RS4A — Codex Review Packet (Registrar-Hardening Design, Source-Aware) — 2026-06-21

Requested verdict: RS4A_READY_FOR_CODEX_REVIEW Controlling finding (carried): SOURCE_CONFIRMS_UNSAFE_REGISTRAR_BEHAVIOR Replacement decision: REPLACE_FOR_GOVERNED_REGISTRATION + REJECT_CURRENT_REAL_RUN_PATH Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO Class: read-only design package; non-enacting; non-authorizing; no implementation; no runtime mutation. NOT a registrar PASS.

---

1. What changed since RS3C

RS3C recovered + hash-verified the source and reran the affected RS3B legs (ACCEPT_RS3C_AND_PROCEED_TO_REGISTRAR_HARDENING_DESIGN). RS4A consumes that source and produces the governance contract package Codex requested: a source-defect ledger, a registrar hardening target contract v0.2, a contract-vs-source delta matrix, a phase model with proof obligations, Owner/APR + Interface F + replay + sink contracts (v0.2), a trigger/gate closure, the replacement-vs-wrapper decision, an ≥80-case acceptance suite, and remaining-blocker sequencing. It is design-only.

New live verification this macro (Claude read-only query_pg, db directus, 2026-06-21):

• fn_context_pack_on_dot_register function body read live → notify is conditional (tier∈watch_tiers AND status='active'), SECURITY DEFINER; context_pack_dot_register_watch_tiers=["A","B","C"]; context_pack_mode='warn'; gates process_dot_runtime.real_run_enabled=false, iu_core.operator_runtime_enabled=false. This closes caveat P4 at the producer.
• governance_object_ownership=0; apr_action_types=14 codes, no register_dot (register-shaped codes all handler_ref='unimplemented'); quorum_passed/fn_apr_quorum_check exist.
• dot_tools: 309/291 active/81 NULL file_path; constraints = PK(id) + CHECKs + fk_dot_tools_domain only (no UNIQUE on code/file_path); 28 cols, no hash col.
• context_pack_manifest checksums are per-pack aggregate (no per-artifact carrier); wf_fs_dot_bin_snapshot UNIQUE(source_key,object_key) + no triggers; event_outbox only a BEFORE INSERT validate trigger (no immutability). G4/G6 confirmed live; G4 sharpened.

---

2. Carried precision corrections (P1–P5) — honored

• P1 — mirror hash = recorded same-day snapshot hash; not a Codex-live deployed attestation. Honored (RS4A-01 header, RS4A-06 hash taxonomy). Hash ≠ signature throughout.
• P2 — writer-set scoped to {dot-dot-register, dot-catalog-sync}. Honored (RS4A-01 §4).
• P3 — dedup framed fragile / fail-open-prone, not universal never-match. Honored (RS4A-01 D11).
• P4 — trigger notify conditional; this macro read the producer function body live and states the exact condition; the consumer body is left open (G7-consumer). Honored + advanced (RS4A-09).
• P5 — design-only; no implementation, no patch, no registration, no validator hardening. Honored (all files).

---

3. Design decisions for review

1. Replace, not wrap. The real-run write path is internally unsafe (mass-scan, status:"active", no txn, fail-open success, root-SSH/-k, no authority/hash). It offers no single-target atomic mode to wrap ⇒ REPLACE_FOR_GOVERNED_REGISTRATION + REJECT_CURRENT_REAL_RUN_PATH; only --dry-run scan/report and the pure classify_* helpers are safe residual reuses (RS4A-10).
2. Contract v0.2 = scalar single-artifact input, request_proposed/trusted_attested split, Owner + register_dot APR envelopes, Interface F hash binding, C1 three-identity replay, atomic Phase-3 inert write, paired post-commit verifier, durable failure audit, no-activation invariant (RS4A-02).
3. Everything fail-closed today: authority (owner=0, no register_dot), Interface F (no per-artifact carrier), replay (no fit surface), sink (no immutability). The contract specifies criteria; it does not satisfy them.
4. No mega-system: Owner envelope, Interface F, replay surface, audit sink are independent blocks, each born/tested/rolled-back separately, joined only by contract.

---

4. Remaining blockers

NF1 (unsafe registrar — addressed by the replacement contract); G2 Owner-of-record (deciding, live 0 rows); G3 register_dot action (live absent); G4 per-artifact hash carrier (live none); G5 fit replay surface (none); G6 immutable audit sink (none); G7 activation (fenced; G7-consumer open). G1 RESOLVED.

---

5. Requested next step

Review RS4A. On acceptance: the deciding next step is the G2 Owner-of-record decision (+ G3 register_dot action), which unblocks the per-block hardening designs (G4/G5/G6) and ultimately the governed-registrar implementation (only after Owner + gate + design acceptance). RS-VALIDATOR-HARDENING may start only after Codex accepts this contract; RS2B residue closure is sequenced after, not bundled. Do not open implementation or registration.

---

6. Self-check (must-not-do)

No runtime mutation, DDL/DML, DOT register/wire/run, schema/table/collection creation, APR create/approve, gate flip, validator patch, registrar patch, edit of dot-dot-register/dot-catalog-sync/source-law, allowlist patch, service restart, RISK-BYPASS clearance, 142/18 merge or sanction claim. Hash treated as integrity-not-signature; caller input not treated as authority; pure validator not treated as nonce owner; snapshot/QT001/manifest not promoted to trusted provider; attempt_id not allowed to bypass logical_request_key; consumed-state not expired by request staleness; RP-03 prose not substituted for source. PASS not forced; this is a design package, not a registrar PASS.

Requested verdict: RS4A_READY_FOR_CODEX_REVIEW · gate REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO.