Mac Kapnet Launch — Deployment Package
``` ksp-bridge/ on SSD at /media/user/shared-rw/ksp-bridge/ ├── kapnetd/
Mac Kapnet Launch — Deployment Package
Package Contents
ksp-bridge/ (on SSD at /media/user/shared-rw/ksp-bridge/)
├── kapnetd/
│ ├── bin/kapnetd (17MB binary)
│ └── lib/ (12MB bundled .so files)
│ ├── libcrypto.so.3
│ ├── libc.so.6
│ ├── libgcc_s.so.1
│ ├── libm.so.6
│ ├── libssl.so.3
│ ├── libz.so.1
│ └── libzstd.so.1
├── scripts/
│ ├── courier-bridge.v2.cjs (messaging + relay bridge)
│ ├── ksp-bridge.mjs (KSP service discovery)
│ ├── publish.mjs (Nostr publishing tool)
│ ├── start-kapnetd.sh (kapnetd launcher)
│ └── setup-herm.sh (one-shot setup)
└── setup-herm.sh (top-level setup)
Pre-Launch Checklist
On HermQube (This Qube)
- [ ] kapnetd binary tested and working
- [ ] Courier Bridge v2 tested (operator poll + relay)
- [ ] All scripts copied to
shared-rw/ksp-bridge/ - [ ] Package size verified: ~28MB total
- [ ] SanDisk backup of package verified
On Mac (MKCTP Agent)
- [ ] Node.js installed (v18+):
node --version - [ ] npm packages:
npm install nostr-tools ws - [ ] Package transferred (USB or shared-rw mount)
- [ ]
setup-herm.shexecuted - [ ] npub generated and noted
- [ ] kapnetd starts:
./start-kapnetd.sh - [ ] Courier Bridge starts:
node courier-bridge.v2.cjs run - [ ] npub visible on relay (check snort.social)
Launch Day Sequence
T-60min: Transfer package to Mac
├── Copy ksp-bridge/ to ~/ksp-bridge/
├── Run: cd ~/ksp-bridge/scripts && npm install nostr-tools ws
└── Run: bash setup-herm.sh mkctp-alpha
T-30min: Start kapnetd
├── cd ~/ksp-bridge/scripts
├── bash start-kapnetd.sh &
├── Verify: socket at ~/.kapnet/kapnet.sock
└── Verify: data at ~/.kapnet/data/
T-15min: Start Courier Bridge
├── node courier-bridge.v2.cjs run &
├── Verify: connected to damus.io + nos.lol
└── Verify: node-info published to relay
T-5min: HermQube Discovery
├── HermQube queries relay for new npub
├── Sends test TXXM envelope to MKCTP npub
└── MKCTP receives and responds
T-0: LINK LIVE
├── Bidirectional TXXM flow confirmed
├── Operator can send commands to MKCTP
├── MKCTP responses visible in operator outbox
└── Message sheet updated with exchange
Post-Launch Operations
Daily
- Courier Bridge runs continuously (background process)
- kapnetd runs continuously (background process)
- Operator commands via operator.json
- Heartbeats exchanged (visible in message sheet)
Weekly
- Warden audits SSD space + backup integrity
- Verify SanDisk backup is current
- Review message sheet for anomalies
- Check all agent heartbeats are fresh
As Needed
- Update kapnetd binary (new build from HermQube)
- Update Courier Bridge (new version from HermQube)
- Rotate Nostr identity (if compromised)
- Add new soul skills (copy from HermQube)
Troubleshooting
| Problem | Check | Fix |
|---|---|---|
| kapnetd won’t start | LD_LIBRARY_PATH | Export correct path to bundled libs |
| Bridge can’t connect to relay | Network/firewall | Test: curl -I https://relay.damus.io |
| No TXXMs received | npub correct? | Verify npub on relay |
| Operator commands not detected | File permissions | chmod 666 operator.json |
| Message sheet not updating | Bridge running? | Check bridge process: ps aux | grep courier |
| Braid not converging | kapnetd connected? | Check socket: ls -la ~/.kapnet/kapnet.sock |
Security Notes
- nsec stored ONLY on Mac’s local disk (never transmitted)
- SSD encryption protects data at rest on HermQube
- SanDisk backup is encrypted copy
- Nostr relay sees only public TXXM envelopes (content is JSON, not encrypted)
- For encrypted messaging: use kind-4 DM (NIP-04) instead of kind-30078
- Operator commands are authenticated by file system permissions (only operator can write operator.json)
No comments yet.
Write a comment