{"hash":"f048d1efa3d177d2b0515ab26975ab5916722e2be587d899736c6c5e2f6baeae","short_code":"2026-05-12T22:42:00+00:00","title":"PERMIT — surface_authority for lightsail_kernel (10 governed files: kernel + boot guard + systemd unit; supersedes d085113e to add guard + unit + their block_hashes)","kind":"surface_authority","principal":"doctortheisen","scope_tag":"lightsail_kernel","tier":"architect","issued_at":"2026-05-12T22:42:00+00:00","expires_at":"","surface":"espadvisorygroup.com Lightsail FastAPI kernel + boot guard + systemd unit","chain_hash":"","conditions":[["polymorphic_typed_hole","Each GOVERNED_FILES entry is a polymorphic-position list-of-lists with slots: path (string, abs OR rel-to-KERNEL_DIR), sha256, bytes, kernel_code_block (string hash OR [[]] typed hole). Boot guard handles abs vs rel paths via resolve_path()."],["captured_at","2026-05-12T22:18Z (8 originals) + 2026-05-12T22:34Z (guard) + 2026-05-12T22:38Z (unit)"],["bytes_total_governed",56297],["governance_invariant","Identity-via-name doesn't transfer approval; identity-via-hash does. New sha256 in any GOVERNED_FILE invalidates this SIGNOFF for that file. Boot guard runs at ExecStartPre time and refuses uvicorn boot on any drift/missing/unreadable result."],["self_governing_guard","kernel_guard.py is itself in GOVERNED_FILES — guard cannot be silently swapped. If someone replaces the guard with a no-op, the legitimate-guard's last successful boot attested the swap-target's old sha; new guard's sha won't match, boot refuses, system halts in a known state."],["unfilled_blocks_pending","6 of 10 entries carry [[]] in kernel_code_block — content not yet in register. Filled at next edit cycle (KERNEL_CODE mint precedes scp per fb9ac14a, then supersede this authority). Acceptable interim state; surfaces in reconstitute test (criterion reconstitute_test_passes) if not filled by then."],["deployment_pending","All 10 entries reference the CURRENT disk state, but none of these mints have been federated to Lightsail register.db yet. Federation pathway investigation deferred per operator. Boot guard, when shipped + wired into systemd ExecStartPre, would FAIL until the authority block + KERNEL_CODE blocks federate to /home/admin/register.db."]],"hash_short":"f048d1efa3d1","register_source":"espadvisorygroup_sister","register_genesis":"f3363f614347023565e0916ed13eff0c6ca42d830b60f2a56c56612975b2f91c","federation_note":"v_permit row from sister register; mint event sha256 preserved in main FIELD.db; bundler declaration at 110b3009"}