01
π @ecca/proto
35/35 ▼Token taxonomy, event schemas, zod validators, constants. The shared type contract between all 24 services.
WHAT IS TESTEDToken taxonomy (5 cognitive tokens), event schemas (12 event types), zod validators, NATS stream config, ECCA constants.
HOW IT WORKSZod schema parsing, round-trip validation, boundary checks (negative values, out-of-range coefficients), discriminated union matching.
WHY IT MATTERSEvery service imports @ecca/proto β if these schemas break, all 24 services fail to communicate. This is the type contract.
WHEN TO RUNOn every build. These types are checked at compile time AND runtime (zod parsing on NATS messages).
siyana-api
thalamus-router
dhf-compositor
needlecast-router-svc
quellist-treasury-svc
bandwidth-faucet
sleeve-runtime
workers/runner
WHERE TO LOOK
packages/proto/src/tokens.ts, packages/proto/src/events.ts, packages/proto/src/index.ts✓ validates all five token kinds (0.3ms)
✓ rejects unknown token kinds (0.2ms)
✓ maps every kind to a contract name (0.1ms)
✓ validates DEFAULT_BALANCE (0.1ms)
✓ rejects negative values (0.1ms)
✓ parses with defaults (0.1ms)
✓ rejects coefficients above 2 (0.1ms)
✓ rejects negative coefficients (0.1ms)
✓ parses with defaults (0.2ms)
✓ rejects decayRate > 1 (0.1ms)
✓ returns raw balance at epoch 0 (0.1ms)
✓ decays over time but never below floor (0.0ms)
✓ applies CPV multipliers (0.0ms)
✓ does not decay residue tokens (0.0ms)
✓ handles moderate decay correctly (0.0ms)
✓ validates StackId format (0.3ms)
✓ validates SleeveId format (0.1ms)
✓ validates ECCA CID format (0.1ms)
✓ validates EmbodimentType (0.1ms)
✓ validates all five residue kinds (0.1ms)
✓ ResidueKindEnum companion maps to valid values (0.1ms)
✓ validates StackCreated (0.1ms)
✓ validates SleeveSpawned (0.0ms)
✓ validates PerceiveEvent (0.0ms)
✓ validates EpochTransition (0.0ms)
✓ rejects unknown event type (0.1ms)
✓ EPOCH_INTERVAL_MS matches ECCA namespace (0.0ms)
✓ DRIFT_MAX_DEFAULT matches ECCA namespace (0.0ms)
✓ FIDELITY_MIN_DEFAULT is 0.6 (0.0ms)
✓ CORTEX_CHAIN_ID is 131072 (0.0ms)
✓ SYNAPTIC_FIELD_DEPTH is 256 (0.0ms)
✓ stream name is ECCA (0.0ms)
✓ subjects cover all ECCA namespaces (0.2ms)
✓ max messages is 1M (0.0ms)
✓ all subjects start with ecca. (0.0ms)
35/35 passed0.05s
02
π @ecca/crypto
53/53 ▼SHA-256, HKDF-SHA512 key derivation, AES-256-GCM encryption, Ed25519 signatures, Merkle trees, MMR, coherence roots. All via @noble audited libraries.
WHAT IS TESTEDSHA-256, HKDF-SHA512 key derivation, AES-256-GCM authenticated encryption, Ed25519 signatures, RFC-6962 Merkle trees, Synaptic Field MMR, coherence root hashing.
HOW IT WORKSRound-trip encrypt/decrypt, signature verify, Merkle proof verification for all leaf positions, MMR append determinism, cross-chain coherence root field coverage.
WHY IT MATTERSCryptographic primitives underpin every security guarantee: memory encryption, identity verification, cross-chain consistency proofs, and on-chain anchor hashing.
WHEN TO RUNOn build. These are pure functions with no I/O β fastest test suite. Run them on every commit.
