FIX7 Authority-Seal Self-Codex Dry-Run Report (AS-P7)

• Date: 2026-06-10 · Host: T1 · Codex consulted: NO (self-Codex adversarial pass before routing)
• Question set from the macro §1 / §7. Each answered from first-hand evidence (executable selftest + spec).

Dry-run questions

1. Can N7 be computed from finite fields? YES. 13-field fixed roster (spec §3); encode_node("N7") produced 6225f265…459bfd deterministically. No open-ended input.
2. Can N8 be computed after N7? YES. N8 roster includes envelope_manifest_sha256 as a required input; omitting it → SEAL_INPUT_MISSING. encode_node("N8", fixture_n8_pairs(n7)) → b1f001b6…75aa73.
3. Can P7 be pinned/sealed under an exact schema? YES. seal_p7() 13-field roster → 3599f663…a7d541; prose-only rejected; mutation of pinned rev3/tree detected by verify_pin.
4. Does any cycle exist? NO. has_cycle(EDGES) = False; injected N7→N8 detected as cycle; N7/N8 reject descendant fields.
5. Do negative vectors fail? YES. All 11 macro negatives + 4 extra hardening vectors fail-closed with exact statuses (test-vectors report §2).
6. Does any field/order/encoding remain ambiguous? NO. Order = roster order (NOT sorted); encoding = canonicalizer-identical rec/digest (proven byte-equal); domain tags fixed; constants enforced; forbidden bytes rejected.

Adversarial checks (would a strict Codex reject again?)

Attack	Result
"N7 still prose / no encoder"	Refuted: authority_seal_encoder.py runs, 22/22 selftest.
"still a cycle somewhere"	Refuted: static has_cycle=False + per-node cycle guard + injected-edge detection.
"N8 doesn't actually depend on N7"	Refuted: N8 roster requires N7; missing → SEAL_INPUT_MISSING.
"P7 is prose-only"	Refuted: SEAL_PROSE_ONLY_PIN_REJECTED; digest form + mutation detection.
"encoder invents a new encoding Codex must trust"	Refuted: grammar proven byte-identical to canonicalizer rev3.
"T1 self-sealed / fabricated owner approval"	Refuted: only FIXTURE digests emitted, labelled NOT-A-SEAL; A1/A2/A3/A5 + signer remain MISSING_AUTHORITY_INPUT.
"engineering was changed"	Refuted: Packet V3 tree + rev3 hash unchanged; encoder consumes, never recomputes, engineering digests.
"hardcoded expected hex without spec binding"	Refuted: spec.json generated FROM the encoder; vectors assert determinism/fail-closed, not magic hex; pinned constants (N2/tree/rev/bytes) are the legitimately-pinned candidate identity, spec-bound.

Verdict

Self-Codex dry-run: PASS. A strict Codex can author N7→N8→P7 by running the encoder with the owner/Codex authority inputs — inventing no field, order, tag, or encoding. No contract defect remains; only true authority inputs are outstanding.

Residual (NOT T1-closable): A1/A2/A3/A5 approval-event values, Codex signer/timestamp/parent/report (N8), Codex seal_p7 execution (P7), owner blueprint decision (OWN-1), and separate implementation authorization. These are authority inputs by design, not engineering gaps.