prod deployment

doc/architecture.md

@@ -1,8 +1,8 @@
-# DexOrder AI Platform Architecture
+# Dexorder AI Platform Architecture
 
 ## Overview
 
-DexOrder is an AI-powered trading platform that combines real-time market data processing, user-specific AI agents, and a flexible data pipeline. The system is designed for scalability, isolation, and extensibility.
+Dexorder is an AI-powered trading platform that combines real-time market data processing, user-specific AI agents, and a flexible data pipeline. The system is designed for scalability, isolation, and extensibility.
 
 ## High-Level Architecture
 
@@ -415,12 +415,12 @@ User authenticates → Gateway checks if deployment exists
 ### RBAC
 
 **Gateway ServiceAccount:**
-- Create deployments/services/PVCs in `dexorder-sandboxes` namespace
+- Create deployments/services/PVCs in `sandbox` namespace
 - Read pod status and logs
 - Cannot delete, exec, or access secrets
 
 **Lifecycle Sidecar ServiceAccount:**
-- Delete deployments in `dexorder-sandboxes` namespace
+- Delete deployments in `sandbox` namespace
 - Delete PVCs (conditional on user type)
 - Cannot access other resources
 
@@ -428,7 +428,7 @@ User authenticates → Gateway checks if deployment exists
 
 ### Admission Control
 
-All pods in `dexorder-sandboxes` namespace must:
+All pods in `sandbox` namespace must:
 - Use approved images only (allowlist)
 - Run as non-root
 - Drop all capabilities
@@ -550,7 +550,7 @@ docker push ghcr.io/dexorder/lifecycle-sidecar:latest
 
 **Namespaces:**
 - `dexorder-system` - Platform services (gateway, infrastructure)
-- `dexorder-sandboxes` - User containers (isolated)
+- `sandbox` - User containers (isolated)
 
 ---