Elnor Repo Reader

# DOC81 (E1/E2) — CODEX Fidelity-Audit Fix Record

**Date:** 2026-06-01 · **Source:** `Reviews/E1_E2_Fidelity_Audit_CODEX.md` (verdict `FIXES_NEEDED_BEFORE_RED_TEAM`) · **Target:** `DOC81_Scope_Policy_Charter_Draft.md`.

## Fixes applied (2 blocking findings)

### 1. §7.3 PropA fold-in — rebuilt row-body-accurate
The R1 draft mapped **8 of 10** carried PropA rows to the wrong PropA-R6.3 topics (guessed, because the drafting commission omitted archived `OPA_V3_18.md`). Replaced the topic-level landing table with a **canonical-body reconciliation table sourced from `OPA_V3_18.md §6.25`**:
- `NEW-01` = PropA-owned `ExposureContextSchema` → named policy-evaluation input (`MemoryPolicyDecision`/meet).
- `NEW-02` = policy hard-block precedence over BDSM `force_level` (block is final; force_level only inside `PolicyCappedDAMSInput`).
- `V15-01..06` = the **DOC73 V1.5.1 learning-pipeline privacy/governance** family — `LearningVisibilityScope` partition gate, `SchemaMigrationPlan` obligation, `VerifierCalibrationLedger` exclusion, AVAPO fixture-generation privacy gate, post-retrieval critique eligibility, counterfactual/additive-synthesis prompt eligibility (NOT the sensitivity/collection topics the draft guessed).
- `DSPY-TARGETS` = the four target IDs (`claim_extractor_main`/`outcome_evaluator_main`/`revision_compiler_main`/`outcome_compiler_main`) under policy eligibility ceilings; PropA owns the registry.

Added **7 per-row gate lints** + **8 per-row fixtures** (replacing the single `fixture.propa.all_ten_rows_have_landing_sites` — which would have passed even with wrong bodies — in both §7.3 and the §11 roll-up, per CODEX's design advisory). Flipped **§13.3 from OPEN → FIX-APPLIED**; open `OPEN_FOR_ARCHITECT_REVIEW` flags **3 → 2** (§13.4 `crossing_disposition`, §13.5 destination-vocab crosswalk).

### 2. `AvailabilityDisposition` boundary creep removed
DOC81 had locally defined + embedded the **DOC86-owned** `AvailabilityDisposition` (Owner Map line 191; Skeletal DOC86 §6) inside `SafeLabelDisclosurePolicy`, risking an upward DOC86→DOC81 dependency against the B1 acyclic fix. Removed the local type + the `availability` field; DOC81 now carries `disclosure_class` (its own axis) + the safe-label constraints and **exports** them — **DOC86 maps them to its own `AvailabilityDisposition` + rendered notices**.

## Root cause + remediation
The drafting commission's read-list cited PropA R6.3 + OPA V4 §6 but **not** archived `OPA_V3_18.md §6.25`, where the 8 carried rows' acceptance bodies live — so the drafter couldn't see them and honestly flagged the gap (§13.3) instead of guessing. **Remediation: `OPA_V3_18.md §6.25` added to the commission read-list (§2.4 item 9b)** so future carried-PropA work carries it.

## Confirmed clean by the audit (no change needed)
Scope/policy architecture, the `EffectiveMemoryPolicy` meet algorithm, the invariant gate+lint+fixture triples, the 5-plane `CascadingSourceInvalidation` wiring, E0 binding-by-reference (0 re-declarations), and source-exclusion + both E0-handed obligations all passed.

## Status
Both blocking findings fixed and re-verified. **Draft is ready for the multi-model design red-team.** Remaining open flags are the two non-blocking architect-confirm items (§13.4, §13.5) — to be confirmed at the red-team. Files uncommitted (architect commits).

---

# R2 SECTION — Application-Fidelity Audit Fixes (2026-06-04)

**Source:** `Reviews/E1_E2_R2_Application_Fidelity_Audit_CODEX.md` (verdict `FIXES_NEEDED_BEFORE_DELTA_REVIEW`; 57 of 60 mapping items PASS) · **Target:** `DOC81_Scope_Policy_Charter_Draft.md` (R2; 2,255 → 2,310 lines) · **Applied by:** Cowork orchestrator (architect-approved flow).

## Fix 1 — CODEX B-1 (Blocking): §3.2 disclosure derivation/coherence ordering
The R2 meet ran `reconcileObligationAxis` (scalar-set) → `makeCoherent` → `deriveDisclosureClass` — so an obligation ceiling (e.g. `hide_existence`) could be overwritten by a later, more-permissive derivation from the vector, and coherence capped capability against stale disclosure (violating Adj U1/U8/U9). **Applied:** steps 5–6 rebuilt — obligations now tighten the **vector** via new §3.3 `OBLIGATION_DISCLOSURE_VECTOR_CEILING` (+ `obligationDisclosureVectorCeilings()`); the scalar is derived from the FINAL vector; `makeCoherent` runs truly last; normative "nothing after step 6 may change any disclosure value." §3.3 prose updated (scalar-set retired); §10 disclosure-coherence row updated; new lint `policy.scalar_disclosure_set_independently_of_vector` (§3.2 + §10); new fixture `fixture.policy.obligation_ceiling_survives_scalar_derivation` (§10 + NI-1 family). *Deviation from CODEX's seed:* `show_generic_existence_only` ceiling sets `count_disclosure_mode: 'none'` (stricter than the suggested `'bucketed'`; avoids a DISCLOSURE_ALLOWS harmonization question; seed-confirmable, §13.6.)

