Expand description
Transitions from Failed. Legal events:
LocalRollbackCompleted— agent has executed rollback per manifest policy; drivesFailed → Reverted. Single signed source of truth is the manifest; CP issued no signal (RFC-0005 §4.1).RemoteRollbackComplete— CP mirror sees the same; emitsRemoteInsertQuarantinefor the bad closure on the channel.
For halt-only policy, Failed is terminal — no rollback event
arrives, operator action lifts it via a new signed manifest.
Functions§
- handle 🔒