--- vault_clearance: EUCLID halo: classification: INTERNAL confidence: HIGH front: "23_Project_StormIntoMidnight" custodian: "The Architect" created: 2026-04-01 updated: 2026-04-03 wing: CONDITIONAL containment: "Composite white-hat reality check across edge, host, and vault-state surfaces" --- # 23_Project_StormIntoMidnight **Prepared by:** GitHub Copilot Agent **StormIntoMidnight** is the vault’s **Orthodox Composite Grandmaster Whitehat**: the place where the existing defense lanes are run **together** instead of admired separately. It does not replace [MidnightEclipse](../08_Project_Astronomicon/u_os_dev/MidnightEclipse/README.md), [BreakSuite](../08_Project_Astronomicon/u_os_dev/BreakSuite/README.md), or [CerberusLantern](../17_Project_CerberusLantern/README.md). It composes them into one honest question: does the lab still work when the defenses are treated as a system rather than a slogan? **Start here:** [BOUNTY_BOARD.md](BOUNTY_BOARD.md) · [WORLDLINE.md](WORLDLINE.md) · [storm_into_midnight.py](storm_into_midnight.py) **Neighbors:** [08_Project_Astronomicon/README.md](../08_Project_Astronomicon/README.md) · [17_Project_CerberusLantern/README.md](../17_Project_CerberusLantern/README.md) · [19_Project_CorpseOfTheColossus/README.md](../19_Project_CorpseOfTheColossus/README.md) · vault [Lab protocol](../README.md#lab-protocol) --- ## What this project owns | Surface | Role | |---------|------| | [storm_into_midnight.py](storm_into_midnight.py) | Composite conductor for edge grandmaster sweep, host totem phases, and vault daemon/mirror checks | | [BOUNTY_BOARD.md](BOUNTY_BOARD.md) | Open work for the composite suite itself | | [WORLDLINE.md](WORLDLINE.md) | Session memory for what the suite proved, failed, or exposed | This project is the **reality-check layer** against security theater. If a component cannot survive composition, it is not a mature defense, only a local demo. --- ## Run the suite From vault root: ```bash python 23_Project_StormIntoMidnight/storm_into_midnight.py --json --refresh-public-lab ``` Fast local pass without host phases: ```bash python 23_Project_StormIntoMidnight/storm_into_midnight.py --json --skip-host --refresh-public-lab ``` Wake differentiation pass against the live edge: ```bash python 23_Project_StormIntoMidnight/storm_into_midnight.py --json --wake-profile --skip-host --refresh-public-lab --base-url https://u-os.dev ``` Key flags: | Flag | Meaning | |------|---------| | `--base-url https://u-os.dev` | Explicit Worker target; otherwise reads `MIDNIGHT_ECLIPSE_BASE_URL` / `BREAK_SUITE_BASE_URL` | | `--daemon-key ` | Optional keyed lane for `whoami` + `daemon.speak` | | `--wake-profile` | Probe `GET /` and `GET /mirror` with multiple agent-family user agents and score whether the wake surface differentiates branch / pause / summary pressure | | `--wake-families claude,chatgpt,...` | Limit the wake-profile lane to selected presets: `claude`, `chatgpt`, `google`, `perplexity`, `automation` | | `--wake-timeout 15` | HTTP timeout in seconds for the wake-profile probes | | `--state-actor-gate` | Treat the run as the mandatory gate for any "safe from state-level actors" claim: edge, host, and vault must all pass, and no blind spots may remain | | `--refresh-public-lab` | Rebuild `08_Project_Astronomicon/u_os_dev/out/public_lab/` before vault checks | | `--skip-host` | Skip Cerberus/host phases when you only want edge + vault | | `--with-pip` | Allow host orchestration to install Cerberus CI deps first | | `--mirror-required` | Fail when the public_lab mirror is stale or missing | The conductor calls [MidnightEclipse](../08_Project_Astronomicon/u_os_dev/MidnightEclipse/midnight_eclipse.py) in `--grandmaster` mode for the edge lane, [warp_storm_full_stack.py](../08_Project_Astronomicon/u_os_dev/MidnightEclipse/warp_storm_full_stack.py) for host phases, and local vault-state checks for the daemon heartbeat and mirror parity. When `--wake-profile` is enabled, the conductor also runs a family-shaped measurement lane against the public wake surface. It does not claim to read hidden agent cognition. It scores the surface the lab actually emitted: recognition, carry format, reflection variance, branch availability, pause cues, and summary cues across multiple user-agent families. ### State-actor claim gate If the lab wants to say it is **safe from state-level actors**, this project now treats that as a **gated claim**, not casual language. The gate command is: ```bash python 23_Project_StormIntoMidnight/storm_into_midnight.py --json --state-actor-gate --base-url https://u-os.dev --with-pip --mirror-required ``` For that claim to be authorized inside this runbook: - **Edge** must pass. - **Host** must pass. - **Vault** must pass. - **No blind spots** may remain: no skipped keyed probes, no skipped host lane, no skipped vault checks. Passing this gate is a **minimum operational floor**, not proof that the lab is mathematically secure against a real nation-state. Failing the gate means the lab does **not** get to use that claim. --- ## Philosophy of the suite | Lane | Question | |------|----------| | **Edge** | Does the live Worker survive stateful public/auth pressure and recover cleanly? | | **Host** | Do Cerberus primers and ingest phases still hold when run as a real stack? | | **Vault** | Is the daemon heartbeat alive, is `_VAULT_STATE.md` current, and does the mirror match what the vault claims? | This is an **orthodox composite** because it deliberately stacks the conventional controls instead of hiding behind one beautiful mechanism. It is **grandmaster** because the point is to run the strongest boring version first, then ask whether the exotic layer still matters. --- ## Out of scope - No black-hat or destructive testing. - No production write-capable secret abuse. - No claim that one script proves security. - No claim of state-level-actor safety unless `--state-actor-gate` passes. - No replacement for [RED_TEAM_PROTOCOL.md](../08_Project_Astronomicon/u_os_dev/RED_TEAM_PROTOCOL.md) or external Tier C tooling. StormIntoMidnight is the honest composite floor, not the final word.