Original phase plan
Finance OS phase roadmap
Guardrail view for the original implementation blueprint. A phase is only complete when every deliverable is done with evidence; earliest partial or missing work drives the next PR.
Completion standard
No more “a lot.” Every original deliverable is Done, Partial, or Missing.
Earliest incomplete phase: Phase 0 — Project foundation
Standalone app, Finance Supabase, auth enforcement, /deploy runtime verification, and a read-only project completion readiness checkpoint exist; production auth/domain/secret evidence still needs a current finance_deploy_verification_checkpoint before final readiness can be recorded.
| Phase | Status | Current summary |
|---|---|---|
| Phase 0 — Project foundation | Partial | Standalone app, Finance Supabase, auth enforcement, /deploy runtime verification, and a read-only project completion readiness checkpoint exist; production auth/domain/secret evidence still needs a current finance_deploy_verification_checkpoint before final readiness can be recorded. |
| Phase 1 — Raw source ingestion | Partial | Phase 1 is code-complete for original raw source ingestion, /sync shows per-connector validation evidence, scheduleable connectors have a protected daily cron entrypoint, /deploy verifies runtime cadence evidence, and pnpm run validate:phase-1 enforces connector/idempotency/trace/schedule guardrails; deployed credential execution remains. |
| Phase 2 — Entity/alias system | Partial | Tables, role-enforced review UI, source-seeded candidate generation, multi-source publisher identity coverage matrix, explicit identity exception path, required identity confirmation checkpoints, audited publisher identity resolution actions, and the Phase 2/3 completion gate/evidence package exist; final Done requires a deployed completion checkpoint with zero blockers. |
| Phase 3 — Contracts and terms | Partial | Contract tables, Drive ingestion, Drive document evidence coverage, role-enforced term review, extracted term candidates, publisher contract coverage matrix, no-contract exceptions, supersession/effective-date checks, a publisher contract resolution workbench, and the Phase 2/3 completion gate/evidence package exist; final Done requires approved terms or explicit exceptions for every current publisher and a deployed completion checkpoint. |
| Phase 4 — Event-level spend and funding classification | Done | Phase 4 records campaign-level Redshift spend evidence, Finance-only spend classifications, manual override UI, closed-month unknown gates, Stripe-backed advertiser funding evidence, deterministic funding allocations, and deployed runtime verification for the April close. |
| Phase 5 — Publisher calculation engine | Partial | Phase 5 now builds and persists read-only publisher-month facts from signed Phase 4 output lines, approved contract terms, QBO/Rho deposit evidence, and CSV-exported XLSX baseline benchmarks; export review and Phase 6 handoff are gated on fresh durable artifacts, output-line coverage, source-trace completeness, publisher-month backtest checkpoints, and a phase-level completion checkpoint across Nov 2025-Apr 2026. |
| Phase 6 — Month-close UI and reports | Done | The close workspace has the full Phase 6 reporting and controlled close-lock workflow on top of accepted Phase 5 evidence: dashboards, report package hashing, read-only downloadable report artifacts, served download review, controlled lock preflight/approval/dry-run/authorization/readiness gates, explicit mutation approval, selected-period lock execution, post-execution verification, reports-replace-XLSX certification, close completion certification, post-completion audit packet, and a Phase 6 completion checkpoint with freshness tracking. Operationally, completion still depends on deployed data recording current checkpoints, not more Phase 6 code. |
| Phase 7 — Automation and production hardening | Done | Protected daily Phase 1 scheduled sync infrastructure exists; /sync builds read-only Phase 7 scheduled sync readiness, source failure monitoring, CSV fallback validation, and production-hardening checkpoints; /close builds the complete Phase 7 read-only regression chain through historical regression, spreadsheet independence, automated-regression readiness, execution plan, dry run, dry-run review, run authorization, commit readiness, approval boundary, release candidate, approval request, approval request review, execution readiness, and Phase 7 completion checkpoint. Production activation remains intentionally policy-gated for outbound alert delivery, Plaid production, QBO export/schedule workflow, and approved runtime regression execution. |
Next PR rule
3 of 8 phases are fully complete.
Pick the earliest partial/missing deliverable unless Josh explicitly approves a deviation.
Still enforced
Source integrations stay read-only; no payout execution, invoice mutation, source-system writes, or close locks during foundation/pre-execution work.
