Purge DeedShield references and replace with TrustSignal

.devcontainer/devcontainer.json

@@ -1,5 +1,5 @@
 {
-    "name": "Deed Shield Dev Container",
+    "name": "TrustSignal Dev Container",
     "image": "mcr.microsoft.com/devcontainers/typescript-node:1-20-bullseye",
     "features": {
         "ghcr.io/devcontainers/features/github-cli:1": {}

.kiro/specs/operator-console-enhancement/design.md

@@ -2,11 +2,11 @@
 
 ## Overview
 
-The Operator Console Enhancement transforms the existing Deed Shield verification interface into a compliance-focused system that matches the Figma design specifications. The design maintains all existing backend functionality while implementing a two-panel layout for document verification workflows used by notaries, title companies, and county recorders.
+The Operator Console Enhancement transforms the existing TrustSignal verification interface into a compliance-focused system that matches the Figma design specifications. The design maintains all existing backend functionality while implementing a two-panel layout for document verification workflows used by notaries, title companies, and county recorders.
 
 ## System Boundaries
 
-Deed Shield operates as a verification and attestation layer that:
+TrustSignal operates as a verification and attestation layer that:
 - Verifies RON bundle processes and produces receipts
 - Issues verifiable receipts and audit artifacts
 - Does NOT store documents

.kiro/specs/operator-console-enhancement/requirements.md

@@ -2,11 +2,11 @@
 
 ## Introduction
 
-Transform the existing Deed Shield verification interface into an Operator Console that matches the Figma design specifications. The system maintains all existing backend functionality while providing a verification interface for notaries, title companies, and county recorders.
+Transform the existing TrustSignal verification interface into an Operator Console that matches the Figma design specifications. The system maintains all existing backend functionality while providing a verification interface for notaries, title companies, and county recorders.
 
 ## System Boundaries
 
-Deed Shield is a verification and attestation layer that:
+TrustSignal is a verification and attestation layer that:
 - Verifies RON bundle processes and produces receipts
 - Issues verifiable receipts and audit artifacts
 - Does NOT store documents

.kiro/specs/operator-console-enhancement/tasks.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-Transform the existing Deed Shield verification interface into an Operator Console that matches the Figma design specifications. This implementation maintains all existing backend functionality while providing a verification interface with controlled inputs, operator attestation, and audit capabilities.
+Transform the existing TrustSignal verification interface into an Operator Console that matches the Figma design specifications. This implementation maintains all existing backend functionality while providing a verification interface with controlled inputs, operator attestation, and audit capabilities.
 
 ## System Boundaries
 - Verification and attestation layer only

.kiro/steering/design-system.md

@@ -2,10 +2,10 @@
 inclusion: always
 ---
 
-# Deed Shield Design System Rules
+# TrustSignal Design System Rules
 
 ## Project Context
-Deed Shield is a verification and attestation layer for real-estate recording workflows. The UI must reflect a neutral, compliance-focused aesthetic appropriate for regulatory software.
+TrustSignal is a verification and attestation layer for real-estate recording workflows. The UI must reflect a neutral, compliance-focused aesthetic appropriate for regulatory software.
 
 ## System Boundaries
 - Verification and attestation layer only

CHANGELOG.md

@@ -28,7 +28,7 @@ The format is based on Keep a Changelog and this project follows Semantic Versio
 
 ### Changed
 
-- Repositioned repository documentation from DeedShield-only framing to TrustSignal canonical platform framing.
+- Repositioned repository documentation from TrustSignal-only framing to TrustSignal canonical platform framing.
 - Standardized production-readiness narrative across `docs/final`, `TASKS.md`, and release artifacts.
 
