12 — Final Summary

Status: STAGE2_6A_FIX2_POLICY_COMPLETE_FAIL_CLOSED_SIGNOFF_EXACT_AUTHORITY_LOCKED_READY_FOR_CODEX_REAUDIT. Verdict: PARTIAL (all current-layer gates fail-closed; PUBLIC EXECUTE REVOKE, Directus role separation, and scale keyset/resume are genuinely 2.6B work, each with a live no-go guard). No dangerous hardcode or disguised hardcode remains in the 2.6A layer.

The second Codex rejection targeted hardcode-moved-into-registry-rows and text rules that were not machine-enforced. This layer answers it structurally: parity can no longer authorize a tier (BLOCK-only, proven by guard); the rule engine fails closed on missing/unknown/superseded signals and evaluates expected_result (11/11 negative tests); rules carry version/approval/authority_lock/provenance/checksum with a supported-operator CHECK; the plan fingerprint is content-addressed over the full 74-collection scope plus rules/engine/signals/signoff/trigger/gateway/watermark/blockers (every component proven sensitive); signoff is exact per collection+tier+checksum (10 negative tests); readiness v5 has zero literals; the writer consumes the governance layer in-body and fails closed for any caller.

13/13 Codex blockers reproduced then fixed (10) or routed/contained to 2.6B (3). must_not_proceed.pass=true. readiness BLOCKED. Birth-neutral. tga/apr/gateway/permits/done/stage0 unchanged.

Next macro: BIRTH_STAGE2_6B_QT001_PERMIT_RUN_KEYSET_RESUME_AND_AUTHORITY_REVOKE — permit/run/keyset/watermark resume lifecycle; REVOKE PUBLIC EXECUTE + owner/role separation (Directus DML); HC-04 resolver, HC-07 TG_ARGV scanner, HC-11 conservation invariant; representative-volume perf gates. Then a fresh independent Codex re-audit BEFORE any permit or apply. Exact blocker: independent Codex re-audit + 2.6B layers + owner permit. Zero engineering blocker.