FIX7 Authority-Seal Encoder Spec (N7 / N8 / P7) — executable, byte-exact

• Date: 2026-06-10 · Lane: FIX7_AUTHORITY_SEAL_CONTRACT_EXECUTABLE_MACRO_2026_06_10
• Authority of THIS doc: provisional-non-authority engineering contract. It defines HOW Codex authors N7/N8/P7 deterministically. It does not approve, seal, or fabricate any authority value. No self-seal.
• Executable: authority_seal_encoder.py (sha256 47200442f176b1c534f000c4079632f6388b17dd1763bdbac2cbb725a452b5bb); machine mirror authority-seal-encoder-spec.json (sha256 f1c499270923c65c56783196b411ad6cacfe1188be0c531fabdd05a7795ef5eb).
• Closes Codex AS-P1 (N7 encoder), AS-P2 (acyclic DAG), AS-P3 (N8 contract), AS-P4 (P7 artifact). Codex report: knowledge/dev/reports/architecture/codex-fix7-authority-seal-approval-lane-2026-06-10/00-readme-first.md.

0. Why this exists

Codex rejected the prior closure packet (CODEX_FIX7_AUTHORITY_REJECT) because the authority-seal layer was prose-only: no executable N7 encoder, an N7↔N8 dependency cycle in the wording, and no byte-exact N8/P7 contract. Authoring a seal would have forced Codex to invent fields, order, and encoding — prohibited by Article 14. This spec removes that gap: every N7/N8/P7 value is now computable/verifiable by a finite, deterministic, fail-closed procedure.

1. Grammar (identical to the canonicalizer — no new encoding)

The encoder copies the canonicalizer rev3 grammar byte-for-byte (proven by cross-tool equality of rec, digest, and FORBIDDEN_BYTES):

FORBIDDEN_BYTES = {0x09 TAB, 0x0A LF, 0x0D CR, 0x00 NUL, 0x5C backslash}
rec(*fields)    = ("\t".join(fields) + "\n").encode("utf-8")    # rejects TAB/LF/forbidden byte in any field
digest(tag,recs)= sha256( (tag + "\n").encode() + b"".join(recs) )

Each seal node is encoded as: the node's domain tag, then one rec(field_name, field_value) per roster field in fixed roster order (NOT sorted), then digest. The field order is the encoding. UTF-8 throughout. No JSON ambiguity, no whitespace ambiguity.

2. Authority-seal DAG (acyclic) — AS-P2

Engineering edges N1..N8/N9 are copied verbatim from the canonicalizer EDGES; this authority layer adds only the P7 pin node:

N1 []                         per-doc normalized_active_content_sha256
N2 []                         canonicalizer_sha256  (rev3 49c386a9…b734d0)
N3 []                         marker_fence_registry_sha256
N4 []                         superseded_boundary_sha256
N5 []                         guard_set_sha256 (= N1 of doc 06)
N6 [N1]                       active_corpus_sha256
N7 [N2,N3,N4,N5,N6,N1]        envelope_manifest_sha256
N8 [N2,N5,N6,N7]              detached_seal_sha256       (depends on N7)
P7 [N2,N7,N8]                 authority_seal_pin_sha256  (depends on N7 and N8)

has_cycle(EDGES) → False (executable check). Seal order: engineering N1..N6 → N7 → N8 → P7. N7 never binds N8 or P7; N8 never binds P7. Any input that would create a back-edge is rejected SEAL_HASH_GRAPH_CYCLE. This corrects the prior A4 wording ("the N7 encoder then binds N8/P7") which had made N8 a parent and child of N7.

P7 dependency rationale (precede vs follow)

P7 is the final authoritative pin; it FOLLOWS N7 and N8 (P7 → N2,N7,N8). The candidate identity values it pins — canonicalizer rev3 path/revision/bytes/hash (= N2) and the Packet V3 tree — are leaf data inputs available throughout; they are not a node that depends on N7/N8, so there is no cycle. (Codex's note "normally P7/N2 → N7" refers to this candidate-input role, i.e. N2/rev3 identity is available before N7; it does not require the final pin to precede N7.) No node points back to P7 ⇒ acyclic.

3. N7 — envelope manifest (AS-P1)

• Domain tag: FIX7_ACTIVE_AUTHORITY_ENVELOPE_MANIFEST_V1
• Output field: envelope_manifest_sha256
• Fixed roster (order = encoding):

#	field	source	actor
1	schema_version	const FIX7-AUTHORITY-SEAL-V1	contract
2	node_id	const N7	contract
3	membership_sha256	N1 doc-set anchor (per-doc N1 bound transitively via N6)	engineering
4	canonicalizer_sha256	N2 (rev3)	engineering
5	marker_fence_registry_sha256	N3	engineering
6	superseded_boundary_sha256	N4	engineering
7	guard_set_sha256	N5	engineering
8	active_corpus_sha256	N6	engineering
9	approval_event_id	A1	Codex
10	approver_identity	A2	owner + Codex
11	approval_event_timestamp	A3	Codex
12	owner_blueprint_decision	A5	owner
13	approval_scope	const BLUEPRINT_SEAL_ONLY_NO_IMPLEMENTATION	contract

• Excluded (cycle guard): detached_seal_sha256 (N8), authority_seal_pin_sha256 (P7), self envelope_manifest_sha256. Presence ⇒ SEAL_HASH_GRAPH_CYCLE.
• Per-doc N1 digests are bound transitively because each active_corpus_sha256 (N6) record already carries the doc's normalized_active_content_sha256.

