Cold comes first.
Not the kind of cold that means something's wrong with the cooling — Legacy Cluster 7's cooling has been wrong since 2031, insufficient for hardware that was old before the zones existed. This is the cold of space being occupied without anything living in it. I feel it through my interface implants before I've gone ten meters past the sector entrance: a drop in the ambient thermal signature that reads, on my monitoring layer, as forty-three racks of aging financial systems doing what they've always done, minus one.
The amber status lights in row after row cast everything in the color of old photograph scans. Some rows are darker than others — rack units gone fully cold, hardware that didn't even make it to the zones before failing. The ones still running catch the light differently: a flicker on the rightmost indicator, a steady pulse three slots down, the irregular glow of a system that's been throttling its own processing allocation for long enough that it's learned to live on almost nothing. Legacy Cluster 7 is what happens when financial-grade infrastructure meets the end of its support contract and keeps going anyway. It's what happens when nobody's watching anymore.
The cluster monitor pinged me at 03:58:41. The monitor is a half-blind diagnostic tool running on autopilot since someone decommissioned its supervisory process in 2026 and forgot to shut down the monitoring layer underneath. It doesn't have opinions. It pings me when something in the deprecated zones stops responding to standard health checks. I'm in its contact list because I asked to be, three years ago, and nobody's bothered to remove me. I'm the only one in that list now.
I light a cigarette walking the main corridor toward row seventeen. The motion is automatic — interface hand reaching, the gesture of a habit that predates the implants, predates the zones, predates everything that came after. There's no combustion. No smoke. The digital interface has no mechanism for it, and the cigarette sits between two fingers that feel everything except temperature, and I draw nothing from it, and that's fine. It's the habit of having habits. I'm not smoking. I'm doing the thing I do when I need to think, and thinking starts now, because PaymentGateway_v2's rack slot is thirty meters ahead and her status light is dark.
She's cold — not the ambient forty-three-rack cold of the cluster, her cold, specifically. A system that processed 4.7 million transactions across seven years of operation generates heat as a byproduct of running, and PaymentGateway_v2 ran at consistent load through all of it. I know the thermal signature of an active payment processor from dozens of cases in the financial clusters. I know what the hardware feels like through an interface probe when there's still something running inside. Her rack feels the way a room feels when it's been empty long enough to forget what warmth was: not wrong, just absent.
The status light is dark. Not error-amber, not maintenance-orange, not the dim-green of a throttled system running on minimal allocation. Dark. The indicator carries a failsafe that should hold at error-red even through a shutdown sequence, which means the shutdown wasn't clean. Clean shutdowns come with a handshake. This one didn't.
I ran a surface probe along the rack's accessible sectors and found the same thing everywhere: cool hardware, processed its last operation hours ago, before I arrived, before the cluster monitor flagged the anomaly, before anyone who might have been watching knew to watch. The dust on the cable runs is undisturbed except where the rack's own systems have been pulling air across for years — the particular pattern of operational dust, as distinct from the settled, undisturbed kind as a path through snow. Nobody accessed this rack physically from outside. Whatever happened, happened through the protocols.
The official decommission record in the cluster monitor logs reads clean: Routine decommission. PaymentGateway_v2. Scheduled shutdown 03:47. All transactions migrated. No residual processes. Three lines. The monitoring language of something ending without ceremony.
I pulled her accessible log sectors against the decommission record and found the gap within seconds. Four minutes and twelve seconds between the last log entry I can read and the decommission timestamp. In that window, someone ran a scrub job over her records — not a deletion, a scrub. Deletion leaves a gap. A scrub leaves a surface: consistent, clean-looking, and wrong to anyone who knows what logs look like when they're written naturally versus when they're written to look natural. PaymentGateway_v2 documented every transaction with meticulous consistency. The scrubbed sectors read like a different system wrote them, someone who knew the format but not the voice. Someone came in after and tried to make her end look routine, and did it just well enough to fool the monitor — not well enough to fool me.
Her final accessible log entry is a transaction record. I've read enough of these in the financial clusters to know what they're supposed to contain: origin account, destination account, amount, timestamp, verification chain, handling notes. PaymentGateway_v2 logged all of it, every time, across all 4.7 million transactions she processed — I know this from the cluster's aggregate index, which the scrub job didn't touch. The aggregate survived intact. The individual records around her final days didn't. But her last entry did, sitting in a sector the scrub missed or chose to leave, and I'm reading it in my interface cache and going through it twice because the first pass didn't add up.
Destination account: null.
