RS5B-CLOSEOUT 02 — RS5B_CONTRACT_AS_CORRECTED_BY_PATCH1_PATCH2 — 2026-06-21

Scope: Job A — one consolidated contract view = RS5B original + PATCH1 + PATCH2 + Codex acceptances, at contract layer only. Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 mutations. This file states the single controlling reading. Where PATCH1/PATCH2 correct RS5B, the corrected text governs; the original rev-1 files are not mutated (see file 03 supersession map).

---

1. Bootstrap posture

• Model D-as-design over Model E-as-runtime. The chosen posture is "RS5B adopts D-as-design on top of E-as-runtime-posture." Model D (owner minted by a founding/bootstrap authorization packet with an explicit owner-designation scope) is PREFERRED for design (P1) only; execution deferred to a separately-authorized later lane (P2+). Model E (deferred no-owner HOLD until an authority path exists) is the active runtime posture now — the only safe runtime state is the default fail-closed HOLD (no owner ⇒ no register_dot), marker BOOTSTRAP_AUTHORITY_UNRESOLVED (safe).
• Models A (operator self-mint), B (GOV-DOT self-authorizes), C (approval authority used as registration authority) are rejected as authority sources: OPERATOR_NOT_OWNER / CALLER_SELF_ASSERTED_OWNER_REJECTED; self-authorization circularity; DOT_APPROVAL_QUORUM_AUTHORITY ↛ DOT_REGISTRATION_AUTHORITY forbidden implicit inheritance. B may be named as a candidate subject; C may approve as a check; neither originates ownership authority.

2. Authority source

• Constitution v4.6.3 + Chairman = design-level founding source; not runtime authorization by itself. A bootstrap loop of this shape "can only be broken by an authority that sits outside and above the substrate that is empty/blocked … that authority is promulgated law, not runtime state." The Constitution was promulgated (BAN HÀNH) by the Chairman, a human principal-of-record; the golden principle "AI proposes, does not self-promulgate" (Điều 39) means no agent/operator/validator may originate the founding authority.
• design-solved ≠ runtime-resolved. RS5B reaches design-solved (a legitimate, non-mutating, fail-closed path to the first owner is specified and achievable now). It deliberately does not reach runtime-resolved (the first accountable head actually existing in governance_object_ownership); that remains BOOTSTRAP_AUTHORITY_UNRESOLVED until a separately-authorized later lane executes the founding act under Chairman authorization. Acceptance-of-design ≠ authorization-to-execute. Approval-authority ≠ ownership. Engineering PASS ≠ authority PASS.

3. Authorization packet (13 elements — necessary-not-sufficient)

The 13 elements remain conjunctive (any one missing/unverifiable ⇒ the write is fail-closed):

1. authority source / founding-act reference (Constitution v4.6.3 + Chairman act) — reject BOOTSTRAP_AUTHORITY_UNRESOLVED.
2. exact scope being created/bound (one scope_code per row, no bundling) — reject OWNER_SCOPE_MISMATCH / scope REQUIRED_NOT_PRESENT.
3. candidate Owner identity (a real governance_registry head code; never free-text/operator/Directus) — reject FREE_TEXT_OWNER_REJECTED / OPERATOR_NOT_OWNER.
4. object being owned (object_type, object_ref) — reject AUTHORITY_BINDING_UNRESOLVED.
5. effect_identity / authorization intent — the business-only, pure effect digest bound inside the authorization_binding_digest (corrected by PATCH1/PATCH2; see §4–§5) — reject APPROVAL_NOT_BOUND_TO_EFFECT_IDENTITY / AUTHORIZATION_BINDING_MISSING_EFFECT.
6. artifact / hash references (canonical_artifact_hash + carrier) — reject ARTIFACT_HASH_CARRIER_UNPROVEN.
7. approval / quorum binding (if approval is used as a check) — reject QUORUM_NOT_SATISFIED / QUORUM_EFFECT_BINDING_MISSING.
8. canonical principal resolution (if approval is used) — reject PRESIDENT_ROLE_UNRESOLVED / COUNCIL_PRINCIPAL_UNRESOLVED / APPROVER_ALIAS_DOUBLE_COUNT / CANONICAL_PRINCIPAL_DOUBLE_COUNT.
9. rollback plan (per-block) — reject ROLLBACK_PLAN_ABSENT.
10. no-implicit-inheritance statement (explicit MUST_NOT_IMPLICIT_INHERIT per edge) — reject OWNER_SCOPE_MISMATCH.
11. time window / nonce / replay guard (if applicable; half-open [from,to)) — reject NONCE_ISSUER_NOT_AUTHORITY / AUTHORIZATION_WINDOW_EXPIRED.
12. read-only preflight result (all PASS; FAIL ⇒ STOP).
13. explicit final human/Owner (Chairman) authorization before write — a recorded, out-of-band Chairman authorization token, distinct from any GPT/Codex acceptance — reject G2_EXECUTION_REQUIRES_SEPARATE_AUTHORIZATION.

