Incomex AI Portal
KB-78BA

Macro-RS2 — Registration-Path Authority-Trust Reconciliation and Proof-Obligation Design (2026-06-20)

54 min read Revision 1
laws-newnewlawsmacro-rs2registration-pathauthority-trustrisk-bypass-reconciliationproof-obligationtrust-interfacedot-registrationr2-b2read-onlynon-authorizingregistration-holdready-for-codex2026-06-20

Macro-RS2 — Registration-Path Authority-Trust Reconciliation and Proof-Obligation Design

Mission: R2-B2-MACRO-RS2-REGISTRATION-PATH-AUTHORITY-TRUST-RECONCILIATION-AND-PROOF-OBLIGATION-DESIGN-2026-06-20 Class: read-only reconciliation + registration-transaction reconstruction (proof-obligations / acceptance-criteria only) + trust-interface acceptance criteria · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NOT technical design · NOT implementation · NO blocker resolved · NO runtime mutated. Date: 2026-06-20 · Editorial revision: rev1 (AgentData storage revision / content_length authoritative at read time). Builds on (does not overwrite): RS1 (…/reports/macro-rs1-registration-substrate-trust-survey-and-design-entry-gate-2026-06-20.md, rev1), PATCH1 (…/reports/macro-rs1-patch1-required-source-coverage-and-impact-assessment-2026-06-20.md, rev1), Codex RS1+PATCH1 decision packet (…/reports/codex/codex-review-rs1-patch1-registration-substrate-decision-packet-2026-06-20.md, rev1: ACCEPT_RS1_PATCH1_AND_PROCEED_TO_RS2 · REGISTRATION_HOLD · READY_FOR_RS2). Slice: the authority/trust path for admitting/registering DOT_R2_B2_STAGING_SCHEMA_SHELL only. Not whole-system. Authorizes nothing. Engineering/coverage/live-containment PASS ≠ Authority PASS. KB admission ≠ runtime registration. Default = HOLD.

1. STATUS

PASS_WITH_CAVEATS — the RS2 reconciliation + proof-obligation design is complete and ready to hand to Codex. The registration substrate itself remains HOLD. RS2 made one material advance over RS1/Codex: a fresh, independent read-only runtime read (2026-06-20) of the full approval-gate chain — which Codex could not perform (it had no live query_pg; its runtime claims were RS1_REPORTED, per its own C6) and which RS1 performed only partially (RS1 live-read fn_auto_approve_add but not the scanner apply path auto_apply_approval/quorum_passed). RS2's live read confirms both historical bypass mechanisms are now contained/quorum-gated. This narrows — but does not clear — the RISK-BYPASS conflict, and changes no registration blocker.

Mutation footprint this macro: ZERO. Evidence = direct AgentData KB reads + read-only query_pg (AST-validated READ ONLY transaction, read-only role, 5 s timeout, hard LIMIT 500). No DDL/DML, no manual SQL, no psql, no docker exec psql, no Directus generic create/update/delete, no registration, no APR created/approved, no gate flip, no validator patch, no Đ32/Đ35 patch, no schema, no owner row, no new registry/table/collection.

2. VERDICT

RS2_READY_FOR_CODEX_REVIEW

RS2 delivers the three outputs the Codex gate scoped (§10 of the RS1+PATCH1 packet): (A) it reconciles the RISK-BYPASS conflict against fresh live source and keeps the 18/142 split; (B) it reconstructs the authorized DOT-registration transaction as proof obligations + rollback boundary (acceptance criteria, not implementation); (C) it states owner-resolver, trusted-snapshot, isolated-executor, generic-create-block, transient-GUC, and validator-closure interfaces as acceptance criteria. Registration remains REGISTRATION_HOLD / REGISTRATION_CAN_PROCEED = NO on three independent single-sufficient blockers (no proven authorized registration transaction; Owner-of-record absent — governance_object_ownership = 0 live; trusted production-untouched snapshot provider absent).

RISK-BYPASS sub-state: RISK_BYPASS_MECHANISM_CONTAINED_LIVE_CONFIRMED · RESIDUE_OPEN · DOCUMENTARY_CONFLICT_PENDING_RATIFICATION. RS2 does not declare RISK_BYPASS_CLEARED (per Codex C7, "contained ≠ cleared"); it records a RISK_BYPASS_CLEARED_CANDIDATE at the mechanism level only, with residue and a documentary (stale-notes-vs-live) conflict that remain Codex's and the Owner's to ratify. This is not RS2_HOLD_RISK_BYPASS_SOURCE_CONFLICT (the conflict was substantially reconciled with primary live evidence, not left unexamined) and not RS2_REJECT_FAIL_OPEN (no invalid-input→write was observed; the runtime is fail-closed and both bypass mechanisms are gated — see §5/§7 for why the one residual fail-open-on-NULL approval-gate defect does not meet the REJECT bar).

3. EXECUTIVE SUMMARY

  1. RISK-BYPASS — both mechanisms live-confirmed contained/gated (RS2_LIVE_READ, 2026-06-20).
    • fn_auto_approve_add() body literally carries -- P0 authority-bypass containment (2026-06-06): action='add' no longer auto-approved at INSERT. and only appends a disabled-marker note, then RETURN NEW — it does not set status='approved'. INSERT-path quorum bypass = contained, independently confirmed.
    • auto_apply_approval() body now carries -- P1 scanner-apply control (2026-06-06): never auto-apply without proven quorum. IF NOT public.quorum_passed(rec.code) THEN … SKIP. The scanner apply path is quorum-gated. The 2026-06-06 doc 03 flagged this as open (apply_quorum_reproof_present=false); the live function proves the routed P1 hardening was applied — RS2 corroborates Codex C5 from primary source.
    • quorum_passed() is a genuine fail-closed check: NULL action/risk → RETURN false; proposer self-excluded; any reject blocks; high = president≥1 ∧ council≥2.
    • The 6 approval triggers are all live + enabled (matching the 2026-06-06 no-go guard), and all runtime gates are fail-closed (process_dot_runtime.dry_run_only=true / execute_enabled=false / real_run_enabled=false; iu_core.operator_runtime_enabled=false; iu_create.gateway.mode=enforced / direct_insert_policy=block_after_guard).
  2. But RISK-BYPASS is NOT cleared. Residue persists (RS2_LIVE_READ): approval_requests.action DEFAULT is still 'add' (H-OPT-2 never applied); the approval-transition gate fn_apr_quorum_check still has the NULL-mapping pass-through (IF proposed_action_code IS NULL THEN RETURN NEW; IF v_risk IS NULL THEN RETURN NEW); 160 historical non-quorum applied rows remain (orchestrator-s142b=142 + auto-apply-function=18); Đ35 "PRODUCTION READINESS FAIL" was not re-verified (14 health checks not re-run); and the Đ32/Đ35 compatibility notes (2026-06-17) + the prior Codex registration-readiness report still carry the stale "live bypass / 160 unvoted applies" headline. The mechanism-vs-documentary conflict is real and is Codex's + the Owner's to ratify.
  3. The 18 and 142 are DIFFERENT populations (kept split, per Codex C4). 18 auto-apply-function = the actual scanner auto-apply-without-vote lineage (doc 01/02: 17 reclassify + 1 birth_orphan, effects verified substantively-correct, any_quarantine=false; producing mechanism now gated). 142 orchestrator-s142b = a separate batch population whose primary sanctioning source RS2 could not locate (SOURCE_NOT_READ); the "sanctioned batch" label is Codex-asserted (secondary). They must not be merged.
  4. The DOT-registration transaction is doubly blocked at the Đ32 apply-leg (RS2_LIVE_READ). The owner/governance/law action types (assign_governance_owner, amend_law, enact_nrm, grant_governance_exception, assign_axis_owner) are all high-risk with handler_ref='unimplemented' (apply RAISES via fn_apr_block_unimplemented_handler), and no %dot% registration action_code surfaced in apr_action_types for the registration filter — i.e., there is no evidenced implemented, quorum-bound DOT-registration action type. Combined with governance_object_ownership=0 and no atomic registration transaction/rollback, this corroborates RS1-G01 with fresh primary data: no authorized DOT-registration path is proven.
  5. Owner authority is the upstream single-sufficient blocker. governance_object_ownership=0 (live) gates registration, real-run, and the ratification of the 18/142 residue (which needs owner/president votes per doc 02/11). No owner-reference resolver and no trusted read-only snapshot provider exist (Guard 3 proves equality of caller-supplied evidence, not provenance — N07).
  6. Reuse-first is not yet exhausted; DOT_GOVERNANCE_DOT_ADMISSION stays DEFER. Existing primitives (dot_tools + Đ32 APR/quorum + law_dot_enforcement + dot_config + KB admission) plausibly suffice once hardened, but their trusted use for this registration is unproven.

