RS5A-PATCH2-05 — Decision Packet — 2026-06-21
RS5A-PATCH2-05 — Decision Packet — 2026-06-21
Macro: RS5A-PATCH2 · Deliverable: 05 of 6 · consolidated.
Verdict: RS5A_PATCH2_READY_FOR_CODEX_REVIEW (not forced)
Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 mutations
1. One-screen summary
| dimension | result |
|---|---|
| Verdict | RS5A_PATCH2_READY_FOR_CODEX_REVIEW |
| Scope | semantic-closure precision only (3 corrections); does NOT overwrite RS5A or PATCH1; does NOT reopen accepted RS4A/PATCH2 identity, U3, handler, bootstrap, or prerequisite-graph semantics |
| Residual 1 — scope taxonomy contradiction | CLOSED — post-registration "deferrable" bucket deleted; 8 hard pre-runtime prerequisite + 1 approval/quorum + 1 post-registration-capable activation; replay/audit are hard pre-runtime; activation is the only post-registration-capable scope ([[rs5a-patch2-02]]) |
| Residual 2 — GOV-COUNCIL canonical principal identity | CLOSED — canonical principal/role-slot/voting-body contract; president via authoritative ref (no text-match); distinct canonical council principals; no alias/delegation double-count; self-declared council and free-text president rejected; design-only, fail-closed ([[rs5a-patch2-03]]) |
| Residual 3 — test oracle alias/count | CLOSED — one canonical outcome per executable scenario; aliases documentation-only; 84 parent IDs / 86 executable scenarios ([[rs5a-patch2-04]]) |
| Registration gate | REGISTRATION_HOLD retained |
| Single next step | Codex reviews RS5A-PATCH2 → on accept, proceed to RS5B (G2 Owner-of-record execution-design / authorization-design), non-mutating |
2. Residual 1 — scope taxonomy (R1-taxonomy)
The taxonomy is now classified strictly by sequencing: 8 hard pre-runtime prerequisite scopes (DOT_REGISTRAR_CONTRACT, DOT_REGISTRATION_AUTHORITY, DOT_ARTIFACT_ADMISSION, DOT_HASH_CARRIER, DOT_HEAD_UNIQUENESS, DOT_STATUS_DOMAIN, DOT_REPLAY_SURFACE, DOT_AUDIT_SINK), 1 hard pre-runtime approval/quorum scope (DOT_APPROVAL_QUORUM_AUTHORITY), and 1 post-registration-capable activation scope (DOT_ACTIVATION_AUTHORITY). DOT_REPLAY_SURFACE and DOT_AUDIT_SINK MUST exist and pass before real register_dot. DOT_ACTIVATION_AUTHORITY is the only scope that may act after an inert draft registration. No phrase implies replay/audit can follow runtime registration.
3. Residual 2 — GOV-COUNCIL canonical principal identity (R3-canonical-principal)
The quorum identity contract now requires canonical_principal_id, canonical_role_slot (president / council_member), canonical_voting_body (GOV-COUNCIL), principal_resolution_ref, and delegation_ref/scope/effective_window/revocation. President resolves through an authoritative policy/reference (never approver text); council resolves to distinct canonical principals; one canonical principal counts at most once per APR; aliases/delegations of one principal cannot double-count; delegation must be active, scoped to DOT_APPROVAL_QUORUM_AUTHORITY, unrevoked, and time-valid; self-declared approver_type and free-text "president" are rejected. Nine canonical reject codes defined. The scope and the canonical-principal surface are both REQUIRED_NOT_PRESENT; everything fails closed; nothing is created.
4. Residual 3 — test oracle canonicalization (R5-oracle)
One canonical expected outcome per executable scenario: D07→REGISTER_DOT_RISK_TIER_MISMATCH; H03→STATUS_VALUE_OUT_OF_VOCABULARY; H07→SUCCESS_AUDIT_FORBIDDEN_BY_PHASE4_CONTRACT; I03→DRAFT_WRITE_EMITTED_ACTIVATION_NOTIFY; G02a→IDEMPOTENT_PRIOR_DECISION_RETRIEVAL; G02b→NONCE_REUSE_DIFFERENT_EFFECT; G02c→NONCE_REUSE_AUTHORIZATION_MISMATCH; G08→IDEMPOTENT_PRIOR_DECISION_RETRIEVAL. Aliases are documentation_alias_only. Count = 84 parent IDs / 86 executable scenarios. Suite remains DEFINED_NOT_EXECUTED.
5. Blockers & must-not-do
Carried unchanged: G2–G7 + STATUS_DOMAIN_NOT_DB_ENFORCED + U3_PARTIAL_UNIQUE_SURFACE_ABSENT + OWNER_MINT_PATH_FAIL_CLOSED + QUORUM_EFFECT_BINDING_INSUFFICIENT + QUORUM_APPROVER_IDENTITY_UNVERIFIED + BOOTSTRAP_AUTHORITY_UNRESOLVED + new CANONICAL_PRINCIPAL_SURFACE_REQUIRED_NOT_PRESENT. All must-not-do held; REGISTRATION_HOLD not cleared; no Owner/scope/principal-registry/APR/register_dot/approval/handler created; no DDL/DML; no activation.
6. Single next step
Codex reviews RS5A-PATCH2 (this package only). On ACCEPT_RS5A_PATCH2 → proceed to RS5B (G2 Owner-of-record execution-design / authorization-design), non-mutating, which must solve bootstrap authority and itself be authorized before any write. Further residual ⇒ RS5A-PATCH3.