internal docs — Raxx internal docs

Internal documentation for Raxx — runbooks, architecture decisions, agent specs, security reports, business + finance + legal. Auto-generated from docs/ on every push to main.

agents

Adding a feature
Agent Onboarding
Card grooming
Responding to a security finding
The agent pipeline

architecture

ADR 0001 — WebAuthn / Passkeys as the Only Authentication Factor
ADR 0002 — No Stored Credentials (Enforcement)
ADR 0003 — GDPR by Default
ADR 0004 — iOS App Stack: Native Swift/SwiftUI
ADR 0004 — raxx-console Stack: Flask + Jinja2 + HTMX + Tailwind CDN
ADR 0005 — iOS WebAuthn: Reuse raxx.app as the RP ID (scope: web + iOS only)
ADR 0006 — iOS Offline Posture: Read-Only Cached State
ADR 0007 — iOS subscription billing: Apple In-App Purchase
ADR 0008 — Alpaca integration mode: OAuth 2.0 (user-delegated) for v1
ADR 0009 — OAuth access token at rest: documented invariant exception
ADR 0010 — v1 per-user compute: shared Raptor process, per-request OAuth scope
ADR 0011 — Premium "fully-hosted workflow" tier: Fargate + Firecracker microVM candidate
ADR 0012 — Console WebAuthn: Separate RP ID (console.raxx.app)
ADR 0013 — MBT: Raxx-native paper-trading engine, displacing per-user Alpaca OAuth for paper
ADR 0014 — Alpaca scope: server-side market-data account + Pro+ live-broker handoff only
ADR 0015 — MBT defaults are profile-driven, not fixed config knobs
ADR 0016 — Founders Trial: Celery beat for daily sweep, not APScheduler
ADR 0017 — E2E Encryption with Opt-In Shadow Analytics: Architecture Posture
ADR 0017 — Founders Referral: 6-byte base64url slug for link identifiers
ADR 0018 — Founders Referral: cookie-primary attribution with URL-param fallback
ADR 0018 — Shadow-analytics data goals + consent-UX consequences
ADR 0019 — Founders Grace: business-day calendar library choice
ADR 0020 — Branch promotion model: tag + environment approval gate
ADR 0021 — Trace Storage: Timescale vs Plain Postgres vs ClickHouse vs Others
ADR 0022 — Event Log: Append-Only + Hash Chain for Tamper Evidence
ADR 0023 — Render ID Granularity: Per-View vs Per-Component vs Per-Field
ADR 0028 — Intentional friction on prod deploys: manual gate over full automation
ADR 0029 — Console staging retirement: why console retires staging while API keeps it
ADR 0031 — Platform Auth Posture: Defense-in-Depth Across Surface Classes
ADR 0032 — Customer account recovery: A+B only (multi-passkey + backup codes; no email recovery; no agent re-enrollment)
ADR 0033 — CI runner posture: transient-failure retry + Ubicloud migration trigger
ADR 0042 — Auth Unification: Hybrid Identity Model
ADR 0047 — Track B: CORS origin allowlist for raxx.app on raxx-api-prod
ADR 0048 — Track B: Align deploy-antlers.yml tag trigger with release-please tag format
ADR 0049 — Track B: v1.0 Alpaca credential shape — single operator set, paper only
ADR 0050 — Trunk-based SDLC affirmed; Gitflow rejected; hardening plan for drift and revert friction
ADR 0051 — Drift prevention: layered structural controls
ADR 0052 — New-surface hosting tier classification
ADR 0053 — New-surface deploy workflow template structure
ADR 0054 — Reasonator deployment target: Heroku Standard-2X
ADR 0055 — Reasonator API contract: REST with sync + async endpoints
ADR 0056 — Reasonator service auth: bearer token in vault