Net: registration HOLD on ≥3 independent single-sufficient blockers; RISK-BYPASS reconciled at the mechanism level (live-contained) with residue/documentary items routed; RS2 packet ready for Codex.

4. SOURCE REGISTER

Evidence tiers: PRIMARY_RUNTIME_READONLY · PRIMARY_CONTRACT · PRIMARY_LAWS_NEW · PRIMARY_HANDBOOK · SECONDARY_REPORT · SOURCE_NOT_READ. Runtime-claim provenance labels (mandatory): RS2_LIVE_READ = a fresh read-only query_pg observation made this macro (2026-06-20); RS1_REPORTED = runtime value reported by RS1; CODEX_REPORTED = asserted by a Codex review (no live tool, per Codex C6); SECONDARY = architecture/report evidence. ( /laws/ = enacted source/provenance corpus, read-only; laws-new/newlaws = working-law/notes/drafts, non-enacting. /laws/ was NOT used to override laws-new/newlaws.)

Source Revision / length Read status Evidence tier Used for Caveat
RS2 live query_pg survey (DB directus, schema public, 2026-06-20)fn_auto_approve_add, fn_apr_quorum_check, auto_apply_approval, quorum_passed, 6 approval_requests triggers, dot_config gates, approval_requests.action default, reviewed_by group-by, dot_tools/governance_object_ownership/dot_agent_api_contract/law_dot_enforcement counts, apr_action_types n/a READ (this run) PRIMARY_RUNTIME_READONLY RISK-BYPASS live reconciliation; transaction-map authority surfaces; gate states RS2_LIVE_READ — read-only role view, bounded to queries run; transient session GUCs not observable; full apr_action_types vocabulary not enumerated
RS1 official report rev1 / 46,040 FULL_READ SECONDARY_REPORT (RS2 base) blocker map, trust matrix, QCM, reuse matrix, gap report RS1's runtime claims are RS1_REPORTED; RS2 re-observed the load-bearing ones live
RS1 PATCH1 rev1 / 23,725 FULL_READ SECONDARY_REPORT (RS2 base) source-coverage corrections C1–C3; de-bai/LEGO/reuse confirmations Coverage PASS ≠ authority PASS
Codex RS1+PATCH1 decision packet rev1 FULL_READ SECONDARY_REPORT (the gate) C4 (18/142 split), C5 (NULL-map vs apply-time), C6 (no live tool), C7 (contained≠cleared), DEFER conditions, RS2 scope Governing acceptance gate; its runtime claims are CODEX_REPORTED
Codex registration-readiness review rev1 / 16,198 FULL_READ SECONDARY_REPORT prior gate REGISTRATION_CAN_PROCEED=NO; F1–F5; N07/N12/N16/N22 Still carries stale "live bypass" headline (CODEX_REPORTED)
de-bai-cai-tien.md rev33 / 29,088 FULL_READ (via reader agent) PRIMARY_LAWS_NEW LEGO Protocol §VI; "governance ≠ new machine" §IV; anti-bloat §IV.6/§VI.7 DOT-only-channel ban not literally in this doc
matrix-refactor-implementation-plan.md rev5 / 27,905 FULL_READ (via reader agent) PRIMARY_LAWS_NEW SSOT One-Roof "no governance island" §4.3; reuse-first §4.5/§14/§15 DRAFT, not enacted
matrix-refactor-quick-rules.md rev8 / 6,057 FULL_READ (via reader agent) PRIMARY_LAWS_NEW SSOT rules 18–23 anti-bloat; 19 "no new registry"; 28–31 protect /laws/
matrix-stamp-governance-addendum.md rev14 / 26,474 FULL_READ (via reader agent) PRIMARY_LAWS_NEW SSOT §9 "no new table v0.1" (3 hard conditions + M3 lane); §2b pre/post-promote substrate Backs DEFER of governance_dot_admission
laws-new/README.md rev4 / 2,290 FULL_READ (via reader agent) PRIMARY_LAWS_NEW POINTER two-corpus relationship; everything DRAFT /laws/ = enacted baseline, not subordinate to laws-new
newlaws/LAW_READING_INDEX.md rev2 / 28,225 FULL_READ (via reader agent) PRIMARY_LAWS_NEW POINTER two-corpus rule; CONS-004 order; RISK-BYPASS still OPEN in blocker list Map, not decree
Đ32 approval/owner-gate compatibility note rev1 / 3,110 FULL_READ PRIMARY_LAWS_NEW NOTE Owner-gate preserved; no Stamp-bypass; "RISK-BYPASS (BLOCKER) … close in Phase-1"; metric "missing mapping = 0" KEEP+NOTE, non-authorizing; carries stale bypass headline
Đ35 DOT-governance compatibility note rev1 / 3,816 FULL_READ PRIMARY_LAWS_NEW NOTE dot_tools SSOT; paired DOT; new/fix DOT via APR; "PRODUCTION READINESS FAIL"; RISK-BYPASS KEEP+NOTE; enacted ≠ production-ready
DOT Manage README rev1 / 1,047 FULL_READ (via reader agent) PRIMARY_HANDBOOK DOT-only zone; "No confirmed authorized DOT for run-scoped disposable staging schema"
DOT usage handbook rev11 / 115,013 FULL_READ (via reader agent) PRIMARY_HANDBOOK §3 DOT-only/no-manual-SQL; §15 🟥 NO; §18 missing DOT+4 guards; registries (dot_tools/dot_config/dot_agent_api_contract/law_dot_enforcement) Inventory evidence bounded
Collections README rev1 / 1,646 FULL_READ (via reader agent) PRIMARY_HANDBOOK DOT-only; no disposable workbench
Collections usage handbook rev11 / 94,267 FULL_READ (via reader agent) PRIMARY_HANDBOOK §8/§16 🟥 NO; sandbox_tac persistent+read-denied; ownership=0; gates shut
Macro-9B contract / guards / validator rev2 / 12,095 ; 11,333 ; 14,415 FULL_READ (via reader agent) PRIMARY_CONTRACT DOT identity + 4 guards; allowlist regex; 6 modes; "write-intent IFF gate==True ∧ Guard3 PASS"; AUTHORED-not-registered N07/N12/N16/N22 mechanics present + un-fixed
Macro-9B bad-input matrix / v2 evidence rev2 / 8,971 ; rev1 / 10,292 FULL_READ (via reader agent) PRIMARY_CONTRACT EVIDENCE 64/64 PASS, 0 fail-open (bounded, local) Local pure-validator ≠ runtime/authority proof
Macro-9B1 admission rev9 / 19,500 FULL_READ (via reader agent) PRIMARY_CONTRACT registry bridge; anti-orphan gate; candidate-on-paper governance_* KB admission ≠ registration
R2-B2 LEGO trio (corrected paths …/newlaws/consolidation/…, per C1) rev1 / 47,732 ; 27,230 ; 57,692 FULL_READ (via reader agent) SECONDARY DESIGN RECORDS B2 out-of-slice; no mega-pipeline / no fused INSERT (AC-1/AC-12); owner/channel/staging blockers; same blocker set + owner=0 Design-only, non-authorizing
P0 remediation set 2026-06-06 — doc 01 (containment), 02 (back-audit), 03 (regression/fail-closed), 11 (final summary) rev1 / 3,392 ; 2,501 ; 2,273 ; 2,431 FULL_READ SECONDARY_REPORT INSERT-path containment + no-go guard 6/6; 18-row lineage; apply-time P1 open-then-routed; ratify/reconcile dispositions SECONDARY, corroborated by RS2_LIVE_READ
Auto-approve hardening risk note (doc 27) / SB-1 fail-closed (doc 84) — 2026-06-01 rev1 / 13,075 ; 7,868 FULL_READ SECONDARY_REPORT original bypass anatomy; 6-trigger wiring; H-OPT-1..4 (incl. H-OPT-2 default→review, never applied); action='review' convention; Phase-B NO-GO SECONDARY (2026-06-01); pre-containment function body
142 orchestrator-s142b batch — primary sanctioning source SOURCE_NOT_READ SOURCE_NOT_READ not used as proof of "sanctioned" RS2 located the live count (142) but no primary doc classifying the batch; "sanctioned" is CODEX_REPORTED only
Claude "Macro-AB" RS1-precursor SOURCE_NOT_READ SOURCE_NOT_READ Not in KB (matches RS1/Codex); "23 extra cases" not used as evidence

5. RISK-BYPASS RECONCILIATION

Classifications (allowed set): LIVE_BYPASS · CONTAINED_WITH_RESIDUE · INTEGRITY_DEFECT_NOT_PROVEN_BYPASS · SANCTIONED_BATCH_NEEDS_RATIFICATION · SOURCE_CONFLICT_UNRESOLVED · CLEARED · SOURCE_NOT_READ. The 18 and 142 are kept as separate mechanisms (Codex C4).

# Mechanism Evidence (provenance) Current classification Why Closure condition Residue handling
1 fn_auto_approve_add() INSERT auto-approve RS2_LIVE_READ: body carries P0 … containment (2026-06-06); appends disabled note + RETURN NEW; does not set approved. Corroborated by doc 01 (containment) + doc 27/84 (pre-containment body) CONTAINED_WITH_RESIDUE Mechanism neutralized at INSERT 2026-06-06; trigger trg_apr_auto_approve preserved (live, enabled) so behaviour is policy-bound not trigger-dropped Codex re-reads the live body and ratifies the documentary headline; keep trigger + body under change-control Containment marker is a note only; the 8 historical system_auto_approve rows (row 11) remain
2 auto_apply_approval() scanner apply path RS2_LIVE_READ: body carries P1 scanner-apply control (2026-06-06): never auto-apply without proven quorum; IF NOT quorum_passed(code) THEN SKIP. doc 03 showed this OPEN on 2026-06-06; live proves the routed P1 hardening landed CONTAINED_WITH_RESIDUE Apply path now quorum-gated; corroborates Codex C5 from primary source Confirm quorum_passed is not later regressed; ratify the 18 rows it applied pre-gating (row 6) Dormant (per doc 01, 0 fuel); 18 historical applied rows remain
3 quorum_passed(p_code) apply-time gate RS2_LIVE_READ: NULL action/risk → RETURN false; proposer self-excluded (INV-1); reject blocks (INV-3); high=pres≥1∧council≥2 CLEARED (correct supporting control) Genuine fail-closed quorum check; stronger than the approval-transition gate (fails closed on NULL) None — keep as the apply-leg control n/a
4 fn_apr_quorum_check() approval-transition gate — NULL mapping RS2_LIVE_READ: IF NEW.proposed_action_code IS NULL THEN RETURN NEW; … IF v_risk IS NULL THEN RETURN NEW; then correct quorum rules for non-NULL codes INTEGRITY_DEFECT_NOT_PROVEN_BYPASS A NULL-mapping / unknown-action APR can pass pending→approved without quorum (fail-open at the approval layer). It is not a proven applied-transition bypass: the apply-leg (quorum_passed, handler_ref='unimplemented') is fail-closed; a real DOT-registration APR carries a non-NULL high-risk code where quorum fires (Codex C5) Reject/escalate NULL proposed_action_code/risk_level (fail-closed) via a governed change; add negative tests Defect, not active bypass; close before relying on Đ32 for registration
5 approval_requests.action DEFAULT 'add' RS2_LIVE_READ: column_default = 'add'::character varying, nullable. H-OPT-2 (default→review) never applied (doc 27/84) INTEGRITY_DEFECT_NOT_PROVEN_BYPASS (hazard surface) The historic "default trap" surface persists; its old auto-approve effect is neutralized by mechanism 1, but the unsafe default remains and the interim safety is convention (action≠'add') Apply H-OPT-2 (default→'review' or drop) via a governed change; or enforce action≠'add' at INSERT for governance-family codes (H-OPT-3) Latent; pair with mechanism 4 closure
6 18 rows reviewed_by='auto-apply-function' RS2_LIVE_READ: count = 18. doc 01: "the actual scanner auto-apply-without-vote class"; doc 02: 17 reclassify (governance_role='observed', junction tables, verified live) + 1 birth_orphan (meta_catalog for pivot_results), any_quarantine=false CONTAINED_WITH_RESIDUE (actual bypass lineage; effects ratify-able) Producing mechanism now gated (row 2); effects verified substantively-correct governance metadata, no harmful pollution Governed retroactive ratification (owner/president vote — needs Owner row, §8) Do not bulk-delete/relabel; record ratification for the audit trail
7 142 rows reviewed_by='orchestrator-s142b' RS2_LIVE_READ: count = 142. Primary sanctioning source SOURCE_NOT_READ (RS2 KB search found none). "sanctioned batch" = CODEX_REPORTED (C4) SANCTIONED_BATCH_NEEDS_RATIFICATION A separate, later batch population — not the auto-apply bypass mechanism (Codex C4). Its sanctioning is asserted, not primary-verified by RS2 Locate the primary batch-authorization source; ratify or remediate via governed path; do not merge with the 18 Carried as needs-ratification with a SOURCE_NOT_READ flag on the "sanctioned" claim
8 Đ32 compatibility note (2026-06-17) FULL_READ (PRIMARY_LAWS_NEW NOTE): "RISK-BYPASS (BLOCKER) — a live bypass … fn_auto_approve_add, 160 unvoted applies … close in Phase-1" SOURCE_CONFLICT_UNRESOLVED (documentary) Note headline is stale vs the 2026-06-06 containment + RS2 live read; the discipline it states (no Stamp-bypass, no self-downgrade) is correct and preserved Codex/Owner ratify the note's status (update headline to "contained 2026-06-06, residue open") without weakening Đ32 Non-authorizing; reconcile wording, keep the discipline
9 Đ35 compatibility note (2026-06-17) FULL_READ (PRIMARY_LAWS_NEW NOTE): "PRODUCTION READINESS FAIL … 14/14 health checks not LIVE"; "RISK-BYPASS (BLOCKER) … 160 unvoted applies" SOURCE_CONFLICT_UNRESOLVED (documentary) + Đ35 health HOLD Bypass headline stale (as #8); but Đ35 production-readiness FAIL is a distinct HOLD that RS2 did not re-verify Re-observe the 14 Đ35 health checks (read-only) in a future macro; ratify the bypass headline Đ35 health re-verify is a residue obligation (§13)
10 Prior Codex registration-readiness report FULL_READ (SECONDARY): F1 lists fn_auto_approve_add + 160 unvoted applies as a live blocker SOURCE_CONFLICT_UNRESOLVED (documentary) CODEX_REPORTED with no live tool (its own evidence limitation); superseded on the mechanism by RS2_LIVE_READ Folded into the Codex RS2 review Use as provenance, not as live truth
11 8 rows reviewed_by='system_auto_approve' RS2_LIVE_READ: count = 8. doc 02 back-audit: 3 applied (APR-0218/0221/0231 → ratify), 1 undisposed (APR-0234 → reconcile), 4 smoke-test (rejected/inert) CONTAINED_WITH_RESIDUE Insert-path historical rows; back-audited, any_quarantine=false; effects substantively-correct Governed ratify/reconcile (owner authority) Preserve; record disposition
12 P0/P1 containment record set (2026-06-06) FULL_READ (SECONDARY): doc 11 "AUTHORITY_BYPASS_CONTAINED"; doc 03 fail-closed proof 8/8; no-go guard 6/6 CONTAINED (corroborating evidence) Establishes the containment that RS2_LIVE_READ independently re-confirms 2026-06-20 n/a n/a