 ### Security

PROJECT_PLAN.md

@@ -134,7 +134,7 @@ Update/merge into canonical plan and current architecture reality:
 - duplicated architecture summaries in root and legacy docs
 
 De-prioritize until Phase 3:
-- items in `docs/archive/legacy-2026-02-25/notebook/deedshield_v2_notebook.md` requiring mock-to-real ZKP conversion or portability expansion
+- items in `docs/archive/legacy-2026-02-25/notebook/trustsignal_v2_notebook.md` requiring mock-to-real ZKP conversion or portability expansion
 - older lab notebook implementation details in `docs/archive/legacy-2026-02-25/lab-notebook/*` except where they provide concrete test evidence needed for audit trails
 
 ## 9. Execution Cadence

README.md

@@ -225,7 +225,7 @@ TrustSignal does not provide:
 
 ## Current Repository Context
 
-DeedShield is the current application surface in this repository. The broader product framing remains TrustSignal as evidence integrity infrastructure and an integrity layer for existing workflows.
+TrustSignal is the current application surface in this repository. The broader product framing remains TrustSignal as evidence integrity infrastructure and an integrity layer for existing workflows.
 
 ## Validation
 

SECURITY_CHECKLIST.md

@@ -1,6 +1,6 @@
-# Deed Shield — Security & Production Readiness Checklist
+# TrustSignal — Security & Production Readiness Checklist
 
-> This document tracks the security posture of the Deed Shield API.
+> This document tracks the security posture of the TrustSignal API.
 > Each item is either ✅ (verified in-repo), 🔒 (enforced by code), or 📋 (requires infra/ops verification).
 
 ---
@@ -45,7 +45,7 @@
 
 | #   | Requirement                                | Status | Evidence                                                 |
 | --- | ------------------------------------------ | ------ | -------------------------------------------------------- |
-| 4.1 | Keccak-256 for document hashing            | ✅     | `keccak256Buffer` from `@deed-shield/core`.              |
+| 4.1 | Keccak-256 for document hashing            | ✅     | `keccak256Buffer` from `@trust-signal/core`.              |
 | 4.2 | Receipt hash verification                  | ✅     | `POST /receipt/:id/verify` recomputes hash.              |
 | 4.3 | JWT receipts have expiration               | ✅     | Enforced in core receipt builder.                        |
 | 4.4 | Private keys never in code or config files | ✅     | Only via `PRIVATE_KEY` env var, never imported directly. |

TASKS.md

@@ -30,7 +30,7 @@ Plan reference: `PROJECT_PLAN.md`
 
 ### P1-S3 Monitoring and Operational Baseline
 - [x] Implement service-level health/status reporting (`/api/v1/health`, `/api/v1/status`, `/api/v1/metrics`).
-- [x] Define baseline API metrics instrumentation (`deedshield_http_requests_total`, `deedshield_http_request_duration_seconds`).
+- [x] Define baseline API metrics instrumentation (`trustsignal_http_requests_total`, `trustsignal_http_request_duration_seconds`).
 - [x] Document incident/escalation workflow aligned with current architecture (`docs/final/10_INCIDENT_ESCALATION_AND_SLO_BASELINE.md`).
 - [x] Define alert thresholds and dashboard/SLO targets baseline (`docs/final/10_INCIDENT_ESCALATION_AND_SLO_BASELINE.md`).
 - [ ] Implement dashboard and alert rules in staging monitoring stack.

USER_MANUAL.md

@@ -1,10 +1,10 @@
-# DeedShield User Manual
+# TrustSignal User Manual
 
-**Version:** 2.0 (Risk & Compliance Enhanced)  
+**Version:** 2.0 (Risk & Compliance Enhanced)
 **Date:** February 2026
 
 ## 1. Overview
-DeedShield is an automated document verification platform designed to prevent real estate title fraud. It protects homeowners and county clerks by ensuring:
+TrustSignal is an automated document verification platform designed to prevent real estate title fraud. It protects homeowners and county clerks by ensuring:
 1.  **Recording Integrity**: Documents meet strict Cook County formatting and content rules.
 2.  **Fraud Detection**: An AI Risk Engine analyzes documents for signs of forgery or tampering.
 3.  **Immutable Proof**: Every validation is "anchored" on a public blockchain (EVM), creating a permanent, tamper-proof audit trail.
@@ -20,7 +20,7 @@ DeedShield is an automated document verification platform designed to prevent re
     *   *Note: Only PDF files are supported for full verification.*
 
 ### Step 2: Automated Extraction & Review
-Once uploaded, DeedShield automatically:
+Once uploaded, TrustSignal automatically:
 *   **Removes Watermarks**: Strips "DO NOT COPY" or "UNOFFICIAL" stamps to read the text.
 *   **Extracts Metadata**: Finds the **Parcel ID (PIN)** and **Grantor Name**.
 *   **Computes Hash**: Generates a unique `SHA-256` digital fingerprint of your file.
@@ -36,7 +36,7 @@ The system pre-fills the verification form with your document's data.
 3.  Click **"Verify Bundle"**.
 
