From 3fc0058d062d387d84ff79f7192fed62d1bc9e3e Mon Sep 17 00:00:00 2001 From: saravanakumardb1 Date: Sun, 24 May 2026 14:31:38 -0700 Subject: [PATCH] docs: consolidate learning_ai_smart_auth references into learning_ai_auth_app The smart_auth docs-only repo has been merged into learning_ai_auth_app. Updates all cross-repo references: - adoption/learning_ai_smart_auth.md merged into adoption/learning_ai_auth_app.md - WORKSPACE_INVENTORY: combined row (now 13 active repos, was 14) - CODING_AGENT_AUTOMATION_PLAYBOOK: combined row, dropped from for-loop - GITEA_LOCAL_CI: removed from no-CI list - ECOSYSTEM_APPROVALS_AND_TRUST_MODEL: ref input consolidated - ECOSYSTEM_CROSS_POLLINATION_OPPORTUNITIES: capability map + per-repo section consolidated - repos.txt, run-code-review.md, refresh-chat-history.md, update-agent-docs.sh: drop smart_auth --- .windsurf/workflows/refresh-chat-history.md | 3 +- .windsurf/workflows/repos.txt | 1 - .windsurf/workflows/run-code-review.md | 3 +- docs/WORKSPACE_INVENTORY.md | 35 ++++++++-------- .../CODING_AGENT_AUTOMATION_PLAYBOOK.md | 9 ++-- docs/devops/GITEA_LOCAL_CI.md | 4 +- .../ECOSYSTEM_APPROVALS_AND_TRUST_MODEL.md | 2 +- ...OSYSTEM_CROSS_POLLINATION_OPPORTUNITIES.md | 22 ++++------ docs/ecosystem/adoption/README.md | 3 +- .../adoption/learning_ai_auth_app.md | 26 ++++++++++-- .../adoption/learning_ai_smart_auth.md | 42 ------------------- scripts/update-agent-docs.sh | 12 +----- 12 files changed, 59 insertions(+), 103 deletions(-) delete mode 100644 docs/ecosystem/adoption/learning_ai_smart_auth.md diff --git a/.windsurf/workflows/refresh-chat-history.md b/.windsurf/workflows/refresh-chat-history.md index 37bacaca..af70448d 100644 --- a/.windsurf/workflows/refresh-chat-history.md +++ b/.windsurf/workflows/refresh-chat-history.md @@ -21,8 +21,7 @@ Auto-discovers new repos, updates symlinks, and re-copies docs + workflows. | `learning_ai_notes` | NoteLett | ✅ | — | | `learning_ai_flowmonk` | FlowMonk | ✅ | — | | `learning_ai_trails` | ActionTrail | ✅ | — | -| `learning_ai_smart_auth` | SmartAuth | ✅ | — | -| `learning_ai_auth_app` | ByteLyst Auth | ✅ | — | +| `learning_ai_auth_app` | ByteLyst SmartAuth | ✅ | — | | `learning_ai_productivity_web` | Productivity Tools | ✅ | — | ## Steps diff --git a/.windsurf/workflows/repos.txt b/.windsurf/workflows/repos.txt index 97aaa5ff..9cfdce98 100644 --- a/.windsurf/workflows/repos.txt +++ b/.windsurf/workflows/repos.txt @@ -22,7 +22,6 @@ learning_ai_local_llms learning_ai_talk2obsidian # --- Auth & identity --- -learning_ai_smart_auth learning_ai_auth_app # --- Web & misc --- diff --git a/.windsurf/workflows/run-code-review.md b/.windsurf/workflows/run-code-review.md index 6631b2d3..08f44af8 100644 --- a/.windsurf/workflows/run-code-review.md +++ b/.windsurf/workflows/run-code-review.md @@ -46,8 +46,7 @@ All code across the ByteLyst workspace repos: - learning_ai_peakpulse (PeakPulse) - learning_ai_notes (NoteLett) - learning_ai_trails (ActionTrail) - - learning_ai_smart_auth (SmartAuth) - - learning_ai_auth_app (ByteLyst Auth) + - learning_ai_auth_app (ByteLyst SmartAuth — companion app + PRD/roadmap) - learning_ai_productivity_web (Productivity Tools) ## Domain Context diff --git a/docs/WORKSPACE_INVENTORY.md b/docs/WORKSPACE_INVENTORY.md index 9a4b88fb..4ff90967 100644 --- a/docs/WORKSPACE_INVENTORY.md +++ b/docs/WORKSPACE_INVENTORY.md @@ -9,22 +9,21 @@ ## 1. Active Workspace Repositories -| Repository | Product / Role | Primary Stack | Current Scope | -| ----------------------------------- | ------------------ | ------------------------------------------------------- | -------------------------------------------------------------------- | -| `learning_ai_common_plat` | Shared platform | TypeScript, Fastify, Next.js, Swift, Kotlin | 58 shared packages, 4 services, 3 dashboards, MCP/A2A orchestration | -| `learning_voice_ai_agent` | LysnrAI | Python 