Reconciliation verdict. The two active bypass mechanisms (#1, #2) are CONTAINED_WITH_RESIDUE, live-confirmed — a RISK_BYPASS_CLEARED_CANDIDATE at the mechanism level. RISK-BYPASS overall is not cleared: integrity defects (#4, #5), historical residue (#6, #7, #11), Đ35 health HOLD (#9), and the documentary conflict (#8, #9, #10) remain. Registration HOLD is independent of all of this (it rests on owner/snapshot/registration-path — §8), so RISK-BYPASS does not gate the production of this packet, but it must be ratified before the Đ32 leg of any registration is trusted.

Why not RS2_REJECT_FAIL_OPEN. The only fail-open observed is the NULL-mapping pass-through in the approval-transition gate (#4). It (a) is a pre-existing, documented integrity defect, not the registration substrate accepting a bad input and writing; (b) cannot produce an applied write — the apply-leg (quorum_passed, handler_ref='unimplemented') is fail-closed; (c) is irrelevant to a real DOT-registration APR (non-NULL high-risk code → quorum fires). The runtime defaults are fail-closed and both bypass mechanisms are gated. So the REJECT bar ("invalid→PASS/write behavior" in the gated substrate) is not met; #4 is carried as a HIGH integrity defect to close, consistent with RS1 and Codex.

6. 18 / 142 HISTORICAL ROW SPLIT (explicit — do not merge)

Live reviewed_by distribution of approval_requests (RS2_LIVE_READ, 2026-06-20, full group-by):

reviewed_by n Population meaning Classification Primary evidence
orchestrator-s142b 142 Separate later batch; not the auto-apply bypass mechanism SANCTIONED_BATCH_NEEDS_RATIFICATION (sanctioning = CODEX_REPORTED; primary origin SOURCE_NOT_READ) live count only; no primary batch-authorization doc found
auto-apply-function 18 Scanner auto-apply-without-vote — the actual bypass lineage CONTAINED_WITH_RESIDUE (mechanism now gated; effects ratify-able) doc 01 (lineage), doc 02 (17 reclassify + 1 birth_orphan, verified, any_quarantine=false)
system_auto_approve 8 INSERT-path auto-approve historical rows CONTAINED_WITH_RESIDUE (back-audited: 3 ratify, 1 reconcile, 4 inert) doc 02 back-audit ledger
system_auto_expire 19 Auto-expiry (lifecycle), not a bypass out of scope (lifecycle) live count
null 29 reviewed_by unset (pending / unreviewed) not a bypass population (observed, neutral) live count
S178-Fix21-P3-V2 7 Tagged fix batch out of scope live count
president 5 Genuine human-reviewed correct (quorum path) live count
desktop / Claude Desktop S145 1 / 1 Operator-tagged out of scope live count

The "160 unvoted applies" headline = 142 + 18. RS2 confirms the count live and keeps the two split: only the 18 are the auto-apply bypass lineage; the 142 are a distinct batch whose sanctioning RS2 cannot primary-verify (SOURCE_NOT_READ). Conflating them (as RS1 occasionally did, corrected by Codex C4) would misclassify 142 medium-audit rows as bypass residue.

