Sync workspace: config, docs, scripts, CI, operator rules, and submodule pointers.

- Update dbis_core, cross-chain-pmm-lps, explorer-monorepo, metamask-integration, pr-workspace/chains - Omit embedded publish git dirs and empty placeholders from index Made-with: Cursor
2026-04-12 06:12:20 -07:00
parent 6fb6bd3993
commit dbd517b279
2935 changed files with 327972 additions and 5533 deletions
--- a/scripts/lib/chain138-lan-rpc-inventory.sh
+++ b/scripts/lib/chain138-lan-rpc-inventory.sh
@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+# Chain 138 — LAN HTTP RPC fleet (VMID|IP|min_peers) for health + nonce/gas parity scripts.
+# Source after config/ip-addresses.conf (or expect defaults below).
+# Not intended to be executed directly.
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+  echo "chain138-lan-rpc-inventory.sh: source from another script, do not execute." >&2
+  exit 1
+fi
+#
+# Env:
+#   RPC_MIN_PEERS — default minimum peer count (default 10) for most nodes
+#   CHAIN138_RPC_MIN_PEERS_2103 — hard gate for VMID 2103 Thirdweb admin core (default 3; may run lighter P2P mesh while head stays aligned)
+#   CHAIN138_RPC_WARN_PEERS_2103 — soft warning if peers are below this but still ≥ min (default 6)
+
+# shellcheck disable=SC2034
+_mrp="${RPC_MIN_PEERS:-10}"
+_m2103="${CHAIN138_RPC_MIN_PEERS_2103:-3}"
+
+CHAIN138_LAN_RPC_ROWS=(
+  "2101|${IP_BESU_RPC_CORE_1:-192.168.11.211}|${_mrp}"
+  "2102|${IP_BESU_RPC_CORE_2:-192.168.11.212}|${_mrp}"
+  "2103|${RPC_THIRDWEB_ADMIN_CORE:-192.168.11.217}|${_m2103}"
+  "2201|${IP_BESU_RPC_PUBLIC_1:-192.168.11.221}|${_mrp}"
+  "2301|${IP_BESU_RPC_PRIVATE_1:-192.168.11.232}|${_mrp}"
+  "2303|192.168.11.233|${_mrp}"
+  "2304|192.168.11.234|${_mrp}"
+  "2305|192.168.11.235|${_mrp}"
+  "2306|192.168.11.236|${_mrp}"
+  "2307|192.168.11.237|${_mrp}"
+  "2308|192.168.11.238|${_mrp}"
+  "2400|192.168.11.240|${_mrp}"
+  "2401|192.168.11.241|${_mrp}"
+  "2402|192.168.11.242|${_mrp}"
+  "2403|192.168.11.243|${_mrp}"
+)
+
+unset _mrp _m2103
--- a/scripts/lib/load-project-env.sh
+++ b/scripts/lib/load-project-env.sh
@@ -5,7 +5,7 @@
 # Usage: source "${SCRIPT_DIR}/lib/load-project-env.sh"
 #
 # Env precedence (first wins): 1) .env 2) config/ip-addresses.conf 3) smom-dbis-138/.env 4) dbis_core config
-# Version: 2026-01-31
+# Version: 2026-04-12 (get_host_for_vmid aligned with 2026-04-09 live Chain 138 placement)

 [[ -n "${PROJECT_ROOT:-}" ]] || PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
 export PROJECT_ROOT
@@ -62,16 +62,22 @@ _lpr_dotenv_source "${PROJECT_ROOT}/smom-dbis-138/.env"
 # 3b. Secure secrets (PRIVATE_KEY) — when not set, try ~/.secure-secrets/private-keys.env
 [[ -z "${PRIVATE_KEY:-}" ]] && [[ -f "${HOME}/.secure-secrets/private-keys.env" ]] && _lpr_dotenv_source "${HOME}/.secure-secrets/private-keys.env"

