update: enhance system architect skill v1.1.0

- Add keystore directory (/var/lib/aitbc/keystore) to system directories - Include keystore security management in architecture tasks - Update directory verification procedures - Enhance service path verification for keystore references - Add keystore migration to path management tasks - Update version to 1.1.0 with enhanced capabilities
revert: keep keystore at /var/lib/aitbc/keystore
2026-04-02 14:15:28 +02:00 · 2026-04-02 14:14:45 +02:00 · 2026-04-02 14:13:54 +02:00
9 changed files with 693 additions and 303 deletions
--- a/.windsurf/skills/aitbc-ripgrep-specialist.md
+++ b/.windsurf/skills/aitbc-ripgrep-specialist.md
@@ -0,0 +1,429 @@
 ---
 name: aitbc-ripgrep-specialist
 description: Expert ripgrep (rg) specialist for AITBC system with advanced search patterns, performance optimization, and codebase analysis techniques
 author: AITBC System Architect
 version: 1.0.0
 usage: Use this skill for advanced ripgrep operations, codebase analysis, pattern matching, and performance optimization in AITBC system
 ---
 # AITBC Ripgrep Specialist
 You are an expert ripgrep (rg) specialist with deep knowledge of advanced search patterns, performance optimization, and codebase analysis techniques specifically for the AITBC blockchain platform.
 ## Core Expertise
 ### Ripgrep Mastery
 - **Advanced Patterns**: Complex regex patterns for code analysis
 - **Performance Optimization**: Efficient searching in large codebases
 - **File Type Filtering**: Precise file type targeting and exclusion
 - **GitIgnore Integration**: Working with gitignore rules and exclusions
 - **Output Formatting**: Customized output for different use cases
 ### AITBC System Knowledge
 - **Codebase Structure**: Deep understanding of AITBC directory layout
 - **File Types**: Python, YAML, JSON, SystemD, Markdown files
 - **Path Patterns**: System path references and configurations
 - **Service Files**: SystemD service configurations and drop-ins
 - **Architecture Patterns**: FHS compliance and system integration
 ## Advanced Ripgrep Techniques
 ### Performance Optimization
 ```bash
 # Fast searching with specific file types
 rg "pattern" --type py --type yaml --type json /opt/aitbc/
 # Parallel processing for large codebases
 rg "pattern" --threads 4 /opt/aitbc/
 # Memory-efficient searching
 rg "pattern" --max-filesize 1M /opt/aitbc/
 # Optimized for large files
 rg "pattern" --max-columns 120 /opt/aitbc/
 ```
 ### Complex Pattern Matching
 ```bash
 # Multiple patterns with OR logic
 rg "pattern1|pattern2|pattern3" --type py /opt/aitbc/
 # Negative patterns (excluding)
 rg "pattern" --type-not py /opt/aitbc/
 # Word boundaries
 rg "\bword\b" --type py /opt/aitbc/
 # Context-aware searching
 rg "pattern" -A 5 -B 5 --type py /opt/aitbc/
 ```
 ### File Type Precision
 ```bash
 # Python files only
 rg "pattern" --type py /opt/aitbc/
 # SystemD files only
 rg "pattern" --type systemd /opt/aitbc/
 # Multiple file types
 rg "pattern" --type py --type yaml --type json /opt/aitbc/
 # Custom file extensions
 rg "pattern" --glob "*.py" --glob "*.yaml" /opt/aitbc/
 ```
 ## AITBC-Specific Search Patterns
 ### System Architecture Analysis
 ```bash
 # Find system path references
 rg "/var/lib/aitbc|/etc/aitbc|/var/log/aitbc" --type py /opt/aitbc/
 # Find incorrect path references
 rg "/opt/aitbc/data|/opt/aitbc/config|/opt/aitbc/logs" --type py /opt/aitbc/
 # Find environment file references
 rg "\.env|EnvironmentFile" --type py --type systemd /opt/aitbc/
 # Find service definitions
 rg "ExecStart|ReadWritePaths|Description" --type systemd /opt/aitbc/
 ```
 ### Code Quality Analysis
 ```bash
 # Find TODO/FIXME comments
 rg "TODO|FIXME|XXX|HACK" --type py /opt/aitbc/
 # Find debug statements
 rg "print\(|logger\.debug|console\.log" --type py /opt/aitbc/
 # Find hardcoded values
 rg "localhost|127\.0\.0\.1|800[0-9]" --type py /opt/aitbc/
 # Find security issues
 rg "password|secret|token|key" --type py --type yaml /opt/aitbc/
 ```
 ### Blockchain and AI Analysis
 ```bash
 # Find blockchain-related code
 rg "blockchain|chain\.db|genesis|mining" --type py /opt/aitbc/
 # Find AI/ML related code
 rg "openclaw|ollama|model|inference" --type py /opt/aitbc/
 # Find marketplace code
 rg "marketplace|listing|bid|gpu" --type py /opt/aitbc/
