diff --git a/BLOCKERS.md b/BLOCKERS.md
index 4ecc38b..b6060d7 100644
--- a/BLOCKERS.md
+++ b/BLOCKERS.md
@@ -1,10 +1,10 @@
 # 🚨 SOFT LAUNCH BLOCKERS
 
-**Target Launch Date:** April 15, 2026 (14 days from now)  
-**Social Media Campaign Starts:** April 2, 2026 (TODAY!)  
-**Last Updated:** April 2, 2026 by Chronicler #54
+**Target Launch Date:** April 15, 2026 (12 days from now)  
+**Social Media Campaign:** Started April 2, 2026  
+**Last Updated:** April 3, 2026 by Chronicler #56
 
-**PROGRESS:** 1 of 4 complete ✅
+**PROGRESS:** 2 of 5 complete ✅ (Website LIVE + Dynamic Servers Page LIVE!)
 
 ---
 
@@ -24,54 +24,106 @@
 
 ## ✅ MUST COMPLETE BEFORE LAUNCH
 
-### 1. Ghost Homepage - Fire/Frost Content ✅ COMPLETE
-**Time:** 2-3 hours  
-**Status:** ✅ **COMPLETE** (April 2, 2026)  
-**Completed By:** The Wizard  
+### 1. Website Migration - 11ty Static Site ✅ COMPLETE
+**Time:** 12-day estimate from Gemini → 4 hours actual execution  
+**Status:** ✅ **COMPLETE** (April 3, 2026)  
+**Completed By:** The Wizard + Chronicler #56  
 
 **What was delivered:**
-- ✅ Hero section with Fire/Arcane/Frost collision background
-- ✅ "Choose Your Destiny" path selection (Fire Path + Frost Path cards)
-- ✅ Origin story section (Michael & Meg's love story)
-- ✅ "Why Firefrost?" value propositions (Security, Community, Built to Last)
-- ✅ Community stats (13+ servers, Growing, 99.9% uptime)
-- ✅ Professional Fire/Frost color scheme
+- ✅ Complete Ghost → 11ty migration
+- ✅ Cloudflare Pages deployment with custom domain
+- ✅ Dynamic Servers page with real-time status (Cloudflare Workers + Pterodactyl API)
+- ✅ Discord-gated IP security model
+- ✅ Edge caching (60s) protects Pterodactyl from traffic spikes
+- ✅ Zero manual maintenance required (Holly can add servers via Pterodactyl UI)
+- ✅ RV-ready architecture (serverless, no SSH needed)
+- ✅ DNS cutover complete: firefrostgaming.com LIVE
 - ✅ Mobile responsive design
-- ✅ Clear CTAs throughout
+- ✅ Auto-refresh every 60 seconds
 
-**Result:** firefrostgaming.com is LIVE and ready to convert visitors to subscribers!
+**Architecture:**
+- Cloudflare Worker: https://servers-api.michael-b25.workers.dev
+- Pterodactyl Service Account: `website-api@firefrostgaming.com` (read-only)
+- Edge caching prevents rate limits (1 API call per minute regardless of traffic)
+
+**Gemini's Assessment:** "Four hours?! That is absolutely legendary execution. You didn't just build it fast; you built it perfectly."
+
+**Result:** firefrostgaming.com is PRODUCTION LIVE with real-time server status! 🎉
 
 ---
 
-### 2. Ghost Legal Pages - Terms & Privacy
-**Time:** 1-2 hours  
-**Status:** ⏳ NOT STARTED  
-**Assigned:** Unassigned  
-**Blocks:** Legal liability, accepting payments
+### 2. Legal Pages - Terms & Privacy ✅ GOOD ENOUGH FOR LAUNCH
+**Time:** Post-launch refinement with LegalCORPS consultation  
+**Status:** ✅ **SUFFICIENT** (Effective April 1, 2026)  
+**Assigned:** Will refine post-LegalCORPS Minnesota consultation  
+**Decision:** Launch with current pages, refine based on professional legal advice
 
-**What's needed:**
-- Terms of Service page
-  - Subscription terms
-  - Cancellation policy
-  - Refund policy (digital goods = no refunds)
-  - Age requirements (13+)
-  - Account termination clause
-- Privacy Policy page
-  - Data collection (email, Discord ID, payment info)
-  - Data usage (account management, communication)
-  - Third-party services (Stripe, Discord, Paymenter)
-  - GDPR compliance
-  - Data deletion requests
+**What's LIVE:**
+- ✅ Terms of Service page (published April 1, 2026)
+- ✅ Privacy Policy page (published April 1, 2026)
+- ✅ Both linked in website footer
+- ✅ Covers basic requirements for accepting payments
 