+# 3c. Dedicated keeper key (KEEPER_PRIVATE_KEY) — separate signer for keeper/upkeep flows
+KEEPER_SECRET_FILE="${KEEPER_SECRET_FILE:-${HOME}/.secure-secrets/chain138-keeper.env}"
+[[ -z "${KEEPER_PRIVATE_KEY:-}" ]] && [[ -f "${KEEPER_SECRET_FILE}" ]] && _lpr_dotenv_source "${KEEPER_SECRET_FILE}"
+
 # 4. dbis_core config if present
 [[ -f "${PROJECT_ROOT}/dbis_core/config/dbis-core-proxmox.conf" ]] && _lpr_source_relaxed "${PROJECT_ROOT}/dbis_core/config/dbis-core-proxmox.conf" || true

 # 4b. Strip trailing CR/LF from RPC URL vars (editor mistakes; breaks cast/curl)
-for _lpr_k in RPC_URL_138 RPC_URL CHAIN138_RPC CHAIN138_RPC_URL ETHEREUM_MAINNET_RPC \
+for _lpr_k in RPC_URL_138 RPC_URL CHAIN138_RPC CHAIN138_RPC_URL CHAIN_138_RPC_URL \
+  TOKEN_AGG_CHAIN138_RPC_URL TOKEN_AGGREGATION_CHAIN138_RPC_URL TOKEN_AGGREGATION_PMM_RPC_URL \
+  ETHEREUM_MAINNET_RPC \
  XDC_PARENTNET_URL PARENTNET_URL SUBNET_URL XDC_ZERO_PEER_RPC_URL \
  RPC_URL_138_PUBLIC GNOSIS_MAINNET_RPC GNOSIS_RPC CRONOS_RPC_URL CRONOS_RPC \
  CELO_MAINNET_RPC CELO_RPC WEMIX_RPC WEMIX_MAINNET_RPC BSC_RPC_URL \
  POLYGON_MAINNET_RPC BASE_MAINNET_RPC OPTIMISM_MAINNET_RPC ARBITRUM_MAINNET_RPC \
-  AVALANCHE_RPC_URL AVALANCHE_RPC; do
+  AVALANCHE_RPC_URL AVALANCHE_RPC CHAIN_651940_RPC_URL FLASH_PROVIDER_RPC_URL; do
  _lpr_v="${!_lpr_k:-}"
  [[ -z "$_lpr_v" ]] && continue
  _lpr_v="${_lpr_v%$'\r'}"
@@ -80,13 +86,32 @@ for _lpr_k in RPC_URL_138 RPC_URL CHAIN138_RPC CHAIN138_RPC_URL ETHEREUM_MAINNET
 done
 unset _lpr_k _lpr_v 2>/dev/null || true

+# 4c. economics-toolkit gas-quote overrides: ECONOMICS_GAS_RPC_<chainId> (same strip)
+for _lpr_id in 1 10 25 56 100 137 138 1111 8453 42161 42220 43114 651940; do
+  _lpr_k="ECONOMICS_GAS_RPC_${_lpr_id}"
+  _lpr_v="${!_lpr_k:-}"
+  [[ -z "$_lpr_v" ]] && continue
+  _lpr_v="${_lpr_v%$'\r'}"
+  _lpr_v="${_lpr_v%$'\n'}"
+  export "$_lpr_k=$_lpr_v"
+done
+unset _lpr_k _lpr_v _lpr_id 2>/dev/null || true
+
 # 5. Contract addresses from master JSON (config/smart-contracts-master.json) when not set by .env
 [[ -f "${PROJECT_ROOT}/scripts/lib/load-contract-addresses.sh" ]] && source "${PROJECT_ROOT}/scripts/lib/load-contract-addresses.sh" 2>/dev/null || true

 # Ensure hosts have fallbacks (from config or defaults)
 PROXMOX_HOST_R630_01="${PROXMOX_HOST_R630_01:-${PROXMOX_R630_01:-192.168.11.11}}"
 PROXMOX_HOST_R630_02="${PROXMOX_HOST_R630_02:-${PROXMOX_R630_02:-192.168.11.12}}"
+PROXMOX_HOST_R630_03="${PROXMOX_HOST_R630_03:-${PROXMOX_R630_03:-192.168.11.13}}"
+PROXMOX_HOST_R630_04="${PROXMOX_HOST_R630_04:-${PROXMOX_R630_04:-192.168.11.14}}"
 PROXMOX_HOST_ML110="${PROXMOX_HOST_ML110:-${PROXMOX_ML110:-192.168.11.10}}"
+# Proxmox hypervisor FQDNs (canonical: <host>.sankofa.nexus — align with LAN DNS)
