Infrastructure

Portfolio Smoke Walkthrough: Four-Call Settlement Validation

· By Lawenots Team · 9 min read

Portfolio deploy isn't done when DNS resolves. For Flomisma portfolio operators, go-live means proving the agent settlement flow works end-to-end — four API calls, deterministic pass criteria, and archived evidence. This walkthrough follows the agent-settlement-smoke template shipped in our repository.

Before you run smoke

  1. Clone templates/agent-settlement-smoke/ from the Lawenots repo
  2. Complete the interactive checklist at /portfolio-deploy
  3. Confirm staging endpoints, API keys, and DNS cutover window with Lawenots ops
  4. Set BASE_URL and API_KEY in the smoke environment file

Lawenots provisions infrastructure only — we do not sell protocol licenses. The smoke validates deploy wiring, not licensing entitlements.

The four calls

smoke.sh executes these in sequence. Any failure stops the run with a non-zero exit code:

StepEndpointPass criteria
1. CreatePOST /settlement/create201 + contract ID returned
2. ProofPOST /settlement/proof200 + proof payload attached
3. VerifyPOST /settlement/verify200 + verification status valid
4. SettlePOST /settlement/settle200 + settlement confirmed

Each step logs request/response bodies to stdout. Redirect output to a file — you'll need it for compliance archives.

Running the smoke

cd templates/agent-settlement-smoke
cp .env.example .env   # set BASE_URL and API_KEY
chmod +x smoke.sh
./smoke.sh 2>&1 | tee smoke-$(date +%Y%m%d).log

A clean run prints SMOKE PASS and exits 0. Typical portfolio deploys complete in under 15 minutes when DNS and TLS are already provisioned — Vantage Finance's team recorded 11 minutes on their first attempt.

What to archive

  • Smoke stdout — the .log file from above
  • ComplianceArchive export — if your stack emits one post-settle
  • SENTINEL attestation — hash from public audit after go-live scan
  • DNS/TLS verificationdig and SSL check output from the deploy checklist

These artifacts satisfy SOC 2 evidence requests for "deployment validation" without ad-hoc screenshots.

When smoke fails

Failures are reproducible by design. Common causes:

  • Stale API key or wrong BASE_URL (staging vs. production)
  • DNS not propagated — settlement host resolves to old IP
  • TLS certificate not yet issued on new vhost
  • Missing CORS or auth header on settlement routes

Re-run after fixing the specific step. Lawenots Portfolio plan includes operator support for smoke failures — see portfolio pricing.

Handoff checklist

After smoke passes:

  1. Archive all evidence to your compliance store
  2. Enable SENTINEL monitoring on production URLs
  3. Confirm backup retention and security headers per docs/PROVISIONING_RUNBOOK.md
  4. Sign off on the Lawenots handoff runbook with client ops contacts

Ready to validate a portfolio deploy?

Download the smoke template and walk through the interactive checklist.

Portfolio deploy pack