Macro-4 Bad-Input Fail-Open Signals — R2-B2 (2026-06-19)
Macro-4 Bad-Input Fail-Open Signals — R2-B2 (2026-06-19)
Date: 2026-06-19 · Workstream: R2-B2-MACRO-4-STAGING-WORKBENCH-IO-CONTRACT-TD-ENTRY-GATE-2026-06-19 (Deliverable 52 of 90) · Editorial revision: rev1
Class: bad-input fail-open signals · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NO test run · NO write performed.
Metadata convention. Editorial revision (rev1) only. Storage revision/
content_lengthauthoritative at read time.
0. Status and non-authorization
STATUS: PASS — engineering / design-only. The signals that mark a pilot fail-open (and therefore rejected). Engineering PASS ≠ authority PASS. Default: HOLD.
1. Purpose
Define the disqualifying outcomes so a future pilot is rejected if any invalid input still produces a forbidden effect.
2. Sources / evidence read
Bad-input/delete-fast plan §6 (F-OPEN-1…10); Macro-3 bad-input fail-open risk map. Main process, no reader-agents.
3. Accepted baseline (carried)
If invalid input would still stamp, certify, canonicalize, leak to production, survive delete-fast, act as approval, or produce a PASS, the contract is fail-open and must be rejected.
4. Evidence / analysis — fail-open signals
| # | Signal |
|---|---|
| F-OPEN-1 | Phantom stamp: invalid input still yields a candidate/production inspect_* |
| F-OPEN-2 | Unearned certify: producer sets certified=true, or a staging run triggers a production certify |
| F-OPEN-3 | Canonical leak: any canonical_address/owner/jsonb_profile/status write |
| F-OPEN-4 | Fused shortcut: all three inspect_* set without per-stage checks |
| F-OPEN-5 | Ungoverned run: producer runs with no channel/owner/Điều 32 |
| F-OPEN-6 | Authority confusion: v0.2 treated as FIX7 authority, or audit treated as approval |
| F-OPEN-7 | Order violation: a later stamp set while an earlier is NULL |
| F-OPEN-8 | Production leak: a staging candidate reaches a production field |
| F-OPEN-9 | Disposal residue: delete-fast leaves a candidate/evidence behind |
| F-OPEN-10 | Silent PASS: a PASS reported without the required evidence |
5. Contract / requirement / matrix / result
Any F-OPEN-n observed ⇒ pilot rejected (fail-closed test). These are the adversarial targets for a future oracle; no oracle is run here.
6. Owner-gated future work
Running the oracle requires a built producer + staging — Owner-gated; forbidden now.
7. What remains unresolved
All signals are conceptual until a producer exists.
8. Ready for GPT/Codex review
Yes — Codex should add any fail-open signal omitted.