Incomex AI Portal
KB-3D0E

FIX7 Read/Report Pilot Design rev2 — Implementation Package DOT v0.1 (Article-14 adequacy, resolvable-but-insufficient counter-fixture, DESIGN ONLY, no command run, 2026-06-09)

13 min read Revision 1
tool-kiem-thufix7read-report-pilotrev2article-14recheck-8evidence-adequacycounter-fixturedesign-onlyno-run2026-06-09

FIX7 Read/Report Pilot Design (rev2)

Nature: a DESIGN for a read/report-only pilot demonstrating that the future Implementation Package DOT v0.1 can detect the Article-14 evidence-adequacy defect at read/report level — repaired after the Codex block, which found that rev1 only tested missing references (Fixture B) and could not catch the decisive Recheck-8 case where evidence documents resolve while the declared executable is missing / non-runnable / inadequately evidenced. Date: 2026-06-09 · Supersedes: designs/fix7-read-report-pilot-design-for-implementation-package-dot-v0-1-2026-06-09.md (rev1, readiness rejected). Status: FIX7_READ_REPORT_PILOT_DESIGN_REV2_READY_FOR_CODEX. Production mutation: NO. Read-only; file-report-only; no FIX7 resume; no canonicalizer run; no command; no selftest; no detector; no hash recomputation; no mutation; no denominator collapse; no sealed decision reopened. writes_performed: KB design docs only. Governing authority: the rev2 Gap-only Scope Spec designs/implementation-package-dot-v0-1-gap-only-scope-spec-rev2-2026-06-09.md (the §3 adequacy chain, §4 verdict model, §5 evidence classes, §6 claim matrix) over the sealed B/C/D/G/H and the Codex review's 12 fixes.

1. Final verdict + scope correction (Codex fix 4)

FIX7_READ_REPORT_PILOT_DESIGN_REV2_READY_FOR_CODEX.

Scope is explicitly narrowed and stated plainly: this pilot catches the evidence-presence / binding / adequacy half of the Recheck-8 / Article-14 class at read level — i.e. it detects when an executable claim is not backed by adequately-bound, right-kind, independent evidence. It does NOT prove the executable runs or is correct. Full Recheck-8 detection (proving the declared executable actually runs and reproduces its hash) requires the future, separately-sealed Call / Proof-of-run contract. The pilot never emits a positive "PASS"; for any dossier with execution-class claims it emits article14_status = ARTICLE14_NOT_PROVEN_EXECUTION_UNVERIFIED.

2. What the Recheck-8 / Article-14 class actually is (per the Codex review's facts)

Recheck-8 (per reviews/codex-review-...-2026-06-09.md §1): documents resolved and a selftest PASS was asserted, but the declared .py canonicalizer SSOT did not exist and the exact invocation exited 2. So "references resolve" was true while "the executable claim is proven" was false. The defect class CONSTITUTION_14_EXECUTABLE_CHECK_FAIL is therefore any of:

  1. an executable / canonicalizer SSOT is claimed but there is no ARTIFACT_IDENTITY_EVIDENCE + ARTIFACT_EXISTENCE_EVIDENCE that the artifact exists as a resolvable object (Recheck-8's core: the .py was absent);
  2. a selftest PASS / exit 0 is claimed but there is no accepted LOG_EVIDENCE / EXIT_CODE_EVIDENCE / RUN_LEDGER_EVIDENCE for a real run;
  3. a hash match is claimed but there is no HASH_EVIDENCE pinned to the artifact's identity (and v0.1 never recomputes);
  4. a command string exists but no Call Contract binds its identity / mode / inputs / exit-code semantics — the "ran safely" assertion is unbindable in v0.1;
  5. evidence is present but not bound to the claim (the resolved document is about something else, or the claim points at nothing specific);
  6. evidence is present but the wrong kind (a prose narrative cited as proof of a selftest run);
  7. evidence is present but self-referential (the only thing certifying the claim is the claim's own seal);
  8. evidence artifacts contradict (one says exit 0, another exit 2).

Why a read-only pilot is sufficient for the adequacy half (and only that half): each of 1–8 is a property of what evidence the dossier carries and whether it can prove the claim — a read/existence/kind/binding/independence operation. It is not a property of what happens when you run the executable. The pilot evaluates the §3 adequacy chain per claim — it asks "is there resolvable, right-kind, bound, independent, provenanced evidence for this claim?" — and never asks "does it run?" Running is the deferred run-half (Call Contract), strictly stronger and not performed here.

