Freeze OMNL-backed SCSM first-slice status

docs/03-deployment/DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md

@@ -1,6 +1,6 @@
 # DBIS RTGS E2E Requirements Matrix
 
-**Last updated:** 2026-03-28  
+**Last updated:** 2026-03-29  
 **Purpose:** Canonical implementation matrix for the full DBIS RTGS stack across Chain 138, OMNL / Fineract, HYBX sidecars, and the related Hyperledger layers. This document turns the RTGS TODO section into an executable requirements and production-gate artifact.
 
 ## Status legend
@@ -26,12 +26,12 @@
 | Ursa | Planned | Identity / cryptography architecture lead | [DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md](DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md), [TODO_TASK_LIST_MASTER.md](../00-meta/TODO_TASK_LIST_MASTER.md) | No explicit runtime control or deployment model defined | Decide in/out of scope; if in, document cryptographic role and operational dependency model |
 | Cacti | Planned | Interoperability architecture lead | [dbis_chain_138_technical_master_plan.md](../../dbis_chain_138_technical_master_plan.md) | Not proven as current live interoperability engine | Decide in/out of scope; if in, deploy and validate real cross-ledger integration path |
 | Caliper | Planned | Performance / QA lead | [CALIPER_CHAIN138_PERF_HOOK.md](CALIPER_CHAIN138_PERF_HOOK.md) | Hook exists, benchmark harness not yet routine | Add benchmark harness and run approved RTGS workload profiles |
-| OMNL / Fineract API rail | Partial | OMNL / banking ops | [HYBX_BATCH_001_OPERATOR_CHECKLIST.md](../04-configuration/mifos-omnl-central-bank/HYBX_BATCH_001_OPERATOR_CHECKLIST.md), [scripts/omnl](../../scripts/omnl), [API_DOCUMENTATION.md](../11-references/API_DOCUMENTATION.md) | Full production package flow not yet frozen as canonical RTGS rail | Office / GL / JE / snapshot / package flow runs cleanly against live API and is operator-repeatable |
-| Mifos X frontend / Fineract tenant | Partial | OMNL / banking ops | [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md), Mifos deployment docs | Need confirmed prod tenancy, auth, and operating procedures for RTGS workload | UI/API confirmed healthy, tenant/auth stable, operator runbook complete |
+| OMNL / Fineract API rail | Partial | OMNL / banking ops | [HYBX_BATCH_001_OPERATOR_CHECKLIST.md](../04-configuration/mifos-omnl-central-bank/HYBX_BATCH_001_OPERATOR_CHECKLIST.md), [scripts/omnl](../../scripts/omnl), [API_DOCUMENTATION.md](../11-references/API_DOCUMENTATION.md) | Full production package flow and participant model are not yet frozen as the canonical RTGS rail | Office / GL / JE / snapshot / package flow runs cleanly against live API and is operator-repeatable |
+| Mifos X frontend / Fineract tenant | Partial | OMNL / banking ops | [ALL_VMIDS_ENDPOINTS.md](../04-configuration/ALL_VMIDS_ENDPOINTS.md), Mifos deployment docs | Authenticated tenant is now proven live for sidecar posting, but operator runbook and production participant model remain incomplete | UI/API confirmed healthy, tenant/auth stable, operator runbook complete |
 | HYBX participant / office / treasury model | Planned | Banking architecture lead | OMNL scripts and central-bank config | Participant model and treasury structure not yet frozen end-to-end | Office IDs, treasury accounts, GL mapping, nostro/vostro model, and settlement roles are documented and accepted |
 | Mojaloop integration | Planned | Payments interoperability lead | [DBIS_MOJALOOP_INTEGRATION_STATUS.md](DBIS_MOJALOOP_INTEGRATION_STATUS.md) | No proven live Mojaloop switch endpoint set or callback contract in repo-backed state | Endpoint/auth contract documented, quote/transfer/callback flow integrated, settlement-window behavior mapped to accounting and chain settlement |
 | HYBX sidecar layer | Partial | HYBX app / integration lead | [DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md](DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md) | Sidecars available, but full orchestration and system-of-record ownership not yet frozen | Sidecar-by-sidecar purpose, auth, ingress/egress, retries, and system-of-record ownership documented and validated |
-| `mifos-fineract-sidecar` | Partial | HYBX integration lead | [DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md](DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md), [DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md](DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md) | Runtime is deployed on Proxmox and healthy, but authenticated Fineract tenant flow is not yet frozen | Sidecar API and event flow documented and validated against live Fineract rail |
+| `mifos-fineract-sidecar` | Partial | HYBX integration lead | [DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md](DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md), [DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md](DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md) | Runtime is deployed on Proxmox, healthy, and has completed one authenticated live OMNL posting, but chain-settlement and evidence legs are still open | Sidecar API and event flow documented, at least one authenticated live transfer completed, and downstream settlement/evidence path validated |
 | `mt103-hardcopy-sidecar` | Partial | HYBX integration lead | [DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md](DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md) | Ingestion path not yet tied into canonical RTGS workflow | MT103 ingest to settlement and evidence path is documented and tested |
 | `off-ledger-2-on-ledger-sidecar` | Partial | HYBX integration lead | [DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md](DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md), [DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md](DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md) | Runtime is deployed on Proxmox and healthy, but canonical off-ledger source event and authenticated Fineract flow are not yet frozen | Canonical mapping from off-ledger event to Chain 138 settlement defined and tested |
 | `securitization-engine-sidecar` | Partial | HYBX integration lead | [DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md](DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md) | Regulatory/accounting role not yet tied into RTGS runbook | Accounting and reporting responsibilities explicitly mapped and validated |
@@ -54,21 +54,25 @@ The current recommended first production slice is frozen in:
 - [DBIS_RTGS_FIRST_SLICE_ARCHITECTURE.md](DBIS_RTGS_FIRST_SLICE_ARCHITECTURE.md)
 - [DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md](DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md)
 
