OpenXR Signer Review Deck Shows Stale Contract Revision After Correction Packet - Query Pack Refresh Fix

Your team published a correction packet, marked the previous assurance contract as superseded, and updated archive records. Then the signer review deck still shows the old contract revision on slide 2. The review call becomes a trust problem: the archive says one thing, the deck says another.

This issue is spiking in 2026 Quest OpenXR operations because teams now run formal post-verification governance with correction packets, short revalidation windows, and downstream owner re-acknowledgement. Fast release cadence and partial deck refresh habits make stale contract references easier to ship than before.

If your deck includes any claim not regenerated from the newest archive snapshot, you can pass internal checks while failing signer confidence. The fix is to treat the query pack and deck footnotes as one deterministic pipeline, not a manual slide editing task.

Why this issue shows up now

Three current workflow changes make this more common:

• More teams are using append-only lineage plus correction packets, so contract state changes after initial verification close are normal.
• Signer requests happen across multiple audiences (release, analytics, support, external partner), and each asks for a slightly different cut of the same truth.
• Teams patch deck text quickly after hotfixes, but skip query regeneration and hash-linked footnote updates.

That combination produces stale contract claims even when raw archive data is correct.

Problem

Typical symptoms:

• deck says contract_revision_id=rev_2026_04_a while archive marks it superseded by rev_2026_04_b
• correction packet appears in storage, but no slide references its correction_id
• two slides disagree on active decision state (retain versus patch-contract)
• signer asks for evidence hash, and the slide footnote points to a pre-correction snapshot
• analytics and support owners acknowledge different revision IDs in the same review window

If one symptom appears, assume deck integrity is broken until query-pack outputs are rebuilt.

Direct answer

Regenerate the full signer query pack from the latest archive snapshot whenever any correction packet lands, then rebuild every contract-state slide from those outputs and refresh footnotes with query ID + snapshot UTC + evidence hash. Do not patch deck contract text by hand.

Root cause summary

1. Partial refresh process: teams update only “changed-looking” slides after correction.
2. No correction-chain join: query outputs filter by node only, not by supersedes chain.
3. Footnote drift: claim text changes but hash references are left untouched.
4. Mixed snapshot sources: one slide uses BI export from yesterday, another uses today’s archive query.
5. Ownership split: release owner updates deck, analytics owner updates query script, no atomic handoff.

Fastest safe fix path

1. Freeze the current deck and mark it stale_pending_refresh.
2. Rebuild the five core query-pack outputs from the latest archive snapshot UTC.
3. Regenerate all contract-state claims from query outputs only.
4. Replace all affected slide footnotes with new query IDs and evidence hashes.
5. Run a two-owner verification check (release + analytics) before recirculation.

Step-by-step fix

Step 1: Detect stale references quickly

Run a contract-state diff between:

• latest archive active revision ID
• revision IDs cited in signer deck claims

Use automated extraction if possible; otherwise manually list slide claims in a checklist.

Verification checkpoint: every contract-state claim in the deck maps to one current archive revision or a clearly labeled superseded revision.

Step 2: Regenerate query-pack outputs

Recompute the baseline set from the same snapshot UTC:

• contract_revision_chain
• correction_trigger_summary
• decision_status_by_window
• rollback_relabel_coverage
• node_timeline_by_model_version

Keep snapshot timestamp in each output artifact name.

Verification checkpoint: all five outputs share the same snapshot UTC and include correction rows newer than the stale deck timestamp.

Step 3: Enforce correction-chain joins

Your query logic must follow supersedes relationships. If you only query the original node ID and stop there, you will show outdated contract state.

At minimum:

• include supersedes_node_id
• include contract_revision_id
• include current state (active, superseded, revoked)
• include decision outcome after correction

Verification checkpoint: the latest contract state in query output matches archive canonical state for each reviewed node.

Step 4: Rebuild deck claims from query outputs

For slides that mention contract status, never type status manually. Pull from regenerated query-pack artifacts.

Required slide groups:

• effectiveness and stability summary
• correction event summary
• active contract revision state
• risk and owner follow-up

Verification checkpoint: each contract claim can be traced to a specific row in a regenerated query output.

Step 5: Refresh evidence footnotes

For each claim, footnote must include:

• query ID
• snapshot UTC
• evidence or packet hash
• owner signoff reference

Remove claims that cannot be footnoted with current snapshot data.