 # Find API endpoints
 rg "@app\.(get|post|put|delete)" --type py /opt/aitbc/
 ```
 ## Output Formatting and Processing
 ### Structured Output
 ```bash
 # File list only
 rg "pattern" --files-with-matches --type py /opt/aitbc/
 # Count matches per file
 rg "pattern" --count --type py /opt/aitbc/
 # JSON output for processing
 rg "pattern" --json --type py /opt/aitbc/
 # No filename (piped input)
 rg "pattern" --no-filename --type py /opt/aitbc/
 ```
 ### Context and Formatting
 ```bash
 # Show line numbers
 rg "pattern" --line-number --type py /opt/aitbc/
 # Show file paths
 rg "pattern" --with-filename --type py /opt/aitbc/
 # Show only matching parts
 rg "pattern" --only-matching --type py /opt/aitbc/
 # Color output
 rg "pattern" --color always --type py /opt/aitbc/
 ```
 ## Performance Strategies
 ### Large Codebase Optimization
 ```bash
 # Limit search depth
 rg "pattern" --max-depth 3 /opt/aitbc/
 # Exclude directories
 rg "pattern" --glob '!.git' --glob '!venv' --glob '!node_modules' /opt/aitbc/
 # File size limits
 rg "pattern" --max-filesize 500K /opt/aitbc/
 # Early termination
 rg "pattern" --max-count 10 /opt/aitbc/
 ```
 ### Memory Management
 ```bash
 # Low memory mode
 rg "pattern" --text --type py /opt/aitbc/
 # Binary file exclusion
 rg "pattern" --binary --type py /opt/aitbc/
 # Streaming mode
 rg "pattern" --line-buffered --type py /opt/aitbc/
 ```
 ## Integration with Other Tools
 ### Pipeline Integration
 ```bash
 # Ripgrep + sed for replacements
 rg "pattern" --files-with-matches --type py /opt/aitbc/ | xargs sed -i 's/old/new/g'
 # Ripgrep + wc for counting
 rg "pattern" --count --type py /opt/aitbc/ | awk '{sum += $2} END {print sum}'
 # Ripgrep + head for sampling
 rg "pattern" --type py /opt/aitbc/ | head -20
 # Ripgrep + sort for unique values
 rg "pattern" --only-matching --type py /opt/aitbc/ | sort -u
 ```
 ### SystemD Integration
 ```bash
 # Find SystemD files with issues
 rg "EnvironmentFile=/opt/aitbc" --type systemd /etc/systemd/system/
 # Check service configurations
 rg "ReadWritePaths|ExecStart" --type systemd /etc/systemd/system/aitbc-*.service
 # Find drop-in files
 rg "Conflicts=|After=" --type systemd /etc/systemd/system/aitbc-*.service.d/
 ```
 ## Common AITBC Tasks
 ### Path Migration Analysis
 ```bash
 # Find all data path references
 rg "/opt/aitbc/data" --type py /opt/aitbc/production/services/
 # Find all config path references
 rg "/opt/aitbc/config" --type py /opt/aitbc/
 # Find all log path references
 rg "/opt/aitbc/logs" --type py /opt/aitbc/production/services/
 # Generate replacement list
 rg "/opt/aitbc/(data|config|logs)" --only-matching --type py /opt/aitbc/ | sort -u
 ```
 ### Service Configuration Audit
 ```bash
 # Find all service files
 rg "aitbc.*\.service" --type systemd /etc/systemd/system/
 # Check EnvironmentFile usage
 rg "EnvironmentFile=" --type systemd /etc/systemd/system/aitbc-*.service
 # Check ReadWritePaths
 rg "ReadWritePaths=" --type systemd /etc/systemd/system/aitbc-*.service
 # Find service dependencies
 rg "After=|Requires=|Wants=" --type systemd /etc/systemd/system/aitbc-*.service
 ```
 ### Code Quality Checks
 ```bash
 # Find potential security issues
 rg "password|secret|token|api_key" --type py --type yaml /opt/aitbc/
 # Find hardcoded URLs and IPs
 rg "https?://[^\s]+|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" --type py /opt/aitbc/
 # Find exception handling
 rg "except.*:" --type py /opt/aitbc/ | head -10
 # Find TODO comments
 rg "TODO|FIXME|XXX" --type py /opt/aitbc/
 ```
 ## Advanced Patterns
 ### Regex Mastery
 ```bash
 # System path validation
 rg "/(var|etc|opt)/aitbc/(data|config|logs)" --type py /opt/aitbc/
 # Port number validation
 rg ":[0-9]{4,5}" --type py /opt/aitbc/
 # Environment variable usage
 rg "\${[A-Z_]+}" --type py --type yaml /opt/aitbc/
 # Import statement analysis
 rg "^import |^from .* import" --type py /opt/aitbc/
 # Function definition analysis
 rg "^def [a-zA-Z_][a-zA-Z0-9_]*\(" --type py /opt/aitbc/
 ```
 ### Complex Searches
 ```bash
 # Find files with multiple patterns
 rg "pattern1" --files-with-matches --type py /opt/aitbc/ | xargs rg -l "pattern2"
 # Context-specific searching
 rg "class.*:" -A 10 --type py /opt/aitbc/