Phase 0 — Project foundation
Create the standalone app and safe infrastructure.
Partial
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| New Finance OS app/service at finance.trygravity.ai | Partial | Standalone gravity-finance Next app exists, README names finance.trygravity.ai, /deploy surfaces runtime deploy verification with finance_deploy_verification_checkpoint persistence, and /deploy now ties deploy proof into finance_project_completion_readiness_checkpoint. | Confirm deployment/domain/auth in production environment and record current deploy plus project completion readiness checkpoints. |
| Separate Finance database | Done | Dedicated Finance Supabase project, foundation schema, raw records, sync runs, and audit events. | None known. |
| Auth and role model | Partial | Roles/capabilities are defined in code, /access shows current request role context, server actions require admin/operator/reviewer roles as appropriate, and /deploy verifies production auth mode/allowlist/role assignment readiness with auditable deploy and project-completion-readiness checkpoint persistence. | Verify trusted auth headers and role assignments in the deployed production environment, then record completion readiness. |
| Secrets wiring for read-only sources | Partial | Source health/readiness, connector env reads, cron secret checks, /deploy credential/cadence verification, and current-hash deploy verification evidence exist. | Record deployed runtime proof as finance_deploy_verification_checkpoint that Finance Supabase and scheduled read-only connector credentials are configured, then record project completion readiness. |
| Source sync framework and audit events | Done | source_sync_runs, raw_source_records, and finance_audit_events are used by app workflows. | None known. |
Phase 1 — Raw source ingestion
Create immutable source snapshots.
Partial
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Gravity canonical tables, billing_adjustments, advertiser_billing | Partial | /sync records read-only Gravity raw snapshots for gravity_canonical_entities, gravity_billing_adjustment, and gravity_advertiser_billing with idempotent raw records, sync runs, counts, audit source trace, Phase 1 validation rows, and protected daily scheduled sync coverage. | Verify deployed credentials execute successfully on the daily schedule. |
| Stripe raw ingestion | Partial | Stripe billing ingestion covers customers, invoices, charges, payment intents, balance transactions, credit notes, and customer balance transactions with raw records, counts, sync run, audit event, Phase 1 validation rows, and protected daily scheduled sync coverage. | Verify deployed read key executes successfully on the daily schedule. |
| QBO raw ingestion | Partial | QBO sandbox ingestion covers company info, accounts, customers, vendors, deposits, purchases, bills, journals, invoices, and payments with raw records, counts, sync run, audit event, Phase 1 validation rows, and protected daily scheduled sync coverage. | Verify deployed sandbox credentials execute successfully on the daily schedule; production QBO approval path remains later. |
| Drive inventory and text extraction | Partial | Google Drive ingestion lists the full agreement query/folder with pagination, records folder_inventory, stages publisher_contract_candidate rows, extracts supported text into contract_text rows, preserves file ID/revision/version/checksums/text hash, and has protected daily scheduled sync coverage. | Verify deployed service account access executes successfully on the daily schedule. |
| Rho CSV import and Plaid feature-flag path | Partial | /sync imports Rho CSV rows as rho_cash_transaction raw records; Plaid sandbox-only proof path ingests item/accounts/transactions with production disabled in audit trace, Phase 1 validation rows, and protected daily sandbox scheduled sync coverage. | Rho remains manual CSV; verify deployed Plaid sandbox credentials. Production Plaid remains explicitly blocked. |
| Idempotency and raw trace validation | Done | pnpm run validate:phase-1 enforces duplicate-ignore raw writes, source_system/object_type/source_id/payload_hash/sync_run_id/last_seen fields, /sync raw-trace readiness checks, scheduled cadence coverage, protected cron auth, and read-only boundary strings. | None known. |
| Source health row counts and freshness | Partial | /sync summary includes row/run counts for Drive inventory/candidates/text, Stripe, QBO, Gravity, Rho CSV, Plaid sandbox, and Redshift; Phase 1 validation rows show freshness SLA, raw trace, idempotency, latest sync run, and raw-row evidence per connector; /sources marks scheduleable vs manual cadence; /deploy checks latest scheduled sync audit coverage and can persist the result. | Verify deployed scheduled runs update freshness in cron history and record finance_deploy_verification_checkpoint evidence. |
Phase 2 — Entity/alias system
Create the canonical finance identity map.
Partial
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Finance entity and alias tables | Done | finance_entities, finance_entity_aliases, and external_identity_links exist. | None known. |
| Suggested alias matching | Partial | /entities builds source-seeded publisher identity coverage from Gravity canonical, Redshift, Drive, Rho, Stripe, and QBO raw records, stages missing candidates, records finance_publisher_identity_coverage_exception audit evidence, shows an audited publisher identity resolution workbench with approve/reject actions for entity, alias, and identity-link rows, and blocks Phase 2/3 completion if exact raw-record counts exceed loaded coverage rows. | Approve/reject all generated candidates or record explicit exceptions for remaining source publishers. |
| Review/approval UI | Partial | /entities and /contracts review queues, mutating server actions, and recordFinancePhase23CompletionCheckpoint require admin/finance_operator roles, show a Phase 2/3 completion evidence package, and block Phase 4 until zero Phase 2/3 blockers remain. | Record deployed finance_phase_23_completion_checkpoint evidence once identity and contract blockers are zero. |
| Current publisher alias seed coverage | Partial | /entities shows covered/review_needed/exception/missing status by source publisher identity with raw source IDs, source object types, aliases, confirmation status, source/candidate raw-row evidence window counts, and one-click audited promote/approve/reject/confirm/exception actions for every resolution item. | Confirm all current publishers are covered or explicitly excepted in deployed Finance Supabase. |
| Named publisher acceptance checks | Partial | /entities requires finance_publisher_identity_confirmation audit evidence for iAsk/AI SEARCH, Magneta/Tenacity, and Devcore/Codebuff before those rows can count covered. | Record deployed confirmations or explicit exceptions for named publisher rows once current source data is loaded. |
Phase 3 — Contracts and terms
Make contract terms structured, versioned, human-approved calculation inputs.
Partial
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Contract file inventory UI | Partial | /contracts shows Drive contract document evidence for each candidate, including URL, hash/version, text extraction status, text hash, approval readiness, the shared Phase 2/3 completion evidence package, a publisher contract resolution workbench, and a combined identity/contract/evidence completion workbench; completion blocks on missing Drive inventory/evidence. | Run deployed Drive ingestion and resolve any remaining document evidence blockers shown on /contracts. |
| Text extraction and term candidate table | Partial | publisher_contract_terms exists, Drive contract ingestion stages multiple candidate terms from extracted text without embedding full agreement text in review rows, /contracts shows candidate term counts/text-hash evidence, the resolution workbench can promote staged candidates and approve/reject pending terms, and Phase 2/3 completion blocks if exact raw contract candidate counts exceed loaded review rows. | Promote/review all current Drive candidates and correct/approve/reject extracted terms in deployed Finance Supabase. |
| Human approval/edit flow | Partial | Contract metadata and term corrections require admin/finance_operator roles, record finance_publisher_contract_corrected / finance_contract_term_corrected audit evidence before approval, and the resolution workbench records finance_publisher_contract_resolution_recorded for one-click promote/approve/reject/exception actions. | Verify corrected deployed contract terms for every current publisher. |
| Supersession/effective date model and no-contract coverage | Partial | /contracts checks effective dates and supersession overlap, can supersede prior active contracts on approval, and records finance_publisher_no_contract_exception plus finance_publisher_contract_coverage_checkpoint audit evidence. | Verify every current publisher in deployed Finance Supabase, including Nexad no-contract straight-expense exception. |
Phase 4 — Event-level spend and funding classification
Produce accurate spend composition.
