Incomex AI Portal
KB-7EBD rev 2

FIX7 Codex Rejection Probe Replay Report

5 min read Revision 2
tool-kiem-thufix7codexn6tkt-v022026-06-11
<!-- DOC_STATUS: ACTIVE_NON_AUTHORITY -->

FIX7 — Codex Rejection Probe Replay Report (2026-06-11)

  • Host: T1 / Claude Code. Codex consulted: NO. Owner approval: NO. Production mutation: NO.
  • Purpose: reproduce each Codex-owned rejection probe, prove the pre-patch fail-open, prove the post-patch fail-closed. Object ID: TKT-OBJ-277.
  • Method: byte-exact KB reconstruction (kb_fetch_reconstruct.py) of the governed evidence tree (32 recheck-9 files + corpus + encoder 13344f92…); probes run against the actual governed verifier, not prose.

1. Required Codex-owned replay probes

# Probe Pre-patch (277daf86) Post-patch (922e5246) Required verdict Met?
1 duplicate declared corpus member → fail ACCEPTED + certificate (FAIL-OPEN) N6_CORPUS_DUPLICATE, no cert fail YES
2 duplicate manifest member record → fail ACCEPTED + certificate (FAIL-OPEN) N6_MANIFEST_DUPLICATE, no cert fail YES
3 duplicate HASH_MANIFEST path/entry → fail ACCEPTED + certificate (FAIL-OPEN) N6_MANIFEST_DUPLICATE (path) / N6_MANIFEST_MALFORMED_LINE (malformed) / N6_MANIFEST_BAD_HASH (non-hex), no cert fail YES
4 certificate emitted on duplicate input? YES (defect) NO NO YES
5 N7 envelope still labels membership as N1? YES (defect) NO (rev4 un-numbered) NO YES
6 alignment packet missing authority_seal_encoder.py? YES (404) NO (published 13344f92…) NO YES
7 alignment packet missing codex_probes.py? YES (404) NO (published 112b4ec5…) NO YES

2. Replay evidence (commands + exits)

Pre-patch reproduction (codex_replay.py vs verifier 277daf86)

[DUP-DECLARED]       RESULT=ACCEPTED  cert_emitted=True  -> FAIL-OPEN
[DUP-MANIFEST]       RESULT=ACCEPTED  cert_emitted=True  -> FAIL-OPEN
[MALFORMED-MANIFEST] RESULT=ACCEPTED  cert_emitted=True  -> FAIL-OPEN

Confirms Codex's adversarial-probes report (verify_corpus_membership set-converts before dup check; parse_hash_manifest dict-overwrites).

Post-patch (same inputs vs verifier 922e5246)

[DUP-DECLARED]       RESULT=REJECTED[N6_CORPUS_DUPLICATE]        cert_emitted=False  -> FAIL-CLOSED
[DUP-MANIFEST]       RESULT=REJECTED[N6_MANIFEST_DUPLICATE]      cert_emitted=False  -> FAIL-CLOSED
[MALFORMED-MANIFEST] RESULT=REJECTED[N6_MANIFEST_MALFORMED_LINE] cert_emitted=False  -> FAIL-CLOSED

Permanent regression — n6_adversarial_probes.py (0f2c94d3…)

P25 dup-declared, P26 dup-manifest-path, P27 malformed-line, P28 non-hex-hash — added. Full suite over fresh KB tree:

N6-ADVERSARIAL-PROBES: 31/31 fail-closed
any PASS emitted: False  | any seal/official digest emitted: False   (exit 0)

N7-envelope conformance — envelope_conformance_probe.py + n_node_checker.py

ENVELOPE-CONFORMANCE: 8/8 PASS    (stale (N1) absent; checker agrees; R4 rejects membership-under-N1)   (exit 0)
N-NODE-CHECKER SELFTEST: 15/15 PASS

Alignment completeness — fresh bash RERUN.sh

shasum -c HASH_MANIFEST.txt 5/5 OK; packet_tree OK 96d00b9e…; G0..G4 OK; OVERALL_RESULT: PASS; RERUN_RESULT: PASS

3. Final reality checks

  • Duplicate declared corpus accepted? NO. Duplicate manifest record accepted? NO. Duplicate HASH_MANIFEST path accepted? NO.
  • Certificate emitted for invalid duplicate? NO. N7 stale N1 membership label remains? NO. Alignment load-bearing file missing? NO.
  • Fresh reconstruction passes (both packets)? YES. Authority firewall? 8/8. N6 Codex-ratified? NO. N7/N8/P7 authored? NO. Production mutation? NO. T2 framework mutated? NO.

4. Verdict

All seven Codex-owned rejection probes replay as required: the two fail-open classes now fail closed and emit no certificate, the N7 label contradiction is gone, and both previously-absent alignment files are present. The only inputs that still "fail" are the bad ones — by design.