mod: Phase 3 — lifecycle state machine + escalation + appeal, 106/106

Pure SX state machine (lib/mod/lifecycle.sx) over the engine:
open→triaged→decided→appealed→final, transition table guards illegal moves.
Auto-tier resolves terminal actions; escalate parks at human-tier (resolve
blocked until review supplies evidence). Appeal re-runs the engine — new
exonerated-keep rule at top precedence lets exoneration override a prior hide.
Api façade (mod/triage/resolve/review/appeal/finalize) over a case registry,
logging committed decisions to the audit trail. +46 escalation tests.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

plans/mod-on-sx.md

@@ -16,7 +16,7 @@ federation extension.
 
 ## Status (rolling)
 
-`bash lib/mod/conformance.sh` → **60/60** (Phases 1–2 complete)
+`bash lib/mod/conformance.sh` → **106/106** (Phases 1–3 complete)
 
 ## Ground rules
 
@@ -96,12 +96,20 @@ lib/mod/fed.sx
 
 ## Phase 3 — Escalation + lifecycle state machine
 
-- [ ] state machine: `:open → :triaged → :decided → :appealed → :final`
-- [ ] auto-tier: first-pass rules decide quick cases
-- [ ] human-tier: rules that emit `:escalate` move to next state
-- [ ] appeal: re-runs with appeal evidence, may override prior decision
-- [ ] `(mod/appeal id new-evidence)` API
-- [ ] `lib/mod/tests/escalation.sx` — full lifecycle traversal cases
+- [x] state machine: `lib/mod/lifecycle.sx` — `:open → :triaged → :decided →
+  :appealed → :final` as a pure SX module over the engine; transition table guards
+  illegal moves (sets `:error`, leaves state); immutable cases with `:history`
+- [x] auto-tier: `mod/case-triage` runs the engine; terminal action (hide/remove/
+  keep) → tier `auto`, `mod/case-resolve` advances to `:decided`
+- [x] human-tier: `:escalate` action → tier `human`; `mod/case-resolve` is blocked
+  (sets `:error`); `mod/case-review` attaches evidence, re-decides, advances
+- [x] appeal: `mod/case-appeal` attaches appeal evidence + re-runs the engine; new
+  `exonerated-keep` rule (top precedence) lets exoneration override a prior `:hide`
+- [x] `(mod/appeal id new-evidence)` API — lifecycle façade over a case registry in
+  api.sx (`mod/triage` / `resolve` / `review` / `appeal` / `finalize`), logging
+  each committed decision to the audit trail
+- [x] `lib/mod/tests/escalation.sx` — 46 cases: transition guards, auto/human tiers,
+  blocked resolve, full appeal-override traversal, history, api façade
 
 ## Phase 4 — Federation
 
@@ -113,6 +121,22 @@ lib/mod/fed.sx
 
 ## Progress log
 
+- **Phase 3 complete — 106/106** (+46 escalation). Lifecycle state machine,
+  auto/human tiers, appeal-override, and an api façade. The state machine is a
+  pure SX module (`lib/mod/lifecycle.sx`) over the engine — policy stays in
+  Prolog, lifecycle stays out of it, per the design constraint. Cases are
+  immutable values threaded through transitions; illegal moves set `:error`
+  rather than throwing (the env's error handling is untested, so this keeps tests
+  deterministic). Tier logic: triage runs the engine, an `:escalate` action parks
+  the case at the human tier where `mod/case-resolve` is blocked until
+  `mod/case-review` supplies evidence. Appeal-override works because the new
+  `exonerated-keep` rule sits at top precedence — appeal evidence re-runs the same
+  engine and a higher-precedence clause wins. The api façade (`mod/triage` …
+  `mod/finalize`) keeps a per-report case registry and logs each committed
+  decision to the Phase-2 audit trail, so lifecycle + audit compose.
+  - **Gotcha:** `sx_insert_near` inserts only the FIRST top-level form of a
+    multi-form source — silently drops the rest (byte count barely changes). For
+    multi-form additions, rewrite the file with `sx_write_file`.
 - **Phase 2 complete — 60/60** (+29 audit). Evidence accumulation, constructive
   proof trees, append-only audit log. A decision's `:proof :goals` is a real
   derivation: each body goal is re-queried against the same Prolog DB with the