ADR 0057 — Reasonator re-scoring: model SHA as first-class provenance field
ADR-0020: RBAC — Groups as the permission bridge; centralized identity authority
ADR-0024 — Env Switcher: Session-resident selected_env vs DB column
ADR-0025 — Env Switcher: RBAC gate on switching vs gate on mutation
ADR-0026 — Feature Flag Persistence: DB table vs external store vs env-var-only
ADR-0027 — Feature Flag Env Scoping: per-env rows vs single row with override
ADR-0028 — Status Page Hosting: where does /api/status/public live?
ADR-0029 — Status Surface Registry: where and how is the surface list stored?
ADR-0030 — Status Page State Machine: canonical states, transitions, and actors
ADR-0034 — Console-driven deploy flow with GitHub Actions status callbacks
ADR-0035 — Staging-to-prod flag promotion: explicit promotion queue over ambient drift
ADR-0036: Async Run-ID Resolution for Console Deploy Dispatch
ADR-0037: Velvet — Service-Bus Subscription Model
ADR-0038: Velvet — Three-Stage Operational Rotation Flow
ADR-0039: Velvet — 401 Unauthorized as the Revocation Success Criterion
ADR-0040: Velvet — Static Manifest for Consumer Registration (No Runtime API)
ADR-0041 — Velvet consumer registration: runtime API + manifest bootstrap (supersedes ADR-0040)
ADR-0043 — Auth Unification: RBAC Reconciliation
ADR-0044 — Console Self-Deploy Web Layer: Option Selection + Topology
ADR-0045 — Support Portal Topology: CF Pages + Raptor Proxy (Option A)
ADR-0046 — Support Portal: FreeScout API Token in Infisical (not SSM)
Agent GitHub identity
Alpaca integration — scoped to market data + optional live-broker handoff
Auth Unification — Hybrid Identity Model
Auth Unification — RBAC Reconciliation
Billing Data Model
Branch Promotion Strategy — Soak Gate for Raptor / Antlers / Docs
CI Notification Posture
Cloudflare Pages projects — domain mapping
Console Deploy — Async Dispatch (H12 Fix)
Console Environment Switcher — Design
Console Feature Flag Management — Design
Console Flag Promotion Flow — Staging to Prod
Console Self-Deploy Web Layer
Console-Driven Deploy Flow
Founders Grace Window + Paid-Tier Transition
Founders Referral Service — link generation, click attribution, conversion tracking
Founders Trial Engine — data model, state machine, scheduler, and rules engine
MBT — Investor Profile Model + Educational Overlay
MBT — Raxx-native paper-trading engine
Multi-user Authentication & GDPR Architecture
New-Surface Deploy/Preview Convention
Passkey E2E Encryption with Opt-In Shadow Analytics
Prod-Deploy Gating — Universal Pattern + Console First Implementation
Proposal — Market Calendar Service
Raxx iOS Companion App — Architecture Sketch v1
Raxx RBAC — Role-Based Access Control Design (v1, First Pass)
raxx-console — Operator Admin Console Architecture
raxx-console — Operator Dashboard (Milestones 7–13)
Reasonator API Contract
Reasonator Cost Model
Reasonator Sequence Diagrams
Reasonator — Sentiment Scoring Service Design
Session engine — REST + JWT + server-side revocation + per-tier rate limits
status.raxx.app — Data Model, State Machine, and FreeScout Webhook Contract
support.raxx.app — Customer Support Portal Design
Ticketing System — Build vs. Buy Analysis
Track B — Backend wiring for raxx.app customer-facing launch
Velvet Handler-Author Guide
Velvet v2 — Rotation Flows Design
Workflow UUID Tracing — Replay + Support Transparency Design

