{"id":49841963,"url":"https://github.com/Kodaxadev/FrontierWarden","last_synced_at":"2026-06-16T12:00:42.026Z","repository":{"id":353839449,"uuid":"1221074737","full_name":"Kodaxadev/FrontierWarden","owner":"Kodaxadev","description":"Tribal intelligence protocol for EVE Frontier — on-chain reputation, killboard, gate intel \u0026 Smart Gate integration built on Sui","archived":false,"fork":false,"pushed_at":"2026-05-25T02:27:46.000Z","size":50404,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-25T02:34:39.404Z","etag":null,"topics":["blockchain","eve-frontier","on-chain","reputation","sui","trust"],"latest_commit_sha":null,"homepage":"https://frontierwarden.kodaxa.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Kodaxadev.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-25T18:07:46.000Z","updated_at":"2026-05-25T02:27:49.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Kodaxadev/FrontierWarden","commit_stats":null,"previous_names":["kodaxadev/frontierwarden"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/Kodaxadev/FrontierWarden","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kodaxadev%2FFrontierWarden","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kodaxadev%2FFrontierWarden/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kodaxadev%2FFrontierWarden/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kodaxadev%2FFrontierWarden/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Kodaxadev","download_url":"https://codeload.github.com/Kodaxadev/FrontierWarden/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kodaxadev%2FFrontierWarden/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34404748,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockchain","eve-frontier","on-chain","reputation","sui","trust"],"created_at":"2026-05-14T07:01:36.527Z","updated_at":"2026-06-16T12:00:42.020Z","avatar_url":"https://github.com/Kodaxadev.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"# FrontierWarden\n\n![FrontierWarden hero](media/readme/frontierwarden-hero.png)\n\n**Proof-backed trust, reputation, and credit-risk infrastructure for EVE Frontier operators.**\n\nFrontierWarden helps EVE Frontier tools answer high-consequence questions with evidence instead of guesswork:\n\n\u003e Should this pilot pass this gate?\n\u003e Should this counterparty receive credit?\n\u003e Is this reputation signal backed by proof?\n\u003e What evidence supports this decision?\n\nFrontierWarden is not a generic killboard, leaderboard, or social score. It is a **trust decision backend** for EVE Frontier tools, tribes, markets, gate operators, bounty boards, and logistics systems.\n\nIt turns indexed on-chain activity, attestations, kill mails, gate events, and operator policy into explainable trust decisions.\n\n---\n\n## What FrontierWarden Does\n\n![Proof-backed trust engine](media/readme/trust-engine.png)\n\nFrontierWarden combines four layers:\n\n1. **Protocol evidence**\n   Sui Move events, attestations, vouches, schemas, fraud challenges, gate policy state, and world-gate events.\n\n2. **Indexed projections**\n   A Rust indexer/API projects Sui testnet and EVE Frontier state into fast queryable views.\n\n3. **Proof bundles**\n   Trust decisions return evidence: schemas, attestations, transaction digests, gate bindings, killmail context, and warning flags.\n\n4. **Tenant policy**\n   Each tribe/operator decides what trust means in their own political and economic context.\n\nThe result is a system where tools can ask:\n\n```http\nPOST /v1/trust/evaluate\n```\n\nand receive a decision plus supporting proof.\n\n---\n\n## Why It Matters\n\nEVE Frontier is not just about ships. It is about **coordination under risk**.\n\nTribes, markets, haulers, gate owners, bounty issuers, and lenders all need better answers to questions like:\n\n- Is this pilot trusted by my tribe?\n- Has this counterparty defaulted before?