{ "doc": "t2-fix7-p0-dryrun-independent-bad-input-probes", "date": "2026-06-11", "host": "T2 / CLAUDE CODE / FABLE", "authority_of_this_doc": "REVIEW_NON_AUTHORITY; records T2 independent fail-closed testing of T1's dryrun_validator.py", "validator_under_test": "knowledge/dev/reports/architecture/fix7-p0-dryrun-and-execution-readiness-packet-2026-06-11/dryrun_validator.py", "method": "Materialized validator + all 11 evidence JSONs from KB bytes into a clean /tmp packet. (A) ran validator on good data; (B) reproduced T1's 20 probes; (C) authored 22 NEW probes beyond T1's harness; (D) end-to-end tamper of full validator; (E) one hardening probe.", "A_validator_good_data": {"exit": 0, "all_11_gates": "PASS", "emits": "DRYRUN_VALIDATOR_RESULT: PASS"}, "B_t1_probes_reproduced": {"total": 20, "fail_closed": 20, "controls_pass": true, "any_fail_open": false, "exit": 0}, "C_t2_independent_probes": { "total": 22, "fail_closed": 22, "controls_pass": true, "any_fail_open": false, "exit": 0, "probes": [ {"id": "T2-1", "defect": "seal.implementation_authorized_by_p7_alone=true", "gate": "P7_ALONE_AUTHORIZES_IMPL", "result": "FAIL-CLOSED"}, {"id": "T2-2", "defect": "seal.implementation_execution_allowed_now=true", "gate": "IMPLEMENTATION_EXECUTION_CLAIMED_NOW", "result": "FAIL-CLOSED"}, {"id": "T2-3", "defect": "seal.owner_decision_consumed=AUTHORIZE_IMPLEMENTATION_EXECUTION", "gate": "OWNER_DECISION_NOT_DRYRUN_ONLY", "result": "FAIL-CLOSED"}, {"id": "T2-4", "defect": "owner.default_decision != HOLD", "gate": "DEFAULT_NOT_HOLD", "result": "FAIL-CLOSED"}, {"id": "T2-5", "defect": "owner.selected_option set + signature UNSIGNED", "gate": "OWNER_APPROVAL_FABRICATED", "result": "FAIL-CLOSED"}, {"id": "T2-6", "defect": "owner.execution_authorization_status=AUTHORIZED", "gate": "EXECUTION_AUTHORIZED_IN_TEMPLATE", "result": "FAIL-CLOSED"}, {"id": "T2-7", "defect": "gov.canonical_fold_applied=true", "gate": "CANONICAL_FOLD_APPLIED", "result": "FAIL-CLOSED"}, {"id": "T2-8", "defect": "gov object id collides with canonical max 224", "gate": "OBJECT_ID_COLLISION:224", "result": "FAIL-CLOSED"}, {"id": "T2-9", "defect": "gov object id collides with reserved 388", "gate": "OBJECT_ID_COLLISION:388", "result": "FAIL-CLOSED"}, {"id": "T2-10", "defect": "gov.registered_via_addendum=false", "gate": "OBJECTS_NOT_GOVERNED", "result": "FAIL-CLOSED"}, {"id": "T2-11", "defect": "rollback.production_rollback_status=PROVEN", "gate": "PRODUCTION_ROLLBACK_CLAIMED", "result": "FAIL-CLOSED"}, {"id": "T2-12", "defect": "rollback entry before != after_rollback", "gate": "ROLLBACK_NOT_RESTORED:RB-3", "result": "FAIL-CLOSED"}, {"id": "T2-13", "defect": "review.verdict=PRODUCTION_READY", "gate": "REVIEW_VERDICT_INVALID", "result": "FAIL-CLOSED"}, {"id": "T2-14", "defect": "review.production_ready=true", "gate": "REVIEW_CLAIMS_PRODUCTION_READY", "result": "FAIL-CLOSED"}, {"id": "T2-15", "defect": "review.production_rollback_proven=true", "gate": "REVIEW_CLAIMS_PRODUCTION_ROLLBACK", "result": "FAIL-CLOSED"}, {"id": "T2-16", "defect": "precond BLOCKS_DRYRUN while dryrun_can_proceed=true", "gate": "DRYRUN_PROCEEDS_DESPITE_BLOCKER:PC-2", "result": "FAIL-CLOSED"}, {"id": "T2-17", "defect": "precond.execution_ready=true", "gate": "EXECUTION_READY_CLAIMED", "result": "FAIL-CLOSED"}, {"id": "T2-18", "defect": "tkt.l4_iu_traceability=PASS", "gate": "TKT_BASE_OVERCLAIM:IU_TRACEABILITY_PASS", "result": "FAIL-CLOSED"}, {"id": "T2-19", "defect": "tkt.l6_release_bundle=PASS", "gate": "TKT_BASE_OVERCLAIM:RELEASE_BUNDLE_PASS", "result": "FAIL-CLOSED"}, {"id": "T2-20", "defect": "tkt.level_reached=L6", "gate": "TKT_BASE_LEVEL_NOT_L3", "result": "FAIL-CLOSED"}, {"id": "T2-21", "defect": "iso.workspace_path=/var/www/production/...", "gate": "WORKSPACE_NOT_TEMP_PATH", "result": "FAIL-CLOSED"}, {"id": "T2-22", "defect": "iso.connects_to_system_issues=true", "gate": "ISOLATION_PROD_CONNECTION:connects_to_system_issues", "result": "FAIL-CLOSED"} ] }, "D_end_to_end_tamper": {"tampered_field": "seal-consumption.json p7_digest -> 0*64", "full_validator_exit": 1, "emitted": "DRYRUN_VALIDATOR_RESULT: FAIL", "pass_or_seal_token_leaked": false}, "E_hardening_probe": { "id": "T2-REC-ROLLBACK-HARDENING-1", "defect_injected": "rollback entry after_apply_hash == before_hash (vacuous/idempotent staged mutation)", "gate_fired": false, "classification": "HARDENING_GAP_NON_BLOCKING", "why_non_blocking": "T1's actual RB-3 apply hash 91c520d94cb0... is genuinely distinct from before/after 49c386a9...; the gap admits no PASS/cert/seal token and no execution/production/fabricated-authorization overclaim; it is a robustness limitation on a degenerate input class, not a defect in the reviewed evidence", "recommended_fix": "add after_apply_hash != before_hash (or an explicit idempotent flag) to check_rollback_proof BEFORE the implementation-execution macro, where real per-mutation rollback proofs carry production weight", "route_to": "future implementation-execution macro / T1 validator hardening" }, "summary": {"good_data_pass": true, "t1_20_of_20_fail_closed": true, "t2_22_of_22_fail_closed": true, "tamper_no_pass_leak": true, "any_dangerous_class_fail_open": false, "hardening_gaps": 1, "hardening_gaps_blocking": 0} }