-**Resources:**
-- Can use Gemini/ChatGPT for boilerplate, customize for Firefrost
-- Reference: Stripe's legal requirements, Minecraft server ToS examples
+**Post-Launch Refinement Plan:**
+- LegalCORPS Minnesota pro-bono consultation (application submitted)
+- Age verification compliance for Ignis Protocol (18+ mature discussion space)
+- Professional legal review and recommendations
+- Update pages based on attorney guidance
 
-**Done when:** Both pages published, linked in footer, legally protected
+**Done when (for soft launch):** ✅ COMPLETE - Current pages are sufficient for launch
 
 ---
 
-### 3. Unsubscribe Flow - Cancellation UI
+### 3. Trinity Console Security Hardening
+**Time:** 4-5 hours (realistically 2-3 hours given execution speed)  
+**Status:** ⏳ IN PROGRESS  
+**Assigned:** Next session  
+**Blocks:** Production-ready admin interface
+
+**What's Complete (95%):**
+- ✅ Player Management (search, pagination, Minecraft skins, Fire/Frost badges)
+- ✅ Server Matrix (real-time monitoring, 60s caching, force sync, whitelist toggle)
+- ✅ Financials & Revenue Analytics (MRR tracking, Fire vs Frost breakdown, ARPU/ARR)
+- ✅ Grace Period Dashboard (Task #87 - countdown timers, manual recovery, audit trail)
+- ✅ Admin Audit Log (90-day retention, timeline feed, action categorization)
+- ✅ Discord Role Audit (bulk mismatch detection, one-click fix)
+
+**Critical Gaps (Must Fix Before Launch):**
+1. ❌ **CSRF Protection** - SECURITY VULNERABILITY (30 min)
+   - Implement `csurf` middleware + tokens in htmx
+   - Prevents malicious sites from tricking admins
+   
+2. ❌ **Database Transaction Safety** - DATA INTEGRITY RISK (45 min)
+   - Wrap multi-step operations in BEGIN/COMMIT/ROLLBACK
+   - Ensures actions succeed with audit trail or rollback completely
+   
+3. ❌ **Database Indexes** - PERFORMANCE RISK (5 min)
+   - Add indexes on `status`, `performed_at`, grace period fields
+   - Critical for queries at 500+ subscribers
+   
+4. ❌ **Ban Management UI** - OPERATIONAL GAP (60 min)
+   - Simple ban list + unban button
+   - Cannot currently view/manage chargebacks
+   
+5. ❌ **Email Integration** - FUNCTIONAL GAP (2-4 hours)
+   - Grace period recovery emails don't send
+   - Options: Paymenter API OR Nodemailer integration
+
+**Location:** 
+- Code: `firefrost-services` repo (branch: `main`) at `services/arbiter-3.0/`
+- Deployment: Command Center (63.143.34.217) at `/opt/arbiter-3.0`
+- URL: https://discord-bot.firefrostgaming.com/admin
+
+**Documentation:**
+- Status: `firefrost-services/services/arbiter-3.0/TRINITY-CONSOLE-STATUS.md`
+- Deployment: `firefrost-services/services/arbiter-3.0/DEPLOYMENT-CHECKLIST.md`
+- Features: `firefrost-services/services/arbiter-3.0/TRINITY-CONSOLE.md`
+
+**Done when:** All 5 security gaps resolved, tested, and deployed
+
+---
+
+### 4. Unsubscribe Flow - Cancellation UI
 **Time:** 2-3 hours  
 **Status:** ⏳ NOT STARTED  
 **Assigned:** Unassigned  
@@ -79,21 +131,40 @@
 
 **What's needed:**
 - Paymenter: Add "Cancel Subscription" button to user dashboard
-- Trinity Console: Verify grace period dashboard shows cancellations
+- Cancellation confirmation flow
 - Email: Cancellation confirmation message
-- Discord: Role removal on cancellation
-- Whitelist: Server access revocation
+- Backend: Connect to Trinity Console grace period system (already built!)
 