\n- Is this gate policy backed by real on-chain state?\n- Is this combat history relevant, or just noise?\n- Can I show users why a decision happened?\n- Can my tribe apply its own rules without handing control to a central platform?\n\nFrontierWarden exists to make those decisions **transparent, explainable, and tenant-controlled**.\n\n---\n\n## Core Use Cases\n\n| Use Case | What FrontierWarden Provides |\n| --- | --- |\n| Gate access | Allow, toll, or deny decisions based on standing attestations and gate policy |\n| Reputation profiles | Indexed trust history, attestations, vouches, challenges, and evidence |\n| Credit risk | Counterparty and lending context backed by proof bundles |\n| Killmail context | Native killmail telemetry as dossier evidence, not automatic reputation |\n| Tribe/operator policy | Tenant-scoped interpretation of trust signals |\n| Tool integrations | Remote Trust API and local TypeScript SDK |\n\n---\n\n## Gate Binding: BOUND vs BINDING VERIFIED\n\n![BOUND vs BINDING VERIFIED](media/readme/bound-vs-binding-verified.png)\n\nFrontierWarden makes an important distinction:\n\n| State | Meaning |\n| --- | --- |\n| `BOUND` | A FrontierWarden `GatePolicy` points at a world Gate ID |\n| `BINDING VERIFIED` | The world Gate has authorized the FrontierWarden extension on-chain |\n| `LIVE PASSAGE` | FrontierWarden permit issuance is deployed and a `PassageGranted` event has been observed on a real in-game jump |\n\n\u003e **`BINDING VERIFIED` confirms extension authorization only. Live gate travel\n\u003e remains unavailable until FrontierWarden permit issuance is deployed and\n\u003e validated.** See `Documents/ADR_ISSUE_PASSAGE_PERMIT.md`.\n\nA gate is not fully verified just because a policy references it.\nVerification requires both:\n\n```text\nGatePolicy -\u003e world_gate_id\nworld_gate_id -\u003e FrontierWardenAuth extension authorization\n```\n\nThis prevents FrontierWarden from overclaiming control over gates it does not own.\n\n---\n\n## Tenant-Owned Authority Model\n\n![Tenant authority model](media/readme/tenant-authority-model.png)\n\nFrontierWarden is infrastructure. It does **not** assume the site owner controls every gate.\n\nEach tribe or operator controls its own:\n\n- `GatePolicy`\n- `GateAdminCap`\n- world Gate authority\n- trust settings\n- policy interpretation\n- political relationships\n- access rules\n\nThe separation is deliberate:\n\n| Capability | Controlled By | Purpose |\n| --- | --- | --- |\n| `GateAdminCap` | Tenant/operator | Manage FrontierWarden gate policy |\n| `OwnerCap\u003cGate\u003e` | World Gate owner | Authorize extensions on the actual Gate |\n| FrontierWarden API | Platform infrastructure | Index evidence and evaluate trust decisions |\n\nThe site owner provides infrastructure, not universal gate ownership.\n\n### Owner observability vs tenant sovereignty\n\nFrontierWarden administrators may observe aggregate platform\nactivity and security/audit events, but do **not** acquire tenant\n`GateAdminCap`s, `OwnerCap\u003cGate\u003e`s, or authority to alter\ntribe-owned gate policy. The admin surface exists for platform\nhealth, security review, and audit trails; it cannot modify a\ntenant's rules or sign on their behalf. Capability separation is\nenforced both by the Sui Move contract (cap-bearing wallets only)\nand by the dashboard (`Save` and `Withdraw Tolls` require the\nconnected wallet to hold the relevant cap, not a single\ninfrastructure-blessed wallet).\n\n---\n\n## Combat Evidence Is Not Reputation\n\n![Combat evidence model](media/readme/combat-evidence-model.png)\n\nFrontierWarden now supports native EVE Frontier killmail telemetry, but killmails do **not** automatically change reputation.