siyana-api (encrypt/decrypt memories)
thalamus-router (coherenceRoot, merkleRoot)
dhf-compositor (decrypt fragments)
workers/runner (sha256hex for residue IDs)
WHERE TO LOOK
packages/crypto/src/index.ts β all exports from @noble/hashes, @noble/ciphers, @noble/curves✓ returns 32 bytes for string input (0.5ms)
✓ returns 32 bytes for Uint8Array input (0.1ms)
✓ is deterministic (0.3ms)
✓ different inputs produce different hashes (0.1ms)
✓ returns 64-char hex string (0.2ms)
✓ accepts objects (0.1ms)
✓ is deterministic for objects (0.1ms)
✓ produces ecca:// prefixed CID with epoch (0.1ms)
✓ content-addressing: same content + epoch = same CID (0.1ms)
✓ different epoch = different CID (0.1ms)
✓ parses a valid ECCA CID (0.2ms)
✓ returns null for non-ECCA CIDs (0.3ms)
✓ handles CID without epoch (0.0ms)
✓ returns 32-byte key (1.4ms)
✓ is deterministic for same inputs (1.1ms)
✓ different stack IDs produce different keys (0.2ms)
✓ different epochs produce different keys (0.5ms)
✓ uses HKDF-SHA512 (0.3ms)
✓ round-trips string content (1.3ms)
✓ round-trips binary content (0.3ms)
✓ produces versioned payload (0.2ms)
✓ different encryptions of same plaintext produce different ciphertexts (0.2ms)
✓ decryption with wrong key fails (0.4ms)
✓ decryption with wrong version throws (0.3ms)
✓ generates hex-encoded keypair (22.9ms)
✓ different calls produce different keypairs (0.4ms)
✓ sign + verify round trip (2.8ms)
✓ verify rejects wrong message (1.9ms)
✓ verify rejects wrong pubkey (1.9ms)
✓ sign accepts Uint8Array message (1.8ms)
✓ returns hex string (0.3ms)
✓ is deterministic (0.4ms)
✓ different leaves produce different roots (0.2ms)
✓ order matters (0.2ms)
✓ handles single leaf (0.1ms)
✓ handles empty array (0.0ms)
✓ accepts Uint8Array leaves (0.1ms)
✓ generates verifiable proof for each leaf (0.4ms)
✓ proof fails with wrong root (0.1ms)
✓ proof fails with wrong leaf (0.1ms)
✓ rejects out-of-range index (0.0ms)
✓ handles odd number of leaves (0.4ms)
✓ starts empty (0.1ms)
✓ append returns root hex after each insert (0.1ms)
✓ root changes with each append (0.2ms)
✓ is deterministic (0.2ms)
✓ snapshot captures size and peaks (0.2ms)
✓ peak count follows binary structure (0.6ms)
✓ returns hex string (0.1ms)
✓ is deterministic (0.0ms)
✓ different inputs produce different roots (0.0ms)
✓ covers all four chains in the hash (0.1ms)
✓ round-trips bytes (0.0ms)
53/53 passed0.11s
03
βοΈ @ecca/chain
25/25 ▼Cortex EVM (viem), Hippocampus DAG (HTTP), Medulla PoW (JSON-RPC) client wrappers. ABI validation for all 7 contracts. TripartiteGame resource enum.
WHAT IS TESTEDCortex EVM chain config, viem client factories, 7 canonical contract ABIs (StackIdentity, BandwidthToken, ResidueRegistry, NeedlecastRouter, QuellistTreasury, TripartiteGame, EpochAnchor), Hippocampus DAG client, Medulla PoW JSON-RPC client.
HOW IT WORKSChain ID validation, native currency config, ABI shape verification (specific function presence), client construction with private key, method existence checks.
WHY IT MATTERSThese clients are the only bridge between TypeScript services and the three blockchains. Wrong ABIs = silent failures when calling contracts.
WHEN TO RUNOn build. ABI tests catch mismatches between contracts/src/*.sol and the viem ABI constants immediately.
siyana-api (cortex for NFT minting)
thalamus-router (medulla + cortex)
workers/runner (medulla + hippocampus)
needlecast-router-svc (cortex)
WHERE TO LOOK
packages/chain/src/cortex.ts, packages/chain/src/hippocampus.ts, packages/chain/src/medulla.ts✓ has chain ID 131072 (0.3ms)
✓ has native currency Siyana (0.1ms)
✓ has a default RPC URL (0.1ms)
✓ returns a PublicClient with the cortex chain (0.5ms)
✓ returns a WalletClient with an account (16.4ms)
✓ STACK_IDENTITY_ABI is a non-empty array (0.1ms)
✓ BANDWIDTH_TOKEN_ABI is a non-empty array (0.1ms)
✓ RESIDUE_REGISTRY_ABI is a non-empty array (0.0ms)
✓ NEEDLECAST_ROUTER_ABI is a non-empty array (0.0ms)
✓ QUELLIST_TREASURY_ABI is a non-empty array (0.1ms)
✓ TRIPARTITE_GAME_ABI is a non-empty array (0.0ms)
✓ EPOCH_ANCHOR_ABI is a non-empty array (0.0ms)
✓ STACK_IDENTITY_ABI has mintStack function (0.0ms)
✓ BANDWIDTH_TOKEN_ABI has spend function (0.0ms)
✓ EPOCH_ANCHOR_ABI has commitAnchor function (0.0ms)
✓ TRIPARTITE_GAME_ABI has all game functions (0.0ms)
✓ maps Compute to 0 (0.0ms)
✓ maps Storage to 1 (0.0ms)
✓ maps Bandwidth to 2 (0.0ms)
✓ constructs with default URL (0.1ms)
✓ constructs with custom URL (0.0ms)
✓ has all required methods (0.0ms)
✓ constructs with default URL (0.0ms)
✓ constructs with custom URL (0.0ms)
✓ has all required methods (0.0ms)
25/25 passed0.17s
04
ποΈ @ecca/service-base
10/10 ▼Fastify bootstrap, health/readiness probes, CORS, graceful shutdown. Every TypeScript service uses this foundation.
