# LogicSeal.ai — Extended machine-readable brief (llms-full) > Use this file when agents need **deeper** context than `llms.txt`: architecture, public routes, operator surfaces, and crawl hints. **Canonical short summary:** `https://logicseal.ai/llms.txt` ## Mirrors - `https://logicseal.ai/llms-full.txt` (this payload) - `https://logicseal.ai/.well-known/llms-full.txt` → redirects to the URL above **Nav-free Markdown:** `https://logicseal.ai/agents/overview.md` (see **`/llms.txt`** → *Nav-free Markdown extracts*). --- ## Executive definition LogicSeal is **mathematical compliance for algorithmic alpha**: a **zero-trust cryptographic gateway** that adjudicates, hashes, and seals structured trade intents before execution. **Heuristic pre-check** is often **under 50ms**; **synchronous SLM adjudication** on the hot path is typically **sub-second** (~800ms class). The **Brain** combines heuristics with **vector-grounded + deterministic SLM JSON** verdicts; the **Core** persists **immutable SHA-256-bound receipts** and **dual-writes Merkle settlement** artifacts on verified production paths (batch root anchoring is **async**). **Escalation** (signed HMAC webhooks + async **Remediator**) runs **after** HTTP **200**. **Four pillars:** Shield → Brain → Core → Escalation. **Commercial model:** Bespoke **Experience Delivery Network** deployments (statement of work). **No** self-serve hosted checkout in this repository; **`/pricing`** is removed ( **`next.config.ts`** redirects **`/pricing`** → **`/`** ). **Billing and provisioning:** Architect Admin Shell + manual Clerk invitations. --- ## Public marketing & narrative URLs | Path | Role | |------|------| | `/` | **`HomePageNext`**: **`ApiWedgeHero`** (`#get-started`) — *PROVE EVERY BOT TRADE — BEFORE IT HITS THE MARKET.* + mono subhead (**`text-cyan-500/80`**) on Audit Insurance for $100M+ RIAs, interception, remediation, Merkle evidence, 2026 SEC examination posture + **REQUEST DRIFT SCAN** (institutional gate → Cal.com); hero band **`bg-zinc-950`**. **`EnforcementGap2026Section`** (`#enforcement-gap-2026`) — three **`VaultCard`** threats (AI-washing, black box, sub-second liability). **`ArchitectureSieveSection`** (`#architecture-sieve`) — sieve tier strip + dashed pipeline. **`HomeScopeDisclaimer`** (`#scope-liability` — borderless mono demarcation, **`divide-white/10`**), **`EnterpriseCTADock`** on **`app/page.tsx`** (fixed bottom-right from **`lg`**; below **`lg`**, in-flow above footer) (**RECON // ASSESS RISK** → **`SovereignRiskBriefingModal`** — VaultCard, dance, 100%/12% bars; **INITIATE CONNECT** → institutional gate → Cal with calculator **`notes`**). No homepage **`#pricing`** band; no embedded public POST `/api/hash` terminal on the hero. | | `/verify/[hash]` | Public read-only receipt shell (marketing/demo); sign in for Supervisor depth. | | `/resources/briefing`, `/architecture` | Retired — **`next.config.ts`** redirects (see repo). | | `/vpc-shield`, `/docs/vpc-shield` | Retired — permanent redirect to **`/`** (**`next.config.ts`**). | | `/docs/vpc-forensic-infrastructure` | Retired — permanent redirect to **`/#architecture-sieve`**. | | `/terms`, `/aup`, `/privacy` | Legal prose under **`app/(legal)/`**; global **`SiteHeader`** via **`RetailSiteHeaderGate`**. | **Authenticated (Clerk):** `/sandbox`, `/sentinel`, `/fortress`, `/protocol`, `/supervisor`, `/dashboard/*` — same retail header unless excluded (**`/admin`**, **`/vault`**). **Auth redirects:** **`/sign-up`** → **`/sign-in`** ( **`next.config.ts`** ). --- ## Site hold (`NEXT_PUBLIC_SITE_HOLD`) - **`1`:** Root **`app/layout.tsx`** returns **`ProtocolStandby`** only for HTML (no **`ClerkProvider`**, **`{children}`**, **`GlobalFooter`**, GA, JSON-LD). - **`0` or unset:** Normal shell. - **`proxy.ts`:** When hold is **`1`**, non-**`/api/`** paths skip **`auth.protect()`** so standby renders instead