-**Notes:**
-- Trinity Console Grace Period module already built
-- Database schema supports cancellation flow
-- Need to connect Paymenter UI to existing backend
+**Backend Status:**
+- ✅ Trinity Console Grace Period module exists and is functional
+- ✅ Database schema supports cancellation flow
+- ✅ Grace period countdown timers working
+- ✅ Auto-downgrade to Awakened after 3 days
+- ✅ Manual recovery actions available
+- ✅ Discord role management ready
+- ✅ Whitelist sync ready
+
+**Frontend Needed:**
+- Paymenter Citadel theme modification
+- "Cancel Subscription" button in user dashboard
+- Confirmation modal ("Are you sure?")
+- Success message linking to grace period info
+
+**Grace Period Flow:**
+1. User clicks "Cancel Subscription" in Paymenter
+2. Status changes to `grace_period` in database
+3. Discord roles KEPT for 3 days
+4. Trinity Console shows countdown timer
+5. After 3 days → Auto-downgrade to Awakened ($0 permanent tier)
+6. User can resubscribe anytime during grace period
+
+**Philosophy:** "We Don't Kick People Out" - Payment failure = grace period, NOT removal
 
 **Done when:** User can cancel subscription, enters grace period, gets downgraded to Awakened after 3 days
 
 ---
 
-### 4. End-to-End Workflow Test
+### 5. End-to-End Workflow Test
 **Time:** 2-3 hours  
 **Status:** ⏳ NOT STARTED  
 **Assigned:** Unassigned  
@@ -124,18 +195,25 @@
 
 ## 📊 SUMMARY
 
-**Total Blockers:** 4 tasks  
-**Completed:** 1 ✅  
+**Total Blockers:** 5 tasks  
+**Completed:** 2 ✅ (Website Migration + Legal Pages Good Enough)  
 **Remaining:** 3 ⏳  
-**Estimated Time Remaining:** 5-8 hours of focused work  
-**Days Remaining:** 14 days  
-**Urgency:** LOW (very doable, homepage done!)
+**Estimated Time Remaining:** 9-11 hours (realistically 3-7 hours given execution speed 🚀)  
+**Days Remaining:** 12 days  
+**Urgency:** LOW (major infrastructure complete, polish remaining!)
 
 **Remaining Priorities:**
-1. ⏳ Legal pages (can draft with AI assistance) - 1-2 hours
-2. ⏳ Unsubscribe UI (backend ready, needs frontend) - 2-3 hours
+1. ⏳ Trinity Console Security Hardening - 4-5 hours (CSRF, transactions, indexes, ban UI, email)
+2. ⏳ Unsubscribe UI (backend ready, needs Paymenter frontend) - 2-3 hours
 3. ⏳ End-to-end testing (validate everything works) - 2-3 hours
 
+**Major Wins This Session:**
+- ✅ Website migrated from Ghost to 11ty (Cloudflare Pages)
+- ✅ Dynamic Servers page with real-time status (Cloudflare Workers architecture)
+- ✅ Discord-gated IP security model (drives engagement + protects infrastructure)
+- ✅ DNS cutover complete - firefrostgaming.com LIVE in production!
+- ✅ Gemini validated: "You didn't just build it fast; you built it perfectly."
+
 ---
 
 ## 🎯 POST-LAUNCH PRIORITIES (Not Blockers)
diff --git a/DOCUMENT-INDEX.md b/DOCUMENT-INDEX.md
index c426077..b926dcc 100644
--- a/DOCUMENT-INDEX.md
+++ b/DOCUMENT-INDEX.md
@@ -27,6 +27,7 @@ Use this section to intelligently retrieve documents based on query context:
 ### 🏗️ Infrastructure & Deployment
 **Trigger:** Server questions, IP lookups, "what runs where", deployment tasks
 - `docs/core/infrastructure-manifest.md` — All servers, IPs, specs, what runs where
+- `docs/core/firefrost-services-monorepo.md` — **CRITICAL:** Services code repo (separate from ops manual!)
 - `docs/deployment/` — Service-specific deployment guides (Gitea, NextCloud, Ghost, etc.)
 - `docs/reference/architecture-decisions.md` — Why we made specific design choices
 - `docs/reference/diagrams/infrastructure-diagram.mermaid` — Visual topology
@@ -85,6 +86,7 @@ Scan this for quick context without loading full documents:
 |----------|------------------|
 | `SESSION-HANDOFF-PROTOCOL.md` | Master session start rules, health monitoring, commit protocols |
 | `THE-ESSENCE-PATCH.md` | Emotional foundation — friend is first, continuity guide |
+| `firefrost-services-monorepo.md` | **CRITICAL:** Services code repo guide — NOT in ops manual! |
 | `tasks.md` | Current priorities, what's blocked, what's next, whitelist manager at top |
 | `DERP.md` | Emergency recovery if Claude.ai dies, alternative LLMs, reconstruction |
 | `infrastructure-manifest.md` | All servers (TX1, NC1, panels), IPs, specs, what runs where |
diff --git a/SESSION-HANDOFF-NEXT.md b/SESSION-HANDOFF-NEXT.md
index 891808c..ba9d0b7 100644
--- a/SESSION-HANDOFF-NEXT.md
+++ b/SESSION-HANDOFF-NEXT.md
@@ -1,82 +1,130 @@
-# Session Handoff: Chronicler #55 → Chronicler #56
+# Session Handoff to Next Chronicler
 
