Codex Review — RS2-PATCH1 Existing Registrar Reuse and Atomic Registration Boundary — 2026-06-20

STATUS: PASS_WITH_CAVEATS
VERDICT: ACCEPT_RS2_PATCH1_AND_PROCEED_TO_NEXT_MACRO
Registration gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO
Next macro: READY_FOR_RS3_BUNDLE
Runtime observation: NO_CODEX_LIVE_READ
Class: independent read-only review · non-enacting · non-authorizing · no implementation · no runtime mutation
Date: 2026-06-20

1. Verdict

RS2-PATCH1 repairs the load-bearing phase-boundary defects sufficiently to open the next read-only/KB-design macro.

The acceptance is scoped:

the five-phase control model is accepted;
the existing registrar is accepted only as a hardening candidate, not as registration-ready;
runtime row counts and current metadata are PATCH1 packet evidence, not Codex live observations;
pair cardinality and durable failure-audit sink selection remain registrar-hardening preconditions;
registration remains HOLD.

No PATCH2 is required before RS3-BUNDLE because the remaining caveats belong to the later registrar-hardening design and do not affect the authority/snapshot/validator interfaces RS3-BUNDLE will define.

2. Source Register

Source	Revision / length	Read status	Evidence tier	Use / caveat
RS2-PATCH1 official report	rev4 / 55,030	FULL_READ	REVIEW TARGET	Main target
Codex RS2 HOLD report	rev1 / 18,297	FULL_READ	PRIOR GATE	Four structural rejects and proof/interface additions
RS2 official report	rev1 / 53,927	FULL_READ	SECONDARY_REPORT	Patched baseline
Codex RS1/PATCH1 gate	rev1 / 17,335	READ	PRIOR GATE	Registration HOLD; read-only macros do not require Owner enactment
RS1 / RS1-PATCH1	rev1 / 46,040; 23,725	READ	SECONDARY_REPORT	Source and blocker lineage
Operating Rules	v7.58	READ	GOVERNING SSOT	Assembly First, DOT-only, no bypass
Constitution	v4.6.3	READ	ENACTED	PG-first, DOT-pair, fail-closed
laws-new matrix SSOT set	rev33/rev5/rev8/rev14	READ / COVERAGE_READ	PRIMARY_LAWS_NEW	Reuse-first, LEGO, no parallel registry/governance
LAW_READING_INDEX	rev2	COVERAGE_READ	PRIMARY_NEWLAWS POINTER	Working map, not decree
DOT/Collections handbooks	rev11/rev11	TARGETED_READ	PRIMARY_HANDBOOK	DOT-only and no disposable workbench
Macro-9B contract	rev2 / 12,095	FULL_READ	PRIMARY_CONTRACT	One primary router plus four separable guard components
Macro-9B guard contract	rev2 / 11,333	FULL_READ	PRIMARY_CONTRACT	Guards compose through the primary router
Macro-9B admission	rev9 / 19,500	FULL_READ	PRIMARY_CONTRACT	Guard runtime use is “only via primary DOT”; registration representation is not fixed as five rows
RP-03 staged registration record	rev1 / 3,069	FULL_READ	SECONDARY_RUNTIME_REPORT	Documents `dot-dot-register` behavior and limitations
`dot-dot-register.ts` implementation source	—	SOURCE_NOT_READ	NONE	Not found/read directly in AgentData; exact current behavior not independently proven
`dot-catalog-sync` catalog metadata	current KB catalog	READ	REGISTRY POINTER	Separate on-deploy sync mechanism
PATCH1-reported live registrar/count/trigger reads	2026-06-20	PACKET_READ	RS2_PATCH1_REPORTED_RUNTIME	No Codex live runtime tool
P0/P1 containment records	rev1 selected	READ	SECONDARY_RUNTIME_REPORT	RISK-BYPASS remains packet-supported, not cleared
S142B primary authorization	—	SOURCE_NOT_READ	NONE	“Sanctioned” remains unproved
Event/audit surface records	mixed	TARGETED_READ	SECONDARY / REGISTRY	Existence proven; suitability as failure-audit sink not yet proven
Claude Macro-AB	—	SOURCE_NOT_READ	NONE	Not used

No old-law source was used to override laws-new/newlaws.

