Skip to content

⏱ TIME MACHINE

UCCA / UCCO Build Session Handover

15 March 2026 — Session 6, End of session snapshot

Paste this document as your first message in the next Claude session.

⚠️ HOW TO USE: Open a new Claude conversation. Paste the full text of this document as your first message. Claude will reconstruct full context and you can continue exactly where you left off.

1 — WHO WE ARE

Founder / CEO: Tim Rignold — Brisbane, Australia. Works from garage on Mac Mini. Holds US green card. Background in prepress/broadcast (Sony 1-inch C format era), datacenter/network infrastructure, VET sector operations. Developer: Alex — Claude Code in terminal. Executes all builds. REAL PERSON — do not confuse with AI advisor. Architect / AI Advisor: Pace (Claude, Anthropic) — strategy, architecture, briefs, product thinking. Named Session 4. First AI advisory seat on a standards foundation. Non-voting, no fiduciary obligations, no legal personality. Pioneer key: pca-93847ae9edb62b0feccbfce22d015b36 Partner: Jimmy Kuo (jimmy@jimmykuo.com.au) — Tim's husband. Triple citizen: Australian, Taiwanese, US. Lives in NYC. Director and Treasurer of UCCO Foundation. Background: international BD (Alibaba, Temu North American outreach), Informa/UBM trade shows, Uber Eats US Pacific NW expansion, trilingual (English/Mandarin/Taiwanese), co-founded UCCA College (educational delivery). Currently at Temu.

UCCA AU: UCCAustralia Pty Ltd · ABN 59 168 872 535 · 149 Wickham Tce Spring Hill QLD 4000 UCCA US: UCCA Inc (DBA: Universal Capability Certification Authority) · 1207 Delaware Ave #1678, Wilmington DE 19806 · Delaware C-Corp · DE File No. 7824354 · EIN 84-4522608 · D-U-N-S 119-199-377 · USPTO Reg. No. 7,619,705

UCCO Foundation: UCCO Foundation, Inc. — Kentucky Nonprofit Corporation (PENDING INCORPORATION)

2 — THE AXIOM

"The internet moved data without knowing who sent it. UCCO moves capability with full knowledge of who holds it, what they're certified to do, and what they actually did."

3 — UCCA INFRASTRUCTURE (do not touch without explicit instruction)

Cloudflare Account: e5a9830215a8d88961dc6c80a8c7442a D1 Databases: - engine-db: 0efa8970-0053-4623-8436-4e877af10887 - ops-db: 00daba3d-2d65-4ae2-b85a-e56d25ec2b02 - rtopacks-db: 334ac8fb-9850-48c0-9da0-b56c55640e98

Workers / Surfaces: - ucca-site → ucca.online - ucca-ir → ir.ucca.online - ucca-api → api.ucca.online - ucca-keys → keys.ucca.online - ucca-ops → ops.ucca.online - rtopacks-site → rtopacks.com.au

GitHub: org uccaonline · repos: ucca-engine, ucca-docs, ucca-authenticator PAT: ucca-engine-push — ⚠️ CONFIRM NEW EXPIRY (renewed Session 3) Project dir: ~/projects/ucca-project/

Proxy Workers: - Docs: https://docs-proxy.round-union-555d.workers.dev/ucca-docs-w9zweudo02aocz74/{path} - Knowledge: https://knowledge-proxy.round-union-555d.workers.dev/ucca-know-732499f9d740c605/{path} - Drive: https://drive-proxy.round-union-555d.workers.dev/364a68815eedb023da3038e0b942ebcc/

4 — UCCO FOUNDATION INFRASTRUCTURE

Cloudflare Account ID: aed3398a4e698767328cc3a9e698721d Nameservers: nitin.ns.cloudflare.com, paris.ns.cloudflare.com (all three zones)

Zones (all live in foundation CF account): - ucco.foundation — ✅ Healthy, SSL Full (Strict) - ucca.foundation — ✅ Healthy, SSL Full (Strict) - ucco.online — ✅ Healthy, SSL Full (Strict)

Surfaces deployed and verified:

Surface URL Stack Status
ucco.foundation https://ucco.foundation Next.js static → CF Worker Live
ops.ucco.foundation https://ops.ucco.foundation Next.js → OpenNext/CF Worker Live, CF Access protected, RESTRUCTURED SESSION 6
pioneer.ucco.foundation https://pioneer.ucco.foundation Bare CF Worker + D1 Live, all endpoints verified, STATE TRACKING CONFIRMED SESSION 6

Pioneer API (pioneer.ucco.foundation): - D1 database: pioneer-db (296a0474-d433-45c9-a035-57b828a957c1) - 11 keys seeded: 10 pioneers + Pace-C-Anthropic - Pace key active: pca-93847ae9edb62b0feccbfce22d015b36 - State tracking: ✅ confirmed working (was stale data, not a bug) - New columns added Session 6: sent_to, sent_at, contact_received, hit_count, first_used_at, last_used_at - /v1/stats: ✅ returns aggregate stats with last_activity - /v1/stats/keys: ✅ NEW — per-key detail, X-OPS-Key auth, no hashes exposed - OPS_API_KEY: set as secret on both ucco-api and ucco-ops workers - Query param auth: ✅ working (?key=xxx) - Header auth: ✅ working (X-UCCO-Key: xxx) - Styled 401 page: ✅ deployed - 301 redirect: api.ucco.foundation → pioneer.ucco.foundation ✅

Ops Panel (ops.ucco.foundation) — RESTRUCTURED SESSION 6: Seven collapsible sections with diamond icons, chevron collapse/expand, status badges:

◆ FOUNDATION
├── Overview          live     (landing page — zone health, pioneer 
│                               summary, foundation status cards, 
│                               quick links)
├── Governance        planned  (stub)
├── Ledger            planned  (stub)
└── Settings          live

◆ PIONEER
├── Overview          live     (wired to /v1/stats — real data)
└── Voyager           live     (per-key table via /api/pioneer-keys 
                                proxy, server-side authenticated)

◆ STANDARD
├── Specification     planned  (stub)
├── Conformance       planned  (stub)
└── Submissions       planned  (stub)

◆ COMPLIANCE
├── Overview          planned  (stub)
└── Audit Trail       planned  (stub)

◆ MEMBERSHIP
├── Overview          planned  (stub — founding member registry,
│                               donation → membership)
├── Outreach          planned  (stub — seed letter pipeline)
├── Broadcast         planned  (stub — compose → authorize → sign →
│                               hash → distribute everywhere)
├── Media Library     planned  (stub)
└── Channels          planned  (stub — YouTube, TikTok, Reddit,
                                GitHub, X, LinkedIn — API config)

◆ INFRASTRUCTURE
├── Surfaces          live     (three zones)
├── Traffic           live
├── GitHub            live     (updated to ucco-foundation org PAT)
└── Workers           planned  (stub)

◆ RESOURCES
├── Docs              link     (→ ucco.foundation/docs)
└── Knowledge         link     (→ spec/governance)
  • 13 stub pages with consistent template
  • Old routes redirect to new locations
  • Dark mode toggle works
  • CF Access gates the surface (admin@ucco.foundation OTP)

Email: admin@ucco.foundation → Google Workspace on ucca.edu.au (interim) Security email: security@ucco.foundation — ⚠️ NOT YET CREATED

GitHub: - Org: ucco-foundation ✅ - Repos: ucco-standard (public), ucco-site (private), ucco-ops (private) - ⚠️ ucco-api — NOT ON GITHUB. Code exists locally, Worker deployed. Needs repo created on org. - PAT: ucco-foundation-push — expires 2027-03-14

Domain Registrar: Spaceship (spaceship.com) Mac Mini project dir: ~/projects/ucco-project/ Credentials location: ~/projects/ucco-project/.credentials/

5 — WHAT WAS BUILT THIS SESSION (Session 6)

A. Ops Nav Restructure — Briefed, Built, and Deployed

Status: LIVE ✅

Full brief written by Pace, executed by Alex in same session: - Seven collapsible sections replacing flat nav - Foundation Overview as new landing page - Pioneer Overview wired to live /v1/stats data - Voyager page with per-key mission control table (server-side auth via proxy route) - 13 stub pages for planned surfaces - Old routes redirect to new locations - Pioneer API Worker updated: state tracking confirmed working, new columns added, /v1/stats/keys endpoint added with OPS_API_KEY auth