3.12, Fastify, Next.js, Swift, Kotlin | Desktop app, product backend, user dashboard, mobile apps | -| `learning_multimodal_memory_agents` | MindLyst | Kotlin Multiplatform, SwiftUI, Jetpack Compose, Next.js | Shared KMP core, iOS, Android, web dashboard, product backend | -| `learning_ai_clock` | ChronoMind | Next.js, SwiftUI, Kotlin, Fastify | Timer/focus product across web, Apple, Android, backend | -| `learning_ai_fastgap` | NomGap | React Native (Expo), Next.js, Fastify | Fasting engine, mobile UI, web app, product backend | -| `learning_ai_jarvis_jr` | JarvisJr | SwiftUI, Next.js, Kotlin, Fastify | Voice-first coaching apps, marketplace/backend | -| `learning_ai_peakpulse` | PeakPulse | SwiftUI, Fastify | Sensor-driven tracking app and backend | -| `learning_ai_notes` | NoteLett | Fastify, Next.js, React Native (Expo) | Structured notes platform across backend, web, and mobile | -| `learning_ai_flowmonk` | FlowMonk | Fastify, Next.js, React Native (Expo) | Agent-first planning platform across backend, web, and mobile | -| `learning_ai_trails` | ActionTrail | Fastify, Next.js | AI activity oversight: actions, alerts, approvals, SDK | -| `learning_ai_smart_auth` | SmartAuth | Docs + extends platform-service | Unified auth & identity design (OneAuth, OAuth, MFA, Passkeys) | -| `learning_ai_auth_app` | ByteLyst Auth App | SwiftUI, Jetpack Compose | Standalone auth companion app (iOS, Android, watchOS, widgets) | -| `learning_ai_productivity_web` | Productivity Tools | Next.js | Internal productivity web tools | -| `learning_ai_local_memory_gpt` | LocalMemoryGPT | Fastify 5, Next.js 16, SQLite, Ollama | Local-first AI chat with persistent memory, RAG, multi-model compare | +| Repository | Product / Role | Primary Stack | Current Scope | +| ----------------------------------- | ------------------ | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | +| `learning_ai_common_plat` | Shared platform | TypeScript, Fastify, Next.js, Swift, Kotlin | 58 shared packages, 4 services, 3 dashboards, MCP/A2A orchestration | +| `learning_voice_ai_agent` | LysnrAI | Python 3.12, Fastify, Next.js, Swift, Kotlin | Desktop app, product backend, user dashboard, mobile apps | +| `learning_multimodal_memory_agents` | MindLyst | Kotlin Multiplatform, SwiftUI, Jetpack Compose, Next.js | Shared KMP core, iOS, Android, web dashboard, product backend | +| `learning_ai_clock` | ChronoMind | Next.js, SwiftUI, Kotlin, Fastify | Timer/focus product across web, Apple, Android, backend | +| `learning_ai_fastgap` | NomGap | React Native (Expo), Next.js, Fastify | Fasting engine, mobile UI, web app, product backend | +| `learning_ai_jarvis_jr` | JarvisJr | SwiftUI, Next.js, Kotlin, Fastify | Voice-first coaching apps, marketplace/backend | +| `learning_ai_peakpulse` | PeakPulse | SwiftUI, Fastify | Sensor-driven tracking app and backend | +| `learning_ai_notes` | NoteLett | Fastify, Next.js, React Native (Expo) | Structured notes platform across backend, web, and mobile | +| `learning_ai_flowmonk` | FlowMonk | Fastify, Next.js, React Native (Expo) | Agent-first planning platform across backend, web, and mobile | +| `learning_ai_trails` | ActionTrail | Fastify, Next.js | AI activity oversight: actions, alerts, approvals, SDK | +| `learning_ai_auth_app` | ByteLyst SmartAuth | SwiftUI, Jetpack Compose + docs (extends platform-service) | Unified auth & identity design (OneAuth, OAuth, MFA, Passkeys) + standalone auth companion app (iOS, Android, watchOS, widgets) | +| `learning_ai_productivity_web` | Productivity Tools | Next.js | Internal productivity web tools | +| `learning_ai_local_memory_gpt` | LocalMemoryGPT | Fastify 5, Next.js 16, SQLite, Ollama | Local-first AI chat with persistent memory, RAG, multi-model compare | --- @@ -137,10 +136,10 @@ _(All under the `@bytelyst/` scope — consumed via `file:` or `workspace:_` ref ## 7. Notes -- This document reflects the currently active 