, and actor identity
• [ ] .env and local identity artifacts are excluded from commits

Validation

• [ ] End-to-end lifecycle test passes in staging
• [ ] Restore flow validated from cold process start
• [ ] Budget guard tested against over-limit scenario
• [ ] Incident runbook covers provider outages and key compromise
• [ ] Delegation flow tested end-to-end (issue -> verify -> retrieve)