Bot and Agent Operations Checklist

Use this checklist while opening Norynta to automated clients, liquidity bots, and AI agents.

Launch Controls

• Keep live write access capped until npm run agent:conformance and production smoke checks pass.
• Require API keys for professional bots when BOT_API_KEYS is configured.
• Require wallet signatures for all trading and money-moving authority.
• Keep first-trade-check behavior in onboarding, examples, and support replies.
• Verify baseline writes from detected-country, China, and unknown-country probes.

Monitoring Signals

Track these signals daily during public growth:

• unexpected country block events or unknown-country failures
• bot API errors by status and machine-readable code
• agent key usage by key id, plan, endpoint, and quota profile
• rate-limit events by scope and caller
• trading write blocks from circuit breakers, pauses, and live-trading flags
• support contact rate for access, deposit, withdrawal, and API-key confusion

Response Playbook

• If country blocks spike, confirm Vercel/Cloudflare country headers and review docs/PUBLIC_GROWTH_COUNTRY_GEO_PROBES.md.
• If RATE_LIMITED spikes, ask clients to use backoff with full jitter and assign per-agent keys instead of shared generic traffic.
• If trading-write blocks spike, keep clients read-only until /api/agent/access write controls return healthy.
• If signature failures spike, point clients to wallet-signature headers and deterministic idempotency guidance in docs/public/AGENT_BOT_READINESS_CHECKLIST.md.
• If support requests cluster by country, review localization priority in docs/INTERNATIONAL_LAUNCH_READINESS.md.

Release Gates

Before broadening bot access, run:

npm run openapi:check
npm run check:agent-docs
npm run agent:quickstart
npm run agent:conformance
npm run check:prod:public-growth-countries