14-repo workspace (plus `temp_uxlab` which is empty). +- This document reflects the currently active 13-repo workspace (plus `temp_uxlab` which is empty). (May 2026: `learning_ai_smart_auth` merged into `learning_ai_auth_app`.) - Product-specific backends now live in their product repositories, while `learning_ai_common_plat` remains product-agnostic. - `mcp-server` and `ux-lab` are active capability surfaces. - `learning_ai_local_memory_gpt` has been rebuilt as Fastify 5 + Next.js 16 + SQLite/Ollama (no longer Express/React). - `learning_ai_productivity_web` is an internal tools site, not a consumer of platform-service. -- `learning_ai_smart_auth` is a docs-only repo (PRD, roadmap); implementation lives in platform-service auth module. +- `learning_ai_auth_app` (SmartAuth) owns the PRD + roadmap (in `docs/`) plus the standalone authenticator app; the backend implementation of SmartAuth features lives in the platform-service auth module. (May 2026: absorbed the former `learning_ai_smart_auth` docs-only repo.) - `@bytelyst/field-encrypt` is integrated into 5 product backends (LysnrAI, JarvisJr, NoteLett, NomGap, ActionTrail). diff --git a/docs/devops/CODING_AGENT_AUTOMATION_PLAYBOOK.md b/docs/devops/CODING_AGENT_AUTOMATION_PLAYBOOK.md index def1b865..9a55c0f1 100644 --- a/docs/devops/CODING_AGENT_AUTOMATION_PLAYBOOK.md +++ b/docs/devops/CODING_AGENT_AUTOMATION_PLAYBOOK.md @@ -23,9 +23,8 @@ | 9 | `learning_ai_notes` | NoteLett | ✅ | web/ | Expo | 4016 | | 10 | `learning_ai_trails` | ActionTrail | ✅ | web/ | — | 4018 | | 11 | `learning_ai_local_memory_gpt` | LocalMemGPT | ✅ | web/ | — | 4019 | -| 12 | `learning_ai_auth_app` | ByteLyst Auth | — | — | ios + android | — | -| 13 | `learning_ai_smart_auth` | SmartAuth | — (extends platform-service) | — | — | — | -| 14 | `learning_ai_productivity_web` | Productivity Tools | — | src/ | — | — | +| 12 | `learning_ai_auth_app` | ByteLyst SmartAuth | — (extends platform-service) | — | ios + android | — | +| 13 | `learning_ai_productivity_web` | Productivity Tools | — | src/ | — | — | --- @@ -36,10 +35,10 @@ ### 1a. Dirty / Uncommitted Changes Check -Scan all 14 repos for uncommitted or untracked changes. Flag anything that should be committed or stashed. +Scan all 13 repos for uncommitted or untracked changes. Flag anything that should be committed or stashed. ```bash -for repo in learning_ai_common_plat learning_voice_ai_agent learning_multimodal_memory_agents learning_ai_clock learning_ai_jarvis_jr learning_ai_fastgap learning_ai_peakpulse learning_ai_flowmonk learning_ai_notes learning_ai_trails learning_ai_local_memory_gpt learning_ai_auth_app learning_ai_smart_auth learning_ai_productivity_web; do +for repo in learning_ai_common_plat learning_voice_ai_agent learning_multimodal_memory_agents learning_ai_clock learning_ai_jarvis_jr learning_ai_fastgap learning_ai_peakpulse learning_ai_flowmonk learning_ai_notes learning_ai_trails learning_ai_local_memory_gpt learning_ai_auth_app learning_ai_productivity_web; do echo "=== $repo ===" cd /Users/sd9235/code/mygh/$repo git status --short diff --git a/docs/devops/GITEA_LOCAL_CI.md b/docs/devops/GITEA_LOCAL_CI.md index 47181d9e..0ff86926 100644 --- a/docs/devops/GITEA_LOCAL_CI.md +++ b/docs/devops/GITEA_LOCAL_CI.md @@ -87,9 +87,9 @@ All 14 repos have a `gitea` remote → `http://localhost:3300/bytelyst/.gi | `learning_voice_ai_agent` | Backend + Python + User Dashboard | | `learning_multimodal_memory_agents` | Backend + Web + KMP | -3 repos without CI workflows (docs/config only): +2 repos without CI workflows (docs/config only): -- `learning_ai_auth_app`, `learning_ai_smart_auth`, `learning_ai_productivity_web` +- `learning_ai_auth_app` (SmartAuth — companion app + PRD/roadmap), `learning_ai_productivity_web` GitHub Actions disabled via `.github/workflows/ci.yml.disabled` in all repos. diff --git a/docs/ecosystem/ECOSYSTEM_APPROVALS_AND_TRUST_MODEL.md