+export PROXMOX_FQDN_ML110="${PROXMOX_FQDN_ML110:-ml110.sankofa.nexus}"
+export PROXMOX_FQDN_R630_01="${PROXMOX_FQDN_R630_01:-r630-01.sankofa.nexus}"
+export PROXMOX_FQDN_R630_02="${PROXMOX_FQDN_R630_02:-r630-02.sankofa.nexus}"
+export PROXMOX_FQDN_R630_03="${PROXMOX_FQDN_R630_03:-r630-03.sankofa.nexus}"
+export PROXMOX_FQDN_R630_04="${PROXMOX_FQDN_R630_04:-r630-04.sankofa.nexus}"

 # Derived vars (from config; fallbacks for missing config)
 export RPC_CORE_1="${RPC_CORE_1:-192.168.11.211}"
@@ -103,14 +128,17 @@ export SMOM_DIR="${SMOM_DBIS_138_DIR:-${PROJECT_ROOT}/smom-dbis-138}"
 export DBIS_CORE_DIR="${DBIS_CORE_DIR:-${PROJECT_ROOT}/dbis_core}"

 # VMID -> Proxmox host (for pct/qm operations)
-# Covers: DBIS (101xx), RPC (2101, 2201, 2301, etc.), Blockscout (5000), CCIP (5400-5476), NPMplus (10233, 10234)
+# Covers: DBIS (101xx), RPC (2101-2103, 2201, 2301, etc.), Blockscout (5000), CCIP (5400-5476), NPMplus (10233, 10234)
+# Live placement (2026-04-09): validators 1003/1004, sentries 1503-1510, and RPCs 2102, 2301, 2304, 2400, 2402, 2403 on r630-03;
+# RPCs 2201, 2303, 2305-2308, 2401 on r630-02; 2101 + 2103 remain on r630-01 — see ALL_VMIDS_ENDPOINTS.md
 get_host_for_vmid() {
    local vmid="$1"
    case "$vmid" in
-        10130|10150|10151|106|107|108|10000|10001|10020|10100|10101|10120|10233|10235) echo "${PROXMOX_HOST_R630_01}";;
-        2101) echo "${PROXMOX_HOST_R630_01}";;
-        5000|5700|7810|2201|2303|2401|6200|6201|10234|10237|5800|5801) echo "${PROXMOX_HOST_R630_02}";;
-        2301|2400|1504|2503|2504|2505) echo "${PROXMOX_HOST_ML110}";;
+        10130|10150|10151|106|107|108|10000|10001|10020|10100|10101|10120|10203|10233|10235) echo "${PROXMOX_HOST_R630_01}";;
+        1000|1001|1002|1500|1501|1502|2101|2103) echo "${PROXMOX_HOST_R630_01}";;
+        1003|1004|1503|1504|1505|1506|1507|1508|1509|1510|2102|2301|2304|2400|2402|2403) echo "${PROXMOX_HOST_R630_03}";;
+        5000|5700|7810|2201|2303|2305|2306|2307|2308|2401|6200|6201|6202|6203|6204|6205|10234|10237|5800|5801) echo "${PROXMOX_HOST_R630_02}";;
+        2420|2430|2440|2460|2470|2480) echo "${PROXMOX_HOST_R630_01}";;
        5400|5401|5402|5403|5410|5411|5412|5413|5414|5415|5416|5417|5418|5419|5420|5421|5422|5423|5424|5425|5440|5441|5442|5443|5444|5445|5446|5447|5448|5449|5450|5451|5452|5453|5454|5455|5470|5471|5472|5473|5474|5475|5476) echo "${PROXMOX_HOST_R630_02}";;
        *) echo "${PROXMOX_HOST_R630_01:-${PROXMOX_R630_02}}";;
    esac
--- a/scripts/lib/pmm-soak-dotenv-override.sh
+++ b/scripts/lib/pmm-soak-dotenv-override.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+# PMM soak: preserve pool-related and RPC_URL_138 from the caller shell when sourcing
+# scripts/lib/load-project-env.sh (which loads .env and may override these).
