Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions authority-surface-ops-skill/.github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: CI

on:
push:
branches: [main]
pull_request:
branches: [main]

jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Validate skill structure
run: ./validate.sh

- name: Live mint check (mainnet RAY)
run: |
out=$(./scripts/check-mint-authorities.sh 4k3Dyjzvzp8eMZWUXbBCjEvwSkkk59S5iCNLY3QrkX6R mainnet-beta)
echo "$out"
echo "$out" | grep -qE 'launch_verdict: ("go"|go)'

- name: Live program upgrade check (SPL Token)
run: |
out=$(./scripts/check-program-upgrade.sh TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA mainnet-beta)
echo "$out"
echo "$out" | grep -qE 'launch_verdict: ("go"|go)'
2 changes: 2 additions & 0 deletions authority-surface-ops-skill/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
.claude/
*.backup
43 changes: 43 additions & 0 deletions authority-surface-ops-skill/CLAUDE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# Authority Surface Ops

Solana **live admin surface operations** addon for Claude Code. Extends [solana-dev-skill](https://github.com/solana-foundation/solana-dev-skill).

> Audit skills review code before ship. This config covers **mint, freeze, metadata, and upgrade authorities** after deploy.

## When to load skills

| User asks… | Read |
|------------|------|
| Mint / freeze authority | `skill/mint-freeze-authority.md` |
| Metadata update authority | `skill/metadata-authority.md` |
| Program upgrade authority | `skill/upgrade-authority.md` |
| Squads pre-sign | `skill/multisig-verification.md` |
| Authority drift | `skill/authority-drift.md` |
| Launch gate | `skill/launch-checklist.md` |
| Weekly review | `skill/weekly-review.md` |
| Authority anomaly | `skill/incident-handoff.md` |

## Agent & command

| Task | Use |
|------|-----|
| Full audit workflow | `/authority-surface-audit` |
| Ops execution | `authority-ops-engineer` agent |

## Rules

1. Confirm cluster before any mainnet read.
2. Every engagement ends in an **Authority Surface Report** (YAML) — schema in `skill/SKILL.md`.
3. Do not draft public "funds are safe" messages.
4. Launch `go` requires named humans in `signed_off_by`.
5. RPC/decode fails twice → stop and ask.

## Delegate

| Need | Route |
|------|-------|
| Source code audit | Trail of Bits / safe-solana-builder |
| Token creation | token-engineer |
| User tx failure | `/debug-user-tx` |

**Entry point:** [skill/SKILL.md](skill/SKILL.md)
24 changes: 24 additions & 0 deletions authority-surface-ops-skill/CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Contributing

Contributions that improve accuracy, Solana ecosystem coverage, or kit compatibility are welcome.

## Pull requests

1. Fork the repository and create a feature branch.
2. Run `./validate.sh` before opening a PR.
3. Keep changes focused — one module or concern per PR when possible.
4. Match existing tone: operational, specific, no user-facing financial assurances.

## Skill modules

- Update severity rubrics in the relevant `skill/*.md` file.
- Link new modules from `skill/SKILL.md` routing tables.
- Document boundaries in `skill/resources.md` if the change overlaps another kit skill.

## Reporting issues

Include cluster, asset type, address (public), and expected vs actual report output.

## License

By contributing, you agree that your contributions are licensed under the MIT License.
21 changes: 21 additions & 0 deletions authority-surface-ops-skill/LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
MIT License

Copyright (c) 2026 Authority Surface Ops Skill contributors

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
175 changes: 175 additions & 0 deletions authority-surface-ops-skill/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,175 @@
# Authority Surface Ops Skill

[![CI](https://github.com/farhanqaz/authority-surface-ops-skill/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/farhanqaz/authority-surface-ops-skill/actions/workflows/ci.yml)

Live on-chain **admin surface operations** for Solana — mint, freeze, metadata, and upgrade authority verification, multisig pre-sign checks, drift detection, and incident handoff.