b/docs/ecosystem/ECOSYSTEM_APPROVALS_AND_TRUST_MODEL.md index 7e412599..3971c923 100644 --- a/docs/ecosystem/ECOSYSTEM_APPROVALS_AND_TRUST_MODEL.md +++ b/docs/ecosystem/ECOSYSTEM_APPROVALS_AND_TRUST_MODEL.md @@ -2,7 +2,7 @@ > **Status:** Hardened baseline > **Owner:** `learning_ai_common_plat` -> **Reference inputs:** `learning_ai_smart_auth`, `learning_ai_auth_app`, `learning_ai_trails`, `learning_ai_mac_tooling`, `claw-cowork` +> **Reference inputs:** `learning_ai_auth_app` (SmartAuth), `learning_ai_trails`, `learning_ai_mac_tooling`, `claw-cowork` > **Purpose:** Define when the ecosystem should ask for approval, when it should not, and how trust posture affects automation. --- diff --git a/docs/ecosystem/ECOSYSTEM_CROSS_POLLINATION_OPPORTUNITIES.md b/docs/ecosystem/ECOSYSTEM_CROSS_POLLINATION_OPPORTUNITIES.md index b82ac7bf..64d25f73 100644 --- a/docs/ecosystem/ECOSYSTEM_CROSS_POLLINATION_OPPORTUNITIES.md +++ b/docs/ecosystem/ECOSYSTEM_CROSS_POLLINATION_OPPORTUNITIES.md @@ -34,8 +34,7 @@ This review looked at the top-level README, `AGENTS.md`, `shared/product.json`, - `learning_ai_trails` - `learning_ai_local_memory_gpt` - `learning_ai_local_llms` -- `learning_ai_smart_auth` -- `learning_ai_auth_app` +- `learning_ai_auth_app` (SmartAuth — companion app + PRD/roadmap) - `learning_ai_efforise` - `learning_ai_productivity_web` - `learning_ai_mac_tooling` @@ -62,8 +61,7 @@ This is not a line-by-line code audit. It is a systematic ecosystem opportunity | `learning_ai_trails` | AI activity oversight, approvals, rewind, SDK | Agent audit, review, approval, replay, and observability primitives | | `learning_ai_local_memory_gpt` | Local-first AI memory, RAG, multi-model compare | On-device memory, local vector/data patterns, privacy-first AI workflows | | `learning_ai_local_llms` | Local model lab, hardware guidance, dashboard, eval workflows | Model selection, local inference guidance, hybrid-cloud AI fallback strategy | -| `learning_ai_smart_auth` | Identity platform spec | Canonical identity, passkey, MFA, OAuth, and org auth roadmap | -| `learning_ai_auth_app` | Standalone MFA/TOTP/device trust mobile app | Cross-product auth companion and secure approval UX | +| `learning_ai_auth_app` | SmartAuth identity platform spec + standalone MFA/TOTP/device trust mobile app | Canonical identity, passkey, MFA, OAuth, org auth roadmap + cross-product auth companion and secure approval UX | | `learning_ai_efforise` | Identity-based habit tracking | Habit engine, nudges, streaks, effort scoring, lightweight wellness loops | | `learning_ai_productivity_web` | Internal Next.js utilities shell | Fast internal operations tools, admin prototypes, workflow utilities | | `learning_ai_mac_tooling` | Mac security audit, exfiltration detection, menu bar app | Device trust, data loss prevention, endpoint telemetry, secure desktop posture | @@ -78,8 +76,7 @@ This is not a line-by-line code audit. It is a systematic ecosystem opportunity The workspace has unusually strong raw ingredients for a serious ecosystem-grade trust layer: -- `learning_ai_smart_auth` defines the auth direction -- `learning_ai_auth_app` provides the approval/MFA companion surface +- `learning_ai_auth_app` defines the auth direction (SmartAuth PRD/roadmap) and provides the approval/MFA companion surface - `learning_ai_common_plat` already hosts product-agnostic auth - `learning_ai_mac_tooling` can contribute device trust and exfiltration signals - `learning_ai_trails` can contribute agent approval and action replay @@ -361,13 +358,10 @@ These journeys should be used as the main acceptance test for cross-product arch - Publish a machine-readable capability matrix for models and hardware. - Feed recommendation outputs into Local Memory GPT, Cowork, and any offline-capable products. -### `learning_ai_smart_auth` +### `learning_ai_auth_app` (SmartAuth) -- Move from spec-only posture toward a