+#
+# Usage (immediately before and after sourcing load-project-env.sh):
+#   source "${PROJECT_ROOT}/scripts/lib/pmm-soak-dotenv-override.sh"
+#   pmm_soak_snapshot_pool_env_for_restore   # also snapshots RPC_URL_138 when set
+#   source "${PROJECT_ROOT}/scripts/lib/load-project-env.sh"
+#   pmm_soak_restore_pool_env_after_dotenv    # re-exports CHAIN138_RPC_* from RPC_URL_138 when restored
+#
+# shellcheck shell=bash
+
+pmm_soak_snapshot_pool_env_for_restore() {
+  _PMM_RSTR_SWAP_VIA_SET=0
+  if [[ -n "${CHAIN138_PMM_SOAK_SWAP_VIA+x}" ]]; then
+    _PMM_RSTR_SWAP_VIA_SET=1
+    _PMM_RSTR_SWAP_VIA_VAL="$CHAIN138_PMM_SOAK_SWAP_VIA"
+  fi
+  _PMM_RSTR_POOLS_SET=0
+  if [[ -n "${PMM_SOAK_POOLS+x}" ]]; then
+    _PMM_RSTR_POOLS_SET=1
+    _PMM_RSTR_POOLS_VAL="$PMM_SOAK_POOLS"
+  fi
+  _PMM_RSTR_POOLS_FILE_SET=0
+  if [[ -n "${PMM_SOAK_POOLS_FILE+x}" ]]; then
+    _PMM_RSTR_POOLS_FILE_SET=1
+    _PMM_RSTR_POOLS_FILE_VAL="$PMM_SOAK_POOLS_FILE"
+  fi
+  _PMM_RSTR_POOL_PRESET_SET=0
+  if [[ -n "${PMM_SOAK_POOL_PRESET+x}" ]]; then
+    _PMM_RSTR_POOL_PRESET_SET=1
+    _PMM_RSTR_POOL_PRESET_VAL="$PMM_SOAK_POOL_PRESET"
+  fi
+  _PMM_RSTR_RPC_SET=0
+  if [[ -n "${RPC_URL_138+x}" ]]; then
+    _PMM_RSTR_RPC_SET=1
+    _PMM_RSTR_RPC_VAL="$RPC_URL_138"
+  fi
+}
+
+pmm_soak_restore_pool_env_after_dotenv() {
+  if [[ "$_PMM_RSTR_SWAP_VIA_SET" == 1 ]]; then
+    export CHAIN138_PMM_SOAK_SWAP_VIA="$_PMM_RSTR_SWAP_VIA_VAL"
+  fi
+  if [[ "$_PMM_RSTR_POOLS_SET" == 1 ]]; then
+    export PMM_SOAK_POOLS="$_PMM_RSTR_POOLS_VAL"
+  fi
+  if [[ "$_PMM_RSTR_POOLS_FILE_SET" == 1 ]]; then
+    export PMM_SOAK_POOLS_FILE="$_PMM_RSTR_POOLS_FILE_VAL"
+  fi
+  if [[ "$_PMM_RSTR_POOL_PRESET_SET" == 1 ]]; then
+    export PMM_SOAK_POOL_PRESET="$_PMM_RSTR_POOL_PRESET_VAL"
+  fi
+  if [[ "$_PMM_RSTR_RPC_SET" == 1 ]]; then
+    export RPC_URL_138="$_PMM_RSTR_RPC_VAL"
+    export CHAIN138_RPC_URL="$RPC_URL_138"
+    export CHAIN138_RPC="$RPC_URL_138"
+  fi
+  unset _PMM_RSTR_SWAP_VIA_SET _PMM_RSTR_SWAP_VIA_VAL \
+    _PMM_RSTR_POOLS_SET _PMM_RSTR_POOLS_VAL \
+    _PMM_RSTR_POOLS_FILE_SET _PMM_RSTR_POOLS_FILE_VAL \
+    _PMM_RSTR_POOL_PRESET_SET _PMM_RSTR_POOL_PRESET_VAL \
+    _PMM_RSTR_RPC_SET _PMM_RSTR_RPC_VAL 2>/dev/null || true
+}
--- a/scripts/lib/pmm-soak-pools.sh
+++ b/scripts/lib/pmm-soak-pools.sh
@@ -0,0 +1,113 @@
+#!/usr/bin/env bash
