KB-6E2D
FIX7 Authority Firewall (executable, under TKT v0.2, 2026-06-11)
3 min read Revision 1
tool-kiem-thufix7authority-firewalltkt-v022026-06-11
<!-- DOC_STATUS: ACTIVE_NON_AUTHORITY -->
FIX7 Authority Firewall (under TKT v0.2, 2026-06-11)
Host: T1. Authority: NON_AUTHORITY. Codex consulted: NO. Each firewall invariant maps to an executable gate that was actually run in this lane (not a prose promise). The firewall is therefore executable-by-reference to the captured gates.
| # | firewall invariant | enforcing executable gate | result |
|---|---|---|---|
| 1 | engineering PASS ≠ authority PASS | encoder encode_node (rehearsal) returns a digest but is provenance-agnostic; encode_real_* is a separate gated path |
selftest separates them; rehearsal digest never a real seal |
| 2 | rehearsal ≠ authority | assert_provenance rejects REHEARSAL |
CP17 → SEAL_PROVENANCE_REHEARSAL_BLOCKED |
| 3 | candidate ≠ official | candidate class allowed only for corpus, never authority slot; and real N6 still gated | SP5 → SEAL_PROVENANCE_FORBIDDEN_CLASS; SP6 → SEAL_REAL_N6_NOT_AVAILABLE |
| 4 | T2 v0.2 dev proof ≠ owner seal | v0.2 not used as a seal; lane boundary doc; v0.2 stays NON_AUTHORITY | cross-lane alignment report; no v0.2 oracle invoked |
| 5 | Codex review ≠ owner approval | not authored as approval; Codex NOT consulted this macro | n/a — no Codex call |
| 6 | MCP-byte proof ≠ owner/Codex seal unless pinned | byte-exact reconstruction is evidence, explicitly NOT a seal | README §3 |
| 7 | local-only evidence ≠ authority | raw logs local + regenerable; not claimed as authority | evidence-completeness report |
| 8 | no N7/N8/P7 official seal without required authority | encode_real_n7/n8/p7 gated SEAL_REAL_N6_NOT_AVAILABLE + provenance |
CP18/CP19/SP6 |
| 9 | diagnostic node ≠ authority input | n_node_checker R3/R6 |
R3_DIAGNOSTIC_AS_LOADBEARING / R6_DIAGNOSTIC_AS_AUTHORITY |
| 10 | Stage 2.6B / permit / REAL_RUN / QT001 remain blocked | not invoked anywhere; no tool call attempts them | remains blocked |
Standing true blockers (authority/owner only — NOT engineering)
SEAL_REAL_N6_NOT_AVAILABLE(G-AUTH-1) — owner/operator + Codex.- G-AUTH-2 (A1/A2/A3/A5 + N8 signer/report + P7 ids) — owner/Codex.
- G-OWNER-1 (OWN-1 standing do-not-approve) — owner.
- N-number ratification (G-DOC-1/2/3) — owner/Codex.
Firewall verdict
No engineering path in this lane can produce or claim a real seal. Every promotion/seal path is gated and was exercised with a captured fail-closed exit. The firewall holds.