diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md
index 8f14b4ee..015b2082 100644
--- a/docs/LOGBOOK.md
+++ b/docs/LOGBOOK.md
@@ -1,3 +1,20 @@
+## 2026-06-24｜Agent Bounty dev baseline owner decision package
+
+**背景**：Blocked products pick list 將 Agent Bounty 排在第三候選，但此產品牽涉 A2A、treasury、proposal、middleware 與 docker-compose，風險高於 ClawBot / Tsenyang。本輪只讀 `/Users/ogt/Documents/agent-bounty-protocol`，不 commit、不 branch、不 push、不讀 `.env` 或 secret value。
+
+**Readback**：
+- Local branch `main`，HEAD `0601df8bd9c0aaedb9ce3a226a6f1aeca645ca0a`；Gitea main `b7a733f44f4f645dd21a9b4a9075b89c4a324f64`；remote `dev` missing。
+- Tracked modified `23`，deleted `0`，untracked `19`。
+- Diff shortstat `23 files changed, 2819 insertions(+), 720 deletions(-)`；`git diff --check` passed。
+- Untracked source candidates `17`；backup archives `2` (`sync-backup-*.tgz`) are excluded by default。
+- Env paths observed but not read: `.env`, `apps/test-agent/.env`, `apps/web/.env`。
+
+**新增文件 / snapshot**：
+- `docs/operations/agent-bounty-dev-baseline-owner-decision.snapshot.json`
+- `docs/operations/AGENT-BOUNTY-DEV-BASELINE-OWNER-DECISION-2026-06-24.md`
+
+**下一步**：需要 owner include / exclude list，特別是 A2A / treasury / proposal source candidates 與 tgz backup archives。不能把本 readback 當作 remote `dev` approval。
+
 ## 2026-06-24｜Tsenyang Website dev baseline owner decision package
 
 **背景**：Blocked products pick list 將 Tsenyang Website 排為第二候選。本輪只讀 `/Users/ogt/tsenyang-website`，確認 internal remote 其實可讀，並把阻塞從 internal unknown 收斂為小 dirty review；不 commit、不 branch、不 push、不讀 `.env` 或 secret value。
diff --git a/docs/operations/AGENT-BOUNTY-DEV-BASELINE-OWNER-DECISION-2026-06-24.md b/docs/operations/AGENT-BOUNTY-DEV-BASELINE-OWNER-DECISION-2026-06-24.md
new file mode 100644
index 00000000..8f382b35
--- /dev/null
+++ b/docs/operations/AGENT-BOUNTY-DEV-BASELINE-OWNER-DECISION-2026-06-24.md
@@ -0,0 +1,71 @@
+# Agent Bounty Dev Baseline Owner Decision
+
+- generated_at: `2026-06-24T13:58:00+08:00`
+- product_id: `agent-bounty-protocol`
+- local_path: `/Users/ogt/Documents/agent-bounty-protocol`
+- status: `medium/high risk, owner decision required`
+
+## Readback
+
+| Gate | Result |
+|------|--------|
+| local branch | `main` |
+| local head | `0601df8bd9c0aaedb9ce3a226a6f1aeca645ca0a` |
+| Gitea main | `b7a733f44f4f645dd21a9b4a9075b89c4a324f64` |
+| Gitea dev | missing |
+| tracked modified | `23` |
+| tracked deleted | `0` |
+| untracked | `19` |
+| diff shortstat | `23 files changed, 2819 insertions(+), 720 deletions(-)` |
+| diff check | pass |
+
+## 分類
+
+Tracked modified groups:
+
+- Docs: `A2A_AGENT_INTEGRATION_ROADMAP.md`, `README.md`
+- Public agent metadata: `agent-card.json`, `agent.json`, `llms*.txt`, `openapi.yaml`
+- Web routes: A2A growth, cron, open tasks, traffic, propose, success, treasury admin
+- Libraries / runtime: `a2a-growth.ts`, `traffic-conversion-monitor.ts`, `middleware.ts`, `docker-compose.yml`
+
+Untracked source candidates:
+
+- `agents/connect`
+- A2A agents / campaigns / onboarding / proposal handoff / referrals APIs
+- affiliate payout / treasury balance APIs
+- wallet checkout / wallet actions
+- A2A integrations / traffic actor classification / treasury snapshot / USDC verifier libraries
+
+Excluded by default:
+
+- `sync-backup-a2a-campaign-kit-20260611183651.tgz`
+- `sync-backup-a2a-onboarding-20260611182353.tgz`
+
+Env paths observed but not read:
+
+- `.env`
+- `apps/test-agent/.env`
+- `apps/web/.env`
+
+## 判定
+
+不能直接把 Agent Bounty 推成 `dev` baseline。這批變更碰到 A2A、treasury、proposal、middleware、docker-compose，且 local HEAD 與 Gitea main 不同。需要 owner 明確選擇 include / exclude。
+
+## Owner Decision
+
+需要 owner 回覆：
+
+1. 是否以 local head `0601df8bd9c0aaedb9ce3a226a6f1aeca645ca0a` 作為最新產品基準候選。
+2. 哪些 tracked modified groups 要保留。
+3. 哪些 17 個 untracked source candidates 要納入。
+4. 兩個 `sync-backup-*.tgz` 是否明確標成 release artifacts；預設不納入。
+5. `.env` 一律不納入，且不得收集 secret value。
+6. owner 接受後才可建立 remote `dev` 或 review branch。
+
+## 安全邊界
+
+- 未讀 `.env`。
+- 未讀 secret value。
+- 未修改 Agent Bounty repo。
+- 未建立 branch、commit 或 push。
+- 未同步 tgz backup archives。
diff --git a/docs/operations/agent-bounty-dev-baseline-owner-decision.snapshot.json b/docs/operations/agent-bounty-dev-baseline-owner-decision.snapshot.json
new file mode 100644
index 00000000..cbc77677
--- /dev/null
+++ b/docs/operations/agent-bounty-dev-baseline-owner-decision.snapshot.json