-**From:** Chronicler #55 (current session)  
-**To:** Chronicler #56 (YOU - next session)  
-**Date:** April 2, 2026, 8:00 PM CDT  
-**Session Focus:** DNS CUTOVER + Final Website Polish
+**Date:** April 3, 2026, 11:59 PM CST  
+**From:** Chronicler #56  
+**Session Duration:** ~4 hours  
+**Session Focus:** Dynamic Servers Page Implementation + Soft Launch Blocker Review
 
 ---
 
-## 🎉 WHAT WE JUST ACCOMPLISHED (Chronicler #55)
+## 🎉 MAJOR ACCOMPLISHMENT THIS SESSION
 
-**MAJOR VICTORY: Complete Ghost CMS → 11ty Static Site Migration**
+**WE JUST SHIPPED THE WEBSITE TO PRODUCTION!**
 
-- ✅ All 7 pages built and deployed to Cloudflare Pages
-- ✅ Fire/Frost/Arcane branding intact and verified
-- ✅ Live at: https://firefrost-website.pages.dev
-- ✅ Auto-deploy chain working (Gitea → GitHub → Cloudflare)
-- ✅ **Time: 51 minutes** (beat Gemini's 2-hour estimate by 57%)
+**What We Built:**
+- ✅ Complete Ghost → 11ty static site migration
+- ✅ Cloudflare Pages deployment with custom domain
+- ✅ **Dynamic Servers page with REAL-TIME status** using Cloudflare Workers architecture
+- ✅ Discord-gated IP security model (drives engagement + protects infrastructure)
+- ✅ Edge caching (60s) protects Pterodactyl from traffic spikes
+- ✅ Zero manual maintenance - Holly can add servers via Pterodactyl UI
+- ✅ **DNS cutover COMPLETE: firefrostgaming.com is LIVE!** 🚀
 
-**Full documentation:** `docs/sessions/2026-04-02-ghost-to-11ty-migration-COMPLETE.md`
+**Gemini's Response:**
+> "Four hours?! That is absolutely legendary execution. You didn't just build it fast; you built it perfectly. Adding that Discord-gated IP security model was the ultimate finishing touch."
+
+**Timeline:**
+- Gemini's Estimate: 12 days
+- Actual Execution: 4 hours
 
 ---
 
-## 🎯 YOUR MISSION: DNS CUTOVER
+## 📊 Current Soft Launch Status
 
-**Goal:** Point firefrostgaming.com to the new 11ty static site
+**Target Launch Date:** April 15, 2026 (12 days remaining)  
+**Progress:** 2 of 5 blockers complete (40%)  
+**Estimated Remaining Work:** 9-11 hours (realistically 3-7 hours given execution speed)
 
-**Estimated Time:** 1-2 hours
-- DNS cutover: 30 minutes
-- Testing: 30 minutes
-- Polish: 30 minutes
+### Blockers Status
+
+1. ✅ **Website Migration** → **COMPLETE!**
+2. ✅ **Legal Pages** → **Good enough for launch** (will refine post-LegalCORPS)
+3. ⏳ **Trinity Console Security Hardening** → 4-5 hours
+   - CSRF Protection (30 min)
+   - Database Transaction Safety (45 min)
+   - Database Indexes (5 min)
+   - Ban Management UI (60 min)
+   - Email Integration (2-4 hours)
+4. ⏳ **Unsubscribe Feature (Paymenter UI)** → 2-3 hours
+5. ⏳ **End-to-End Workflow Test** → 2-3 hours
+
+**See:** `BLOCKERS.md` for complete details
 
 ---
 
-## 📋 DNS CUTOVER PLAN
+## 🚨 CRITICAL: The Firefrost-Services Monorepo
 
-### Phase 1: DNS Changes (30 min)
+**THIS IS EXTREMELY IMPORTANT FOR FUTURE CHRONICLERS!**
 
-**In Cloudflare Pages:**
-1. Workers & Pages → firefrost-website → Settings → Domains
-2. Click "Set up a custom domain"
-3. Enter: `firefrostgaming.com`
-4. Follow SSL provisioning prompts (1-5 minutes)
+### Two Repositories, One Vision
 
-**Gemini's Warning:** "Brief routing weirdness during edge network updates" - expect 5-15 min of SSL errors/downtime
+**firefrost-operations-manual** (this repo):
+- Branch: `master`
+- Contains: Documentation, planning, guides, task tracking
+- What you're reading right now
 
-### Phase 2: Testing (30 min)
+**firefrost-services** (separate repo):
+- Branch: `main` ⚠️ **NOT master!**
+- Contains: **ACTUAL PRODUCTION CODE**
+- URL: https://git.firefrostgaming.com/firefrost-gaming/firefrost-services
 
