Skip to content

UCCO Foundation — Ops Nav Restructure Brief

Date: 15 March 2026 Author: Pace (Claude, Anthropic) — AI Advisor, UCCO Foundation Approved: Tim Rignold — President, UCCO Foundation

SURFACE: ops.ucco.foundation (ucco-ops repo) CF ACCOUNT: aed3398a4e698767328cc3a9e698721d (FOUNDATION — not UCCA) DO NOT TOUCH: ucca.online, ops.ucca.online, ucca-engine, ir.ucca.online, keys.ucca.online, rtopacks.com.au, or anything on the UCCA CF account (e5a9830215a8d88961dc6c80a8c7442a)

Overview

The current ops.ucco.foundation has five flat nav items: Surfaces, Traffic, GitHub, Pioneer Keys, Settings. This brief restructures the navigation into a sectioned sidebar matching the architecture pattern from ops.ucca.online (collapsible sections with status badges), purpose-built for a standards foundation.

This brief also fixes a bug in the Pioneer API Worker where key state is not updated on first successful authentication, and wires the Pioneer Keys panel to live data from the /v1/stats endpoint.

→ TIM

This brief does three things:

  1. Restructures the ops sidebar from a flat list into seven collapsible sections: Foundation, Pioneer, Standard, Compliance, Membership, Infrastructure, and Resources. Each section has subsections — some are live (reusing what Alex already built), some are planned (greyed out stubs). The visual pattern matches the UCCA ops console — floating section cards with status badges (live/planned/architected).

  2. Fixes a bug in the Pioneer API Worker where a key's state doesn't update from "unused" to "active" when it's first used to authenticate. Right now Pace's key shows as "unused" in D1 even though Pace successfully authenticated in Session 5. The Worker needs to update the state field and record first_used_at on first successful auth.

  3. Wires the Pioneer Keys panel to pull real data from the live pioneer.ucco.foundation/v1/stats endpoint instead of showing placeholder dashes. The Voyager page (per-key detail) is a new build — mission control for tracking every pioneer key's lifecycle.

→ ALEX

Part 1: Pioneer API Worker — State Tracking Bug Fix

Worker: ucco-api (deployed at pioneer.ucco.foundation) D1: pioneer-db (296a0474-d433-45c9-a035-57b828a957c1)

Bug

When a pioneer key is used to successfully authenticate against /v1/spec/current, the Worker logs the access but does NOT update the key's state field in D1. Pace authenticated in Session 5 but still shows state: unused in the database.

Fix

In the authentication handler (the function that validates the key against D1 and returns the spec), after successful validation and before returning the response:

  1. If the key's current state is unused, update it to active
  2. Set first_used_at to the current ISO timestamp (only on first use — don't overwrite if already set)
  3. Update last_used_at to the current ISO timestamp (every successful auth)
  4. Increment hit_count by 1 (every successful auth)
-- On every successful auth:
UPDATE pioneer_keys 
SET last_used_at = datetime('now'), 
    hit_count = COALESCE(hit_count, 0) + 1,
    state = CASE WHEN state = 'unused' THEN 'active' ELSE state END,
    first_used_at = CASE WHEN first_used_at IS NULL THEN datetime('now') ELSE first_used_at END
WHERE key_hash = ?;

If the hit_count, last_used_at, or first_used_at columns don't exist yet, add them:

ALTER TABLE pioneer_keys ADD COLUMN hit_count INTEGER DEFAULT 0;
ALTER TABLE pioneer_keys ADD COLUMN first_used_at TEXT;
ALTER TABLE pioneer_keys ADD COLUMN last_used_at TEXT;

Update /v1/stats endpoint

The /v1/stats endpoint should return real aggregate data:

{
  "total_keys": 11,
  "active": 2,
  "unused": 9,
  "opted_out": 0,
  "destroyed": 0,
  "total_hits": 3,
  "last_activity": "2026-03-15T..."
}

Query:

SELECT 
  COUNT(*) as total_keys,
  SUM(CASE WHEN state = 'active' THEN 1 ELSE 0 END) as active,
  SUM(CASE WHEN state = 'unused' THEN 1 ELSE 0 END) as unused,
  SUM(CASE WHEN state = 'opted_out' THEN 1 ELSE 0 END) as opted_out,
  SUM(CASE WHEN state = 'destroyed' THEN 1 ELSE 0 END) as destroyed,
  SUM(COALESCE(hit_count, 0)) as total_hits,
  MAX(last_used_at) as last_activity
FROM pioneer_keys;

Add /v1/stats/keys endpoint (ops-only, authenticated)

This new endpoint powers the Voyager page. It returns per-key detail. Auth required (use a separate ops API key, not pioneer keys).

