Incomex AI Portal
KB-326A rev 2

checkpoint-v02-self-codex-proof-2026-06-10.md

3 min read Revision 2
tool-kiem-thuv0.2-hardeningcontent-bindingnon-authority

Checkpoint — v0.2 Content-Binding Self-Codex Proof

Status: TKT_V02_SELF_CODEX_PROOF_REVIEW_READY NON_AUTHORITY · NOT_PROMOTED · Codex: NO · FIX7/V3 mutated: NO · Prod/PG/Directus/registry: NO Author: T2/Claude-Code/Fable5 · Date: 2026-06-10/11

What changed this macro

  1. Found 5 fail-opens in the as-shipped governed verifier (rev1) by direct adversarial probing: P3b (vacuous PASS), P4 (duplicate record), P7 (empty authority), P9 (active_bytes not load-bearing), P14 (dev oracle falsely claiming is_codex_seal=true → PASS + seal token).
  2. Fixed in-lane (src/content_bind_verify.py rev1 be2d609b… → rev2 3bdee7d2…): validate_schema() oracle gate + active_bytes made load-bearing; verifier selftest 8→14.
  3. Added content-binding/reconstruct_from_kb.py (cfdd45fc…): one-command bidirectional KB rebuilder (forward+backward+tree-pin), closing the Gate-2 "no reconstructor" finding and the P12b coverage gap.
  4. Re-published to KB (readback OK): verify.py rev2, reconstructor (new), regression summary rev2, README rev2, manifest rev3 (a6a9b314…), packet_tree rev2. New tree pin a6a9b314… (was f2f92d0e…).
  5. Re-proven on fresh governed reconstruction /tmp/sc-cb-final: reconstruct OK (fwd+bwd+tree+sut), RERUN DEV/STRICT/V3 all exit 0, probes 17/17, 0 fail-open.

Frozen pins

  • content-binding tree: a6a9b314… (manifest rev3)
  • verifier: 3bdee7d2… (rev2) · oracle.json: a331eb6c… (unchanged) · reconstructor: cfdd45fc…
  • baseline SUT: d9caa9fe… (intact) · dev-repro-packet tree: a205d0ca… (intact)

Gate scorecard

G1 governed files ✅ · G2 fresh reconstruct ✅ · G3 sequential exec ✅ · G4 direct probes ✅ · G5 fail-open rejection ✅ (after fix) · G6 oracle independence ✅ · G7 eng≠authority ✅ · G8 matrix ✅

Remaining blockers (authority/platform only)

  • V02-PB-CONTENT-BIND-PROMOTE — owner/Codex promote + autonomous-seal + re-pin oracle provenance DEV_FIXTURE_STATIC → CODEX_PINNED/OWNER_SEALED/MCP_BYTE.
  • V02-PB-PRODUCE-CONTENT — ENGINEERING-MITIGATED at dev level; authority content seal = Codex.
  • V02-PB-NVSZ-1 — NVSZ root unavailable; raw logs local/no-vector.

Next

Route content-binding tree a6a9b314… to owner/Codex for promotion ruling (R6b). No safe same-lane engineering remains.

TKT object numbering

Continues the v0.2 content-binding lane (prior macro birthed TKT-OBJ-172..181). This Self-Codex macro adds objects TKT-OBJ-201..207 (6 reports + checkpoint + reconstructor + hardened verifier rev2 as a re-pinned object); registry md/json to be bumped to the next rev by the governance update.

Back to Knowledge Hub knowledge/dev/laws/tool-kiem-thu/dev/v0.2-hardening/checkpoints/checkpoint-v02-self-codex-proof-2026-06-10.md