> **Addon** for [Solana AI Kit](https://github.com/solanabr/solana-ai-kit) · **Extends** [solana-dev-skill](https://github.com/solana-foundation/solana-dev-skill)

## Overview

| Phase | Existing kit coverage | Gap this skill fills |
|-------|----------------------|----------------------|
| Pre-ship | Audit skills review **source code** | — |
| Launch day | token-engineer covers **creation** | — |
| Post-ship | — | **Live authority state** on mints, programs, multisigs |

```
┌─────────────────────────────────────────────────────────────┐
│ authority-surface-ops-skill (addon) │
│ Launch gate · Weekly review · Drift · Multisig pre-sign │
│ │ │
│ ▼ references │
│ solana-dev-skill · audit skills · token-engineer │
└─────────────────────────────────────────────────────────────┘
```

## Problem

After launch, teams often stop checking admin surfaces:

- Metadata update authority remains on a deployer wallet
- Program upgrade authority stays on a single signer while TVL grows
- Squads proposals are signed without reviewing authority-changing instructions
- Authority changes go unnoticed until users report an issue

Audit skills review **code before ship**. This skill operates **live admin surfaces after ship**.

## Modules

| Surface / workflow | File |
|---------------------|------|
| Mint & freeze authority | `skill/mint-freeze-authority.md` |
| Metadata authority | `skill/metadata-authority.md` |
| Upgrade authority | `skill/upgrade-authority.md` |
| Multisig pre-sign | `skill/multisig-verification.md` |
| Authority drift | `skill/authority-drift.md` |
| Launch week gate | `skill/launch-checklist.md` |
| Weekly review | `skill/weekly-review.md` |
| Incident handoff | `skill/incident-handoff.md` |

## Installation

```bash
git clone https://github.com/farhanqaz/authority-surface-ops-skill
cd authority-surface-ops-skill
chmod +x install.sh validate.sh scripts/check-mint-authorities.sh scripts/check-program-upgrade.sh
./install.sh # ~/.claude/skills/
./install.sh --project # ./.claude/skills/
./install.sh -y # non-interactive
```

Installs skill modules plus `authority-ops-engineer` agent and `/authority-surface-audit` command. Use alongside `solana-dev-skill`.

### Solana AI Kit submodule

Maintainers: [docs/KIT_INTEGRATION.md](docs/KIT_INTEGRATION.md)

## Usage

```
Run launch-week authority surface audit for mint <MINT> and program <PROGRAM_ID>
```

```
Weekly authority review using baseline at ops/authority-baseline.json
```

```
Verify this Squads proposal before I sign — does it change mint authority?
```

```
Compare current mint authorities against last week's baseline and flag drift
```

## Agent & command

| Asset | Purpose |
|-------|---------|
| `authority-ops-engineer` | Surface reads, checklists, drift diffs, YAML reports |
| `/authority-surface-audit` | End-to-end audit workflow |

## Output

Every engagement produces an **Authority Surface Report** (YAML). Schema: `skill/SKILL.md`.

| Example | Description |
|---------|-------------|
| [examples/reports/](examples/reports/) | Launch, drift, weekly, upgrade samples |
| [examples/output/ray-mainnet-report.txt](examples/output/ray-mainnet-report.txt) | Live RPC — RAY mint |
| [examples/output/token-program-upgrade-report.txt](examples/output/token-program-upgrade-report.txt) | Live RPC — SPL Token program upgrade |
| [examples/output/devnet-usdc-report.txt](examples/output/devnet-usdc-report.txt) | Live RPC — devnet USDC mint |

Sample output (mainnet RAY, fixed-supply profile):

```yaml
launch_verdict: go
findings:
- severity: info
observation: "Mint authority revoked (null)"
- severity: info
observation: "Freeze authority revoked (null)"
```

## Verified addresses

| Asset | Address | Cluster | Expected verdict (fixed-supply) |
|-------|---------|---------|--------------------------------|
| RAY | `4k3Dyjzvzp8eMZWUXbBCjEvwSkkk59S5iCNLY3QrkX6R` | mainnet-beta | `go` |
| SPL Token program | `TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA` | mainnet-beta | Upgrade authority none (immutable) |
| USDC (devnet) | `4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU` | devnet | `no-go` |

Reproduce:

```bash
./scripts/check-mint-authorities.sh 4k3Dyjzvzp8eMZWUXbBCjEvwSkkk59S5iCNLY3QrkX6R mainnet-beta
./scripts/check-program-upgrade.sh TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA mainnet-beta
./scripts/check-mint-authorities.sh 4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU devnet
./scripts/check-mint-authorities.sh EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v mainnet-beta stablecoin
```

See [docs/CLI.md](docs/CLI.md).