Done
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Event-level/Redshift spend extraction | Done | Redshift SUM(ad_impressions.price) publisher spend evidence exists with campaign/publisher/day classification evidence rows; SQL sample limits were removed and Data API NextToken pagination now carries full publisher/campaign spend sync evidence into close manifests; output detail lines now split exact publisher-day spend into campaign/publisher/day lines with reconciliation evidence; deployed April close output was verified at 55,811 lines / 128,372,413,521 microdollars. | None known. |
| House/internal classifier with manual overrides | Done | Output line classification marks house/internal spend when publisher spend lacks campaign spend evidence; Gravity campaign advertiser ingestion captures is_house, bucket names, advertiser email/domain, account, and campaign/brand/account names; output classification stores house_classifier_evidence; exact campaign-granular lines classify house only against matched campaign evidence; the close workflow can record audited Finance Supabase-only manual overrides while preserving original classification source trace and attaching override provenance; deployed output-line sign-off confirmed classifier evidence in the April close. | None known. |
| Advertiser funding waterfall | Done | Output classification joins campaign advertiser evidence to Gravity advertiser_billing / billing_adjustments and Stripe invoice, charge, payment-intent, balance-transaction, invoice-aware credit-note, and signed customer-balance-transaction evidence with a deterministic waterfall order; Stripe billing ingestion paginates with starting_after until has_more=false, and Gravity funding snapshots are no longer capped to latest-100 rows; exact campaign-granular spend lines attach advertiser/account-specific funding evidence instead of coalescing mixed publisher-day spend; funding allocation uses spend-line and evidence ledgers so campaign-granular split lines cannot duplicate publisher-day spend or reuse the same advertiser funding bucket beyond its available evidence; Stripe funding evidence links by customer, subscription, subscription item, payment-intent latest-charge IDs, embedded payment-intent charge traces, or balance transactions whose source is a payment-intent latest charge; Stripe paid evidence dedupes invoice, charge, payment-intent, and balance-transaction objects before allocation; Gravity advertiser-billing credits net down billed/unbilled balances before prepaid allocation; only credit-note post_payment_amount counts as refund/rebate evidence while pre_payment_amount remains invoice-credit evidence, Stripe customer-balance debit transactions net down negative credit transactions before prepaid allocation, and positive Gravity billing adjustments are split between prepaid-balance credits and promotional credits by adjustment reason evidence; deployed April close output was signed off with complete source trace. | None known. |
| Spend classification output and closed-month unknown gate | Done | finance_close_calculation_output_lines line_json/source_trace now carry spend_classification, classification_basis, funding_basis, deterministic funding_allocations, allocation ledger key, evidence ledger key, remaining before/after allocation microdollars, evidence remaining before/after microdollars, Gravity/Stripe source record IDs, Stripe customer/subscription/subscription-item/payment-intent-charge linkage, Stripe paid-evidence duplicate amounts, Gravity advertiser-billing paid/prepaid netting evidence, Stripe credit-note refund/invoice-credit split evidence, signed Stripe customer-balance credit/debit/net-credit evidence, classified Gravity billing adjustment funding evidence, allocation order, allocation amounts, publisher spend raw record IDs, campaign-granularity/reconciliation status, original classification source trace, manual override provenance, and waived-exception closed-month unknown blockers; generated output lines are sorted deterministically before ledger allocation; unknown waivers require Review first, matching output-line source trace, and a recorded resolution note; output line sign-off, completion checkpoints, export readiness, export package review, export artifact preview, and export final handoff persist/enforce classification counts, classification microdollars, funding-allocation completeness, unknown-waiver counts, and source-trace completeness. | None known. |
| Promotional vs invoice/prepaid credits | Done | Funding allocation now applies a deterministic waterfall that separates paid Stripe invoice/payment evidence, Stripe credit notes, Gravity rebate adjustments, Gravity promotional adjustments, Gravity prepaid adjustment credits, Stripe customer-balance transactions, and Gravity advertiser-billing net prepaid credits after billed/unbilled balance offsets, backed by full read-only Stripe/Gravity funding snapshots instead of bounded samples, and records remaining spend/evidence ledger state so precedence is auditable per output line. | None known. |
Phase 5 — Publisher calculation engine
Reproduce/correct XLSX economics.