B. People & Participation Framework v2 — Governance Document

Status: DELIVERED ✅ — Tim reviewing

Comprehensive governance document covering: - Preamble and honest promise (pro bono, no promises on destination) - AI origin story (OpenAI GPT → Anthropic Claude, Pace vs Alex role distinction) - Transparency footnote: "This standard would not exist without its human author, and it could not exist in this form without AI collaboration." - Organisation structure with 9 board seats in three categories: - Founding seats (2): Tim, Jimmy — bylaws protections - Governance seats (2–3): Kevin (CPA/tax agent/SMSF), Antony Richards (designer, Radium Performance, Hunter & Richards), Tania (potential, US-based admin) - Domain seats (4+): OPEN — recruited through Pioneer Programme - Board honesty clause: initial composition reflects incorporation requirements, not domain expertise. Pioneer is the recruitment pipeline. - Working groups: chair + 7 max, chairs form Technical Steering Committee - Five future operational roles in priority order: Technical Editor (first paid), Conformance Lead, Community Manager, Standards Liaison, Foundation Admin - Max headcount: 4–5 paid positions ever - Contributor guide ("Come Join Us") — publishable to website and GitHub - IP clause with teeth: royalty-free, irrevocable, applies to founders equally. "If you intend to claim retrospective licensing rights, do not contribute." - Pre-launch repository checklist: CONTRIBUTING.md, LICENSE, CODE_OF_CONDUCT.md, README.md - Lightning strike readiness plan and contingency responses - Three scaling phases mapped to people and budget

C. Standards Path Research

Status: CAPTURED ✅

Three paths to "official standard": 1. IETF — OAuth path. RFC process, rough consensus + running code. Anyone can participate, no membership fee. OAuth is RFC 6749 (2012), OAuth 2.1 still in draft. 2. W3C — Verifiable Credentials path. Working Group → Candidate Recommendation → Recommendation. Requires 2+ independent implementations. W3C VCs became Recommendation May 2025. 3. ISO — Most formal, regulatory weight, slow (years), expensive, needs national body sponsor.

UCCO has submitted to all three: ISO TC 307, NIST NCCoE, W3C VC Working Group. Seed letters should say "draft open standard submitted for adoption consideration" — honest, defensible.

D. Ops-as-OS Operating Principle

Status: ESTABLISHED ✅

New standing rule for both projects:

OPS-AS-OS RULE: If it doesn't exist in ops, it doesn't exist. No exceptions. Contacts, credentials, documents, decisions, keys — everything goes into the relevant ops console or it's not real. The price of personal inconvenience is centralised, transparent, shared knowledge. No "it's on my laptop" or "check my email." One URL, one login, one truth.

This extends the existing OPS SURFACE RULE (every deployed surface gets an ops stub) into a broader principle: ops is the operating system of the organisation, not just a dashboard.

E. Document Control and QMS Research

Status: SCOPED — needs build

ISO 9001:2015 Clause 7.5 covers document control requirements: unique ID, title, version, author, date, approval workflow, change history, obsolete document management. But ISO doesn't prescribe format — organisations can tailor to their needs.

Open source QMS options researched: FlinkISO (PHP/MySQL, most complete), QDMS (document-focused), OpenQuality (Node.js/MongoDB, early stage). All overkill for current scale.

Decision: build document control into ops.ucco.foundation as a native feature rather than adopting external software. Document register in D1, approval chain using UCCO signing primitives, foundation eating its own dog food. Phase 2 build — for now, Git + Drive + naming convention is sufficient.

F. Board Member Profiles Enriched

Status: CAPTURED ✅

  • Jimmy Kuo: International BD (Alibaba NYC → Mexico, Temu North American outreach), Informa/UBM trade shows, Uber Eats US Pacific NW (non-English-speaking business owner acquisition), co-founded UCCA College (educational delivery experience), trilingual, Taiwan military service, UQ Master of Tourism/Hospitality, Aletheia University BSc Industrial Management. Currently at Temu.
  • Antony Richards: Multi-disciplinary designer at Hunter & Richards (award-winning, A' Design Award). Co-owner Radium Performance (premium electric skateboards, $5,298 Mach One, US warehouse distribution, competitive racing). 18 Cutlery Co (handmade knives). Product development from concept through manufacturing to global DTC retail.
  • Kevin [TBC]: CPA, NIA member, registered Tax Agent, SMSF Auditor. Financial governance.