+# PMM soak pool lists — Chain 138 DVM pools (see docs/11-references/ADDRESS_MATRIX_AND_STATUS.md).
+#
+# Resolution order (first wins):
+#   1) PMM_SOAK_POOLS — space-separated addresses
+#   2) PMM_SOAK_POOLS_FILE — one 0x address per line (# comments allowed)
+#   3) PMM_SOAK_POOL_PRESET — see presets below
+#   4) all — full default set (9 pools)
+#
+# Presets:
+#   all            — 9 funded PMM pools (default)
+#   stable         — cUSDT/cUSDC + USDT + USDC mirror pools (3)
+#   cusdt-cusdc    — single cUSDT/cUSDC pool only (narrowest)
+#   mirrors        — cUSDT/USDT + cUSDC/USDC only (2; no cUSDT/cUSDC cross)
+#   xau-public     — 3 public XAU pools
+#   xau-private    — 3 private XAU pools
+#   xau-all        — all 6 XAU pools
+#
+# After sourcing, POOLS is a bash array of checksummed or lower-case addresses.
+# shellcheck shell=bash
+
+pmm_soak_pools_default_all() {
+  POOLS=(
+    0x9e89bAe009adf128782E19e8341996c596ac40dC
+    0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66
+    0xc39B7D0F40838cbFb54649d327f49a6DAC964062
+    0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0
+    0xEA9Ac6357CaCB42a83b9082B870610363B177cBa
+    0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf
+    0x94316511621430423a2cff0C036902BAB4aA70c2
+    0x7867D58567948e5b9908F1057055Ee4440de0851
+    0x505403093826D494983A93b43Aa0B8601078A44e
+  )
+}
+
+pmm_soak_load_pools() {
+  POOLS=()
+
+  if [[ -n "${PMM_SOAK_POOLS:-}" ]]; then
+    read -r -a POOLS <<<"${PMM_SOAK_POOLS}"
+    return 0
+  fi
+
+  if [[ -n "${PMM_SOAK_POOLS_FILE:-}" ]]; then
+    if [[ ! -f "${PMM_SOAK_POOLS_FILE}" ]]; then
+      echo "[pmm-soak-pools] PMM_SOAK_POOLS_FILE not found: ${PMM_SOAK_POOLS_FILE}" >&2
+      return 1
+    fi
+    while IFS= read -r raw || [[ -n "$raw" ]]; do
+      line="$(printf '%s' "${raw%%#*}" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')"
+      [[ -z "$line" ]] && continue
+      [[ "$line" == 0x* ]] || continue
+      POOLS+=("$line")
+    done <"${PMM_SOAK_POOLS_FILE}"
+    [[ "${#POOLS[@]}" -gt 0 ]] || {
+      echo "[pmm-soak-pools] no addresses in ${PMM_SOAK_POOLS_FILE}" >&2
+      return 1
+    }
+    return 0
+  fi
+
+  local preset="${PMM_SOAK_POOL_PRESET:-all}"
+  case "$preset" in
+    all)
+      pmm_soak_pools_default_all
+      ;;
+    stable | stable-mirrors)
+      POOLS=(
+        0x9e89bAe009adf128782E19e8341996c596ac40dC
