# Full Maximum Parallel Execution Order

**Last Updated:** 2026-02-05  
**Purpose:** Order all remaining tasks into waves so that **within each wave, every item can run in parallel**. Run in full maximum parallel mode: execute all items in Wave 0 concurrently (where different owners), then all in Wave 1, then Wave 2, then Wave 3. No artificial sequencing within a wave.

**Sources:** [TODO_TASK_LIST_MASTER.md](TODO_TASK_LIST_MASTER.md), [REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md](REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md), [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md), [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md). **Single plan (required/optional/recommended):** [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md).

**Run record (2026-02-05):** [REMAINING_ITEMS_FULL_PARALLEL_LIST.md](REMAINING_ITEMS_FULL_PARALLEL_LIST.md) (batch 11 summary); **current validation:** `./scripts/validation/validate-config-files.sh`, `./scripts/verify/run-all-validation.sh`.  
**Wave 1 status:** [WAVE1_COMPLETION_SUMMARY.md](WAVE1_COMPLETION_SUMMARY.md). **Wave 2/3 checklist:** [WAVE2_WAVE3_OPERATOR_CHECKLIST.md](WAVE2_WAVE3_OPERATOR_CHECKLIST.md).  
**Full remaining list (all items by wave):** [REMAINING_ITEMS_FULL_PARALLEL_LIST.md](REMAINING_ITEMS_FULL_PARALLEL_LIST.md).

---

## Execution model

1. **Wave 0** — Gate/creds: do once or when creds available; can run in parallel with each other if different owners.
2. **Wave 1** — No shared state: security, monitoring config, backup, docs, codebase, quick wins, implementation checklist items that need no running infra. **Run all in parallel.**
3. **Wave 2** — Infra/deploy that can parallelize by host or by component: monitoring stack deploy, VLAN work, Phase 3/4 script expansion, optional deploy tasks. **Run all in parallel** (by host or by task).
4. **Wave 3** — Depends on Wave 2 outputs: CCIP Fleet deploy (after Ops/Admin and NAT), Phase 4 tenant isolation (after VLANs). **Run all in parallel** where no internal deps.
5. **Ongoing** — Daily/weekly maintenance; not sequenced.

**Real dependencies (must respect):**
- CCIP commit/execute/RMN nodes require CCIP Ops/Admin and NAT pools (Wave 3 after Wave 2).
- NPMplus backup requires NPM_PASSWORD (Wave 0 or Wave 1).
- sendCrossChain (real) requires PRIVATE_KEY and LINK approved (Wave 0).
- Firewall/SSH changes: coordinate to avoid lockout (Wave 1, but test before disabling password).

---

## Wave 0 — Gates / credentials (run in parallel where different owners)

| ID | Task | Blocker / note |
|----|------|-----------------|
| W0-1 | Apply NPMplus RPC fix (405) | Run from host on LAN: `bash scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh` |
| W0-2 | Execute sendCrossChain (real) | PRIVATE_KEY, LINK approved for fee token; remove `--dry-run` from run-send-cross-chain.sh |
| W0-3 | NPMplus backup (export/config) | NPM_PASSWORD in .env; run existing backup script |

---

## Wave 1 — Full parallel (no shared state)

**Security**
| ID | Task |
|----|------|
| W1-1 | SSH key-based auth; disable password auth (coordinate to avoid lockout) |
| W1-2 | Firewall: restrict Proxmox API 8006 to specific IPs |
| W1-3 | smom: Security audits VLT-024, ISO-024 |
| W1-4 | smom: Bridge integrations BRG-VLT, BRG-ISO |

**Monitoring (config / design)**
| ID | Task |
|----|------|
| W1-5 | Prometheus scrape config (Besu 9545, targets); alert rules |
| W1-6 | Grafana dashboards (JSON); Alertmanager config |
| W1-7 | Loki/Alertmanager config files (no deploy yet) |

**Backup**
| ID | Task |
|----|------|
| W1-8 | Automated backup script (validator keys, configs); NPMplus backup cron (already exists — verify/schedule) |

**Phase 1 (optional)**
| ID | Task |
|----|------|
| W1-9 | VLAN enablement: UDM Pro VLAN config docs; Proxmox VLAN-aware bridge design |
| W1-10 | VLAN migration plan (per-service table) |

**Documentation**
| ID | Task |
|----|------|
| W1-11 | Documentation consolidation (by folder: 01-, 02-, 03-, …); archive old status |
| W1-12 | Quick reference cards; decision trees; config templates (ALL_IMPROVEMENTS 68–74) |
| W1-13 | Final IP assignments; service connectivity matrix; operational runbooks |

**Codebase**
| ID | Task |
|----|------|
| W1-14 | dbis_core: TypeScript/Prisma fixes (by module/file — parallelize by file) |
| W1-15 | smom: EnhancedSwapRouter quoter; AlltraAdapter fee TODO |
| W1-16 | smom: IRU remaining tasks |
| W1-17 | Placeholders: canonical addresses env-only; AlltraAdapter fee; smart accounts kit; quote service Fabric chainId 999; .bak deprecation (ALL_IMPROVEMENTS 87–91) |

**Quick wins & implementation checklist (high priority, no infra)**
| ID | Task |
|----|------|
| W1-18 | Add progress indicators to scripts; config validation in CI/pre-deploy |
| W1-19 | Secure validator key permissions (chmod 600, chown besu) |
| W1-20 | Secret management audit; input validation in scripts; security scanning automation (ALL_IMPROVEMENTS 48–51) |
| W1-21 | Configuration validation (JSON/YAML schema); config templates; env standardization (52–54) |

**MetaMask / explorer (optional, parallel)**
| ID | Task |
|----|------|
| W1-22 | Token-aggregation hardening; CoinGecko submission |
| W1-23 | Chain 138 Snap: market data UI; swap quotes; bridge routes; testing & distribution |
| W1-24 | Explorer: dark mode, network selector, sync indicator |
| W1-25 | Paymaster deploy (optional); Consensys outreach |
| W1-26 | API keys: Li.Fi, Jumper, 1inch (when keys available — per integration in parallel) |

**Improvements index 1–35 (Proxmox high/med/low, quick wins)**
| ID | Task |
|----|------|
| W1-27 | ALL_IMPROVEMENTS 1–11 (Proxmox high: .env, validator keys, SSH, firewall, VLANs, metrics, health, backup, runbooks) — each item parallel |
| W1-28 | ALL_IMPROVEMENTS 12–20 (Proxmox medium: error handling, logging, Loki, resource/network/DB optimization, CI/CD) |
| W1-29 | ALL_IMPROVEMENTS 21–30 (Proxmox low: auto-scale, load balancing, multi-region, HSM, audit) |
| W1-30 | ALL_IMPROVEMENTS 31–35 (Quick wins: progress indicators, --dry-run, config validation, FAQ, inline comments) |

**Improvements index 36–67 (code quality, docs, security, config, monitoring DX)**
| ID | Task |
|----|------|
| W1-31 | ALL_IMPROVEMENTS 36–43 (script shebang, set -euo, header template, shellcheck, consolidation, lib, perf, doc gen) |
| W1-32 | ALL_IMPROVEMENTS 44–47 (doc consolidation, accuracy, inline doc, API doc) |
| W1-33 | ALL_IMPROVEMENTS 48–57 (security audit, validation, scanning, RBAC, config validation, templates, tests, CI) |
| W1-34 | ALL_IMPROVEMENTS 58–67 (logging, metrics, health, DevContainer, IDE, backup review) |

**Improvements index 68–91 (docs, infra design, codebase, placeholders)**
| ID | Task |
|----|------|
| W1-35 | ALL_IMPROVEMENTS 68–74 (docs: quick ref, decision trees, config templates, examples, glossary) |
| W1-36 | ALL_IMPROVEMENTS 75–81 (Phase 1–4 design, missing containers list — design only in Wave 1) |
| W1-37 | ALL_IMPROVEMENTS 82–86 (smom audits, BRG, CCIP AMB, dbis_core, IRU — same as W1-14 to W1-17) |
| W1-38 | ALL_IMPROVEMENTS 87–91 (placeholders — same as W1-17) |

**Improvements index 92–139 (MetaMask, Tezos/CCIP, Besu, RPC, orchestration, maintenance)**
| ID | Task |
|----|------|
| W1-39 | ALL_IMPROVEMENTS 92–105 (MetaMask/explorer — parallel by task) |
| W1-40 | ALL_IMPROVEMENTS 106–121 (Tezos/Etherlink/CCIP — config and scripts in parallel) |
| W1-41 | ALL_IMPROVEMENTS 122–126 (Besu/blockchain) |
| W1-42 | ALL_IMPROVEMENTS 127–130 (RPC translator) |
| W1-43 | ALL_IMPROVEMENTS 131–134 (Orchestration portal) |
| W1-44 | ALL_IMPROVEMENTS 135–139 (Maintenance procedures — document/automate) |

---

## Wave 2 — Infra / deploy (parallel by host or component)

| ID | Task | Parallelize by |
|----|------|----------------|
| W2-1 | Deploy monitoring stack (Prometheus, Grafana, Loki, Alertmanager) | By component or single deployer |
| W2-2 | Grafana published via Cloudflare Access; alerts configured | After stack up |
| W2-3 | VLAN enablement: apply UDM Pro VLAN config; Proxmox bridge; migrate services to VLANs | By VLAN or by host |
| W2-4 | Phase 3 CCIP: Ops/Admin (5400-5401); NAT pools; commit/execute/RMN script expansion | Ops first, then NAT, then scripts |
| W2-5 | Phase 4: Sovereign tenant VLANs; isolation; access control | By tenant or by VLAN |
| W2-6 | 2506–2508 destroyed 2026-02-08; RPC 2500–2505 only. See MISSING_CONTAINERS_LIST.md | Done (doc) |
| W2-7 | DBIS services start (10100–10151, etc.); additional Hyperledger | By host |
| W2-8 | NPMplus HA (Keepalived, secondary 10234) | Optional; single change |

---

## Wave 3 — After Wave 2 (CCIP Fleet, tenant isolation)

| ID | Task | Depends on |
|----|------|------------|
| W3-1 | CCIP Fleet full deploy: 16 commit (5410-5425), 16 execute (5440-5455), 7 RMN (5470-5476) | W2-4 (Ops/Admin, NAT) |
| W3-2 | Phase 4 tenant isolation enforcement; access control | W2-3 / W2-5 (VLANs) |

---

## Ongoing (no wave)

| ID | Task | Frequency |
|----|------|-----------|
| O-1 | Monitor explorer sync | Daily |
| O-2 | Monitor RPC 2201 | Daily |
| O-3 | Config API uptime | Weekly |

---

## How to run in full maximum parallel mode

1. **Gate:** Complete Wave 0 (W0-1, W0-2, W0-3) as soon as creds/access allow; these can run in parallel with each other.
2. **Parallel Wave 1:** Assign each W1-* item to an owner or automation; run all W1-* concurrently. Use [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md) cohorts A/B where they overlap.
3. **Parallel Wave 2:** Run W2-1 through W2-8 in parallel (by host for D1–D3 style tasks, by component for stack deploy).
4. **Parallel Wave 3:** After Wave 2 outputs exist, run W3-1 and W3-2 in parallel.
5. **Ongoing:** Schedule O-1, O-2, O-3 (cron or runbooks).

**Automation:** A runner can parse this file, group by wave, and execute each wave in parallel (e.g. one job per W1-* and W2-* item).

---

## Cross-references

- [TODO_TASK_LIST_MASTER.md](TODO_TASK_LIST_MASTER.md) — Consolidated checklist
- [REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md](REMAINING_TASKS_NEXT_STEPS_PHASES_REVIEW.md) — Full review
- [PARALLEL_TASK_STRUCTURE.md](PARALLEL_TASK_STRUCTURE.md) — Cohorts A/B/C/D (legacy; still valid for the-order, smom, dbis, OMNIS)
- [ALL_IMPROVEMENTS_AND_GAPS_INDEX.md](../ALL_IMPROVEMENTS_AND_GAPS_INDEX.md) — Items 1–139 detail