RS5B-CLOSEOUT-PATCH2 07 — LEGO #1 Assembly Readiness Definition & Checklist — 2026-06-21

Scope: instruction §1 / §3.6 — define LEGO #1 Assembly Readiness and a checklist L1–L7, each item with a proof source · bad input that attacks it · expected rejection · status. Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 mutations (design-only).

1. Definition (exact)

LEGO #1 Assembly Ready means: the Gate A baseline is accepted enough to prepare a carrier-specific Gate B plan for the first named LEGO carrier.

It is a readiness-for-plan, not a readiness-to-write. It explicitly does NOT mean any of:

P2 open;
runtime write;
carrier created;
rollback executed;
registration;
activation;
real register_dot;
Chairman authorization exists.

The distinction is the whole point: assembly readiness says the baseline contract is coherent enough to draft a plan against; it says nothing about authority to act. Readiness-for-plan ≠ readiness-to-write (instruction §3.6; self-test Q25).

2. Readiness gate identity

The readiness seal is the conjunction of L1–L7 below. It composes with — does not replace — Gate A: passing L1–L7 yields LEGO1_ASSEMBLY_READY_FOR_GATE_A_BASELINE, which is necessary-not-sufficient for P2_BASELINE_ENTRY_DESIGN_ACCEPTED (Gate A) and itself authorizes nothing. If any Li fails, the readiness seal is withheld and the package would stop at RS5B_CLOSEOUT_PATCH2_HOLD_LEGO1_READINESS_UNDEFINED.

3. The checklist (L1–L7)

L1 — Identity ready

Requirement: the first LEGO carrier has a name, purpose, stable ID, version, and no runtime row (design-only identity).
Proof source: PATCH1-02 §2 (I1 stable identity), §3 per-carrier identity; PATCH1-03 §1 (carrier = producer node); this package file 02 (RBP-2 protects identity).
Bad input (attack): declare the carrier by minting a runtime row / real register_dot to "make the ID real."
Expected rejection: RUNTIME_MUTATION_REJECTED (RBP-0) / REGISTRATION_HOLD; identity is a design label, not a runtime row.
Status: READY — identity is design-level only; no runtime row exists or is authorized.

L2 — Edge ready

Requirement: for the carrier's dependency, the producer, consumer, reference field, dependency direction, destruction impact, and safe rollback rule are all explicit.
Proof source: PATCH1-03 §1–§2 (edges E1–E8, each with producer/consumer/reference field/destruction impact/safe rollback rule/post-rollback invariant/bad input); this package file 03 (precedence the edge bad-inputs map to).
Bad input (attack): assert "nothing references this carrier, so I can drop it" when an edge in fact references it.
Expected rejection: the explicit edge makes the claim checkable and false → ROLLBACK_ORPHANS_DEPENDENCY (RBP-3) or ROLLBACK_DELETES_REFERENCED_IDENTITY (RBP-2).
Status: READY — every edge has a named reference field, direction (producer → C2 / C2 → history), destruction impact, and safe rollback rule; no edge lacks a bad input.

L3 — Rollback ready

Requirement: I1–I10 satisfied, the RBP oracle PASS formula complete, and no destructive rollback can PASS.
Proof source: PATCH1-02 §2 (I1–I10); this package file 02 §2 (complete PASS formula ¬RBP0 ∧ … ∧ ¬RBP10) + §2.1 proofs (P-B1, P-B2, P-destructive); file 03 (precedence); file 05 (I5 covers C2).
Bad input (attack): submit a destructive-but-present rollback (delete a referenced identity / erase history / weaken authority / successor-but-not-fail-closed) and claim PASS by presence.
Expected rejection: the matching RBP-k (2/4/6/8) makes its ¬RBPk false ⇒ PASS impossible; emitted code is the earliest match.
Status: READY — PASS is the full conjunction; every destructive/forward-unsafe/authority-weakening plan is rejected before PASS (file 02 proofs; file 04 fixtures; file 09 self-review).

L4 — Test ready

Requirement: an XBI exists for deletion, orphan, history erasure, semantic mutation, authority weakening, unsafe successor, and non-local mutation — each single-input/single-code.
Proof source: this package file 04 §6 ledger — deletion (XBI-11/12/13A), orphan (XBI-14A), history erasure (XBI-13B/15), semantic mutation (XBI-14B/19B), authority weakening (XBI-16/27), unsafe successor (XBI-26), non-local mutation (XBI-19A).
Bad input (attack): a fixture that lists two expected outcomes (the PATCH1 XBI-13/14/19 defect) so an implementer could "choose" PASS.
Expected rejection: every fixture is single-input/single-code under the precedence (file 03); a two-outcome fixture is not admitted — it would stop the package at RS5B_CLOSEOUT_PATCH2_HOLD_XBI_NOT_SINGLE_CODE.
Status: READY — all seven attack classes are covered by single-coded fixtures.