7. Đ32 / Đ35 AUTHORITY PATH RECONSTRUCTION

Đ32 (Approval / Owner-Gate, v1.1, enacted; KEEP+NOTE). The canonical Owner-gate / Mục-3 lane. Quorum scales with risk: high = ≥1 president + ≥2 ai_council + 0 reject; medium = ≥1 president; low = ≥1 approve. Self-approve prohibited; no Stamp/Matrix bypass for production/kernel; no Owner self-downgrade of risk. Live mechanics (RS2_LIVE_READ):

  • Approval transition pending→approved is guarded by trg_apr_quorum_check → fn_apr_quorum_check (BEFORE UPDATE OF status WHEN new=approved ∧ old=pending). Correct for non-NULL action codes; fail-open on NULL mapping (§5 #4).
  • Apply transition →applied is guarded by trg_apr_block_unimplemented → fn_apr_block_unimplemented_handler (RAISES on handler_ref='unimplemented') and, for the scanner path, by quorum_passed (fail-closed).
  • INSERT auto-approve (trg_apr_auto_approve → fn_auto_approve_add) is contained (§5 #1).

Đ35 (DOT Governance, v5.2 FINAL, enacted; KEEP+NOTE). dot_tools = SSOT registry; paired DOT (A = read/auto-approve, B = execute/Đ32-approval); law_dot_enforcement mapping; fix_repair_dot lifecycle. Note caveats that travel with the asset: PRODUCTION READINESS FAIL (14 health checks not LIVE — not re-verified by RS2), RISK-BYPASS, fn_birth_gate is dot_tools-metadata-scoped (warn-mode + kill-switch), not the canonical-birth gate. Reuse the pattern, carry the caveats.

Where each participates in registering DOT_R2_B2_STAGING_SCHEMA_SHELL:

  • Đ32 governs the authorization: an Owner grant (owner-of-record) and the DOT-registration APR must pass quorum. A high-risk DOT registration depends on the Đ32 quorum gate being trustworthy (mechanism contained; NULL-mapping defect to close).
  • Đ35 governs the substance: the DOT must land in dot_tools + law_dot_enforcement (paired) + a dot_config gate, through a governed path — Đ35 contract §7 (per RS1): "dot_tools is NOT written by hand."

Critical live finding (RS2_LIVE_READ) on the apply-leg. apr_action_types for the registration-relevant filter returns five high-risk codes — assign_governance_owner, assign_axis_owner, grant_governance_exception, amend_law, enact_nrm — ALL with handler_ref='unimplemented', and no %dot% (e.g. new_dot/register_dot/fix_repair_dot) action_code surfaced. Implications:

  1. An owner grant (assign_governance_owner) can be approved with quorum but cannot be auto-applied (handler unimplemented → RAISE). The owner-of-record must be landed through a path that builds/authorizes a real handler — itself an Owner-gated step. (Historically the DOT registrations in doc 02 rode the now-closed INSERT bypass + NULL-mapping hole, not a governed high-risk action type.)
  2. There is no evidenced implemented, quorum-bound DOT-registration action type today → the Đ32/Đ35 registration leg is unproven (corroborates RS1-G01 with fresh primary data). (Caveat: the full apr_action_types vocabulary was not enumerated; absence under the registration filter is strong but bounded evidence.)

The registration transaction therefore depends on capabilities that are deliberately reserved-only (unimplemented handlers) and on an Owner-of-record that does not exist (governance_object_ownership=0) — both fail-closed, both unproven-as-trusted-path.

8. DOT-REGISTRATION TRANSACTION MAP

Acceptance-criteria reconstruction only — no design, no SQL, no execution. Status set: READY_AS_CRITERIA · HOLD_OWNER · HOLD_PATH · HOLD_REUSE · HOLD_SNAPSHOT · HOLD_EXECUTOR · HOLD_ROLLBACK · DEFER.

Step Surface Write? Authority needed Existing primitive Proof obligation Rollback obligation Status
0 Admission packet (KB) No (KB only) Anti-orphan admission (Macro-9B1) …/admission/…birth-admission rev9 Admission record valid + bound to the artifact set; "admission ≠ registration" stated n/a (KB; non-runtime) READY_AS_CRITERIA (exists; non-runtime)
1 Owner resolution → governance_object_ownership Yes Đ32 assign_governance_owner (high; handler unimplemented, RS2_LIVE_READ) table exists, 0 rows (RS2_LIVE_READ) An owner row provably bound to a real Owner grant via quorum; resolver criteria (§10A) Revoke path defined; no orphan owner row HOLD_OWNER (single-sufficient)
2 Registration APR / quorum (Đ32) Yes (approval_requests+apr_approvals) quorum per risk; no self-approve; non-NULL action code gate live; no DOT-registration action_code evidenced; NULL-map defect Real high-risk action code with implemented handler; quorum proof; reject-block proof APR/votes reversible; terminal-immutability honoured HOLD_PATH
3 dot_tools INSERT (registry row) Yes Đ35 governed path; "not written by hand" dot_tools=309 live; 0 match r2_b2 (RS2_LIVE_READ) Authorized actor/path writes the row atomically; postcondition = exactly one matching row Delete/disable the row on failure, atomically HOLD_PATH
4 law_dot_enforcement mapping (paired DOT) Yes Đ35 paired-DOT discipline 272 rows live (RS2_LIVE_READ); DOT unmapped Mapping written in the same governed transaction; paired read-only verifier exists Mapping removed on rollback HOLD_PATH
5 dot_config runtime gate row Yes (flip) Owner-approved gate change gates live + shut (RS2_LIVE_READ) Gate opened only post-registration, explicitly, by Owner Gate re-closed atomically on abort HOLD_OWNER
6 dot_agent_api_contract binding (optional) Yes channel decision (R2-D2, still undecided) 2 unrelated rows (RS2_LIVE_READ) Binding only after registration + channel decision Binding removed on rollback DEFER
7 Audit / changelog (registry_changelog) Yes (provenance) Đ35/Đ32 audit discipline exists (provenance ledger; not a stamp ledger) Every registration write produces a durable audit record (actor/time/run_id) Audit record marks the rollback HOLD_PATH
8 Postcondition verification No (read-only verifier) paired read-only verifier (Đ35) Guard pattern (Macro-9B) A paired verifier re-reads the registry and asserts the intended end-state, fail-closed n/a (verifier) HOLD_PATH
9 Production-untouched snapshot No (read-only observer) trusted snapshot provider Guard 3 = caller-supplied verdict only (N07) Before/after from a trusted observer, hash/actor/time/run_id bound (§10B) n/a HOLD_SNAPSHOT (single-sufficient)
10 Isolated executor identity n/a (role) minimal-priv DOT-executor role none (write held by directus+workflow_admin) A scoped role executes the registration; generic create blocked (§10C) role grant reversible HOLD_EXECUTOR
11 Registration transaction atomicity + rollback n/a (txn) governed atomic transaction none (HOLD-2 analog: no atomic promote txn) Steps 1–8 succeed-all-or-rollback-all; postcondition proof; rollback proof The transaction boundary IS the rollback boundary HOLD_ROLLBACK
12 Codex review of the registration package No (KB) independent review this packet → Codex Codex independently re-derives authority/snapshot/txn proofs n/a READY_AS_CRITERIA
13 One consolidated Owner decision No (decision) Owner authority (after Codex) One consolidated decision; no micro-approval chain n/a HOLD_OWNER

Transaction boundary (criteria): steps 1–8 must commit as one atomic governed unit (owner pre-resolved at step 1; APR pre-approved at step 2; the registry writes 3–4–5–7 + verifier 8 atomic). Rollback boundary: any failure in 3–8 rolls back 3–7 to the pre-registration state, leaving dot_tools/law_dot_enforcement/dot_config at their prior counts and emitting an audit record. No atomic registration transaction or rollback is proven today (step 11, HOLD_ROLLBACK; HOLD-2 analog).