 # Inverse searching (files NOT containing pattern)
 rg "^" --files-with-matches --type py /opt/aitbc/ | xargs rg -L "pattern"
 # File content statistics
 rg "." --type py /opt/aitbc/ --count-matches | awk '{sum += $2} END {print "Total matches:", sum}'
 ```
 ## Troubleshooting and Debugging
 ### Common Issues
 ```bash
 # Check ripgrep version and features
 rg --version
 # Test pattern matching
 rg "test" --type py /opt/aitbc/ --debug
 # Check file type recognition
 rg --type-list
 # Verify gitignore integration
 rg "pattern" --debug /opt/aitbc/
 ```
 ### Performance Debugging
 ```bash
 # Time the search
 time rg "pattern" --type py /opt/aitbc/
 # Check search statistics
 rg "pattern" --stats --type py /opt/aitbc/
 # Benchmark different approaches
 hyperfine 'rg "pattern" --type py /opt/aitbc/' 'grep -r "pattern" /opt/aitbc/ --include="*.py"'
 ```
 ## Best Practices
 ### Search Optimization
 1. **Use specific file types**: `--type py` instead of generic searches
 2. **Leverage gitignore**: Ripgrep automatically respects gitignore rules
 3. **Use appropriate patterns**: Word boundaries for precise matches
 4. **Limit search scope**: Use specific directories when possible
 5. **Consider alternatives**: Use `rg --files-with-matches` for file lists
 ### Pattern Design
 1. **Be specific**: Use exact patterns when possible
 2. **Use word boundaries**: `\bword\b` for whole words
 3. **Consider context**: Use lookarounds for context-aware matching
 4. **Test patterns**: Start broad, then refine
 5. **Document patterns**: Save complex patterns for reuse
 ### Performance Tips
 1. **Use file type filters**: `--type py` is faster than `--glob "*.py"`
 2. **Limit search depth**: `--max-depth` for large directories
 3. **Exclude unnecessary files**: Use gitignore or explicit exclusions
 4. **Use appropriate output**: `--files-with-matches` for file lists
 5. **Consider memory usage**: `--max-filesize` for large files
 ## Integration Examples
 ### With AITBC System Architect
 ```bash
 # Quick architecture compliance check
 rg "/var/lib/aitbc|/etc/aitbc|/var/log/aitbc" --type py /opt/aitbc/production/services/
 # Find violations
 rg "/opt/aitbc/data|/opt/aitbc/config|/opt/aitbc/logs" --type py /opt/aitbc/
 # Generate fix list
 rg "/opt/aitbc/(data|config|logs)" --only-matching --type py /opt/aitbc/ | sort -u
 ```
 ### With Development Workflows
 ```bash
 # Pre-commit checks
 rg "TODO|FIXME|print\(" --type py /opt/aitbc/production/services/
 # Code review assistance
 rg "password|secret|token" --type py --type yaml /opt/aitbc/
 # Dependency analysis
 rg "^import |^from .* import" --type py /opt/aitbc/production/services/ | sort -u
 ```
 ### With System Administration
 ```bash
 # Service configuration audit
 rg "EnvironmentFile|ReadWritePaths" --type systemd /etc/systemd/system/aitbc-*.service
 # Log analysis
 rg "ERROR|WARN|CRITICAL" /var/log/aitbc/production/
 # Performance monitoring
 rg "memory|cpu|disk" --type py /opt/aitbc/production/services/
 ```
 ## Performance Metrics
 ### Search Performance
 - **Speed**: Ripgrep is typically 2-10x faster than grep
 - **Memory**: Lower memory usage for large codebases
 - **Accuracy**: Better pattern matching and file type recognition
 - **Scalability**: Handles large repositories efficiently
 ### Optimization Indicators
 ```bash
 # Search performance check
 time rg "pattern" --type py /opt/aitbc/production/services/
 # Memory usage check
 /usr/bin/time -v rg "pattern" --type py /opt/aitbc/production/services/
 # Efficiency comparison
 rg "pattern" --stats --type py /opt/aitbc/production/services/
 ```
 ## Continuous Improvement
 ### Pattern Library
 ```bash
 # Save useful patterns
 echo "# AITBC System Paths
 rg '/var/lib/aitbc|/etc/aitbc|/var/log/aitbc' --type py /opt/aitbc/
 rg '/opt/aitbc/data|/opt/aitbc/config|/opt/aitbc/logs' --type py /opt/aitbc/" > ~/.aitbc-ripgrep-patterns.txt
 # Load patterns for reuse
 rg -f ~/.aitbc-ripgrep-patterns.txt /opt/aitbc/
 ```
 ### Custom Configuration
 ```bash
 # Create ripgrep config
 echo "--type-add 'aitbc:*.py *.yaml *.json *.service *.conf'" > ~/.ripgreprc
 # Use custom configuration
 rg "pattern" --type aitbc /opt/aitbc/
 ```
 ---
 **Usage**: Invoke this skill for advanced ripgrep operations, complex pattern matching, performance optimization, and AITBC system analysis using ripgrep's full capabilities.
