# AIPhone No・where Logicnoid Project — Deployment Guide

## 1. Product

AIPhone No・where Logicnoid Project

## 2. Purpose

This deployment guide describes the current production-near installation of the AIPhone No・where Logicnoid engine on Ubuntu EC2.

The engine provides:

- Phone-number non-exposure tokenization
- Text identifier claim and resolve
- Display Ready Proof
- One-time Tunnel Ticket
- One-time Session Authorization
- Reuse block
- Audit receipt retrieval
- Signed Admin Challenge
- Protected Admin Readiness
- HTTPS public surface
- OpenAPI contract
- Threat Model package

## 3. Deployment Topology

| Component | Value |
|---|---|
| Host OS | Ubuntu |
| Public domain | logicnoid.kr |
| WWW domain | www.logicnoid.kr |
| Origin domain | origin.logicnoid.kr |
| Public IP | 13.209.41.197 |
| Private IP | 172.31.38.191 |
| Engine service | gnx-aiphone |
| Engine bind | 127.0.0.1:3400 |
| Reverse proxy | Nginx |
| TLS | Certbot / Let's Encrypt |
| Product root | /opt/gnx/aiphone-nowhere |
| Engine source | /opt/gnx/aiphone-nowhere/engine/src/server.mjs |
| Runtime state | /opt/gnx/aiphone-nowhere/runtime |
| Public surface | /opt/gnx/aiphone-nowhere/surface/public |
| Docs | /opt/gnx/aiphone-nowhere/docs |
| OpenAPI | /opt/gnx/aiphone-nowhere/engine/openapi/openapi.yaml |

## 4. Runtime Layout

| Path | Purpose |
|---|---|
| /opt/gnx/aiphone-nowhere/.env.production | Production environment secrets |
| /opt/gnx/aiphone-nowhere/engine/src/server.mjs | Core engine |
| /opt/gnx/aiphone-nowhere/runtime/state.json | Runtime state |
| /opt/gnx/aiphone-nowhere/runtime/audit.jsonl | Audit receipt log |
| /opt/gnx/aiphone-nowhere/surface/public/index.html | Public verification surface |
| /opt/gnx/aiphone-nowhere/surface/public/openapi.yaml | Public OpenAPI contract |
| /opt/gnx/aiphone-nowhere/surface/public/threat-model.md | Public threat model |
| /opt/gnx/aiphone-nowhere/docs/production-readiness-gate.md | PASS/PENDING gate |
| /opt/gnx/aiphone-nowhere/docs/verification | Verification logs |
| /etc/systemd/system/gnx-aiphone.service | systemd unit |
| /etc/nginx/conf.d/aiphone-nowhere.conf | Nginx site configuration |

## 5. Environment Variables

The engine reads production configuration from:

/opt/gnx/aiphone-nowhere/.env.production

Required values:

| Variable | Purpose |
|---|---|
| AIPHONE_HOST | Engine bind host |
| AIPHONE_PORT | Engine bind port |
| AIPHONE_SECRET_PEPPER | HMAC pepper for MSISDN/token/handle hashing |
| AIPHONE_ADMIN_SECRET | HMAC secret for signed admin challenge |
| AIPHONE_RUNTIME_DIR | Runtime state directory |
| AIPHONE_PRODUCT_NAME | Product display name |

Security rule:

- .env.production must be chmod 600.
- AIPHONE_SECRET_PEPPER must not be exposed publicly.
- AIPHONE_ADMIN_SECRET must not be exposed publicly.
- Raw MSISDN must not be stored in runtime state or audit logs.

## 6. Network Ports

| Port | Scope | Purpose |
|---|---|---|
| 80 | Public | HTTP redirect / ACME validation |
| 443 | Public | HTTPS public/API surface |
| 3400 | Localhost only | AIPhone engine |
| 22 | Restricted | SSH administration |

Production rule:

- Port 3400 must bind to 127.0.0.1 only.
- Public traffic must enter through Nginx.
- SSH must not remain open to 0.0.0.0/0 in production.

## 7. systemd Operations

Check service status:

systemctl status gnx-aiphone --no-pager

Start service:

sudo systemctl start gnx-aiphone

Restart service:

sudo systemctl restart gnx-aiphone

Stop service:

sudo systemctl stop gnx-aiphone

Enable on boot:

sudo systemctl enable gnx-aiphone

Read logs:

journalctl -u gnx-aiphone -n 120 --no-pager

## 8. Nginx Operations

Check Nginx configuration:

sudo nginx -t

Reload Nginx:

sudo systemctl reload nginx

Restart Nginx:

sudo systemctl restart nginx

Check Nginx status:

systemctl status nginx --no-pager

Read error logs:

sudo tail -n 120 /var/log/nginx/error.log

## 9. TLS Operations

Certificate status:

sudo certbot certificates

Renewal dry-run:

sudo certbot renew --dry-run

Reload Nginx after certificate changes:

sudo nginx -t
sudo systemctl reload nginx

Public HTTPS checks:

curl -I https://logicnoid.kr
curl -I https://www.logicnoid.kr
curl -I https://origin.logicnoid.kr

