{ "schema": "https://gcagochina.com/access-api.json", "pageUrl": "https://gcagochina.com/access-api.html", "status": "public-access-api-member-access-live", "lastUpdated": "2026-06-18", "chainId": 8453, "contractAddress": "0x3197c42f4a06f7be32a9a742ac2a766f0ff682c6", "title": "GCA Access API Contract", "currentState": { "currentStage": "member-access-api-live", "contractOnly": false, "backendLive": true, "publicEndpointLive": true, "controlledHttpsAccountUiLive": true, "directSubmissionEndpointConfigured": true, "productionEmailRegistrationApiPrepared": true, "productionEmailRegistrationApiLive": true, "localDevelopmentBackendAvailable": true, "creditsEligibilitySubmissionLive": true, "gcaMemberEligibilitySubmissionLive": true, "liveTradingEnabled": false, "reviewQueueContract": "published-manual-review-contract", "operationsRunbook": "public-access-operations-runbook-published", "memberPacketVersion": "gca_member_preregistration_v2", "emailRegistrationPacketVersion": "gca_email_registration_v1", "contactSuppressionPacketVersion": "gca_contact_suppression_v1", "memberAccessPacketVersion": "gca_member_access_v1", "walletVerificationLive": true, "creditLedgerWritesLive": true, "creditUsageLedgerPrepared": true, "creditUsageLedgerWritesLive": false, "creditUsageWorkerDeployBlocked": true, "creditUsageWorkerDryRunPassed": true, "creditUsageWorkerDeployBlockedBy": "Latest 2026-06-18 readiness check passed Worker dry-run and D1 visibility; blocked by Cloudflare account authentication and Worker deploy permission error [code: 10000]", "serviceRequestQueueLocalLive": true, "serviceRequestQueueWorkerPrepared": true, "serviceRequestQueueWorkerDryRunPassed": true, "serviceRequestQueueWorkerDeployBlocked": true, "serviceRequestQueueWorkerDeployBlockedBy": "Latest 2026-06-18 readiness check passed Worker dry-run and D1 visibility; blocked by Cloudflare account authentication and Worker deploy permission error [code: 10000]", "serviceRequestQueueProductionLive": false, "memberLedgerWritesLive": true }, "localDevelopmentBackend": { "status": "local-only-backend-available", "script": "tools/gca_member_backend.py", "localUrl": "http://127.0.0.1:8787/members.html", "operatorConsoleUrl": "http://127.0.0.1:8787/operator.html", "dataDirectory": ".gca_access_data/", "servesStaticSite": true, "sameOriginSubmissionOnLocalhost": true, "localEmailRegistrationUrl": "http://127.0.0.1:8787/register.html", "localOperatorSummaryEndpoint": "/gca/operator-summary", "localOperatorDigestEndpoint": "/gca/operator-digest", "localOperatorActionPlanEndpoint": "/gca/operator-action-plan", "localReviewPackageEndpoint": "/gca/review-package", "localSupportReviewUpdateEndpoint": "/gca/member-review", "localServiceRequestEndpoint": "/gca/service-requests", "localCreditUsageEndpoint": "/gca/credit-usage", "localReviewPackageExporter": "tools/export_gca_review_package.py", "localReviewPackageVerifier": "tools/verify_gca_review_package.py", "localReviewPackageRedactionModes": [ "full-local", "redacted-public" ], "publicProductionEndpointLive": false, "writesJsonlLedgers": [ "email_registrations", "pre_registrations", "wallet_verifications", "credit_ledger", "service_requests", "credit_usage", "member_ledger", "member_benefit_transfers", "support_reviews" ], "walletVerificationMethod": "Base Mainnet public RPC eth_call ERC-20 balanceOf", "transferReceiptVerificationMethod": "Base Mainnet public RPC eth_getTransactionReceipt ERC-20 Transfer log", "requiresSignature": false, "requiresTransaction": false, "automaticTokenTransfer": false }, "productionEmailRegistrationBackend": { "status": "deployed-workers-dev", "provider": "Cloudflare Workers + D1", "sourceDirectory": "cloudflare/gca-registration-worker/", "workerMain": "cloudflare/gca-registration-worker/src/worker.mjs", "databaseMigration": "cloudflare/gca-registration-worker/migrations/0001_email_registrations.sql", "contactSuppressionMigration": "cloudflare/gca-registration-worker/migrations/0002_contact_suppressions.sql", "documentation": "docs/gca_registration_backend.md", "apiBaseUrl": "https://gca-registration-api.gcagochina.workers.dev", "submissionEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/email-registrations", "contactSuppressionEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/contact-suppressions", "healthEndpoint": "https://gca-registration-api.gcagochina.workers.dev/health", "adminReadEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/email-registrations", "adminContactSuppressionReadEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/contact-suppressions", "adminExportTool": "tools/export_cloudflare_email_registrations.py", "adminSyncTool": "tools/sync_cloudflare_email_registrations.py", "readOnlyApiCheckTool": "tools/check_gca_registration_api.py", "workerDeployReadinessTool": "tools/check_gca_worker_deploy_readiness.py", "workerDeployReadinessCommand": "python3 tools/check_gca_worker_deploy_readiness.py --run-wrangler --run-cloudflare --require-deploy-auth", "workerDeployReadinessAuthSessionCheck": "cloudflare-auth-session", "workerDeployReadinessAuthRecoveryField": "authRecovery", "latestDeployReadinessCheckAt": "2026-06-18T08:37:28Z", "latestDeployReadinessSummary": { "wranglerDeployDryRun": "passed", "cloudflareD1Visibility": "passed", "cloudflareAuthSession": "failed", "cloudflareWorkerDeployPermission": "failed", "writesD1Records": false, "deploysWorker": false }, "pendingRoutePostDeployPublicSmokeCommand": "python3 tools/check_gca_registration_api.py --public-only --timeout 30 --include-pending-routes", "pendingRoutePostDeployAdminSmokeCommand": "python3 tools/check_gca_registration_api.py --token-file cloudflare/gca-registration-worker/.env.admin.local --limit 5 --include-pending-routes", "pendingRouteReleaseGates": [ "cloudflare-auth-session passes", "D1 visibility passes", "Worker deploy permission passes", "remote D1 migrations apply successfully", "wrangler deploy succeeds", "public smoke check passes with --include-pending-routes", "admin smoke check passes with --include-pending-routes" ], "workerDryRunPassed": true, "workerDeployPermissionStatus": "blocked-cloudflare-auth-code-10000", "publicOnlyApiCheckWorkflow": ".github/workflows/check-gca-registration-api.yml", "publicOnlyApiCheckRequiresSecrets": false, "contactCsvExportTool": "tools/export_gca_email_contacts.py", "registrationOpsTool": "tools/run_gca_registration_ops.py", "contactSuppressionTool": "tools/suppress_gca_contact.py", "contactSuppressionSyncTool": "tools/sync_cloudflare_contact_suppressions.py", "defaultAdminExportOutput": ".gca_access_data/cloudflare_email_registrations_export.json", "publicRedactedAdminExportOutput": ".gca_access_data/cloudflare_email_registrations_public_redacted.json", "localSyncedLedger": ".gca_access_data/email_registrations.jsonl", "localContactCsvOutput": ".gca_access_data/gca_email_contacts.csv", "publicRedactedContactCsvOutput": ".gca_access_data/gca_email_contacts_public_redacted.csv", "registrationOpsSummaryOutput": ".gca_access_data/gca_registration_ops_summary.json", "contactSuppressionFile": ".gca_access_data/gca_contact_suppressions.jsonl", "adminReadTokenConfigured": true, "privacyHashSaltConfigured": true, "requiresCloudflareAccountDeployment": false, "requiresD1DatabaseId": false, "requiresAdminReadTokenSecret": false, "futureCustomDomain": "https://api.gcagochina.com", "futureCustomDomainBlockedBy": "current Cloudflare OAuth account cannot see the gcagochina.com zone", "customDomainExampleConfig": "cloudflare/gca-registration-worker/wrangler.custom-domain.example.toml", "publicWebsiteFallback": "official-email-fallback", "memberAccessMigration": "cloudflare/gca-registration-worker/migrations/0003_member_access_ledgers.sql", "creditUsageMigration": "cloudflare/gca-registration-worker/migrations/0004_credit_usage_ledger.sql", "serviceRequestMigration": "cloudflare/gca-registration-worker/migrations/0005_service_requests.sql", "memberAccessEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/member-access", "walletVerificationEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/wallet-verifications", "accessConfigEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/access-config", "adminCreditLedgerEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/credit-ledger", "adminServiceRequestsEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/service-requests", "adminCreditUsageEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/credit-usage", "adminMemberLedgerEndpoint": "https://gca-registration-api.gcagochina.workers.dev/gca/member-ledger", "antiSpamHoneypotFields": [ "website", "company", "homepage" ] }, "securityModel": { "controlledHttpsOriginRequired": true, "authenticatedAccountSessionRequired": true, "csrfProtectionRequiredForStateChangingRoutes": true, "honeypotBotTrapFieldsEnabled": true, "rateLimitsRequired": true, "structuredAuditLogsRequired": true, "serverSideChainValidationRequired": true, "serverSideContractValidationRequired": true, "walletVerificationReadOnly": true, "usesEthCall": true, "usesEthGetTransactionReceipt": true, "usesErc20BalanceOf": true, "requiresSignatureForBalanceRead": false, "requiresTransactionForBalanceRead": false, "custody": false, "withdrawalPermission": false, "privateKeyCollection": false, "seedPhraseCollection": false, "exchangeApiSecretCollection": false, "automaticLiveTradingEnabled": false, "riskControlBypassAllowed": false }, "memberPacketVersion": "gca_member_preregistration_v2", "emailRegistrationPacketVersion": "gca_email_registration_v1", "contactSuppressionPacketVersion": "gca_contact_suppression_v1", "serviceRequestPacketVersion": "gca_service_request_v1", "memberEvidenceFields": [ "memberBenefitReviewEvidence.holdingStartDate", "memberBenefitReviewEvidence.daysSinceHoldingStartPreview", "memberBenefitReviewEvidence.holdingPeriodPreviewEligible", "memberBenefitReviewEvidence.evidenceTxHash", "memberBenefitReviewEvidence.evidenceTxHashFormatOk", "memberBenefitReviewEvidence.evidenceNote" ], "endpoints": [ { "id": "email-registrations-create", "method": "POST", "path": "/gca/email-registrations", "status": "production-workers-dev-live", "purpose": "Receive a public email-only GCA user registration through the Cloudflare Workers + D1 backend. This creates a GCA email-intake record only; it does not create an account, activate credits, activate GCA Member status, or transfer tokens.", "requiredRequestFields": [ "email", "acknowledgements.emailContactConsent", "acknowledgements.noSecretsNoCustody" ], "optionalRequestFields": [ "displayName", "source", "language", "interests" ], "serverChecks": [ "email must be valid and normalized", "registration is idempotent by emailRegistrationId", "website/company/homepage honeypot fields must be empty", "no wallet address is required", "no wallet signature, transaction, private key, seed phrase, exchange API secret, or withdrawal permission is requested", "no credits, GCA Member status, or token transfer is automatically activated" ], "responseFields": [ "emailRegistrationId", "packetVersion", "email", "status", "createdAt", "alreadyRegistered", "walletRequired", "requiresSignature", "requiresTransaction", "automaticTokenTransfer", "nextStep" ], "allowedStatuses": [ "received" ] }, { "id": "email-registrations-read", "method": "GET", "path": "/gca/email-registrations", "status": "token-protected-admin-live", "purpose": "Read Cloudflare email-registration records for local operator sync and contact-export review. This endpoint is live but protected by ADMIN_READ_TOKEN; public visitors cannot read the registration ledger.", "requiredRequestFields": [ "authorization bearer token" ], "optionalRequestFields": [ "email", "limit" ], "responseFields": [ "records", "count", "emailRegistrationId", "email", "status" ], "allowedStatuses": [ "received" ] }, { "id": "contact-suppressions-create", "method": "POST", "path": "/gca/contact-suppressions", "status": "production-workers-dev-live", "purpose": "Receive a public email contact suppression request so future GCA contact CSV exports exclude that email.", "requiredRequestFields": [ "email", "acknowledgements.contactSuppressionRequested", "acknowledgements.noSecretsNoCustody" ], "optionalRequestFields": [ "reason", "source" ], "serverChecks": [ "email must be valid and normalized", "suppression is idempotent by suppressionId", "website/company/homepage honeypot fields must be empty", "no wallet address is required", "no wallet signature, transaction, private key, seed phrase, exchange API secret, or withdrawal permission is requested", "no credits, GCA Member status, or token transfer is changed" ], "responseFields": [ "suppressionId", "packetVersion", "email", "emailSha256", "status", "createdAt", "alreadySuppressed", "contactSuppressed", "requiresSignature", "requiresTransaction", "automaticTokenTransfer", "nextStep" ], "allowedStatuses": [ "suppressed" ] }, { "id": "contact-suppressions-read", "method": "GET", "path": "/gca/contact-suppressions", "status": "token-protected-admin-live", "purpose": "Read Cloudflare contact-suppression records for local operator sync. This is protected by ADMIN_READ_TOKEN.", "requiredRequestFields": [ "authorization bearer token" ], "optionalRequestFields": [ "email", "limit" ], "responseFields": [ "records", "count", "suppressionId", "email", "emailSha256", "status", "contactSuppressed" ], "allowedStatuses": [ "suppressed" ] }, { "id": "access-config-read", "method": "GET", "path": "/gca/access-config", "status": "production-workers-dev-live", "purpose": "Return public GCA access thresholds, chain identity, endpoint paths, and safety boundaries for the account UI.", "requiredRequestFields": [], "responseFields": [ "version", "chainId", "contractAddress", "thresholds", "boundaries", "endpoints" ], "allowedStatuses": [ "ok" ] }, { "id": "member-access-create", "method": "POST", "path": "/gca/member-access", "status": "production-workers-dev-live", "purpose": "Receive live controlled account intake through the Workers + D1 backend, verify the Base wallet with read-only balanceOf, and write eligible credit/member ledger records.", "requiredRequestFields": [ "email", "walletAddress", "acknowledgements.emailContactConsent", "acknowledgements.noSecretsNoCustody", "acknowledgements.termsAccepted" ], "optionalRequestFields": [ "displayName", "holdingStartDate", "evidenceTxHash", "memberBenefitReviewEvidence" ], "serverChecks": [ "email and wallet address are normalized", "website/company/homepage honeypot fields must be empty", "read-only wallet verification runs before ledger writes", "no wallet signature, transaction, private key, seed phrase, exchange API secret, or withdrawal permission is requested" ], "responseFields": [ "account", "walletVerification", "creditLedger", "memberLedger", "thresholds", "boundaries" ], "allowedStatuses": [ "received", "verified", "eligible", "queued", "active", "needs_more_information", "rejected" ] }, { "id": "wallet-verifications", "method": "POST", "path": "/gca/wallet-verifications", "status": "production-workers-dev-live", "purpose": "Verify GCA balance with a read-only Base Mainnet ERC-20 balanceOf call.", "requiredRequestFields": [ "walletAddress" ], "serverChecks": [ "chainId must be 8453", "contractAddress must be 0x3197c42f4a06f7be32a9a742ac2a766f0ff682c6", "walletAddress must be a valid EVM address", "website/company/homepage honeypot fields must be empty", "balance source must be read-only eth_call balanceOf" ], "responseFields": [ "walletVerification", "thresholds", "boundaries" ], "allowedStatuses": [ "queued", "verified", "below_threshold", "failed", "expired" ] }, { "id": "credit-ledger", "method": "GET", "path": "/gca/credit-ledger", "status": "token-protected-admin-live", "purpose": "Read account-level GCA AI Quant Access credit records through ADMIN_READ_TOKEN protected operator access.", "requiredRequestFields": [ "authorization bearer token" ], "responseFields": [ "creditLedgerId", "registrationId", "walletAddress", "creditAmount", "creditType", "activatedAt", "expiresAt", "remainingCredits", "status" ], "allowedStatuses": [ "not_connected", "queued", "ledger_recorded", "exhausted", "partially_used", "used", "expired", "revoked" ] }, { "id": "service-requests-read", "method": "GET", "path": "/gca/service-requests", "status": "prepared-worker-deploy-pending", "purpose": "Read operator-only GCA AI Quant Access service request queue records before reviewed service delivery through ADMIN_READ_TOKEN protected access after the Worker route passes Cloudflare auth, Worker deploy permission, remote deploy, and pending-route smoke gates; local operator backend support is implemented, and D1 visibility passed on the 2026-06-18 readiness check.", "requiredRequestFields": [ "authorization bearer token" ], "optionalRequestFields": [ "limit", "walletAddress", "creditLedgerId", "serviceRequestId" ], "responseFields": [ "serviceRequestId", "email", "walletAddress", "creditLedgerId", "serviceId", "serviceName", "requestedCreditHold", "remainingCreditsAtRequest", "status", "createdAt", "doesNotDeductCredits", "operatorReviewRequired" ], "allowedStatuses": [ "queued_operator_review", "queued_missing_credit_ledger", "queued_insufficient_credits" ] }, { "id": "service-requests-create", "method": "POST", "path": "/gca/service-requests", "status": "prepared-worker-deploy-pending", "purpose": "Queue an operator-reviewed service scope request without deducting credits after the Worker route passes Cloudflare auth, Worker deploy permission, remote deploy, and pending-route smoke gates; local operator backend support is implemented, and D1 visibility passed on the 2026-06-18 readiness check. Actual service delivery and credit usage remain separate operator actions.", "requiredRequestFields": [ "authorization bearer token", "email", "serviceId", "acknowledgements.noSecretsNoCustody", "acknowledgements.manualReviewOnly", "acknowledgements.noTradingPermission" ], "optionalRequestFields": [ "walletAddress", "creditLedgerId", "requestedCreditHold", "requestTitle", "requestSummary", "marketContext", "preferredLanguage" ], "serverChecks": [ "serviceId must be in the published GCA AI Quant Access service catalog", "requestedCreditHold must be an integer between 0 and 100", "creditLedgerId must exist when provided", "email must match the credit ledger email when creditLedgerId is provided", "walletAddress must match the credit ledger wallet when supplied", "no wallet connection, signature, transaction, private key, seed phrase, exchange API secret, withdrawal permission, or live order permission is requested", "the route queues review only and does not deduct credits" ], "responseFields": [ "serviceRequest", "creditLedger", "boundaries", "deductsCredits", "createsTradingPermission" ], "allowedStatuses": [ "queued_operator_review", "queued_missing_credit_ledger", "queued_insufficient_credits" ] }, { "id": "credit-usage-read", "method": "GET", "path": "/gca/credit-usage", "status": "prepared-worker-deploy-pending", "purpose": "Read account-level GCA AI Quant Access credit usage records through ADMIN_READ_TOKEN protected operator access after the Worker route passes Cloudflare auth, Worker deploy permission, remote deploy, and pending-route smoke gates; local operator backend support is implemented, and D1 visibility passed on the 2026-06-18 readiness check.", "requiredRequestFields": [ "authorization bearer token" ], "optionalRequestFields": [ "limit", "walletAddress", "creditLedgerId" ], "responseFields": [ "creditUsageId", "creditLedgerId", "walletAddress", "serviceId", "serviceName", "creditAmountUsed", "remainingCreditsBefore", "remainingCreditsAfter", "usedAt", "status", "requiresSignature", "requiresTransaction", "automaticTokenTransfer", "writesWallet" ], "allowedStatuses": [ "usage_recorded", "exhausted" ] }, { "id": "credit-usage-create", "method": "POST", "path": "/gca/credit-usage", "status": "prepared-worker-deploy-pending", "purpose": "Record operator-reviewed utility credit usage against an existing credit ledger entry and update remaining credits after the Worker route passes Cloudflare auth, Worker deploy permission, remote deploy, and pending-route smoke gates; local operator backend support is implemented, and D1 visibility passed on the 2026-06-18 readiness check.", "requiredRequestFields": [ "authorization bearer token", "creditLedgerId", "serviceId", "creditAmountUsed" ], "optionalRequestFields": [ "walletAddress", "operatorNote" ], "serverChecks": [ "creditLedgerId must exist", "serviceId must be in the published GCA AI Quant Access service catalog", "creditAmountUsed must be an integer between 0 and 100", "creditAmountUsed cannot exceed remainingCredits", "walletAddress must match the credit ledger wallet when supplied", "no wallet connection, signature, transaction, private key, seed phrase, exchange API secret, or withdrawal permission is requested" ], "responseFields": [ "creditUsage", "creditLedger", "boundaries", "remainingCreditsAfter", "automaticTokenTransfer", "writesWallet" ], "allowedStatuses": [ "usage_recorded", "exhausted" ] }, { "id": "member-ledger", "method": "GET", "path": "/gca/member-ledger", "status": "token-protected-admin-live", "purpose": "Read