LalaSkye · LalaSkye · Feb 22, 2026 · Feb 22, 2026 · Feb 22, 2026 · Feb 22, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,29 +1,35 @@
 name: CI
-
 on:
   push:
     branches: [main]
   pull_request:
     branches: [main]
-
 jobs:
   test:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         python-version: ["3.10", "3.11", "3.12"]
-
     steps:
       - uses: actions/checkout@v4
-
       - name: Set up Python ${{ matrix.python-version }}
         uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}
-
       - name: Install dependencies
         run: pip install pytest
-
+      - name: Drift alarm - no StopMachine class in primitives
+        run: |
+          if grep -rn "class StopMachine" primitives/; then
+            echo "DRIFT DETECTED: StopMachine class found in primitives/"
+            exit 1
+          fi
+      - name: Drift alarm - no Gate implementation in primitives
+        run: |
+          if grep -rn "class.*Gate" primitives/authority-gate-v0/ primitives/stop-machine-v0/; then
+            echo "DRIFT DETECTED: Gate class found in v0 folders"
+            exit 1
+          fi
       - name: Run primitive tests
         run: python -m pytest primitives -v
       - name: Run root tests

diff --git a/examples/demo_authority_gate.py b/examples/demo_authority_gate.py
diff --git a/examples/demo_stop_machine.py b/examples/demo_stop_machine.py
diff --git a/primitives/authority-gate-v0/README.md b/primitives/authority-gate-v0/README.md
@@ -1,37 +1,8 @@
-# AuthorityGate
+NON-CANONICAL LEGACY (V0). Canonical: [constraint-workshop](https://github.com/LalaSkye/constraint-workshop) @ `70ed2c9`.
 
-A tiny, deterministic wrapper that makes **execution require explicit authority**.
+This folder contains a **non-functional stub** that raises `RuntimeError` on import.
+The canonical `AuthorityGate` implementation lives in
+[constraint-workshop/authority_gate.py](https://github.com/LalaSkye/constraint-workshop/blob/main/authority_gate.py).
 
-## Invariants (all tested)
-
-| Invariant | Meaning | Tested |
-|---|---|:--:|
-| Determinism | Same inputs => same allow/deny + same history | Yes |
-| Monotonicity | Higher authority never loses permissions | Yes |
-| Auditability | Every call records {required, provided, allowed} | Yes |
-
-## Authority levels
-
-Ordered (weak to strong):
-
-- `NONE`
-- `USER_CONFIRMED`
-- `OWNER_CONFIRMED`
-- `ADMIN_APPROVED`
-
-## Why this matters
-
-Most "governance" documents talk about approval, but runtime systems still execute on vibes.
-This primitive forces the missing mechanical step: **no explicit authority, no execution**.
-
-## Quickstart
-
-```bash
-python -m pytest primitives/authority-gate -v
-```
-
-## Scope
-
-- No policy engine.
-- No orchestration logic.
-- No opinions.
+Do not modify this folder. Update the canonical source instead.
+See [CANONICAL.md](../../CANONICAL.md) for details.
diff --git a/primitives/authority-gate-v0/gate.py b/primitives/authority-gate-v0/gate.py
@@ -1,47 +1,11 @@
-"""AuthorityGate -- deterministic authority wrapper.
+"""NON-CANONICAL STUB — do not use.
 
