Skip to content

feat: validate SOXL/TQQQ evidence bundle integrity#175

Open
Pigbibi wants to merge 3 commits into
mainfrom
codex/soxl-tqqq-r0c-integrity-20260714
Open

feat: validate SOXL/TQQQ evidence bundle integrity#175
Pigbibi wants to merge 3 commits into
mainfrom
codex/soxl-tqqq-r0c-integrity-20260714

Conversation

@Pigbibi

@Pigbibi Pigbibi commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

Summary

  • add bounded, exact and replayable SOXL/TQQQ evidence bundle integrity validation
  • verify regular files, per-file/aggregate limits, chunked hashes and strict non-self-referential checksums
  • parse JSON/JSONL/CSV structurally with duplicate-key and finite-metrics safeguards

Contract boundary

This PR validates structure only. Success returns bundle_integrity_valid=true and content_safety_status=not_evaluated; it does not authorize persistence, publication, shadow, canary or live use and does not claim arbitrary content is secret-free.

Scope

R0c only. No secret heuristics, producer, broker/account/order, runtime/workflow/deploy, strategy, R1, or new production dependency.

Validation

  • focused tests: 59 passed
  • JSON schema, compileall, ruff, diff-check: passed
  • collection before/after: same 11 pre-existing missing-module errors; no new collection errors
  • budget: 420 changed lines against 94fed8569c5f1b922770f1f731b465d957c77e18 (approved limit 420)

Pigbibi and others added 2 commits July 14, 2026 03:32
Co-Authored-By: Codex <noreply@openai.com>
Co-Authored-By: Codex <noreply@openai.com>
@github-actions

github-actions Bot commented Jul 13, 2026

Copy link
Copy Markdown

🤖 Codex PR Review

🚫 Merge blocked: active blocking history requires independent source-of-truth clearance

⚖️ Codex Review Arbitration

🚫 block: The prior blocking issue is not demonstrably fixed. In the current diff, _parse_checksums still builds expected = sorted(set(REQUIRED_ARTIFACT_FILES) - {"checksums.sha256"}) and rejects any checksum file whose filename column order does not exactly equal that lexicographic list (if [name for name, _ in rows] != expected: _invalid("checksums.sha256 set")). The new test test_checksum_set_and_digest_edges is contract evidence that this behavior remains intentional: it includes list(reversed(valid)) among the cases that must raise EvidenceValidationError. The rest of validate_evidence_bundle validates digests by filename (checksums[name] != digests[name]), so row order is still being enforced as an extra compatibility-breaking constraint rather than being eliminated. With active blocking history and no current finding replacing it, this remains a valid block.

ℹ️ Other Findings

1. 🟡 [MEDIUM] Reliability in src/us_equity_snapshot_pipelines/evidence.py

_open_regular() does os.lstat(path) and then a separate os.open(path, ...). If the path is swapped after the lstat check, the validator can open a FIFO, device, or different inode before fstat() rejects it. In particular, a raced FIFO replacement can block indefinitely on os.open(O_RDONLY), turning validation into a denial-of-service instead of a clean EvidenceValidationError. (line 264)

Suggestion: Pin the bundle root with a directory file descriptor and open children relative to it, and open with non-blocking semantics (O_NONBLOCK) before fstat() so raced non-regular replacements cannot hang the process.

2. 🟡 [MEDIUM] Security in src/us_equity_snapshot_pipelines/evidence.py

The post-open verification only checks S_ISREG and size, so hard-linked artifacts are accepted. That allows a bundle to pass bundle_integrity_valid=true while one or more files are actually aliases of mutable files outside the bundle root, which breaks the advertised self-contained/replayable integrity guarantee and can pull unrelated host data into a 'valid' bundle. (line 266)

Suggestion: Reject artifacts with st_nlink != 1 (or otherwise verify that the opened inode is uniquely owned by the bundle directory) so validation only certifies bytes that are actually contained within the bundle.


Review by Codex PR Review bot • PR

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9121209eb5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/us_equity_snapshot_pipelines/evidence.py Outdated
Co-Authored-By: Codex <noreply@openai.com>
@Pigbibi

Pigbibi commented Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

contract_arbitration.v1 — checksum row ordering

Decision: the current HIGH is a source-of-truth contract conflict, not a demonstrated regression. No code or head change is authorized.

Bound head: e8df36b7673aedcd68f02f883e1773a54a01e80d

Frozen contract evidence:

  1. R0c machine spec bundle_integrity_contract.checksums_rule.order requires checksum rows in strict filename lexicographic order and requires unsorted input to fail closed.
  2. The frozen R0c plan §4.8 states: “必须按 filename 严格字典序;一项一次;最终一个 LF。”
  3. The exact-head regression test_checksum_set_and_digest_edges explicitly includes reversed(valid) among rejected checksum cases.
  4. R0c intentionally defines a deterministic canonical evidence-bundle wire format. It is not accepting arbitrary producer insertion order, and no existing compatible producer contract was identified that permits unordered rows.

Arbitration outcome requested: retain strict lexicographic ordering. General compatibility preference must not override an explicit frozen stage contract and its tests.

This comment authorizes exactly one same-head review refresh as the arbitration step. It does not authorize remediation, reslicing, admin bypass, repeated reruns, or any change to the PR head. If the same head remains blocked, R0c stops as review_infrastructure_blocked and no further code churn is allowed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant