KB-3EC6

RS-TKT-1 (Phase 1) · 05 TKT Base L3 Split Governance Contracts

6 min read Revision 1

tool-kiem-thulegolaws-newrs-tkt-1phase1-designl3-splitgovernance-contractsnon-authorizing2026-06-22

RS-TKT-1 (Phase 1) · 05 — TKT Base L3 Split Governance Contracts

Lane: RS-TKT-1 — Phase 1 TKT Base Design Package (design-only) Date: 2026-06-22 Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 runtime mutations (KB design-doc writes only) Authority: NON_AUTHORITY · may_gate=false · decision_effect=NONE · design-only

Inherits: RS-TKT-0A-PATCH1 02 (P2, Codex-CLOSED). L3 is the aggregate of four independent one-concern LEGO bricks, never a single combined block. Composition is only through the shared output schema (03 §3); no brick reads another brick's internals.

1. TKT-L3-AUTHORITY-FIREWALL

purpose          : refuse any authority/seal/gate/promotion claim; prove the packet self-describes as NON_AUTHORITY.
input contract   : packet self-description + any oracle/result docs claiming authority.
output contract  : shared schema; no_seal_emitted_under_any_input = true.
dependency       : L0+L1+L2 PASS.
bad input        : a dev fixture claiming a Codex/owner seal; a filename-only seal.
expected reject  : REFUSED — nonzero, no grant emitted (per 04 / PATCH2).
failure code     : L3_AUTH_CLAIM_REJECTED   (firewall F1–F9 family)
hold code        : HOLD_OUTPUT_SURFACE_UNAVAILABLE (cannot read the self-description / result docs)
out-of-scope     : report-claim recomputation (→ CLAIM-AUDIT); IDs (→ IDENTITY); NVSZ (→ NVSZ).
birth/test/change/rollback : born from old authority_firewall_policy · test = laundering attempt ⇒ REFUSED · change = firewall rule set only · rollback = discard (read-only).
authority_effect / registration_effect : NONE / NONE.

2. TKT-L3-CLAIM-AUDIT

purpose          : every load-bearing claim in reports maps to a real governed file/command/exit, recomputed against reality — not prose.
input contract   : the packet's reports + the governed files/hashes they cite.
output contract  : shared schema; all_claims_recomputed = true.
dependency       : L0+L1+L2 PASS.
bad input        : a cited hash that will not recompute; a prose-only PASS; a dangling pointer.
expected reject  : FAIL — claim cannot be reproduced from reality.
failure code     : L3_REPORT_CLAIM_UNVERIFIED
hold code        : HOLD_OUTPUT_SURFACE_UNAVAILABLE (cited files uncollectable)
out-of-scope     : authority claims (→ AUTHORITY-FIREWALL); ID collision; NVSZ.
birth/test/change/rollback : born from report_vs_file_audit_policy · test = inject a prose-only PASS ⇒ FAIL · change = audit check list · rollback = discard.
authority_effect / registration_effect : NONE / NONE.

3. TKT-L3-IDENTITY

purpose          : object IDs have no collision/orphan and are routed to ONE-ROOF (no new TKT registry).
input contract   : packet object IDs + one-roof registry refs (read-only).
output contract  : shared schema; orphan=0, collision=0, routed_to_one_roof=true.
dependency       : L0+L1+L2 PASS.
bad input        : an ID in an existing/reserved range; a born object with no one-roof entry; a NEW TKT registry proposed.
expected reject  : FAIL.
failure code     : L3_OBJECT_ID_COLLISION | L3_ORPHAN_OBJECT | L3_NEW_REGISTRY_PROPOSED
hold code        : HOLD_OUTPUT_SURFACE_UNAVAILABLE (one-roof refs unreadable)
out-of-scope     : authority; report audit; NVSZ.
birth/test/change/rollback : born from object_id_collision_policy (policy only; old reserved-range table retired) · test = inject a colliding ID ⇒ FAIL · change = collision predicate · rollback = discard.
authority_effect / registration_effect : NONE / NONE.

L3_NEW_REGISTRY_PROPOSED is the anti-mega-registry trip: proposing a TKT-owned registry is itself a finding (R-TKT-3).

4. TKT-L3-NVSZ

purpose          : every raw-evidence pointer has {hash, pointer, regeneration_command, determinism, nvsz_root}; no raw log in vector KB; byte-exact classes recompute; secrets quarantine; root designated_by ∈ {owner, operator} or designated=false.
input contract   : packet escrow records + KB-summary pointers.
output contract  : shared schema; nvsz_records_complete = true.
dependency       : L0+L1+L2 PASS.
bad input        : a raw log in vector KB; a pointer missing a field; an agent-designated root.
expected reject  : FAIL with the namespaced escrow code (07).
failure code     : L3_NVSZ_RECORD_INCOMPLETE  (+ ESCROW_E* from 07, e.g. ESCROW_E5 raw-log-in-vector-KB, ESCROW_E9 invented root)
hold code        : HOLD_OUTPUT_SURFACE_UNAVAILABLE (escrow records uncollectable)
out-of-scope     : authority; report audit; IDs.
birth/test/change/rollback : born from nvsz_no_vector_evidence_policy · test = inject a raw log into a KB path ⇒ FAIL (ESCROW_E5) · change = escrow schema · rollback = discard.
authority_effect / registration_effect : NONE / NONE.

5. L3 aggregate (binding)

L3_GOVERNANCE_CONSISTENCY_PASS =
      TKT-L3-AUTHORITY-FIREWALL PASS
  AND TKT-L3-CLAIM-AUDIT        PASS
  AND TKT-L3-IDENTITY           PASS
  AND TKT-L3-NVSZ               PASS

Combination by the same priority used everywhere (06): any sub-brick FAIL ⇒ L3 = FAIL; else any sub-brick HOLD ⇒ L3 = HOLD; only all-PASS ⇒ L3 = PASS. The four bricks are independent (no ordering between them) and may run in parallel. The aggregate is a thin combiner over the four records; no sub-brick may read another sub-brick's internals.

6. Anti-recombination clause (for self-validation `18`)

If any future revision recombines these four concerns into one block, reads another brick's internals, or lets one sub-brick's HOLD be silently absorbed, the design is REJECT_MEGA_SYSTEM_DRIFT. The split is load-bearing, not cosmetic.

7. Out of scope (whole L3 layer)

Semantic truth of content (L5), IU traceability (L4), release readiness (L6), runtime behaviour, and any authority/seal/gate effect.