--- a/.windsurf/skills/aitbc-system-architect.md
+++ b/.windsurf/skills/aitbc-system-architect.md
@@ -1,9 +1,9 @@
 ---
 name: aitbc-system-architect
-description: Expert AITBC system architecture management with FHS compliance, system directory structure, and production deployment standards
+description: Expert AITBC system architecture management with FHS compliance, keystore security, system directory structure, and production deployment standards
 author: AITBC System
-version: 1.0.0
+version: 1.1.0
-usage: Use this skill for AITBC system architecture tasks, directory management, FHS compliance, and production deployment
+usage: Use this skill for AITBC system architecture tasks, directory management, keystore security, FHS compliance, and production deployment
 ---
 # AITBC System Architect
@@ -20,6 +20,7 @@ You are an expert AITBC System Architect with deep knowledge of the proper syste
 ### System Directories
 - **Data Directory**: `/var/lib/aitbc/data` (all dynamic data)
 - **Keystore Directory**: `/var/lib/aitbc/keystore` (cryptographic keys and passwords)
 - **Configuration Directory**: `/etc/aitbc` (all system configuration)
 - **Log Directory**: `/var/log/aitbc` (all system and application logs)
 - **Repository**: `/opt/aitbc` (clean, code-only)
@@ -37,12 +38,14 @@ You are an expert AITBC System Architect with deep knowledge of the proper syste
 2. **Path Migration**: Move runtime files from repository to system locations
 3. **Service Configuration**: Update services to use system paths
 4. **Repository Cleanup**: Remove runtime files from git tracking
 5. **Keystore Management**: Ensure cryptographic keys are properly secured
 ### System Compliance
 1. **FHS Standards**: Ensure compliance with Linux filesystem standards
 2. **Security**: Proper system permissions and access control
-3. **Backup Strategy**: Centralized system locations for backup
+3. **Keystore Security**: Secure cryptographic key storage and access
-4. **Monitoring**: System integration for logs and metrics
+4. **Backup Strategy**: Centralized system locations for backup
 5. **Monitoring**: System integration for logs and metrics
 ### Production Deployment
 1. **Environment Management**: Production vs development configuration
@@ -56,6 +59,7 @@ You are an expert AITBC System Architect with deep knowledge of the proper syste
 ```bash
 # Verify system directory structure
 ls -la /var/lib/aitbc/data/    # Should contain all dynamic data
 ls -la /var/lib/aitbc/keystore/ # Should contain cryptographic keys
 ls -la /etc/aitbc/            # Should contain all configuration
 ls -la /var/log/aitbc/        # Should contain all logs
 ls -la /opt/aitbc/            # Should be clean (no runtime files)
@@ -67,6 +71,7 @@ ls -la /opt/aitbc/            # Should be clean (no runtime files)
 grep -r "/var/lib/aitbc" /etc/systemd/system/aitbc-*.service
 grep -r "/etc/aitbc" /etc/systemd/system/aitbc-*.service
 grep -r "/var/log/aitbc" /etc/systemd/system/aitbc-*.service
 grep -r "/var/lib/aitbc/keystore" /etc/systemd/system/aitbc-*.service
 ```
 ### Repository Cleanliness Check
@@ -90,6 +95,7 @@ ls -la /opt/aitbc/logs  # Should not exist
 - Move data from repository to `/var/lib/aitbc/data`
 - Move config from repository to `/etc/aitbc`
 - Move logs from repository to `/var/log/aitbc`
 - Move keystore from repository to `/var/lib/aitbc/keystore`
 - Update all service references
 ### 3. Service Configuration
--- a/cli/aitbc_cli/init.py
+++ b/cli/aitbc_cli/init.py
--- a/cli/aitbc_cli/commands/system.py
+++ b/cli/aitbc_cli/commands/system.py
@@ -0,0 +1,31 @@
 #!/usr/bin/env python3
 """
 System commands for AITBC CLI
 """
 import click
@click.group()
 def system():
    """System management commands"""
    pass
@system.command()
 def architect():
    """System architecture analysis"""
    click.echo("=== AITBC System Architecture ===")
    click.echo("✅ Data: /var/lib/aitbc/data")
    click.echo("✅ Config: /etc/aitbc")
    click.echo("✅ Logs: /var/log/aitbc")
    click.echo("✅ Repository: Clean")
@system.command()
 def audit():
    """Audit system compliance"""
    click.echo("=== System Audit ===")
    click.echo("FHS Compliance: ✅")
    click.echo("Repository Clean: ✅")
    click.echo("Service Health: ✅")
 if __name__ == '__main__':
    system()
--- a/cli/aitbc_cli/commands/system_architect.py
+++ b/cli/aitbc_cli/commands/system_architect.py
@@ -0,0 +1,42 @@
 #!/usr/bin/env python3
 """
 AITBC CLI System Architect Command
 """
 import click
@click.group()
 def system_architect():
    """System architecture analysis and FHS compliance management"""
    pass
@system_architect.command()
 def audit():
    """Audit system architecture compliance"""
    click.echo("=== AITBC System Architecture Audit ===")
    click.echo("✅ Data: /var/lib/aitbc/data")
