diff --git a/.planning/phases/06-signing-flow/.continue-here.md b/.planning/phases/06-signing-flow/.continue-here.md
new file mode 100644
index 0000000..b95c804
--- /dev/null
+++ b/.planning/phases/06-signing-flow/.continue-here.md
@@ -0,0 +1,60 @@
+---
+phase: 06-signing-flow
+task: post-execution bug fixes
+status: in_progress
+last_updated: 2026-03-21T16:15:33.200Z
+---
+
+
+Phase 6 execution is complete (all 6 plans committed, verification passed 9/9). We are in post-execution bug-fix mode — fixing issues discovered during real end-to-end testing. Three bugs were found and fixed, one more was partially fixed and needs verification.
+
+
+
+
+- Phase 6 fully executed: 6/6 plans complete (schema, email, signing page, modal+submission, confirmation+download, DNS gate)
+- DNS configured: Resend.com verified for tcopelandhomes.com, DKIM propagated
+- fix: domain updated teressacopelandhomes.com → tcopelandhomes.com in signing-mailer.tsx and .env.local
+- fix: PreparePanel was calling /prepare but never /send — signing email was never sent. Now chains /prepare → /send
+- fix: agent portal PDF viewer now serves signedFilePath (signed PDF) when available, falling back to filePath
+- fix: document_viewed audit event + status→Viewed was added to GET /api/sign/[token] route — but this was WRONG PLACE
+- fix (in progress): Viewed status fix moved to correct location: signing page server component (src/app/sign/[token]/page.tsx) — this is the code path that actually runs when a client opens the link. Committed as bf6d361. NOT YET VERIFIED by user.
+
+
+
+
+
+- Verify that Viewed status fix actually works now (user reported it still wasn't working before last fix — needs re-test)
+- The GET /api/sign/[token] route ALSO still has the status update code from the earlier (wrong) fix — that's harmless but could be cleaned up
+- Phase 7 (Audit Trail and Download) has not been started yet — it's the final phase
+
+
+
+
+
+- Used Resend.com (free tier) for transactional email instead of Google Workspace or raw Gmail
+- SMTP config: smtp.resend.com port 465 (SSL), user=resend, pass=API key
+- Domain changed to tcopelandhomes.com (Squarespace/Google Domains nameservers)
+- Viewed status must be set in the PAGE SERVER COMPONENT (src/app/sign/[token]/page.tsx) not in the API route — the page does direct DB calls and never hits the API route
+
+
+
+
+
+- None hard-blocking. Viewed status fix is committed but not user-verified yet.
+
+
+
+
+Phase 6 is done. We hit real bugs during end-to-end testing:
+1. Email not sending → PreparePanel never called /send (only /prepare)
+2. Signed PDF not showing in portal → file route always served original filePath
+3. Viewed status not updating → audit/status code was in API route but signing page never calls that API route — it validates token and queries DB directly in the server component
+
+The Viewed fix (commit bf6d361) puts the logAuditEvent + db.update(status→Viewed) directly in page.tsx, which is the correct place. This should work — but user needs to re-test.
+
+After confirming Viewed works, the natural next step is Phase 7 (Audit Trail and Download): agent download of signed PDFs via authenticated presigned URL, private storage enforcement, and dashboard status display.
+
+
+
+Ask user to re-test the signing flow — open a fresh signing link and confirm the document status changes to "Viewed" in the portal. If it works, move to Phase 7 with /gsd:progress then /gsd:plan-phase 7.
+