# C7-A Private Beta Incident / Rollback Runbook

Marker: `C7A_SEED_USER_READINESS_1780381254`

## Severity
- SEV1: public domain broken, wrong package exposed, secret/package/runtime leak, or trading authority boundary violated.
- SEV2: seed-user cannot activate due product-side issue, support bundle export broken, or SHA256/manifest mismatch.
- SEV3: copy/link/template issue with workaround.

## Immediate actions
1. Stop expanding seed-user cohort.
2. Preserve timeline and screenshots.
3. Capture Cloudflare deployment short_id and GitHub commit.
4. If website deploy caused incident, rollback to previous known-good Git commit or switch domains only by explicit approval.
5. If package/signature/integrity issue, stop package distribution.
6. If trading-boundary issue, disable/stop affected user workflow and inspect RiskGateway/account/system mode.

## Never do
- Do not collect MT5 passwords, payment cards, private keys, raw machine ids or broker secrets.
- Do not grant trading authority from entitlement alone.
- Do not enable public installer or payment as an incident workaround.