\n\nThe model is:\n\n```text\nNative killmail        = what happened\nSHIP_KILL attestation  = oracle/trust interpretation\nTenant policy          = what it means\nReputation/credit impact = explicit audited outcome\n```\n\nA kill can mean different things to different operators:\n\n- Positive if the victim is a tenant enemy\n- Negative if the victim is an ally\n- Neutral if the operator does not care about combat activity\n- Relevant to credit only if tenant policy says so\n\nFrontierWarden keeps combat data as **evidence**, not global morality.\n\n---\n\n## Current Live Status\n\nFrontierWarden is live on Stillness/testnet.\n\n| Component | Status |\n| --- | --- |\n| Frontend operator console | Live |\n| Rust indexer/API | Live on Railway |\n| Supabase/Postgres projections | Live |\n| Gas station | Live |\n| Trust Decision API v1 | Live |\n| Native killmail poller/API | Live |\n| EVE Vault / zkLogin operator session auth | Supported |\n| World-gate binding state | `BOUND`, not yet `BINDING VERIFIED` |\n\nCurrent active Stillness/testnet objects:\n\n```text\nFresh binding-ready package:\n0xb43fcd4e383efcb9af8c6d7b621958153dd92876da0e769b2167c2ccf409abfa\n\nActive GatePolicy:\n0x7b10f2ee46602382ad8b5a1716f7282a3f6db53b4b6346f85ec27b8308353807\n\nActive GateAdminCap:\n0x7876d36be78743903085fb0e32e56fa82424fbc6f0ee4997e9a237a14b2253a3\n\nBound world Gate:\n0x019f53078f1501840c37ce97f3b1d48fe284c5913e8091ed922c313da3f30a7c\n```\n\nCurrent binding state:\n\n```text\nBOUND\nnot BINDING VERIFIED\n```\n\nThe indexer is ready to observe `BINDING VERIFIED` once the world Gate owner authorizes `FrontierWardenAuth` for the bound Gate.\n\n---\n\n## Architecture\n\n![System architecture](media/readme/system-architecture.png)\n\nFrontierWarden is split into five major layers:\n\n| Layer | Components |\n| --- | --- |\n| Protocol | Sui Move modules for profiles, schemas, attestations, vouches, lending, fraud challenges, and reputation gates |\n| Indexer/API | Rust event ingester and Axum REST API |\n| Database | Supabase/Postgres indexed projections |\n| Frontend | React/Vite operator console |\n| SDK | Local TypeScript TrustKit client for integrations |\n\nRepository layout:\n\n```text\nsources/          Sui Move protocol modules\nindexer/          Rust indexer and REST API\nfrontend/         React/Vite operator console\nsdk/trustkit/     TypeScript client for external tools\nDocuments/        Architecture, API, runbooks, smoke results\nmedia/readme/     README images and diagrams\n```\n\n---\n\n## Protocol Modules\n\n| Module | Purpose |\n| --- | --- |\n| `schema_registry.move` | Register and deprecate attestation schemas |\n| `oracle_registry.move` | Register staked oracles and authorize schemas |\n| `profile.move` | Maintain player reputation profiles and score cache |\n| `attestation.move` | Issue and revoke subject attestations |\n| `vouch.move` | Stake-backed social collateral |\n| `lending.move` | Reputation and vouch-backed loan mechanics |\n| `fraud_challenge.move` | Challenge and resolve fraudulent attestations |\n| `reputation_gate.move` | Gate allow/toll/deny policy from standing attestations |\n| `singleton.move` | Item-level singleton attestations |\n| `system_sdk.move` | SDK-facing helpers for system integrations |\n\n---\n\n## Trust Decision API\n\nFrontierWarden exposes a proof-backed Trust API for external tools.\n\nCore endpoint:\n\n```http\nPOST /v1/trust/evaluate\n```\n\nSupported actions:\n\n```text\ngate_access\ncounterparty_risk\nbounty_trust\n```\n\nExample request:\n\n```json\n{\n  \"entity\": \"0xplayer\",\n  \"action\": \"gate_access\",\n  \"context\": {\n    \"gateId\": \"0xgate\",\n    \"schemaId\": \"TRIBE_STANDING\"\n  }\n}\n```\n\nExample response shape:\n\n```json\n{\n  \"decision\": \"ALLOW_FREE\",\n  \"allow\": true,\n  \"reason\": \"ALLOW_FREE\",\n  \"score\": 750,\n  \"threshold\": 500,\n  \"proof\": {\n    \"source\": \"indexed_protocol_state\",\n    \"schemas\": [\"TRIBE_STANDING\"],\n    \"attestationIds\": [\"0x...\"],\n    \"txDigests\": [\"...