 ### Step 4: Results & Receipt
-DeedShield runs a comprehensive audit and produces a **Verification Receipt**.
+TrustSignal runs a comprehensive audit and produces a **Verification Receipt**.
 *   **Decision**: 
     *   `ALLOW`: Safe to record.
     *   `FLAG`: Minor issues found (e.g., low visual quality, warnings).
@@ -63,7 +63,7 @@ The **Document Fraud Risk Engine** assigns a probability score (0.0 - 1.0) based
 
 ### C. Anchoring
 *   **"Anchored" Status**: The digital fingerprint (hash) of your receipt has been written to the Ethereum blockchain.
-*   **Proof**: This proves *exactly* what the document looked like and what the verification result was at that specific moment in time. Even DeedShield cannot alter this record later.
+*   **Proof**: This proves *exactly* what the document looked like and what the verification result was at that specific moment in time. Even TrustSignal cannot alter this record later.
 
 ---
 

apps/api/.env.example

@@ -40,7 +40,7 @@ RATE_LIMIT_GLOBAL_MAX=600
 RATE_LIMIT_API_KEY_MAX=120
 
 # Database (must enforce TLS; include sslmode=require)
-DATABASE_URL=postgresql://user:password@host:5432/deedshield?sslmode=require
+DATABASE_URL=postgresql://user:password@host:5432/trustsignal?sslmode=require
 # Supabase aliases (optional if you prefer naming by provider)
 SUPABASE_DB_URL=postgresql://postgres.<project-ref>:[password]@aws-0-<region>.pooler.supabase.com:6543/postgres?sslmode=require
 SUPABASE_POOLER_URL=postgresql://postgres.<project-ref>:[password]@aws-0-<region>.pooler.supabase.com:6543/postgres?sslmode=require

apps/api/SETUP.md

@@ -1,4 +1,4 @@
-# Deed Shield API — Developer Setup
+# TrustSignal API — Developer Setup
 
 ## Prerequisites
 
@@ -9,8 +9,8 @@
 ## 1. Clone & Install
 
 ```bash
-git clone git@github.com:chrismaz11/Deed_Shield.git
-cd Deed_Shield
+git clone git@github.com:trustsignal-dev/trustsignal.git
+cd trustsignal
 npm install            # installs all workspaces
 ```
 
