3jdZddlmZddlmZmZddlmZmZm Z ddl m Z m Z m Z mZmZmZmZdZdZdZeGd d Zd d  dd ZgdZy)uanu_v3.writeback_binding_conflict_guard — write-back role/fallback binding conflict 실 runtime hardening (task-2553+49 AUTHORITATIVE §5.E). 회장 §5.E verbatim: "같은 collector identity 라도 role/fallback binding/owner key 불일치 시 silent skip 금지 -> WRITEBACK_BINDING_CONFLICT 기록 / valid duplicate write-back 만 idempotent SKIP / self-chain write-back 은 completed 불인정." narrow +49 ``audit_writeback_binding_conflict`` 는 role/fallback 만 비교했다. 본 guard 는 그 위에 **owner key 불일치** 와 **self-chain write-back 의 completed 불인정** 을 추가 결선해, write-back 단계가 반드시 경유하는 fail-closed 게이트로 만든다. silent idempotent skip 은 binding 이 완전 일치할 때만 허용. reuse: role/fallback 충돌 판정은 비-frozen ``dispatch.callback_owner_enforcer.audit_writeback_binding_conflict`` 단일 진실원 호출. +44 read-only ledger 는 byte-0 유지. Layer A / NO-CRON: 순수 감사. ZERO cron / dispatch / subprocess / cokacdir. ) annotations) dataclassfield)ListOptionalSequence)FAILPASSWRITEBACK_BINDING_CONFLICTWRITEBACK_IDEMPOTENT_SKIPWRITEBACK_NO_CONFLICT audit_writeback_binding_conflict is_anu_keyz$anu_v3.writeback_binding_conflict.v1"WRITEBACK_SELF_CHAIN_NOT_COMPLETEDWRITEBACK_OWNER_KEY_CONFLICTceZdZUded<ded<ded<ded<ded<ded<d ed <ee Zd ed <edd ZddZ y)WritebackBindingGuardResultstrschemaverdictclassificationtask_idboolconflictcompleted_acknowledgedz List[str]conflicting_fields)default_factoryreasonsc(|jtk(S)N)rr selfs >/home/jay/workspace/anu_v3/writeback_binding_conflict_guard.pyokzWritebackBindingGuardResult.ok7s||t##c |j|j|j|j|j|j t |jt |jdS)Nrrrrrrrr) rrrrrrlistrrr s r"to_jsonz#WritebackBindingGuardResult.to_json;sTkk||"11|| &*&A&A"&t'>'>"?DLL)  r$N)returnr)r)dict) __name__ __module__ __qualname____annotations__rr'rpropertyr#r(r$r"rr,sN K L LN  !!t4GY4 $$  r$rF)"candidate_session_is_executor_selfc ft|| } t|xr||k(} | s| s| s!tttt |dddgdgSt |||||||} | jtk(rItttt|ddt| jt| jdgzS| jtk(r6tttt|ddgt| jdgzStttt|ddgt| jd gzS) uEwrite-back 단계 fail-closed (§5.E). Order of checks (every violation RECORDED, never silent — §5.E): 1. self-chain write-back (owner == executor key, OR owner not an ANU key, OR the producing session is the executor self-session) -> ``WRITEBACK_SELF_CHAIN_NOT_COMPLETED`` (FAIL): a self-chain write-back is NOT acknowledged as completed (회장 §5.E). 2. role / fallback binding conflict over the +44 read-only ledger -> ``WRITEBACK_BINDING_CONFLICT`` (FAIL, conflicting_fields recorded — NOT a silent idempotent skip; §5.E / regression 19). 3. identical idempotency key AND identical binding -> ``WRITEBACK_ IDEMPOTENT_SKIP`` (PASS, valid duplicate; regression 20). 4. no match -> ``WRITEBACK_NO_CONFLICT`` (PASS, normal new write-back). TFzowner_key/self_sessionuself-chain write-back (owner key == executor key / not an independent ANU key / executor self-session) — NOT acknowledged as completed; recorded, never a silent skip (회장 §5.E).r&)r dispatch_idchat_idnormal_collector_cron_idcandidate_rolecandidate_fallback_cron_idu{binding conflict is RECORDED as WRITEBACK_BINDING_CONFLICT — silent idempotent skip is FORBIDDEN (§5.E / regression 19).uvalid duplicate write-back (identical idempotency key AND identical role/fallback binding, owner=independent ANU) — idempotent SKIP only (§5.E / regression 20).z;normal new write-back, owner=independent ANU (no conflict).)rrr GUARD_SCHEMAr rrrr r'rrr r r )historyrr3r4r5r6r7candidate_owner_key executor_keyanu_keysr1 owner_is_anuowner_is_executorbases r"guard_writeback_bindingr@Hsj:18rHs(#(++6 &J"=     N05h hh h  h , hh!.hhhh)-h!hV r$