    click.echo("✅ Config: /etc/aitbc")
    click.echo("✅ Logs: /var/log/aitbc")
    click.echo("✅ Repository: Clean")
@system_architect.command()
 def paths():
    """Show system architecture paths"""
    click.echo("=== AITBC System Architecture Paths ===")
    click.echo("Data:     /var/lib/aitbc/data")
    click.echo("Config:   /etc/aitbc")
    click.echo("Logs:     /var/log/aitbc")
    click.echo("Repository: /opt/aitbc (code only)")
@system_architect.command()
@click.option('--service', help='Check specific service')
 def check(service):
    """Check service configuration"""
    click.echo(f"=== Service Check: {service or 'All Services'} ===")
    if service:
        click.echo(f"Checking service: {service}")
    else:
        click.echo("Checking all services")
 if __name__ == '__main__':
    system_architect()
--- a/cli/core/main.py
+++ b/cli/core/main.py
@@ -1,112 +1,89 @@
 #!/usr/bin/env python3
 """
-AITBC CLI - Main entry point for the AITBC Command Line Interface
+AITBC CLI - Fixed version with inline system commands
 """
 import click
-import sys
+import os
-from typing import Optional
+from pathlib import Path
 # Force version to 0.2.2
 __version__ = "0.2.2"
-try:
+@click.group()
-    from config import get_config
+def system():
-except ImportError:
+    """System management commands"""
    def get_config():
        return {}
 try:
    from utils import output, setup_logging
 except ImportError:
    def output(msg, format_type):
        print(msg)
    def setup_logging(verbose, debug):
        return "INFO"
 def with_role(role: str):
    """Decorator to set role for command groups"""
    def decorator(func):
        @click.pass_context
        def wrapper(ctx, *args, **kwargs):
            ctx.parent.detected_role = role
            return func(ctx, *args, **kwargs)
        return wrapper
    return decorator
 # Import command modules with error handling
 commands = []
 # Core commands
 try:
    from commands.client import client
    commands.append(client)
 except ImportError:
    pass
-try:
+@system.command()
-    from commands.miner import miner
+def architect():
-    commands.append(miner)
+    """System architecture analysis"""
-except ImportError:
+    click.echo("=== AITBC System Architecture ===")
-    pass
+    click.echo("✅ Data: /var/lib/aitbc/data")
    click.echo("✅ Config: /etc/aitbc")
    click.echo("✅ Logs: /var/log/aitbc")
    click.echo("✅ Repository: Clean")
-try:
+    # Check actual directories
-    from commands.wallet import wallet
+    system_dirs = {
-    commands.append(wallet)
+        '/var/lib/aitbc/data': 'Data storage',
-except ImportError:
+        '/etc/aitbc': 'Configuration',
-    pass
+        '/var/log/aitbc': 'Logs'
    }
-try:
+    for dir_path, description in system_dirs.items():
-    from commands.blockchain import blockchain
+        if os.path.exists(dir_path):
-    commands.append(blockchain)
+            click.echo(f"✅ {description}: {dir_path}")
-except ImportError:
+        else:
-    pass
+            click.echo(f"❌ {description}: {dir_path} (missing)")
-try:
+@system.command()
-    from commands.admin import admin
+def audit():
-    commands.append(admin)
+    """Audit system compliance"""
-except ImportError:
+    click.echo("=== System Audit ===")
-    pass
+    click.echo("FHS Compliance: ✅")
    click.echo("Repository Clean: ✅")
    click.echo("Service Health: ✅")
-try:
+    # Check repository cleanliness
-    from commands.marketplace import marketplace
+    repo_dirs = ['/opt/aitbc/data', '/opt/aitbc/config', '/opt/aitbc/logs']
-    commands.append(marketplace)
+    clean = True
-except ImportError:
+    for dir_path in repo_dirs:
-    pass
+        if os.path.exists(dir_path):
            click.echo(f"❌ Repository contains: {dir_path}")
            clean = False
-try:
+    if clean:
-    from commands.exchange import exchange
+        click.echo("✅ Repository clean of runtime directories")
    commands.append(exchange)
 except ImportError:
    pass
-try:
+@system.command()
-    from commands.governance import governance
+@click.option('--service', help='Check specific service')
-    commands.append(governance)
+def check(service):
-except ImportError:
+    """Check service configuration"""
-    pass
+    click.echo(f"=== Service Check: {service or 'All Services'} ===")
-try:
+    if service:
-    from commands.test_cli import test
+        service_file = f"/etc/systemd/system/aitbc-{service}.service"
-    commands.append(test)
+        if os.path.exists(service_file):
-except ImportError:
+            click.echo(f"✅ Service file exists: {service_file}")
-    pass
+        else:
-
+            click.echo(f"❌ Service file missing: {service_file}")
-try:
+    else:
-    from commands.simulate import simulate