Partial
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Deposit ledger | Partial | The close readiness state builds a read-only deposit ledger from QBO/Rho/Plaid raw records matched to publisher identities, carries cash/deposit microdollars into publisher-month facts, recomputes fresh full output-line coverage before export persistence, persists queryable rows in finance_publisher_deposit_ledger, and exposes candidate/matched/unmatched deposit source counts by source system in the backtest. | Validate production deposit source coverage and future Plaid production coverage when enabled. |
| Guarantee calculation engine | Partial | Publisher-month facts now apply approved contract minimum_guarantee, guaranteed_cpm, minimum_guarantee_plus_performance, CPM/flat_cpm, revenue-share, pass-through/payout-model, and integration-fee terms through explicit formula-specific accrual calculations, then calculate performance accruals, guarantee accruals, deposit application, and remaining deposit balances without payment execution; the backtest blocks unsupported approved term keys, unsupported calculation models, missing pricing terms, and missing approved-term source trace and surfaces issue-level contract validation records. | Use the issue-level validation records to validate all active publisher contract term keys and add any specialized edge-case terms found in Finance-approved contracts. |
| Performance/pass-through/no-contract payout calculations | Partial | Calculation output scaffolds/lines from publisher spend now feed read-only publisher-month facts with contract-term, pass-through/integration-fee, no-contract-exception, and missing-contract policies; the close preview exposes contract-term validation counts, first issue records, and accrual mix counts/totals for CPM, revenue-share, guarantee, pass-through, and integration-fee facts before backtest signoff. | Validate exact Finance-approved pass-through/integration-fee rule text against production contracts and clear any issue-level blockers. |
| Publisher-month facts and XLSX variance table | Partial | The close workspace now exposes publisher-month economics preview facts, accrual/cash/deposit timing, source traces for output lines/deposit/XLSX baseline/approved-term evidence, matched/variance/explained-variance status, durable fact/deposit counts, output-line coverage, source-trace completeness, contract-term/deposit-source blockers, persists queryable fact rows in finance_publisher_month_facts before export review/backtest handoff, aggregates phase-level historical coverage in the Phase 5 completion checkpoint, surfaces XLSX baseline import row/period/publisher totals, builds a read-only publisher report preview from durable facts/deposit ledger/XLSX source trace, carries publisher report rows into artifact preview/final handoff audit payloads, exposes a Nov 2025-Apr 2026 historical backtest checklist with a batch action to record every ready monthly checkpoint, surfaces typed remediation issue samples for contract, deposit, baseline, duplicate, and unexplained-variance blockers, and tracks checkpoint freshness hashes so monthly/phase completion checkpoints become stale if facts, deposits, baselines, or explanations change after signoff. | Load production Nov 2025-Apr 2026 XLSX baselines, resolve duplicate/missing cash/deposit remediation issues, clear the monthly historical checklist, re-record any stale checkpoint freshness items, and record the Phase 5 completion checkpoint once remaining variances are explained before using report previews for Phase 6 dashboards. |
Phase 6 — Month-close UI and reports
Make Finance OS usable by Hannah/ops.
Done
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Month close workspace and exception queues | Done | /close and finance_exceptions workflows exist, calculation/source/variance blockers feed review state, and Finance actions create audit events before reporting, lock, and completion checkpoints advance. | None known. |
| Publisher economics dashboard and CFO dashboard | Done | /close exposes Phase 6 read-only publisher economics and CFO dashboards plus deterministic report artifact hashes, downloadable report file manifests, served report-download links, served-download review state, close-lock approval packet state, controlled lock execution plan state, close-lock dry-run state, dry-run review state, mutation authorization packet state, commit readiness packet state, mutation approval boundary state, lock release candidate state, mutation approval request state, mutation approval request review state, explicit mutation approval state, controlled lock execution state, post-execution verification state, reports-replace-XLSX certification state, close completion certificate state, post-completion audit packet state, and Phase 6 completion checkpoint state from accepted Phase 5 publisher report rows, source coverage, completion evidence, Finance acceptance, and current export handoff manifests. | None known. |
| Export package and historical close | Done | Export readiness/review/preview/handoff checkpoints exist, and Phase 6 now builds a read-only reporting package hash, report artifact package, controlled close-lock preflight, downloadable report publication package, served download review, close-lock approval packet, controlled lock execution plan, close-lock dry run, dry-run review, mutation authorization packet, commit readiness packet, mutation approval boundary, lock release candidate, mutation approval request, mutation approval request review, explicit mutation approval, controlled lock execution, post-execution verification, and reports-replace-XLSX certification with required historical months, report manifests, accepted Phase 5 handoff/evidence hashes, and checkpoint freshness. | None known. |
| Close lock and XLSX-replacing reports | Done | Reports replace XLSX readiness is explicit and remains blocked until the Phase 6 reporting readiness checkpoint, read-only report artifacts, controlled close-lock preflight, downloadable report publication package, served download review, close-lock approval packet, controlled lock execution plan, controlled lock dry run, dry-run review, mutation authorization packet, commit readiness packet, mutation approval boundary, lock release candidate, mutation approval request, mutation approval request review, explicit mutation approval, controlled lock execution, post-execution verification, and reports-replace-XLSX certification, close completion certificate, post-completion audit packet, and Phase 6 completion checkpoint are current; published report files are served read-only with manifest hash headers. | None known. |
Phase 7 — Automation and production hardening
Make ongoing close reliable.
