Docs/sync gate order and pr template

.github/pull_request_template.md

@@ -9,11 +9,27 @@
 
 - ABI (`ci-gate-abi`):
 - Boundary (`ci-gate-boundary`):
+- Ring0 Exports (`ci-gate-ring0-exports`):
+- Hygiene (`ci-gate-hygiene`):
 - Tooling Isolation (`ci-gate-tooling-isolation`):
 - Constitutional (`ci-gate-constitutional`):
-- Workspace (`ci-gate-workspace`):
-- Hygiene (`ci-gate-hygiene`):
+- Governance Policy (`ci-gate-governance-policy`):
+- Drift Activation (`ci-gate-drift-activation`):
+- Structural ABI (`ci-gate-structural-abi`):
+- Runtime Marker Contract (`ci-gate-runtime-marker-contract`):
+- User Bin Lock (`ci-gate-user-bin-lock`):
+- Embedded ELF Hash (`ci-gate-embedded-elf-hash`):
 - Performance (`ci-gate-performance`):
+- Ring3 Execution Phase10a2 (`ci-gate-ring3-execution-phase10a2`):
+- Syscall Semantics Phase10b (`ci-gate-syscall-semantics-phase10b`):
+- Scheduler Mailbox Phase10c (`ci-gate-scheduler-mailbox-phase10c`, conditional `PHASE10C_ENFORCE=1`):
+- Mailbox Capability Negative (`ci-gate-mailbox-capability-negative`):
+- Workspace (`ci-gate-workspace`):
+- Syscall v2 Runtime (`ci-gate-syscall-v2-runtime`):
+- Sched Bridge Runtime (`ci-gate-sched-bridge-runtime`):
+- Behavioral Suite (`ci-gate-behavioral-suite`):
+- Policy Accept (`ci-gate-policy-accept`):
+- Kill-Switch Phase13 (`ci-kill-switch-phase13`):
 - Summary (`ci-summarize`):
 
 ## Tooling Isolation Guard
@@ -42,5 +58,5 @@ If this PR claims `Completed/Production-ready`, all must be true:
 
 ## Notes
 
-- Planned gates may be hard-fail stubs during freeze hardening.
+- Conditional gate `ci-gate-scheduler-mailbox-phase10c` only runs when `PHASE10C_ENFORCE=1`.
 - Do not merge feature work into mainline during active freeze.

ARCHITECTURE_FREEZE.md

@@ -72,11 +72,11 @@ Bu belge, AykenOS execution-centric mimarisini mimari borç üretmeden kalıcı
 - **Justification:** Mandatory for Allow/Waiver
 
 #### CI Enforcement Pipeline
-- **Gates:** ABI, Boundary, Ring0 Exports, Hygiene, Tooling Isolation, Constitutional, Governance Policy, Drift Activation, Workspace, Syscall v2 Runtime, Sched Bridge Runtime, Performance
+- **Gates:** ABI, Boundary, Ring0 Exports, Hygiene, Tooling Isolation, Constitutional, Governance Policy, Drift Activation, Structural ABI, Runtime Marker Contract, User Bin Lock, Embedded ELF Hash, Performance, Ring3 Execution Phase10a2, Syscall Semantics Phase10b, Phase10C Gate (conditional), Mailbox Capability Negative, Workspace, Syscall v2 Runtime, Sched Bridge Runtime, Behavioral Suite, Policy Accept, Kill-Switch Phase13
 - **Bypass:** Prohibited (no exceptions)
-- **Repo Truth (2026-02-25):**
-  - Implemented: `ci-gate-abi`, `ci-gate-boundary`, `ci-gate-ring0-exports`, `ci-gate-hygiene`, `ci-gate-tooling-isolation`, `ci-gate-constitutional`, `ci-gate-governance-policy`, `ci-gate-drift-activation`, `ci-gate-workspace`, `ci-gate-syscall-v2-runtime`, `ci-gate-sched-bridge-runtime`, `ci-gate-performance`, `ci-summarize`
-  - Planned (hard-fail stubs): none
+- **Repo Truth (2026-03-16):**
+  - Implemented: `ci-gate-abi`, `ci-gate-boundary`, `ci-gate-ring0-exports`, `ci-gate-hygiene`, `ci-gate-tooling-isolation`, `ci-gate-constitutional`, `ci-gate-governance-policy`, `ci-gate-drift-activation`, `ci-gate-structural-abi`, `ci-gate-runtime-marker-contract`, `ci-gate-user-bin-lock`, `ci-gate-embedded-elf-hash`, `ci-gate-performance`, `ci-gate-ring3-execution-phase10a2`, `ci-gate-syscall-semantics-phase10b`, `ci-gate-mailbox-capability-negative`, `ci-gate-workspace`, `ci-gate-syscall-v2-runtime`, `ci-gate-sched-bridge-runtime`, `ci-gate-behavioral-suite`, `ci-gate-policy-accept`, `ci-kill-switch-phase13`
+  - Conditional: `ci-gate-scheduler-mailbox-phase10c` (PHASE10C_ENFORCE=1)
   - Strict suite entrypoint: `make ci-freeze`
 