\"]\n  }\n}\n```\n\nThe important part is the `proof` bundle. FrontierWarden should never ask users to trust a black-box score.\n\nFull API contract:\n\n```text\nDocuments/TRUST_API.md\nDocuments/INTEGRATION_GUIDE.md\nDocuments/KILLMAIL_API.md\n```\n\n---\n\n## Native Killmail API\n\nFrontierWarden exposes native EVE Frontier killmail telemetry.\n\n```http\nGET /kill-mails?limit=\u0026cursor=\nGET /kill-mails/:id\nGET /world/characters/:address/kills?limit=\u0026cursor=\nGET /world/characters/:address/losses?limit=\u0026cursor=\nGET /world/systems/:system_id/kills?limit=\u0026cursor=\n```\n\nKillmails are used as combat evidence in dossiers. They are **not** automatic trust decisions.\n\n---\n\n## For EVE Frontier Tool Builders\n\nUse FrontierWarden when your tool needs a trust decision with proof.\n\nGood integration targets:\n\n- Tribe dashboards\n- Gate control consoles\n- Route planners\n- Cargo and hauling boards\n- Bounty systems\n- Lending and credit tools\n- Reputation overlays\n- Market/counterparty screens\n\nRecommended pattern:\n\n```text\nYour app keeps the UX.\nFrontierWarden evaluates trust.\nYour app displays the proof bundle.\nYour operator decides what to do.\n```\n\n---\n\n## Demo Safety\n\nThis is pre-mainnet software running on Sui testnet / EVE Frontier Stillness.\nDo not treat this as audited mainnet infrastructure.\n\nImportant constraints:\n\n- No mainnet deployment has occurred.\n- Public frontend config must never contain secrets.\n- `VITE_*` values are public build-time variables.\n- Server-side API keys and database credentials must stay server-side.\n- Sponsored transaction flows require server-side validation and budget controls.\n- Operator browser access uses wallet-signed session tokens.\n- Public read/evaluate routes should be rate-limited.\n- Combat telemetry must not become a bulk targeting export.\n\nSee:\n\n```text\nSECURITY.md\nDocuments/RAILWAY_VERCEL_RUNBOOK.md\nDocuments/OPERATOR_FLOW_RUNBOOK.md\n```\n\n---\n\n## Quick Start\n\nPrerequisites: Sui CLI · Node.js 18+ · Rust toolchain · Postgres/Supabase database\n\n```bash\n# Install dependencies\nnpm install\ncd frontend \u0026\u0026 npm install\n\n# Move tests\nsui move test --build-env testnet\n\n# Frontend checks\nnpm --prefix frontend run typecheck\nnpm --prefix frontend run build\n\n# Rust checks\ncargo build\ncargo test\n```\n\n---\n\n## Key Documentation\n\n| Document | Purpose |\n| --- | --- |\n| `Documents/TRUST_API.md` | Trust API contract |\n| `Documents/INTEGRATION_GUIDE.md` | Builder quickstart |\n| `Documents/KILLMAIL_API.md` | Native killmail endpoints |\n| `Documents/ADR_KILLMAILS_AS_TRUST_EVIDENCE.md` | Killmail evidence model |\n| `Documents/TENANT_COMBAT_POLICY_DESIGN.md` | Tenant-scoped combat policy design |\n| `Documents/OPERATOR_FLOW_RUNBOOK.md` | Operator flow and live smoke notes |\n| `Documents/KILLMAIL_PRODUCTION_SMOKE.md` | Native killmail production smoke |\n| `SECURITY.md` | Security model and disclosure policy |\n\n---\n\n## License\n\nFrontierWarden / Sui TrustKit is licensed under the Business Source License 1.1.\n\n- Non-commercial use is allowed.\n- Production commercial use requires a separate commercial license from Kodaxadev.\n- This license does not grant rights to proprietary data or datasets processed by the system.\n- Unauthorized scraping or extraction of reputation data is prohibited.\n- The software converts to the Apache License, Version 2.0 on April 29, 2030.\n\nSee `LICENSE` for the full text.\n\n---\n\n## Contact\n\nFor commercial licensing, security disclosures, or integration support, contact Kodaxadev:\n\n```text\nJustin.DavisWE@icloud.com\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FKodaxadev%2FFrontierWarden","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FKodaxadev%2FFrontierWarden","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FKodaxadev%2FFrontierWarden/lists"}