RS-TKT-0A-PATCH1 · 00 Codex Blocker Closure Map
RS-TKT-0A-PATCH1 · 00 — Codex Blocker Closure Map
Lane: RS-TKT-0A-PATCH1 — close Codex blockers against RS-TKT-0A
Path: knowledge/dev/laws-new/tool-kiem-thu-lego/patch1/00-codex-blocker-closure-map-2026-06-21.md
Date: 2026-06-21
Verdict (rollup): RS_TKT_0A_PATCH1_READY_FOR_GPT_REVIEW (see 08-final-patch1-report-…)
Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 runtime mutations (KB design-doc writes only)
Authority: NON_AUTHORITY · may_gate=false · decision_effect=NONE · survey/design-patch only
0. What this patch is
Codex verdict on RS-TKT-0A was NEED_RS_TKT_0A_PATCH1 (knowledge/current-state/reports/codex-review-rs-tkt-0a-tool-kiem-thu-lego-survey-conversion-plan-2026-06-21.md, rev 1, read in full). PATCH1 is a narrow additive correction that closes exactly the seven required corrections P1–P7. It opens no new scope, opens no Phase 1, builds no tool, and mutates nothing runtime/production/registration. REGISTRATION_HOLD stays active; CAN_PROCEED = NO stays.
1. Codex findings being closed
Codex listed 4 blockers before Phase 1 and 5 carry-forward caveats:
- Blockers: (1) bad-output detector treats nonzero exit as erasing emitted dangerous output [P1]; (2)
TKT-L3-GOVERNANCEis multi-concern [P2]; (3) DRAFT laws-new sources mislabeled as binding authority [P3]; (4) L1/Phase-4 execution boundary ambiguous [P4]. - Caveats: MCB-1 (RS5B no external Codex review) → [P6]; MCB-2 (two NVSZ taxonomies) + MCB-3 (ledger filename) → [P5]; MCB-5 (no NVSZ root) blocks Phase 3 not Phase 1 → recorded in [P5]; MCB-6 (no single enacted laws-new architecture doc) → [P3].
- Codex also required [P7] dependency/output consistency (L2 depends on L0+L1; consistent N/A; aggregate ≠ authority/gating).
Codex accepted: authority boundary strong; NVSZ safe to retain (not REJECT_NVSZ_UNSAFE); no runtime authority overclaim (so PATCH1, not REJECT_AUTHORITY_OVERCLAIM). Runtime non-mutation accepted only as package attestation, not live Codex proof.
2. Closure map (P1–P7)
| Codex item | Severity | Patch doc | Status (design-level) | Closes |
|---|---|---|---|---|
| P1 fail-open bad-output contract | BLOCKER | 01-fail-closed-forbidden-output-contract-patch |
CLOSED | conjunctive invalid_input_safe; structured event/artifact detection; BAD-FC-001..005; corrected self-check |
| P2 split L3 into one-concern bricks | BLOCKER | 02-l3-lego-boundary-split-patch |
CLOSED | 4 bricks (AUTHORITY-FIREWALL / CLAIM-AUDIT / IDENTITY / NVSZ) + aggregate |
| P3 correct source authority labels | BLOCKER | 03-source-authority-status-hierarchy-patch |
CLOSED (MCB-6 stays open) | Tier-1/2/3 hierarchy; "controlling design inputs," not "binding enacted law" |
| P4 L1 vs Phase-4 execution boundary | BLOCKER | 04-l1-vs-phase4-execution-boundary-patch |
CLOSED | L1 = recipe-on-inert-fixtures only; HOLD_RUNTIME_SURFACE_REQUIRED |
| P5 NVSZ deterministic identifiers | caveat→required | 05-nvsz-taxonomy-and-ledger-normalization-patch |
CLOSED (MCB-2/3 close pre-Phase-1; MCB-5 → Phase 3) | ESCROW_E*/ROOT_E* namespaces; canonical hash_manifest.sha256; legacy normalize-before-pin |
| P6 RS5A/RS5B provenance split | caveat→required | 06-rs5a-rs5b-profile-provenance-split-patch |
CLOSED | CODEX_CAUGHT_RS5A vs SELF_REPORTED_RS5B_DRAFT; per-rule provenance metadata |
| P7 dependency/output consistency | required | 07-level-dependency-and-output-consistency-patch |
CLOSED | L0→L1→L2→L3 chain; consistent N/A; 5 separated status fields |
3. No-overwrite discipline (how PATCH1 corrects without editing prior files)
Consistent with the laws-new RS-patch convention (each patch is additive; prior files stay at revision 1 for audit) and with RS-TKT-0A's own TKT-RS-PKG-004 (no overwrite of a prior package), no prior numbered deliverable (00–08) was edited. All nine remain revision 1. PATCH1 corrects by additive supersession clauses. The only existing file touched is the navigation index.md (additive PATCH1 pointer appended; navigation index, not a sealed packet artifact).
Supersession table (prior clause → superseding patch doc)
| Prior file · clause | Superseded by | Effect |
|---|---|---|
04 §0 global "Detector-correctness rule: a PASS/seal/cert token counts as emitted only when the producing process exits 0"; echoed in 04 TKT-L2-FAIL-CLOSED, 06 global, 08 §8a-5 / §8b-Q1 |
patch1/01 |
exit==0 is necessary not sufficient; forbidden token/artifact = FAIL regardless of exit (conjunctive) |
04 §A TKT-L3-GOVERNANCE single block; 03 §3 table row L3; 06 Group references to L3 |
patch1/02 |
L3 = aggregate of 4 one-concern bricks |
02 §0/§1 "laws-new SSOT … binding"; 00 "SSOT (binding)"; 08 §10 Q1 "current and binding" |
patch1/03 |
DRAFT = "controlling design inputs within the laws-new planning workspace, subject to Owner/Codex acceptance" |
03 §3 "clean-room rerun"; 04 TKT-L1-PACKET "clean-room reconstruct … rerun"; 07 Phase 2/4 boundary |
patch1/04 |
L1 runs only the TKT reconstruction/verifier recipe on inert packet fixtures; subject-under-test runtime ⇒ Phase 4 |
05 §1.2 bare numeric escrow taxonomy; 05 §2 "accept either and warn"; MCB-3 handling |
patch1/05 |
namespaced exit codes; one canonical ledger filename; normalize-before-pin |
06 mixed RS5A/RS5B profile; generic "RS-series" labeling of 84/86 + Q-order |
patch1/06 |
provenance split; RS5A-specific not generic |
04 TKT-L2-FAIL-CLOSED "dependencies: TKT-L0-FILE"; 03 level model dependency; 08 status semantics |
patch1/07 |
L2 depends on L0 and L1; consistent N/A; aggregate ≠ authority |
4. Scope guard (what PATCH1 does NOT do)
Does not open Phase 1; does not build runtime/Python/shell/DOT; does not create validator/registrar/Owner/scope/APR/register_dot; does not mutate PG/Directus/registry/system_issues; does not clear REGISTRATION_HOLD; does not set CAN_PROCEED=YES; does not claim semantic Text-as-Code / implementation / runtime / production PASS; does not reopen the 433-doc survey; adds no scope beyond P1–P7.
5. Next step
GPT review of PATCH1 → one independent read-only Codex re-review. On acceptance, the only authorized next step is Open Phase 1 — TKT Base design package (design-only), still under REGISTRATION_HOLD.