04 — QUORUM AND APR AUTHORITY PROOF (CORE FINDING)

The gate (live fn_apr_quorum_check, trigger on approval_requests pending→approved)

For risk_level = 'high' (both authorize_build_step and the deploy vehicle patch_ops_code are high):

require  v_approves_president >= 1  AND  v_approves_council >= 2
where
  v_approves_president = COUNT(apr_approvals WHERE decision='approve'
                               AND approver_type='human' AND approver ILIKE '%president%')
  v_approves_council   = COUNT(apr_approvals WHERE decision='approve' AND approver_type='ai_council')
plus:  any reject vote blocks;  self-approve prohibited (proposer cannot be an approver).

No auto-approval escape (live fn_auto_approve_add)

P0 authority-bypass containment (2026-06-06): action='add' is NO LONGER auto-approved at INSERT.
Rows remain 'pending'; quorum is enforced on the pending->approved UPDATE.

=> There is no governed mechanism that mints approvals automatically. The INSERT-path bypass was deliberately closed. Quorum is human/council-gated, full stop.

The real approver identities (from 42 historical apr_approvals, Apr 2026)

• human / president (the human president seat)
• ai_council / ai_council_1, ai_council_2
• ai_council / gemini, gemini-ai-council
• ai_council / gpt, gpt-ai-council

None of these is the agent (Claude). The agent's role in this macro is PROPOSER/operator.

Current W7 approval state

• approval_requests for authorize_build_step: 0 (no APR exists)
• No open/pending patch_ops_code or W7 APR (latest APR-0220..APR-0232 are all applied/rejected, Apr 2026)
• apr_approvals for W7: 0
• governance_build_authorization: 0

Why quorum is NOT available to the agent

1. Human president vote — requires approver_type='human' + approver ILIKE '%president%'. The agent is not a human president. For the agent to insert such a row = fabricating human president approval = explicitly FORBIDDEN by the macro.
2. Two ai_council votes — gemini/gpt/ai_council_* are independent governed council seats, not the agent. For the agent to insert those rows = fabricating ai_council approvals = FORBIDDEN.
3. Auto-council mechanism — none exists; auto-approve is disabled (see above).
4. Owner's free-text authorization in the prompt — this is scope/capability authorization. It is NOT a recorded governed human-president approval, and the Forbidden list explicitly bars "treating root SSH / SYNC_SECRET / GCP owner as quorum" and "fabricating human president approval."
5. Self-approve — even the proposer (agent) cannot count toward quorum.

APR-proposal deliberately deferred (kept 0 writes)

Phase B1 permits proposing the W7 APR. Proposing was deliberately NOT done: with quorum structurally unobtainable by the agent, a proposed APR would sit permanently pending — dangling governance litter on production with no agent-reachable path to approved. Holding at before==after is the cleaner, fully-reversible outcome. (Confirmed: appr_req_abs=0 — no prior run left a dangling W7 APR either.)

Conclusion

Per macro Phase B2: quorum cannot be recorded through the existing governed mechanism → STOP. Verdict C1_W7_AUTO_HOLD_OWNER_QUORUM_NOT_AVAILABLE. Capability ≠ authority.