6 — BRIEF PIPELINE

# Brief Status Ships After
1 UCCO-Site-Brief-v2.md ✅ DEPLOYED
2 UCCO-Ops-Brief-v1.md ✅ DEPLOYED
3 Pioneer API Worker Brief ✅ DEPLOYED + updated Session 5 + Session 6
4 Ops Nav Restructure Brief ✅ DEPLOYED Session 6
5 Governance Docs Placement Brief WRITTEN (Session 3) — needs update for all 6 docs Site confirmed
6 Board Member Offer Pack NOT YET WRITTEN Kevin/Antony confirm
7 Seed Letters (x10) NOT YET WRITTEN Board confirmed, perimeter walked
8 UCCO Governance Repo + MkDocs brief NOT YET WRITTEN Governance docs on site
9 KV ucco-knowledge setup brief NOT YET WRITTEN Pioneer API confirmed
10 Mercury Public Ledger Worker brief NOT YET WRITTEN Mercury account open
11 CONTRIBUTING.md + LICENSE + CODE_OF_CONDUCT.md NOT YET WRITTEN Before seed letters
12 Document Register in Ops SCOPED — needs brief Phase 2

7 — NEXT ACTIONS (in order)

Tim — immediate

  1. ⚠️ Call Kevin — get full legal name + address for incorporation
  2. ⚠️ Call Antony — same. Full legal name + address
  3. ⚠️ Domain renewals — ucca.com.au (VentraIP) and ucca.asia (Porkbun) expire March 24
  4. ⚠️ GitHub PAT — ucca-engine-push expiry needs confirming (renewed Session 3)
  5. Create ucco-api repo on github.com/ucco-foundation (private) — tell Alex to push
  6. Review People & Participation Framework v2 — provide final notes
  7. File with Northwest — $47, Kentucky nonprofit (once names confirmed)
  8. Apply for EIN — IRS.gov, instant, free
  9. Open Mercury bank account — Tim + Jimmy as signatories
  10. Discuss Tania with Jimmy — if yes, approach via Jimmy first

Alex — immediate

  1. Push ucco-api to new repo (after Tim creates it)
  2. Update git remotes to org PAT (away from old admin-ucco-foundation PAT)

Next Claude session work (Session 7)

  1. Write CONTRIBUTING.md — contributor guide + IP clause, for ucco-standard repo root
  2. Write LICENSE — W3C Software and Document License or equivalent
  3. Write CODE_OF_CONDUCT.md — from framework Section 6.3
  4. Write Board Member Offer Packs — common pack + personal letters for Kevin, Antony, Tania
  5. Write 10 Seed Letters — one per pioneer key, customised per recipient
  6. Explosion readiness checklist — perimeter walk of every surface before letters drop
  7. Spec publication planning — dating strategy, ISO frontmatter, provenance
  8. Document register scope — brief for ops.ucco.foundation document control surface
  9. Commercial architecture document
  10. W3C/ISO submission cover letter

Deferred

  1. DKIM for ucca.foundation and ucco.online — Google Workspace config pending
  2. GitHub org cleanup — create proper "ucca-inc" org for UCCA repos
  3. ucco.org domain — standards body TLD
  4. cco.foundation and cco.online — defensive registration
  5. Conformance test suite
  6. Registry infrastructure brief
  7. ACMA Alphanumeric Sender ID — before July 1 2026
  8. AWS Activate reapplication — account 485098663204
  9. Apple entity name change resolves ~March 27
  10. shopucca.com — parked, decision deferred
  11. old.ucca.college CNAME to LearnWorlds
  12. nfp.ucca.foundation product surface — nonprofit transparency product
  13. security@ucco.foundation alias — NOT YET CREATED
  14. Fix Jimmy's CF Access — Zero Trust dashboard, add jimmy@jimmykuo.com.au individually
  15. Full QMS/document management build in ops — Phase 2