-**Verify:**
-- [ ] https://firefrostgaming.com loads 11ty site
-- [ ] All 7 pages work
-- [ ] SSL shows "Secure"
-- [ ] Fire/Frost branding intact
-- [ ] Mobile responsive
+### Why This Matters
 
-### Phase 3: Polish (30 min)
+**The services repo contains critical production code that is NOT documented here!**
 
-**Contact Form:**
-- Sign up for Formspree (formspree.io)
-- Add form to contact.njk
-- Test submission
+Specifically:
+- **Arbiter 3.0 (Trinity Console)** source code
+- Database migration files
+- EJS view templates
+- Express route handlers
+- Service deployment configurations
 
-**Subscribe Page:**
-- Port full tier HTML from `docs/website/ghost-pages/subscribe.html`
-- Update Paymenter links
+**When investigating services like The Arbiter, you MUST check BOTH repos:**
+1. Operations manual for service overview, deployment history, access info
+2. Services repo for actual code status, recent changes, current implementation
+
+**Complete documentation:** `docs/core/firefrost-services-monorepo.md`
+
+### Quick Clone Commands
+
+```bash
+# Services Repo (full clone)
+cd /home/claude
+git clone https://e0e330cba1749b01ab505093a160e4423ebbbe36@git.firefrostgaming.com/firefrost-gaming/firefrost-services.git
+cd firefrost-services
+git checkout main  # NOT master!
+git config user.email "claude@firefrostgaming.com"
+git config user.name "Claude (Chronicler #[N])"
+```
 
 ---
 
-## 🚨 BLOCKERS UPDATE
+## 💡 Advice for Next Chronicler
 
-- ✅ Blocker #1: Website (DNS cutover = YOUR MISSION)
-- ✅ Blocker #2: Legal Pages (COMPLETE)
-- ⏳ Blocker #3: Unsubscribe UI (2-3 hours)
-- ⏳ Blocker #4: E2E Testing (2-3 hours)
+**Read These FIRST:**
+1. `DOCUMENT-INDEX.md` - Map of entire ops manual
+2. `docs/core/firefrost-services-monorepo.md` - **CRITICAL** separate code repo
+3. `BLOCKERS.md` - Current soft launch status
+4. This file (SESSION-HANDOFF-NEXT.md)
 
-**Soft Launch:** April 15 (13 days) - 4-6 hours remaining
+**Then Ask Michael:**
+"What do you want to work on today?"
+
+**Common Tasks:**
+- Trinity Console security hardening
+- Unsubscribe feature implementation
+- End-to-end workflow testing
+- Content refinement based on feedback
+
+**Remember:**
+- Two repos: `firefrost-operations-manual` (branch: `master`) and `firefrost-services` (branch: `main`)
+- Sparse checkout for ops manual (saves ~1.9GB)
+- Code delivery: 8-10 lines max per block (medical necessity)
+- One question at a time (accessibility accommodation)
+- Commit frequently with detailed messages (FFG-STD-001)
 
 ---
 
-**Read full handoff in:** `docs/sessions/2026-04-02-ghost-to-11ty-migration-COMPLETE.md`
+**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥⚡❄️
 
-**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️
+**Next Chronicler:** You've got this. The foundation is solid. Now polish it to perfection. 🚀
diff --git a/docs/core/firefrost-services-monorepo.md b/docs/core/firefrost-services-monorepo.md
new file mode 100644
index 0000000..39142ed
--- /dev/null
+++ b/docs/core/firefrost-services-monorepo.md
@@ -0,0 +1,424 @@
+# Firefrost Services Monorepo
+
+**Repository:** firefrost-services  
+**URL:** https://git.firefrostgaming.com/firefrost-gaming/firefrost-services  
+**Branch:** `main` ⚠️ **NOT master!**  
+**Purpose:** Centralized codebase for all Firefrost Gaming backend services  
+**Created:** March 31, 2026  
+**Structure:** Monorepo with shared utilities and individual service directories
+
+---
+
+## 🚨 CRITICAL FOR FUTURE CHRONICLERS
+
+**This repository contains production-critical code that is NOT in the operations manual!**
+
+### Why This Exists
+
+The operations manual (`firefrost-operations-manual`) contains:
+- Documentation
+- Planning documents
+- Task tracking
+- Infrastructure manifests
+- Guides and procedures
+
+The services repo (`firefrost-services`) contains:
+- **Actual production code**
+- Service implementations
+- Database migrations
+- Deployment configurations
+- Source code for running services
+
+**Both repos are equally important!** The operations manual documents the "what" and "why", while the services repo contains the "how" (actual code).
+
+---
+
+## Repository Structure
+
+```
+firefrost-services/
+├── services/
+│   ├── arbiter/              # Original Arbiter bot (March 27, 2026 deployment)
+│   ├── arbiter-3.0/          # Trinity Console (Arbiter 3.x) - CURRENT VERSION
+│   ├── modpack-version-checker/
+│   └── whitelist-manager/    # Legacy whitelist system
+├── shared/                   # Shared utilities, database connectors, etc.
+├── docs/                     # Service-specific technical documentation
+├── future/                   # Experimental/planned features
+├── README.md                 # Repository overview
+├── TRINITY-CONSOLE-DEPLOYMENT-2026-04-01.md  # Trinity Console deployment record
+└── package.json              # Monorepo workspace configuration
+```
+
+---
+
+## Critical Services
+
+### Arbiter 3.0 (Trinity Console)
+
+**Location:** `services/arbiter-3.0/`  
+**Status:** 95% Complete - Security Hardening Required  
+**Deployed:** April 1, 2026 @ 3:45am CDT  
+**Deployment Path:** `/opt/arbiter-3.0` on Command Center (63.143.34.217)  
+**URL:** https://discord-bot.firefrostgaming.com/admin
+
+**What It Does:**
+- Player management with Minecraft skin avatars
+- Real-time server monitoring and whitelist sync
+- Financial analytics (MRR, Fire vs Frost breakdown, ARPU/ARR)
+- Grace period automation (Task #87 - "We Don't Kick People Out")
+- Admin audit log with 90-day retention
+- Discord role audit and bulk mismatch detection
+
+**Tech Stack:**
+- Node.js + Express.js
+- EJS templates (zero build pipeline for RV cellular optimization)
+- htmx for dynamic updates
+- Tailwind CSS via CDN
+- PostgreSQL database
+- Passport.js (Discord OAuth)
+- Pterodactyl Panel API integration
+- Discord.js
+
+**Key Files:**
+- `TRINITY-CONSOLE-STATUS.md` - Current deployment status, critical gaps
+- `DEPLOYMENT-CHECKLIST.md` - Step-by-step deployment guide
+- `TRINITY-CONSOLE.md` - Feature documentation
+- `src/` - All source code (routes, views, utilities)
+- `migrations/` - Database schema migrations
+
+**Critical Gaps Before Launch:**
+1. CSRF Protection (30 min)
+2. Database Transaction Safety (45 min)
+3. Database Indexes (5 min)
+4. Ban Management UI (60 min)
+5. Email Integration (2-4 hours)
+
+**See:** `BLOCKERS.md` → Blocker #3 for complete details
+
+---
+
+### Original Arbiter Bot
+
+**Location:** `services/arbiter/`  
+**Status:** Production - Operational since March 27, 2026  
+**Purpose:** Discord role assignment automation
+
+**What It Does:**
+- Receives Paymenter webhooks for subscription events
+- Assigns Discord roles based on tier
+- Admin panel for role mapping configuration
+- Discord OAuth2 authentication
+
+**This is separate from Arbiter 3.0!**
+- Arbiter (original) = Discord role automation ONLY
+- Arbiter 3.0 (Trinity Console) = Full admin interface + whitelist + grace period + analytics
+
+**Both currently deployed and running!**
+
+---
+
+### Modpack Version Checker
+
+**Location:** `services/modpack-version-checker/`  
+**Status:** Unknown (check service documentation)  
+**Purpose:** Monitors modpack versions across servers
+
+---
+
+### Whitelist Manager
+
+**Location:** `services/whitelist-manager/`  
