Checkpoint - T1 FIX7 Blueprint Patch After Codex Recheck 4 (Approval Envelope)

Date: 2026-06-09 Author: T1 (production Agent for Agent Data) Macro: PROGRAM_PATCH_T1_FIX7_BLUEPRINT_AFTER_CODEX_RECHECK_4_ACTIVE_AUTHORITY_HASH_ENVELOPE Mode: READ-ONLY production; blueprint KB-doc direct-revision; NO production mutation.

Final status

FIX7_REFACTOR_BLUEPRINT_T1_PATCHED_AFTER_CODEX_RECHECK_4_READY_FOR_CODEX_RECHECK_5

What was done

Codex recheck 4 (codex-fix7-blueprint-recheck-4-final-before-authoring-2026-06-09/, status FIX7_REFACTOR_BLUEPRINT_CODEX_RECHECK_4_NEEDS_T1_FIX) accepted the recheck-3 work (object-only legacy universe, principal separation, entry-vector separation, uniform-end-state scope, PG-native-final, 27/11/14/7 + all execution boundaries) and left one blocker class: the ACTIVE_AUTHORITY corpus was classified only by mutable KB markers/registry/fences and not pinned to the exact Codex-reviewed revisions/content hashes — a mutable authoring-authority denominator (disguised hardcode). The other three NEEDS_FIX verdicts (no-disposition guard, hardcode-final, authoring-planning) are all downstream of that one root. T1 patched it in-blueprint; no runtime amendment; nothing accepted reopened.

The fix — ACTIVE_AUTHORITY_APPROVAL_ENVELOPE (doc 00)

An immutable, content-addressed, machine-readable (fenced YAML) envelope pinning every ACTIVE document/section + its KB revision + a normalized SHA-256, plus marker_fence_registry_sha256, superseded_boundary_sha256, guard_set_revision/guard_set_sha256, active_corpus_membership_sha256, envelope_manifest_sha256, and the Codex recheck checkpoint anchor; next_required_recheck_on_change: true. Sealed at the Codex recheck. The envelope sits in an ENVELOPE:EXCLUDE region (excluded from its own host's content hash to avoid self-reference) and the SEALED copy of record is recorded by Codex in the recheck-5 checkpoint (the immutable anchor).

• Membership hash computed NOW (stable): 916d6e11027ff466ffd4f0ae0f66b15c314fb89601b70ecdb7261ce463c03b87 (over the 10 ACTIVE doc_ids). Detects any missing/extra ACTIVE doc.
• Per-document content hashes seal at recheck-5: a hash of the approved corpus can only be computed at the approval event; T1 pre-writing "approved" hashes would itself be self-fabricated authority (the anti-pattern this chain polices). So Codex computes + seals them at recheck-5 PASS.
• Determinism proven: shasum -a 256 available + deterministic; rehearsal digest f6b773f80308260d5668f8dcfa41a318e2e05375d3e1b59615da7b393be1e7b0; exact normalization spec recorded.

Fail-closed semantics

Any mismatch in document revision, active content hash, marker/fence hash, registry hash, guard-set hash, active-section identity, corpus membership, or doc status → ACTIVE_AUTHORITY_ENVELOPE_MISMATCH → implementation-authoring planning BLOCKED until a fresh Codex recheck re-seals the envelope. The correct next step on mismatch is Codex recheck, NOT "continue authoring."

Guards 47 → 51

+G-ACTIVE-AUTHORITY-APPROVAL-ENVELOPE (sealed envelope covers exactly the ACTIVE corpus) +G-ACTIVE-AUTHORITY-HASH-MATCH (live SHA-256 == sealed) +G-ACTIVE-AUTHORITY-REVISION-MATCH (live KB revision == sealed) +G-ACTIVE-AUTHORITY-CHANGE-FAIL-CLOSED (any drift → mismatch → fresh recheck). G-ACTIVE-AUTHORITY-SCOPE / G-NO-SUPERSEDED-CONSUMPTION / G-LEGACY-NO-DISPOSITION-AUTHORITY re-bound to the sealed envelope; guard-quality rule 9 (content-addressed authoring authority). PKG-A gated on a SEALED, verified envelope (doc 07).

Invariants

27/11/14/7 PRESERVED (0 new authority surface / readiness gate / top-level runtime hash contract / #20 column / catalog family; production mutation 0). The envelope is a non-runtime construction-document content-address (it pins the blueprint docs being authored from), explicitly NOT an 8th runtime hash contract. All hard blocks intact.

Adversarial self-audit

11/11 PASS (report doc 06): mutate a marker · flip a fence · add a STUB term to active text · reference superseded from PKG-F/G · edit the registry only · edit a guard only · move a section range · edit a history block only · proceed after mismatch · rely on mutable Directus/marker state · (self-reference hole, proactively closed) edit the envelope block itself — each fails closed / blocks authoring.

Blueprint docs patched

00 (rev 6→10), 06 (rev 38→49), 07 (rev 40→43), 12 (rev 29→36), blueprint checkpoint (rev 17→21). All via patch_document (targeted; unchanged regions byte-identical).

Output

• Report: t1-fix7-blueprint-patch-after-codex-recheck-4-active-authority-envelope-2026-06-09/00..10 (11 docs).
• This checkpoint.
• Blueprint checkpoint advanced to ..._T1_PATCHED_AFTER_CODEX_RECHECK_4_READY_FOR_CODEX_RECHECK_5.

Live evidence

No fresh live read required; prior pg_roles evidence stands (directus non-superuser; workflow_admin superuser; qt001_cp_* roles absent; 0 trigger bypass vector).

Next

Codex recheck 5 of the recheck-4 approval-envelope-patched blueprint (external; not implementation), which seals the ACTIVE_AUTHORITY_APPROVAL_ENVELOPE (computes + records the per-document hashes over the approved content, sets the approval metadata, flips envelope_state to SEALED, records the sealed envelope in the recheck-5 checkpoint). Implementation, Stage 2.6B, qt001_backfill_permit, REAL_RUN, QT001 apply, manifest activation, repoint, and owner/ACL cutover all remain BLOCKED. Do not claim implementation approval.