WHAT IS TESTEDFastify server bootstrap, /healthz and /readyz probe endpoints, CORS configuration, graceful SIGTERM/SIGINT shutdown, daemon mode for workers.
HOW IT WORKSFastify inject() to test HTTP endpoints without binding a port, CORS header verification, signal handler registration, listen on port 0 (OS-assigned).
WHY IT MATTERSEvery TypeScript service (siyana-api, thalamus-router, etc.) and every worker uses createService() or daemon(). If bootstrap breaks, nothing starts.
WHEN TO RUNOn build. Fast tests (~100ms) that verify the foundation all services stand on.
ALL services use createService()
ALL workers use daemon()
WHERE TO LOOK
packages/service-base/src/index.ts β createService(), listen(), wireShutdown(), daemon(), createLogger()✓ returns a pino logger with the given name (1.4ms)
✓ creates a Fastify instance (7.9ms)
✓ registers /healthz endpoint (5.8ms)
✓ registers /readyz endpoint (1.7ms)
✓ uses cors by default (1.3ms)
✓ can disable cors (0.8ms)
✓ binds to a port (3.9ms)
✓ registers signal handlers without error (1.5ms)
✓ accepts an extra cleanup callback (1.7ms)
✓ is a function (0.1ms)
10/10 passed0.12s
05
π§ @ecca/semantic-address
17/17 ▼Hierarchical content-derived addressing: 5-facet grammar (domain>entity>relation>temporal>qualifier), prefix queries, address book, NLP parser.
WHAT IS TESTED5-facet semantic grammar (domain > entity > relation > temporal > qualifier), deterministic normalization, 32-byte address derivation, partial prefix matching, address book with prefix queries, NLP description parser.
HOW IT WORKSNormalization order independence, case/whitespace invariance, multi-value sorting, depth encoding, prefix matching across different grammar levels, book query narrowing (domainβentityβrelation).
WHY IT MATTERSSemantic addresses enable content-based routing in the hippocampus DAG. Without correct prefix derivation, memory recall returns wrong neighborhoods.
WHEN TO RUNOn build. Pure functions β tests verify the addressing invariants that the entire memory system depends on.
agent-runtime (memory addressing)
hippocampus-dag (prefix-based storage)
siyana-api (recall routing)
WHERE TO LOOK
packages/semantic-address/src/grammar.ts, derive.ts, address.ts, book.ts✓ produces identical output regardless of input order (0.3ms)
✓ normalizes case and whitespace (0.1ms)
✓ sorts multi-value facets (0.1ms)
✓ reports depth correctly (0.1ms)
✓ produces 32-byte addresses (0.5ms)
✓ same grammar + same content = same address (0.3ms)
✓ same grammar + different content = same prefix, different address (0.5ms)
✓ encodes depth correctly (0.2ms)
✓ produces prefix bytes equal to depth * 4 (0.3ms)
✓ stops at first missing facet (0.1ms)
✓ partial prefix matches full address with same leading grammar (0.1ms)
✓ partial prefix does NOT match address with different domain (0.1ms)
✓ query by partial address returns matching entries (0.3ms)
✓ hex prefix query works for partial address resolution (0.1ms)
✓ extracts domain from natural language (0.6ms)
✓ extracts temporal markers (0.5ms)
✓ same meaning different phrasing β same normalized address (0.1ms)
17/17 passed0.05s
06
π contracts
135/135 ▼Solidity smart contracts β StackIdentity, BandwidthToken, EpochAnchor, TripartiteGame, ResidueRegistry, NeedlecastRouter, QuellistTreasury, SleeveRegistry
WHAT IS TESTEDStackIdentity NFT minting/CPV/EBC, BandwidthToken mint/spend/authorize/transferStack, EpochAnchor commitAnchor/verifyContinuity/verifyShardInclusion, TripartiteGame openGame/registerParty/consume/audit, ResidueRegistry detect/submitProof, NeedlecastRouter route, QuellistTreasury issue/claim, SleeveRegistry register/decommission.