Item 13 is last and unconditional. No combination of 1–12 substitutes for the Chairman's explicit authorization. The packet is necessary-not-sufficient: satisfying it is required, but the final write still needs item 13. In present state every element is "no"/design-only/partial ⇒ the packet is far from satisfiable today; every write remains fail-closed.

4. effect_identity (business-only, pure)

Corrected controlling definition (PATCH2-02 §1 general formula):

effect_identity = H(
    protocol_version,              # versioned hashing/canonicalization contract
    canonical_operation,           # governed action/effect type for THIS act — NOT hardcoded
    canonical_target_object_type,  # generalized target type (e.g. "dot", "governance_scope", "owner_of_record")
    canonical_target_object_ref,   # the governed object reference within that type
    canonical_artifact_identity,   # canonical_path @ origin (symlink/.. resolved)
    canonical_artifact_hash        # trusted attested artifact hash (NEVER request_proposed)
)

• Pure / business-only. No authority, credential, or execution fields are hashed in: owner scope/head/policy, approval/quorum evidence, principal references, nonce/window, operator/session/host, timestamps, and founding_authority_ref are all excluded. This is the purity separation (authority-out-of-effect_identity), which is the correct separation — not "effect-out-of-binding."
• EFFECT_IDENTITY_IMPURE rejects any effect_identity computed with an authority/credential/execution field.

5. authorization_binding_digest (includes effect_identity)

Corrected controlling definition (PATCH1-02 §3):

authorization_binding_digest = H(
    protocol_version,
    effect_identity,                     # REQUIRED: binds authorization TO the exact effect
    canonical_owner_scope,
    canonical_owner_head_ref,
    canonical_authority_policy_ref,
    approval_mode,
    approval_evidence_ref,               # if approval is used
    quorum_evidence_ref,                 # if approval is used
    canonical_principal_resolution_refs, # if approval is used
    nonce_mode,
    authorization_nonce_ref,             # if nonce/replay is used
    authorization_nonce_issuer,
    authorization_window,
    artifact_hash_ref,
    u3_head_policy_ref,
    status_policy_ref,
    audit_policy_ref,
    founding_authority_ref               # REQUIRED for bootstrap owner designation
)

• The digest binds the pure effect_identity to the authorization envelope (owner scope/head/policy, approval/quorum/principal refs if used, nonce/window, artifact refs, U3/status/audit refs, founding_authority_ref).
• The digest does not enter U1; authority fields never contaminate business identity. Same effect under changed authority remains one effect and cannot mint a second registration.
• A digest that omits effect_identity ⇒ AUTHORIZATION_BINDING_MISSING_EFFECT (fail-closed).

6. Canonical operation

• register_dot is only one specialization. The register_dot-specific formula (RS4A-PATCH2-02 §1, operation="register_dot", canonical_target_object_type="dot", canonical_target_object_ref=canonical_target_dot_code) remains valid in its register_dot domain but must not be used as the general RS5B founding formula.
• Owner designation and scope creation require distinct operations. Founding owner-of-record designation MUST NOT be identified as register_dot; scope creation MUST NOT be identified as register_dot (WRONG_CANONICAL_OPERATION_FOR_EFFECT).
• Authority change ≠ new effect. A change in authority fields does not create a new effect; a new effect requires a change to canonical_operation or the business target (AUTHORITY_CHANGE_IS_NOT_NEW_EFFECT).
• Vocabulary absent ⇒ fail-closed. A governed canonical_operation vocabulary does not yet exist as runtime rows (KB search returns none; nearest live surface apr_action_types=14, register_dot absent, is related-but-distinct). When an act's governed canonical_operation cannot be resolved against a present governed vocabulary, the contract HOLDs: CANONICAL_OPERATION_VOCABULARY_REQUIRED_NOT_PRESENT — no default to register_dot, no invented row, no PASS. OP-BI-1..4 all fail closed.