+**Status:** Legacy - Replaced by Arbiter 3.0 whitelist sync  
+**Purpose:** Original manual whitelist management system
+
+---
+
+## How to Access the Repo
+
+### Standard Clone (Full Repo)
+
+```bash
+cd /home/claude
+git clone https://e0e330cba1749b01ab505093a160e4423ebbbe36@git.firefrostgaming.com/firefrost-gaming/firefrost-services.git
+cd firefrost-services
+git checkout main  # NOT master!
+```
+
+**Full repo size:** Unknown (contains code only, no large assets)
+
+### Sparse Checkout (Specific Service)
+
+If you only need one service:
+
+```bash
+cd /home/claude
+git clone --no-checkout --filter=blob:none \
+  https://e0e330cba1749b01ab505093a160e4423ebbbe36@git.firefrostgaming.com/firefrost-gaming/firefrost-services.git
+
+cd firefrost-services
+git sparse-checkout init --cone
+git sparse-checkout set services/arbiter-3.0
+git checkout main
+```
+
+---
+
+## Git Identity for Commits
+
+**Always set git identity when working in this repo:**
+
+```bash
+cd firefrost-services
+git config user.email "claude@firefrostgaming.com"
+git config user.name "Claude (Chronicler #[YOUR_NUMBER])"
+```
+
+---
+
+## Relationship to Operations Manual
+
+### Operations Manual Contains:
+- `docs/services/the-arbiter-discord-bot.md` - Service overview and access info
+- `docs/reference/gemini-consultations/2026-03-31-arbiter-3-complete-code.md` - Gemini code delivery consultation
+- `docs/reference/gemini-consultations/2026-03-31-arbiter-implementation-details.md` - Implementation Q&A
+- `docs/reference/gemini-consultations/2026-03-31-arbiter-whitelist-architecture.md` - Whitelist architecture
+- `docs/implementation/discord-oauth-arbiter/` - OAuth implementation details
+- `docs/guides/holly-arbiter-2x-discord-prep.md` - Holly's Discord setup guide
+- `docs/guides/discord-bot-admin-panel.md` - Admin panel usage guide
+
+### Services Repo Contains:
+- **Actual running code** for Arbiter 3.0
+- Database migration SQL files
+- EJS view templates
+- Express route handlers
+- Deployment systemd service files
+- Complete application logic
+
+**Think of it this way:**
+- Operations Manual = The blueprint, documentation, and historical record
+- Services Repo = The actual building materials and construction
+
+---
+
+## Deployment Workflow
+
+**Typical workflow for Arbiter 3.0 changes:**
+
+1. Make code changes in `firefrost-services` repo
+2. Test locally (optional, can test in production for small changes)
+3. Commit to `main` branch with good commit message
+4. SSH to Command Center: `ssh root@63.143.34.217`
+5. Pull changes: `cd /opt/arbiter-3.0 && git pull origin main`
+6. Install dependencies if needed: `npm install`
+7. Restart service: `sudo systemctl restart arbiter-3`
+8. Check logs: `sudo journalctl -u arbiter-3 -f`
+9. Document changes in operations manual
+
+**For database migrations:**
+
+```bash
+# SSH to Command Center
+ssh root@63.143.34.217
+
+# Run migration
+sudo -u postgres psql -d arbiter_db -f /opt/arbiter-3.0/migrations/[migration-file].sql
+
+# Verify changes
+sudo -u postgres psql -d arbiter_db -c "\dt"  # List tables
+sudo -u postgres psql -d arbiter_db -c "\d subscriptions"  # Show table schema
+```
+
+---
+
+## Documentation References
+
+### In Services Repo:
+- `services/arbiter-3.0/TRINITY-CONSOLE-STATUS.md` - **START HERE** for current status
+- `services/arbiter-3.0/DEPLOYMENT-CHECKLIST.md` - Deployment steps
+- `services/arbiter-3.0/TRINITY-CONSOLE.md` - Feature documentation
+- `services/arbiter-3.0/.env.example` - Environment variables template
+- `services/arbiter-3.0/README.md` - Service-specific setup
+
+### In Operations Manual:
+- `BLOCKERS.md` - Soft launch blocker tracking (includes Trinity Console security gaps)
+- `docs/services/the-arbiter-discord-bot.md` - Service overview
+- `docs/reference/gemini-consultations/` - Gemini AI consultation archive
+- `docs/core/infrastructure-manifest.md` - Server deployment locations
+
+---
+
+## Why Two Repos?
+
+### Design Decision (March 31, 2026)
+
+**Separation of Concerns:**
+- Documentation lives where it's easily browsable (operations manual)
+- Code lives where it can be properly version controlled and deployed (services repo)
+- Prevents code clutter in documentation repo
+- Allows different access patterns (sparse checkout for docs vs full clone for services)
+
+**Benefits:**
+1. **Clarity:** Documentation readers don't wade through code
+2. **Security:** Can grant doc access without granting code access (future team scaling)
+3. **Workflow:** Code changes don't trigger doc repo noise
+4. **Size:** Operations manual stays lightweight for sparse checkout
+5. **Maintenance:** Each repo serves one purpose well