of Clerk redirect. --- ## APIs (conceptual) - **Hash ingress:** `POST /api/hash` (legacy); versioned intent under **`/api/v1/hash/intent`** (structured agent contracts). - **Bulk:** `POST /api/hash/bulk` — batch caps are **contract / deployment** scoped (historic defaults in code: up to **50 / 250 / 500** per request mapped to ledger tier keys where still present). - **Supervisor PRR:** `GET /api/v1/supervisor/export-prr/[hash]` — Process Reconstruction Record JSON; org-scoped authorized users receive **full** PRR (**`X-LogicSeal-PRR-Scope: full`**). Partial/redacted payloads remain available only as a codepath for legacy compatibility. - **Bridge sentiment:** `POST /api/v1/bridge/sentiment` — **`Authorization: Bearer`** ( **`bridge_api_keys`** then **`api_keys`** hash lookup). Body **`ticker`**, **`asset_class`**. Response **`sentiment_score`**, **`cryptographic_receipt`**; **`bridge_telemetry_ledger`** append (**`telemetry_kind`** sentiment). - **Bridge risk overlay:** `POST /api/v1/bridge/risk-overlay` — same auth. Body **`ticker`**, **`proposed_volume`**, **`current_price`**. Response **`status`** (**`APPROVED`** / **`HALTED`**), **`risk_factor`**, **`reason`**; ledger append (**`telemetry_kind`** risk_overlay, stable JSON **`payload_hash`**). - **Hosted payment webhooks:** **Not shipped.** No in-repo card-processor subscription webhook routes. --- ## Clerk webhooks **`POST /api/webhooks/clerk`** — **Svix** signature verification with **`CLERK_WEBHOOK_SECRET`** only. No automatic **`publicMetadata.tier`** stamping and no **14-day reverse trial** lifecycle in product code paths. --- ## Ledger (`sandbox_ledger`) Per-user **`tier`**, **`api_key`**, **`firm_id`**, metering fields. Some Supabase deployments may retain unused legacy columns from older migrations; **tier and access are operator- and contract-driven** — not synced from hosted consumer checkout in this repository. --- ## Telemetry & internal alerts - **Inngest:** **`system.hot_path_fault`** may post to **`SLACK_WEBHOOK_URL`** when configured. **`firm.activated`** and **`billing.burst_engaged`** internal Slack functions are **removed**. - **Product telemetry:** **`POST /api/telemetry/events`** and optional **`PQL_WEBHOOK_URL`** paths — see **`docs/PLATFORM.md` → Telemetry & alert matrix** (trimmed for bespoke posture). --- ## Architect / operator - **`/admin`**, **`/admin/outbound`**, **`/admin/delivery`**, **`/admin/traffic`** — Strike Console, delivery, traffic embed. **No** **`/admin/revenue`** (redirects to **`/admin`**). - **Vault gate:** **`ARCHITECT_SECRET`** cookie gate for legacy architect surfaces — see **`docs/PLATFORM.md`**. - **Sovereign provisioning:** **`POST /api/admin/provision-client`** (Architect auth) — **`provisioned_firms`** + Clerk invitation **`publicMetadata.firm_id`**. - **Restricted list → Edge Config:** Supabase **`firm_restricted_list`**; Inngest **`compliance/restricted_list.updated`** → **`syncRestrictedListToEdgeConfig`** → Vercel **`PATCH /v1/edge-config/{id}/items`** (key **`restricted_list_`**, sanitized). Env **`EDGE_CONFIG`**, **`VERCEL_API_TOKEN`**; optional **`EDGE_CONFIG_ID`**, **`VERCEL_TEAM_ID`**. --- ## JSON-LD Root **`app/layout.tsx`** injects **Organization**, **SoftwareApplication**, **ItemList** (single bespoke product entry), **WebSite**, and **FAQPage**. Keep **`llms.txt`** / **`llms-full.txt`** aligned when marketing meaningfully changes. --- ## What LogicSeal is not Not investment advice; not a replacement for counsel; not a transfer of regulatory liability. Forensic infrastructure and proof artifacts only. --- ## Legal (public) - **Terms of Service:** https://logicseal.ai/terms - **Acceptable Use Policy:** https://logicseal.ai/aup - **Privacy Policy:** https://logicseal.ai/privacy --- ## Contact - https://logicseal.ai - https://logicseal.ai/llms.txt - https://logicseal.ai/llms-full.txt (this file)