05 - Hardcode / PG-Native Review

Verdicts

• ZERO_HARDCODE_ACCEPTED_FOR_CHOSEN_OPTION
• PG_NATIVE_DRIVEN_ACCEPTED_FOR_CHOSEN_OPTION

Acceptance applies to the amendment contract, not yet to T1's future patched blueprint.

Hardcode conditions

• No policy in CASE/code or structural-class branches.
• No name/pattern/owner scan becomes authority.
• No manual DO_NOT_TOUCH exclusion from closure.
• No item_payload authority loophole.
• No external artifact is the only authority source.
• No enum, rule, hidden surface, or hidden hash contract is introduced.
• No fixed operational list exists outside sealed/hash-bound approved manifests.
• Any collision or unsupported case remains blocked rather than routed later.

PG-first/native/driven conditions

• Final authority is PG ownership plus sealed #20/#11/#21 manifests and existing activation contracts.
• #21 is a closed-world desired-privilege contract verified against effective privileges in both directions.
• Directus cannot mutate authority after cutover; its retained access exists only through exact #21 grants.
• Level-B/operator authorization remains distinct from QT001 permit.
• No body changes occur, so rollback uses prior immutable manifests and the existing S14 owner/ACL snapshot binding.
• Readiness and all implementation/live actions remain blocked pending T1 patch and Codex recheck 3.

Invariants

Exactly 27 authority surfaces, 11 runtime-evidence non-authority surfaces, 14 readiness gates, and 7 top-level hash contracts remain unchanged. Verification guard count may change; that does not create authority or readiness.