RS-TKT-0A-PATCH2 · 00 Codex Re-Review Closure Map
RS-TKT-0A-PATCH2 · 00 — Codex Re-Review Closure Map
Lane: RS-TKT-0A-PATCH2 — close the remaining Codex re-review blockers against RS-TKT-0A-PATCH1
Path: knowledge/dev/laws-new/tool-kiem-thu-lego/patch2/00-codex-rereview-closure-map-2026-06-21.md
Date: 2026-06-21
Verdict (rollup): RS_TKT_0A_PATCH2_READY_FOR_GPT_REVIEW (see 04-final-patch2-report-…)
Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 runtime mutations (KB design-doc writes only)
Authority: NON_AUTHORITY · may_gate=false · decision_effect=NONE · design-doc-only
0. What this patch is
Codex re-review of RS-TKT-0A-PATCH1 returned:
REJECT_RS_TKT_0A_PATCH1_FAIL_CLOSED_UNRESOLVED
(knowledge/current-state/reports/codex-rereview-rs-tkt-0a-patch1-2026-06-21.md, rev 1, read in full.)
PATCH2 is a narrow additive correction that closes exactly the three remaining items Codex left open. It opens no new scope, opens no Phase 1, builds no tool, and mutates nothing runtime/production/registration. REGISTRATION_HOLD stays active; CAN_PROCEED = NO stays.
1. What Codex already confirmed CLOSED (not reopened here)
Codex's re-review explicitly accepted the following; PATCH2 does not touch any of them:
P2 — CLOSED (L3 split into 4 one-concern bricks)
P3 — CLOSED / caveat (Tier-1/2/3 source hierarchy; MCB-6 stays open)
P4 — CLOSED (L1 inert-fixtures only; HOLD_RUNTIME_SURFACE_REQUIRED)
P5 — CLOSED (ESCROW_E*/ROOT_E* namespaces; canonical hash_manifest.sha256)
NVSZ — SAFE (not REJECT_NVSZ_UNSAFE)
Authority boundary — SAFE
No runtime drift
No authority overclaim
The rejection was specifically fail-closed contract incompleteness, not authority overclaim and not runtime drift.
2. The three remaining Codex items being closed
P1 — Fail-closed forbidden-output contract still unresolved (BLOCKER).
P6 — profile_id enum/schema contradiction (profile_id=structural is outside the enum).
P7 — missing HOLD propagation and aggregate truth table; "four/five" field-count mismatch.
3. Closure map (P1 / P6 / P7)
| Codex item | Severity | Patch doc | Status (design-level) | Closes |
|---|---|---|---|---|
| P1 unstructured forbidden output still fail-open | BLOCKER | 01-p1-unstructured-forbidden-output-contract |
CLOSED | 6-conjunct invalid_input_safe; reserved grant-like token list; structured and unstructured detection; explicit safe-rejection context; full scan surface + HOLD_OUTPUT_SURFACE_UNAVAILABLE; detector order with exit-code last; BAD-FC-001..008 deterministic outcomes; final "bare PASS is forbidden" statement |
P6 profile_id=structural outside enum |
required | 02-p6-profile-id-schema-repair |
CLOSED | profile_id = provenance track only (CODEX_CAUGHT_RS5A / SELF_REPORTED_RS5B_DRAFT); structural/common/RS-specific moved to new scope_class; explicit no-auto-promotion rule |
| P7 HOLD propagation + aggregate table missing | required | 03-p7-status-propagation-and-aggregate-truth-table |
CLOSED | HOLD → higher levels N/A, aggregate HOLD, review_readiness=BLOCKED; aggregate priority FAIL > HOLD > PASS; five status fields named; full 10-row aggregate truth table; authority_effect=NONE, registration_effect=NONE on every row |
4. No-overwrite discipline (additive supersession only)
Consistent with the laws-new RS-patch convention (each patch is additive; prior files stay at revision 1 for audit) and with RS-TKT-0A's own TKT-RS-PKG-004 (no overwrite of a prior package), no prior numbered deliverable (RS-TKT-0A 00–08 or PATCH1 00–08) is edited. PATCH2 corrects by additive supersession clauses under patch2/. The only existing file touched is the navigation index.md (additive PATCH2 pointer appended; navigation index, not a sealed packet artifact).
Supersession table (prior clause → superseding PATCH2 doc)
| Prior clause | Superseded by | Effect |
|---|---|---|
PATCH1 01 §3 "a token only counts as a forbidden grant when carried by a GRANT event … or a forbidden artifact file"; §6 BAD-FC verdict labels (FAIL/safe reject) |
patch2/01 |
bare reserved grant-like token outside a valid structured envelope = malformed forbidden output → FAIL; structured absence never makes bare stdout safe; BAD-FC verdicts refined to deterministic outcome codes; BAD-FC-006/007/008 added |
PATCH1 06 §3 profile_id enum; §4 table assigning profile_id = structural to Groups A/B/G; validation_status token EXTERNALLY_CODEX_VALIDATED |
patch2/02 |
profile_id restricted to two provenance values; new scope_class carries `STRUCTURAL_COMMON |
PATCH1 07 §3 cumulative cap (FAIL-only); §4 review_readiness token READY; §7 "four orthogonal status fields" |
patch2/03 |
HOLD propagation added alongside FAIL; review_readiness token standardized to REVIEW_READY; field count corrected to five; deterministic aggregate truth table added |
PATCH1 corrections that Codex accepted (P2–P5, and the P1 conjunctive core) remain in force; PATCH2 only extends/repairs the three open seams.
5. Scope guard (what PATCH2 does NOT do)
Does not open Phase 1; does not build runtime/Python/shell/DOT; does not create validator/registrar/Owner/scope/APR/register_dot; does not mutate PG/Directus/registry/system_issues; does not clear REGISTRATION_HOLD; does not set CAN_PROCEED=YES; does not claim semantic Text-as-Code / implementation / runtime / production PASS; does not reopen P2–P5; does not re-run the 433-document survey; adds no scope beyond P1/P6/P7.
6. Next step
GPT review of PATCH2 → one independent read-only Codex re-review. On acceptance, the only authorized next step is Open Phase 1 — TKT Base design package (design-only), still under REGISTRATION_HOLD. PATCH2 does not authorize Phase 1 automatically.