-Execution requires explicit authority. No implicit permissions.
-Authority levels are ordered: NONE < USER_CONFIRMED < OWNER_CONFIRMED < ADMIN_APPROVED.
+Canonical source: https://github.com/LalaSkye/constraint-workshop
+Canonical file:   authority_gate.py
+Pinned commit:    70ed2c9
 """
-from __future__ import annotations
-
-from dataclasses import dataclass, field
-from enum import IntEnum
-from typing import Any, Callable, List
-
-
-class Authority(IntEnum):
-    NONE = 0
-    USER_CONFIRMED = 1
-    OWNER_CONFIRMED = 2
-    ADMIN_APPROVED = 3
-
-
-@dataclass(frozen=True)
-class Decision:
-    required: Authority
-    provided: Authority
-    allowed: bool
-
-
-@dataclass
-class AuthorityGate:
-    """Deterministic authority gate. No implicit permissions."""
-
-    required: Authority = Authority.USER_CONFIRMED
-    _history: List[Decision] = field(default_factory=list)
-
-    def call(self, fn: Callable[..., Any], *args: Any, authority: Authority, **kwargs: Any) -> Any:
-        """Execute *fn* only if authority >= required. Pure comparison."""
-        allowed = authority >= self.required
-        self._history.append(Decision(self.required, authority, allowed))
-        if not allowed:
-            raise PermissionError(f"authority {authority.name} < required {self.required.name}")
-        return fn(*args, **kwargs)
-
-    @property
-    def history(self) -> List[Decision]:
-        return list(self._history)
-
-    def is_satisfied(self, authority: Authority) -> bool:
-        return authority >= self.required
+raise RuntimeError(
+    "This is a non-canonical legacy stub (v0). "
+    "The canonical AuthorityGate lives in constraint-workshop @ commit 70ed2c9. "
+    "See: https://github.com/LalaSkye/constraint-workshop/blob/main/authority_gate.py"
+)
diff --git a/primitives/authority-gate-v0/test_gate.py b/primitives/authority-gate-v0/test_gate.py
@@ -1,51 +1,14 @@
-# primitives/authority-gate/test_gate.py
-
+"""Stub test: confirms the v0 authority_gate raises RuntimeError on import."""
 import pytest
-from gate import Authority, AuthorityGate
-
-ALL = list(Authority)
-
-
-def add(a, b):
-    return a + b
-
-
-def test_determinism_replay_history_and_result():
-    g1 = AuthorityGate(required=Authority.OWNER_CONFIRMED)
-    g2 = AuthorityGate(required=Authority.OWNER_CONFIRMED)
-    seq = [Authority.NONE, Authority.USER_CONFIRMED, Authority.OWNER_CONFIRMED, Authority.ADMIN_APPROVED]
-    out1, out2 = [], []
-    for a in seq:
-        try:
-            out1.append(g1.call(add, 1, 2, authority=a))
-        except PermissionError:
-            out1.append("DENY")
-        try:
-            out2.append(g2.call(add, 1, 2, authority=a))
-        except PermissionError:
-            out2.append("DENY")
-    assert out1 == out2
-    assert g1.history == g2.history
-
-
-@pytest.mark.parametrize("required", ALL)
-@pytest.mark.parametrize("provided", ALL)
-def test_monotonicity_authority_required_is_threshold(required, provided):
-    g = AuthorityGate(required=required)
-    ok = provided >= required
-    assert g.is_satisfied(provided) is ok
-    if ok:
-        assert g.call(add, 2, 3, authority=provided) == 5
-    else:
-        with pytest.raises(PermissionError):
-            g.call(add, 2, 3, authority=provided)
-
-
-def test_history_records_decisions_in_order():
-    g = AuthorityGate(required=Authority.USER_CONFIRMED)
-    with pytest.raises(PermissionError):
-        g.call(add, 1, 1, authority=Authority.NONE)
-    assert g.call(add, 1, 1, authority=Authority.USER_CONFIRMED) == 2
-    assert len(g.history) == 2
-    assert g.history[0].allowed is False
-    assert g.history[1].allowed is True
+import importlib.util
+import sys
+from pathlib import Path
+
+
+def test_import_authority_gate_v0_raises():
+    """Importing the v0 stub must raise RuntimeError."""
+    stub = Path(__file__).resolve().parent / "gate.py"
+    spec = importlib.util.spec_from_file_location("gate_v0_stub", stub)
+    mod = importlib.util.module_from_spec(spec)
+    with pytest.raises(RuntimeError, match="non-canonical legacy stub"):
+        spec.loader.exec_module(mod)
diff --git a/primitives/stop-machine-v0/README.md b/primitives/stop-machine-v0/README.md
@@ -1,60 +1,8 @@
-# StopMachine
+NON-CANONICAL LEGACY (V0). Canonical: [constraint-workshop](https://github.com/LalaSkye/constraint-workshop) @ `3780882`.
 
-Deterministic finite-state stop controller.
+This folder contains a **non-functional stub** that raises `RuntimeError` on import.
+The canonical `StopMachine` implementation lives in
+[constraint-workshop/stop_machine.py](https://github.com/LalaSkye/constraint-workshop/blob/main/stop_machine.py).
 
-```
-Inputs (events) ──▶ [ StopMachine ] ──▶ Output state
-
-                       GREEN
-                        │
-                        ▼
-                       AMBER
-                        │
-                        ▼
-                       RED   (terminal, absorbing)
-```
-
-- **RED is terminal** (cannot be bypassed)
-- **Transition table is explicit** (no hidden behaviour)
-- **Determinism is tested** (replay stable)
-
-## Invariants (all tested)
-
-| Invariant | Meaning | Tested |
-|---|---|:--:|
-| Determinism | Same state + same event => same next state; replay is stable | ✅ |
-| Absorption | RED is terminal: (RED, *) -> RED | ✅ |
-| Completeness | Every (State, Event) pair exists in the table | ✅ |
-| Monotonicity | WARN and STOP never decrease severity (GREEN < AMBER < RED) | ✅ |
-
-## Full transition table
-
-| Current | TICK | WARN | STOP | RESET |
-|---|---|---|---|---|
-| GREEN | GREEN | AMBER | RED | GREEN |
-| AMBER | AMBER | AMBER | RED | GREEN |
-| RED | RED | RED | RED | RED |
-
-**The table is the implementation. There is no branching logic.**
-
-## Why this matters
-
-In real systems, "optimisation" often means adding behaviour without tightening failure modes. This primitive does the opposite: it makes **stop-rights** explicit, deterministic, and testable.
-
-- You can replay decisions and get identical results.
-- You can prove terminal behaviour (absorption) rather than hoping it holds.
-- You can inspect the entire behavioural surface area in one table.
-
-## Quickstart
-
-```bash
-cd primitives/stop-machine
-pip install pytest
-pytest test_stop_machine.py -v
-```
-
-## Scope
-
-- No orchestration logic.
-- No selection logic.
-- No opinions.
+Do not modify this folder. Update the canonical source instead.
+See [CANONICAL.md](../../CANONICAL.md) for details.