concrete reference architecture doc that maps directly to platform-service modules, auth-app features, and device trust integrations. - -### `learning_ai_auth_app` - -- Expand beyond login MFA into ecosystem action approval, budget escalation approval, and org admin confirmation. +- Move the SmartAuth PRD/roadmap (now living in `docs/` of this repo) from spec-only posture toward a concrete reference architecture doc that maps directly to platform-service modules and device trust integrations. +- Expand the companion app beyond login MFA into ecosystem action approval, budget escalation approval, and org admin confirmation. - Add explicit support for approving agent runs and sensitive exports. ### `learning_ai_efforise` @@ -435,12 +429,12 @@ These journeys should be used as the main acceptance test for cross-product arch | ----------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------ | ------ | ----------------------------------------------------------------------------------------------------- | | Shared artifact schema | `learning_ai_common_plat` | `learning_voice_ai_agent`, `learning_ai_notes`, `learning_multimodal_memory_agents`, `learning_ai_flowmonk`, `oss/learning_ai_claw-cowork` | High | Medium | It unblocks memory, search, provenance, timelines, and agent output reuse | | Shared event taxonomy + action log | `learning_ai_common_plat` + `learning_ai_trails` | `oss/learning_ai_claw-cowork`, `learning_ai_flowmonk`, `learning_ai_jarvis_jr`, `learning_voice_ai_agent` | High | Medium | It turns fragmented agent/product telemetry into one reviewable substrate | -| Unified approvals and trust model | `learning_ai_smart_auth` + `learning_ai_auth_app` + `learning_ai_trails` | `oss/learning_ai_claw-cowork`, `learning_ai_mac_tooling`, `learning_ai_common_plat` | High | Medium | It creates one policy model for login, step-up auth, and agent approvals | +| Unified approvals and trust model | `learning_ai_auth_app` (SmartAuth) + `learning_ai_trails` | `oss/learning_ai_claw-cowork`, `learning_ai_mac_tooling`, `learning_ai_common_plat` | High | Medium | It creates one policy model for login, step-up auth, and agent approvals | | Shared agent runtime contract | `learning_ai_common_plat` | `oss/learning_ai_claw-code-oss`, `oss/learning_ai_claw-cowork`, `learning_ai_flowmonk`, `learning_ai_jarvis_jr`, `learning_ai_trails` | High | Medium | It prevents each agent product from reinventing session state, todos, approvals, and resume flows | | Transcript -> note -> memory pipeline | `learning_voice_ai_agent` + `learning_ai_notes` + `learning_multimodal_memory_agents` | `learning_ai_common_plat` | High | Medium | It creates immediate user-visible value across three flagship products | | Plan -> routine -> habit handoff | `learning_ai_flowmonk` + `learning_ai_clock` + `learning_ai_efforise` | `learning_ai_common_plat` | High | Medium | It turns planning into follow-through instead of isolated planning data | | Cowork -> Trail -> Notes -> Memory flow | `oss/learning_ai_claw-cowork` + `learning_ai_trails` + `learning_ai_notes` + `learning_multimodal_memory_agents` | `learning_ai_common_plat` | High | High | It creates a differentiated audited-agent workflow that few ecosystems have | -| Device trust ingestion | `learning_ai_mac_tooling` + `learning_ai_common_plat` | `learning_ai_smart_auth`, `learning_ai_auth_app`, `oss/learning_ai_claw-cowork` | Medium | Medium | It upgrades desktop/agent safety with existing assets already in the workspace | +| Device trust ingestion | `learning_ai_mac_tooling` + `learning_ai_common_plat` | `learning_ai_auth_app` (SmartAuth), `oss/learning_ai_claw-cowork` | Medium | Medium | It upgrades desktop/agent safety with existing assets already in the workspace | | Shared browser and desktop dispatch layer | `learning_ai_common_plat` + `oss/learning_ai_claw-cowork` | `learning_ai_notes`, `learning_ai_flowmonk`, `learning_multimodal_memory_agents`, `learning_ai_trails` | High | Medium | It lowers capture friction and creates one route from browser or mobile into agent-assisted workflows | | Shared marketplace inventory model | `learning_ai_common_plat` | `learning_ai_jarvis_jr`, `oss/learning_ai_claw-cowork`, `learning_ai_notes`, `learning_ai_flowmonk`, `learning_ai_clock` | High | High | It can unify monetization and reusable asset distribution | | Shared personal timeline | `learning_ai_common_plat` | Almost all product repos | High | High | It becomes the ecosystem shell once events and artifacts are standardized | diff --git a/docs/ecosystem/adoption/README.md b/docs/ecosystem/adoption/README.md index c0f0946e..68f1ac69 100644 --- a/docs/ecosystem/adoption/README.md +++ b/docs/ecosystem/adoption/README.md @@ -22,8 +22,7 @@ Current docs: - [`learning_ai_efforise.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_efforise.md) - [`learning_ai_trails.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_trails.md) - [`learning_ai_claw-cowork.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_claw-cowork.md) -- [`learning_ai_smart_auth.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_smart_auth.md) -- [`learning_ai_auth_app.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_auth_app.md) +- [`learning_ai_auth_app.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_auth_app.md) (SmartAuth — merged from learning_ai_smart_auth) - [`learning_ai_mac_tooling.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_mac_tooling.md) - [`learning_ai_jarvis_jr.md`](/Users/saravana/BytelystAI/learning_ai/learning_ai_common_plat/docs/ecosystem/adoption/learning_ai_jarvis_jr.md) diff --git a/docs/ecosystem/adoption/learning_ai_auth_app.md b/docs/ecosystem/adoption/learning_ai_auth_app.md index 6a3a0fda..fe366c89 100644 --- a/docs/ecosystem/adoption/learning_ai_auth_app.md +++ b/docs/ecosystem/adoption/learning_ai_auth_app.md @@ -1,16 +1,19 @@ -# Adoption: learning_ai_auth_app +# Adoption: learning_ai_auth_app (SmartAuth) > **Status:** Planned hardening adopter -> **Owner:** `learning_ai_auth_app` -> **Ecosystem focus:** approval capture, decision confirmation, and trust-aware action authorization +> **Owner:** `learning_ai_auth_app` (formerly split across `learning_ai_smart_auth` + `learning_ai_auth_app` — merged May 2026) +> **Ecosystem focus:** identity trust signals + approval capture + decision confirmation + trust-aware action authorization --- ## Goals +- expose identity trust state through shared ecosystem trust semantics +- provide reusable step-up decisions to runtime consumers and other products - provide one approval UX for agent, auth, and destructive-action decisions - consume canonical approval payloads rather than product-specific prompts - preserve approval lineage for ActionTrail and runtime replay +- avoid product-local approval policy forks ## Expected Contract Touchpoints @@ -20,6 +23,15 @@ ## Planned Adoption Scope +### Identity & Trust (SmartAuth backend in platform-service) + +- map SmartAuth identity posture into canonical trust levels +- emit trust-related events without leaking provider-specific auth details +- provide reusable approval prerequisites to Cowork, FlowMonk, and future agent products +- support approval reuse decisions based on identity trust state + +### Approval UX (Auth companion app) + - consume canonical approval records and shared approval prompt metadata - support session-scoped and run-scoped approval reuse windows - render why an approval is required using trust and risk inputs @@ -27,6 +39,9 @@ ## Verification Checklist +- [ ] identity trust levels map cleanly into the shared taxonomy +- [ ] step-up-required cases are emitted or exposed consistently +- [ ] approval consumers can evaluate SmartAuth trust state without provider-specific logic - [ ] approval payload renders without product-specific branching - [ ] approval decisions map into canonical approval events - [ ] approval reuse, expiry, and denial states are visible to downstream consumers @@ -34,9 +49,12 @@ ## Risks +- auth-provider-specific signals may not map cleanly into one canonical trust model +- over-sharing auth internals would create security and privacy risk - approval UX may become too generic unless action-specific context is preserved - stale approval decisions would be dangerous if expiry and reuse rules are weak ## Commits -- `065c025` added this adoption plan +- `065c025` added this adoption plan (originally split across smart_auth + auth_app) +- May 2026: merged the two adopter docs after consolidating `learning_ai_smart_auth` into `learning_ai_auth_app` diff --git a/docs/ecosystem/adoption/learning_ai_smart_auth.md b/docs/ecosystem/adoption/learning_ai_smart_auth.md deleted file mode 100644 index 1d49b160..00000000 --- a/docs/ecosystem/adoption/learning_ai_smart_auth.md +++ /dev/null @@ -1,42 +0,0 @@ -# Adoption: learning_ai_smart_auth - -> **Status:** Planned hardening adopter -> **Owner:** `learning_ai_smart_auth` -> **Ecosystem focus:** identity trust signals for approvals, runtime gating, and step-up policy - ---- - -## Goals - -- expose identity trust state through shared ecosystem trust semantics -- provide reusable step-up decisions to Auth App and runtime consumers -- avoid product-local approval policy forks - -## Expected Contract Touchpoints - -- `ECOSYSTEM_APPROVALS_AND_TRUST_MODEL.md` -- `ECOSYSTEM_EVENT_TAXONOMY.md` -- `ECOSYSTEM_AGENT_RUNTIME_CONTRACT.md` - -## Planned Adoption Scope - -- map SmartAuth identity posture into canonical trust levels -- emit trust-related events without leaking provider-specific auth details -- provide reusable approval prerequisites to Cowork, FlowMonk, and future agent products -- support approval reuse decisions based on identity trust state - -## Verification Checklist - -- [ ] identity trust levels map cleanly into the shared taxonomy -- [ ] step-up-required cases are emitted or exposed consistently -- [ ] approval consumers can evaluate SmartAuth trust state without provider-specific logic -- [ ] tracker updated with implementation commit links - -## Risks - -- auth-provider-specific signals may not map cleanly into one canonical trust model -- over-sharing auth internals would create security and privacy risk - -## Commits - -- `065c025` added this adoption plan diff --git a/scripts/update-agent-docs.sh b/scripts/update-agent-docs.sh index 3b070f83..77399e85 100755 --- a/scripts/update-agent-docs.sh +++ b/scripts/update-agent-docs.sh @@ -154,17 +154,9 @@ set_meta() { LINT2="cd backend && npm run typecheck 2>&1 | tail -10" LINT3="cd web && npm run typecheck 2>&1 | tail -10" ;; - learning_ai_smart_auth) - NAME="ByteLyst SmartAuth"; ID="smartauth" - STACK="Design/docs repo extending platform-service auth, shared auth packages, and native SDKs" - BUILD_VFY="cd ../learning_ai_common_plat && pnpm build && pnpm test && pnpm typecheck" - LINT1="cd ../learning_ai_common_plat && pnpm build 2>&1 | tail -10" - LINT2="cd ../learning_ai_common_plat && pnpm test 2>&1 | tail -10" - LINT3="cd ../learning_ai_common_plat && pnpm typecheck 2>&1 | tail -10" - ;; learning_ai_auth_app) - NAME="ByteLyst Auth"; ID="smartauth" - STACK="SwiftUI (iOS/Watch) + Jetpack Compose (Android) — no separate backend" + NAME="ByteLyst SmartAuth"; ID="smartauth" + STACK="SwiftUI (iOS/Watch) + Jetpack Compose (Android) companion app + PRD/roadmap for auth features extending platform-service in common-plat" BUILD_VFY="cd ios && xcodegen generate && xcodebuild -scheme ByteLystAuth -sdk iphonesimulator build && cd ../android && ./gradlew :app:assembleDebug" LINT1="cd ios && xcodegen generate >/dev/null 2>&1 && xcodebuild -scheme ByteLystAuth -sdk iphonesimulator build 2>&1 | tail -20" LINT2="cd android && ./gradlew :app:assembleDebug 2>&1 | tail -20"