diff --git a/.gitignore b/.gitignore
index 8c72f93..d886314 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,3 +44,12 @@ slither-report.json
 
 # Local config
 .claude/settings.local*.json
+
+# Wallet files (NEVER commit)
+.production-wallet-backup.json
+.production-wallet-backup.json.password
+.test-wallet.json
+.test_wallets.json
+
+# Stoneforge
+.stoneforge/
diff --git a/README.md b/README.md
index fabd298..10b448e 100644
--- a/README.md
+++ b/README.md
@@ -244,14 +244,13 @@ Use **PredictionMarketV2** for everything. V1 lacks a resolution mechanism.
 
 ## Deployment
 
-The backend runs on **Railway** at `proteus-production-6213.up.railway.app`, auto-deploying from `main`.
+The backend runs on **Railway**, auto-deploying from `main`.
 
-| Service | Provider | Purpose |
-|---------|----------|---------|
-| Backend (gunicorn + Flask) | Railway | API, admin dashboard, marketing pages |
-| Redis | Railway | Caching, Celery broker, auth stores |
-| Postgres | Railway | Available but unused (chain-only mode) |
-| Smart contracts | BASE Sepolia | All market data on-chain |
+| Service | Purpose |
+|---------|---------|
+| Backend (gunicorn + Flask) | API, admin dashboard, marketing pages |
+| Redis | Caching, Celery broker, auth stores |
+| Smart contracts (BASE Sepolia) | All market data on-chain |
 
 ### Local Development
 
@@ -358,10 +357,6 @@ Open-source engines for temporal AI. Render the past. Simulate the future. Score
 | **SNAG Bench** | Open Source | timepoint-snag-bench | Quality Certifier — measures Causal Resolution across renderings |
 | **Proteus** | **Open Source** | **proteus** | **Settlement Layer — prediction markets that validate Rendered Futures** |
 | **TDF** | Open Source | timepoint-tdf | Data Format — JSON-LD interchange across all services |
-| **Web App** | Private | timepoint-web-app | Browser client at app.timepointai.com |
-| **iPhone App** | Private | timepoint-iphone-app | iOS client — Synthetic Time Travel on mobile |
-| **Billing** | Private | timepoint-billing | Payment processing — Apple IAP + Stripe |
-| **Landing** | Private | timepoint-landing | Marketing site at timepointai.com |
 
 **The Timepoint Thesis** — a forthcoming paper formalizing the Rendered Past / Rendered Future framework, the mathematics of Causal Resolution, the TDF specification, and the Proof of Causal Convergence protocol. Follow [@seanmcdonaldxyz](https://x.com/seanmcdonaldxyz) for updates.
 
diff --git a/app.py b/app.py
index 82bb9d9..af92c8f 100644
--- a/app.py
+++ b/app.py
@@ -41,7 +41,7 @@ def create_app():
     app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1, x_host=1)
     
     # Set secret key for flash messages only (not for sessions)
-    app.secret_key = os.environ.get("SESSION_SECRET", "phase7-blockchain-only-flash-messages")
+    app.secret_key = os.environ["SESSION_SECRET"]
     
     # Load configuration
     # Phase 4: Use chain-only configuration
diff --git a/config.py b/config.py
index ffa6e5b..d071004 100644
--- a/config.py
+++ b/config.py
@@ -19,7 +19,7 @@ class Config:
     
     # Node configuration
     NODE_OPERATOR_ID = os.environ.get('NODE_OPERATOR_ID') or 'default-node-001'
-    NODE_PRIVATE_KEY = os.environ.get('NODE_PRIVATE_KEY') or 'dev-private-key'
+    NODE_PRIVATE_KEY = os.environ.get('NODE_PRIVATE_KEY')
     NODE_PUBLIC_KEY = os.environ.get('NODE_PUBLIC_KEY') or 'dev-public-key'
     
     # BASE Blockchain configuration
diff --git a/docs/ARCHITECTURE.md b/docs/ARCHITECTURE.md
index d1a08c2..6a30724 100644
--- a/docs/ARCHITECTURE.md
+++ b/docs/ARCHITECTURE.md
@@ -36,7 +36,7 @@ The novel piece is on-chain Levenshtein distance as a scoring function for predi
 ┌─────────────────────▼───────────────────────────────────┐
 │              Flask Backend (Railway)                      │
 │  (gunicorn, API Routes, Wallet Auth, Redis Cache)        │
-│  proteus-production-6213.up.railway.app                  │
+│  (Railway deployment)                                    │
 └─────────────────────┬───────────────────────────────────┘
                       │
 ┌─────────────────────▼───────────────────────────────────┐
diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md
index d8c5917..320bfa2 100644
--- a/docs/ROADMAP.md
+++ b/docs/ROADMAP.md
@@ -22,7 +22,7 @@ Validate that on-chain Levenshtein distance works as a prediction market scoring
 - [x] Structured logging, request tracing
 - [x] Railway deployment (gunicorn + Redis, auto-deploy from GitHub)
 
-**Result:** The primitive works. Smart contracts handle the full lifecycle. Levenshtein scoring resolves markets deterministically on-chain. Backend deployed on Railway at `proteus-production-6213.up.railway.app`.
+**Result:** The primitive works. Smart contracts handle the full lifecycle. Levenshtein scoring resolves markets deterministically on-chain. Backend deployed on Railway.
 