 #### CI Mode: Constitutional Default + Provisional Compatibility
@@ -593,22 +593,15 @@ This gate enforces activation requirement only. Drift detection and N-run persis
 7. ✅ Performance baseline established
 8. ✅ Repo clean baseline created
 
-**Current Status (2026-02-25):**
-- ✅ Boundary gate implementation active (`make ci-gate-boundary`)
-- ✅ Hygiene gate implementation active (`make ci-gate-hygiene`)
-- ✅ Tooling isolation gate implementation active (`make ci-gate-tooling-isolation`)
-- ✅ ABI gate implementation active (`make ci-gate-abi`)
-- ✅ Constitutional gate implementation active (`make ci-gate-constitutional`)
-- ✅ Governance policy gate implementation active (`make ci-gate-governance-policy`)
-- ✅ Drift activation gate implementation active (`make ci-gate-drift-activation`)
-- ✅ Workspace gate implementation active (`make ci-gate-workspace`)
-- ✅ Syscall v2 runtime gate implementation active (`make ci-gate-syscall-v2-runtime`)
-- ✅ Sched bridge runtime gate implementation active (`make ci-gate-sched-bridge-runtime`)
-- ✅ Performance gate implementation active (`make ci-gate-performance`)
-- ✅ Summary gate active (`make ci-summarize`, auto-discovery)
-- ✅ Evidence schema active (`evidence/run-<RUN_ID>/reports/summary.json`)
-- 🔄 Performance baseline initialization/lock commit required (`PERF_INIT_BASELINE=1`)
-- 🔄 Remaining entry criteria tracked in roadmap and CI backlog
+**Current Status (2026-03-16):**
+- ✅ All CI gates active and passing (23-gate ci-freeze chain)
+- ✅ Phase-10 runtime: OFFICIALLY CLOSED (remote CI run `22797401328`)
+- ✅ Phase-11 verification substrate: OFFICIALLY CLOSED (remote CI run `22797401328`)
+- ✅ Phase-12 trust layer: OFFICIALLY CLOSED (remote CI run `23099070483`, PR #62)
+- ✅ Phase-13 kill-switch gates: 6/6 PASS (tag `phase13-kill-switch-gates-pass` at `0ec4bb5e`)
+- ✅ `CURRENT_PHASE=12` formal transition completed (`0adb2a84`)
+- ✅ Performance baseline lock committed and active
+- 🔄 Phase-13 boundary hardening: active workstream
 
 ---
 
@@ -813,18 +806,19 @@ This document is **binding** and **enforceable** through CI gates.
 
 ## 16. Document Control
 
-**Version:** 1.4  
+**Version:** 1.5  
 **Status:** ACTIVE  
 **Effective Date:** 2026-02-13  
 **Review Date:** Bi-weekly  
-**Last Review:** 2026-03-02  
-**Next Review:** 2026-03-16  
+**Last Review:** 2026-03-16  
+**Next Review:** 2026-03-30  
 **Approval Authority:** AykenOS Architecture Board  
 **Document Owner:** Kenan AY
 
 **Revision History:**
 | Version | Date | Author | Changes |
 |---------|------|--------|---------|
+| 1.5 | 2026-03-16 | Kenan AY | CI gate list updated to 23-gate chain; Phase-10/11/12 closure status; Phase-13 kill-switch PASS |
 | 1.4 | 2026-03-02 | Kenan AY | Status update: Phase 10-A1 complete, Phase 10-A2 in progress |
 | 1.3 | 2026-02-25 | Kenan AY | Added ci-gate-drift-activation gate documentation |
 | 1.2 | 2026-02-22 | Kenan AY | Added ci-gate-sched-bridge-runtime gate documentation |

