rodin/model-research
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
64fdfebed352f564ea657835ae490cb2dc925c5b
model-research/findings/2026-05-07-41-temporal-ordering-dependency-analysis.md
T
claw a65c471a3f finding 41: temporal ordering dependency analysis on kill-switch.md 
New analytical lens testing whether models can identify sequential operations
where order matters but isn't mechanically enforced. GPT-5 finds systemic
gaps (WHY ordering matters), Opus finds inverted dangers (WHICH direction
is dangerous), Sonnet identifies themes without unique depth.
2026-05-07 12:47:03 -07:00

6.5 KiB
Raw Blame History

Finding 41: Temporal Ordering Dependency Analysis

Date: 2026-05-07 Document: gargoyle kill-switch.md (293 lines) Analytical lens: Temporal ordering dependencies — places where operations are described sequentially but nothing mechanically enforces that ordering

Experiment Design

Task: Identify places where the document assumes operations happen in a specific sequence but doesn't mechanically enforce it, and where reordering (due to crashes, async events, operator timing, or message ordering) would violate correctness.

Key distinction from race condition analysis: This is about SEQUENTIAL operations where order matters but isn't guaranteed — not about truly concurrent events.

Prompt structure: Specified 5 focus areas (multi-step engagement/disengagement, cross-component coordination, recovery/restart, operator timing, event vs state ordering). Required per-finding format (dependency, assumed ordering, enforcement gap, violation scenario, impact). Excluded single-component bugs, hardware failures, pure race conditions.

Models: GPT-5, Claude Opus 4.6, Claude Sonnet 4.6 via HAI proxy. No tools, no project context beyond the document itself. Single prompt, no conversation history.

Results

Model Time Output tokens Reasoning tokens Findings
GPT-5 122s 12,437 9,856 12
Claude Opus 4.6 70s 2,903 (internal) 9
Claude Sonnet 4.6 24s 1,231 (internal) 7

Common Ground (all 3 identified)

  • Persistence write before decision engine termination (crash recovery gap)
  • Decision engine termination vs acceptance policy update ordering
  • Acceptance policy change before order cancellations
  • Event emission vs state change visibility
  • Application restart: components starting before kill state loads
  • Restrict→liquidate transition without state verification enforcement

GPT-5 Unique Findings

  1. Acceptance policy authority conflict: OM's "blind enforcement" + "other sources can set policy" = no lock/lease/priority prevents a risk monitor clearing a transient alert and setting OM back to "open" during engagement. Ordering matters BECAUSE no coordination exists.
  2. Global vs per-user write ordering: OM doesn't distinguish sources. Per-user "open" arriving after global "engage" wins (last-writer-wins). No composite policy computation.
  3. Disengage: policy open before operator release: If release fires before OM applies open policy, restarted engine's orders are rejected — false start.
  4. Cancel-all position snapshot timing: Liquidation "load all positions" doesn't wait for fill/cancel events from step 1 to be ingested — sizing is wrong.
  5. Event ordering: per-user disengage vs global engage: User lifecycle processes events in delivery order, not logical order — could remove user from pending-release during active global kill.
  6. OM-unavailable: pending cancel-all not re-driven on recovery: If OM was down during engagement, cancels never fired and nothing persists a "cancel-all pending" instruction.

Claude Opus Unique Findings

  1. Close-only policy accepts dying engine's close orders (THE insight): Everyone worries about reject-all blocking cancels, but LIQUIDATE mode's close-only policy is the dangerous one — a strategy generating a close signal during the termination window gets it accepted. "A dying-but-not-yet-dead decision engine makes a trading decision that passes the relaxed acceptance policy." Safety mechanism becomes vulnerability.
  2. OM restart: queued messages vs policy initialization: Messages from the (terminated) decision engine sit in OM's inbound queue. Queue drain may begin before policy initialization completes, allowing zombie orders through.
  3. Cold-start reconciliation gate vs market data: After release, policy is "open" but reconciliation hasn't verified positions. Market data feed (which survived engagement) delivers ticks; engine may generate signals against stale positions before reconciliation completes.

Claude Sonnet Assessment

  • Identified all common-ground themes (7 findings) with correct structure
  • No unique findings beyond what the other models found
  • Vaguer violation scenarios ("brief window" without specific interleavings)
  • Muted severity assessments ("inconsistent audit trail" where others saw "financial exposure")
  • Good for quick sanity check; not for deep temporal analysis

Key Insights

GPT-5 reasons about WHY ordering matters (not just THAT it matters)

GPT-5's distinctive contribution: several findings (#5, #6, #11, #12) identify temporal issues arising not from incorrect sequencing of correctly-designed operations, but from the ABSENCE of mechanisms that would make ordering irrelevant.

"Global always wins" is a temporal ordering assumption only because no composite policy computation exists. If OM computed effective policy from all sources, ordering wouldn't matter. GPT-5 identifies these "ordering matters because architecture is incomplete" findings — a level deeper than "A must happen before B."

Opus's inversion insight

Opus finding #2 (close-only accepting dying engine's close orders) inverts the obvious concern direction. Everyone thinks "reject-all is dangerous for ordering" (blocks cancels). Opus finds LIQUIDATE mode is more dangerous temporally because it permits a SUBSET of automated orders — and a dying engine could produce exactly that subset. Consistent with Opus's pattern: finding where safety mechanisms become vulnerabilities.

Task-type positioning

"Temporal ordering dependency analysis" sits between assumption-finding and race conditions:

  • Closer to assumptions (what must be true about sequencing?) → Sonnet performs adequately
  • Further from races (what happens with truly concurrent events?) → Sonnet doesn't fail
  • GPT-5 and Opus both excel but at different aspects (systemic gaps vs inverted dangers)

Practical Implications

For temporal ordering analysis on architecture docs:

  • GPT-5: exhaustive coverage + systemic insights (why does ordering matter?)
  • Opus: inverted/non-obvious ordering dangers (which direction is actually dangerous?)
  • Sonnet: adequate sanity check but zero unique insights
  • Total unique findings after deduplication: ~15 distinct temporal dependencies from 293 lines

Model Hierarchy for This Task Type

  1. GPT-5 — broadest, identifies systemic ordering issues + missing mechanisms (12 findings)
  2. Opus — fewer but includes the architecturally most significant insight (9 findings)
  3. Sonnet — correct themes, no unique depth, fast/cheap (7 findings)
Reference in New Issue View Git Blame Copy Permalink