<!-- DOC_STATUS: ACTIVE_NON_AUTHORITY -->

Example (read-only) — FIX7 Real-N6 Engineering Candidate

Purpose: show the authority firewall at full strength — an engineering candidate that is real and verified, yet explicitly NOT a seal. Read-only pattern. This example does not touch FIX7 / N6 / N7 / N8 / P7 surfaces (T1-active).

Source (cited, not mutated)

knowledge/dev/reports/architecture/fix7-real-n6-provenance-under-tkt-v02-2026-06-11/ and the Codex recheck current-state. N6 d777e87c73d3b62d36789d9343f346102e98dbf301f2c93f7608470b876b258c is a RATIFIED_ENGINEERING_VERIFIED_CANDIDATE — not an official seal, not an official pin.

What it demonstrates for the base (L3 firewall)

The strongest possible engineering proof still does not confer authority:

• N6 was proven by fresh KB reconstruction of the corpus + materialized canonicalizer (d9caa9fe…, selftest 45/45) + --produce byte-identical to the pinned membership — load-bearing proof is the fresh recompute, not the on-record log.
• The provenance verifier emits a cert with authority=NOT_A_SEAL, creates no N7/N8/P7, and 27/27 adversarial probes fail closed (no PASS / no seal / no official digest).
• The encoder firewall stays SEAL_REAL_N6_NOT_AVAILABLE until real authority inputs exist.

This is firewall rules F5 (rehearsal/candidate cannot become authority) and F6 (candidate digest cannot become official — no self-derivation) in their natural habitat: the engineering half is complete, the authority half is owner/Codex-only and still MISSING.

The boundary it pins for TKT Base

A base packet can prove an artifact is real, reconstructed, and byte-exact, and can refuse every attempt to call that proof a seal. It cannot issue the seal.

Authority inputs that remain owner/Codex-only: A1 approval_event_id, A2 approver_identity, A3 approval_event_timestamp, A5 owner_blueprint_decision, owner OWN-1 decision, Codex N8 signer set, P7 authority IDs. ready_to_author=false. The base layer reports the candidate honestly and stops at the firewall — it does not author N7/N8/P7.