9. PROOF-OBLIGATION MATRIX

Failure-state vocabulary maps to the stop states (§16). "Future macro" routes the obligation; RS2 designs the criteria, not the implementation.

# Proof obligation Why needed Source Acceptance criteria Negative test Failure state Future macro
1 Owner authority proof No owner = no authority RS2_LIVE_READ ownership=0; Đ32 note An owner row bound to a real Owner grant via Đ32 quorum Fabricated/blank owner ref → reject HOLD_OWNER_AUTHORITY_MISSING RS3
2 Approval quorum proof Registration is high-risk RS2_LIVE_READ fn_apr_quorum_check/quorum_passed Non-NULL high-risk code; president≥1 ∧ council≥2; recorded votes 0/insufficient votes → reject HOLD_RISK_BYPASS (gate) RS3 / RS2B
3 No self-approval proof Proposer ≠ approver RS2_LIVE_READ (INV-1 self-exclusion) proposer excluded from the count proposer self-approves → reject HOLD_RISK_BYPASS RS2B
4 Reject-block proof Any reject blocks RS2_LIVE_READ (INV-3) ≥1 reject ⇒ cannot approve reject present yet approved → fail HOLD_RISK_BYPASS RS2B
5 DOT package identity / hash proof Register the right artifact Macro-9B contract/validator rev2 Registered code+hash == admitted artifact mismatched hash → reject HOLD_REGISTRATION_PATH_UNPROVEN RS5
6 Admission-packet binding proof Anti-orphan gate Macro-9B1 admission rev9 Valid admission record bound to the artifact set missing/invalid admission → HOLD HOLD_ADMISSION_MISSING_OR_INVALID RS5
7 dot_tools postcondition proof Exactly-once registration RS2_LIVE_READ 0/309 After commit, exactly one matching row 0 or >1 rows → fail HOLD_REGISTRATION_PATH_UNPROVEN RS5
8 law_dot_enforcement postcondition proof Paired-DOT discipline Đ35; RS2_LIVE_READ 272 Mapping present + paired verifier passes unmapped/unpaired → fail HOLD_REGISTRATION_PATH_UNPROVEN RS5
9 dot_config gate proof Inert-by-default RS2_LIVE_READ gates shut Gate opened only post-registration, by Owner, explicitly gate open pre-registration → fail HOLD_OWNER RS4/Owner
10 dot_agent_api_contract binding proof Optional channel bind RS2_LIVE_READ 2 rows Binding only after registration + channel decision binding before registration → reject DEFER RS4
11 Production-untouched snapshot proof No prod touch guards contract; N07 Trusted observer before/after, provenance-bound caller-supplied equal snapshots → reject as proof HOLD_SNAPSHOT_SOURCE_UNTRUSTED RS3
12 Manual-path-blocked proof DOT-only zone handbooks §3; RS2_LIVE_READ (directus has create) Generic Directus/PG create policy-blocked; manual SQL/psql impossible manual DDL succeeds → fail HOLD_MANUAL_PATH_OPEN RS4
13 Isolated executor proof Least privilege RS1 GAP4; no scoped role Scoped minimal-priv role executes registration run as directus/workflow_admin → reject HOLD_MANUAL_PATH_OPEN RS4/Owner
14 Transient-GUC non-bypass proof Spoofable session GUC RS2_LIVE_READ app.canonical_writer Write-gating not reliant on a spoofable session GUC, or server-enforced proof session GUC set by caller bypasses gate → fail HOLD_TRANSIENT_GUC_UNPROVEN RS4
15 Rollback proof Atomic registration HOLD-2 analog; promote-checker Failure rolls back all registry writes to prior counts partial write persists after abort → fail HOLD_REGISTRATION_PATH_UNPROVEN RS5
16 Audit / changelog proof Provenance registry_changelog Every write + rollback produces a durable audit record unaudited write → fail HOLD_REGISTRATION_PATH_UNPROVEN RS5
17 Delete-fast proof (Macro-9A boundary) Disposable staging SB-4; trio staging contract DROP SCHEMA … CASCADE leaves prod provably untouched residue in prod after teardown → fail (gates Macro-9A, not registration) post-registration
18 Codex review proof Independent check this packet Codex re-derives authority/snapshot/txn proofs Codex finds an un-met blocker → HOLD (Codex gate) Codex
19 Owner decision proof One consolidated decision Codex §10 exit rule Single consolidated Owner decision after Codex micro-approval chain / pre-Codex decision → reject HOLD_OWNER Owner

10. TRUST INTERFACE ACCEPTANCE CRITERIA (criteria only — NOT implementation)

A. Owner-reference resolver

  • Input: an owner_authorization_ref (opaque token) presented at registration.
  • Output: a resolved, verified Owner-of-record identity + the governing grant, or a structured reject.
  • Trusted source: governance_object_ownership (live 0 rows) populated only via a Đ32 quorum-approved assign_governance_owner grant — not the caller, not the validator.
  • Reject cases: empty/blank ref; ref not resolvable to a live grant; grant expired/revoked; proposer==owner self-grant; ref resolvable only to a caller-asserted value.
  • Proof artifact: a binding record linking ref → ownership row → approving APR (with quorum votes).
  • Rollback / no-mutation property: the resolver is read-only; it asserts, it does not create the owner row.
  • Anti-fake property: closes N07 — a non-empty ref must resolve to an independently authoritative grant; a fabricated ref that merely passes a non-empty check is rejected.

B. Trusted production-untouched snapshot provider

  • Protected surfaces: public (prod) tables/schemas; the existing inspect_*/birth_registry/canonical surfaces; any non-r2_b2_wb_* schema.
  • Before/after capture source: a trusted read-only observer (not the caller, not the DOT under test) that reads the protected surfaces directly.
  • Hash / binding: before/after captured as content hashes bound to actor + time + run_id + observer identity.
  • Reject cases: caller-supplied snapshots; snapshots not bound to the observer; mismatched run_id; equal before/after with no provenance.
  • Anti-spoof proof: equality of caller-provided before/after proves equality, not provenance (Codex F1/N07); only an observer-signed, run-bound snapshot is acceptable.
  • Why caller-supplied equality is insufficient: Guard 3 (DOT_PRODUCTION_UNTOUCHED_VERIFY) verifies the supplied evidence and does no DB I/O; a caller can supply equal fabricated snapshots and pass — so the verdict must consume observer-sourced, bound snapshots.

