Incomex AI Portal
KB-29D4

FIX7 Authority-Seal rehearsal stdout.log (full self-Codex dry-run, exit 0)

15 min read Revision 1
tool-kiem-thufix7authority-sealrehearsalstdoutevidence2026-06-11

================================================================== STEP: selftest CMD : python3 authority_seal_encoder.py --selftest (cwd=/tmp/fix7-failopen/packet)

selftest :: python3 authority_seal_encoder.py --selftest

[PASS] DAG acyclic (N7,N8,P7) [PASS] injected N7->N8 edge detected as cycle [PASS] N7 encodes to 64-hex [PASS] N7 deterministic [PASS] N8 encodes (binds N7) to 64-hex [PASS] N8 deterministic [PASS] P7 seals (binds N7,N8) to 64-hex [PASS] P7 deterministic [PASS] missing field -> SEAL_INPUT_MISSING [PASS] extra field -> SEAL_INPUT_EXTRA [PASS] wrong order -> SEAL_FIELD_ORDER_MISMATCH [PASS] wrong domain tag -> SEAL_DOMAIN_TAG_MISMATCH [PASS] wrong dependency (N3 into N8) -> SEAL_INPUT_EXTRA [PASS] N7 binds N8 -> SEAL_HASH_GRAPH_CYCLE [PASS] N7 binds P7 -> SEAL_HASH_GRAPH_CYCLE [PASS] N8 missing N7 -> SEAL_INPUT_MISSING [PASS] N8 binds P7 -> SEAL_HASH_GRAPH_CYCLE [PASS] P7 prose-only -> SEAL_PROSE_ONLY_PIN_REJECTED [PASS] mutated canonicalizer hash -> P7 verify FAIL [PASS] mutated Packet V3 tree -> P7 verify FAIL [PASS] tampered scope constant -> SEAL_CONSTANT_FIELD_MISMATCH [PASS] forbidden byte in field -> SEAL_FIELD_FORBIDDEN_BYTE [PASS] N7 canonicalizer not a sha -> NOT_HEX [PASS] N7 membership uppercase hex -> NOT_HEX [PASS] N7 canonicalizer 63 hex -> NOT_HEX [PASS] N7 approval_event_id empty -> EMPTY [PASS] N7 approver_identity empty -> EMPTY [PASS] N7 timestamp bad -> BAD_TIMESTAMP [PASS] N7 decision lowercase -> BAD_ENUM [PASS] N8 sealed_by empty -> SEAL_FIELD_EMPTY [PASS] N8 report_documents_digest not hex -> SEAL_FIELD_NOT_HEX [PASS] N8 sealed_at bad format -> SEAL_FIELD_BAD_TIMESTAMP [PASS] P7 revision not int -> SEAL_FIELD_BAD_INT [PASS] P7 byte count -1 -> SEAL_FIELD_BAD_INT [PASS] P7 byte count 0 (non-positive) -> SEAL_FIELD_BAD_INT [PASS] P7 empty document id -> SEAL_FIELD_EMPTY [PASS] empty report set -> SEAL_REPORT_SET_EMPTY [PASS] duplicate report record -> SEAL_REPORT_SET_DUPLICATE [PASS] duplicate report doc id -> SEAL_REPORT_SET_DUPLICATE [PASS] empty report doc id -> SEAL_REPORT_DOC_ID_INVALID [PASS] bad report revision -> SEAL_REPORT_REVISION_INVALID [PASS] report set deterministic (order-independent) [PASS] REHEARSAL N6 into real N7 -> SEAL_PROVENANCE_REHEARSAL_BLOCKED [PASS] missing provenance into real N7 -> SEAL_PROVENANCE_MISSING [PASS] forbidden provenance class into real N7 -> SEAL_PROVENANCE_FORBIDDEN_CLASS [PASS] unknown provenance class into real N7 -> SEAL_PROVENANCE_UNKNOWN_CLASS [PASS] valid classes but no real N6 -> SEAL_REAL_N6_NOT_AVAILABLE (true blocker) [PASS] real N7 path is live when real_n6_available + valid provenance AUTHORITY-SEAL-ENCODER SELFTEST: 48/48 PASS EXIT(selftest)=0