Verification checkpoint: no contract-state claim remains with pre-correction hash references.

Step 6: Re-acknowledgement routing

When correction changes contract text, require explicit re-acknowledgement:

• release owner: confirms active contract revision and deployment implication
• analytics owner: confirms metric interpretation still valid
• support owner: confirms taxonomy or macro mapping still aligned

No re-acknowledgement, no signer-ready status.

Verification checkpoint: all required owners provide acknowledgement against the same revision ID.

Step 7: Publish with change log

Recirculate deck with a short patch log:

• what changed
• which slides changed
• which correction IDs triggered refresh
• new snapshot UTC

This preserves review trust and prevents “which version is final” confusion.

Verification checkpoint: reviewers can identify current deck version without comparing filenames manually.

Practical 10-minute triage flow

Use this when a signer flags stale contract language mid-review:

1. pause sign-off and freeze deck version
2. confirm latest correction packet ID and timestamp
3. rerun contract revision chain query
4. patch affected contract-state slides only
5. update all related footnotes
6. collect release + analytics re-ack
7. resume review with explicit patch note

This restores integrity quickly without pretending the stale state never existed.

Alternative fixes for stubborn cases

Branch A: BI cache keeps serving old results

Symptom: regenerated query file still returns old revision IDs.

Fix:

• bypass BI cache and query canonical archive store directly
• version query output filenames with snapshot UTC and short hash

Branch B: Deck template has hardcoded contract text

Symptom: regenerated metrics update, but status sentence remains stale.

Fix:

• move status text to a template field populated from query output
• forbid static contract status strings in signer template

Branch C: Parallel correction packets overlap

Symptom: reviewers see two “latest” corrections for adjacent nodes.

Fix:

• sort by signed timestamp and tie-break by correction ID
• publish one canonical “active revision map” slide per review window

Verification checklist before sign-off

All checks should pass:

1. latest correction packet appears in query-pack outputs
2. active contract revision in deck matches archive canonical state
3. no superseded revision presented as active
4. every contract-state claim has updated query + hash footnote
5. release and analytics acknowledgements reference same revision IDs
6. recirculated deck includes explicit patch/change note

If any fail, keep sign-off on hold.

Prevention tips

• Trigger automatic query-pack regeneration on correction-packet publish.
• Make stale-footnote detection a CI gate for deck export.
• Keep one canonical archive snapshot source for signer artifacts.
• Require template-level contract fields rather than free-text status editing.
• Schedule a weekly rehearsal using one synthetic correction event.

Related problems and links

• OpenXR guard governance report shows stale override debt after expiry sweep on Quest - fix
• OpenXR Post-Rollout Verification Packet Missing Scorer Stamps on Quest - Resume Timing and Window Boundary Fix
• OpenXR Option Scorer Model Version Binding Mismatch on Quest Build - Release Lane and Tuple Lock Fix
• OpenXR Critical-Field Diff Marked as Non-Critical Causes Signer Fast-Path Approval Drift on Quest - Fix
• OpenXR Startup Selection Telemetry Missing on Quest Build - Instrumentation Route Fix
• Guide: Unity 6.6 LTS OpenXR Assurance Contract Drift Revalidation and Archive Correction Preflight
• Guide: Unity 6.6 LTS OpenXR Lineage Archive Query Pack and Signer Review Deck Preflight
• Blog: Quest OpenXR Assurance Contract Drift Revalidation and Archive Correction Playbook 2026

Official references: Unity OpenXR documentation and Khronos OpenXR specification.

FAQ

Should we always rebuild the full deck after one correction packet?

Not always. Rebuild all query-pack outputs, then patch only affected slides. Full deck rebuild is optional; deterministic query and footnote refresh is not.

Is one owner signoff enough after a contract correction?

No. At minimum you need release and analytics owners aligned on the same active revision. Add support owner when taxonomy or relabel language changed.

Can we keep old footnotes if claim wording did not change?

Only if the underlying query output and snapshot UTC are unchanged. After correction-packet publish, that condition is usually false.

Escalation criteria

Escalate to a signer hold when:

• any slide presents a superseded contract revision as active
• footnote hash cannot be traced to current snapshot outputs
• owners acknowledge conflicting revision IDs in the same review window

Bookmark this fix for your next signer review cycle. Share it with teammates who maintain archive queries and review-deck templates.