{
  "ok": true,
  "product": "naxytra",
  "category": "security-reliability-drill-pack",
  "pack_version": "naxytra-security-reliability-drill-pack-v1",
  "posture": "repeatable_operator_drills_without_secret_material",
  "release_boundary": "required_before_synchronized_release_cut",
  "doctrine": [
    "drill_surfaces_document_expected_operations_without_exposing_secrets",
    "release_candidate_verification_is_not_a_substitute_for_restore_and_rotation_drills",
    "external_money_in_gateways_remain_adapter_bound_not_package_bound",
    "xoonya_import_and_anchor_profiles_bind_evidence_without_claiming_external_provider_truth",
    "pricing_optimization_matures_from_live_signal_volume_not_static_claims"
  ],
  "drills": [
    {
      "id": "token_rotation",
      "family": "secrets",
      "cadence": "monthly_or_after_operator_change",
      "posture": "operator_controlled_secret_rotation",
      "evidence_command": "record token id, rotated_at_iso, affected services, and smoke-check result in the private operator log",
      "done_signal": "old token rejected, new token accepted, protected ledger and observability routes still work",
      "public_safe": false
    },
    {
      "id": "backup_restore",
      "family": "state_recovery",
      "cadence": "monthly",
      "posture": "supabase_runtime_state_recovery",
      "evidence_command": "restore a recent backup into an isolated target and replay credit, execution, proof, and settlement records",
      "done_signal": "restored ledgers match expected counts and no production endpoint is pointed at the restore target",
      "public_safe": false
    },
    {
      "id": "dependency_audit",
      "family": "supply_chain",
      "cadence": "before_each_synchronized_release",
      "posture": "package_dependency_visibility",
      "evidence_command": "npm audit --omit=dev in xytara and xoonya, then record exceptions or upgrades",
      "done_signal": "no unresolved production vulnerability is accepted without an explicit risk note",
      "public_safe": true
    },
    {
      "id": "npm_provenance",
      "family": "supply_chain",
      "cadence": "before_each_synchronized_release",
      "posture": "release_artifact_traceability",
      "evidence_command": "npm pack --dry-run and npm publish dry-run/provenance checklist for xytara and xoonya",
      "done_signal": "published package contents match intended files and release tag",
      "public_safe": true
    },
    {
      "id": "webhook_signing",
      "family": "commerce_ingress",
      "cadence": "before_checkout_or_gateway_changes",
      "posture": "external_money_in_gateway_integrity",
      "evidence_command": "send valid and invalid signed webhook fixtures through the gateway and inspect hidden grant outcome",
      "done_signal": "valid fixture grants once; invalid fixture is rejected; idempotent replay does not double-grant",
      "public_safe": false
    },
    {
      "id": "incident_rehearsal",
      "family": "operations",
      "cadence": "quarterly_or_before_major_launch",
      "posture": "operator_response_memory",
      "evidence_command": "walk through failed grant, settlement delay, adapter failure, and proof mismatch scenarios",
      "done_signal": "operator can identify surface, isolate blast radius, choose mitigation, and write closure note",
      "public_safe": false
    }
  ],
  "incident_scenarios": [
    {
      "id": "hidden_grant_failed",
      "trigger": "external money-in gateway received funds but xytara credit bridge did not record a grant",
      "inspect": [
        "gateway order or webhook event",
        "xytara external credit grant ledger",
        "account credit balance",
        "operator observability attention queue"
      ],
      "first_response": "pause retry storms, preserve idempotency key, replay only through the documented operator path"
    },
    {
      "id": "settlement_delayed",
      "trigger": "settlement remains pending or ready_for_submission beyond expected window",
      "inspect": [
        "BSV/Teranode readiness",
        "settlement record",
        "payment ledger",
        "reconciliation report"
      ],
      "first_response": "separate payment admission from finality proof and avoid public finality claims until observed"
    },
    {
      "id": "adapter_regression",
      "trigger": "provider-backed adapter starts returning simulated, failed, or degraded execution results",
      "inspect": [
        "xytara adapter-depth summary",
        "execution target health",
        "operator observability adapter failure count",
        "recent transactions"
      ],
      "first_response": "route only to configured healthy targets and downgrade public claim language if depth is not green"
    },
    {
      "id": "proof_mismatch",
      "trigger": "xoonya proof verification fails for a result package or external proof import",
      "inspect": [
        "proof-center summary",
        "native atom conformance",
        "external import adapter review",
        "source result package hash"
      ],
      "first_response": "do not mutate original evidence; create a review record and isolate mismatch to payload, envelope, method, or key"
    }
  ],
  "release_gate": {
    "required_drill_ids": [
      "token_rotation",
      "backup_restore",
      "dependency_audit",
      "npm_provenance",
      "webhook_signing",
      "incident_rehearsal"
    ],
    "operator_evidence_location": "private_operator_log_or_ticket_system",
    "public_release_note_rule": "claim_drill_pack_and_runbook_existence_publicly_but_keep_secret_values_and_private_evidence_out_of_public_surfaces",
    "pass_condition": "all required drills have an owner, cadence, command, done signal, and private evidence manifest before synchronized release",
    "evidence_manifest_template_version": "naxytra-security-reliability-drill-evidence-v1",
    "evidence_manifest_template_ref": "/v1/security-reliability-drills/evidence-template"
  },
  "pricing_maturity_boundary": {
    "current_state": "telemetry_guardrails_and_experiment_plan_ready",
    "not_yet_claimed": "statistically_mature_price_optimization",
    "promotion_condition": "enough quote acceptance, abandonment, payment, task, adapter, settlement, and refund data exists to justify operator-reviewed experiments"
  },
  "linked_surfaces": {
    "first_run_kit_ref": "/v1/first-run-kit",
    "public_proof_pack_ref": "/v1/public-proof-pack",
    "security_reliability_drills_summary_ref": "/v1/security-reliability-drills/summary",
    "security_reliability_evidence_template_ref": "/v1/security-reliability-drills/evidence-template",
    "xytara_operator_observability_ref": "https://xytara.onrender.com/v1/operator-observability/summary",
    "xoonya_import_adapter_ref": "https://xoonya.onrender.com/v1/proof-center/import-adapter/summary"
  },
  "public_safe_drill_count": 2,
  "private_operator_drill_count": 4
}