business

Bookkeeper reconciliation — 2026-04-22
Business email — Google Workspace multi-domain (moosequest.net primary + aliases)
CI Cost Analysis — GitHub Actions Billing Situation
Draft — email to Matthew Crosby asking for securities-attorney referral
EIN and state tax IDs
Entity structure — LLC vs S-Corp-elected LLC vs C-Corp
Expense record — FreeScout modules (FastSpring)
Founders Pro at $19/mo — Cost + Pricing Rationale
Natural-Language AI Strategy Execution — Feedback Investigation
Owner compensation — S-Corp election, reasonable salary, payroll
Questions for the attorney — first consult
Questions for the CPA — first consult
Raxx business, legal, and tax research pack
State of formation — Delaware vs Wyoming vs Nevada vs home state
Support Autoreply Legal Posture — support@raxx.app
Trademark — MOOSEQUEST (USPTO)
Velvet v2 Infrastructure: Cost + Compliance Analysis

console

Console feature QA — 2026-05-01

customer

FAQ
Getting started with Raxx
Troubleshooting

data-science

Build Roadmap
Core Strategy
Data Science — Strategy Inventory
Execution Workflow
Historical Options-Chain Data Vendors — Raxx Use-Case Comparison
Layered Covered Call Income Cycle — Strategy Spec
LCC Income Cycle — Alert Specification
LCC Income Cycle — Data Schema
LCC Income Cycle — Failure Modes and Edge Cases
Markov / HMM Fit-Analysis for Raxx Options-Income Strategies
Model Card — Layered Covered Call Income Cycle
Rolling-Income Monte Carlo Simulator + Regime-Aware Entry Gate
Strengths
Trading Strategy Package

decisions

Decision: Internal-only docs site hostname

finance

Chart of accounts — MooseQuest / Raxx
Finance records — MooseQuest / Raxx
Vendor categorization conventions

general

Api
CI Health Gate Runbook
Claude 3.7 Sonnet Research Prompt: Technical Indicators for Trading Algorithms
Development Log
Documentation Governance
Observability Baseline (Sprint 3 Card #37)
Release v1.0.0 (2025-03-12)
Release v[VERSION] (YYYY-MM-DD)
Slack Integration for Repo Updates
Technical Indicators Research
TradeMaster API Documentation
TradeMaster API Project Summary
TradeMaster API v1.1.0 Release Notes
TradeMasterAPI End-to-End QA Workflow

grooming

Grooming pass — 2026-04-22

incidents

Incident RCA — getraxx.com 403 (2026-05-08 UTC)
RCA — Bot token mint returning 404 after MooseQuest → raxx-app org migration
RCA — console.raxx.app dashboard: multiple surfaces showing DEGRADED/FAILED
RCA — FreeScout cloud-init FATAL: could not extract MySQL root password
RCA — gitleaks false-positive fires nightly on Cloudflare Account ID
RCA — raxx-api-prod: 0 dynos, no slug, never deployed

legal

AI Strategy Execution + Hybrid Broker — Legal Risk Scoping
APM Vendor Research: Sentry vs Honeybadger
Demo Session Email-Gating: Compliance Scoping
Draft Reply — Matthew Crosby (Schwartz IP Law)
ESIGN + UETA compliance checklist — Raxx NDA portal
Fidelity Broker API Integration — Research Briefing
GitHub Org Creation Before LLC Formation — Research Note
NDA framework — decisions, alternatives, and sourcing
NDA template — Raxx v1 (one-way)
Ramp Payment Solutions LLC — RAXX Reg. 7779396 Ownership + Opposition Risk
RAXX Trademark — §2(d) Conflict Analysis (Attorney Signal: Crosby 2026-05-05)
raxxapp Handle Due Diligence
Social Handle Reclamation — RAXX Trademark

marketing

Competitor — Composer (composer.trade)
Competitor — Interactive Brokers (IBKR)
Competitor — Public.com
Competitor — QuantConnect
Competitor — Robinhood
Competitor — tastytrade
Competitor — thinkorswim (Schwab)
Competitor — Trade Ideas
demo.raxx.app — Open-Flow + Conversion Strategy
demo.raxx.app — PM + UX Handoff
Differentiation — Raxx v2
getraxx.com — Launch Readiness Audit
Hero strategy — Raxx marketing
Messaging — Raxx (v2)
Positioning — the platform (name TBD)
Pricing — Raxx v2 (refreshed anchors + recommendation)
Pricing — tier structure + rationale (v1 proposal)
Raxx — Competitive Landscape + White-Paper Survey
Social Media Handle Research + Signup Playbook
Social Media Handle Research + Signup Playbook v2
Support Auto-Reply Copy — support@raxx.app
support.raxx.app — Customer Support Portal Scope