3. Accepted RS2-PATCH1 Points

Phase 0 correctly moves Owner grant, APR approval, deployed identity, executor, and observer outside the registration transaction.
Phase 1 correctly keeps runtime gates closed.
Phase 2 correctly separates independent post-commit verification from the registrar.
Phase 3 correctly makes activation a separate Owner-gated operation.
Phase 4 correctly separates durable failure evidence from the rolled-back transaction.
Post-commit reversal uses governed disable/archive and preserves identity.
The transaction map now includes admission, deployed-artifact identity, Owner/APR prerequisites, registry writes, closed config, success audit, concurrency/idempotency, verifier, snapshot, activation, failure audit, compensation, and executor.
Deployment identity, replay/freshness, idempotency, concurrency, failure injection, and compensation are explicit proof obligations.
The deployed-artifact resolver is correctly added as the sixth trust interface.
dot-dot-register and dot-catalog-sync are treated as different mechanisms.
Current dot-dot-register behavior is not registration-ready: broad scan, admin credential boundary, heuristic metadata, weak identity binding, no in-band complete transaction.
UNVERIFIED_S142B_BATCH_NEEDS_SOURCE_AND_DISPOSITION is correct.
The 142 and 18 populations remain separate.
RISK-BYPASS remains packet-supported contained-with-residue, not cleared.
DOT_GOVERNANCE_DOT_ADMISSION = DEFER remains correct.
Registration remains HOLD.

4. Corrected RS2-PATCH1 Points

C1 — Registrar implementation source is not directly read

PATCH1 states the registrar source is read, but its source register contains the live dot_tools row and the secondary RP-03 report, not the actual bin/dot/dot-dot-register.ts body.

Correct evidence statement:

REGISTRAR_IDENTITY_AND_REPORTED_BEHAVIOR_READ; IMPLEMENTATION_SOURCE_NOT_READ

This is sufficient to classify it as a hardening candidate. It is not sufficient to produce a code-level hardening design or claim exact current behavior.

C2 — Pair cardinality is not established as five registry rows

Macro-9B defines one primary DOT plus four separable guard components. The admission record says the guards are used “only via primary DOT.” It does not require five independent dot_tools rows.

Correct obligation:

derive the persisted representation from the accepted registrar design;
prove one primary runtime identity;
prove all four guards are content/hash-bound, independently testable, and reachable only through the primary;
register separate rows only if an explicit contract requires them.

The phrase “contract-derived set = one primary + four registry rows” is withdrawn.

C3 — Existing audit tables are candidate sinks, not proven sinks

The existence of event_outbox, iu_route_attempt, registry_changelog, or governance_audit_log does not prove schema compatibility, authority, retention, idempotency, or an authorized post-rollback writer.

Correct status:

DURABLE_FAILURE_AUDIT_SURFACE_REUSE_CANDIDATES_UNPROVEN

No new ledger may be proposed until these candidates are evaluated.

C4 — No Owner decision is required merely to start RS3-BUNDLE

RS3-BUNDLE is read-only/KB-design. It may start after this Codex acceptance without an Owner enactment decision. Owner authority is required only before an authority/runtime mutation or adoption.

5. Rejected RS2-PATCH1 Points

No top-level verdict is rejected.

The following readings are rejected:

current registrar code was directly verified;
hardenable means ready to run;
the four guards necessarily require four additional dot_tools rows;
table existence proves a valid durable failure-audit implementation;
registration can activate runtime;
a read-only next macro requires Owner enactment;
S142B is sanctioned without the missing primary source;
contained RISK-BYPASS is cleared RISK-BYPASS.

