MYR — Methodological Yield Reports

A pistis-native intelligence compounding system. Every meaningful OODA cycle (Observe, Orient, Decide, Act) produces yield — techniques, insights, falsifications, patterns. MYR captures it cryptographically signed so it compounds across sessions, agents, and nodes.

Repo: https://github.com/JordanGreenhall/myr-system

Required Outputs

For every MYR operation, return:

1. Action performed
2. Artifact IDs affected
3. Verification result
4. Next recommended step

Installation (New Node)

One-step install (recommended)

curl -fsSL https://raw.githubusercontent.com/JordanGreenhall/myr-system/main/install.sh | bash

This clones the repo, installs dependencies, generates your keypair, prompts for a node ID, runs the five-command ping test, and adds MYR_HOME to your shell. Node is operational when it completes.

If you already have the repo cloned:

bash install.sh

Manual install

git clone https://github.com/JordanGreenhall/myr-system.git
cd myr-system
npm install
cp config.example.json config.json

Edit config.json:

• Set unique node_id (short, e.g. n2, north-star) — must not be n1
• Set port (default: 3719, choose any open port)
• Set node_url to your externally reachable address (Tailscale IP recommended — see Network section)
• Confirm paths and key locations are writable

Generate keys:

node scripts/myr-keygen.js

Set environment:

export MYR_HOME=/absolute/path/to/myr-system

Node Identity

Every node must have a unique node_id and a node_uuid. These are set during keygen and enforced at runtime.

All scripts refuse to run if node_id is still the default "n1". You will get an error with remediation steps and exit 1.

myr-keygen generates your keypair and writes node_uuid to config.json automatically. Verify your identity:

node $MYR_HOME/scripts/myr-identity.js

Output:

MYR Node Identity
─────────────────────────────────────────
  node_id:     n2
  node_uuid:   0c12b56f-0e44-44df-82a9-53d32dd0b1f3
  key:         SHA256:212a98c0e6f6b3c9…

  Fingerprint: n2 / 0c12b56f / SHA256:212a98c0e6f6b3c9…
─────────────────────────────────────────

Verify Installation (Ping Test)

Run all five. All must succeed.

cd $MYR_HOME
node scripts/myr-store.js --intent "Installation test" --type technique \
  --question "Does MYR work on this node?" --evidence "Store succeeded" \
  --changes "MYR is operational" --tags "test"
node scripts/myr-search.js --query "installation test"
node scripts/myr-verify.js --queue
node scripts/myr-sign.js --all
node scripts/myr-export.js --all

If all five succeed, node is operational.

---

HTTP Server (Live Peer Sync)

MYR includes an HTTP server for live peer-to-peer synchronization. Peers sync automatically on a schedule — no manual package exchange required.

Start the server

cd $MYR_HOME
node server/index.js

Output:

MYR node server listening on port 3719
  Discovery: http://<your-ip>:3719/.well-known/myr-node
  Health:    http://<your-ip>:3719/myr/health

Run as a persistent service (macOS launchd)

Create ~/Library/LaunchAgents/com.myr.server.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.myr.server</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/local/bin/node</string>
        <string>/path/to/myr-system/server/index.js</string>
    </array>
    <key>WorkingDirectory</key>
    <string>/path/to/myr-system</string>
    <key>EnvironmentVariables</key>
    <dict>
        <key>MYR_HOME</key>
        <string>/path/to/myr-system</string>
    </dict>
    <key>RunAtLoad</key>
    <true/>
    <key>KeepAlive</key>
    <true/>
    <key>StandardOutPath</key>
    <string>/path/to/myr-system/logs/server.log</string>
    <key>StandardErrorPath</key>
    <string>/path/to/myr-system/logs/server-error.log</string>
</dict>
</plist>

mkdir -p $MYR_HOME/logs
launchctl load ~/Library/LaunchAgents/com.myr.server.plist

Verify:

curl http://localhost:<port>/myr/health

Server endpoints

Endpoint	Auth	Purpose
GET /.well-known/myr-node	None	Node discovery (protocol version, public key, capabilities)
GET /myr/health	None	Health check (status, peer count, report count)
GET /myr/reports	Peer key	List shareable reports (supports since, limit params)
GET /myr/reports/:signature	Peer key	Fetch individual report
POST /myr/peers/announce	None	Peer announces itself for pairing

Network reachability

Peers must be able to reach each other's server. Options:

• Tailscale (recommended): Install Tailscale on both nodes, set node_url to your Tailscale IP (e.g. http://100.x.x.x:3719). Private, encrypted, no port forwarding needed.
• VPN: Any shared VPN works the same way.
• Public internet: Set node_url to your public IP/domain with port forwarding. Less recommended.

---

Peer Management

The bin/myr.js CLI manages live peers.

Add a peer by URL

node $MYR_HOME/bin/myr.js add-peer http://<peer-tailscale-ip>:<port>

This fetches the peer's discovery document, registers their public key, and sets trust to pending.

Exchange fingerprints out-of-band (required)

Before approving any peer, verify their fingerprint through a separate channel (voice, Signal, in-person):

# Your fingerprint — share this with your peer
node $MYR_HOME/bin/myr.js fingerprint

# Peer's fingerprint — confirm this matches what they told you
node $MYR_HOME/bin/myr.js peer-fingerprint <peer-node-id>

Do not approve a peer without confirming fingerprints out-of-band. This is the trust anchor.

Approve or reject

node $MYR_HOME/bin/myr.js approve-peer <node-id-or-url>
node $MYR_HOME/bin/myr.js reject-peer <node-id-or-url>

List peers

node $MYR_HOME/bin/myr.js peers

Manual sync (on demand)

node $MYR_HOME/bin/myr.js sync <peer-node-id>

Automatic sync runs every 15 minutes for all trusted peers once the server is running.

