feat(tally): add resilient truth-layer integration#28
Conversation
|
@codex review Please review this Tally/DSC change set with special attention to credential zeroization, endpoint validation, durable snapshot recovery, exact proof/count binding, migration compatibility, and truthful live-support claims. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 208273e762
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6d1e4271e5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7324b0e7d3
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1ee600aa8a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review Please review latest head |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 969027bda7
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review Latest head is now |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f03dbf7b33
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review Please review exact head |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2d3572327b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review Please review exact head |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fd820b90b8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review Please review exact head |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: d61ee20f78
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review Please review exact head |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f1fe337e3b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| terminal_safe_reason_code = CASE WHEN started_at_unix_ms > ?1 \ | ||
| THEN 'local_clock_moved_backwards' ELSE NULL END \ |
There was a problem hiding this comment.
Replay rollback evidence before sealing terminal proof
When attempt creation succeeds but the durable state-ref save is lost, and the wall clock subsequently moves behind the attempt start while remaining after the overall run start, an early restart exit such as cancellation or a capability failure builds its terminal proof before this update discovers the rollback. The update persists local_clock_moved_backwards, but commit_batch returns no such evidence to the already-built proof, and the now-terminal state is never resumed to replay it, so the proof incorrectly omits the clock-integrity gap. Recover or abandon owner-bound open attempts before preparing any terminal decision, or otherwise incorporate this detected reason into the proof being committed.
Useful? React with 👍 / 👎.
Functional summary
Bridge now has a local-first Tally Truth Layer with explicit capability truth states, company-bound read authority, encrypted mirror storage, adaptive/resumable Core Accounting snapshots, reconciliation proofs and gap maps, incremental policy foundations, a privacy-reduced operator console, portable read/runtime/protocol crates, synthetic qualification, and fail-closed compatibility claims.
The implementation is intentionally honest about current evidence: all 11 compatibility cells remain
unknown; no live write behavior or unsupported product/profile claim is inferred without reviewed authority.Review closure
All 25 Codex inline findings are fixed, replied to, and resolved. The final multi-agent authority audit is also clean after
f1fe337, which adds:CommitPendingproof recovery for already-committed lost acknowledgments;Unsupportedclaim and fabricated Unsupported receipts cannot seal;Validation
Final local Windows evidence for commit
f1fe337e3b73dc9c223ff0141c9010d6c057dc02:cargo fmt --all -- --checkcargo test --locked --workspace: 196/196 root tests plus every workspace integration and doc test passedcargo clippy --locked --workspace --all-targets -- -D warningspnpm run build: 3/3 frontend transition tests, TypeScript, and Vite production build passedpnpm run tally:live-read-boundary: sealed across 122 normal packagespnpm run license:all: 5 frontend and 369 Rust locked components reconciledunknown_claims=11:evidenced_claims=03af3def7be6ebf2c34c081fd7c8b886db7c65d6bee6b4de219fb6192a989f212Final-head GitHub Windows/macOS CI and dependency review are monitored below; merge remains blocked until required checks and the requested Codex review are clean.
Migration and rollback impact
Security impact
STATUS=0, fixture/context/sentinel/parser/malformed-response, and transport failures remainFailed; they cannot become product incompatibility claims.Completed review checklist