d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e70964ef2ded65e42e67144043564b990656300b
proxmox/docs/03-deployment/DBIS_RTGS_E2E_REQUIREMENTS_MATRIX.md
defiQUG d513ac35c0
All checks were successful
Deploy to Phoenix / deploy (push) Successful in 6s
Details
Freeze OMNL-backed SCSM first-slice status
2026-03-29 00:29:29 -07:00

15 KiB
Raw Blame History

DBIS RTGS E2E Requirements Matrix

Last updated: 2026-03-29
Purpose: Canonical implementation matrix for the full DBIS RTGS stack across Chain 138, OMNL / Fineract, HYBX sidecars, and the related Hyperledger layers. This document turns the RTGS TODO section into an executable requirements and production-gate artifact.

Status legend

  • Complete — implemented and verified enough to be used in production for the stated role
  • Partial — exists or works in a narrow slice, but not yet enough for full production use
  • Planned — intentionally in scope, but not yet deployed or validated
  • Reserved placeholder — inventory exists, but is not an active deployed workload
  • Retired / standby — not active; retained only as reserve inventory until rebuilt

Core matrix

Component Current status Owner Current source / repo artifact Main blockers Production-gate criteria
Chain 138 Besu validator / sentry / RPC baseline Complete DBIS / infra ops check-chain138-rpc-health.sh, DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md None for baseline Public and core RPC healthy, head spread 0, peer counts healthy, required wallet/explorer methods working
Explorer / Blockscout Complete DBIS / explorer ops explorer-monorepo, explorer routing/API runbooks Ongoing normal maintenance only Explorer routes, API, token metadata, and RPC capability metadata remain healthy
FireFly primary 6200 Partial DBIS workflow / infra ops DBIS_HYPERLEDGER_RUNTIME_STATUS.md Minimal local gateway only; no proven multiparty production workflow yet API healthy, config preserved, event model defined, cross-system orchestration validated
FireFly secondary 6201 Retired / standby DBIS workflow / infra ops DBIS_HYPERLEDGER_RUNTIME_STATUS.md Empty rootfs; no valid deployment payload Either rebuilt as a real secondary node and verified, or left explicitly retired in all architecture claims
Fabric 6000-6002 Reserved placeholder DBIS architecture / infra ops DBIS_HYPERLEDGER_RUNTIME_STATUS.md, DBIS_NODE_ROLE_MATRIX.md No app payload, no listeners, no active peer/orderer processes Either deploy real Fabric workloads and validate them, or keep them stopped and excluded from “active stack” claims
Indy 6400-6402 Reserved placeholder DBIS architecture / infra ops DBIS_HYPERLEDGER_RUNTIME_STATUS.md, DBIS_NODE_ROLE_MATRIX.md No app payload, no listeners, no active Indy processes Either deploy real Indy workloads and validate them, or keep them stopped and excluded from “active stack” claims
Aries Planned Identity architecture lead DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md, TODO_TASK_LIST_MASTER.md No deployed Aries runtime, no agent model defined Decide in/out of scope; if in, deploy agents, define DID/wallet/protocol model, validate credential flows
AnonCreds Planned Identity architecture lead DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md, TODO_TASK_LIST_MASTER.md No deployed credential flow, no issuer/holder/verifier model frozen Decide in/out of scope; if in, define schema/credential lifecycle and validation path
Ursa Planned Identity / cryptography architecture lead DBIS_HYPERLEDGER_IDENTITY_STACK_DECISION.md, TODO_TASK_LIST_MASTER.md No explicit runtime control or deployment model defined Decide in/out of scope; if in, document cryptographic role and operational dependency model
Cacti Planned Interoperability architecture lead dbis_chain_138_technical_master_plan.md Not proven as current live interoperability engine Decide in/out of scope; if in, deploy and validate real cross-ledger integration path
Caliper Planned Performance / QA lead CALIPER_CHAIN138_PERF_HOOK.md Hook exists, benchmark harness not yet routine Add benchmark harness and run approved RTGS workload profiles
OMNL / Fineract API rail Partial OMNL / banking ops HYBX_BATCH_001_OPERATOR_CHECKLIST.md, scripts/omnl, API_DOCUMENTATION.md Full production package flow and participant model are not yet frozen as the canonical RTGS rail Office / GL / JE / snapshot / package flow runs cleanly against live API and is operator-repeatable
Mifos X frontend / Fineract tenant Partial OMNL / banking ops ALL_VMIDS_ENDPOINTS.md, Mifos deployment docs Authenticated tenant is now proven live for sidecar posting, but operator runbook and production participant model remain incomplete UI/API confirmed healthy, tenant/auth stable, operator runbook complete
HYBX participant / office / treasury model Planned Banking architecture lead OMNL scripts and central-bank config Participant model and treasury structure not yet frozen end-to-end Office IDs, treasury accounts, GL mapping, nostro/vostro model, and settlement roles are documented and accepted
Mojaloop integration Planned Payments interoperability lead DBIS_MOJALOOP_INTEGRATION_STATUS.md No proven live Mojaloop switch endpoint set or callback contract in repo-backed state Endpoint/auth contract documented, quote/transfer/callback flow integrated, settlement-window behavior mapped to accounting and chain settlement
HYBX sidecar layer Partial HYBX app / integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md Sidecars available, but full orchestration and system-of-record ownership not yet frozen Sidecar-by-sidecar purpose, auth, ingress/egress, retries, and system-of-record ownership documented and validated
mifos-fineract-sidecar Partial HYBX integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md, DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md Runtime is deployed on Proxmox, healthy, and has completed one authenticated live OMNL posting, but chain-settlement and evidence legs are still open Sidecar API and event flow documented, at least one authenticated live transfer completed, and downstream settlement/evidence path validated
mt103-hardcopy-sidecar Partial HYBX integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md Ingestion path not yet tied into canonical RTGS workflow MT103 ingest to settlement and evidence path is documented and tested
off-ledger-2-on-ledger-sidecar Partial HYBX integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md, DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md Runtime is deployed on Proxmox and healthy, but canonical off-ledger source event and authenticated Fineract flow are not yet frozen Canonical mapping from off-ledger event to Chain 138 settlement defined and tested
securitization-engine-sidecar Partial HYBX integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md Regulatory/accounting role not yet tied into RTGS runbook Accounting and reporting responsibilities explicitly mapped and validated
card-networks-sidecar Partial HYBX integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md Not yet placed in RTGS path Include only if card-network settlement is in scope and integrated
server-funds-sidecar Partial HYBX integration lead DBIS_HYBX_SIDECAR_BOUNDARY_MATRIX.md, DBIS_RTGS_FIRST_SLICE_DEPLOYMENT_CHECKLIST.md Runtime is deployed on Proxmox and healthy, but its final treasury/system-of-record boundary is not yet frozen Define and validate if it is needed for treasury/funding orchestration
Chain 138 settlement contracts Partial Chain 138 / settlement lead smom-dbis-138, alltra-lifi-settlement, CONTRACTS_TO_DEPLOY.md Canonical RTGS path not yet frozen across off-ledger ↔ on-ledger events Final contract set chosen, deployed addresses frozen, flow tested end-to-end
MerchantSettlementRegistry Partial Chain 138 / settlement lead alltra-lifi-settlement docs and deploy scripts Need explicit placement in RTGS canonical flow Registry integrated into business flow with verified inputs/outputs
WithdrawalEscrow Partial Chain 138 / settlement lead alltra-lifi-settlement docs and deploy scripts Need explicit placement in RTGS canonical flow Escrow flow validated in settlement and withdrawal scenarios
DBIS / compliant settlement tokens Partial Chain 138 / monetary architecture lead token/contract references throughout repo Need final RTGS instrument selection per use case Final instrument selection, mint/burn/reserve rules, and reconciliation path are frozen
Reserve / oracle dependencies Partial Monetary controls lead Chain 138 reserve/oracle docs and scripts RTGS-specific dependency mapping not yet frozen Reserve attestations and oracle dependencies are documented and operational
FireFly / sidecar / chain event model Planned Workflow architecture lead TODOs and FireFly docs No single canonical correlation model yet Event catalog, IDs, retries, and compensating actions defined
ISO 20022 evidence and vault path Partial Regulatory / compliance lead INDONESIA_PACKAGE_4_995_EVIDENCE_STANDARD.md Need full institution-ready production completion ISO vault manifest, hashes, and legal evidence path complete and reproducible
Institutional 4.995 package path Partial Regulatory / compliance lead same standard + OMNL scripts Requires real institution attestation and submission-grade evidence --strict readiness passes with real institution materials
RTGS production gate Planned DBIS program owner this matrix + DBIS_PHASES_1_TO_3_PRODUCTION_GATE.md Not all subsystems are green All mandatory rows for the chosen RTGS architecture are Complete