6. Codex HOLD Closure Assessment

Prior HOLD item	Result	Evidence / remaining caveat
Owner/APR mixed into transaction	PASS	Moved to Phase 0
Gate activation mixed into registration	PASS	Closed config in Phase 1; opening in Phase 3
Durable audit vs rollback contradiction	PASS_AS_CRITERIA	Outside-transaction writer required; sink selection still open
Existing registrar omitted	PASS_WITH_CAVEAT	Identity/reported behavior assessed; implementation source unread
Deployed-artifact identity missing	PASS	Interface F + P-DAI
Idempotency/concurrency missing	PASS_AS_CRITERIA	P-IDEM/P-CONC; not implemented
Compensation/ID conservation missing	PASS	Archive/disable; no identity reuse
Pair cardinality missing	PARTIAL_CORRECTED	Five-row assumption rejected; persisted representation deferred to registrar design
Replay/freshness missing	PASS	Owner/APR evidence bound to target/op/artifact/scope/time
S142B misclassified	PASS	Unverified/source-not-read classification
Registration HOLD preservation	PASS	Explicit throughout

The remaining caveats do not block RS3-BUNDLE. They block registrar hardening, registration, and activation.

7. Registrar Reuse Assessment

Verdict: REUSE_REGISTRAR_HARDENABLE_BUT_NOT_READY, packet-supported.

Confirmed at the available evidence tier:

a registered DOT-REGISTER / dot-dot-register identity exists;
RP-03 documents Directus REST/app-layer registration, admin credentials, broad untracked-file scanning, and heuristic metadata;
dot-catalog-sync is a distinct catalog synchronization mechanism;
register/verify DOT pairs exist as reusable architectural precedent;
no complete governed registration transaction is proven.

Not confirmed:

current implementation body;
exact option/argument behavior;
hook ordering and error handling;
current concurrency controls;
suitability of any proposed single-artifact narrowing;
exact audit sink or hash carrier.

Therefore reuse-first is not exhausted, but registrar-hardening must begin with source recovery/read and an exact behavioral contract. It must not begin with code changes.

8. Phase Model Assessment

PASS as a proof-obligation baseline.

The accepted model is:

Prerequisites: durable authority and identity inputs, outside transaction.
Closed registration transaction: exact registry/mapping/config writes; gates remain closed.
Independent verification: verifier and trusted after-snapshot.
Separate activation: Owner-gated and optional channel binding.
Failure/compensation: rollback before commit; governed archive/disable after commit; failure evidence outside rolled-back transaction.

Additional hard rule: registration success and activation success are separate states. A registered DOT must remain inert unless Phase 3 independently passes.

9. Proof-Obligation Assessment

The revised matrix is sufficient for RS3-BUNDLE and future registrar design, with these carry-forward corrections:

Replace fixed five-row cardinality with contract-derived persisted representation.
Add registrar implementation-source recovery before design.
Require a durable-audit candidate comparison covering schema, writer authority, retention, replay/idempotency, and failure behavior.
Confirm actual uniqueness constraints before selecting advisory lock/unique-key strategy.
Treat extra_metadata as a candidate hash carrier only; do not adopt it without canonicalization/versioning rules.
Account for trigger side effects and ensure a registration attempt starts inert so commit-time notifications cannot activate behavior.
Require dual-writer ownership resolution between registrar and catalog-sync.
Failure injection must cover trigger failures, audit failures, verifier failures, and concurrent attempts.

These are bounded criteria, not grounds for PATCH2 before RS3-BUNDLE.

10. Trust Interface Assessment

The six interfaces are sufficient as a baseline for the next macro:

Owner-reference resolver.
Trusted production-untouched snapshot provider.
Isolated executor/manual-path boundary.
Transient-GUC handling.
Validator closure envelope.
Deployed-artifact resolver.

Required refinements in RS3-BUNDLE:

Owner envelope: issuer, audience, target, operation, scope, artifact hash, expiry, revocation, nonce/replay.
Snapshot envelope: bounded manifest, freshness, completeness, observer trust root, same-observer continuity.
Validator envelope: deterministic canonical encoding and signature/hash binding; validator remains pure.
Deployed-artifact envelope: canonical path, hash algorithm/version, origin, immutable admission reference, drift state.

Registrar code, transaction SQL, role grants, and runtime lookup implementations remain out of scope.

11. S142B Classification Assessment

PASS.

142 rows are not called sanctioned.
They are not merged with the 18 auto-apply rows.
The primary authorization source remains SOURCE_NOT_READ.
This is not a blocker to RS3-BUNDLE because that macro may define disposition criteria and source requirements without ratifying or mutating anything.
It remains a blocker to any claim of authorized historical disposition.

