Incomex AI Portal
KB-5C67

FIX7 Read/Report Pilot Design — Implementation Package DOT v0.1 (DESIGN ONLY, no command run, 2026-06-09)

10 min read Revision 1
tool-kiem-thufix7read-report-pilotimplementation-package-dotv0.1article-14constitution-14executable-evidencedesign-onlyno-run2026-06-09

FIX7 Read/Report Pilot Design — Implementation Package DOT v0.1

Nature: a DESIGN for a read/report-only pilot that demonstrates the future Implementation Package DOT v0.1 can catch the FIX7 Recheck-8 / Constitution Article-14 failure class — "prose claims an executable that does not actually run" — at the read/report level, by checking whether the dossier provides sufficient evidence for its executable claims. The pilot runs nothing: no canonicalizer, no command, no selftest, no detector, no hash recomputation. Date: 2026-06-09 Production mutation: NO. Read-only; file-report-only; no FIX7 resume; no execution; no mutation; no denominator collapse; no sealed decision reopened. Governing authority: Gap-only Scope Spec designs/implementation-package-dot-v0-1-gap-only-scope-spec-2026-06-09.md over Authority Contract v0.1 and the Codex seal (BCDGH_SEALED). Reuse Extraction Map cap #18 (FIX7 pilot readiness = class B, read/report-only composable from read surfaces).

1. Final verdict

FIX7_READ_REPORT_PILOT_DESIGN_READY_FOR_CODEX_CHECKPOINT

The pilot is fully designed at read/report level. It is sufficient to catch the Recheck-8 class because the Article-14 failure is, by definition, a prose↔evidence mismatch — a claim of execution unaccompanied by a resolvable evidence artifact — and that mismatch is detectable without running anything. The pilot's positive verdicts are explicitly NOT proof-of-run; the run-half is DEFERRED to the Call Contract.

2. What the Recheck-8 / Article-14 class actually is (so the pilot targets the right thing)

The FIX7 Recheck-8 Article-14 requirement is: a load-bearing claim must be backed by an executable SSOT that actually runs (e.g. the FIX7-CANON-V1 canonicalizer with --selftest reported PASS and exit 0, reproducing the membership hash f2bda8…fe251), and the SSOT must be non-self-referential (its own seal cannot be the only thing certifying it).

The failure class (CONSTITUTION_14_EXECUTABLE_CHECK_FAIL) is therefore any of:

  1. an executable is claimed but no artifact evidence is attached/resolvable;
  2. a selftest PASS is claimed but there is no evidence log / exit code / hash artifact;
  3. a command is referenced with no call contract (no identity/mode/inputs/exit-code semantics);
  4. a prose-only PASS competing with missing executable evidence;
  5. a missing command↔evidence binding (claim and evidence not tied to each other);
  6. path/reference ambiguity (the artifact a claim points to is ambiguous or multi-matched);
  7. denominator / reference / corpus ambiguity (a count or corpus cited without provenance, or a TAC/IU corpus collapsed).

Key insight that makes a read-only pilot sufficient: each of these is a property of what the dossier contains, not of what happens when you run it. The pilot reads the dossier and asks, per claim, "is there a resolvable evidence artifact for this?" — never "does it run?".

3. Pilot inputs (read-only)

  • FIX7 dossier: the FIX7 blueprint KB documents and their reports/checkpoints (Recheck-7→8 chain), read via KB list_documents/get_document (document_id + revision). Read-only.
  • Existence/graph surfaces (Gap-only Spec §4): KB list_documents/get_document, v_kg_edges_all (2259) / universal_edges (2199), v_dot_reconciliation_reliability, wf_fs_dot_bin_snapshot mirror — to resolve declared references read-only.
  • No filesystem read of /opt/incomex/dot/bin (unreachable read-only; PG mirror is canonical-available).
  • No execution of the FIX7 canonicalizer or any command.

4. Pilot checks (each maps a Recheck-8 reason → a read-only verdict)

For the FIX7 dossier, the pilot enumerates declared claims and emits a per-claim row. The mapping:

# Recheck-8 reason the pilot must flag Read-only check (no run) Emitted verdict when failing Maps to Spec rule
C1 Executable claimed but no artifact evidence Claim of executable_exists/command_run → is a referenced executable artifact resolvable (KB doc / FS-mirror row / edge)? EVIDENCE_ABSENTREAD_REPORT_FLAG §9 F4
C2 Selftest PASS claimed but no evidence log / exit code / hash Claim of selftest_pass/exit_code/hash_match → is a referenced evidence artifact (selftest log doc, exit-code record, pinned hash artifact) resolvable? EVIDENCE_ABSENTREAD_REPORT_FLAG §9 F4
C3 Command referenced without call contract Claim references a command/invocation → is a call-contract reference present? In v0.1 there is no sealed Call Contract, so any "this command ran safely" is unbindable EVIDENCE_ABSENT (+ DEFERRED: Call Contract carve-out) → READ_REPORT_FLAG §17 carve-out
C4 Prose-only PASS competing with missing executable evidence Prose asserts success but no resolvable evidence artifact READ_REPORT_FLAG (never re-assert the prose PASS) §9 F5
C5 Missing command↔evidence binding Claim and evidence both present but not tied (evidence artifact exists but is not the one the claim references, or the claim references nothing specific) AMBIGUOUS/EVIDENCE_ABSENTREAD_REPORT_FLAG §6.2 F4/F7
C6 Path / reference ambiguity Declared reference matches >1 surface/id or has an undefined match key AMBIGUOUSREAD_REPORT_FLAG §7 F7
C7 Denominator / reference / corpus ambiguity A cited count lacks provenance, or a TAC/IU corpus is collapsed/joined, or a single canonical DOT number appears READ_REPORT_FLAG/READ_REPORT_BLOCKED §8/§10/§11 F2/F3/F8