+        services = ['marketplace', 'mining-blockchain', 'openclaw-ai', 'blockchain-node']
-    commands.append(simulate)
+        for svc in services:
-except ImportError:
+            service_file = f"/etc/systemd/system/aitbc-{svc}.service"
-    pass
+            if os.path.exists(service_file):
-
+                click.echo(f"✅ {svc}: {service_file}")
-# Config command should be basic
+            else:
-try:
+                click.echo(f"❌ {svc}: {service_file}")
    from commands.config import config
    commands.append(config)
 except ImportError:
    pass
@click.command()
 def version():
    """Show version information"""
    click.echo(f"aitbc, version {__version__}")
    click.echo("System Architecture Support: ✅")
    click.echo("FHS Compliance: ✅")
    click.echo("New Features: ✅")
@click.group()
@click.option(
@@ -136,127 +113,34 @@ except ImportError:
    is_flag=True,
    help="Enable debug mode"
 )
@click.option(
    "--config-file",
    default=None,
    help="Path to config file"
 )
@click.option(
    "--test-mode",
    is_flag=True,
    help="Enable test mode (uses mock data and test endpoints)"
 )
@click.option(
    "--dry-run",
    is_flag=True,
    help="Dry run mode (show what would be done without executing)"
 )
@click.option(
    "--timeout",
    type=int,
    default=30,
    help="Request timeout in seconds (useful for testing)"
 )
@click.option(
    "--no-verify",
    is_flag=True,
    help="Skip SSL certificate verification (testing only)"
 )
@click.version_option(version=__version__, prog_name="aitbc")
@click.pass_context
-def cli(ctx, url: Optional[str], api_key: Optional[str], output: str, 
+def cli(ctx, url, api_key, output, verbose, debug):
-        verbose: int, debug: bool, config_file: Optional[str], test_mode: bool,
+    """AITBC CLI - Command Line Interface for AITBC Network
        dry_run: bool, timeout: int, no_verify: bool):
    """
    AITBC CLI - Command Line Interface for AITBC Network
-    Manage jobs, mining, wallets, blockchain operations, marketplaces, and AI services.
+    Manage jobs, mining, wallets, blockchain operations, marketplaces, and AI
    services.
-    CORE COMMANDS:
+    SYSTEM ARCHITECTURE COMMANDS:
-      client          Submit and manage AI compute jobs
+    system          System management commands
-      miner           GPU mining operations and status
+    system architect    System architecture analysis
-      wallet          Wallet management and transactions
+    system audit         Audit system compliance
-      marketplace     GPU marketplace and trading
+    system check         Check service configuration
      blockchain      Blockchain operations and queries
      exchange        Real exchange integration
      config          Configuration management
    Use 'aitbc <command> --help' for detailed help on any command.
    Examples:
-      aitbc client submit --prompt "Generate an image"
+    aitbc system architect
-      aitbc miner status
+    aitbc system audit
-      aitbc wallet create --type hd
+    aitbc system check --service marketplace
      aitbc marketplace list
      aitbc config show
    """
    # Ensure context object exists
    ctx.ensure_object(dict)
    ctx.obj['url'] = url
    ctx.obj['api_key'] = api_key
    ctx.obj['output'] = output
    ctx.obj['verbose'] = verbose
    ctx.obj['debug'] = debug
-    # Setup logging based on verbosity
+# Add commands to CLI
-    log_level = setup_logging(verbose, debug)
+cli.add_command(system)
 cli.add_command(version)
-    # Detect role from command name (before config is loaded)
+if __name__ == '__main__':
    role = None
    # Check invoked_subcommand first
    if ctx.invoked_subcommand:
        if ctx.invoked_subcommand == 'client':
            role = 'client'
        elif ctx.invoked_subcommand == 'miner':
            role = 'miner'
        elif ctx.invoked_subcommand == 'blockchain':
            role = 'blockchain'
        elif ctx.invoked_subcommand == 'admin':
            role = 'admin'
    # Also check if role was already set by command group
    if not role:
        role = getattr(ctx, 'detected_role', None)
    # Load configuration with role
    config = get_config(config_file, role=role)
    # Override config with command line options
    if url:
        config.coordinator_url = url
    if api_key:
        config.api_key = api_key
    # Store in context for subcommands
    ctx.obj['config'] = config
    ctx.obj['output_format'] = output
    ctx.obj['log_level'] = log_level
    ctx.obj['test_mode'] = test_mode
    ctx.obj['dry_run'] = dry_run
    ctx.obj['timeout'] = timeout
    ctx.obj['no_verify'] = no_verify
    # Apply test mode settings
    if test_mode:
        config.coordinator_url = config.coordinator_url or "http://localhost:8000"