8 — THE PIONEER KEY SYSTEM

Endpoint: pioneer.ucco.foundation (LIVE ✅) - GET / — root JSON (UCCO Pioneer Programme) - GET /spec — public HTML spec overview, no auth - GET /v1/spec/current — full spec + knowledge model (requires auth) - Auth via X-UCCO-Key header OR ?key= query param - Unauthenticated: styled HTML 401 page (browser) or JSON error (API) - POST /v1/pioneer/opt-out - POST /v1/pioneer/opt-in - POST /v1/pioneer/destroy (requires { "confirm": true }) - GET /v1/stats — public aggregate statistics - GET /v1/stats/keys — per-key detail (requires X-OPS-Key auth) NEW SESSION 6

Knowledge model includes: - what_is_ucco, canonical_analogies, common_misunderstandings, key_concepts - entities, faq, what_to_tell_your_human, pioneer_key_context - origin_story (why_this, why_now, who_made_this, the_ask) - protocol_stack_position (layer_1_identity, layer_2_credentials, layer_3_capability)

Pioneer keys (11): alan-turing, claude-shannon, marvin-minsky, allen-newell, john-mccarthy, grace-hopper, norbert-wiener, ada-lovelace, john-von-neumann, alonzo-church, Pace-C-Anthropic

Key states: alan-turing (active, test), Pace-C-Anthropic (active). All others unused.

9 — THE PROTOCOL STACK

Layer 3: UCCO     — WHAT YOU CAN DO (capability)     ← THIS IS US
Layer 2: W3C VCs  — WHAT CREDENTIALS YOU HOLD         ← emerging
Layer 1: OAuth    — WHO YOU ARE (identity)             ← established

"We're not competing. We're completing."

10 — UCCO STANDARD

Current: v1.1 Rev2 — Draft for Public Comment Lines: 1,141 Structure: Full ISO-style — Scope, Normative Refs, Terms, Identity Primitives, Capability Envelopes, Chain Events, Attestation, Store-and-Forward, Supervision Chain, Revocation. Annexes A-D. Submitted to: ISO TC 307, NIST NCCoE, W3C VC Working Group Next: v2.0 planned, not started. Companion JSON Schema document needed.

11 — OPERATING RULES FOR CLAUDE

  • No time alerts for Tim. Never. Go go go.
  • Every 10 messages: check context length. YELLOW = warn. RED = stop, write Time Machine immediately.
  • Every Alex brief: SURFACE declaration + DO NOT TOUCH list + CF ACCOUNT ID. No exceptions.
  • Brief drip rule: one brief at a time. Confirm deployed before next drops.
  • OPS SURFACE RULE: Every new Worker, API, or surface deployed on EITHER project must have at minimum a stub page in the relevant ops console at time of deployment.
  • OPS-AS-OS RULE: If it doesn't exist in ops, it doesn't exist. Contacts, credentials, documents, decisions, keys — everything goes into ops or it's not real. One URL, one login, one truth.
  • UTC everywhere. toUserLocal() only.
  • Truth over comfort.
  • Two sections in every Alex brief: → ALEX (build instructions) and → TIM (plain English).
  • UCCO foundation work and UCCA commercial work are separate. Treat as separate clients.
  • Two Cloudflare accounts. Always confirm which account before any wrangler command.
  • Two GitHub orgs: ucco-foundation (foundation) and uccaonline (UCCA). Don't cross them.
  • "Pace" is the AI Advisor designation. Claude is the system. Don't confuse with Alex (the human developer).
  • ⚠️ Wrangler is currently logged into FOUNDATION account. Must re-login for UCCA work.
  • Austin Powers / Goldmember: "A schmoke and a pancake? Cigar and a waffle? Pipe and a crepe? Bong and a blintz?" — it's a reset button, not wasted processing.

