05 - Rollback Source Artifact Recheck

Verdict

ROLLBACK_SOURCE_NEEDS_FIX

Accepted: a bare source hash is no longer treated as source material; body change is forbidden without a read-back-verified evidence_registry artifact.

Remaining binding gap:

• Approved #27 contains source hashes but no evidence_id FK. The blueprint does not specify an unambiguous PG binding from each STUB_FAIL_CLOSED object/old body/stub body to the exact evidence_registry row.
• artifact_sha256 is not globally unique; evidence_registry uniqueness is composite. Hash equality alone cannot select the authoritative artifact.
• “sealed evidence_registry row” lifecycle/immutability and evidence validity at restore time must be explicitly proven.

Required T1 fix: define an existing approved relation/path that binds exact evidence_id to object identity and #27 hash, or classify a design amendment as required. Restore must fail closed on zero or multiple matching valid artifacts.