Incomex AI Portal
KB-2A50

Canonicalizer Executable SSOT (recheck-7 blocker B)

4 min read Revision 1

03 - Canonicalizer Executable SSOT (recheck-7 blocker B)

Load-bearing copy: the artifact FIX7-CANON-V1-CANONICALIZER (canonicalizer-fix7-canon-v1-ssot.md). This doc is the rationale + the pin contract.

The defect

The canonicalizer/reference implementation was described (doc 00 + reports) but not pinned as one executable, versioned, hashed SSOT artifact with exact invocation and test vectors. Different agents could therefore implement canonicalization differently — disguised fixed behaviour at construction time.

The SSOT pin (in the doc 00 envelope, MANIFEST_BOUND)

field value
canonicalizer_artifact_id FIX7-CANON-V1-CANONICALIZER
canonicalizer_path …/t1-fix7-existing-system-refactor-execution-blueprint-2026-06-08/canonicalizer-fix7-canon-v1-ssot.md
canonicalizer_version FIX7-CANON-V1
canonicalizer_revision SEAL_AT_CODEX_RECHECK_8 (sealed by Codex; pin only, never the artifact's own future revision recorded inside itself)
canonicalizer_sha256 SEAL_AT_CODEX_RECHECK_8 (SHA-256 over the artifact's full MCP bytes, CRLF/CR→LF; the artifact does not contain its own hash → no self-reference)
nature executable reference code (authoritative) + frozen test vectors

It is a pinned TOOL, NOT an active_corpus membership member, so the membership digest stays f2bda8…fe251. Seal-timing: T1 fixes id/path/version + the behavioural test vectors now; Codex seals canonicalizer_revision + canonicalizer_sha256 over the artifact's MCP bytes at recheck 8 (T1 pre-computing the "approved" hash would be self-fabricated authority, and avoids a local-vs-MCP byte mismatch).

Invocation / I-O / failure contract (pinned)

  • Command: python3 canonicalizer-fix7-canon-v1-ssot.py --selftest → exit 0 iff all vectors pass.
  • Inputs: raw UTF-8 MCP bytes per active member + the explicit membership list + the live envelope.
  • Outputs: the lowercase-hex digests (membership / per-doc / corpus / registry / boundary / guard / manifest / detached-seal) or a single fail-closed status.
  • Failure statuses: the closed set (doc 00 fail-closed rule + the artifact).

AUTHORING_REQUIREMENT (so implementation cannot fail)

Implementation-authoring MUST adopt exactly one canonicalizer that is byte-for-byte this artifact, or a re-implementation proven to pass all embedded test vectors AND reproduce f2bda8…fe251, pinned by canonicalizer_sha256. Before PKG-A: the live canonicalizer --selftest exits 0 and its content hash == the sealed value (G-CANONICALIZER-SSOT-ONLY). The implementation runs that artifact, not prose — this is what removes the "passes docs, fails at code" risk.

Conformance evidence (this pass)

--selftest22/22 PASS, exit 0 (doc 07): reproduces f2bda8…fe251; rejects every document_id alias class, every marker kind/literal violation, and every field-value violation; detects a seal self-revision/self-hash edge as a cycle.

Back to Knowledge Hub knowledge/dev/reports/architecture/t1-fix7-blueprint-patch-after-codex-recheck-7-constitution14-ssot-2026-06-09/03-canonicalizer-executable-ssot.md