Macro-3 Channel Agent-API Proof Plan — R2-B2 (2026-06-19)
Macro-3 Channel Agent-API Proof Plan — R2-B2 (2026-06-19)
Date: 2026-06-19 · Workstream: R2-B2-MACRO-3-OPTION-D-OWNER-DELEGATE-DECISION-PACKAGE-2026-06-19 (Deliverable 12 of 60) · Editorial revision: rev1
Class: channel proof plan (agent-api) · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · proof obligations only — NOT run · NO write performed.
Metadata convention. Editorial revision (rev1) only. Storage revision/
content_lengthauthoritative at read time.
Proof-not-run lock. Obligations for a future Owner-gated TD, not tests run here. Binding/promoting a contract now would be forbidden → HOLD.
0. Status and non-authorization
STATUS: PASS — engineering / decision-prep. Lists what the agent-api executor must prove before it could carry a B2 birth-inspection contract. Engineering PASS ≠ authority PASS. Default: HOLD.
1. Purpose
Define the obligations that close agent-api's risks (D10) under Owner gate.
2. Sources / evidence read
Macro-2 agent-api memo, channel proof-gap closure; FRESH dot_agent_api_contract=2/0-birth-bound, switches OFF. Main process, no reader-agents.
3. Accepted baseline (carried)
The contract must be inspect-only, DRY_RUN-gated, observable, and Điều-32 traceable.
4. Evidence / analysis
Today there are 2 contracts (KG-EXPLAIN), 0 birth-bound, and execute/real_run switches are OFF.
5. Recommendation / matrix / result — proof obligations (AA-PO)
| # | Obligation | Closes |
|---|---|---|
| AA-PO-1 | A DRY_RUN-only birth-inspection contract proven before any real run | AA-R2/R3 |
| AA-PO-2 | Contract scope = inspect-produce only; cannot certify/canonical/mint | AA-R1 |
| AA-PO-3 | One column per inspector; strict PEN→STAMP→GATE; idempotent | B2 lock |
| AA-PO-4 | Observability: every run emits a contract-bound, queryable audit record | AA-R1 |
| AA-PO-5 | Switch flips (execute_enabled etc.) stay Owner-gated + logged |
AA-R2 |
| AA-PO-6 | Staging-first; rollback = unbind contract, no residue | NT / delete-fast |
6. Owner-gated future work
Designing + DRY_RUN-proving the contract is the actual B2 TD (Owner-gated), not here.
7. What remains unresolved
None satisfied; agent-api remains an unproven candidate (0 birth-bound).
8. Ready for GPT/Codex review
Yes — Codex should confirm AA-PO-1/AA-PO-2 actually prevent over-reach beyond inspect-produce.