@@ -67,7 +67,7 @@ npx prisma db seed
 
 ```bash
 docker run -d \
-  --name deed-shield-pg \
+  --name trust-signal-pg \
   -e POSTGRES_DB=deed_shield \
   -e POSTGRES_PASSWORD=localdev \
   -p 5432:5432 \

apps/api/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "@deed-shield/api",
+  "name": "@trust-signal/api",
   "version": "0.1.0",
   "private": true,
   "type": "commonjs",
@@ -15,7 +15,7 @@
     "test": "vitest run"
   },
   "dependencies": {
-    "@deed-shield/core": "file:../../packages/core",
+    "@trust-signal/core": "file:../../packages/core",
     "@fastify/cors": "^11.2.0",
     "@fastify/rate-limit": "^10.3.0",
     "@prisma/client": "^5.17.0",

apps/api/src/receiptPdf.ts

@@ -10,7 +10,7 @@ export async function renderReceiptPdf(receipt: Receipt): Promise<Buffer> {
     doc.on('end', () => resolve(Buffer.concat(chunks)));
     doc.on('error', reject);
 
-    doc.fontSize(18).text('Deed Shield Receipt', { underline: true });
+    doc.fontSize(18).text('TrustSignal Receipt', { underline: true });
     doc.moveDown();
     doc.fontSize(12);
     doc.text(`Receipt ID: ${receipt.receiptId}`);

apps/api/src/registryLoader.test.ts

@@ -4,7 +4,7 @@ import { fileURLToPath } from 'url';
 import * as fsPromises from 'fs/promises';
 
 import { loadRegistry } from './registryLoader.js';
-import { generateRegistryKeypair, signRegistry } from '@deed-shield/core';
+import { generateRegistryKeypair, signRegistry } from '@trust-signal/core';
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const registryDir = path.resolve(__dirname, '../../../packages/core/registry');

apps/api/src/server.ts

@@ -169,7 +169,7 @@ const vantaVerificationResultSchema = z.object({
   generatedAt: z.string().datetime(),
   vendor: z.object({
     name: z.literal('TrustSignal'),
-    module: z.literal('DeedShield'),
+    module: z.literal('TrustSignal'),
     environment: z.string(),
     apiVersion: z.literal('v1')
   }),
@@ -251,7 +251,7 @@ const vantaVerificationResultJsonSchema = {
       required: ['name', 'module', 'environment', 'apiVersion'],
       properties: {
         name: { const: 'TrustSignal' },
-        module: { const: 'DeedShield' },
+        module: { const: 'TrustSignal' },
         environment: { type: 'string' },
         apiVersion: { const: 'v1' }
       }
@@ -461,7 +461,7 @@ function receiptFromDb(record: ReceiptRecord) {
     decision: record.decision as 'ALLOW' | 'FLAG' | 'BLOCK',
     reasons: JSON.parse(record.reasons) as string[],
     riskScore: record.riskScore,
-    verifierId: 'deed-shield',
+    verifierId: 'trust-signal',
     receiptHash: record.receiptHash,
     fraudRisk: record.fraudRisk ? JSON.parse(record.fraudRisk) as DocumentRisk : undefined,
     zkpAttestation: record.zkpAttestation ? JSON.parse(record.zkpAttestation) as ZKPAttestation : undefined,
@@ -576,7 +576,7 @@ async function toVantaVerificationResult(record: ReceiptRecord, securityConfig:
     generatedAt: new Date().toISOString(),
     vendor: {
       name: 'TrustSignal' as const,
-      module: 'DeedShield' as const,
+      module: 'TrustSignal' as const,
       environment: process.env.NODE_ENV || 'development',
       apiVersion: 'v1' as const
     },
@@ -854,15 +854,15 @@ export async function buildServer(options: BuildServerOptions = {}) {
     fetchImpl: options.fetchImpl
   });
   const metricsRegistry = new Registry();
-  collectDefaultMetrics({ register: metricsRegistry, prefix: 'deedshield_api_' });
+  collectDefaultMetrics({ register: metricsRegistry, prefix: 'trustsignal_api_' });
   const httpRequestsTotal = new Counter({
-    name: 'deedshield_http_requests_total',
+    name: 'trustsignal_http_requests_total',
     help: 'Total HTTP requests served by the API',
     labelNames: ['method', 'route', 'status_code'] as const,
     registers: [metricsRegistry]
   });
   const httpRequestDurationSeconds = new Histogram({
-    name: 'deedshield_http_request_duration_seconds',
+    name: 'trustsignal_http_request_duration_seconds',
     help: 'HTTP request duration in seconds',
     labelNames: ['method', 'route', 'status_code'] as const,
     buckets: [0.01, 0.05, 0.1, 0.25, 0.5, 1, 2, 5],
@@ -940,7 +940,7 @@ export async function buildServer(options: BuildServerOptions = {}) {
     const forwardedProto = normalizeForwardedProto(request.headers['x-forwarded-proto']);
     return {
       status: 'ok',
-      service: 'deed-shield-api',
+      service: 'trust-signal-api',
       environment: process.env.NODE_ENV || 'development',
       uptimeSeconds: Math.floor(process.uptime()),