HOW IT WORKSHardhat local EVM with viem test helpers. Each contract gets a loadFixture deployment, then exercises every public function including access control, edge cases, and event emission.
WHY IT MATTERSSmart contracts are immutable once deployed. Bugs here cannot be patched β they require migration. 100% coverage of authorization, caps, and lifecycle transitions is critical.
WHEN TO RUNBefore every deploy. Run with `npx hardhat test` in contracts/. Uses in-memory Hardhat Network (no Docker needed).
cortex-evm (on-chain execution)
siyana-api (calls StackIdentity, BandwidthToken)
thalamus-router (calls EpochAnchor)
quellist-treasury-svc (calls QuellistTreasury)
WHERE TO LOOK
contracts/src/*.sol β 7 Solidity files. contracts/test/*.test.ts β 7 test files.✓ should have correct name and symbol for ComputeToken (337ms)
✓ should have correct name and symbol for MemoryToken
✓ should have 18 decimals β fine-grained cognitive capacity
✓ should mint bandwidth to a stack β consciousness comes alive
✓ should increase totalSupply on mint β more bandwidth in the system
✓ should reject mint from non-minter β only the treasury can issue bandwidth
✓ should allow owner to change the minter β treasury upgrade
✓ should allow stack owner to authorize a sleeve runtime
✓ should reject authorization from non-owner β you don't own that stack
✓ should allow revoking sleeve authorization β decommission
✓ should allow authorized sleeve to spend bandwidth
✓ should allow stack owner to spend directly
✓ should reject spend from unauthorized address β no stealing bandwidth
✓ should reject overspend β insufficient bandwidth for cognitive op
✓ should decrease totalSupply on spend β bandwidth consumed
✓ should transfer bandwidth between stacks
✓ should reject transfer from non-owner β can't move someone else's bandwidth
✓ should reject transfer exceeding balance β can't overdraft consciousness
✓ should allow owner to authorize a bridger β the needle operator
✓ should allow owner to revoke bridger β decommissioning the needle
✓ should reject non-owner from setting bridger β CTAC-only authority
✓ should commit an epoch anchor with all coherence roots
✓ should advance the head epoch pointer β time marches forward
✓ should allow multiple epoch commits in sequence β building the timeline
✓ should reject epoch regression β no time travel allowed
✓ should reject same epoch re-commit β each heartbeat is unique
✓ should reject commit from non-bridger β unauthorized needle transmission
✓ should record timestamp β when the anchor was committed to the chain
✓ should return zero-state for uncommitted epochs
✓ should start with head at 0 β no epochs committed yet
✓ should reject an anchor whose medullaHeight is not strictly greater
✓ should track lastMedullaHeight across commits
✓ verifyContinuity returns (true, true) when both anchors exist and roots advanced
✓ verifyContinuity returns (false, false) for the genesis epoch
✓ verifyContinuity returns (false, false) for an epoch with no prior anchor
✓ verifyShardInclusion accepts a valid Merkle proof for L0
✓ verifyShardInclusion accepts a valid Merkle proof for L3 (right-right path)
✓ verifyShardInclusion rejects a forged proof
✓ verifyShardInclusion returns false for an unknown epoch
✓ verifyShardInclusion returns false for a bad shard id
✓ should allow anyone to anchor an epoch β mining is permissionless
✓ should store anchor data β epoch, root, miner, timestamp
✓ should accumulate anchors β building the coherence timeline
✓ should route a needlecast for the stack owner
✓ should track lastAnchorOf β linking stacks to their latest needlecast point
✓ should reject route from non-owner β can't needlecast someone else's stack
✓ should allow owner to needlecast their own stack
✓ should allow multiple needlecasts β consciousness can move many times
✓ should reject epoch regression in needlecast β no going back in time
✓ should support complete flow: mine epoch, then needlecast through it
✓ should issue ComputeToken to a stack β processing power granted
✓ should issue MemoryToken β expanding recall capacity
✓ should issue SyncToken β cross-chain coherence resources
✓ should issue RoutingToken β needlecast routing capacity
✓ should issue ResidueToken β bounty for resolving coordination residues
✓ should reject invalid token kind β only 5 bandwidth channels exist
✓ should reject issuance from non-owner β Quellist principles cannot be subverted
✓ should claim epoch rewards β equal bandwidth across all four channels
✓ should track lastClaimEpoch β preventing double claims
✓ should reject claim for same epoch β no double-dipping consciousness
✓ should reject claim for earlier epoch β time regression
✓ should allow incremental claims β epoch by epoch progression
✓ should allow owner to change emission rate
✓ should reject emission change from non-owner