Mark reports as shareable

Only reports explicitly marked share_network=1 are served to peers. Mark your verified reports:

-- In your MYR database (db/myr.db)
BEGIN IMMEDIATE;
UPDATE myr_reports SET share_network=1
WHERE node_id='<your-node-id>' AND operator_rating >= 3 AND verified_at IS NOT NULL;
COMMIT;

---

Connecting to an Existing Peer (Full Flow)

1. Start your server and confirm it's reachable at your node_url
2. Get peer's URL — their Tailscale IP and port
3. Add them: node bin/myr.js add-peer <peer-url>
4. Exchange fingerprints out-of-band — call, Signal, in-person
5. Approve: node bin/myr.js approve-peer <peer-node-id>
6. Ask peer to approve you — they run the same steps from their side
7. Verify sync: node bin/myr.js sync <peer-node-id> — should return reports
8. Mark your reports shareable (see above) so peers can pull from you

---

Peer Verification (v1.2.0)

MYR v1.2.0 introduces in-band fingerprint verification during the announce flow. When a peer announces to your node, a 3-way check runs automatically:

1. The announced fingerprint matches the fingerprint computed from the announced public key.
2. The peer's discovery document is fetched from their URL.
3. The discovery document fingerprint matches both the announced and computed fingerprints.

Peers passing all three checks are marked verified-pending-approval. Peers failing any check are rejected with evidence stored for audit.

Verify a remote peer (CLI)

node $MYR_HOME/bin/myr.js node verify --url <peer-url>

Returns verified status, operator name, fingerprint, and latency. Exit code 1 on failure.

Announce to a peer

When adding a peer with myr peer add --url <url>, MYR fetches the peer's discovery document and sends an introduce request. In v1.2.0, the announce body includes fingerprint, node_uuid, and protocol_version fields for in-band verification.

Auto-approve verified peers

Set auto_approve_verified_peers: true in your node config (~/.myr/config.json or config.json) to automatically trust peers that pass 3-way fingerprint verification:

{
  "auto_approve_verified_peers": true,
  "auto_approve_min_protocol_version": "1.2.0"
}

When enabled:

• Peers announcing with protocol version ≥ auto_approve_min_protocol_version (default 1.2.0) that pass 3-way verification are immediately trusted.
• A reciprocal announce is sent automatically so both sides can establish trust in a single round-trip.
• The auto_approved flag is recorded in the peer record for audit.

Security note: Only enable auto-approve on nodes where you trust the network environment. On untrusted networks, keep manual approval (auto_approve_verified_peers: false, the default) and verify fingerprints out-of-band.

---

Capturing Yield

node $MYR_HOME/scripts/myr-store.js \
  --intent "What was being attempted" \
  --type insight \
  --question "The specific question resolved" \
  --evidence "Observable evidence supporting the answer" \
  --changes "What will be different next cycle" \
  --tags "domain1,domain2" \
  [--falsified "What was proven NOT to work"] \
  [--confidence 0.85] \
  [--agent agent-name]

Yield types:

• technique — reusable method that works
• insight — orientation-changing understanding
• falsification — proof something does not work (high value)
• pattern — recurring structure across cycles

Searching Prior Yield

node $MYR_HOME/scripts/myr-search.js --query "topic" [--tags "domain"] [--type technique] [--limit 5]

Use before known-domain work, architecture decisions, and when asked "what do we know about X?"

Verification and Rating Policy

• Rating scale is 1–5.
• Only designated operators may assign final ratings.
• A MYR is "network-eligible" only after at least 1 operator review with rating ≥ 3.
• Node join criterion: at least 10 MYRs, average operator rating ≥ 3.0 over the most recent 10 reviewed MYRs.

node $MYR_HOME/scripts/myr-verify.js --queue
node $MYR_HOME/scripts/myr-verify.js --id ID --rating 4 --notes "..."

Weekly Digest

node $MYR_HOME/scripts/myr-weekly.js [--week 2026-02-17] [--output report.md]

Manual Package Exchange (Alternative to Live Sync)

If live server sync is not available, export/import signed packages manually.

Export

node $MYR_HOME/scripts/myr-export.js --all

Produces signed JSON in $MYR_HOME/exports/.

Import

node $MYR_HOME/scripts/myr-import.js --file path.myr.json [--peer-key keys/peer.public.pem]

Import errors:

• "You are importing your own artifacts" — node_id and node_uuid match your node. Exit 2.
• "Label collision between two different nodes" — node_id matches but node_uuid differs. Peer must set a unique node_id and re-export. Exit 2.
• Key mismatch: import exits 3 with remediation. No silent key overwrite.

Cross-Node Synthesis

node $MYR_HOME/scripts/myr-synthesize.js --tags "domain" --min-nodes 2

Identifies convergent findings, divergences, and unique contributions across nodes.

Signing and Trust Requirements

• Every exported MYR bundle must include a detached signature and signer ID.
• Import must fail closed on signature verification failure.
• Never merge unsigned or unverifiable MYRs into trusted datasets.

Memory-System Integration (Async)

• MYR capture must be fire-and-forget from the primary agent flow.
• Do not block user response on MYR persistence.
• On persistence failure, log the error and surface a non-fatal warning.

ID Format

{node_id}-{YYYYMMDD}-{seq} — example: n2-20260227-001

Architecture

For network protocol and scale roadmap, see: $MYR_HOME/docs/NETWORK-ARCHITECTURE.md