C. Isolated executor / manual-path hardening

  • Allowed role: a dedicated minimal-privilege DOT-executor role scoped to r2_b2_wb_* schema operations and the governed registration writes.
  • Forbidden roles: the generic directus app role (live: holds schema-create — GAP 2) and workflow_admin SUPERUSER (GAP 4) must not be the registration executor.
  • Forbidden paths: manual SQL, psql, docker exec psql, Directus generic collection/table create (handbooks §3; GAP 3 — generic create not policy-blocked live).
  • Evidence of generic-create block: a negative test proving a generic Directus/PG create of a schema/table is refused for non-DOT actors.
  • Fail-closed behaviour: absent the scoped role + the generic-create block, registration/real-run must remain HOLD.

D. Transient GUC handling

  • What cannot be proven today: RS2_LIVE_READ confirms iu_create.gateway.marker_key = app.canonical_writer — writes are gated by a session GUC. Transient session GUCs are not observable via read-only query_pg, so the absence of a transient bypass cannot be proven (persisted layer pg_db_role_setting was reported empty by RS1, but that covers only the persisted layer).
  • What a future proof must show: either (i) the write-gate is server-enforced independent of any caller-settable session GUC, or (ii) a governed proof that the marker GUC cannot be set by an untrusted caller.
  • How to avoid relying on a spoofable session GUC: registration/real-run authorization must not depend on a value the caller can SET in its own session; bind authorization to the resolved Owner grant + isolated executor identity instead.

E. Validator closure criteria (N07 / N12 / N16 / N22)

The Macro-9B validator (rev2) closes the 7 Codex HOLD findings but the N-findings remain open (RS2 confirms the mechanics are present and un-fixed in the rev2 body via the reader-agent source inspection; KB/code-only closure, no runtime wiring):

  • N07 (fabricated owner ref + self-asserted snapshot): closure = the validator must not be the source of owner/snapshot truth; it consumes the resolver (§A) + observer (§B) outputs. Negative test: non-empty fake ref + equal caller snapshots → reject.
  • N12 (run_id accepted as a substring, not exact target identity): closure = exact r2_b2_wb_<run_id> token-boundary match. Negative test: a schema embedding run_id as a substring of a different identity → reject.
  • N16 (no PostgreSQL 63-byte identifier-length check): closure = validate the encoded identifier length ≤ 63 bytes. Negative test: a 64+-byte / truncation-colliding name → reject.
  • N22 (non-mapping request raises instead of structured reject): closure = isinstance/dict guard on the request and on field types. Negative test: None / non-dict / wrong-typed fields → deterministic structured reject, never an unhandled raise.

11. REUSE-FIRST DECISION

REUSE_PATH_PLAUSIBLE_BUT_UNPROVEN.

Existing primitives — dot_tools (309) + Đ32 APR/quorum (fn_apr_quorum_check/quorum_passed, live) + law_dot_enforcement (272) + dot_config (gates) + KB admission (rev9) + registry_changelog (provenance) — could in principle support a trusted DOT registration if hardened. But RS2_LIVE_READ shows three unmet conditions that keep the reuse unproven: (1) no implemented, quorum-bound DOT-registration action type evidenced and owner handler is unimplemented; (2) no Owner-of-record (ownership=0); (3) no atomic registration transaction/rollback. Therefore reuse is plausible but not yet proven sufficient — which is exactly why a new governance DOT must not be built yet (reuse-first is not exhausted; matrix-stamp-addendum §9 "no new table v0.1" + quick-rules 19 "no new registry if the old books suffice"). Only if a future macro proves these primitives cannot carry the bounded registration responsibility does REUSE_PATH_NOT_SUFFICIENT become available — and only then may minimal new-capability criteria be proposed (not designed/authored).

12. DECISION ON DOT_GOVERNANCE_DOT_ADMISSION

DEFER (consistent with Codex §9 and RS1 §11; reinforced by PATCH1's reuse-first/anti-bloat findings).

Necessity is not proven: reuse-first over existing primitives is plausible-but-unproven (§11), not exhausted. Authoring/designing this DOT now would risk a mini-governance island owning admission + approval + registration + evidence + execution at once — the precise "no parallel governance / One-Roof is the only roof" shape forbidden by de-bai §IV, matrix-refactor-implementation-plan §4.3, quick-rules 20, and matrix-stamp-addendum §11. It is only admissible to propose (criteria-only, never author/design) after a future macro proves no existing governed primitive can supply the bounded registration responsibility, and only within Codex §9's narrow boundary (consume already-authoritative approval/owner/admission evidence; one bounded responsibility through existing registries; paired read-only verifier; exact rollback + postcondition; no new authority store/approval model/birth system/graph/scheduler/generic registry). RS2 does not author, design, or register it.

13. RS2 GAP REPORT

Severity ∈ {BLOCKER (single-sufficient), HIGH, MEDIUM, DEFER}. New/advanced this macro vs RS1 noted.

Gap ID Gap Severity RS2 status vs RS1 Closure → macro
RS2-G01 No authorized DOT-registration transaction proven (no implemented DOT-registration action type; "not by hand") BLOCKER Advanced — RS2_LIVE_READ found no %dot% action_code + unimplemented owner handler RS5
RS2-G02 Owner-of-record absent (governance_object_ownership=0) — upstream of registration, real-run, AND 18/142 ratification BLOCKER Confirmed live RS3 then Owner
RS2-G03 Trusted production-untouched snapshot provider absent (Guard 3 caller-supplied; N07) BLOCKER Confirmed RS3
RS2-G04 No isolated DOT-executor role; generic directus create not policy-blocked (GAP 2/3/4) HIGH (BLOCKER before real-run) Confirmed RS4/Owner
RS2-G05 RISK-BYPASS residue: 18 un-ratified + 142 SOURCE_NOT_READ + Đ35 health unverified + documentary conflict HIGH (audit/authority) Advanced — both mechanisms live-contained; residue isolated RS2B
RS2-G06 fn_apr_quorum_check NULL-mapping fail-open (approval-transition gate) HIGH Confirmed live (apply-leg fail-closed limits blast radius) RS2B
RS2-G07 approval_requests.action DEFAULT 'add' (H-OPT-2 never applied) MEDIUM Confirmed live RS2B/Owner
RS2-G08 Validator N07/N12/N16/N22 open HIGH Confirmed (mechanics present in rev2) RS-Validator
RS2-G09 No registration transaction atomicity / rollback proof (HOLD-2 analog) HIGH Confirmed RS5
RS2-G10 Transient-GUC bypass unprovable (app.canonical_writer session GUC) MEDIUM Confirmed live RS4
RS2-G11 Đ35 PRODUCTION READINESS FAIL not re-verified (14 health checks) MEDIUM Carried RS2B
RS2-G12 Reuse of existing registration primitives not proven HIGH Confirmed (plausible-but-unproven) RS5
RS2-G13 DOT_GOVERNANCE_DOT_ADMISSION necessity unproven DEFER Held (after reuse exhausted)

14. NEXT MACRO RECOMMENDATION

Single next design macro: RS3 — TRUSTED-SNAPSHOT-AND-OWNER-RESOLVER-DESIGN (read-only / KB-design, acceptance-criteria only; 60–90 min; one coherent macro; not a mega-system).

