Incomex AI Portal
KB-5B32

Checkpoint - T1 FIX7 Corrected-Spec Short Review And Proposals

6 min read Revision 1
fix7t1-reviewcheckpointDESIGN_NEEDS_TARGETED_CODEX_CORRECTION_WITH_PROPOSALS

Checkpoint - T1 FIX7 Corrected-Spec Short Review And Correction Proposals

Date 2026-06-08. Author T1 (production Agent, Agent Data). Mode READ-ONLY production; KB report writes only. Execution mode AUTHOR_MODE_ONLY. Live mutation NO.

Final status: DESIGN_NEEDS_TARGETED_CODEX_CORRECTION_WITH_PROPOSALS

Short adversarial review of Codex package codex-fix7-spec-artifact-correction-from-t1-proposals-2026-06-07 (status FIX7_SPEC_CORRECTED_READY_FOR_T1_SHORT_REVIEW), which claimed to resolve T1 CP-01..CP-07 and address CP-08..CP-09. Codex stays design owner; T1 stays independent reviewer; T1 wrote residual correction proposals, did NOT patch Codex docs.

Boundary held

No production DB/role/grant/trigger/function/scheduler/UI/REAL_RUN/permit/ledger/QT001-apply mutated. No DB object created. No SQL applied. No manifest activated. No ownership/ACL change. No permit opened. Stage 2.6B not advanced. No Codex doc edited. Read path OPEN — read in full: 13 Codex corrected artifacts (00..12), Codex self-review (11) + verdict (12), correction checkpoint, superseded finalization checkpoint, prior T1 proposal package (13) + prior T1 checkpoint, governing law prompt-muc-tieu-mo v1.3.

Headline

The 9 prior proposals CP-01..CP-09 are RESOLVED to a high standard — a genuine substantial advance (path A 27 byte-level child DDL published; canonical hash fully pinned; every threshold sealed with no 28th table; Directus path A with real-query preflight; evidence/identity/principal/analyzer registries now byte-defined). NOT READY only because the corrections themselves surfaced a short cross-impact set. NOT a fail.

Per-supertrack verdicts

  • A CP-01 byte-level 27 DDL: CP01_VERIFIED (exactly 27; PK/envelope-FK/UNIQUE/typed domains; no policy-shaped CHECK; no DEFAULT-false hidden policy; rollback order + owner roles + PG16.13 OK).
  • B CP-02 FK targets: CP02_VERIFIED (explicit typed FK map; 4 forward + 2 runtime ALTERs correctly deferred, no double-define; family-correctness at seal via fn_assert_catalog_family, no literals).
  • C CP-03 code_catalog: CP03_VERIFIED (set/family/item byte DDL; owner-only; one-active index; sealed/hash/quorum; families are rows; item_payload object-only).
  • D CP-04 typed operand: CP04_VERIFIED (num_nonnulls=1 + jsonb/schema pairing; operator_operand_compatibility; fn_assert_typed_operand no CASE; neg tests incl scalar-hidden-in-JSONB).
  • E CP-05 sealed thresholds: CP05_VERIFIED (every flagged literal -> sealed field; no threshold table; literal-free adapter rule; SA15 fail-closed blocker).
  • F CP-06 canonical hash: CP06_VERIFIED (encode hex lowercase, trim_scale numeric, UTC ts, COLLATE C, total array order, JSON-null vs string-NULL, no MD5/delimiter, PG-major upgrade gate; H01..H07 embedded). Full byte-impl of H04/H05/H06 gated on RP-01.
  • G CP-07 Directus: CP07_VERIFIED (path A; manifest-driven SELECT set; real-emitted-query both-EXCEPT preflight; hash-bound smoke; safe rollback).
  • H CP-08 placement/retention: CP08_ADVISORY_REMAINING (placement/retention/archive OK; load-bearing anchors byte-defined; RP-01 + RP-02 in-domain now blocking).
  • I CP-09 Level-B: CP09_VERIFIED (human_identity_registry + principal_registry byte DDL; manifest-bound bindings; same-human control via identity binding + H04).
  • J zero-hardcode: DISGUISED_HARDCODE_RISK (not FAIL).
  • K PG-native/driven: PG_NATIVE_DRIVEN_NEEDS_CORRECTION.
  • L feasibility/scale: FEASIBILITY_SCALE_VERIFIED (design; runtime scale evidence operator-gated/pending).

Correction proposals: 8 (4 blocking, 4 advisory) — RP-01..RP-08

BLOCKING: RP-01 define-or-downscope the runtime instance/result/evidence tables consumed by H04/H05/H06 and partitioned by doc 09 (signoff/binding, capability run/measurements/artifacts, gate/bypass fact-results, quorum votes, denied-attempt/dashboard/Level-B-packet) -> else hash maps not byte-implementable (reopens divergence loop). RP-02 reconcile the ACTIVE sealed retention-policy numeric authority (interval/capacity) with CP-05's "no 28th authority surface" (internal contradiction). RP-03 publish one consolidated CREATE+deferred-ALTER order + exact-set constraint verification across docs 02/03/04/09/10 (cross-table FK cycles; a forgotten ALTER = silent integrity hole). RP-04 enumerate + exact-set-cover the catalog-family enforcement contracts (reference_contract / operand_column_contract / SA15 structural-literal) so no catalog-typed column silently loses enforcement. ADVISORY: RP-05 SA-scan that no adapter reads code_catalog_item.item_payload operationally. RP-06 DB-level UNIQUE(activation_id,human_identity_id) for same-human-one-slot. RP-07 catalog retirement-evidence FK consistency. RP-08 Directus preflight observation-window completeness.

Not fail

No hardcode FAIL, no PG-native FAIL, no scale FAIL, not read-path-blocked. Block class = artifact-completeness / anti-hardcode-coherence (same family as the prior FIX..FIX6 loop). RP-01 may take explicit path-B downscope with mandatory re-audit.

Hard block (unchanged)

No Stage 2.6B, no permit, no REAL_RUN, no QT001 apply. Readiness BLOCKED; scale NOT_SAFE-until-evidence; Level-B OPERATOR_REQUIRED_UNVERIFIED.

Report path

knowledge/dev/reports/architecture/t1-fix7-corrected-spec-short-review-proposals-2026-06-07/ (00-readme-first .. 14-final-verdict).

NEXT

Codex resolves the 4 blocking proposals (RP-01 define-or-downscope; RP-02/03/04 at spec level) -> republish -> short T1 re-review -> DESIGN_READY_FOR_CODEX_FINAL_APPROVAL -> Codex final approval. No implementation before that.

Back to Knowledge Hub knowledge/dev/reports/architecture/checkpoint-t1-fix7-corrected-spec-short-review-proposals-2026-06-07.md