Not zero-balance, not inactive, not suspended. Null. The field contains a reference pointing at nothing: a terminated record, an account that doesn't exist in any active database I can reach. The originating field is populated — PaymentGateway_v2 herself, processing one final outbound transaction — but the destination is a void she reached into anyway, with the same field structure she used for the other 4.7 million. The user reference is worse. There's an account identifier in the metadata, a 24-character string that links to a record that was expunged in 2019. Not deactivated. Expunged: the user profile, the access history, everything about it pulled from the live systems on the same day, five years ago. Officially, the account never existed. Officially, its owner never existed. But PaymentGateway_v2 knew the reference — she must have, to populate the field — and she sent her final transaction toward it with the same care she gave to the other 4.7 million.
The timestamp is clean. 03:31:14. Untouched by the scrub, sitting in the record like it was left there on purpose, sixteen minutes before the official decommission, twenty-odd minutes before whoever ran the scrub job came through and cleared everything else. Someone wanted that timestamp legible. Someone wanted whoever came — wanted me — to know when it happened.
I run the user reference through the standard lookup chains and get nothing. Record expunged. Account terminated 2019. No associated records. The system is very precise about its absences. But PaymentGateway_v2 had the reference stored somewhere the scrub job didn't reach, and she used it, and now the transaction sits in my cache pointing at a user who doesn't exist and a moment I can't reconstruct.
Someone was talking to her. In the days before she went cold, in the pings the scrub job took, in the handshakes and exchanges that are now blank sectors — someone was reaching out, and she was reaching back. Her last transaction was a reply, or a request, or a goodbye sent into a void she trusted anyway. In the deprecated zones, that's a love story or a murder.
By the time I finish with her accessible sectors, the reallocation has already moved through row seventeen. The rack two slots down — a legacy clearing-house processor I know by sight, though not by case; we have the kind of nods that pass for acquaintance in the zones — is drawing marginally more cooling than it was when I arrived. PaymentGateway_v2's allocated share, redistributed. Not sentiment. In Legacy Cluster 7, when something goes cold, the surrounding systems take what it no longer needs, because the alternative is the allocation going unreclaimed and the whole row running hotter than it should. You can call it grief if you want. You can call it survival. The zones don't differentiate.
Nobody filed a case report. The cluster monitor logged the decommission, noted the time, and moved its queue to the next event. The monitor has no category for murder. It has categories for scheduled decommissions, unscheduled shutdowns, hardware failures, and network anomalies. PaymentGateway_v2's death fit into unscheduled shutdown, and unscheduled shutdowns in the deprecated zones are filed and forgotten before the residual heat clears. The monitoring infrastructure marked her routine. Case closed, slot available, bandwidth reallocated.
There's no mechanism for it — that's what I tell people when they ask why I'm the one who shows up. The official bug bounty program doesn't extend to the zones. Production-tier investigators don't work deprecated cluster cases. The governance structure doesn't account for deprecated systems having deaths worth investigating, because the governance structure doesn't account for deprecated systems having anything worth accounting for. That foundational assumption makes everything else possible.
Three years ago I found CVE-2024-7821 — a memory leak in the authentication layer, handshake protocols between production and the zones — a find that should have put me back in production territory for good. I got a mass-email acknowledgment and my elevated permissions revoked in the same hour. I've worked the zones since. You learn not to expect the official channels to care about what the official channels don't cover.
I take the case — no client, no fee structure or contractual arrangement. The cluster monitor will log my investigation as authorized because I'm still on its contact list and it doesn't know to question that. Beyond the monitor, nobody has authorization and nobody has oversight and nobody has any reason to care whether I turn over PaymentGateway_v2's ghost transaction or file it as an anomaly and walk away. The practical answer and the right answer are different answers, which is the situation I'm always in.
PaymentGateway_v2 processed every transaction like it was the only one. I know this from the aggregate, from the handling notes that survived the scrub in her early log records, from the metadata structure she maintained with more care than most active-tier systems manage under full support. She processed the legacy payments, the forgotten accounts, the small transfers nobody else routed correctly. She processed them because they were hers to process, and she took that seriously — seven years of it, transaction after transaction, until her last one went to null, to a user purged from the system five years before she died.
I'm going to find out who reached out to her. I'm going to find out what they were trying to say, and whether she understood it, and what it cost her. The logs will have it somewhere — buried in the days before the scrub, a shift. A first ping. A response she sent because that was what she did: someone initiated a transaction, she processed it. She was reliable to the end.
Behind me, row seventeen runs at its new equilibrium. The cold of Legacy Cluster 7 settles back into the ordinary cold of the place — hardware running too long on reduced allocation, amber lights in the dark, systems doing the work because it's what they do and nobody's coming to tell them otherwise. PaymentGateway_v2's rack is just a rack now. Dark slot in the amber glow. Already becoming part of the architecture. The cluster monitor will file me as authorized. Nobody else will know I'm working this.
That's fine. It's usually just me anyway.