T1 FIX7 Focused Review - 01 Correction Matrix Verification (SUPERTRACK A)
01 - Correction Matrix Verification (SUPERTRACK A)
For each of Codex's claimed 8 corrections, T1 verdict against the published artifact (not the claim). Old report is evidence, not authority (law sec. 1).
| Codex ID | Correction | Artifact | T1 verdict | Basis |
|---|---|---|---|---|
| C01 | Manifest_set + exactly 27 child-contract DDL | 02 | PARTIAL | Contract-level spec, not byte-level DDL; defers authoritative DDL to unsurfaced "local artifact"; inter-manifest FKs / code_catalog root / typed-operand columns unspecified. See doc 02 / CP-01..04. |
| C02 | 14 readiness gate adapter rules | 03 | PARTIAL | 14 gates enumerated with adapter signature, source, freshness, NULL/missing/extra, both-EXCEPT, no bool_and-alone (strong). Gap: SCALE_SAFE and other thresholds read as adapter literals, not sealed manifest values; denominator-source not stated as manifest.expected_item_count. See doc 03 / CP-05. |
| C03 | 7 hash payload key-maps | 04 | PARTIAL | 7 maps with domain tag, ordered keys, source, NULL=JSON-null, no-MD5, no-delimiter, sensitivity tests (strong). Gap: no bytea->text encoding for embedded SHA-256 values; jsonb numeric/text canonical form and per-array ORDER BY not pinned. See doc 04 / CP-06. |
| C04 | 14 bypass vectors enumerated | 05 | VERIFIED | Exactly 14 explicit vectors; each attempt/blocker/proof/freshness/negative; sealed exact-set; set change gated by Q_CRITICAL_3; both-EXCEPT; no routed-later. See doc 05. |
| C05 | Directus SELECT retention / no-authority cutover | 06 | PARTIAL | Authority removal, preflight, no-go, rollback all present and sound. Gap: base-table-vs-presentation-view read preservation internally ambiguous; the original feasibility risk (REVOKE breaking app reads) not definitively closed. See doc 06 / CP-07. |
| C06 | Level-B CI/env/credential packet | 07 | VERIFIED | Both env + credential marked OPERATOR_REQUIRED_UNVERIFIED; IMPLEMENTATION_READINESS=BLOCKED; fixed resources named; infra-preflight immutable-evidence list; no-go if absent; T1 cannot create/approve; rollback; no manual privileged SQL (BV12). Minor advisory CP-09. See doc 07. |
| C07 | T1 self-audit dashboard | 08 | VERIFIED | 17 checks SA01-SA17 with sealed-catalog verdict, columns, fail-closed NULL/missing/extra/stale, cannot self-grant readiness, anti-tautology (SA15). Covers all required catch classes. See doc 08. |
| C08 | Same-human two-login quorum defeat | 09 | VERIFIED | human_identity_registry + principal_human_binding; IdP-assertion evidence (free-text diagnostic only); UNIQUE(activation_id,human_identity_id) and (activation_id,principal_class_id); separation pairs as ACTIVE manifest rows (no hidden CASE); rollback. See doc 09. |
Tally
VERIFIED 4 (C04, C06, C07, C08). PARTIAL 4 (C01, C02, C03, C05). STILL_GAP 0. CONFLICT 0 (but note doc-02 self-description "Normative full DDL artifact" overstates its contract-level content — flagged as a coherence defect under CP-01, not a standalone CONFLICT).
Reading
The four PARTIALs are not failures of decision — the prior T1 review already accepted the decisions as sound. They are artifact-completeness gaps that would require an implementer to guess schema columns, FK targets, hash inputs, or thresholds. Under the law (no_hardcode_absolute, no_fake_PASS) and the prior review's explicit guess-rejection triggers, these block DESIGN_READY_FOR_CODEX_FINAL_APPROVAL until corrected. Correction proposals are narrow and specific (doc 13).