## 10. Health Checks

Local engine health:

curl -sS http://127.0.0.1:3400/health/ready | jq

Public HTTPS health:

curl -sS https://logicnoid.kr/health/ready | jq

Expected status:

ok: true
status: READY

## 11. Public Endpoints

| Endpoint | Purpose |
|---|---|
| GET / | Public verification surface |
| GET /health/ready | Runtime readiness |
| POST /v1/msisdn/tokenize | No-raw-MSISDN tokenization |
| POST /v1/identity/claim | Text identifier claim |
| POST /v1/identity/resolve | Text identifier resolve |
| POST /v1/session/intent | Session intent |
| POST /v1/display/ready | Display Ready Proof |
| POST /v1/tunnel/ticket | One-time Tunnel Ticket |
| POST /v1/session/authorize | Session authorization |
| POST /v1/session/consume | One-time session consume |
| GET /v1/audit/{receipt} | Audit receipt retrieval |
| POST /v1/admin/challenge | Admin challenge |
| POST /v1/admin/session/verify | Admin session verification |
| GET /v1/admin/readiness | Protected admin readiness |
| GET /openapi.yaml | Public OpenAPI contract |
| GET /threat-model.md | Public threat model |

## 12. Verification Scripts

HTTP evidence-chain check:

/tmp/aiphone-pass-check.sh

HTTPS evidence-chain check:

/tmp/aiphone-pass-check-https.sh

Admin signed challenge check:

/tmp/aiphone-admin-challenge-check.sh

Verification logs:

/opt/gnx/aiphone-nowhere/docs/verification

## 13. Deployment Verification Procedure

Run the following checks after deployment or restart:

1. systemd active check
2. Nginx config check
3. Local health check
4. Public HTTPS health check
5. No-raw-MSISDN tokenization check
6. Identity claim check
7. Session intent check
8. Display Ready Proof check
9. Tunnel Ticket check
10. Session authorization check
11. One-time consume check
12. Reuse block check
13. Audit receipt retrieval check
14. Admin signed challenge check
15. Protected admin readiness check
16. OpenAPI retrieval check
17. Threat Model retrieval check

## 14. Rollback Procedure

Before editing the engine, create a timestamped backup:

mkdir -p /opt/gnx/aiphone-nowhere/backups/engine

cp /opt/gnx/aiphone-nowhere/engine/src/server.mjs /opt/gnx/aiphone-nowhere/backups/engine/server.mjs.$(date +%Y%m%d-%H%M%S)

To roll back:

1. Stop service
2. Restore previous server.mjs
3. Run node --check
4. Restart service
5. Run health check
6. Run evidence-chain check

Commands:

sudo systemctl stop gnx-aiphone

cp /opt/gnx/aiphone-nowhere/backups/engine/server.mjs.SELECTED_BACKUP /opt/gnx/aiphone-nowhere/engine/src/server.mjs

node --check /opt/gnx/aiphone-nowhere/engine/src/server.mjs

sudo systemctl restart gnx-aiphone

curl -sS https://logicnoid.kr/health/ready | jq

## 15. Security Rules

- Do not store raw MSISDN.
- Do not expose AIPHONE_SECRET_PEPPER.
- Do not expose AIPHONE_ADMIN_SECRET.
- Do not reintroduce raw tunnel ticket storage.
- Do not expose raw internal tokens.
- Do not add public vault endpoints.
- Do not add admin fallback tokens.
- Do not allow session authorization without Display Ready Proof.
- Do not allow handle reuse.
- Do not mark native dialer integration as complete until actually integrated.
- Do not claim external security audit completion unless completed.

## 16. Current PASS Gates

| Gate | Status |
|---|---:|
| EC2 Instance Running | PASS |
| Domain A Record | PASS |
| Nginx Public Surface | PASS |
| AIPhone Public Verification Surface v0 | PASS |
| Runtime Health API | PASS |
| HTTPS Runtime Health API | PASS |
| No-raw-MSISDN Tokenization Path | PASS |
| Text Identifier Claim | PASS |
| Session Intent | PASS |
| Display Ready Interlock | PASS |
| One-time Tunnel Ticket | PASS |
| One-time Session Consume | PASS |
| Reuse Block | PASS |
| Audit Receipt Creation/Retrieval | PASS |
| HTTPS Full Evidence Chain | PASS |
| TLS/HTTPS Certificate | PASS |
| Admin Signed Challenge | PASS |
| Protected Admin Readiness | PASS |
| OpenAPI | PASS |
| Threat Model | PASS |

## 17. Current PENDING Gates

| Gate | Status |
|---|---:|
| SSH Hardening | PENDING |
| Backup/Restore Runbook | PENDING |
| Incident Response Runbook | PENDING |
| Enterprise UX/UI Surface v1 | PENDING |
| Native Dialer Integration | PENDING |
| Apple CallKit Production Approval | PENDING |
| Android Telecom Framework Production Approval | PENDING |
| Carrier Core Integration | PENDING |
| Telecom Partner Acceptance Trial | PENDING |
| Financial Institution Acceptance Trial | PENDING |
| External Security Audit | PENDING |

## 18. Non-claims

This deployment guide does not claim that carrier production integration is complete.

This deployment guide does not claim that native dialer integration is complete.

This deployment guide does not claim that Apple CallKit or Android Telecom Framework production approval is complete.

This deployment guide does not claim that an external security audit has been completed.

This deployment guide documents the current production-near server deployment and verified evidence-chain behavior.

## 19. Production-readiness Interpretation

The current deployment is suitable for controlled enterprise review, technical validation, API review, licensing discussion, and acceptance-trial preparation.

The current deployment is not yet represented as carrier-integrated, externally audited, or native-dialer-approved.