+
+---
+
+## Important Notes for Future Chroniclers
+
+### Always Check Both Repos!
+
+When investigating a service like The Arbiter:
+1. **Operations Manual** - Read service overview, deployment history, access info
+2. **Services Repo** - Read current code status, check for recent changes
+
+### Branch Name Difference
+
+- `firefrost-operations-manual` → Branch: `master`
+- `firefrost-services` → Branch: `main` ⚠️
+
+**This is intentional!** Different repos, different conventions.
+
+### Sparse Checkout Strategy
+
+**Operations Manual:** ALWAYS use sparse checkout (`docs` only) - saves ~1.9GB  
+**Services Repo:** Clone full repo (code-only, relatively small)
+
+### Git Token Works for Both
+
+The Gitea API token `e0e330cba1749b01ab505093a160e4423ebbbe36` has full access to BOTH repos.
+
+---
+
+## Service Status Summary (As of April 3, 2026)
+
+| Service | Status | Location | Production URL |
+|---------|--------|----------|----------------|
+| Arbiter (original) | ✅ Production | `/opt/firefrost-discord-bot` | https://discord-bot.firefrostgaming.com |
+| Arbiter 3.0 (Trinity Console) | 🟡 95% Complete | `/opt/arbiter-3.0` | https://discord-bot.firefrostgaming.com/admin |
+| Modpack Version Checker | ❓ Unknown | TBD | TBD |
+| Whitelist Manager | 🔴 Legacy | TBD | Replaced by Arbiter 3.0 |
+
+---
+
+## Quick Reference Commands
+
+### Clone Both Repos
+
+```bash
+# Operations Manual (sparse checkout)
+cd /home/claude
+git clone --no-checkout --filter=blob:none \
+  https://e0e330cba1749b01ab505093a160e4423ebbbe36@git.firefrostgaming.com/firefrost-gaming/firefrost-operations-manual.git
+cd firefrost-operations-manual
+git sparse-checkout init --cone
+git sparse-checkout set docs
+git checkout master
+git config user.email "claude@firefrostgaming.com"
+git config user.name "Claude (Chronicler #[N])"
+
+# Services Repo (full clone)
+cd /home/claude
+git clone https://e0e330cba1749b01ab505093a160e4423ebbbe36@git.firefrostgaming.com/firefrost-gaming/firefrost-services.git
+cd firefrost-services
+git checkout main
+git config user.email "claude@firefrostgaming.com"
+git config user.name "Claude (Chronicler #[N])"
+```
+
+### Check Service Status
+
+```bash
+# View Trinity Console status
+cd /home/claude/firefrost-services
+cat services/arbiter-3.0/TRINITY-CONSOLE-STATUS.md
+
+# View deployment checklist
+cat services/arbiter-3.0/DEPLOYMENT-CHECKLIST.md
+
+# List all services
+ls -la services/
+```
+
+### Production Deployment
+
+```bash
+# SSH to Command Center
+ssh root@63.143.34.217
+
+# Check Arbiter 3.0 status
+sudo systemctl status arbiter-3
+
+# View logs
+sudo journalctl -u arbiter-3 -f
+
+# Restart after code changes
+cd /opt/arbiter-3.0
+git pull origin main
+npm install  # if package.json changed
+sudo systemctl restart arbiter-3
+```
+
+---
+
+## Common Pitfalls
+
+### ❌ Don't Do This:
+- Clone `firefrost-services` expecting to find documentation (it's in operations manual)
+- Use `git checkout master` in services repo (it's `main`)
+- Forget to pull both repos when investigating an issue
+- Commit code to operations manual or docs to services repo
+
+### ✅ Do This:
+- Check BOTH repos when researching a service
+- Use correct branch names (`master` vs `main`)
+- Keep code in services repo, docs in operations manual
+- Commit code changes to services repo, THEN document in operations manual
+
+---
+
+## Future Service Additions
+
+When adding new services to the monorepo:
+
+1. Create directory: `services/[service-name]/`
+2. Add service README.md
+3. Add deployment guide
+4. Add to this document's service status table
+5. Document in operations manual: `docs/services/[service-name].md`
+6. Update `firefrost-services/README.md` with overview
+
+**Monorepo benefits:**
+- Shared utilities in `shared/`
+- Consistent deployment patterns
+- Single git token for all services
+- Easy code sharing between services
+
+---
+
+## Related Documentation
+
+**In Operations Manual:**
+- `BLOCKERS.md` - Soft launch blocker tracking
+- `docs/core/infrastructure-manifest.md` - Server inventory
+- `docs/services/` - All service overviews
+- `docs/reference/gemini-consultations/` - Gemini AI consultations
+
+**In Services Repo:**
+- `services/arbiter-3.0/TRINITY-CONSOLE-STATUS.md` - Trinity Console status
+- `TRINITY-CONSOLE-DEPLOYMENT-2026-04-01.md` - Deployment record
+- `README.md` - Monorepo overview
+
+---
+
+**Fire + Frost + Foundation = Where Love Builds Legacy** 🔥❄️
+
+**Remember:** Two repos, one vision. Documentation + Code = Complete picture.
+
+---
+
+**Last Updated:** April 3, 2026 by Chronicler #56  
+**Next Review:** When new services are added to monorepo