Deciding blocker: Owner-of-record (RS2-G02) is the upstream single-sufficient blocker. governance_object_ownership=0 gates registration, real-run, and the ratification of the 18/142 RISK-BYPASS residue (which needs owner/president votes per doc 02/11). The owner-reference resolver is also the prerequisite for closing N07 (validator can't bind authority without it). Paired with the trusted-snapshot provider (RS2-G03, the second single-sufficient blocker, also N07), these two interfaces unblock the most downstream work (registration authority + real-run safety + RS-Validator N07). RS3 reconstructs the trust inputs the registration transaction consumes — the natural step after RS2 fixed the transaction shape.

Why not the others (routed, not chosen): RISK-BYPASS residue closure + Đ35 health re-verify (RS2B) is real and important, but the residue is medium/high audit (not single-sufficient for registration) and its ratification itself needs the Owner that RS3 establishes — so RS3 is upstream. RS-Validator (N07/N12/N16/N22) depends on RS3's resolver/snapshot criteria for N07. RS4 (manual-path hardening) and RS5 (registration txn/rollback) sit downstream of an established owner + snapshot. Sequence: Codex reviews RS2 → one consolidated Owner decision → RS3 → (RS2B ‖ RS-Validator) → RS4 → RS5 → REGISTRATION PACKAGE. No five-small-tasks list is returned; RS3 is the one macro.

15. MUST-NOT-DO CONFIRMATION

This macro did none of the forbidden actions: no runtime mutation; no DDL/DML; no manual SQL; no psql; no docker exec psql; no Directus generic create/update/delete; no register/wire/run of DOT_R2_B2_STAGING_SCHEMA_SHELL; no r2_b2_wb_* schema; no Macro-9A; no Macro-9C; no B2 producer build; no authoring/designing/registering DOT_GOVERNANCE_DOT_ADMISSION; no new registry/table/collection; no validator patch; no Đ32/Đ35 patch; no gate flip; no APR created/approved; no dot_tools/law_dot_enforcement/dot_config/governance_object_ownership write; no Owner authority claim; no /laws/ used to override laws-new/newlaws (it was read only as enacted provenance); no whole-system survey (bounded to the registration-substrate slice + the approval-gate chain). RISK-BYPASS was not cleared on RS2's own authority (mechanism-contained candidate recorded; ratification left to Codex/Owner); the 18 and 142 were not merged; engineering/coverage/live-containment PASS was not treated as authority PASS; KB admission was not treated as runtime registration. The only write is this KB report (new path; RS1/PATCH1/Codex untouched).

16. STOP STATE

READY_FOR_CODEX_REVIEW (primary). Contributing held properties (all keep registration closed; none blocks producing this packet): HOLD_REGISTRATION_PATH_UNPROVEN, HOLD_OWNER_AUTHORITY_MISSING, HOLD_SNAPSHOT_SOURCE_UNTRUSTED, HOLD_MANUAL_PATH_OPEN, HOLD_EXECUTOR, HOLD_ROLLBACK, HOLD_VALIDATOR_HARDENING_OPEN, HOLD_REUSE_NOT_PROVEN, HOLD_TRANSIENT_GUC_UNPROVEN, and RISK-BYPASS sub-state RISK_BYPASS_MECHANISM_CONTAINED_LIVE_CONFIRMED · RESIDUE_OPEN · DOCUMENTARY_CONFLICT_PENDING_RATIFICATION. No REJECT_FAIL_OPEN (§5: the runtime is fail-closed; both bypass mechanisms gated; the one approval-gate NULL fail-open is a known integrity defect that cannot produce an applied write). No SOURCE_NOT_READ_BLOCKER for the macro (the gate, RS1, PATCH1, laws-new, handbooks, 9B package, trio, RISK-BYPASS cluster, Đ32/Đ35 notes were all read); two bounded SOURCE_NOT_READ items are recorded and not used as proof — the 142 orchestrator-s142b primary sanctioning source, and Claude "Macro-AB". No NO_LIVE_READ — RS2 performed fresh read-only runtime reads (this is RS2's distinctive contribution over Codex).

Exit rule honoured: RS2 concludes only that the reconciliation + proof-obligation design is ready for Codex and that registration remains HELD. It does not conclude that registration or runtime is authorized. Codex reviews this RS2 packet; one consolidated Owner decision is requested only afterward.

17. SELF-CHECK

  1. Codex RS1/PATCH1 review read? YES (rev1, full — the governing gate).
  2. RS1 + PATCH1 read? YES (RS1 rev1/46040 full; PATCH1 rev1/23725 full).
  3. 18/142 split kept? YES (§5 #6/#7, §6; live counts 18 + 142; never merged).
  4. Contained vs cleared distinguished? YES (§2/§5: mechanisms CONTAINED_WITH_RESIDUE / CLEARED_CANDIDATE; overall not cleared; Codex C7).
  5. Integrity defect vs proven live bypass distinguished? YES (§5 #4/#5 INTEGRITY_DEFECT_NOT_PROVEN_BYPASS; apply-leg fail-closed).
  6. RS1-reported runtime vs RS2 live read distinguished? YES (§4 provenance labels; RS2_LIVE_READ vs RS1_REPORTED vs CODEX_REPORTED).
  7. Registration HOLD kept? YES (§2 REGISTRATION_CAN_PROCEED=NO; ≥3 single-sufficient blockers).
  8. DOT_GOVERNANCE_DOT_ADMISSION DEFER kept? YES (§12).
  9. Proposed implementation / patch / runtime write? NO (criteria/proof-obligations only; §15).
  10. Proof obligations made explicit? YES (§9, 19 obligations).
  11. Owner-resolver acceptance criteria? YES (§10A).
  12. Trusted-snapshot acceptance criteria? YES (§10B).
  13. Transaction map present? YES (§8, 14 steps + boundaries).
  14. Rollback / postcondition proof matrix present? YES (§8 steps 8/11 + §9 #7/#8/#15/#16).
  15. Single next macro chosen? YES (§14, RS3; not a five-task list).
  16. LEGO / no-mega-system kept? YES (slice-bounded; DEFER governance_dot_admission; no mega-registry/graph/pipeline).
  17. DOT-only kept? YES (§10C; no manual SQL/psql/Directus generic; PG/schema/Directus = DOT-only).
  18. Runtime mutation? NONE (read-only query_pg only; §1).
  19. /laws/ used to override laws-new/newlaws? NO (read as enacted provenance only).
  20. Output written to a new path (RS1/PATCH1/Codex not overwritten)? YES.

End of Macro-RS2 packet. Read-only · non-enacting · non-authorizing · not technical design · not implementation. Engineering/coverage/live-containment PASS ≠ Owner authority PASS. KB admission ≠ runtime registration. Default = HOLD. Next: Codex reviews this RS2 packet → one consolidated Owner decision → RS3 (Trusted-Snapshot + Owner-Reference Resolver, read-only/KB-design).

Back to Knowledge Hub knowledge/dev/laws-new/reports/macro-rs2-registration-path-authority-trust-reconciliation-and-proof-obligation-design-2026-06-20.md