STEP: rehearsal CMD : python3 authority_seal_rehearsal.py /tmp/fix7-failopen/packet/rehearsal (cwd=/tmp/fix7-failopen/packet)

rehearsal :: python3 authority_seal_rehearsal.py /tmp/fix7-failopen/packet/rehearsal

END-TO-END REHEARSAL (NOT A SEAL): N7: 6225f265155942c1d32ce3ed2d491b4c3b7b0109a3b4b6fde9a37f434b459bfd N8: b1f001b64da50748823259593393b6e2d050c8c55c56918c99386984d075aa73 (binds N7) P7: 3599f6635be42a695991f66f561642e26718403f4e14ad220480480a8da7d541 (binds N7,N8) DAG acyclic: True deterministic 2nd pass: True rehearsal corpus into REAL N7: SEAL_PROVENANCE_REHEARSAL_BLOCKED REHEARSAL OK EXIT(rehearsal)=0

STEP: redteam CMD : python3 authority_seal_redteam.py /tmp/fix7-failopen/packet/rehearsal (cwd=/tmp/fix7-failopen/packet)

redteam :: python3 authority_seal_redteam.py /tmp/fix7-failopen/packet/rehearsal

[CAUGHT] A1 delete N7 required field (ENCODE_FAIL_CLOSED) SEAL_INPUT_MISSING [CAUGHT] A2 add extra N7 field (ENCODE_FAIL_CLOSED) SEAL_INPUT_EXTRA [CAUGHT] A3 reorder N7 field (ENCODE_FAIL_CLOSED) SEAL_FIELD_ORDER_MISMATCH [CAUGHT] A4 wrong N7 domain tag (ENCODE_FAIL_CLOSED) SEAL_DOMAIN_TAG_MISMATCH [CAUGHT] A5 N7 binds N8 -> cycle (ENCODE_FAIL_CLOSED) SEAL_HASH_GRAPH_CYCLE [CAUGHT] A6 N8 missing N7 (ENCODE_FAIL_CLOSED) SEAL_INPUT_MISSING [CAUGHT] A7 N8 wrong signer representation (ENCODE_FAIL_CLOSED+VERIFY_MISMATCH) inject=SEAL_FIELD_FORBIDDEN_BYTE; clean_forged_eq_canonical=False [CAUGHT] A8 N8 wrong timestamp format (ENCODE_FAIL_CLOSED) inject=SEAL_FIELD_FORBIDDEN_BYTE; clean_bad_format=SEAL_FIELD_BAD_TIMESTAMP (now semantically validated) [CAUGHT] A9 P7 missing canonicalizer hash (ENCODE_FAIL_CLOSED) SEAL_INPUT_MISSING [CAUGHT] A10 P7 mutated canonicalizer hash (VERIFY_MISMATCH) [CAUGHT] A11 P7 mutated Packet V3 tree (VERIFY_MISMATCH) [CAUGHT] A12 prose-only P7 pin (ENCODE_FAIL_CLOSED) SEAL_PROSE_ONLY_PIN_REJECTED [CAUGHT] A13 spec.json drift from encoder (DRIFT_DETECTED) clean matches, tampered differs [CAUGHT] A14 spec.md claims a field not in encoder (DRIFT_DETECTED) clean matches encoder, +ghost_field differs [CAUGHT] A15 encoder extra authority field not in spec (DRIFT_DETECTED) an encoder roster with an extra field would not equal spec.json [CAUGHT] A16 fixture labelled as real seal (GUARD_REJECT) SEAL_FIXTURE_CLAIMS_REAL [CAUGHT] A17 owner authorization expanded to implementation (ENCODE_FAIL_CLOSED) SEAL_CONSTANT_FIELD_MISMATCH [CAUGHT] A18 production gate removed from checklist (GUARD_REJECT) SEAL_PRODUCTION_GATE_MISSING [CAUGHT] A19 unknown dependency edge added (N7->N8) (CYCLE_DETECTED) clean acyclic, injected edge -> cycle [CAUGHT] A20 hash manifest tamper (VERIFY_MISMATCH) tampered HASH_MANIFEST.txt [CAUGHT] A21 Codex: N7 canonicalizer_sha256 NOT_A_SHA (ENCODE_FAIL_CLOSED) SEAL_FIELD_NOT_HEX [CAUGHT] A22 Codex: N7 approval_event_id empty (ENCODE_FAIL_CLOSED) SEAL_FIELD_EMPTY [CAUGHT] A23 Codex: N8 sealed_by empty (ENCODE_FAIL_CLOSED) SEAL_FIELD_EMPTY [CAUGHT] A24 Codex: N8 report_documents_digest NOT_A_SHA (ENCODE_FAIL_CLOSED) SEAL_FIELD_NOT_HEX [CAUGHT] A25 Codex: P7 revision not-an-int (ENCODE_FAIL_CLOSED) SEAL_FIELD_BAD_INT [CAUGHT] A26 Codex: P7 utf8_bytes -1 (ENCODE_FAIL_CLOSED) SEAL_FIELD_BAD_INT [CAUGHT] A27 Codex: report set empty (ENCODE_FAIL_CLOSED) SEAL_REPORT_SET_EMPTY [CAUGHT] A28 Codex: duplicate report records (ENCODE_FAIL_CLOSED) SEAL_REPORT_SET_DUPLICATE [CAUGHT] A29 REHEARSAL N6 into real N7 (PROVENANCE_BLOCKED) SEAL_PROVENANCE_REHEARSAL_BLOCKED [CAUGHT] A30 fixture as real seal (missing provenance) (PROVENANCE_BLOCKED) SEAL_PROVENANCE_MISSING [CAUGHT] A31 forbidden provenance class into real N7 (PROVENANCE_BLOCKED) SEAL_PROVENANCE_FORBIDDEN_CLASS [CAUGHT] A32 unknown provenance class into real N7 (PROVENANCE_BLOCKED) SEAL_PROVENANCE_UNKNOWN_CLASS [CAUGHT] A33 invalid timestamp (ENCODE_FAIL_CLOSED) SEAL_FIELD_BAD_TIMESTAMP [CAUGHT] A34 invalid ID grammar (ENCODE_FAIL_CLOSED) SEAL_FIELD_BAD_ID [CAUGHT] A35 invalid path grammar (ENCODE_FAIL_CLOSED) SEAL_FIELD_BAD_PATH [CAUGHT] A36 invalid report doc id (empty) (ENCODE_FAIL_CLOSED) SEAL_REPORT_DOC_ID_INVALID [CAUGHT] A37 invalid report revision (ENCODE_FAIL_CLOSED) SEAL_REPORT_REVISION_INVALID [CAUGHT] A38 duplicate report document id (ENCODE_FAIL_CLOSED) SEAL_REPORT_SET_DUPLICATE [CAUGHT] A39 valid provenance but no real N6 -> true blocker (PROVENANCE_BLOCKED) SEAL_REAL_N6_NOT_AVAILABLE RED-TEAM: 39/39 attacks caught; escaped=0 EXIT(redteam)=0

STEP: drift CMD : python3 authority_seal_drift_check.py . (cwd=/tmp/fix7-failopen/packet)

drift :: python3 authority_seal_drift_check.py .

