zlh-grind/UPSTREAMS.md

# Upstreams — zlh-grind

This repository tracks GPT execution work across upstream projects.

## Rules
- This file is a registry of upstream repos used during execution.
- Do not duplicate canonical documentation here; link to it.

---

## ZeroLagHub Knowledge Base (Canonical)
- Repo: `https://git.zerolaghub.com/jester/knowledge-base`
- Role: Canonical architecture, decisions, procedures, handovers

## zlh-grind (Execution Ledger)
- Repo: `https://git.zerolaghub.com/jester/zlh-grind`
- Role: GPT execution notes, session logs, drift prevention

## zlh-api / zpack-api (API / Control Plane)
- Repo: `https://git.zerolaghub.com/jester/zlh-api`
- Role: Control-plane orchestration (instance lifecycle, DB writes, agent coordination)
- Notes: Game telemetry routes live under `/api/game/*`.

## Portal / Frontend (Next.js)
- Repo: `https://git.zerolaghub.com/jester/zlh-portal`
- Role: Customer portal (dashboard, console UX)

## zlh-agent (Go Agent)
- Repo: `https://git.zerolaghub.com/jester/zlh-agent`
- Role: Agent runtime for provisioning/install/verify/start workflows + console PTY
- Notes: Periodic update checks + Phase 1 mod management + process metrics added Feb 2026.

## Artifacts (Minecraft zpack tree)
- Location (VM filesystem): `/opt/zlh/zpacks/minecraft/`
- Role: Local-first artifacts for vanilla/paper/purpur/fabric/forge/**neoforge** installs.
- Notes: Phase 1 contract normalizes certain installer filenames for predictable installs.

---

## Authentication Ownership

### Portal
- Owns identity UX (login, logout, session handling)
- Stores JWT token
- Attaches Authorization header to API calls

### APIv2
- Validates credentials
- Issues JWT tokens
- Verifies tokens for protected routes
- Persists user records

### Explicit Non-Responsibilities
- API does not manage frontend sessions
- Portal does not validate credentials directly