7. BI oracle (effect/authorization-binding classifier)

• Discriminator: P ≡ ( effect_identity ∈ authorization_binding_digest input schema ).
• Layer 1 — BI-E6 digest-SHAPE (first). ¬P (effect omitted from the digest input schema) → AUTHORIZATION_BINDING_MISSING_EFFECT, STOP. Evaluated before any approval evidence is examined.
• Layer 2 — BI-E1 approval/evidence binding (only if Layer 1 passed). P (effect present) → BI-E6 cannot fire; check whether approval evidence is bound to that exact effect E. Failure → APPROVAL_NOT_BOUND_TO_EFFECT_IDENTITY.
• P and ¬P partition the entire input universe (exhaustive + mutually exclusive); no input matches both BI-E1 and BI-E6. R2 closed by construction.
• Secondary precedence: AUTHORIZATION_BINDING_MISSING_EFFECT < APPROVAL_NOT_BOUND_TO_EFFECT_IDENTITY (digest-shape strictly precedes approval-binding); exists only to keep the oracle total under a weaker overlapping-predicate reading.
• BI-E1 and BI-E4 safely share APPROVAL_NOT_BOUND_TO_EFFECT_IDENTITY — both Layer-2 approval-binding failures producing the same code; disjointness requires only that no single input yields two different codes.
• The oracle maps each input to exactly one of the closed set { AUTHORIZATION_BINDING_MISSING_EFFECT, APPROVAL_NOT_BOUND_TO_EFFECT_IDENTITY, ARTIFACT_HASH_MISMATCH, AUTHORIZATION_SCOPE_MISMATCH, EFFECT_IDENTITY_IMPURE, AUTHORITY_OVERCLAIM, BINDING_CHECK_PASS }.
• BINDING_CHECK_PASS is necessary-not-sufficient — passing the binding shape/evidence check does NOT authorize a write; REGISTRATION_HOLD and all carried blockers remain.

8. Caveats embedded in this contract

• Rollup revision typo: the PATCH2 rollup says "All revision 1," but PATCH2-06 decision packet is revision 2 (non-blocking metadata caveat; future summaries must quote AgentData metadata). → file 04 caveat C1.
• Contract-classifier only: "oracle is total" is accepted only for the explicitly defined contract classifier and its ordered predicates — not totality over arbitrary malformed serialization, missing runtime carriers, null values, parser failures, or implementation behavior. → C2.
• Design fixtures, not runtime tests: BI-E1..E7, OP-BI-1..4, and all pseudocode are design fixtures, not executed tests; PATCH2-03 pseudocode is design notation. → C3.

---

9. WHAT IS ACCEPTED (contract layer only)

1. Model D-as-design over Model E-as-runtime posture.
2. Constitution + Chairman as the non-circular founding-authority source at the design layer.
3. Future authorization packet (13 elements) remains necessary-not-sufficient, item 13 (Chairman) final and unconditional.
4. effect_identity = pure business effect (authority/credential/execution excluded).
5. authorization_binding_digest includes effect_identity and binds the pure effect to the authorization envelope.
6. canonical_operation replaces hardcoded register_dot in the general formula; register_dot is one specialization.
7. BI-E1/BI-E6 are disjoint in the declared classifier (Layer-1 shape before Layer-2 binding; one input → one code).

10. WHAT IS NOT ACCEPTED

• No runtime proof. No live runtime verification.
• No implementation.
• No Owner / scope / APR / register_dot / approval / handler created.
• No P2 execution. No Chairman execution.
• No canonical-operation runtime vocabulary creation (vocabulary remains REQUIRED_NOT_PRESENT).
• No RS-VALIDATOR.
• No registration. No activation.
• No REGISTRATION_CAN_PROCEED (REGISTRATION_HOLD retained; = NO).

This consolidated contract is a contract-layer reading, not an authorization to act. It changes no runtime state and resolves no carried blocker.