GCA Member ledger state and member-benefit review status through ADMIN_READ_TOKEN protected operator access.", "requiredRequestFields": [ "authorization bearer token" ], "responseFields": [ "memberLedgerId", "registrationId", "walletAddress", "tierName", "verifiedBalance", "holdingPeriodStartedAt", "holdingStartDate", "holdingPeriodDaysVerified", "holdingPeriodPreviewEligible", "evidenceTxHash", "evidenceTxHashFormatOk", "memberBenefitReviewEvidenceStatus", "memberBenefitAmount", "memberBenefitClaimStatus", "memberBenefitTransferTx", "activatedAt", "memberBenefitClaimedAt", "nextRefreshDueAt", "status" ], "allowedStatuses": [ "not_connected", "queued", "active", "needs_refresh", "below_threshold", "paused", "revoked" ] }, { "id": "support-review", "method": "POST", "path": "/gca/support-review", "status": "planned-not-live", "purpose": "Create or update operator-reviewed support status for account, wallet, credit, or member workflows.", "requiredRequestFields": [ "registrationId", "status", "updatedAt", "publicEvidenceReference", "memberBenefitReviewEvidence", "supportNote" ], "responseFields": [ "reviewId", "registrationId", "status", "updatedAt", "memberBenefitReviewEvidenceStatus" ], "allowedStatuses": [ "received", "wallet_pending", "eligible", "needs_more_information", "rejected", "ledger_recorded" ] }, { "id": "member-review", "method": "GET", "path": "/gca/member-review", "status": "planned-not-live", "purpose": "Read account review status after controlled account UI and support review workflow are live.", "requiredRequestFields": [ "authenticatedAccountSession" ], "responseFields": [ "registrationId", "walletAddress", "holderBonusEligible", "gcaMemberEligible", "holdingStartDate", "holdingPeriodDaysVerified", "evidenceTxHash", "evidenceTxHashFormatOk", "memberBenefitReviewEvidenceStatus", "memberBenefitClaimStatus", "reviewStatus", "nextStep" ], "allowedStatuses": [ "received", "wallet_pending", "eligible", "needs_more_information", "rejected", "ledger_recorded" ] }, { "id": "member-review-update", "method": "POST", "path": "/gca/member-review", "status": "local-only-not-public-production", "purpose": "Append a local operator support review status update for account, wallet, credit, or member workflows. This is an append-only JSONL operator note path and does not send user replies, write production data, call wallets, request signatures, or transfer GCA.", "requiredRequestFields": [ "localhostClient", "status", "nextStep", "reviewId or memberLedgerId or creditLedgerId or registrationId or walletAddress" ], "optionalRequestFields": [ "supportNote", "reviewerNote", "publicEvidenceReference", "lane" ], "responseFields": [ "supportReview", "reviewId", "parentReviewId", "registrationId", "walletAddress", "creditLedgerId", "memberLedgerId", "status", "nextStep", "boundaries", "automaticUserReply", "automaticTokenTransfer" ], "allowedStatuses": [ "contacted", "waiting_for_user_evidence", "waiting_for_operator_review", "needs_more_information", "pending_manual_reserve_transfer", "closed_resolved", "closed_no_action" ] }, { "id": "member-benefit-transfers-read", "method": "GET", "path": "/gca/member-benefit-transfers", "status": "local-only-not-public-production", "purpose": "Read local JSONL records for manually completed reserve-wallet GCA Member benefit transfers.", "requiredRequestFields": [ "localhostClient" ], "responseFields": [ "transferRecordId", "memberLedgerId", "recipientWallet", "memberBenefitAmount", "memberBenefitTransferTx", "memberBenefitTransferUrl", "transferVerificationStatus", "transferVerification", "transferredAt", "status" ], "allowedStatuses": [ "transferred" ] }, { "id": "member-benefit-transfers-create", "method": "POST", "path": "/gca/member-benefit-transfers", "status": "local-only-not-public-production", "purpose": "Record a manually completed 10,000 GCA reserve-wallet transfer after the operator signs it outside this app and the local backend verifies the transaction receipt with read-only Base Mainnet data.", "requiredRequestFields": [ "memberLedgerId", "memberBenefitTransferTx", "recipientWallet", "reviewerNote" ], "optionalRequestFields": [ "sourceWallet" ], "responseFields": [ "transferRecord", "memberLedger", "supportReview", "alreadyRecorded" ], "serverChecks": [ "localhost client only", "memberLedgerId must reference an active GCA Member ledger entry", "memberBenefitClaimStatus must be pending_manual_reserve_transfer", "memberBenefitTransferTx must be a valid transaction hash", "eth_getTransactionReceipt is read-only", "receipt must contain a successful GCA Transfer log to recipientWallet", "matched transfer amount must be at least 10000 GCA", "sourceWallet must match the Transfer sender when provided", "no wallet connection, signature, private key, or token transfer is requested" ], "allowedStatuses": [ "transferred" ] }, { "id": "operator-summary", "method": "GET", "path": "/gca/operator-summary", "status": "local-only-not-public-production", "purpose": "Return local operator console counts and latest JSONL records for email registrations, pre-registrations, wallet verifications, credit ledger, service request queue, credit usage, member ledger, member benefit transfers, and support reviews.", "requiredRequestFields": [ "localhostClient" ], "responseFields": [ "generatedAt", "dataLedgers", "totals", "operatorBoundaries", "serviceRequests", "serviceRequestsPendingOperatorReview", "requestedCreditHolds", "creditUsageRecords", "creditsConsumed", "memberBenefitTransfers", "transferredMemberBenefits", "publicSelfServiceClaim", "automaticTokenTransfer" ], "allowedStatuses": [ "local-only" ] }, { "id": "operator-digest", "method": "GET", "path": "/gca/operator-digest", "status": "local-only-not-public-production", "purpose": "Return the latest local redacted operator digest created by tools/run_gca_daily_ops.py --build-digest, including public health, BaseScan preflight status, domain email snapshot alignment, member ops counts, support queue counts, holding evidence counts, and next actions without user records or secrets.", "requiredRequestFields": [ "localhostClient" ], "responseFields": [ "available", "digestOk", "digestGeneratedAt", "dailyOps", "dailyOps.baseScanPreflight", "dailyOps.baseScanPreflight.oldEmailFilePaths", "dailyOps.baseScanPreflight.missingTargetEmailFilePaths", "dailyOps.baseScanPreflight.snapshotAlignmentStatus", "dailyOps.baseScanPreflight.snapshotAlignmentStaleMarkers", "memberOps", "supportQueue", "holdingPeriod", "nextActions", "boundaries", "automaticTokenTransfer" ], "allowedStatuses": [ "local-only", "missing" ] }, { "id": "operator-action-plan", "method": "GET", "path": "/gca/operator-action-plan", "status": "local-only-not-public-production", "purpose": "Return a local manual operator checklist derived from local ledger counts and the redacted operator digest, including prioritized actions and a redacted support review preview.", "requiredRequestFields": [ "localhostClient" ], "optionalRequestFields": [ "limit" ], "responseFields": [ "packetVersion", "itemCount", "items", "supportReviewPreview", "sourceStatus", "totals", "boundaries", "automaticTokenTransfer" ], "allowedStatuses": [ "local-only" ] }, { "id": "review-package", "method": "GET", "path": "/gca/review-package", "status": "local-only-not-public-production", "purpose": "Export a localhost-only JSON reviewer evidence package containing local ledger totals, latest records, public reference links, and safety boundaries for support or platform follow-up. Use redact=public before external sharing.", "exportTool": "tools/export_gca_review_package.py", "verificationTool": "tools/verify_gca_review_package.py", "requiredRequestFields": [ "localhostClient" ], "optionalRequestFields": [ "limit", "redact=public" ], "responseFields": [ "packageType", "generatedAt", "packageDigestAlgorithm", "packageDigestSha256", "recordManifest", "operatorSummary", "exportBoundaries", "publicReferences", "reviewChecklist", "redactedForExternalSharing", "redactionPolicy", "publicSelfServiceClaim", "automaticTokenTransfer" ], "redactionPolicy": { "publicMode": "redact=public", "redactedFields": [ "email", "telegram", "reviewerNote", "supportNote", "evidenceNote" ], "keepsPublicChainEvidence": true }, "allowedStatuses": [ "local-only" ] } ], "eligibilityThresholds": { "holderBonusMinimum": "10000 GCA", "holderBonusCreditAmount": "100 GCA AI Quant Access credits", "gcaMemberMinimum": "1000000 GCA", "gcaMemberMinimumHoldingDays": 30, "gcaMemberBenefitAmount": "10000 GCA", "gcaMemberBenefitSource": "project or owner-held reserve transfer only; no new minting", "walletLimit": "one verified wallet per registered user", "registeredUserLimit": "one holder bonus, one member status review, and one member benefit review per registered user" }, "doNotCollect": [ "private key", "seed phrase", "exchange API secret", "withdrawal permission", "custody request", "fund-transfer request", "one-time code", "recovery phrase" ], "officialMarket": { "pair": "GCA/USDT", "dex": "Uniswap v4", "network": "Base Mainnet", "poolAddress": "0xfe6a598bf738d7eec9640897064ca3a490128d3d447ced96077aef8e9dd1c1d0", "quoteAsset": "USDT", "quoteAssetAddress": "0xfde4C96c8593536E31F229EA8f37b2ADa2699bb2", "liquidityDepth": "starter-depth-only" }, "officialLinks": { "accessApiPage": "https://gcagochina.com/access-api.html", "accessApi": "https://gcagochina.com/access-api.json", "accessPortalPage": "https://gcagochina.com/access.html", "accessPortal": "https://gcagochina.com/access.json", "memberAccessPreview": "https://gcagochina.com/gca/member-access/", "memberPreRegistrationPage": "https://gcagochina.com/members.html", "memberLedgerPage": "https://gcagochina.com/member-ledger.html", "memberLedger": "https://gcagochina.com/member-ledger.json", "supportPage": "https://gcagochina.com/support.html", "supportJson": "https://gcagochina.com/support.json", "creditsCatalogPage": "https://gcagochina.com/credits.html", "creditsCatalog": "https://gcagochina.com/credits.json", "releaseGatesPage": "https://gcagochina.com/release-gates.html", "releaseGates": "https://gcagochina.com/release-gates.json", "privacyNoticePage": "https://gcagochina.com/privacy.html", "participationTermsPage": "https://gcagochina.com/terms.html", "market": "https://gcagochina.com/markets.html", "reviewQueuePage": "https://gcagochina.com/review-queue.html", "reviewQueue": "https://gcagochina.com/review-queue.json", "operationsRunbookPage": "https://gcagochina.com/operations.html", "operationsRunbook": "https://gcagochina.com/operations.json", "memberAccessPage": "https://gcagochina.com/gca/member-access/" }, "publicClaimBoundaries": { "safeClaims": [ "GCA has a live public access API for email registration, contact suppression, access config, member access, and read-only wallet verification.", "The member access API is live on Cloudflare Workers + D1 and uses gca_member_access_v1.", "The Worker verifies Base Mainnet GCA balances with read-only eth_call and ERC-20 balanceOf.", "Eligible 10,000 GCA holders can create one 100 GCA AI Quant Access credits ledger record.", "GCA operators can record service-level credit usage against an existing credit ledger in the local operator backend; the Cloudflare Worker route is prepared, Worker dry-run and D1 visibility passed on 2026-06-18, and production remains non-live until Cloudflare auth, Worker deploy permission, remote deploy, and pending-route smoke gates pass.", "GCA operators can queue service scope requests in the local operator backend before delivery; the queue does not deduct credits or create trading permission.", "Eligible 1,000,000 GCA / 30-day holders can create a GCA Member review ledger record.", "The API contract forbids private keys, seed phrases, exchange API secrets, withdrawal permission, custody, and risk-control bypass.", "The 10,000 GCA member benefit remains manual review and reserve-wallet processing only.", "The official public market route is the Base Mainnet Uniswap v4 GCA/USDT pool." ], "doNotClaim": [ "credits or member status are cash, income, reimbursement, trading permission, or transferable value", "credit usage is public self-service redemption, cash settlement, or automatic wallet action", "a service request queue record means service delivery, credit deduction, trading permission, or wallet action has already happened", "GCA Member approval is automatic without wallet balance and 30-day holding-period review", "the 10,000 GCA member benefit is automatic or self-service transferred", "the API collects private keys, seed phrases, exchange API secrets, withdrawal permission, custody, or one-time codes", "API access provides live order execution or risk-control bypass" ] } }