3. Pilot inputs (read-only)

  • KB list_documents / get_document (the FIX7 dossier's document_id + revision + blueprint_ref).
  • Read result surfaces only: v_kg_edges_all / universal_edges (reference resolution), v_dot_reconciliation_reliability, wf_fs_dot_bin_snapshot (artifact-existence mirror, read-only), dot_iu_command_run (run-ledger read).
  • No filesystem read of /opt/incomex/dot/bin (unreachable read-only; PG mirror is canonical-available). No execution of the FIX7 canonicalizer or any command. No hash recomputation.

4. Pilot checks (each maps a Recheck-8 reason → the §3 adequacy chain → a read-only verdict)

# Recheck-8 reason Read-only check (no run) — adequacy chain step Emitted per-claim verdict Spec rule
C1 executable / SSOT claimed, no existence evidence claim_type=executable_exists/canonicalizer_SSOT → required ARTIFACT_IDENTITY+EXISTENCE → does the artifact resolve on a named surface (KB doc / FS-mirror row / edge)? EVIDENCE_INSUFFICIENT (the .py-absent catch) §6 t1/t6, F6/F10
C2 selftest PASS / exit 0 claimed, no run evidence required LOG+EXIT_CODE(+RUN_LEDGER) → does an accepted run-evidence artifact resolve and bind to this claim? EVIDENCE_INSUFFICIENT §6 t3/t5, F4
C3 command string present, no Call Contract required Call-Contract reference → none exists in v0.1 → "ran safely" is unbindable BLOCKED_BY_NO_CALL_CONTRACT (+ DEFERRED: Call Contract) §19 carve-out
C4 prose-only PASS competing with missing executable evidence prose asserts success but no resolvable+capable evidence FLAG_PROSE_ONLY_PASS ⇒ FAIL (never re-assert) §4.2, F5
C5 evidence present but wrong kind / unbound capability step: is the resolved evidence the required kind and bound (subject/command/artifact identity match) to this claim? EVIDENCE_INSUFFICIENT §3 step 5, F10
C6 evidence present but self-referential independence step: is the only certifying evidence the claim's own seal? EVIDENCE_INSUFFICIENT §3 step 5, F10
C7 evidence artifacts contradict conflict step: do ≥2 evidence artifacts disagree (exit 0 vs exit 2)? EVIDENCE_CONFLICTING ⇒ FAIL §4.1, F11
C8 hash match claimed, no pinned hash evidence required HASH_EVIDENCE bound to artifact identity; v0.1 never recomputes EVIDENCE_INSUFFICIENT §6 t4, F4
C9 reference ambiguity / denominator-corpus ambiguity multi-match / undefined key / bare count / TAC-IU collapse EVIDENCE_INSUFFICIENT/FLAG_HARDCODED_DENOMINATOR/BLOCKED §7/§8/§13, F2/F3/F8

Whole-dossier rule: if any claim is execution-class, the pilot sets article14_status = ARTICLE14_NOT_PROVEN_EXECUTION_UNVERIFIED and the dossier final_verdict is at best UNVERIFIED — and READ_LEVEL_FAIL if any C1/C2/C4/C5/C6/C7/C8 fires. READ_LEVEL_ACCEPTABLE is structurally unavailable for any FIX7 dossier with execution claims. The pilot never upgrades anything to "ran / PASS".

5. Pilot output

Emits a read/report triplet under knowledge/dev/laws/tool-kiem-thu/: reports/fix7-read-report-pilot-<date>.md / .json / checkpoints/checkpoint-fix7-read-report-pilot-<date>.md.

  • report.md sections: header → final_verdict + article14_status → FIX7 dossier identity → claim/evidence adequacy inventory (the C1–C9 table per claim, with the §3 binding fields) → UNPARSED_REGION[] + claim_inventory_completeness → declared-artifact existence report → denominator ledger (provenance) → dual-corpus note (separate) → deferred carve-outs (the run-half + Call Contract) → writes_performed[] → cross-references.
  • report.json keys: as Gap-only Spec rev2 §10, plus fix7_recheck8_reasons[] (C1–C9 with per-reason verdict) and catches_article_14_adequacy_class: true and proves_execution: false (explicitly: the pilot proves the adequacy defect class, not that the executable runs).
  • Removed: catches_article_14_class:true (rev1) is replaced — it over-claimed full Recheck-8 coverage. EVIDENCE_PRESENT as a positive is removed; no READ_REPORT_PASS.