 **Known tradeoffs (acceptable for prototype):**
 - PBKDF2 embedded wallet shim (not real CDP)
diff --git a/docs/SETUP.md b/docs/SETUP.md
index 33a7860..f30921d 100644
--- a/docs/SETUP.md
+++ b/docs/SETUP.md
@@ -297,13 +297,7 @@ See the README "Worked Examples" section for details on each example market.
 
 The app is deployed on Railway, auto-deploying from `main`.
 
-| Component | Provider |
-|-----------|----------|
-| Backend | Railway (gunicorn via `railway.json`) |
-| Redis | Railway Redis plugin |
-| Postgres | Railway (available, unused in chain-only mode) |
-
-Railway environment variables to configure: `REDIS_URL`, `JWT_SECRET_KEY`, `XCOM_BEARER_TOKEN`, `FIREBASE_*`, `COINBASE_*`, `DEPLOYER_PRIVATE_KEY`, `SESSION_SECRET`.
+Required environment variables: `REDIS_URL`, `JWT_SECRET_KEY`, `XCOM_BEARER_TOKEN`, `FIREBASE_*`, `COINBASE_*`, `DEPLOYER_PRIVATE_KEY`, `SESSION_SECRET`.
 
 ## Production Deployment (Mainnet)
 
diff --git a/docs/archive/FIREBASE-SETUP-GUIDE.md b/docs/archive/FIREBASE-SETUP-GUIDE.md
index 4aa4aa1..0c42042 100644
--- a/docs/archive/FIREBASE-SETUP-GUIDE.md
+++ b/docs/archive/FIREBASE-SETUP-GUIDE.md
@@ -85,7 +85,7 @@ This guide documents the exact Firebase Console configuration required for email
 5. Under **Application restrictions**:
    - Select **HTTP referrers**
    - Add:
-     - `https://proteus-production-6213.up.railway.app/*`
+     - `https://<your-railway-deployment-url>/*`
      - `https://yourdomain.com/*`
 6. Under **API restrictions**:
    - Select **Restrict key**
diff --git a/services/embedded_wallet.py b/services/embedded_wallet.py
index 7dc623b..7a08346 100644
--- a/services/embedded_wallet.py
+++ b/services/embedded_wallet.py
@@ -331,7 +331,7 @@ def _generate_seed(self, identifier: str) -> bytes:
                 "PBKDF2 seed generation should not be called when CDP is configured. "
                 "Use CDP wallet creation instead."
             )
-        master_secret = os.environ.get('MASTER_WALLET_SECRET', 'default-secret-change-in-production')
+        master_secret = os.environ["MASTER_WALLET_SECRET"]
         combined = f"{master_secret}:{identifier}"
         # Legacy salt — do not change without migrating existing wallets
         return hashlib.pbkdf2_hmac('sha256', combined.encode(), b'clockchain', 100000)
diff --git a/static/img/og-image.png b/static/img/og-image.png
new file mode 100644
index 0000000..b475053
Binary files /dev/null and b/static/img/og-image.png differ
diff --git a/templates/base.html b/templates/base.html
index 244cdba..bd1956a 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -4,7 +4,25 @@
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>{% block title %}Proteus Node Operator{% endblock %}</title>
-    
+    <meta name="description" content="{% block description %}Where rendered futures meet reality. Prediction market protocol powered by Timepoint AI.{% endblock %}">
+
+    <!-- Open Graph -->
+    <meta property="og:type" content="website">
+    <meta property="og:url" content="https://proteus.timepointai.com">
+    <meta property="og:title" content="{% block og_title %}Proteus — Where Rendered Futures Meet Reality{% endblock %}">
+    <meta property="og:description" content="{% block og_description %}Prediction market protocol powered by Timepoint AI temporal intelligence.{% endblock %}">
+    <meta property="og:image" content="{{ url_for('static', filename='img/og-image.png', _external=True) }}">
+    <meta property="og:image:width" content="1200">
+    <meta property="og:image:height" content="630">
+    <meta property="og:site_name" content="Proteus — Timepoint Labs">
+
+    <!-- Twitter -->
+    <meta name="twitter:card" content="summary_large_image">
+    <meta name="twitter:site" content="@timepointai">
+    <meta name="twitter:title" content="{% block twitter_title %}Proteus — Where Rendered Futures Meet Reality{% endblock %}">
+    <meta name="twitter:description" content="{% block twitter_description %}Prediction market protocol powered by Timepoint AI temporal intelligence.{% endblock %}">
+    <meta name="twitter:image" content="{{ url_for('static', filename='img/og-image.png', _external=True) }}">
+
     <!-- Bootstrap CSS -->
     <link href="https://cdn.replit.com/agent/bootstrap-agent-dark-theme.min.css" rel="stylesheet">