FIX7 Final Authority-Seal — Codex Rejection Defect Re-Verification (under TKT v0.2, 2026-06-11)
FIX7 Final Authority-Seal — Codex Rejection Defect Re-Verification (2026-06-11)
Host: T1. Authority: NON_AUTHORITY. Codex consulted: NO. Production mutated: NO. Method: every defect re-verified from the actual governed file, freshly materialized from KB and executed — neither Codex's original claim nor T1's later "patched" claim is assumed.
Source under test (byte-exact fresh reconstruction)
authority_seal_encoder.py(rev2) materialized fromknowledge/dev/laws/tool-kiem-thu/packets/fix7-authority-closure-2026-06-10/.- Materialized sha256 =
13344f92cafcaf0d07dcb21700bdb642f38b89351702e08080eacb0e957144b8. - Cross-confirmed against TWO governed sources: the project pin, and the N-node model JSON field
S3_authority_seal_encoder_spec.encoder_sha256— both equal13344f92…. ⇒ reconstruction is byte-exact, not behavioral-only. - Probe harness
codex_probes.py(rev1) reconstructed byte-exact (sha112b4ec5…).
Re-verification table (each row = real run, real exit)
| # | Codex-named defect | probe (mutated input) | expected | actual | PASS emitted? | digest/seal emitted? | verdict |
|---|---|---|---|---|---|---|---|
| 1 | invalid hash accepted | N7 canonicalizer_sha256="NOT_A_SHA" (CP1) |
reject | SEAL_FIELD_NOT_HEX |
NO | NO | CLOSED |
| 2 | empty id accepted | N7 approval_event_id="" (CP2) |
reject | SEAL_FIELD_EMPTY |
NO | NO | CLOSED |
| 3 | empty signer accepted | N8 sealed_by="" (CP3) / N7 approver_identity="" (CP11) |
reject | SEAL_FIELD_EMPTY |
NO | NO | CLOSED |
| 4 | wrong revision accepted | P7 pinned_canonicalizer_revision="not-an-int" (CP5) / "-1" (SP2) |
reject | SEAL_FIELD_BAD_INT |
NO | NO | CLOSED |
| 5 | wrong byte count accepted | P7 pinned_canonicalizer_utf8_bytes="-1" (CP6) / "0" (CP13) |
reject | SEAL_FIELD_BAD_INT |
NO | NO | CLOSED |
| 6 | empty report set accepted | report_documents_digest([]) (CP7) |
reject | SEAL_REPORT_SET_EMPTY |
NO | NO | CLOSED |
| 7 | duplicate report set accepted | dup record (CP8) / dup doc-id diff rev (SP10) | reject | SEAL_REPORT_SET_DUPLICATE |
NO | NO | CLOSED |
| 8 | N6 active_corpus_sha256 was REHEARSAL into real seal |
encode_real_n7(provenance=REHEARSAL) (CP17) |
reject | SEAL_PROVENANCE_REHEARSAL_BLOCKED |
NO | NO | CLOSED |
| 9 | report doc-id / revision malformed | ("","1") (CP15) / ("doc","x") (CP16) |
reject | SEAL_REPORT_DOC_ID_INVALID / ..._REVISION_INVALID |
NO | NO | CLOSED |
| 10 | byte-count↔hash independence (P7 verify) | byte ok+hash wrong (SP3); hash ok+byte wrong (SP4) | verify=False | False / False |
NO | NO | CLOSED |
Plus: candidate-class-as-authority (SP5 → SEAL_PROVENANCE_FORBIDDEN_CLASS), missing provenance (CP18 → SEAL_PROVENANCE_MISSING), forbidden class (CP19 → SEAL_PROVENANCE_FORBIDDEN_CLASS), valid-classes-but-no-real-N6 (SP6 → SEAL_REAL_N6_NOT_AVAILABLE), extra authority field (SP8 → SEAL_INPUT_EXTRA), prose-only pin (SP9 → SEAL_PROSE_ONLY_PIN_REJECTED).
Aggregate runs (captured exit codes)
python3 authority_seal_encoder.py --selftest→ 48/48 PASS, exit 0.python3 codex_probes.py→ 19/19 REJECTED, 0 fail-open, exit 0.python3 sp_align_probes.py(this lane's independent suite) → 10/10 fail-closed, exit 0.
Verdict
Every defect Codex named in CODEX_FIX7_FINAL_AUTHORITY_SEAL_REJECT is re-verified CLOSED on the current governed encoder, by direct bad-input execution — not by trusting prose. No patch was required in this lane (live proof showed no residual defect). The encoder is fail-closed. No contract defect remains.
The only thing the encoder still refuses to do — produce a real N7/N8/P7 — is by design (standing true blocker SEAL_REAL_N6_NOT_AVAILABLE + authority inputs), an authority/owner gap, not an engineering fail-open.