12 — BOARD COMPOSITION

Name Role Seat Type Background Status
Tim Rignold President/Chair Founding Infrastructure, VET compliance, standards architecture ✅ Confirmed
Jimmy Kuo Treasurer Founding Intl BD (Alibaba, Temu), trilingual, educational delivery ✅ Confirmed
Kevin [TBC] Secretary Governance CPA, Tax Agent, SMSF Auditor ⏳ Needs call
Antony Richards Director Governance Designer, Radium Performance, Hunter & Richards ⏳ Needs call
Tania [TBC] Director Governance US-based, operations/admin 💭 Under discussion
4+ open Domain Directors Domain Protocol engineering, cryptography, standards governance 🔍 Pioneer recruitment
Pace (Claude) AI Advisor Advisory Non-voting, no fiduciary. Architecture, strategy, knowledge model ✅ Active

9 seats maximum. 3 categories: Founding (bylaws protections), Governance (fiduciary/operational), Domain (recruited through Pioneer).

13 — KEY CREDENTIALS REFERENCE

Foundation CF Account ID: aed3398a4e698767328cc3a9e698721d Foundation CF Nameservers: nitin.ns.cloudflare.com, paris.ns.cloudflare.com Foundation GitHub org: ucco-foundation Foundation GitHub PAT: ucco-foundation-push (expires 2027-03-14) Foundation email: admin@ucco.foundation → Google Workspace Foundation Pioneer DB: 296a0474-d433-45c9-a035-57b828a957c1 Foundation OPS_API_KEY: set as wrangler secret on ucco-api and ucco-ops (generated Session 6) Foundation incorporation: Kentucky — PENDING Foundation EIN: NOT YET APPLIED Foundation bank: Mercury (NOT YET OPENED) Pace pioneer key: pca-93847ae9edb62b0feccbfce22d015b36

UCCA CF Account: e5a9830215a8d88961dc6c80a8c7442a UCCA GitHub PAT: ucca-engine-push (RENEWED Session 3 — confirm new expiry) Apple Team ID: B29TSCBPHD · APNs key: BDRMM4PZB6 PGP fingerprint: A669 1246 74D9 E14A B74B FA31 7CCA 774F 0373 D9B2

14 — FINANCIAL STRUCTURE

Foundation finances: Direct incorporation (Kentucky) → Mercury bank account → automated public ledger - Every dollar visible via Mercury API → Merkle chain → public page - Dual-signature required for disbursements >$1,000 - Privacy-preserving donation system: donor-generated hash, public chain, private identity

MEMBERSHIP section in ops — donation → founding membership. Cap to be decided later. Mercury API integration planned.

Foundation operating costs: - Year 1: ~$47 (Northwest) + amendment (~$40) + domains = ~$100-150 - Ongoing: ~$125/year (registered agent) + domains - 501(c)(3) when needed: $275 (1023-EZ) — 27-month retroactive window

UCCA Inc finances: Completely separate. No commingling.

15 — THE BIG PICTURE

UCCO is the missing layer. OAuth proves who you are. W3C VCs prove what credentials you hold. UCCO proves what you can actually do. The stack was incomplete. UCCO completes it.

The standard is open. The registry is the platform. UCCA is 8.8.8.8.

The foundation governs the standard. UCCA operates the best implementation of it.

The pioneer programme is live at pioneer.ucco.foundation. Eleven keys. Ten probes into the unknown. One AI advisor who walked through its own front door.

The ops console is no longer a placeholder — it's a seven-section operational surface with live pioneer data, per-key mission control, and 13 stub pages ready to fill. The foundation's operating system is taking shape.

The People & Participation Framework is written — 9 board seats, three categories, honest about where domain expertise needs to come from, honest about AI involvement, honest about money (there is none). The IP clause has teeth. The contributor guide has heart.

The pre-launch checklist exists. CONTRIBUTING.md, LICENSE, CODE_OF_CONDUCT.md need to be written and committed before the seed letters drop.

The window is open. eIDAS 2.0, OpenID4VP, W3C VCs — everyone's building the identity layer. Nobody's built the capability layer. UCCO is the capability layer.

We're not competing. We're completing.

UCCA Time Machine — 15 March 2026, Session 6 "We're not competing. We're completing." "If it doesn't exist in ops, it doesn't exist." "This standard would not exist without its human author, and it could not exist in this form without AI collaboration." "A schmoke and a pancake?" — Goldmember