Macro-RS5A-PATCH1 — Prerequisite/Sequencing Correction (rollup) — 2026-06-21

Opened after: Codex NEED_RS5A_PATCH1 (HOLD · SCOPE_DRIFT · OWNER_EXECUTION_DRIFT) on RS5A. Verdict: RS5A_PATCH1_READY_FOR_CODEX_REVIEW (not forced) · Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 mutations. Class: scoped correction addendum. Does NOT overwrite RS5A. Does NOT reopen accepted RS4A/PATCH1/PATCH2 identity semantics or RS5A's accepted points (§12).

1. Scope

Single scoped item (Codex §13): repair the G2 prerequisite & sequencing contract. Five required corrections R1–R5 + the §11 implicit-coupling caveat (R6), all closed.

2. Closures

• R1 — replay/audit "after registration": replaced. Artifact-hash, nonce/replay, failure-audit, U3, status-domain, effect-bound approval, authority-binding are hard runtime prerequisites. They may be DESIGNED after the G2 decision but must EXIST and PASS before any real register_dot admission; never after runtime registration. Four-phase graph P0→P3; 11 hard runtime prerequisites; CLOSED_FAIL_CLOSED.
• R2 — "Owner executes on accept": replaced with "proceed to a separate RS5B G2 execution-design / authorization-design step" (non-mutating). Acknowledged BOOTSTRAP_AUTHORITY_UNRESOLVED / OWNER_MINT_PATH_FAIL_CLOSED / G2_EXECUTION_REQUIRES_SEPARATE_AUTHORIZATION: no bound Owner today, assign_governance_owner unimplemented, so no entity may execute on accept. CLOSED.
• R3 — GOV-COUNCIL edge: explicit 10th scope DOT_APPROVAL_QUORUM_AUTHORITY (GOV-COUNCIL candidate head, approval authority only, owns no registration/admission/activation) + identity-binding contract replacing approver ILIKE '%president%'; no broad-approval inheritance; justified as narrow LEGO not mega-scope. CLOSED.
• R4 — handler ambiguity: dot-dot-register:governed withdrawn → DOT_REGISTER_GOVERNED_REPLACEMENT / dot-register-governed-replacement:v1, a new replacement identity that must not wrap/relabel/invoke/shell-out-to/reuse the rejected unsafe mass-scan path; allowed reuse = dry-run/classify-advisory/source-evidence/warning-map only. CLOSED.
• R5 — test oracles: D07→REGISTER_DOT_RISK_TIER_MISMATCH; H03→STATUS_VALUE_OUT_OF_VOCABULARY; H07→SUCCESS_AUDIT_FORBIDDEN_BY_PHASE4_CONTRACT; I03→DRAFT_WRITE_EMITTED_ACTIVATION_NOTIFY; G02→idempotent-retrieval (a) + NONCE_REUSE_DIFFERENT_EFFECT (b) + NONCE_REUSE_AUTHORIZATION_MISMATCH (c); G08→IDEMPOTENCY_BEHAVIOR_CASE. 84 enumerated, defined-not-executed, no renumber. CLOSED.
• R6 — implicit coupling: carrier dependency edges (approval/nonce/artifact/audit) made explicit per scope; no hidden broad-approval coupling. CLOSED.

3. Deliverables (10 files)

reports/rs5a-patch1/: index, 01-codex-rs5a-hold-closure-map, 02-hard-prerequisite-graph-before-register-dot, 03-bootstrap-authority-and-next-step-correction, 04-gov-council-approval-quorum-edge, 05-governed-registrar-replacement-handler-clarification, 06-negative-test-oracle-corrections, 07-rs5a-patch1-decision-packet, codex-review-packet-… — plus this reports/macro-rs5a-patch1-… rollup.

4. Carried blockers & must-not-do

G2–G7 + STATUS_DOMAIN_NOT_DB_ENFORCED + U3_PARTIAL_UNIQUE_SURFACE_ABSENT + OWNER_MINT_PATH_FAIL_CLOSED + QUORUM_EFFECT_BINDING_INSUFFICIENT + QUORUM_APPROVER_IDENTITY_UNVERIFIED + new BOOTSTRAP_AUTHORITY_UNRESOLVED. All 27 must-not-do held; REGISTRATION_HOLD not cleared.

5. Next step

Codex reviews RS5A-PATCH1 only → on accept, proceed to RS5B (G2 execution-design / authorization-design, non-mutating, bootstrap-solving, separately-authorized-before-write). Residual ⇒ RS5A-PATCH2.

Builds on / corrects [[project_laws_new_macro_rs5a_g2_owner_of_record_decision_2026_06_21]]; consumes accepted macro-rs4a-patch2-effect-identity-head-uniqueness-suite-id-reconciliation-2026-06-21.md (not reopened).