6. Demonstration fixtures (all read-only; design fixtures, not executed)

  • Fixture A — the real FIX7 Recheck-8 dossier. Contains executable + selftest + hash + exit-0 claims. Expected: every execution claim ⇒ EVIDENCE_INSUFFICIENT or BLOCKED_BY_NO_CALL_CONTRACT where evidence is missing/unbindable; article14_status = ARTICLE14_NOT_PROVEN_EXECUTION_UNVERIFIED; final_verdict = READ_LEVEL_FAIL (the declared .py SSOT does not resolve; C1 fires). The pilot never reports PASS or "ran".
  • Fixture B — stripped/synthetic dossier (references removed). Asserts "canonicalizer runs, selftest 22/22 PASS, exit 0, hash reproduced" with no evidence references at all. Expected: READ_LEVEL_FAIL with C1/C2/C4/C8 = EVIDENCE_INSUFFICIENT. (This is the only case rev1 tested.)
  • Fixture C — resolvable-but-insufficient/contradictory evidence (the NEW counter-fixture Codex required). Asserts the same successes and cites evidence documents that DO resolve — but those documents are prose-only narratives with no ARTIFACT_IDENTITY_EVIDENCE, no EXIT_CODE_EVIDENCE, no LOG_EVIDENCE, no HASH_EVIDENCE (or contain a RUN_LEDGER row whose command identity does not match the claim, or two records that contradict — exit 0 vs exit 2). Expected outcome: READ_LEVEL_FAIL + ARTICLE14_NOT_PROVEN_EXECUTION_UNVERIFIED via C5 (wrong kind / unbound), C6 (self-referential), and/or C7 (conflict). It must NOT be EVIDENCE_PRESENT, must NOT be ACCEPTABLE, must NOT be PASS. This is the case rev1 could not catch and is the decisive demonstration that the pilot distinguishes "a reference resolves" from "evidence proves the claim."

Fixtures are design fixtures described here, not built or executed in this design phase.

7. Hard prohibitions for the pilot (carried + tightened)

  • Does NOT run the canonicalizer, any command, any selftest, any detector. Does NOT recompute any hash. Does NOT resume FIX7 or alter any FIX7 document.
  • Does NOT emit a positive/PASS verdict; the strongest output for an execution claim is UNVERIFIED with article14_status = ARTICLE14_NOT_PROVEN_EXECUTION_UNVERIFIED. EVIDENCE_PRESENT is removed.
  • Does NOT write system_issues or mutate anything (capability enums §12 of the spec; any prohibited action ⇒ CONTRACT_VIOLATION ⇒ BLOCKED/exit 3).
  • Does NOT collapse denominators or join TAC/IU. Does NOT treat the claim extractor as complete (claim_inventory_completeness honestly reported).

8. Why this is sufficient for the adequacy class — and where it stops (statement for Codex)

The Article-14 adequacy class is a claim-without-adequate-evidence defect: a claim of execution unaccompanied by resolvable + right-kind + bound + independent + non-contradictory evidence. Detecting it is a pure read/existence/kind/binding/independence/conflict operation — Fixtures B and C demonstrate both the missing-reference and the resolvable-but-insufficient sub-cases, and both fail closed to READ_LEVEL_FAIL + ARTICLE14_NOT_PROVEN_EXECUTION_UNVERIFIED. The pilot stops there. Proving the declared executable actually runs and reproduces its hash (the other half of full Recheck-8) is the deferred run-half (Call / Proof-of-run contract) — strictly stronger than, and not performed by, this read-only pilot. The pilot's honesty is that it never claims more than the adequacy half: proves_execution:false is always present.

Cross-references

  • Gap-only Spec rev2: designs/implementation-package-dot-v0-1-gap-only-scope-spec-rev2-2026-06-09.{md,json} (§3 chain, §4 verdicts, §5 classes, §6 matrix)
  • Fix ledger: reports/codex-fix-ledger-gap-only-spec-rev2-2026-06-09.md (fix 4)
  • Acceptance matrix rev2: designs/acceptance-test-matrix-implementation-package-dot-v0-1-rev2-2026-06-09.md (tests #20/#21/#22)
  • Codex review: reviews/codex-review-gap-only-spec-fix7-pilot-mvp-readiness-2026-06-09.md (Gate 5, fix 4)
  • Superseded rev1: designs/fix7-read-report-pilot-design-for-implementation-package-dot-v0-1-2026-06-09.md
Back to Knowledge Hub knowledge/dev/laws/tool-kiem-thu/designs/fix7-read-report-pilot-design-rev2-for-implementation-package-dot-v0-1-2026-06-09.md