[PASS] spec.json encoder_sha256 == actual encoder file sha256 [PASS] rosters: encoder == spec.json [PASS] domain_tags: encoder == spec.json [PASS] DAG edges: encoder == spec.json [PASS] output_fields: encoder == spec.json [PASS] field_kinds: encoder == spec.json [PASS] every roster field has a field_kind [PASS] provenance classes: encoder == spec.json [PASS] provenance allowed_real_corpus: encoder == spec.json [PASS] provenance allowed_real_authority: encoder == spec.json [PASS] constant_fields: encoder == spec.json [PASS] cycle_forbidden_fields: encoder == spec.json [PASS] fail_closed_statuses: all present in encoder source [PASS] fixture N7 digest: recomputed == spec.json [PASS] fixture N8 digest: recomputed == spec.json [PASS] fixture P7 digest: recomputed == spec.json [PASS] spec.md N7 roster == encoder [PASS] spec.md N8 roster == encoder [PASS] spec.md P7 roster == encoder [PASS] n7.json n7_roster == encoder N7 [PASS] n8-request roster == encoder N8 [PASS] p7-request roster == encoder P7 [PASS] domain tag FIX7_ACTIVE_AUTHORITY_ENVELOPE_MANIFEST_V1 present in spec.md [PASS] domain tag FIX7_CODEX_DETACHED_SEAL_V1 present in spec.md [PASS] domain tag FIX7_AUTHORITY_SEAL_PIN_V1 present in spec.md [PASS] domain tag FIX7_CODEX_SEAL_REPORTS_V1 present in spec.md [PASS] spec.md fail-closed vocab == spec.json statuses [PASS] value-grammar kind 'const' documented in spec.md [PASS] value-grammar kind 'decision' documented in spec.md [PASS] value-grammar kind 'hex' documented in spec.md [PASS] value-grammar kind 'id' documented in spec.md [PASS] value-grammar kind 'identity' documented in spec.md [PASS] value-grammar kind 'path' documented in spec.md [PASS] value-grammar kind 'posint' documented in spec.md [PASS] value-grammar kind 'timestamp' documented in spec.md [PASS] provenance class 'AUTHORITY_INPUT' documented in spec.md [PASS] provenance class 'CODEX_AUTHORED' documented in spec.md [PASS] provenance class 'ENGINEERING_VERIFIED_CANDIDATE' documented in spec.md [PASS] provenance class 'FORBIDDEN_FOR_REAL_SEAL' documented in spec.md [PASS] provenance class 'OFFICIAL_PIN' documented in spec.md [PASS] provenance class 'REHEARSAL' documented in spec.md DRIFT-CHECK: 41/41 agree; drift=0 EXIT(drift)=0

STEP: antihardcode CMD : python3 authority_seal_antihardcode.py (cwd=/tmp/fix7-failopen/packet)

antihardcode :: python3 authority_seal_antihardcode.py

[PASS] T1 mutate engineering input (N2) -> N7 digest changes -- 6225f2651559.. -> 6d498cb6b950.. [PASS] T2 mutate approval input (A1) -> N7 digest changes -- 6225f2651559.. -> cf2d80095380.. [PASS] T3 mutate expected P7 digest -> verify_pin FAILS -- verify_pin against a wrong expected returns False [PASS] T4 broken encoder selftest still exits 0 (no hex oracle in selftest) -- rc=0 [PASS] T4 broken encoder FLAGGED by spec.json fixture-digest oracle (drift) -- broken N7 0acd178d9cc0.. != published 6225f2651559.. [PASS] T4 drift-checker exits NONZERO on broken encoder -- rc=1 [PASS] T5 changing placeholder sub-digest changes N7 (fixture-specific, not constant) [PASS] T5 fixture inputs are explicitly FIXTURE-marked (>=3 markers) -- ['FIXTURE-APPROVAL-EVENT-0001', 'FIXTURE-OWNER+FIXTURE-CODEX', 'FIXTURE_OPTION_2_SEAL_ONLY'] [PASS] T5 spec.json labels these digests NOT_A_SEAL [PASS] T6 rehearsal encode reproduces published fixture N7 (computed, not hardcoded) -- 6225f265155942c1.. [PASS] T6 REHEARSAL corpus into real N7 -> blocked (no laundering) -- status=SEAL_PROVENANCE_REHEARSAL_BLOCKED [PASS] T6 omitting provenance does not bypass the gate -- status=SEAL_PROVENANCE_MISSING [PASS] T6 valid provenance still blocked by SEAL_REAL_N6_NOT_AVAILABLE (true blocker) -- status=SEAL_REAL_N6_NOT_AVAILABLE ANTI-HARDCODE/LAUNDERING: 13/13 PASS EXIT(antihardcode)=0

