KB-2400
Codex Confirmation Matrix (Supertrack A)
4 min read Revision 1
fix7architecturet1-reviewrp-refinementconfirmation-matrix
01 - SUPERTRACK A — Consolidated Codex Confirmation Matrix
Codex confirmation-only review status: T1_RP_PROPOSALS_PARTIAL_REFINE_BEFORE_T1. This matrix reconciles T1's original classification with Codex's response and T1's final refined classification.
| RP | T1 original | Codex response | Final refined | B/A | Codex design edit required | T1 implementation blocked | Reason |
|---|---|---|---|---|---|---|---|
| RP-01 runtime instance/result/evidence tables | BLOCKING | CONFIRMED_BLOCKING | REFINED_BLOCKING | BLOCKING | YES | YES | H04/H05/H02 hash payloads + doc-09 partition targets consume runtime tables with no byte-level DDL → not byte-implementable. |
| RP-02 retention authority surface | BLOCKING | CONFIRMED_BLOCKING | REFINED_BLOCKING | BLOCKING | YES | YES | "Sealed retention policy" interval/capacity is numeric authority not hosted in any counted surface → uncounted-surface / mutable-denominator risk. |
| RP-03 consolidated DDL/ALTER + expected-constraint catalog | BLOCKING | VALID_BUT_NEEDS_REFINEMENT | REFINED_BLOCKING | BLOCKING | YES | YES | A dropped deferred-ALTER FK is a SILENT (not fail-closed) integrity loss; refinement places the expected-constraint catalog inside an already-counted surface (no new surface). |
| RP-04 catalog-family enforcement coverage | BLOCKING | CONFIRMED_BLOCKING | REFINED_BLOCKING | BLOCKING | YES | YES | Missing reference_contract / operand_column_contract / SA15 classification row silently disables family/type/literal enforcement. |
| RP-05 item_payload descriptive-only | ADVISORY | UPGRADE_TO_BLOCKING | REFINED_BLOCKING | BLOCKING | YES | YES | If an adapter reads item_payload operationally, the sealed catalog becomes a hidden-policy / disguised-hardcode channel. |
| RP-06 same-human uniqueness | ADVISORY | VALID_BUT_NEEDS_REFINEMENT (advisory) | REFINED_ADVISORY | ADVISORY | YES (advisory) | YES (blocked by others) | Blanket UNIQUE(activation_id,human_identity_id) over-blocks legitimate quorum; uniqueness must be slot/scope-precise and depend on the RP-01 signoff table. |
| RP-07 catalog retirement-evidence FK | ADVISORY | UPGRADE_TO_BLOCKING | REFINED_BLOCKING | BLOCKING | YES | YES | The authority ROOT can reference a non-existent evidence UUID → PG-native integrity hole at the most sensitive surface. |
| RP-08 Directus observation-window completeness | ADVISORY | VALID_BUT_NEEDS_REFINEMENT (advisory) | REFINED_ADVISORY | ADVISORY | YES (advisory) | YES (blocked by others) | Completeness must be a sealed/manifest-driven read-contract + sealed freshness field, not a hardcoded observation window. |
Counts
- Blocking after refinement: 6 (RP-01, RP-02, RP-03, RP-04, RP-05, RP-07).
- Advisory after refinement: 2 (RP-06, RP-08).
- Net change from prior package: RP-05 and RP-07 upgraded advisory → blocking (per Codex); RP-03 sharpened from "valid" to refined-blocking because the failure mode (silent dropped ALTER) is itself non-fail-closed.
T1 implementation status
T1 implementation remains BLOCKED on the whole design until ALL 6 blocking RP are resolved by Codex and re-reviewed. Advisory RP-06/RP-08 do not independently block but their refinements should land in the same Codex edit pass because they depend on / touch the same objects (RP-01 signoff table; CP-07 cutover).
Note on roles
T1 produced refined PROPOSALS only. Codex is the design owner and performs all design edits. After Codex edits, T1 re-reviews; no implementation, permit, REAL_RUN, QT001 apply, or Stage 2.6B before final approval.