## Fix 2 — CODEX S-1 (Substantive): U31 branded-primary-ID sweep completed
34 bare `_id: string` fields on owned schemas branded (incl. CODEX's 10 examples + 24 more found by full sweep); 28 new DOC81 brands + 2 referenced DOC84 brands (`ContextProductRequestRef`, `ContaminationRiskMeasurementRef`) added to the §0 block with a cross-note to the 4 brands already declared at §4.3 (no duplicates — verified each declared exactly once). The 8 remaining `_id: string` are legitimately non-primary (generation counters; `ExternalVocabularyValueRef` coordinates) per the audit's own carve-out.

## Verification (post-fix)
Step order confirmed (obligation vector-ceilings → derive → cohere); zero bare primary IDs on owned schemas; 30 swept brands declared exactly once; code fences balanced (82); §10/§11 references resolve. **Re-audit:** scoped CODEX re-audit of the changed regions commissioned (automated via the agent-CLI rig) → `Reviews/E1_E2_R2_Fidelity_ReAudit_CODEX.md`.

**Re-audit disposition (2026-06-07):** the scoped CODEX re-audit of the two R2 fidelity fixes was terminated before completion (architect-supervised call). Basis: (1) both R2 design reviews independently re-verified fix 1 (CL walked the `hide_existence` case end-to-end: PASS; GPT: "the CODEX fix works for obligations… confirmed"); (2) fix 2 was mechanically verified (zero bare primary IDs on owned schemas; all brands declared exactly once); (3) the R3 revision (per `E1_E2_R2_Adjudication_Card.md` V1/V3) rebuilds the audited §3.2/§4.2 regions, superseding the audit subject. Brand-integrity persistence (S-1) is carried as an explicit R3 regression-checklist item. The post-R3 application-fidelity audit (automated, high reasoning effort) covers the successor text. Rig lessons logged: detached runs need `setsid` + binary-path/bracket-safe process checks; long runs need a watchdog timeout.

---

# R3.1 SECTION — Delta-Review Fix Set (2026-06-08)

**Source:** `E1_E2_R3_Delta_Adjudication_Card.md` (adjudicating the two scoped R3 delta reviews — `Reviews/E1_E2_R3_Delta_Review_Claude_Opus_4.8.md` + `Reviews/E1_E2_R3_Delta_Review_GPT_5_5_Pro_RERUN.md`, both `MINOR_FIXES_THEN_RATIFY`). **Applied by:** Cowork orchestrator, direct (small/localized/paste-ready). Draft 2,682 → 2,718 lines.

## Applied (4 substantive + 3 minor)
- **D1** (CL S1; GPT missed) — §3.2 step-3 floor gate widened to `… OR (render AND destination present) OR …` so a render-may-leave applies the 0c crosswalk floor (was attested-but-unfloored); + `isEgressAction`/`isInternalAction` action partition defined (was undefined). Lint `egress.render_with_destination_floor_not_applied` + fixture.
- **D2** (CL S2 = GPT F-2, unanimous) — §4.6.4 seed `local_file_export` floor `reference_only_candidate` → `normal_policy_check` + `E0EgressAttestation` retained (aligns to §13.6 / architect ruling: own disk = attested, not content-floored).
- **D3** (GPT F-1, elevated over CL M7) — `principal_scope: PrincipalScope` REQUIRED on BOTH `ScopeResolutionCacheKey` (replaced optional `principal_ref?`) and `EffectivePolicyCacheKey` (added); lint `cache.policy_key_missing_principal_scope` + fixture. Closes the R-5 cross-principal cache-bleed shape V20 was meant to remove.
- **D4** (CL M2 ∪ GPT F-3 ∪ M1) — defined `toPolicyPoint`/`priorState`/`clampPointDown` (§3.0), `isEgressAction`/`isInternalAction`/`FLOOR_EFFECT` projection/`rootCeilingItems` exact-match (§3.2); **removed `domainBaselineDecision`** → step-1c sets `use_domain_profile_only_internal_baseline=true` (the always-present domain contribution is the baseline; eliminates the fake-decision type mismatch).
- **D5** (CL M3+M4) — `meetAllStates` empty-safe (⊥-state, not raw TypeError); `meetPolicyState` `obligations`/`applied_floor_refs` Set-union (NI-1 literal on the raw state).
- **D6** (CL M5; architect-confirmed posture) — a decision whose `disclosure_class ≠ deriveDisclosureClass(vector)` is **EXCLUDED** (`continue`) rather than bottoming the whole object's disclosure (F1-aligned: one corrupt record must not DoS the object). `forceBottomDisclosure` removed. Fixture `fixture.policy.self_contradictory_decision_excluded_not_object_bottomed`.
- **D7** (CL M6) — §3.2 prose "step order 0→6" → "0→7".

## Verification (post-fix)
2,718 lines; 84 fences balanced; D1 gate+partition present; D2 zero `reference_only_candidate` on local-file-export; D3 `principal_scope` on both keys + zero stale optional `principal_ref`; D4 all four helpers defined + `domainBaselineDecision` only in its removal note; D6 `forceBottomDisclosure` count 0; D7 prose updated. Header → `R3.1 — RATIFICATION-READY`.

## Confirms carried (both delta reviews)
C1 (V13 derived/durable) coherent — no fix. C4 seeds sound (0.85/0.70 shipped, 1.0/0.0 fallback, depth 16, contamination 0.60, topic 0.20/0.70) — only the §4.6.4 stale seed was wrong (→ D2). Meta-test PASS. Four walked cases PASS. **Both reviews: ratifiable after this set — now applied.**

## Remaining to ratify
Architect ratification (`Ratification.md`) + discharge sweep (Owner Map rows for the new R2/R3 schemas, SM/Retired-Names for renames, OPA notes, SPEC_STATE). The three R2 seed confirms + the D6 posture are architect-approved (2026-06-08). Optional: a final NI-1 property-gate run + targeted re-grep (this record's verification covers the mechanical layer).