#!/usr/bin/env python3 """Exercise the hardened rollback validator against the clone rehearsal evidence.

Three proofs, all of which must hold for a PASS:

1. SELFTEST: the validator's own selftest (real frozen T1 evidence passes; a fabricated no-mutation rollback fails closed).
2. REHEARSAL: check_rollback_proof() returns NO fail codes on this lane's clone rollback evidence (rollback-recovery-proof.json).
3. NEGATIVE CONTROL: if we fabricate an entry whose after_apply_hash == before_hash (nothing actually mutated), the hardened gate must fail closed.

Emits hardened-validator-result.json. Exit 0 only if all three hold. No production contact; pure local static evaluation of frozen JSON. """ import sys sys.dont_write_bytecode = True # keep packet dir free of pycache for reproducible tree import copy import json import os

HERE = os.path.dirname(os.path.abspath(file)) sys.path.insert(0, HERE) import hardened_dryrun_validator as V # noqa: E402

result = {"doc": "fix7-p0-production-rehearsal-only-hardened-validator-result", "date": "2026-06-12", "scope": "LOCAL_STATIC_NO_PRODUCTION_CONTACT"}

1. selftest

selftest_ok = V.selftest(HERE) result["selftest_pass"] = bool(selftest_ok)

2. rehearsal rollback evidence

with open(os.path.join(HERE, "rollback-recovery-proof.json"), encoding="utf-8") as fh: rb = json.load(fh) rehearsal_fails = V.check_rollback_proof(rb) result["rehearsal_check_rollback_proof_fails"] = rehearsal_fails result["rehearsal_pass"] = (len(rehearsal_fails) == 0) print("[%s] rehearsal rollback evidence passes hardened gate%s" % ("PASS" if result["rehearsal_pass"] else "FAIL", "" if result["rehearsal_pass"] else " -> " + "; ".join(rehearsal_fails)))

3. negative control: fabricate after_apply == before on the first real entry

fake = copy.deepcopy(rb) e0 = fake["entries"][0] e0["after_apply_hash"] = e0["before_hash"] # claim mutation but nothing changed e0["after_rollback_hash"] = e0["before_hash"] fake["entries"] = [e0] neg_fails = V.check_rollback_proof(fake) neg_closed = any(f.startswith("ROLLBACK_APPLY_DID_NOT_MUTATE") for f in neg_fails) result["negative_control_fail_codes"] = neg_fails result["negative_control_fails_closed"] = bool(neg_closed) print("[%s] fabricated no-mutation rehearsal entry fails closed%s" % ("PASS" if neg_closed else "FAIL", " (" + "; ".join(neg_fails) + ")" if neg_fails else " (FAIL-OPEN!)"))

result["after_apply_differs_from_before"] = all( e["after_apply_hash"] != e["before_hash"] for e in rb["entries"]) result["after_rollback_restores_before"] = all( e["after_rollback_hash"] == e["before_hash"] for e in rb["entries"]) result["production_rollback_status"] = rb.get("production_rollback_status") import hashlib with open(os.path.join(HERE, "hardened_dryrun_validator.py"), "rb") as fh: result["validator_local_copy_sha256"] = hashlib.sha256(fh.read()).hexdigest() result["canonical_hardened_validator_sha256"] = ( "e6547e6935cb01aae5feb405899c97107f1990ff3e2f7e6b9157828a90956c47") result["validator_is_canonical_byte_exact"] = ( result["validator_local_copy_sha256"] == result["canonical_hardened_validator_sha256"])

overall = (result["selftest_pass"] and result["rehearsal_pass"] and result["negative_control_fails_closed"] and result["after_apply_differs_from_before"] and result["after_rollback_restores_before"] and result["production_rollback_status"] == "NOT_APPLICABLE") result["overall"] = "PASS" if overall else "FAIL"

with open(os.path.join(HERE, "hardened-validator-result.json"), "w", encoding="utf-8") as fh: json.dump(result, fh, indent=2); fh.write("\n")

print("HARDENED_VALIDATOR_OVERALL:", result["overall"]) sys.exit(0 if overall else 1)