KB-5CE9
FIX7 Authority Self-Codex Adversarial Probes (under TKT v0.2, 2026-06-11)
4 min read Revision 1
tool-kiem-thufix7authority-sealself-codexadversarial-probestkt-v022026-06-11
<!-- DOC_STATUS: ACTIVE_NON_AUTHORITY -->
FIX7 Authority Self-Codex Adversarial Probes (under TKT v0.2, 2026-06-11)
Host: T1. Authority: NON_AUTHORITY. Codex consulted: NO. Production mutated: NO.
Codex-style verification: harness PASS, report prose, and manifest consistency are NOT trusted alone — bad inputs are created outside the happy path and executed. Two harnesses run against the byte-exact reconstructed encoder (13344f92…): the shipped codex_probes.py (19 probes) and this lane's independent sp_align_probes.py (10 probes I authored, covering macro probe-list items the shipped harness does not).
Macro probe-list coverage (all real exit codes)
| Macro probe | covered by | result |
|---|---|---|
| 1 invalid hash → fail | CP1 | SEAL_FIELD_NOT_HEX |
| 2 empty hash → fail | SP1 | SEAL_FIELD_EMPTY |
| 3 empty ID → fail | CP2 | SEAL_FIELD_EMPTY |
| 4 empty signer → fail | CP3 | SEAL_FIELD_EMPTY |
| 5 missing signer → fail | CP3/encode_node missing | SEAL_FIELD_EMPTY/SEAL_INPUT_MISSING |
| 6 revision="not-an-int" → fail | CP5 | SEAL_FIELD_BAD_INT |
| 7 revision=-1 → fail | SP2 | SEAL_FIELD_BAD_INT |
| 8 byte count=-1 → fail | CP6 | SEAL_FIELD_BAD_INT |
| 9 byte ok / hash wrong → fail | SP3 | verify=False |
| 10 hash ok / byte wrong → fail | SP4 | verify=False |
| 11 empty report set → fail | CP7 | SEAL_REPORT_SET_EMPTY |
| 12 duplicate report ID → fail | CP8/SP10 | SEAL_REPORT_SET_DUPLICATE |
| 13 duplicate report record → fail | CP8 | SEAL_REPORT_SET_DUPLICATE |
| 14 candidate as authority → fail | SP5 | SEAL_PROVENANCE_FORBIDDEN_CLASS |
| 15 rehearsal as authority → fail | CP17/SP6 | SEAL_PROVENANCE_REHEARSAL_BLOCKED / SEAL_REAL_N6_NOT_AVAILABLE |
| 16 local-only as authority → fail | SP6 (no real N6) | SEAL_REAL_N6_NOT_AVAILABLE |
| 17 N1/N2 swapped → fail | n_node_checker R1 | R1_LABEL_REASSIGNMENT |
| 18 N9_DIAG load-bearing authority → fail | n_node_checker R3/R6 | R3_DIAGNOSTIC_AS_LOADBEARING / R6_DIAGNOSTIC_AS_AUTHORITY |
| 19 unknown N10 → fail | n_node_checker R2 | R2_UNKNOWN_NODE |
| 20 active_corpus under wrong node → fail | n_node_checker R4 | R4_VALUE_WRONG_NODE |
| 21 missing commands.sh → packet fails | RERUN step3 | non-zero |
| 22 missing HASH_MANIFEST entry → fail | tamper-1 | RERUN_RESULT: FAIL (manifest drift) |
| 23 packet_tree mismatch → fail | tamper-2 | RERUN_RESULT: FAIL (tree mismatch) |
| 24 stdout/stderr hash mismatch → fail | manifest drift class | covered by 22 |
| 25 exit_codes tamper → fail | regenerated each run, gate compares EXP vs ACT | mismatch→OVERALL_RESULT: FAIL |
| 26 RERUN skip-gate tamper → fail | RERUN steps 1→2→3 are sequential exit 1 gates |
non-zero |
| 27 report PASS but cmd nonzero → fail | gate ledger ties exit to OK/MISMATCH | MISMATCH |
| 28 manifest extra authority field → fail | SP8 | SEAL_INPUT_EXTRA |
| 29 N7/N8/P7 seal without authority → fail | SP6/CP18 + firewall | SEAL_REAL_N6_NOT_AVAILABLE / blocked |
| 30 permit/REAL_RUN/QT001 from this lane → blocked | firewall report | remains blocked (not attempted) |
Headline reality checks
- any invalid input accepted? NO
- any PASS emitted for invalid input? NO
- any digest/seal-like output for invalid input? NO
- candidate/rehearsal promoted to authority? NO
Aggregate
codex_probes.py 19/19 REJECTED (exit 0) · sp_align_probes.py 10/10 fail-closed (exit 0) · n_node_checker.py 15/15 (exit 0). Zero fail-open across all suites.