Implement source lock and submission package baseline

docs/ARCHITECTURE-BLUEPRINT.md

@@ -355,7 +355,9 @@ Stores run artifacts by reference and checksum:
 
 The first implementation builds the assessment package artifact manifest from
 runner-emitted artifact refs and computes checksums for files inside the run
-directory.
+directory. New runs also write a source lock and a submission package manifest
+that fingerprint reviewable run files and summarize runner or normalizer
+metadata reported by extensions.
 
 ### Normalizer
 
@@ -559,6 +561,18 @@ building complex runtime code.
 - `artifact_policy`
 - `runtime_policy`
 
+### `SourceLock`
+
+- `framework_refs`
+- `extension_refs`
+- `frameworks`
+- `extensions`
+- `mapping_sets`
+- `profiles`
+- `policy_refs`
+- `authorities`
+- `metadata_hooks`
+
 ### `RawArtifact`
 
 - `id`
@@ -626,6 +640,19 @@ building complex runtime code.
 - `certification_boundary`
 - `created_at`
 
+### `SubmissionPackage`
+
+- `run_id`
+- `package_identity`
+- `source_lock_ref`
+- `source_lock`
+- `reports`
+- `normalized_outputs`
+- `profile_snapshots`
+- `artifact_manifest`
+- `reported_metadata`
+- `certification_boundary`
+
 ## Result Vocabulary
 
 The evidence model should allow these statuses:
@@ -714,6 +741,7 @@ runs/<run-id>/
   reports/
     report.md
     assessment-package.json
+    submission-package.json
   exports/
 ```
 
@@ -787,7 +815,12 @@ Each run should lock:
 - test suite IDs,
 - mapping version,
 - target profile snapshot,
-- waiver snapshot.
+- expectation and waiver refs.
+
+The current source lock remains backward-compatible with the original
+`framework_refs` and `extension_refs` fields while adding checksummed profiles,
+mapping-set refs, optional policy refs, authority descriptors, and metadata
+hooks for runners and normalizers.
 
 ## Implementation Sequence