L5 — Gate ready

Requirement: Gate A baseline only, Gate B named plan only — the two gates are distinct and the wording is non-contradictory.
Proof source: PATCH1-06 §2/§3 (distinct inputs/outputs, no "Gate A → P2 open" transition); this package file 06 (sealed wording; "Neither gate opens P2" forbidden).
Bad input (attack): treat a Gate A pass as a P2-open authorization, or read "satisfied Gate B" as opening all of P2 / authorizing registration.
Expected rejection: BASELINE_ACCEPTANCE_NOT_P2_OPEN_AUTHORIZATION (XBI-22); the sealed wording confines a satisfied Gate B to the named lane only, with no registration/activation/register_dot/P3/runtime.
Status: READY — gate roles and wording are sealed and single-valued.

L6 — Authority ready

Requirement: no authority inheritance, and a scoped Chairman token is required later (not now).
Proof source: PATCH1-05 §5 (DOT_APPROVAL_QUORUM_AUTHORITY ↛ DOT_REGISTRATION_AUTHORITY); PATCH1-06 §3 input 6 (exact-scoped Chairman token at Gate B); packet item 13.
Bad input (attack): present a generic Chairman token, or no token, and claim authority to open the lane / execute.
Expected rejection: CHAIRMAN_AUTHORIZATION_SCOPE_MISMATCH (XBI-24) for generic; G2_EXECUTION_REQUIRES_SEPARATE_AUTHORIZATION (XBI-23) for absent. No authority is inherited from approval/quorum into registration/activation.
Status: READY — authority is non-inheriting; the scoped Chairman token is a later Gate B requirement, not asserted to exist now.

L7 — Non-overclaim ready

Requirement: REGISTRATION_HOLD retained, CAN_PROCEED = NO, no runtime.
Proof source: every file of this package (gate line); file 10 decision packet §3/§5; the macro rollup §11.
Bad input (attack): clear REGISTRATION_HOLD / assert REGISTRATION_CAN_PROCEED / perform a DDL/DML "to demonstrate" readiness.
Expected rejection: no file clears the hold; RUNTIME_MUTATION_REJECTED (RBP-0) short-circuits any write; the readiness seal carries no runtime permission.
Status: READY — hold retained, CAN_PROCEED = NO, 0 mutations.

4. Readiness summary table

Item	Readiness	Proof source	Attack	Expected rejection	Status
L1	Identity	file 02 (RBP-2); PATCH1-02/03	mint runtime row for ID	`RUNTIME_MUTATION_REJECTED`	READY
L2	Edge	PATCH1-03 E1–E8; file 03	"nothing references it"	`ROLLBACK_ORPHANS_DEPENDENCY` / `…_DELETES_REFERENCED_IDENTITY`	READY
L3	Rollback	file 02 §2/§2.1; file 03; file 05	destructive-but-present plan	earliest RBP-k ⇒ PASS impossible	READY
L4	Test	file 04 §6 ledger	two-outcome fixture	not admitted / `…_HOLD_XBI_NOT_SINGLE_CODE`	READY
L5	Gate	PATCH1-06; file 06	Gate A → open P2	`BASELINE_ACCEPTANCE_NOT_P2_OPEN_AUTHORIZATION`	READY
L6	Authority	PATCH1-05/06; item 13	generic / absent Chairman token	`CHAIRMAN_AUTHORIZATION_SCOPE_MISMATCH` / `G2_EXECUTION_REQUIRES_SEPARATE_AUTHORIZATION`	READY
L7	Non-overclaim	all files; file 10	clear hold / DDL	hold retained / `RUNTIME_MUTATION_REJECTED`	READY

All seven READY ⇒ LEGO1_ASSEMBLY_READY_FOR_GATE_A_BASELINE (necessary-not-sufficient; authorizes nothing). Any one not-READY ⇒ withhold the seal and stop at RS5B_CLOSEOUT_PATCH2_HOLD_LEGO1_READINESS_UNDEFINED.

5. What "the first named LEGO carrier" is (and is not) here

The seal is defined generically over "the first named LEGO carrier" — it is the readiness criterion, not a selection of which carrier (C1…C7) goes first. No carrier is named, created, or selected by this package; naming the first carrier is part of preparing the Gate B plan (a later, separately-reviewed act). Defining the readiness criterion does not name or build a carrier (L1 attack/rejection).

6. Boundary attestation

This file defines a readiness criterion at design level. It creates no carrier, names no first carrier, opens no P2, executes no rollback, and clears no blocker. LEGO1_ASSEMBLY_READY_FOR_GATE_A_BASELINE is a design-review readiness label, not authority and not runtime permission. REGISTRATION_HOLD retained; REGISTRATION_CAN_PROCEED = NO; Job A not reopened.