- SHARED_SECRET now read from env and fail-closed: unset/placeholder refuses
ALL plugin connections (constant-time compare). The old hardcoded
'your_shared_secret' in this public repo was no auth at all. Dockerfile
default removed; generate_data.py reads the env var.
- SECRET_KEY fails closed at startup (main.py and agent/auth.py) instead of
falling back to a publicly-known signing key; agent systemd unit now
requires /etc/overlord/agent.env (no '-' prefix).
- AuthMiddleware + /ws/live: replace the 172.x source-IP trust (which every
nginx-proxied internet request satisfied via docker-proxy — full session
bypass and unauthenticated in-game command injection) with
private-source AND no X-Forwarded-For, i.e. only genuinely internal
callers (overlord-agent on the host, compose-network services). Invariant
documented in nginx/overlord.conf: every tracker-bound location must set
X-Forwarded-For.
- /character-stats/test endpoints gated behind admin (they upsert real rows).
- docker-compose: bind 5432/5433 to 127.0.0.1 (both DBs were internet-
reachable; active brute-force observed in dereth-db logs).
- discord-rare-monitor: drop dead SHARED_SECRET constant.
- scripts/backup-databases.sh + docs/backups.md: nightly pg_dump of both DBs
(telemetry/spawn hypertable data excluded), 10MB canary, umask 077,
TimescaleDB restore procedure.
- Remove stray mangled-path css file from repo root.
Adversarially reviewed pre-deploy (3-lens workflow): ship verdict; deploy-
sequencing blockers addressed (secret staged before enforcement, exec bit
set, cron uses bash).
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Describes the full search pipeline, item loading, bucket creation,
armor reduction, scoring weights, and constraint satisfaction logic.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4-task plan covering WebSocket send method, CharacterStats.cs data
collection class, PluginCore wiring (ServerDispatch, timer, login),
and end-to-end testing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Design for adding character_stats event to MosswartMassacre plugin,
covering data collection from CharacterFilter API, network message
interception for allegiance/luminance, and 10-minute timer send.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bug fixes:
- Remove "TEMPORARY FIX" that stopped search after finding first suit
- Add armor level as lowest-priority tiebreaker in scoring
Scoring formula now:
- Set completion: +1000 per complete set
- Missing pieces: -200 penalty each
- Crit damage: +10/20 per item
- Damage rating (clothes): +10/20/30
- Spell coverage: +100 per fulfilled spell
- Base item score: +5 per item
- Armor level: +1 per 100 AL (tiebreaker)
Updated design doc with audit findings - most features were already
working correctly. The magsuitalgo.md analysis was outdated.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Design doc covers:
- Problem statement and priority order (sets > spells > armor)
- Algorithm overview (bucket-based search with backtracking)
- Current implementation state (what works, what's broken)
- Step-by-step implementation plan with verification criteria
This document enables consistent progress across multiple sessions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
