2026-05-31 — API surface polish (close-deferred sweep)
Developer-facing changes from closing out the deferred B-005/B-006/B-007/B-011 items. All additive — HTTP status codes are unchanged, so status-based clients are unaffected.GET /v1/audit/{id}/onchainnow explains why a receipt is not anchored instead of collapsing every case intonot_committed_yet. The body carries acommit_statusand a discriminatingerror:not_applicable(cost-gated, never anchored — ADR-0004),not_committed_yet(in-flight/queued/unknown),retry_exhausted,wallet_drained, orpersistence_failed(ADR-0006 dead-letter terminal — the same state/detailreturns as 410). All stay HTTP 404 by design (clients such aspegana-replay --verify-onchaintreat 404 as “skip the on-chain check”). Note: forDRIFTalerts the bodyerroris nownot_applicable(previouslynot_committed_yet) — the 404 status is unchanged.GET /v1/methodology/currentwidened from{version, status}to also includegit_tag,released_at,status_reason, andsuperseded_by. When a version isbroken,fix_urlnow points at the live#lifecyclesection (the old per-version anchor never existed). The same fix applies to the broken-version retraction notices the dispatcher sends.- OpenAPI spec (
/openapi.json) now covers all 32 router path-items — the/v1/auth/*,/v1/me/*, webhook CRUD, and/v1/wssurfaces are documented — and registers thetelegram_jwtHTTP bearer scheme so authed routes resolve their security reference. - MCP paid tools now declare a per-tool
resource.url(mcp://tool/{name}) on each x402 402-challenge, soping_paid,get_asset_history, andsubscribe_peg_eventsare distinguishable in the payment-required body. Verification/settlement are unaffected.
2026-05-30 — API input validation + list caching
GET /v1/alerts?limit=/?offset=out-of-range values now return 400 instead of being silently clamped (B-018/019/021). Same forGET /v1/assets/{symbol}/history?bucket=— an unrecognized bucket is now a 400 rather than falling back to a default (B-020). If you were relying on the old clamp-and-continue behavior, send in-range values.GET /v1/assets(the full asset list) is now memoized in Redis for 5s, cutting p50 from ~1.2s (B-022). Response shape is unchanged.
2026-05-29 — Audit receipts: server-side state filter + raw/smoothed series
GET /v1/audit?state=<PEGGED|DRIFT|DEPEG|CRITICAL|BLACK_SWAN>now filters server-side (AC42). The previous client-side filter was bounded by page size; the fulllimitnow applies to matching rows. An unknownstatereturns 400 (error: invalid_state).- Audit receipt discount charts now expose both the raw and EWMA-smoothed series so a transition can be traced against the exact inputs that produced it.
2026-05-27 — Mintlify docs launched
- New docs site at
pegana.xyz/docs(Mintlify). Replaces the inline/concepts,/learn,/developers,/methodologyroutes on the marketing site. Old URLs redirect. - OpenAPI spec published; API Reference tab is auto-generated from
openapi.yaml.
2026-05-27 — MCP instrumentation
mcp-tsnow records per-tool metrics (pingPaidinstrumented viawithMetrics). No payload changes. Visible in Prometheus / Grafana.
2026-05-26 — Webhook 7-day dogfood window
- Started 7-day dogfood for webhook delivery. First mainnet deliveries returning 200 OK. Webhook channel is in preview in the channels table; promoting to live after dogfood concludes.
2026-05-26 — First mainnet x402 paid call
- MCP paid tools (
getAssetHistory,subscribePegEvents) are now settling on Solana mainnet via the Coinbase CDP facilitator (api.cdp.coinbase.com). The publicx402.orgfacilitator still advertises Solana devnet only, so the CDP swap is what unblocked mainnet. First 3 mainnet settlements recorded (commit7da9158).
2026-05-25 — Account UX shipped
- AccountChip in global header, persistent left sidebar on
/account/*, AlertMeButton + SubscribeModal on dashboard.
2026-05-25 — Production deploy to Hetzner
- Migrated from prod-local Docker stack to Hetzner CPX32 (Falkenstein). All 9 containers healthy.
2026-05-25 — Bot session storage → Postgres
- Replaced in-memory grammY session storage with Postgres-backed adapter. Sessions
now survive bot restarts. Migration
0014_bot_sessions.sql.
2026-05-22 — Calibrated thresholds
- Per-asset, per-class drift / depeg / critical thresholds shipped. Calibrated
against 24h p99 noise.
assets.tomldocuments every threshold.
2026-05-20 — API rate limit raised
- REST per-IP rate limit raised from 60 → 300 req/min after observing legitimate dashboard burst patterns (MockDataBanner re-fetch on reload).
2026-05-19 — Hysteresis FSM v2
- Asymmetric entry/exit thresholds and longer exit dwell (60s vs 30s entry). See hysteresis FSM.
2026-05-15 — Pyth confidence + Hermes jitter
- Confidence field populated 100% (range 1e-8 to 0.091).
- Hermes SSE reconnect uses ±50% jitter + exponential 500ms → 30s backoff.
2026-04-02 — dSOL frozen
- After the Drift exploit on 2026-04-01,
dSOLwas frozen inassets.toml— the entry remains for historical continuity but the engine no longer polls the asset. Full removal (so the symbol stops resolving at the API edge) is scheduled before public launch.
For the full list of commits, see
github.com/lrafasouza/pegana/commits.