-As of 2026-03-28, the following first-slice sidecars are at least build-verified locally:
+As of 2026-03-29, the following first-slice sidecars are deployed on Proxmox VE and runtime-healthy:
 
 - `mifos-fineract-sidecar`
 - `server-funds-sidecar`
 - `off-ledger-2-on-ledger-sidecar`
 
-That is not yet equivalent to production deployment. The deployment checklist remains the gate for Proxmox promotion and live RTGS flow validation.
+Additional proven fact for the first slice:
+
+- `mifos-fineract-sidecar` has completed at least one authenticated live transfer into OMNL / Fineract with verified debit/credit journal entries (`transactionId: a16a10b3bc47`).
+
+This is still not equivalent to full RTGS production completion. The deployment checklist remains the gate for chain settlement, evidence output, and the remaining sidecar lanes.
 
 ## Immediate execution priorities
 
 ### Priority 1 — Freeze the canonical banking rail
 
-1. Confirm the exact OMNL / Fineract tenant, auth, and operator path to use for RTGS.
-2. Freeze the canonical HYBX batch / settlement operator flow.
-3. Lock the participant / treasury / GL model.
+1. Freeze the canonical HYBX batch / settlement operator flow on top of the now-proven OMNL tenant/auth path.
+2. Lock the participant / treasury / GL model.
+3. Extend authenticated business-flow validation beyond SCSM into the remaining in-scope sidecars.
 
 ### Priority 2 — Freeze the interoperability path
 

docs/03-deployment/DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md

@@ -1,6 +1,6 @@
 # DBIS RTGS First Slice Deployment Checklist
 
-**Last updated:** 2026-03-28  
+**Last updated:** 2026-03-29  
 **Purpose:** Convert the first-slice RTGS architecture into a deployable checklist for Proxmox VE and live operator validation. This document is intentionally narrower than the full RTGS program. It only covers the components chosen for the initial production slice.
 