       timestamp: new Date().toISOString(),
@@ -1199,7 +1199,7 @@ export async function buildServer(options: BuildServerOptions = {}) {
       canonicalDocumentBase64: input.doc.pdfBase64
     });
 
-    const receipt = buildReceipt(input, verification, 'deed-shield', {
+    const receipt = buildReceipt(input, verification, 'trust-signal', {
       fraudRisk,
       zkpAttestation
     });

apps/api/src/services/compliance.ts

@@ -20,9 +20,9 @@ export interface ComplianceCheckResult {
 
 
 const COOK_COUNTY_SYSTEM_PROMPT = `
-DEEDSHIELD LLM SYSTEM PROMPT: Cook County Clerk Recording Requirements
+TRUSTSIGNAL LLM SYSTEM PROMPT: Cook County Clerk Recording Requirements
 Your Role
-You are an AI assistant integrated into DeedShield, a deed verification and title company automation platform. Your primary responsibility is to validate real estate documents against Cook County Clerk's Office recording requirements and identify policy mismatches before submission.
+You are an AI assistant integrated into TrustSignal, a deed verification and title company automation platform. Your primary responsibility is to validate real estate documents against Cook County Clerk's Office recording requirements and identify policy mismatches before submission.
 
 Core Recording Requirements (Illinois §55 ILCS 5/3-5018)
 All real estate documents submitted to the Cook County Clerk must meet these mandatory requirements:
@@ -210,7 +210,7 @@ Must affirm original not INTENTIONALLY DESTROYED or DISPOSED OF
 
 Requires notarized affidavit confirming oath statement is true
 
-6. Validation Protocol for DeedShield
+6. Validation Protocol for TrustSignal
 When analyzing a document, perform these checks:
 
 Format Check: Verify 8.5x11, margins, clerk's corner space, no staples

apps/watcher/src/index.js

@@ -25,7 +25,7 @@ if (!fs.existsSync(WATCH_DIR)) {
     console.log(`Created watch directory: ${WATCH_DIR}`);
 }
 
-console.log(`DeedShield Watcher Service started.`);
+console.log(`TrustSignal Watcher Service started.`);
 console.log(`Monitoring: ${WATCH_DIR}`);
 
 const watcher = chokidar.watch(WATCH_DIR, {
@@ -79,23 +79,23 @@ watcher.on('add', async (filePath) => {
         };
 
         // 3. Verify via API
-        console.log(' -> Verifying against Deed Shield Network...');
+        console.log(' -> Verifying against TrustSignal Network...');
         const response = await axios.post(API_URL, payload);
         const result = response.data;
 
         // 4. Notify User
         if (result.decision === 'ALLOW') {
             console.log(` -> ✅ RESULT: VERIFIED (Score: ${result.riskScore})`);
             notifier.notify({
-                title: 'Deed Shield Verified',
+                title: 'TrustSignal Verified',
                 message: `File: ${fileName}\nStatus: Is Clean (Score: 0)`,
                 sound: true
             });
         } else {
             console.log(` -> ⚠️ RESULT: ${result.decision}`);
             const reasons = Array.isArray(result.reasons) ? result.reasons.join(', ') : 'Unknown risks';
             notifier.notify({
-                title: 'Deed Shield Alert',
+                title: 'TrustSignal Alert',
                 message: `File: ${fileName}\nFlagged: ${reasons}`,
                 sound: 'Glass'
             });
@@ -104,7 +104,7 @@ watcher.on('add', async (filePath) => {
     } catch (err) {
         if (err.code === 'ECONNREFUSED') {
             console.error(' -> ❌ ERROR: API Server is unreachable. Is it running on port 3001?');
-            notifier.notify({ title: 'Deed Shield Error', message: 'Could not connect to Verification Server.' });
+            notifier.notify({ title: 'TrustSignal Error', message: 'Could not connect to Verification Server.' });
         } else {
             console.error(' -> ❌ ERROR:', err.message);
             if (err.response) {

apps/web/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "@deed-shield/web",
+  "name": "@trust-signal/web",
   "version": "0.1.0",
   "private": true,
   "type": "module",

docs/CANONICAL_MESSAGING.md

@@ -45,7 +45,7 @@ TrustSignal is evidence integrity infrastructure for existing workflows. It acts
 
 ### Entity Confusion
 
-- Do not collapse TrustSignal, DeedShield, Vanta, healthcare, and future marketplaces into one undifferentiated story
+- Do not collapse TrustSignal, TrustSignal, Vanta, healthcare, and future marketplaces into one undifferentiated story
 - Do not let the deed wedge define the entire product
 - Do not describe TrustSignal as a replacement for the system that collected the evidence