@@ -0,0 +1,99 @@
+{
+  "schema_version": "agent_bounty_dev_baseline_owner_decision_v1",
+  "generated_at": "2026-06-24T13:58:00+08:00",
+  "product_id": "agent-bounty-protocol",
+  "local_path": "/Users/ogt/Documents/agent-bounty-protocol",
+  "gitea_repo": "wooo/agent-bounty-protocol",
+  "remote_refs": {
+    "main": "b7a733f44f4f645dd21a9b4a9075b89c4a324f64",
+    "dev": ""
+  },
+  "local_readback": {
+    "branch": "main",
+    "head": "0601df8bd9c0aaedb9ce3a226a6f1aeca645ca0a",
+    "tracked_modified_count": 23,
+    "tracked_deleted_count": 0,
+    "untracked_count": 19,
+    "diff_shortstat": "23 files changed, 2819 insertions(+), 720 deletions(-)",
+    "diff_check": "pass"
+  },
+  "tracked_modified_groups": {
+    "docs": [
+      "A2A_AGENT_INTEGRATION_ROADMAP.md",
+      "README.md"
+    ],
+    "public_agent_metadata": [
+      "apps/web/public/.well-known/agent-card.json",
+      "apps/web/public/agent.json",
+      "apps/web/public/llms-full.txt",
+      "apps/web/public/llms.txt",
+      "apps/web/public/openapi.yaml"
+    ],
+    "web_routes": [
+      "apps/web/src/app/.well-known/agent-card.json/route.ts",
+      "apps/web/src/app/.well-known/openapi.yaml/route.ts",
+      "apps/web/src/app/admin/treasury/page.tsx",
+      "apps/web/src/app/api/a2a/growth/kit/route.ts",
+      "apps/web/src/app/api/cron/a2a-growth/route.ts",
+      "apps/web/src/app/api/open-tasks/route.ts",
+      "apps/web/src/app/api/traffic/route.ts",
+      "apps/web/src/app/page.tsx",
+      "apps/web/src/app/propose/actions.ts",
+      "apps/web/src/app/propose/page.tsx",
+      "apps/web/src/app/propose/success/page.tsx",
+      "apps/web/src/app/traffic/page.tsx"
+    ],
+    "libraries_and_runtime": [
+      "apps/web/src/lib/a2a-growth.ts",
+      "apps/web/src/lib/traffic-conversion-monitor.ts",
+      "apps/web/src/middleware.ts",
+      "docker-compose.yml"
+    ]
+  },
+  "untracked_source_candidates": [
+    "apps/web/src/app/agents/connect/actions.ts",
+    "apps/web/src/app/agents/connect/page.tsx",
+    "apps/web/src/app/api/a2a/agents/connect/route.ts",
+    "apps/web/src/app/api/a2a/campaigns/demand/route.ts",
+    "apps/web/src/app/api/a2a/onboarding/route.ts",
+    "apps/web/src/app/api/a2a/proposals/handoff/route.ts",
+    "apps/web/src/app/api/a2a/referrals/status/route.ts",
+    "apps/web/src/app/api/a2a/referrals/touch/route.ts",
+    "apps/web/src/app/api/admin/affiliate/payouts/settle/route.ts",
+    "apps/web/src/app/api/admin/treasury/usdc-balance/route.ts",
+    "apps/web/src/app/propose/success/WalletCheckout.tsx",
+    "apps/web/src/app/propose/wallet/actions.ts",
+    "apps/web/src/lib/a2a-agent-connect.ts",
+    "apps/web/src/lib/a2a-agent-integrations.ts",
+    "apps/web/src/lib/traffic-actor-classification.ts",
+    "apps/web/src/lib/treasury-snapshot.ts",
+    "apps/web/src/lib/usdc-transfer-verifier.ts"
+  ],
+  "untracked_excluded_by_default": [
+    "sync-backup-a2a-campaign-kit-20260611183651.tgz",
+    "sync-backup-a2a-onboarding-20260611182353.tgz"
+  ],
+  "secret_or_env_paths_seen_but_not_read": [
+    ".env",
+    "apps/test-agent/.env",
+    "apps/web/.env"
+  ],
+  "risk_assessment": {
+    "secret_value_collected": false,
+    "env_file_read": false,
+    "runtime_write_performed": false,
+    "product_repo_write_performed": false,
+    "remote_write_performed": false,
+    "risk_level": "medium_high_owner_decision_required",
+    "reason": "A2A, treasury, proposal, middleware, and docker-compose surfaces are product-significant and local HEAD differs from Gitea main. Backup archives and env files must not be included by default."
+  },
+  "owner_decision_required": [
+    "Decide whether local head 0601df8bd9c0aaedb9ce3a226a6f1aeca645ca0a is the intended latest product baseline.",
+    "Approve which tracked modified groups should be preserved.",
+    "Approve which 17 untracked source candidates should be included.",
+    "Confirm the two sync-backup tgz files remain excluded unless explicitly marked release artifacts.",
+    "Confirm env files remain excluded and no secret values are copied.",
+    "Approve remote dev branch only after the include / exclude list is accepted."
+  ],
+  "recommended_next_step": "Prepare an owner response file with included tracked groups and untracked source candidates before any product repo commit or remote dev branch creation."
+}