- TOKEN_CLASSIFICATION.md: ASCII decision-flow diagram updated to match the
Rev-2 prose (program → extension → lock → empty → non-empty protected → route),
no longer routes all Token-2022 to UNSUPPORTED.
- CLAUDE.md: removed stale "Token-2022 support" from out-of-scope; documents
the gated Token-2022 policy + that classifier code still skips it for now.
- status.json: Phase 1 (Wallet Scanner) marked done — app deployed live at
feedthepyre.com (app at /, tracker at /status, api at /api), scan verified
end-to-end through the public stack.
Reviewed by a doc-consistency audit agent (verdict after fixes: consistent).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Most new tokens — incl. all Pump.fun launches — are Token-2022, so cleaning
only classic SPL misses the majority of real dust. PYRE now supports Token-2022
conservatively, gating on account+mint extensions:
- skip: confidential transfer, withheld transfer fees, frozen/default-frozen,
and any unrecognized extension (UNSUPPORTED). "Unknown means skip" now covers
unknown program OR unknown/unsafe extension.
- cleanable but flagged: transfer-hook & permanent-delegate (burn/close don't
fire a hook; you may always burn/close your own account); non-transferable is
burnable.
- rent reclaim = account's live lamports (Token-2022 size varies); CloseAccount
as a top-level instruction (CPI-Guard safe).
Updated PYRE_MVP_DESIGN.md (§5/§6/§7 + new §7.1 policy table + §8/§16),
TOKEN_CLASSIFICATION.md (categories, safety checklist, decision flow), SECURITY.md.
Researched against Solana docs + Neodyme review. Classifier CODE still skips all
Token-2022 (safe subset) until the extension-aware impl lands next.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
