Update all module paths and import statements from github.com/tutus-one
to git.marketally.com/tutus-one for self-hosted Git server migration.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Ancora enhancements:
- Add audit logging integration for all operations
- Provider registration, data root updates, erasure operations
- getAuditLog query method for GDPR transparency
Test infrastructure:
- Add vitahelper package for registering test Vitas
- Add tutustest helpers: crosscontract, events, government, roles
- Fix DataTypePresence constant in Ancora test
State updates:
- Fix state_anchors TreeAlgorithm enum values
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add three key security mechanisms for the Tutus blockchain:
1. Commit-Reveal for Investments (collocatio.go)
- Two-phase investment pattern to prevent front-running attacks
- User commits hash(amount || nonce || investor), waits 10 blocks,
then reveals actual amount with nonce for verification
- Methods: commitInvestment, revealInvestment, cancelCommitment
- InvestmentCommitment state type with CommitmentStatus enum
- Configurable delay (10 blocks) and reveal window (1000 blocks)
2. Whale Concentration Limits (collocatio.go)
- Enforces max 5% (configurable) of opportunity pool per investor
- Prevents wealth concentration in investment opportunities
- Check performed in invest() method before accepting investment
3. Sybil Resistance Vesting (vita.go)
- New Vita tokens have 30-day vesting period (2,592,000 blocks)
- VestedUntil field added to Vita state struct
- Methods: setVesting (committee), isFullyVested, getVestingInfo
- Cross-contract methods: IsFullyVestedInternal, GetVestedUntil
- Prevents mass creation of fake identities for manipulation
Documentation:
- Added docs/ADR-008-UI-Implementation-Guide.md for frontend developers
with code examples, flow diagrams, and error handling guidance
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Convert CRLF to LF line endings in native contract and state files
modified during security remediation. Ensures consistent line endings
across Windows and Linux development environments.
Files normalized:
- pkg/core/native/*.go (15 files)
- pkg/core/state/*.go (3 files)
- devnotes.md
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement the Collocatio (Latin for "placement/arrangement") contract
providing a three-tier investment framework for citizens:
- PIO (Public Investment Opportunity): Universal citizen access to
infrastructure investments - any citizen can invest small amounts
in public projects like roads, schools, hospitals
- EIO (Employee Investment Opportunity): Workplace democracy for
verified employees - invest in their employer's projects with
preferential terms and voting rights
- CIO (Contractor Investment Opportunity): Gig economy empowerment -
verified contractors can invest in platforms they work with
Core Features:
- Investment opportunities with configurable parameters
- Eligibility system integrated with Vita (soul-bound identity)
- Cross-contract integration with VTS, Tribute, and Eligere
- Democratic oversight through Eligere voting
- Wealth concentration limits via Tribute integration
- Education verification through Scire integration
Contract Methods:
- createOpportunity: Create PIO/EIO/CIO with terms
- activateOpportunity: Enable investment period
- invest: Make investment with eligibility checks
- withdraw: Exit with maturity/penalty rules
- setEligibility: RoleInvestmentManager (ID 28) sets eligibility flags
- isEligible: Check investor eligibility for opportunity types
Contract ID: -25
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Tutus Development