source
CUVETSMO · verified vet knowledge

Faculty onboarding · walkthrough

From “yes I'll review” to your first signed entry — in 30 minutes.

ทุก canonical entry บน source.cuvetsmo.com ต้องมีอาจารย์ผู้เชี่ยวชาญลงนาม Ed25519. หน้านี้คือ flow จริง — มี $ prompt + sample output + อธิบายว่าแต่ละขั้นตอนทำอะไร.

First-time setup

~30 min

generate key, register PR, install Node

Per entry after

~5 min

read, edit, sign, PR

Hardware needed

None

laptop with Node 20+ and Git

Before you start

What signing means

When you sign an entry, you publicly attest that you personally read every clinical sentence, cross-checked at least one dose against an independent authoritative source, and stand behind the content. Your signature is verifiable by any reader in the world, forever, with no central authority needed. It is structurally stronger than any reviewing relationship in print — Plumb's citations point at a Plumb's edition; here, your name is on the byte-level hash of the exact entry you reviewed.

The flow

5 steps to your first signed entry

1

Clone the repo + install

2 min

คุณต้องมี Node.js 20+ และ Git. ไม่ต้องมี server, ไม่ต้องสมัครบัญชี.

$ git clone https://github.com/palmzamak2547/cuvetsmo-source.git
$ cd cuvetsmo-source
$ npm install
added 247 packages in 12s
2

Generate your signing key

3 min

เลือก kid (key id) ที่สั้น เสถียร และเป็น kebab-case. Convention: firstname.lastname.

$ node scripts/keygen.mjs ekkapol.akb --display "ผศ.น.สพ.ดร. เอกพล อัครพุทธิพร"

✓ Ed25519 keypair generated
  kid:         ekkapol.akb
  display:     ผศ.น.สพ.ดร. เอกพล อัครพุทธิพร
  fingerprint: ed25519:7c2b9e4f1a3d0c87
  public:      content/keys/ekkapol.akb.pub.json  (COMMIT this)
  private:     ~/.cuvetsmo-keys/ekkapol.akb.priv.json  (NEVER commit — outside repo)
Private key safety. The private key lands in your home directory outside the repo. Never email, paste, or screenshot it. If it leaks, file a key-rotationissue and we'll revoke + reissue.
3

Register your public key (one-time PR)

5 min

Create a PR titled keys: register ekkapol.akb. The maintainer merges after verifying your name + affiliation against the faculty directory.

$ git checkout -b keys/ekkapol-akb
$ git add content/keys/ekkapol.akb.pub.json
$ git commit -m "keys: register ekkapol.akb"
$ git push origin keys/ekkapol-akb
$ gh pr create --title "keys: register ekkapol.akb"

✓ PR opened: github.com/palmzamak2547/cuvetsmo-source/pull/N
4

Pick an entry, review, sign

5–10 min per entry

เปิด content/drugs/<slug>.json — read every clinical section, strip TEMPLATE markers, add Thai translations, cross-check at least one dose against an independent source. Then add your reviewer block:

json"reviewedBy": {
  "name": "ผศ.น.สพ.ดร. เอกพล อัครพุทธิพร",
  "title": "ผู้ช่วยศาสตราจารย์",
  "department": "ภาควิชาเภสัชวิทยา",
  "affiliation": "คณะสัตวแพทยศาสตร์ จุฬาลงกรณ์มหาวิทยาลัย",
  "date": "2026-06-15",
  "did": "did:web:source.cuvetsmo.com:faculty:ekkapol-akb",
  "signerKeyId": "ed25519:7c2b9e4f1a3d0c87"
}

Then sign:

$ npm run check
✓ All 175 content units pass Iron Rule 0

$ node scripts/sign.mjs meloxicam --signer ekkapol.akb

✓ Signed meloxicam
  signer:      ผศ.น.สพ.ดร. เอกพล อัครพุทธิพร  (kid: ekkapol.akb)
  fingerprint: ed25519:7c2b9e4f1a3d0c87
  contentHash: 10d5c44cc278d863f9d4b8ee1ed669bcc40baceaa6f74bad78ff10c3d859b033
  signature:   bm5Hb55PtAwQd/Udiue+IyPTjhJ3...  (base64, 88 chars)
  version:     2
  log seq:     2

Verify it:
  npm run verify                           (CLI lint, crypto-verifies all signatures)
  http://localhost:3000/verify/meloxicam   (browser-side verify, no server trust)
5

Open the PR, the entry goes canonical

3 min

Final PR for the signed entry:

$ git checkout -b sign/meloxicam
$ git add content/drugs/meloxicam.json content/log/transparency-log.jsonl
$ git commit -m "Sign meloxicam after editorial review"
$ git push origin sign/meloxicam
$ gh pr create --title "Sign meloxicam — first faculty review" --fill

Once a maintainer merges, the entry flips from amber pending to emerald canonicalon the live site, and your name + title + date show up in the trust stamp + the transparency log + the chain of trust visualization. Anyone who fetches the entry — now or 10 years from now — can verify in their browser that you specifically vouched for it on this date.

Quick reference

Pre-signing checklist

  • I read every clinical section in full (not skimmed)
  • I cross-checked at least one dosage against an independent authoritative source
  • I stripped every TEMPLATE placeholder
  • I corrected any Thai phrasing that read awkwardly to a Thai vet practitioner
  • If AI assisted the draft, drafting.humanEditsRatio reflects my edits honestly (> 0.1)
  • npm run check passes locally with no errors
  • I added myself to reviewedBy with full title + affiliation
  • I am signing for content I reviewed — not delegating to a student or RA

Boundaries

When NOT to sign

  • You skimmed instead of reading every line
  • AI drafted and you rubber-stamped — humanEditsRatio < 0.1
  • A student helped translate but you didn't re-read after their edits
  • You're uncertain about a specific dose — flag the cell as needing further review instead
  • You feel pressure from the maintainer team — let them know rather than sign reluctantly