Makefile

@@ -760,8 +760,27 @@ preflight-mode-guard:
 		exit 2; \
 	fi
 
+# Phase-13 kill-switch gate suite
+# Enforces distributed verification boundaries, proof integrity,
+# observability isolation, and reputation prohibition.
+# These gates are CI cluster workloads - not run in pre-ci discipline.
+ci-kill-switch-phase13: \
+	ci-gate-proof-receipt \
+	ci-gate-proof-verdict-binding \
+	ci-gate-verifier-authority-resolution \
+	ci-gate-cross-node-parity \
+	ci-gate-proofd-service \
+	ci-gate-proofd-observability-boundary \
+	ci-gate-graph-non-authoritative-contract \
+	ci-gate-convergence-non-election-boundary \
+	ci-gate-diagnostics-consumer-non-authoritative-contract \
+	ci-gate-diagnostics-callsite-correlation \
+	ci-gate-observability-routing-separation \
+	ci-gate-verifier-reputation-prohibition
+	@echo "Phase-13 kill-switch gates: ALL PASS"
+
 ci-freeze: PHASE10C_C2_STRICT=1
-ci-freeze: ci-freeze-guard preflight-mode-guard ci-gate-abi ci-gate-boundary ci-gate-ring0-exports ci-gate-hygiene ci-gate-tooling-isolation ci-gate-constitutional ci-gate-governance-policy ci-gate-drift-activation ci-gate-structural-abi ci-gate-runtime-marker-contract ci-gate-user-bin-lock ci-gate-embedded-elf-hash ci-gate-performance ci-gate-ring3-execution-phase10a2 ci-gate-syscall-semantics-phase10b $(PHASE10C_FREEZE_GATE) ci-gate-mailbox-capability-negative ci-gate-workspace ci-gate-syscall-v2-runtime ci-gate-sched-bridge-runtime ci-gate-behavioral-suite ci-gate-policy-accept
+ci-freeze: ci-freeze-guard preflight-mode-guard ci-gate-abi ci-gate-boundary ci-gate-ring0-exports ci-gate-hygiene ci-gate-tooling-isolation ci-gate-constitutional ci-gate-governance-policy ci-gate-drift-activation ci-gate-structural-abi ci-gate-runtime-marker-contract ci-gate-user-bin-lock ci-gate-embedded-elf-hash ci-gate-performance ci-gate-ring3-execution-phase10a2 ci-gate-syscall-semantics-phase10b $(PHASE10C_FREEZE_GATE) ci-gate-mailbox-capability-negative ci-gate-workspace ci-gate-syscall-v2-runtime ci-gate-sched-bridge-runtime ci-gate-behavioral-suite ci-gate-policy-accept ci-kill-switch-phase13
 	@echo "Freeze CI suite completed successfully!"
 
 # Local freeze (skip performance and tooling-isolation gates for development)
@@ -828,10 +847,14 @@ ci-gate-boundary: ci-evidence-dir
 	@echo "== CI GATE BOUNDARY =="
 	@echo "run_id: $(RUN_ID)"
 	@echo "targets: $(CI_TARGETS)"
-	@rm -f "$(KERNEL_ELF)" "$(EVIDENCE_RUN_DIR)/artifacts/kernel.map"
-	@if echo "$(MAKEFLAGS)" | grep -Eq '(^|[[:space:]])n($$|[[:space:]])|--just-print|--dry-run|--recon'; then \
+	@if [ "$(PRE_CI_MODE)" = "1" ] && [ -f "$(KERNEL_ELF)" ]; then \
+		echo "pre_ci_mode: SKIP rebuild (existing artifact: $(KERNEL_ELF))"; \
+		mkdir -p "$(EVIDENCE_RUN_DIR)/logs"; \
+		echo "PRE_CI_MODE=1: skipped kernel rebuild, using existing artifact" > "$(EVIDENCE_RUN_DIR)/logs/build.log"; \
+	elif echo "$(MAKEFLAGS)" | grep -Eq '(^|[[:space:]])n($$|[[:space:]])|--just-print|--dry-run|--recon'; then \
 		echo "DRY-RUN: skipping boundary kernel build invocation"; \
 	else \
+		rm -f "$(KERNEL_ELF)" "$(EVIDENCE_RUN_DIR)/artifacts/kernel.map"; \
 		mkdir -p "$(EVIDENCE_RUN_DIR)/logs"; \
 		$(MAKE) KERNEL_PROFILE=validation KERNEL_MAP="$(EVIDENCE_RUN_DIR)/artifacts/kernel.map" guard-context-offsets kernel > "$(EVIDENCE_RUN_DIR)/logs/build.log" 2>&1; \
 	fi
@@ -1795,7 +1818,7 @@ ci-gate-decision-switch-phase45: ci-evidence-dir
 	@$(MAKE) ci-summarize RUN_ID=$(RUN_ID) EVIDENCE_ROOT=$(EVIDENCE_ROOT)
 	@echo "OK: decision-switch-phase45 evidence at evidence/gate-4.5-decision-switch-proof/$(RUN_ID)"
 
-ci-gate-policy-proof-regression: ci-gate-policy-accept ci-gate-decision-switch-phase45
+ci-gate-policy-proof-regression: ci-kill-switch-phase13 ci-gate-policy-accept ci-gate-decision-switch-phase45
 	@echo "OK: policy-proof regression suite passed (Gate-4 + Gate-4.5)"
 
 ci-gate-performance: ci-evidence-dir