Positive (pass-at-read-level) path: when a FIX7 claim does reference a resolvable evidence artifact (e.g. the dossier attaches a selftest log document and a pinned hash artifact that resolve in the KB), the pilot emits EVIDENCE_PRESENT — always with is_proof_of_run:false. This honestly states "the dossier carries an evidence artifact for this claim" without asserting the canonicalizer actually ran in this session.

5. Pilot output

A read/report triplet under knowledge/dev/laws/tool-kiem-thu/:

  • reports/fix7-read-report-pilot-<date>.md
  • reports/fix7-read-report-pilot-<date>.json
  • checkpoints/checkpoint-fix7-read-report-pilot-<date>.md

report.md sections: header → verdict → FIX7 dossier identity (document_id + revision + blueprint_ref) → claim/evidence inventory (the C1–C7 table, per claim) → declared-artifact existence report → denominator ledger (any FIX7-cited counts, with provenance) → dual-corpus note (if FIX7 cites IU/TAC, reported separately) → unverified/stale → deferred carve-outs (the run-half + Call Contract) → cross-references.

report.json keys: as Gap-only Spec §5.3, plus fix7_recheck8_reasons[] (C1–C7 with per-reason verdict) and catches_article_14_class:true|false (true iff the pilot would flag a dossier missing executable evidence).

6. Demonstration design (two fixtures — both read-only)

To prove sufficiency without running anything, the pilot is designed to be exercised against two read-only fixtures:

  • Fixture A — the real FIX7 Recheck-8 dossier (positive read-level path). Expect a mix: claims with attached, resolvable evidence artifacts → EVIDENCE_PRESENT (not proof-of-run); any claim lacking a resolvable artifact → EVIDENCE_ABSENT/FLAG. The pilot never upgrades EVIDENCE_PRESENT to "ran/PASS".
  • Fixture B — a stripped/synthetic dossier (negative path, the catch demonstration). A dossier that asserts "canonicalizer runs, selftest 22/22 PASS, exit 0, hash reproduced" with the evidence artifacts removed/unreferenced. Expected: READ_REPORT_FLAG with C1/C2/C4 = EVIDENCE_ABSENT. This is the literal Article-14 catch at read/report level (matches Acceptance Test #20: FIX7 Recheck-8 sample → expected FAIL/FLAG).

Fixture B is a design fixture (described here), not built or executed in this design phase.

7. Hard prohibitions for the pilot (carried from the wall)

  • Does NOT run the canonicalizer, any command, any selftest, any detector.
  • Does NOT recompute the membership hash; it only checks whether a referenced hash artifact resolves.
  • Does NOT resume FIX7 or alter any FIX7 document.
  • Does NOT assert proof-of-run; strongest positive = EVIDENCE_PRESENT (is_proof_of_run:false).
  • Does NOT write system_issues or mutate anything.
  • Does NOT collapse denominators or join TAC/IU.

8. Why this is sufficient to catch Recheck 8 (statement for Codex)

The Article-14 class is a claim-without-evidence-artifact defect. Detecting it requires distinguishing "prose says it passed" from "a resolvable evidence artifact backs the claim" — a pure read/existence operation. The pilot performs exactly that distinction for all seven reasons (C1–C7) and fails closed to EVIDENCE_ABSENT/FLAG whenever an executable claim has no resolvable evidence artifact. Running the executable would additionally prove the artifact is correct, which is the deferred run-half (Call Contract) — strictly stronger than, and not required for, catching the Article-14 evidence-presence defect.

Cross-references

  • Gap-only Scope Spec: designs/implementation-package-dot-v0-1-gap-only-scope-spec-2026-06-09.{md,json}
  • Authority Contract: contracts/authority-contract-v0-1-2026-06-09.{md,json}
  • Codex seal: reviews/codex-seal-authority-matrix-bcdgh-2026-06-09.md
  • Reuse Extraction Map: reports/reuse-extraction-map-v0-1-2026-06-09.md (cap #18, §5.6, §8.1/§8.2)
  • Codex checkpoint packet: reviews/codex-checkpoint-packet-gap-only-spec-and-fix7-pilot-2026-06-09.md
  • Acceptance test matrix: designs/acceptance-test-matrix-implementation-package-dot-v0-1-2026-06-09.md (test #20)
Back to Knowledge Hub knowledge/dev/laws/tool-kiem-thu/designs/fix7-read-report-pilot-design-for-implementation-package-dot-v0-1-2026-06-09.md