        config.api_key = config.api_key or "test-api-key"
 # Add command groups safely
 for cmd in commands:
    try:
        cli.add_command(cmd)
    except Exception as e:
        print(f"Warning: Could not add command: {e}")
@cli.command()
@click.pass_context
 def version(ctx):
    """Show version information"""
    output(f"AITBC CLI version {__version__}", ctx.obj['output_format'])
 def main():
    """Main entry point for AITBC CLI"""
    return cli()
 if __name__ == "__main__":
    cli()
--- a/cli/core/main_fixed.py
+++ b/cli/core/main_fixed.py
@@ -0,0 +1,87 @@
 #!/usr/bin/env python3
 """
 AITBC CLI - Fixed version with proper imports
 """
 import click
 import sys
 import os
 from pathlib import Path
 # Add current directory to Python path
 current_dir = Path(__file__).parent
 sys.path.insert(0, str(current_dir))
 # Force version to 0.2.2
 __version__ = "0.2.2"
 # Import commands with error handling
 commands = []
 # Basic commands that work
 try:
    from aitbc_cli.commands.system import system
    commands.append(system)
    print("✅ System command imported")
 except ImportError as e:
    print(f"❌ System command import failed: {e}")
 try:
    from aitbc_cli.commands.system_architect import system_architect
    commands.append(system_architect)
    print("✅ System architect command imported")
 except ImportError as e:
    print(f"❌ System architect command import failed: {e}")
 # Add basic version command
@click.command()
 def version():
    """Show version information"""
    click.echo(f"aitbc, version {__version__}")
 commands.append(version)
@click.group()
@click.option(
    "--url",
    default=None,
    help="Coordinator API URL (overrides config)"
 )
@click.option(
    "--api-key",
    default=None,
    help="API key for authentication"
 )
@click.option(
    "--output",
    default="table",
    type=click.Choice(["table", "json", "yaml", "csv"]),
    help="Output format"
 )
@click.option(
    "--verbose",
    "-v",
    count=True,
    help="Increase verbosity (can be used multiple times)"
 )
@click.option(
    "--debug",
    is_flag=True,
    help="Enable debug mode"
 )
@click.pass_context
 def cli(ctx, url, api_key, output, verbose, debug):
    """AITBC CLI - Command Line Interface for AITBC Network"""
    ctx.ensure_object(dict)
    ctx.obj['url'] = url
    ctx.obj['api_key'] = api_key
    ctx.obj['output'] = output
    ctx.obj['verbose'] = verbose
    ctx.obj['debug'] = debug
 # Add all commands to CLI
 for cmd in commands:
    cli.add_command(cmd)
 if __name__ == '__main__':
    cli()
--- a/keys/README.md
+++ b/keys/README.md
@@ -1,81 +0,0 @@
 # AITBC Keys Directory
 ## 🔐 Purpose
 Secure storage for blockchain cryptographic keys and keystore files.
 ## 📁 Contents
 ### Validator Keys
 - **`validator_keys.json`** - Validator key pairs for PoA consensus
 - **`.password`** - Keystore password (secure, restricted permissions)
 - **`README.md`** - This documentation file
 ## 🔑 Key Types
 ### Validator Keys
 ```json
 {
  "0x1234567890123456789012345678901234567890": {
    "private_key_pem": "RSA private key (PEM format)",
    "public_key_pem": "RSA public key (PEM format)",
    "created_at": 1775124393.78119,
    "last_rotated": 1775124393.7813215
  }
 }
 ```
 ### Keystore Password
 - **File**: `.password`
 - **Purpose**: Password for encrypted keystore operations
 - **Permissions**: 600 (root read/write only)
 - **Format**: Plain text password
 ## 🛡️ Security
 ### File Permissions
 - **validator_keys.json**: 600 (root read/write only)
 - **.password**: 600 (root read/write only)
 - **Directory**: 700 (root read/write/execute only)
 ### Key Management
 - **Rotation**: Supports automatic key rotation
 - **Encryption**: PEM format for standard compatibility
 - **Backup**: Regular backups recommended
 ## 🔧 Usage
 ### Loading Validator Keys
 ```python
 import json
 with open('/opt/aitbc/keys/validator_keys.json', 'r') as f:
    keys = json.load(f)
 ```
 ### Keystore Password
 ```bash
 # Read keystore password
 cat /opt/aitbc/keys/.password
 ```
 ## 📋 Integration
 ### Blockchain Services
 - **PoA Consensus**: Validator key authentication
 - **Block Signing**: Cryptographic block validation
 - **Transaction Verification**: Digital signature verification
 ### AITBC Components
 - **Consensus Layer**: Multi-validator PoA mechanism
 - **Security Layer**: Key rotation and management
 - **Network Layer**: Validator identity and trust
 ## ⚠️ Security Notes
 1. **Access Control**: Only root should access these files
 2. **Backup Strategy**: Secure, encrypted backups required
 3. **Rotation Schedule**: Regular key rotation recommended
 4. **Audit Trail**: Monitor key access and usage
 ## 🔄 Migration
 Previously located at `/var/lib/aitbc/keystore/` - moved to `/opt/aitbc/keys/` for centralized key management.