+        0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66
+        0xc39B7D0F40838cbFb54649d327f49a6DAC964062
+      )
+      ;;
+    cusdt-cusdc)
+      POOLS=(0x9e89bAe009adf128782E19e8341996c596ac40dC)
+      ;;
+    mirrors)
+      POOLS=(
+        0x866Cb44b59303d8dc5f4F9E3E7A8e8b0bf238d66
+        0xc39B7D0F40838cbFb54649d327f49a6DAC964062
+      )
+      ;;
+    xau-public)
+      POOLS=(
+        0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0
+        0xEA9Ac6357CaCB42a83b9082B870610363B177cBa
+        0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf
+      )
+      ;;
+    xau-private)
+      POOLS=(
+        0x94316511621430423a2cff0C036902BAB4aA70c2
+        0x7867D58567948e5b9908F1057055Ee4440de0851
+        0x505403093826D494983A93b43Aa0B8601078A44e
+      )
+      ;;
+    xau-all)
+      POOLS=(
+        0x1AA55E2001E5651349AfF5A63FD7A7Ae44f0F1b0
+        0xEA9Ac6357CaCB42a83b9082B870610363B177cBa
+        0xbA99bc1eAAC164569d5AcA96C806934DDaF970Cf
+        0x94316511621430423a2cff0C036902BAB4aA70c2
+        0x7867D58567948e5b9908F1057055Ee4440de0851
+        0x505403093826D494983A93b43Aa0B8601078A44e
+      )
+      ;;
+    *)
+      echo "[pmm-soak-pools] unknown PMM_SOAK_POOL_PRESET=$preset (use: all, stable, cusdt-cusdc, mirrors, xau-public, xau-private, xau-all)" >&2
+      return 1
+      ;;
+  esac
+  return 0
+}
--- a/scripts/lib/proxmox-production-guard.sh
+++ b/scripts/lib/proxmox-production-guard.sh
@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+# Surgical Proxmox mutation guard — source from operator scripts that SSH + pct/qm.
+# Mission-critical: mutations default OFF unless explicitly opted in; optional VMID allowlist.
+#
+# Usage:
+#   source "${PROJECT_ROOT}/scripts/lib/proxmox-production-guard.sh"
+#   pguard_require_apply_flag "$APPLY" || exit 0   # after parsing --apply
+#   pguard_vmid_allowed "$vmid" || continue
+#
+# Opt-in (either):
+#   --apply on the script, or
+#   PROXMOX_OPS_APPLY=1 / yes
+#
+# Optional belt-and-suspenders (comma or space separated):
+#   PROXMOX_OPS_ALLOWED_VMIDS="2400,2402,2403"
+#
+# Version: 2026-04-06
+
+pguard_log() { echo "[proxmox-guard] $*" >&2; }
+
+# When enabled (e.g. PROXMOX_SAFE_DEFAULTS=1 in operator .env), maintenance scripts that
+# source this file should default to dry-run unless the caller passes --apply or sets PROXMOX_OPS_APPLY=1.