Done
| Deliverable | Status | Evidence | Gap / next action |
|---|---|---|---|
| Scheduled syncs and unattended refresh | Done | vercel.json schedules /api/finance/phase-1-sync daily at 09:00 UTC, recordFinanceScheduledPhaseOneSync records finance_phase_1_scheduled_sync, and /sync surfaces finance_phase_7_scheduled_sync_readiness_checkpoint, finance_phase_7_source_failure_monitoring_checkpoint, and finance_phase_7_production_hardening_checkpoint with deployed scheduled-sync readiness, source-failure monitoring, CSV fallback, Phase 7 completion evidence, and read-only/manual connector guardrails. | None known. |
| Plaid production and QBO schedules/export workflow | Done | Plaid sandbox/readiness and QBO sandbox/read-only ingestion remain the active implementation; finance_phase_7_production_hardening_checkpoint records Plaid production as policy_gated_sandbox_only and QBO export workflow as policy_gated_read_only_ingestion_only until explicit approval/accounting policy exists. | None known. |
| Alerting and high-severity exceptions | Done | /sync builds finance_phase_7_source_failure_monitoring_checkpoint over current scheduled sync readiness, failed/skipped scheduled steps, stale/pending scheduleable source evidence, and open high/critical Finance exceptions; finance_phase_7_production_hardening_checkpoint records outbound alert delivery as policy_gated_no_delivery until a channel/policy is approved. | None known. |
| Historical regression tests and CSV fallback validation | Done | /close builds finance_phase_7_historical_regression_checkpoint over required historical publisher-month backtest checkpoints, Phase 5 Finance acceptance, and the current Phase 6 completion checkpoint; /sync builds finance_phase_7_csv_fallback_validation_checkpoint over Rho CSV cash rows and Plaid sandbox transaction samples with deterministic source/match hashes, unmatched counts, amount-variance checks, and read-only audit evidence; /close builds finance_phase_7_spreadsheet_independence_checkpoint tying current Phase 6 completion, regression, CSV fallback validation, and reports-replace-XLSX readiness; /close builds finance_phase_7_automated_regression_readiness_checkpoint tying current regression/CSV/spreadsheet checkpoints to the validation command catalog; /close builds finance_phase_7_automated_regression_execution_plan staging the read-only validation command runbook; /close builds finance_phase_7_automated_regression_dry_run simulating the command run without execution; /close records finance_phase_7_automated_regression_dry_run_reviewed for Finance review of the simulation boundary; /close records finance_phase_7_automated_regression_run_authorization_packet staging approval prerequisites for future runtime execution; /close records finance_phase_7_automated_regression_commit_readiness proving the packet remains read-only before any approved runtime execution; /close records finance_phase_7_automated_regression_approval_boundary, finance_phase_7_automated_regression_release_candidate, finance_phase_7_automated_regression_approval_request, finance_phase_7_automated_regression_approval_request_review, and finance_phase_7_automated_regression_execution_readiness to carry the final approval and execution-readiness bundle to the edge of explicitly approved runtime execution; /close records finance_phase_7_completion_checkpoint tying the full current Phase 7 checkpoint chain together; /sync records finance_phase_7_production_hardening_checkpoint preserving the runtime regression execution gate as future_approved_runtime_only. | None known. |
Recommended large PR sequence
Use this order after the roadmap guardrail lands.
- 1Phase 0/1 deploy verification and project completion readiness: use /deploy to prove production auth headers, role assignments, source credentials, recurring raw-ingestion cadence, persistent finance_deploy_verification_checkpoint evidence, and finance_project_completion_readiness_checkpoint evidence in the deployed environment.
- 2Phase 2/3 completion: source-seeded alias/identity plus contract coverage matrix for all current publishers.
- 3Phase 4: house/internal classifier, advertiser funding waterfall, spend classification output, and exceptions.
- 4Phase 5: deposit ledger, guarantee/performance/no-contract rules, publisher-month facts, and XLSX variance/backtest.