First-slice implementation note

The current recommended first production slice is frozen in:

As of 2026-03-29, the following first-slice sidecars are deployed on Proxmox VE and runtime-healthy:

  • mifos-fineract-sidecar
  • server-funds-sidecar
  • off-ledger-2-on-ledger-sidecar

Additional proven fact for the first slice:

  • mifos-fineract-sidecar has completed at least one authenticated live transfer into OMNL / Fineract with verified debit/credit journal entries (transactionId: a16a10b3bc47).

This is still not equivalent to full RTGS production completion. The deployment checklist remains the gate for chain settlement, evidence output, and the remaining sidecar lanes.

Immediate execution priorities

Priority 1 — Freeze the canonical banking rail

  1. Freeze the canonical HYBX batch / settlement operator flow on top of the now-proven OMNL tenant/auth path.
  2. Lock the participant / treasury / GL model.
  3. Extend authenticated business-flow validation beyond SCSM into the remaining in-scope sidecars.

Priority 2 — Freeze the interoperability path

  1. Decide whether Mojaloop is in-scope now or a later phase.
  2. Decide which HYBX sidecars are truly part of the initial RTGS path.
  3. Decide whether Aries / AnonCreds / Ursa are required in the first production slice.

Priority 3 — Freeze the settlement path

  1. Define the exact off-ledger to on-ledger mapping.
  2. Freeze the Chain 138 contract path used by RTGS.
  3. Define reconciliation and evidence outputs for each settlement batch.

Minimum “full RTGS E2E” green criteria

The RTGS stack can be called fully end-to-end only when all of the following are true:

  1. The Fineract / OMNL operator flow runs cleanly against the intended live tenant.
  2. The participant / treasury / GL model is frozen and documented.
  3. The required HYBX sidecars are integrated and their boundaries are documented.
  4. If Mojaloop is in scope, quote / transfer / callback / settlement logic is live and validated.
  5. The Chain 138 settlement path is frozen and validated.
  6. Required Hyperledger identity/workflow layers are either:
    • deployed and validated, or
    • explicitly out of scope for the first production slice.
  7. Regulatory evidence generation passes at submission grade.
  8. The final production gate is updated to reflect those facts.

Related artifacts

Reference in New Issue View Git Blame Copy Permalink