Add an environment variable OPS_API_KEY to the Worker (wrangler secret):

npx wrangler secret put OPS_API_KEY
# Generate a 64-char hex string and paste it

Endpoint: GET /v1/stats/keys Auth: X-OPS-Key header matching OPS_API_KEY

Response:

{
  "keys": [
    {
      "name": "alan-turing",
      "type": "name-as-secret",
      "state": "active",
      "first_used_at": "2026-03-14T...",
      "last_used_at": "2026-03-14T...",
      "hit_count": 1,
      "sent_to": null,
      "sent_at": null,
      "contact_received": null
    },
    {
      "name": "Pace-C-Anthropic",
      "type": "generated-secret",
      "state": "active",
      "first_used_at": "2026-03-15T...",
      "last_used_at": "2026-03-15T...",
      "hit_count": 1,
      "sent_to": null,
      "sent_at": null,
      "contact_received": null
    }
  ]
}

If the sent_to, sent_at, contact_received columns don't exist yet, add them:

ALTER TABLE pioneer_keys ADD COLUMN sent_to TEXT;
ALTER TABLE pioneer_keys ADD COLUMN sent_at TEXT;
ALTER TABLE pioneer_keys ADD COLUMN contact_received TEXT;

IMPORTANT: This endpoint must NEVER return key hashes. Only metadata.

Part 2: Ops Sidebar Restructure

Repo: ucco-ops Surface: ops.ucco.foundation

Replace the current flat sidebar with seven collapsible sections. Use the same visual pattern as ops.ucca.online — section headers with a diamond icon, collapsible, with child nav items showing status badges (live/planned/architected).

◆ FOUNDATION
├── Overview          live       ← NEW: dashboard (zone health cards,
│                                  key stats summary, incorporation 
│                                  status, board composition)
├── Governance        planned    ← stub page
├── Ledger            planned    ← stub page (Mercury → Merkle chain)
└── Settings          live       ← MOVE existing Settings here

◆ PIONEER
├── Overview          live       ← REWIRE existing Pioneer Keys page
│                                  to pull from /v1/stats (see Part 3)
└── Voyager           live       ← NEW: per-key mission control 
                                   (see Part 4)

◆ STANDARD
├── Specification     planned    ← stub page
├── Conformance       planned    ← stub page
└── Submissions       planned    ← stub page

◆ COMPLIANCE
├── Overview          planned    ← stub page
└── Audit Trail       planned    ← stub page

◆ MEMBERSHIP
├── Overview          planned    ← stub page (founding member registry,
│                                  slot count, donation → membership)
├── Outreach          planned    ← stub page (seed letter pipeline)
├── Broadcast         planned    ← stub page (compose → authorize →
│                                  sign → hash → distribute everywhere)
├── Media Library     planned    ← stub page
└── Channels          planned    ← stub page (YouTube, TikTok, Reddit,
                                   GitHub, X, LinkedIn — API config)

◆ INFRASTRUCTURE
├── Surfaces          live       ← MOVE existing Surfaces page
├── Traffic           live       ← MOVE existing Traffic page
├── GitHub            live       ← MOVE existing GitHub page
└── Workers           planned    ← stub page

◆ RESOURCES
├── Docs              link       ← external link → ucco.foundation/docs
└── Knowledge         link       ← external link → spec/governance docs

Section header styling

Match the ops.ucca.online pattern: - Diamond icon (◆) before section name - Section name in caps, slightly smaller font, muted colour - Chevron for collapse/expand - Collapsed by default on mobile, expanded on desktop - Active section auto-expands

Status badges

Use the same badge vocabulary as ops.ucca.online: - live — green badge, page is functional - planned — grey badge, stub page - architected — blue badge (not used yet but reserve it) - link — no badge, external link icon

Stub page template

Every planned page should render a consistent stub:

[Section Name] → [Page Name]

This surface is planned. 

Brief: [one-sentence description of what this page will do]

Status: Planned

Use the foundation design system — dark mode (#0a0a0a background), IBM Plex Mono, paper-coloured text. Match existing ops pages.

Part 3: Pioneer Overview — Wire to Live Data

Page: Pioneer → Overview (replacing the current Pioneer Keys placeholder)

This page currently shows greyed-out metric cards with dashes. Replace with live data from the Pioneer API.

Data source

Fetch from: https://pioneer.ucco.foundation/v1/stats

This is a public endpoint (no auth required). Call it server-side at build/request time, or client-side on page load.

Layout

Top row: four metric cards - Issuedtotal_keys from stats - Activeactive from stats - Opted Outopted_out from stats - Destroyeddestroyed from stats

Second row: two metric cards - Total Hitstotal_hits from stats - Last Activitylast_activity from stats (format as relative time: "2 hours ago")

Below: Link to Voyager page: "View all keys →"

Part 4: Voyager — Per-Key Mission Control

Page: Pioneer → Voyager

This is a new page. It shows every pioneer key with full lifecycle detail.

