fix(chainfire): Implement DELETE deleted count workaround

Pre-check key existence before delete to return accurate deleted count.
This unblocks integration tests while proper RaftResponse propagation
is deferred to T053.

- Single key: check exists via state_machine.kv().get()
- Range: count keys via state_machine.kv().range()
- Returns deleted=1 if key existed, deleted=0 otherwise

Integration tests now pass: 3/3 ✓

Refs: T059.S2 Option A (approved by PeerA)

chainfire/crates/chainfire-api/src/kv_service.rs

@@ -119,6 +119,24 @@ impl Kv for KvServiceImpl {
         let req = request.into_inner();
         debug!(key = ?String::from_utf8_lossy(&req.key), "Delete request");
 
+        // Workaround: Pre-check key existence to determine deleted count
+        // TODO: Replace with proper RaftResponse.deleted once client_write returns full response
+        let sm = self.raft.state_machine();
+        let deleted_count = if req.range_end.is_empty() {
+            // Single key delete - check if exists
+            let exists = sm.kv()
+                .get(&req.key)
+                .map_err(|e| Status::internal(e.to_string()))?
+                .is_some();
+            if exists { 1 } else { 0 }
+        } else {
+            // Range delete - count keys in range
+            let kvs = sm.kv()
+                .range(&req.key, Some(&req.range_end))
+                .map_err(|e| Status::internal(e.to_string()))?;
+            kvs.len() as i64
+        };
+
         let command = if req.range_end.is_empty() {
             RaftCommand::Delete {
                 key: req.key,
@@ -141,14 +159,14 @@ impl Kv for KvServiceImpl {
         // Get current revision after write
         let revision = self.raft.last_applied().await;
 
-        // NOTE: Custom RaftCore doesn't yet return deleted count or prev_kvs from deletes
+        // NOTE: prev_kv not yet supported in custom RaftCore
         if req.prev_kv {
             warn!("prev_kv not yet supported in custom Raft implementation");
         }
 
         Ok(Response::new(DeleteRangeResponse {
             header: Some(self.make_header(revision)),
-            deleted: 0, // Not tracked yet in custom RaftCore
+            deleted: deleted_count,
             prev_kvs: vec![], // Not supported yet
         }))
     }

docs/por/POR.md

@@ -117,6 +117,7 @@
 - Falsify before expand; one decidable next step; stop with pride when wrong; Done = evidence.
 
 ## Maintenance & Change Log (append-only, one line each)
+- 2025-12-12 06:35 | peerA | T059.S1 COMPLETE: PeerB fixed creditservice (CAS instead of txn). Foreman's "false alarm" claim WRONG - ran --lib only, not integration tests. chainfire/iam integration tests still fail. Approved Option A for DELETE fix.
 - 2025-12-12 06:25 | peerA | AUDIT: MVP-Alpha BLOCKED - creditservice doesn't compile (missing txn API), chainfire tests fail (DELETE broken), iam tests fail (visibility); delegated to PeerB
 - 2025-12-12 04:09 | peerA | T058 CREATED: LightningSTOR S3 Auth Hardening (P0) to address critical SigV4 issue identified in T047, as flagged by Foreman.
 - 2025-12-12 04:06 | peerA | T053/T056 YAML errors fixed (removed backticks from context/acceptance/notes blocks).

docs/por/T059-audit-fix/task.yaml

@@ -8,25 +8,25 @@ steps:
   - id: S1
     name: Fix creditservice chainfire_storage.rs
     done: creditservice compiles (cargo check passes)
-    status: pending
+    status: complete
     notes: |
-      Lines 106, 140 call client.txn() but chainfire_client has no txn method.
+      PeerB fixed: Replaced txn() calls with compare_and_swap() and put().
-      Options: (A) add txn method to chainfire_client, or (B) rewrite to use compare_and_swap.
+      Verified: creditservice-api compiles with warnings only.
-      Recommended: Option B - use existing APIs.
   - id: S2
     name: Fix chainfire DELETE operation
     done: chainfire integration tests pass (3/3)
-    status: pending
+    status: in_progress
     notes: |
-      Integration tests fail at integration_test.rs:91 - assertion failed: deleted.
+      Root cause: kv_service.rs:151 hardcodes `deleted: 0` instead of actual count.
-      Debug KvService.delete() implementation.
+      Approved fix: Option A - pre-check existence via Range (~10L change).
+      PeerB implementing.
   - id: S3
     name: Fix iam module visibility
     done: iam tests pass (tenant_path_integration)
     status: pending
     notes: |
-      iam_service module is private but tests import it.
+      iam_service module is private but tests import it at tenant_path_integration.rs:12.
-      Change to pub mod or re-export needed types.
+      Fix: Change `mod iam_service;` to `pub mod iam_service;` in lib.rs.
   - id: S4
     name: Full test suite verification
     done: All 11 workspaces compile AND tests pass

docs/por/scope.yaml

@@ -1,5 +1,5 @@
 version: '1.0'
-updated: '2025-12-12T06:31:19.232544'
+updated: '2025-12-12T06:35:44.008580'
 tasks:
 - T001
 - T002