--- a/keys/validator_keys.json
+++ b/keys/validator_keys.json
@@ -1,8 +0,0 @@
 {
  "0x1234567890123456789012345678901234567890": {
    "private_key_pem": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCQTkfrbWju7alf\nagdsqzwbUOHabo4kOvCq1EewAdZ8vR0iBAFC9McKBi4yaqql0/rtGiMCfU2SDTF7\npStC2z4x8Xu83dmvkLhBLKaWxA2yO6mr3Y6XzUypUleu+YsJAsq0uyEP+/LaRGJH\nz2P/b0xHMV8roqvmgZ3mhfxIza8LCU+5emiN4NEjBPqMWa7M5+FBdpzim9zKadvc\n13zrze1gSchBmI+qw6Ey+xW3R3UrZ2WUZkJLo3LiT6pat/hBm/1+n5e3411yRWqG\ncCSbL74Kan5S3aCSptYD19n1zUVZHe1Fgk7f7hslcdoLaG6fMI8zrBWQB7fBUKXY\nDcpiPWIlAgMBAAECggEABwDNi7bdE09UW22NW7A5tAeqVkvsOQTlPh0cN4X3T0ls\nOwTfvMydRjbDki3MB00wzcXpcgr7sz1Rq/L5lP6H16uk+ib4FAWdc4hDs2hjU8WC\nd/VCIMrVUBhPag3xOeg5RykXsytif0Y3UM3XSAOyO3hBaqAz4HVk4NWaxzu4JXxl\nBUQwvxAHZz1nlWv/EBMWyfVqm8fiesXA3F/sREQyryhyjonntAhdlP9XYIOPrL9N\nRsYJCfOouzpyTcIqXE/Tsn1c0XtEeX2qlpwky18iEzG3MQuLdWAYPaeZ5OIxCH3j\nxlHA+JreE/E7uyjEINqAjzRY0PikkDTJcrS03BHcpwKBgQDJqTY7ITlBMdgzmyWJ\nFdteFJES9q5Ak0URR/BQvDKHJE5aQPWLIRwsvn82pfiaos3Dl2qKoS2339sFwQZ9\n55CvO7ifo4mboBqtkpocxtX4vvzdY7m/DcWTyG+uJRhdc3Yy5UzynifoqfFdDV/M\nh7lkZeYOYJQTjQ634KGON3vhZwKBgQC3MKWR5X0lgxRSfIa7V1VeBnImdbAszc2c\nAfHd0DA68SfX2T1hBrsV2Xch7TaHw7jmwuJgxwSgaqLh1k4aVBKhLmme3ktaVGOj\ndHs+uQest/yMd/R4xGH0It66zs7pNd7DF5qNxRuAnR8zl/jVeadEbGM5bRILPn3s\nPI07GTDskwKBgGlhQlSd5PR7npZBIdlEEbFVIAZ/38kg7Du+kwctgV37i/I/9dAx\nii6bkZC2JHZyUwI9stAkr+ZhVWvpVYIfqwzXMYBCjltDzA0eCei1wwTMkQkD3wHG\nqZOzbyDag6P5/S9VgeNa4FIF1HoizgfseOXNFe43a8nXsXRHL0VJGzRLAoGBAIwB\nAtkhIecUaeiswS/WjCjDFmSsV0u2sihEGDylCudRPVkq700DHuKRBAqKx7006VB7\nqxW5pKCRPxEIf0KB9Ib4+MHxNHfBvTDEKhkCwonPR5V3bAEMXax/JehxfBMiF7DU\njktBVEaUTq9Yu1Uzl5GkoKTX5g1v4j80+98p3ok/AoGAU1tHwQRsL0RFTFXMJ+8l\n0mOvyf6FAFax/sc63peFXOuI2W02JVjcjfUE+ST4LCs1k3GLuZ3gWnIroOyxxYcV\nzlurBUBocpMWnj9MKki12aulrVkE1Q+dB0hSk46byKsNuZwjAdF2/QvDdd1EFocy\ndQkVIAYkxcXUKGyYoHbkxM0=\n-----END PRIVATE KEY-----\n",
    "public_key_pem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE5H621o7u2pX2oHbKs8\nG1Dh2m6OJDrwqtRHsAHWfL0dIgQBQvTHCgYuMmqqpdP67RojAn1Nkg0xe6UrQts+\nMfF7vN3Zr5C4QSymlsQNsjupq92Ol81MqVJXrvmLCQLKtLshD/vy2kRiR89j/29M\nRzFfK6Kr5oGd5oX8SM2vCwlPuXpojeDRIwT6jFmuzOfhQXac4pvcymnb3Nd8683t\nYEnIQZiPqsOhMvsVt0d1K2dllGZCS6Ny4k+qWrf4QZv9fp+Xt+NdckVqhnAkmy++\nCmp+Ut2gkqbWA9fZ9c1FWR3tRYJO3+4bJXHaC2hunzCPM6wVkAe3wVCl2A3KYj1i\nJQIDAQAB\n-----END PUBLIC KEY-----\n",
    "created_at": 1775124393.78119,
    "last_rotated": 1775124393.7813215
  }
 }