Vault is the Project Telos private-line access recovery surface. It is currently housed in the Kun repository. Its public value is the operating pattern, not the credential material: path-only receipts, manual diagnostics, rotation discipline, operator-only publication bounds, and a clear separation between developer-facing documentation and live recovery material.
This repository's public-safe surface is intentionally value-free. Treat Vault as internal infrastructure for recovering and validating operator access, while repository-facing summaries describe architecture, verification checks, and boundaries without copying live endpoints, credential paths, passphrases, key material, or private access values.
GitHub description: Vault: Project Telos access-recovery vault with path-only receipts and operator-owned credential boundaries.
Vault gives the private line a controlled recovery substrate. The useful shape is not "a repository with secrets"; it is a narrow operating contract:
- recovery material stays in a private vault;
- operator documentation points to runbooks instead of inlining live values;
- diagnostics are manual-only and read-only by default;
- rotation scratch material stays ignored until deliberately promoted;
- receipts expose verdicts and path references without raw credential values.
This is the access-side complement to Ledger, Lab, Runtime, and Boundary. Ledger (Sofer) orchestrates work, Lab supplies native capability, Runtime packages local runtime state, Boundary calibrates IO, and Vault preserves the recovery channel without widening the model boundary.
Run read-only checks from the repository root.
python scripts/kun_doctor.py status --json
python scripts/kun_doctor.py doctor --json
python scripts/kun_doctor.py demo --json
python -m pytest tests/test_kun_doctor.py -qFor setup, verification, and boundary details, see USAGE.md. For operator recovery, use the dedicated private runbooks already in this repository; do not copy their live values into README, changelog, issues, public forums, or model-facing summaries.
Vault changes should be local-first and receipt-backed. The safe development loop is:
python -m pytest tests/test_kun_doctor.py tests/test_kun_forward_delivery.py -q
python -m public_surface_sweeper . --workspace --json
python scripts/kun_doctor.py doctor --jsonDo not expand live access behavior in documentation-only changes. Do not push this repository while it remains a private access vault unless the operator has explicitly finalized the rotation/publication decision.
| Surface | Status |
|---|---|
| CLI JSON | python scripts/kun_doctor.py status|doctor|demo --json |
| Runtime posture | read-only local checks; no live auth touched |
| Diagnostic posture | manual workflow only; no push or pull-request trigger |
| Privacy boundary | hosts receive check ids, verdicts, and path references only |
| Recovery boundary | private runbooks stay operator-only; README stays value-free |
| Integration | Aleph private-line doctor executes kun.doctor as a native check |
| Companion tools | Ledger, Lab, Runtime, and Boundary consume Vault as a bounded private-line access substrate |
| Path | Purpose |
|---|---|
scripts/kun_doctor.py |
JSON status, doctor, and demo envelopes |
tests/ |
Receipt and forward-delivery regression tests |
USAGE.md |
Developer install, run, verify, and boundary guide |
AGENTS.md |
Operator and agent working rules |
docs/PRIVATE_LINE.md |
Private-line component contract |
ZERO-TO-ACCESS.md |
Operator recovery runbook; keep private |
PORTAL.md |
Operator portal runbook; keep private |
access/README.md |
Sanitized local-vault boundary; live access/ssh/ and access/tor/ material stays untracked |
- Visibility: public repository for value-free docs and receipts; private live material remains local/operator-only and ignored.
- Runtime posture: read-only local doctor and manual diagnostics.
- Publication posture: publishable only when tracked access material is limited to sanitized boundary docs.
- Delivery posture: root README, usage docs, changelog, authorship, contribution guidance, license marker, and visual identity are present.