12. Reuse-First and Governance DOT Decision

Reuse status: HARDENABLE_CANDIDATE_SOURCE_INCOMPLETE.

Existing registrar and register/verify patterns must be exhausted before proposing a new registrar or registry.

DOT_GOVERNANCE_DOT_ADMISSION = DEFER / NEED_ONLY_IF_REUSE_FAILS.

No authoring or technical design is permitted now. A separate governance DOT remains inadmissible unless the existing registrar and registry/APR path are proven insufficient against the corrected obligations.

13. Next Macro Decision

Single next macro: RS3-BUNDLE

Name: Owner Resolver + Trusted Snapshot + Validator N07/N12/N16/N22 Closure Criteria + Residue Disposition Criteria
Timebox: 60–90 minutes.
Mode: read-only / KB-design only.
Owner approval to start: not required.

The bundle has four isolated LEGO blocks:

Owner Resolver block
- authority envelope and reject contract;
- no owner row creation.
Trusted Snapshot block
- observer/snapshot envelope and protected-surface manifest;
- no snapshot runtime wiring.
Validator Closure block
- N07/N12/N16/N22 contract and adversarial matrix;
- no validator patch in this macro.
Residue Disposition block
- separate criteria for 18, 142, and system-auto-approve populations;
- S142B source requirement and Điều 35 health evidence requirement;
- no ratification, deletion, or relabeling.

Shared integration is envelope-only: target, operation, artifact hash, run ID, issuer, audience, expiry, nonce, and evidence references. Each block remains independently replaceable and reviewable. No registrar hardening is included; that follows as RS3B-REGISTRAR-HARDENING-DESIGN after the interfaces are accepted.

RS3-BUNDLE cannot authorize registration or exit with runtime readiness.

14. Must-Not-Do Confirmation

Confirmed no:

runtime mutation;
DDL/DML/manual SQL/psql;
Directus generic mutation;
DOT registration, wiring, or run;
schema creation;
Macro-9A/9C or B2 build;
registrar code change;
validator or Điều 32/35 patch;
gate flip;
APR creation/approval;
Owner authority action;
registry/table/collection creation;
DOT_GOVERNANCE_DOT_ADMISSION authoring/design;
RISK-BYPASS clearance;
S142B sanction claim;
merging 142 with 18;
activation during registration;
old-law override.

The only write is this Codex report in AgentData KB.

15. Self-Check

Check	Result
RS2-PATCH1 fully read	PASS — rev4 / 55,030
Prior Codex HOLD read	PASS
Eleven HOLD items checked	PASS
`dot-dot-register` identity/reported behavior checked	PASS_WITH_CAVEAT — source code unread
`dot-catalog-sync` distinction checked	PASS
Five-phase model checked	PASS
Durable audit vs rollback checked	PASS_AS_CRITERIA
Deployed-artifact resolver checked	PASS
Idempotency/concurrency checked	PASS_AS_CRITERIA
Pair cardinality checked	CORRECTED
S142B label checked	PASS
Governance admission DOT remains DEFER	PASS
Registration HOLD retained	PASS
Single next macro selected	PASS — RS3-BUNDLE
LEGO/DOT-only/no-mega retained	PASS
Codex live runtime read performed	NO — `NO_CODEX_LIVE_READ`

Three Declarations

Permanent/root-cause: the accepted model separates authority, registration, verification, activation, and compensation and binds artifacts through evidence envelopes.
Cannot be mistaken: each phase has a fail-closed gate; registration cannot imply activation, and packet evidence cannot confer authority.
100% automatic: not claimed. Automation remains unproved until the future governed path enforces the accepted interfaces and proof obligations.

OR/TD/handoff update: not required because this is an independent review with no operating-rule, runtime, or implementation change.

16. Final Verdict

ACCEPT_RS2_PATCH1_AND_PROCEED_TO_NEXT_MACRO.

Proceed to RS3-BUNDLE only. Registration remains HOLD; no runtime or Owner-authority action is authorized.