 ## Scope
@@ -67,11 +67,28 @@ As of 2026-03-28/29:
   - Redis: active
   - health: `UP`
 
+What is now proven:
+
+- the canonical authenticated OMNL / Fineract tenant flow is live for the SCSM lane:
+  - base URL: `https://omnl.hybxfinance.io/fineract-provider/api/v1`
+  - tenant: `omnl`
+  - user: `app.omnl`
+- `rtgs-scsm-1` can post authenticated journal-entry batches into OMNL / Fineract
+- one canonical live transfer has completed through the deployed sidecar runtime:
+  - sidecar response:
+    - `messageId: c6e44bc8-aa04-4eba-b983-6293967f24b7`
+    - `transactionId: a16a10b3bc47`
+    - `status: COMPLETED`
+  - verified OMNL journal entries:
+    - debit `GL 1410` amount `1.11`
+    - credit `GL 2100` amount `1.11`
+    - comments `SCSM transfer c6e44bc8-aa04-4eba-b983-6293967f24b7`
+
 What is still not complete:
 
-- the canonical authenticated Fineract tenant flow is not yet frozen in the sidecar runtime
-- the sidecars can reach the live Fineract endpoint at the HTTP layer, but current checks stop at `400 Bad Request` without the final request/auth contract
-- no canonical RTGS transaction has yet been executed across OMNL / Fineract, sidecar logic, Chain 138 settlement, and final evidence output
+- the participant / office / treasury / GL model is not yet frozen as the full RTGS production model
+- `server-funds-sidecar` and `off-ledger-2-on-ledger-sidecar` are runtime-healthy, but do not yet have equivalent authenticated business-flow validation
+- the canonical RTGS flow is not yet complete across OMNL / Fineract, sidecar logic, Chain 138 settlement, and final evidence output
 
 ## Runtime deployment baseline
 
@@ -87,7 +104,7 @@ What is still not complete:
 
 ### OMNL / Fineract
 
-- [ ] Confirm the exact production tenant, auth path, and base URL
+- [x] Confirm the exact production tenant, auth path, and base URL
 - [ ] Freeze the operator runbook and canonical batch flow
 - [ ] Confirm the participant / office / treasury / GL model used by the sidecars
 
@@ -122,9 +139,10 @@ What is still not complete:
 **Deployment gate before Proxmox promotion:**
 - [ ] Confirm production DB target
 - [ ] Confirm Redis target
-- [ ] Confirm Fineract base URL and tenant/auth
-- [ ] Prove `/actuator/health/readiness` healthy with production-like dependencies
-- [ ] Validate one canonical transfer request path against the intended Fineract rail
+- [x] Confirm Fineract base URL and tenant/auth
+- [x] Prove `/actuator/health/readiness` healthy with production-like dependencies
+- [x] Validate one canonical transfer request path against the intended Fineract rail
+- [ ] Eliminate the current hard-stop / forced-restart workaround needed for some jar upgrades on the SCSM systemd unit
 
 ### `server-funds-sidecar`
 
@@ -209,7 +227,8 @@ What is still not complete:
 
 - [x] Process starts under systemd / container supervisor
 - [x] Health endpoints return healthy
-- [ ] API base paths respond for a canonical business flow
+- [x] `mifos-fineract-sidecar` API base path responds for a canonical business flow
+- [ ] `server-funds-sidecar` and `off-ledger-2-on-ledger-sidecar` API base paths respond for canonical business flows
 - [x] Logs show no dependency boot failures for current runtime boot
 - [x] Sidecar can reach Fineract at the HTTP layer
 - [x] Sidecar can reach required local Redis dependency
@@ -217,7 +236,7 @@ What is still not complete:
 
 ### Functional verification
 
-- [ ] `mifos-fineract-sidecar` processes one canonical transfer
+- [x] `mifos-fineract-sidecar` processes one canonical transfer
 - [ ] `server-funds-sidecar` processes one canonical funds/approval flow if in scope
 - [ ] `off-ledger-2-on-ledger-sidecar` processes one canonical conversion/settlement flow
 - [ ] Chain 138 receives and records the intended settlement leg where applicable