operations

SOP: Pausing Raxx dev compute

ops

2026 05 03 Groomer Velvet Pass
Agent bot-token setup runbook
Auth Unification — PM Card Rework
Auto-Ticketing Pipeline — Incident Response Runbook
Auto-Ticketing Pipeline — Overview
Auto-Ticketing Pipeline — Staged Rollout
Backlog Grooming — Full Pass — 2026-05-03 UTC
Cloudflare API tokens runbook
Cloudflare Rate Limiting runbook
Console Cockpit Pattern — Operator Runbook
Console Completeness Audit — 2026-05-06 UTC
Console deploy — manual break-glass runbook
Console Phase 1 Live Reachability — 2026-05-07 UTC
Console Phase 2 Functional Audit — 2026-05-07 UTC
Console Phase 2.5 Interaction Audit — 2026-05-07 UTC
Console Status Poller Runbook
Deploy Freeze — Operator Runbook
Feature Flag Ops Runbook
FreeScout backup and restore runbook
FreeScout email templates — runbook
FreeScout end-to-end email pipeline test runbook
FreeScout Operations Mailbox — First-Deploy Provisioning SOP
FreeScout paid module install — runbook
FreeScout polish sprint — triage notes
FreeScout Postmark SMTP relay — operator runbook
FreeScout runbook
FreeScout TLS / certificate renewal runbook
GitHub App provisioning runbook
Gitleaks runbook
Heroku FLAG_* Config Vars — Deprecation Tracking
Heroku runbook
MBT v1 sub-card grooming pass — 2026-05-02 (UTC)
Postmark Bounce Alerts — Diagnostic Packet
Production deploy approval gate — runbook
QA Report — PR #1431 (Tailwind build-step + favicon.ico)
QA Report — PR #1432
Recurring + scheduled tasks (Claude session-local)
Rotation Routing Matrix
Rotation SOP — Alpaca Live Trading API Keys
Rotation SOP — Alpaca Paper Trading API Keys
Rotation SOP — Anthropic API Key
Rotation SOP — AWS IAM Access Key
Rotation SOP — Cloudflare Access Service Token
Rotation SOP — Cloudflare User API Token
Rotation SOP — DreamHost API Key
Rotation SOP — Dyn (Oracle Dyn) API Key
Rotation SOP — GitHub App Installation Access Token (informational)
Rotation SOP — GitHub Personal Access Token (PAT)
Rotation SOP — Google Workspace Service Account Key
Rotation SOP — Heroku Platform API Token
Rotation SOP — Infisical Service Token / Machine Identity
Rotation SOP — Postmark Server API Token
Rotation SOP — Stripe Restricted API Key
Runbook — CI runner posture
Runbook — console-prod H12 + WORKER TIMEOUT Slack alerting
Runbook: Drive ledger consolidation — Sheets-per-tab to single workbook
Runbook: FreeScout custom fields for status.raxx.app integration
Runbook: Support portal S3 attachments
Session-bootstrap runbook
SOP — HEROKU_API_KEY Drift Recovery
SOP — CF Access Service Token Provisioning
SOP — FreeScout Lightsail Instance Rebuild
SRE Provisioning Batch — 2026-05-06
status-d1 Runbook
Support Portal (support.raxx.app) — Operations Runbook
Trading-Core Track Pitch — 2026-05-03
Vault token taxonomy — function mapping, tag system, and provisioning template
Velvet First-Deploy Triage — 2026-05-05
Velvet Operator Runbook
Velvet v2 — PM Card Rework
ZAP Finding Triage — Operator Runbook

product

Billing Telemetry Dashboard — Feasibility Study
Raxx v1.0 Production Release — Ship Plan

qa

MBT v1 — Launch Readiness Checklist

release

Release-please multi-package configuration

secrets

Cloudflare Token Taxonomy

security

IAM policy — claude-infisical-bootstrap
Nightly security scan — 2026-04-25 (FIRST-RUN BASELINE)
Nightly security scan — 2026-05-06
Public surface security sweep — 2026-04-25
Raxx Platform — Auth Posture (Single Source of Truth)
Release readiness policy — security gate
Security review — 2026-04-24 (round 1)
Security triage — 2026-04-26
Security triage — 2026-04-27
Security triage — 2026-04-28
Security triage — 2026-04-29
Web surface posture — pre-launch lock-down