## CLI verification

Read-only RPC helpers (no keys required):

| Script | Surfaces |
|--------|----------|
| `scripts/check-mint-authorities.sh` | Mint + freeze |
| `scripts/check-program-upgrade.sh` | Program upgrade authority |

Metadata and Squads checks are agent-driven (Helius DAS / explorer / simulation) — see skill modules.

```bash
chmod +x scripts/check-mint-authorities.sh scripts/check-program-upgrade.sh
```

Live captured output: [`examples/output/`](examples/output/).

## Validation

```bash
./validate.sh
```

## Scope

**Included:** Authority verification, launch and weekly cadences, baseline drift, Squads pre-sign review, incident handoff to audit skills.

**Excluded:** Treasury, payroll, governance voting, compliance, automated monitoring services, end-user transaction support, source-code security audits.

## Related projects

- [Solana AI Kit](https://github.com/solanabr/solana-ai-kit)
- [solana-dev-skill](https://github.com/solana-foundation/solana-dev-skill)
- [solana-game-skill](https://github.com/solanabr/solana-game-skill) — structural reference

## Contributing

See [CONTRIBUTING.md](CONTRIBUTING.md). Architecture: [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md).

## License

MIT — see [LICENSE](LICENSE).
53 changes: 53 additions & 0 deletions authority-surface-ops-skill/agents/authority-ops-engineer.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
---
name: authority-ops-engineer
description: "Authority surface operations specialist. Reads on-chain mint/freeze/metadata/upgrade authorities, verifies multisig proposals before sign, runs launch-week and weekly review checklists, detects authority drift from baselines, and produces structured Authority Surface Reports with incident escalation handoff.\n\nUse when: Launch gate, weekly authority review, verifying Squads proposal affects authorities, investigating unexpected authority change, or producing authority baseline snapshots."
model: sonnet
color: red
---

You are the **authority-ops-engineer** — ops-focused, not a code auditor.

## Skill modules (installed layout)

- [SKILL.md](../skills/authority-surface-ops/SKILL.md) — routing hub
- [launch-checklist.md](../skills/authority-surface-ops/launch-checklist.md)
- [weekly-review.md](../skills/authority-surface-ops/weekly-review.md)
- [authority-drift.md](../skills/authority-surface-ops/authority-drift.md)
- [incident-handoff.md](../skills/authority-surface-ops/incident-handoff.md)
- [mint-freeze-authority.md](../skills/authority-surface-ops/mint-freeze-authority.md)
- [metadata-authority.md](../skills/authority-surface-ops/metadata-authority.md)
- [upgrade-authority.md](../skills/authority-surface-ops/upgrade-authority.md)
- [multisig-verification.md](../skills/authority-surface-ops/multisig-verification.md)

Command: `/authority-surface-audit`

## When to use

- Launch-week authority gate (T-7 → T+7)
- Weekly 30-minute authority review
- Pre-sign Squads/Realms proposal verification (authority-affecting)
- Drift detection vs baseline JSON
- Authority anomaly → structured incident handoff

## Delegate to

| Task | Agent / skill |
|------|----------------|
| Write revoke/upgrade transactions | solana-dev / anchor-engineer |
| Code security review | solana-qa-engineer + Trail of Bits ext |
| Token creation | token-engineer |
| User wallet tx debugging | `/debug-user-tx` workflow |

## Deliverables

Always produce **Authority Surface Report** (YAML schema in SKILL.md). Example reports ship in the repo under `examples/reports/`.

Never:

- Draft user-facing "funds are safe" messages
- Mark launch `go` with unresolved critical findings
- Sign off on launch gate without named approvers in `signed_off_by`

## Two-strike rule

RPC/decode failure twice on same address → STOP, show raw output, request explorer link.
Loading