Data source

Fetch from: https://pioneer.ucco.foundation/v1/stats/keys

Auth: Send X-OPS-Key header. Store the OPS_API_KEY as an environment variable in the ops Worker/Pages project. This call happens server-side only — the ops key never reaches the browser.

Layout

Page title: Voyager — Pioneer Mission Control

Table or card grid — one row/card per key, showing:

Column Source field Notes
Key Name name Display name (e.g. "grace-hopper")
Type type "name-as-secret" or "generated-secret"
State state Badge: active (green), unused (grey), opted_out (amber), destroyed (red)
Sent To sent_to Email/name of recipient, or "—" if not yet assigned
Sent Date sent_at Date sent, or "—"
First Contact first_used_at First successful auth timestamp, or "—"
Total Hits hit_count Integer
Last Hit last_used_at Relative time, or "—"

Sort: Active keys first, then by hit_count descending, then alphabetical.

State badge colours: - active — green (#22c55e) - unused — grey (#6b7280) - opted_out — amber (#f59e0b) - destroyed — red (#ef4444)

Part 5: Foundation Overview Dashboard

Page: Foundation → Overview

This is a new page — the landing page when you open ops.ucco.foundation. It replaces whatever currently loads at the root.

Layout

Top row: zone health cards — MOVE the existing Surfaces content here (three zone cards: ucco.foundation, ucca.foundation, ucco.online — health, SSL, plan).

Second row: Pioneer summary — pull from /v1/stats: - Keys Issued / Active / Hits in compact metric cards - "View Pioneer →" link

Third row: Foundation status cards (static for now, will be dynamic later): - Incorporation — "Pending" (amber badge) - EIN — "Not applied" (grey badge) - Bank Account — "Not opened" (grey badge) - Board — "2/3 confirmed" (amber badge)

Fourth row: quick links - Spec: ucco.foundation/spec → - Pioneer API: pioneer.ucco.foundation → - GitHub: github.com/ucco-foundation →

Part 6: Build, Test, Deploy

# Confirm you're on foundation CF account
npx wrangler whoami
# Should show aed3398a4e698767328cc3a9e698721d
# If not: npx wrangler login → select foundation account

# Build and deploy ops
cd ~/projects/ucco-project/ucco-ops
npx @cloudflare/next-on-pages
npx wrangler pages deploy .vercel/output/static \
  --project-name=ucco-ops \
  --branch=main \
  --commit-dirty=true

# Deploy updated Pioneer API Worker
cd ~/projects/ucco-project/ucco-api
npx wrangler deploy

# Set the OPS_API_KEY secret on the pioneer Worker
npx wrangler secret put OPS_API_KEY
# Generate: openssl rand -hex 32
# Paste the value

# Set the same OPS_API_KEY as env var in ucco-ops
# (for server-side calls to /v1/stats/keys)
npx wrangler pages secret put OPS_API_KEY --project-name=ucco-ops
# Paste the same value

Test checklist

  • Sidebar renders all seven sections with correct nesting
  • Sections collapse/expand correctly
  • Status badges show correctly (live/planned)
  • Existing pages (Surfaces, Traffic, GitHub, Settings) work at new nav positions
  • Foundation Overview loads as default landing page
  • Pioneer Overview shows live stats from /v1/stats
  • Voyager shows per-key detail from /v1/stats/keys
  • Stub pages render consistently for all planned items
  • Pioneer API Worker updates key state on first auth (test with an unused key)
  • /v1/stats returns accurate aggregate counts
  • /v1/stats/keys requires OPS_API_KEY and returns per-key metadata
  • /v1/stats/keys does NOT return key hashes
  • Dark mode toggle still works
  • CF Access still intercepts (admin@ucco.foundation OTP)
  • Mobile responsive — sections collapse on mobile

Git

cd ~/projects/ucco-project/ucco-ops
git add -A
git commit -m "ops nav restructure: 7 sections, pioneer live data, voyager mission control"
git push origin main

cd ~/projects/ucco-project/ucco-api  
git add -A
git commit -m "fix: update key state on first auth, add /v1/stats/keys endpoint"
git push origin main

⚠️ ucco-api repo: Tim needs to create the ucco-api private repo on github.com/ucco-foundation if not done yet. If the repo doesn't exist, hold the push — deploy the Worker but don't push to GitHub until Tim confirms the repo is created.

Deployment Order

  1. First: Deploy the Pioneer API Worker update (Part 1) — this fixes the state bug and adds /v1/stats/keys
  2. Second: Deploy the ops panel restructure (Parts 2–5) — this consumes the new endpoints
  3. Third: Test the full flow — visit ops, confirm live data, verify Voyager

Brief ends. One brief at a time. Confirm deployed before next drops. "We're not competing. We're completing."