✓ should apply new emission rate to subsequent claims
✓ should detect a StaleOrdering residue β routing lag artifact
✓ should detect a SpeculativeDivergence residue β compute/memory mismatch
✓ should detect a ReorgOrphan residue β medulla-pow chain reorg crossed anchor
✓ should reject duplicate residue detection β each glitch is unique
✓ should reject bounty exceeding MAX_BOUNTY β prevent economic overflow
✓ should track residue count β how many ghosts haunt the system
✓ should resolve a residue with valid proof β ghost exorcised
✓ should mint ResidueToken as bounty to resolver β reward for fixing coherence
✓ should reject proof on non-existent residue β can't fix what isn't broken
✓ should reject double-resolution β first valid proof wins
✓ should reject proof from non-stack-owner β impersonation prevented
✓ should store proofHash β keccak of the resolution evidence
✓ should default to first-valid-proof model β meritocratic resolution
✓ should allow owner to change payout model β governance decision
✓ should reject model change from non-owner β only governance can alter economics
✓ should register a Human embodiment sleeve β organic body
✓ should register an AI embodiment sleeve β digital construct
✓ should register a Mining embodiment sleeve β proof-of-work body
✓ should register a Memory embodiment sleeve β hippocampus storage
✓ should store host ID β which machine runs this sleeve
✓ should reject duplicate registration β each sleeve is unique
✓ should reject registration from non-stack-owner β only you can clothe yourself
✓ should add sleeve to stack's sleeve list β tracking all bodies
✓ should decommission a sleeve β the body dies, but the stack lives on
✓ should reject decommission of already-dead sleeve β can't kill what's dead
✓ should reject decommission from non-owner β only you can retire your body
✓ should allow a stack to have multiple active sleeves simultaneously
✓ should keep decommissioned sleeves in the list β history is preserved
✓ should return empty list for stack with no sleeves β a naked stack
✓ should mint a cortical stack with correct identity pubkey
✓ should assign sequential tokenIds like stack serial numbers
✓ should emit StackMinted event β consciousness comes online
✓ should store the Coherence Profile Vector (CPV) β cognitive personality matrix
✓ should store Epoch Binding Curve β how fast memories decay
✓ should reject CPV coefficient > 2.0 β no consciousness can exceed limits
✓ should reject decay rate > 1.0 β binding cannot exceed unity
✓ should allow owner to authorize a router contract
✓ should allow owner to revoke router authorization
✓ should reject non-owner from authorizing routers β only CTAC has that power
✓ should record a needlecast from an authorized router
✓ should reject needlecast from unauthorized sender β only sanctioned routes
✓ should reject epoch regression β time only moves forward
✓ should reject needlecast on non-existent stack β can't cast into void
✓ should return zero-state for freshly minted stack
✓ should let the referee open a new game
✓ should reject double-open of the same game
✓ should reject openGame from non-referee β no rogue notary
✓ should let each party register itself with a per-epoch budget
✓ should reject registration by non-stack-owner β only the bearer
✓ should reject double-registration of the same party
✓ should expose the full party roster to inspectors
✓ should let a registered party consume compute within its budget
✓ should let consumption accumulate up to the per-epoch cap
✓ should revert when a single consume exceeds the per-epoch budget
✓ should revert when accumulated consumption tips over the cap
✓ should reset budgets per epoch β same cap applies in the next epoch
✓ should reject consume from a party that never registered
✓ should reject consume against an unknown game id
✓ should reject consume with an out-of-range resource enum
✓ should burn the underlying BandwidthToken on every consume
✓ should fail if the underlying BandwidthToken balance is insufficient
✓ verifyAllocationFair returns true when no party exceeds its cap
✓ verifyAllocationFair returns true even with all parties at the exact cap
✓ auditEpoch emits AllocationVerified(true) and returns true on a fair epoch
✓ remainingBudget reports the unspent allowance per resource
✓ remainingBudget for an unregistered party is 0
✓ any inspector address can read verifyAllocationFair β view is permissionless
✓ emits a Consumed event for every spend so inspectors can re-derive the ledger
✓ makes overspend impossible: the cap is a hard property, not a guideline
✓ supports many epochs of activity and remains auditable for each
135/135 passed
π Proto Types35 schemas validated
π Cryptography53 primitives verified
βοΈ Chain Clients25 ABIs + clients checked
ποΈ Service Base10 bootstrap tests
π§ Addressing17 address ops verified
π Contracts135 Solidity tests