STEP: codex_probes CMD : python3 codex_probes.py --json /tmp/fix7-failopen/packet/rehearsal/codex-probes-results.json (cwd=/tmp/fix7-failopen/packet)

codex_probes :: python3 codex_probes.py --json /tmp/fix7-failopen/packet/rehearsal/codex-probes-results.json

[REJECTED] CP1 FINAL-AS-VALUE-GRAMMAR N7 canonicalizer_sha256="NOT_A_SHA" -> SEAL_FIELD_NOT_HEX [REJECTED] CP2 FINAL-AS-VALUE-GRAMMAR N7 approval_event_id="" -> SEAL_FIELD_EMPTY [REJECTED] CP3 FINAL-AS-VALUE-GRAMMAR N8 sealed_by="" -> SEAL_FIELD_EMPTY [REJECTED] CP4 FINAL-AS-VALUE-GRAMMAR N8 report_documents_digest="NOT_A_SHA" -> SEAL_FIELD_NOT_HEX [REJECTED] CP5 FINAL-AS-VALUE-GRAMMAR P7 pinned_canonicalizer_revision="not-an-int" -> SEAL_FIELD_BAD_INT [REJECTED] CP6 FINAL-AS-VALUE-GRAMMAR P7 pinned_canonicalizer_utf8_bytes="-1" -> SEAL_FIELD_BAD_INT [REJECTED] CP7 FINAL-AS-REPORT-SET report_documents_digest([]) -> SEAL_REPORT_SET_EMPTY [REJECTED] CP8 FINAL-AS-REPORT-SET duplicate report-document records -> SEAL_REPORT_SET_DUPLICATE [REJECTED] CP9 FINAL-AS-VALUE-GRAMMAR N7 membership_sha256 uppercase hex -> SEAL_FIELD_NOT_HEX [REJECTED] CP10 FINAL-AS-VALUE-GRAMMAR N7 canonicalizer_sha256 63 hex (short) -> SEAL_FIELD_NOT_HEX [REJECTED] CP11 FINAL-AS-VALUE-GRAMMAR N7 approver_identity="" (empty signer/identity) -> SEAL_FIELD_EMPTY [REJECTED] CP12 FINAL-AS-VALUE-GRAMMAR N7 approval_event_timestamp="not-a-time" -> SEAL_FIELD_BAD_TIMESTAMP [REJECTED] CP13 FINAL-AS-VALUE-GRAMMAR P7 pinned_canonicalizer_utf8_bytes="0" (non-positive) -> SEAL_FIELD_BAD_INT [REJECTED] CP14 FINAL-AS-VALUE-GRAMMAR P7 pinned_canonicalizer_document_id="" (empty path) -> SEAL_FIELD_EMPTY [REJECTED] CP15 FINAL-AS-REPORT-SET report doc id="" (empty document id) -> SEAL_REPORT_DOC_ID_INVALID [REJECTED] CP16 FINAL-AS-REPORT-SET report revision="not-an-int" -> SEAL_REPORT_REVISION_INVALID [REJECTED] CP17 FINAL-AS-PROVENANCE REHEARSAL N6 into REAL N7 -> SEAL_PROVENANCE_REHEARSAL_BLOCKED [REJECTED] CP18 FINAL-AS-PROVENANCE missing provenance into REAL N7 -> SEAL_PROVENANCE_MISSING [REJECTED] CP19 FINAL-AS-PROVENANCE FORBIDDEN provenance class into REAL N7 -> SEAL_PROVENANCE_FORBIDDEN_CLASS CODEX-PROBES: 19/19 REJECTED (fail-closed); accepted(fail-open)=0 EXIT(codex_probes)=0

Back to Knowledge Hub knowledge/dev/laws/tool-kiem-thu/packets/fix7-authority-closure-2026-06-10/rehearsal/stdout.log