+pguard_safe_defaults_enabled() {
+  case "${PROXMOX_SAFE_DEFAULTS:-}" in
+    1|yes|true|TRUE|Yes) return 0 ;;
+    *) return 1 ;;
+  esac
+}
+
+pguard_mutations_allowed() {
+  case "${PROXMOX_OPS_APPLY:-}" in
+    1|yes|true|TRUE|Yes) return 0 ;;
+    *) return 1 ;;
+  esac
+}
+
+# Call after CLI sets APPLY=true from --apply
+pguard_require_apply_flag() {
+  local apply_flag="${1:-false}"
+  [[ "$apply_flag" == true ]] && return 0
+  pguard_mutations_allowed && return 0
+  return 1
+}
+
+# If PROXMOX_OPS_ALLOWED_VMIDS is set, vmid must match one token (comma/space separated).
+pguard_vmid_allowed() {
+  local vmid="$1"
+  local allow="${PROXMOX_OPS_ALLOWED_VMIDS:-}"
+  [[ -z "${allow// }" ]] && return 0
+  allow="${allow//,/ }"
+  local x
+  for x in $allow; do
+    [[ "$x" == "$vmid" ]] && return 0
+  done
+  pguard_log "refused: VMID ${vmid} not in PROXMOX_OPS_ALLOWED_VMIDS"
+  return 1
+}
--- a/scripts/lib/vmid-ip-maps.sh
+++ b/scripts/lib/vmid-ip-maps.sh
@@ -17,12 +17,14 @@ declare -gA VMID_VALIDATORS=(
    ["1004"]="${IP_VALIDATOR_4:-192.168.11.104}"
 )

-# Sentries (1500-1503)
+# Sentries
 declare -gA VMID_SENTRIES=(
    ["1500"]="${IP_BESU_RPC_0:-192.168.11.150}"
    ["1501"]="${IP_BESU_RPC_1:-192.168.11.151}"
    ["1502"]="${IP_BESU_RPC_2:-192.168.11.152}"
    ["1503"]="${IP_BESU_RPC_3:-192.168.11.153}"
+    ["1509"]="${IP_BESU_SENTRY_THIRDWEB_1:-192.168.11.219}"
+    ["1510"]="${IP_BESU_SENTRY_THIRDWEB_2:-192.168.11.220}"
 )

 # RPC nodes (current active)
@@ -33,15 +35,12 @@ declare -gA VMID_RPC=(
    ["2400"]="${RPC_THIRDWEB_PRIMARY:-192.168.11.240}"
    ["2401"]="${RPC_THIRDWEB_1:-192.168.11.241}"
    ["2402"]="${RPC_THIRDWEB_2:-192.168.11.242}"
-    ["2500"]="${RPC_ALLTRA_1:-192.168.11.250}"
-    ["2501"]="${RPC_ALI_1:-192.168.11.251}"
-    ["2502"]="${RPC_ALI_2:-192.168.11.252}"
-    ["2503"]="${RPC_ALI_1_ALT:-192.168.11.253}"
-    ["2504"]="${RPC_ALI_2_ALT:-192.168.11.254}"
-    ["2505"]="${IP_VAULT_PHOENIX_2:-192.168.11.201}"
-    ["2506"]="${IP_SERVICE_202:-192.168.11.202}"
-    ["2507"]="${IP_SERVICE_203:-192.168.11.203}"
-    ["2508"]="${IP_SERVICE_204:-192.168.11.204}"
+    ["2420"]="${RPC_ALLTRA_1:-192.168.11.172}"
+    ["2430"]="${RPC_ALLTRA_2:-192.168.11.173}"
+    ["2440"]="${RPC_ALLTRA_3:-192.168.11.174}"
+    ["2460"]="${RPC_HYBX_1:-192.168.11.246}"
+    ["2470"]="${RPC_HYBX_2:-192.168.11.247}"
+    ["2480"]="${RPC_HYBX_3:-192.168.11.248}"
 )

 # Combined current nodes (validators + sentries + rpc)