FIX7 Authority-Seal Full-Dress Rehearsal — Master Report (2026-06-10)
FIX7 Authority-Seal Full-Dress Rehearsal — Master Report
- Date: 2026-06-10 · Host: T1 · Production mutation: NO · Codex consulted: NO
- Lane:
FIX7_AUTHORITY_SEAL_FULL_DRESS_REHEARSAL_AND_CODEX_READY_PACKET_MACRO_2026_06_10 - From:
FIX7_AUTHORITY_SEAL_CONTRACT_SELF_CODEX_READY→ To:FIX7_AUTHORITY_SEAL_FULL_DRESS_REHEARSAL_CODEX_READY - Scope: prove the existing N7/N8/P7 executable seal contract can be freshly reconstructed, run end-to-end, red-teamed, drift-checked, and handed to Codex with nothing left to invent. Packet V3 engineering NOT redone. No seal authored. No self-approval.
0. Why this lane ran
The prior lane (…CONTRACT_SELF_CODEX_READY) delivered the executable encoder and a 22/22 selftest. That is necessary but not Codex-ready: a selftest only proves determinism/fail-closed against the encoder's own fixtures; it does not prove a fresh KB reconstruction runs, that the protocol survives an adversarial suite, or that code/spec/json/docs do not drift. This lane closes the whole pre-Codex lane so Codex quota is spent only on a packet already self-red-teamed.
1. Workstream verdicts (all executed, evidence-backed)
| WS | What | Command | Result |
|---|---|---|---|
| A | Fresh KB reconstruction | re-fetch encoder/spec from KB → fresh dir → shasum |
encoder 47200442…a452b5bb (19131 B) ✓; spec.json f1c49927…95ef5eb (4928 B) ✓ — byte-exact, no local-only dependency |
| A | Selftest from recon | python3 authority_seal_encoder.py --selftest |
22/22 PASS, exit 0 |
| B | End-to-end rehearsal | python3 authority_seal_rehearsal.py rehearsal |
N7→N8→P7 acyclic, deterministic 2nd pass identical, exit 0 |
| C | Byte-exact artifacts | per-node ordered records + preimage; preimage_sha256 == digest |
HASH_MANIFEST + packet_tree built |
| D | Red-team (20 attacks) | python3 authority_seal_redteam.py rehearsal |
20/20 caught, 0 escaped, exit 0 |
| E | Spec/code/json/doc drift | python3 authority_seal_drift_check.py . |
22/22 agree, drift=0, exit 0 |
| F | Anti-hardcode/laundering | python3 authority_seal_antihardcode.py |
9/9 PASS, exit 0 |
Single reproducer: bash rehearsal/commands.sh → ## RESULT rc=0. Per-step exit codes all 0 (rehearsal/exit_codes.json).
2. Rehearsal digests (NOT A SEAL)
N7 envelope_manifest_sha256 : 6225f265155942c1d32ce3ed2d491b4c3b7b0109a3b4b6fde9a37f434b459bfd
N8 detached_seal_sha256 : b1f001b64da50748823259593393b6e2d050c8c55c56918c99386984d075aa73
P7 authority_seal_pin_sha256 : 3599f6635be42a695991f66f561642e26718403f4e14ad220480480a8da7d541
These reproduce the values recorded in the prior lane's reports exactly (anti-laundering: they are computed, not stored). They are fixture-only — real A1–A5 + Codex signer differ, so the real seal differs (proven in WS-F: mutating any input changes the digest).
3. Fresh-reconstruction packet tree
PACKET_TREE_SHA256 = 9f40519aa390497869850a12a82e73b2d3dd17ec53b5356b9c4fa1a243fb7314 over 22 tracked files (relpath\0bytes\0 convention; excludes HASH_MANIFEST.txt, packet_tree.sha256, cover doc). Deterministic on recompute.
4. Key red-team finding (strengthens the packet)
WS-F surfaced that a selftest alone has no hex oracle: a physically broken encoder (domain tag mutated) still passes its own --selftest 22/22 because the selftest only checks determinism/fail-closed, not specific digests. The drift checker is the oracle — it pins the published fixture digests to spec.json and exits nonzero on the broken encoder. This is exactly why the macro forbids "repeat 22/22" as completion, and why this lane's drift+anti-hardcode layer is load-bearing.
5. Honest contract-scope note (red-team A7/A8)
The encoder enforces roster/order/tag/constants/forbidden-bytes and is tamper-evident, but it does not semantically validate free-text authority fields (signer identity string, timestamp format). A structurally-injected value (forbidden byte / separator) fails-closed; a byte-clean but semantically-wrong value simply yields a non-canonical seal that fails verify against the expected pin. Supplying correct authority values is Codex's responsibility by design — this is a documented boundary, not a contract defect. No adversarial test escaped.
6. Detail reports
- Fresh reconstruction:
…/reports/fix7-authority-seal-fresh-kb-reconstruction-report-2026-06-10.md - End-to-end rehearsal:
…/reports/fix7-authority-seal-n7-n8-p7-end-to-end-rehearsal-report-2026-06-10.md - Red-team:
…/reports/fix7-authority-seal-redteam-adversarial-report-2026-06-10.md - Drift:
…/reports/fix7-authority-seal-spec-code-doc-drift-report-2026-06-10.md - Anti-hardcode:
…/reports/fix7-authority-seal-anti-hardcode-laundering-report-2026-06-10.md - Codex-ready packet:
…/packets/fix7-authority-closure-2026-06-10/codex-final-seal-review-packet.md
7. Engineering preserved
Packet V3 tree b95df0a5…ca6d and canonicalizer rev3 49c386a9…b734d0 (rev3, 38756 bytes) unchanged, not redone. The authority-seal layer consumes engineering digests; it does not touch Packet V3. No engineering contradiction found.
8. Remaining blockers (true owner/Codex authority only)
| ID | Missing | Actor | Blocks Codex seal? | Blocks implementation? | Blocks production? |
|---|---|---|---|---|---|
| N7-INPUTS | A1/A2/A3/A5 approval-event values | owner + Codex | YES | YES | YES |
| N8-AUTH | Codex signer/timestamp/parent/report | Codex | YES | YES | YES |
| P7-PIN | Codex runs seal_p7() and records pin |
Codex | YES | YES | YES |
| OWN-1 | owner blueprint decision (owner-decision-packet §4) | Owner | gates approval | YES | YES |
| IMPL-OWNER | separate implementation-macro authorization after seal | Owner | — | YES | YES |
All are genuine authority inputs, not engineering gaps. Every T1-closable item is closed.
9. Minimal safe next step
Route the closure packet (…/packets/fix7-authority-closure-2026-06-10/) to Codex. Codex runs the four harnesses (bash rehearsal/commands.sh), supplies the authority inputs, and authors N7→N8→P7 inventing nothing. Preserve Packet V3 and canonicalizer rev3; keep all implementation/production gates closed.