FIX7 Authority-Seal Spec/Code/JSON/Doc Drift Report (2026-06-10)
FIX7 Authority-Seal — Spec/Code/JSON/Doc Drift Report (Workstream E)
- Date: 2026-06-10 · Host: T1 · Codex consulted: NO · Production mutation: NO
- Harness:
authority_seal_drift_check.py .→ 22/22 agree, drift=0, exit 0. - Method: deterministic extraction + compare, NOT visual/manual "looks same".
1. Surfaces compared
| Surface | What is extracted | Authority |
|---|---|---|
authority_seal_encoder.py |
ROSTERS, TAGS, EDGES, CONST, OUTPUT_FIELD, CYCLE_FORBIDDEN, fixture digests, source statuses |
the executable contract |
authority-seal-encoder-spec.json |
rosters, domain_tags, dag.edges, constant_fields, output_fields, cycle_forbidden, fail_closed_statuses, encoder_sha256, fixture_digests | machine mirror (sha pinned f1c49927…) |
authority-seal-encoder-spec.md |
§3/§4/§5 roster tables, §6 status vocabulary, domain tags | human spec |
n7-approval-event-input-envelope.json |
executable_contract.n7_roster |
N7 machine roster |
n8-detached-seal-request.md |
§1 roster table | N8 request |
p7-codex-reseal-request.md |
§1 roster table | P7 request |
2. Checks (22, all PASS)
[PASS] spec.json encoder_sha256 == actual encoder file sha256
[PASS] rosters: encoder == spec.json
[PASS] domain_tags: encoder == spec.json
[PASS] DAG edges: encoder == spec.json
[PASS] output_fields: encoder == spec.json
[PASS] constant_fields: encoder == spec.json
[PASS] cycle_forbidden_fields: encoder == spec.json
[PASS] fail_closed_statuses: all present in encoder source
[PASS] fixture N7 digest: recomputed == spec.json
[PASS] fixture N8 digest: recomputed == spec.json
[PASS] fixture P7 digest: recomputed == spec.json
[PASS] spec.md N7 roster == encoder
[PASS] spec.md N8 roster == encoder
[PASS] spec.md P7 roster == encoder
[PASS] n7.json n7_roster == encoder N7
[PASS] n8-request roster == encoder N8
[PASS] p7-request roster == encoder P7
[PASS] domain tag FIX7_ACTIVE_AUTHORITY_ENVELOPE_MANIFEST_V1 present in spec.md
[PASS] domain tag FIX7_CODEX_DETACHED_SEAL_V1 present in spec.md
[PASS] domain tag FIX7_AUTHORITY_SEAL_PIN_V1 present in spec.md
[PASS] domain tag FIX7_CODEX_SEAL_REPORTS_V1 present in spec.md
[PASS] spec.md fail-closed vocab == spec.json statuses
DRIFT-CHECK: 22/22 agree; drift=0
3. Why this is the anti-drift oracle
The fixture-digest checks (lines 9–11) recompute N7/N8/P7 from the encoder and compare to the digests recorded in spec.json. This pins the published values to the live code: if the encoder's contract changes in any way that affects a digest, this check fails. The anti-hardcode report (WS-F) proves a physically broken encoder still passes --selftest 22/22 but is flagged here (drift-checker exits nonzero) — so the drift checker, not the selftest, is the binding integrity oracle.
4. Verdict
DRIFT = 0. Encoder, machine spec, human spec, and the N7/N8/P7 request docs all agree on roster, order, domain tags, DAG edges, constants, output fields, cycle-guard fields, fail-closed vocabulary, and the fixture digests. No surface can silently diverge without this checker catching it.