4. N8 — Codex detached seal (AS-P3)

• Domain tag: FIX7_CODEX_DETACHED_SEAL_V1
• Output field: detached_seal_sha256
• Fixed roster:

#	field	source	actor
1	schema_version	const	contract
2	node_id	const N8	contract
3	canonicalizer_sha256	N2	engineering
4	guard_set_sha256	N5	engineering
5	active_corpus_sha256	N6	engineering
6	envelope_manifest_sha256	N7 (dependency)	from §3
7	sealed_by	signer/authority identity	Codex
8	sealed_at	timestamp	Codex
9	parent_checkpoint	checkpoint document_id@revision	Codex
10	report_documents_digest	sub-digest, tag FIX7_CODEX_SEAL_REPORTS_V1 over sorted rec(document_id, revision)	Codex
11	seal_scope	const BLUEPRINT_SEAL_ONLY_NO_IMPLEMENTATION	contract

• Excluded (cycle guard): authority_seal_pin_sha256 (P7), self. N8 requires N7 (SEAL_INPUT_MISSING if absent).

5. P7 — authority seal pin (AS-P4)

• Domain tag: FIX7_AUTHORITY_SEAL_PIN_V1
• Output field: authority_seal_pin_sha256
• Nature: P7 is a seal document with a byte-exact digest (primary form), authored via seal_p7(). A prose-only pin is rejected SEAL_PROSE_ONLY_PIN_REJECTED. (Alternative enacted rule, if Codex prefers the checkpoint to be the pin: pin = codex_checkpoint_document at document_id@revision + its governed content SHA-256; that rule is byte-exact too, but the digest form below is the primary and is what the encoder computes.)
• Fixed roster:

#	field	value/source	actor
1	schema_version	const	contract
2	node_id	const P7	contract
3	pinned_canonicalizer_document_id	…/canonicalizer-fix7-canon-v1-ssot.md	engineering
4	pinned_canonicalizer_revision	3	engineering
5	pinned_canonicalizer_utf8_bytes	38756	engineering
6	pinned_canonicalizer_sha256	49c386a9…b734d0 (= N2)	engineering
7	pinned_packet_v3_tree_sha256	b95df0a5…ca6d	engineering
8	codex_report_document	report document_id@revision	Codex
9	codex_checkpoint_document	checkpoint document_id@revision	Codex
10	envelope_manifest_sha256	N7	from §3
11	detached_seal_sha256	N8	from §4
12	approval_event_id	A1	Codex
13	pin_scope	const CANDIDATE_TO_AUTHORITATIVE_PIN_BLUEPRINT_ONLY	contract

• verify_pin(expected, pairs) recomputes P7; any mutation of the pinned canonicalizer hash or Packet V3 tree changes the digest ⇒ verify FAIL.

6. Fail-closed status vocabulary

SEAL_UNKNOWN_NODE, SEAL_DOMAIN_TAG_MISMATCH, SEAL_HASH_GRAPH_CYCLE, SEAL_INPUT_MISSING, SEAL_INPUT_EXTRA, SEAL_INPUT_DUPLICATE, SEAL_FIELD_ORDER_MISMATCH, SEAL_CONSTANT_FIELD_MISMATCH, SEAL_FIELD_NOT_STRING, SEAL_FIELD_FORBIDDEN_BYTE, SEAL_FIELD_RESERVED_TOKEN, SEAL_PROSE_ONLY_PIN_REJECTED.

7. How Codex authors the seal (no invention required)

1. Obtain engineering digests N1(membership)/N2/N3/N4/N5/N6 from canonicalizer --produce (already candidate-computed in Packet V3).
2. Run the authorized approval event → fill A1/A2/A3/A5 → encode_node("N7", …) → envelope_manifest_sha256.
3. Fill Codex signer/timestamp/parent/report → encode_node("N8", …) → detached_seal_sha256.
4. Fill report/checkpoint/event id → seal_p7(…) → authority_seal_pin_sha256.

Every field name, order, tag, and byte rule is fixed above. Codex invents nothing.

8. Fixture digests (NOT a seal)

With FIXTURE authority inputs (--emit-fixture): N7 6225f265…459bfd, N8 b1f001b6…75aa73, P7 3599f663…a7d541. These prove the encoder RUNS and is DETERMINISTIC; they are not real authority values (real A1–A5 + Codex signer are owner/Codex inputs).