03 — Blockers Carried Forward & Readiness (One-Roof Concept Canon, Round 4, 2026-06-01)
03 — Blockers Carried Forward & Readiness
Tier: Concept / principle only. This doc names the blockers and the tier each one holds; it does not solve any of them and must not be read as solving any of them. Source: Round-4 docs 02 (open-question closure), 08 (live-PG compatibility), 11 (GO/NO-GO). Live-PG evidence is read-only and as of 2026-06-01.
3.1 Why this doc exists
The Round-4 CONDITIONAL GO authorizes the concept tier only. Every later tier (apply/remediation binding, IU surface/owner-binding, law-file patch, enactment) is held behind a named, detected, upgrade-pathed prerequisite. This canon carries those flags forward verbatim so no downstream reader mistakes a concept contract for a buildable design. Nothing here is solved. Every blocker is open.
3.2 Substrate blockers (PG schema delta needed; concept may reference, apply waits)
| ID | Blocker | Live evidence (read-only 2026-06-01) | Holds | Non-mutating remediation path (later tier) |
|---|---|---|---|---|
| SB-1 | Missing governance APR action-types | apr_action_types = 6 (add_field, amend_law*, create_item, enact_nrm*, patch_ops_code, update_item; *=unimplemented); none is assign_governance_owner / grant_governance_exception / delegate_authority / assign_axis_owner |
apply PROPOSE | add 4 rows + handler/council-review wiring; interim exception store = admin_fallback_log (C-2) |
| SB-2 | Object/axis ownership edge un-expressible | chk_relations_source_type & chk_relations_target_type both ∈ {law, agency}; 8 live edges all agency→law |
apply APPLY | additive table governance_object_ownership(owner_gov_code, object_type, object_ref, scope, …) preferred over widening the CHECK (C-1) |
| SB-3 | IU axis envelope hardcodes 3 axes | iu_three_axis_envelope DDL = exactly axis_a_*, axis_b_*, axis_c_*; 216 rows; a 4th axis ⇒ ALTER TABLE |
open-axis at the IU substrate | Axis Registry = ground truth; generic iu_axis_value store; envelope → hot-cache projection — IU technical design, after OP-B |
SB-3 is the keystone honesty caveat: the "no fixed axis array" principle (M-DEF-8/9) is concept-true but substrate-false at IU today. Every concept doc that asserts open-axis carries this caveat.
3.3 Council / human decision surface (8 items — none blocks the concept tier)
| ID | Decision | Class | Recommended default (council to ratify) | Holds |
|---|---|---|---|---|
| C-1 | object/axis ownership edge: new table vs widen CHECK | council + substrate (SB-2) | new governance_object_ownership table (additive, no migration risk) |
apply |
| C-2 | governance APR action-type bundle | council + substrate (SB-1) | one bundle of 4 (assign_governance_owner w/ handler; the rest council-review) | apply |
| C-3 / OP-B | IU family accountable owner per scope | council | policy→COUNCIL; substrate/health→KG-SYS + SIV; execution→DOT; render→MOUT (interim TTL delegation); law→NRM-SYS | IU surface / owner-binding |
| C-4 | review_decision as approval adapter vs full Đ32 |
council | record as a governed approval-adapter exception (11-field, with replacement_plan to migrate to Đ32) | IU approval routing |
| C-5 | render ownership: COUNCIL delegation vs GOV-MOUT activation | council | delegation now (TTL), GOV-MOUT activation as end-state (Đ28 is agency-orphaned today) | render-binding |
| C-6 | shareable-but-personal boundary (A2) + legacy-bypass deadline (A3) | council (ratification) | (A2) Class-0 → governed at export/share; (A3) 60 days | — (proceed on default) |
| H-1 | how new clauses become enacted law | human | separate human-ratification phase (council_review + manual/admin-fallback enact into normative_registry) |
enactment |
| H-2 | OP-B owner-binding ratification | human | sovereign ratifies the C-3 assignment into live governance_registry |
IU owner-binding (live) |
3.4 Law-drift blockers (content-only; GOV-NRM-SYS; block a law patch, not this concept patch)
| ID | Blocker | Evidence | Holds |
|---|---|---|---|
| L-1 | Enacted-law drift | Đ45 ban_hanh=false leftover lines; Đ36 v4.0 (index) vs v5.0 (file) ambiguity; enacted Đ37 v3.3 text vs live columns (gov_type/created_by_law/relation_type/enforcement_role + capability JSON not in the law) |
law-file patch |
| L-2 | Law-registration gap | normative_registry (47 rows) lacks Đ20, Đ23, Đ44, Đ45 — yet IU runs under Đ44 (draft), events under Đ45, design-before-impl under Đ20, DOT-scan under Đ23 |
law-file patch + clauses referencing these laws |
| L-3 | Phantom definition wording | per-source-model phantom (model-A stale-actual write-race ≠ phantom; model-B genuine record>actual) drafted but un-ratified | law-tier wording |
Concept design may cite Đ20/23/44/45 as "draft / KB-only, registration pending." It must not write to
normative_registry,law_catalog, orgovernance_docs.
3.5 Other substrate observations (not hard apply-blockers)
| ID | State | Disposition |
|---|---|---|
| SB-4 | No governance/coverage/axis/orphan/anarchy/island/exception event-type domain (event_type_registry); mother.* rows active=false; system_issues.issue_type is free-text (no CHECK) |
register-before-emit under a GOV-SIV governance/integrity domain; reuse thiếu_quan_hệ/sai_lệch_dữ_liệu for orphan/drift — scanner tier |
| SB-5 | amend_law / enact_nrm handlers unimplemented; enact-via-APR id 204–210 all rejected |
enactment = human phase (H-1) |
| SB-6 | os_proposal_approvals = 0; apr_approvals = 42 all S178 DOT-repair; no governance/IU/axis/coverage approval ever |
COMMIT_FORBIDDEN — human phase (H-1) |
| SB-7 | governance_audit_log = 1 stale row |
activate the Đ37 §5.5 audit loop (reuse table + registry_changelog/event_outbox), do not replace — implementation tier |
| SB-8 | dot_coverage_required = 11 (birth/collection/governance.approval/monitoring.dot only) |
add coverage rows for governance.coverage/classification/pivot/axis/iu — scanner tier |
| SB-9 | law_catalog(5) stale; governance_docs(12) drifted UI index |
content-only (L-1/L-2) |
3.6 Concept-tier GO vs later-tier NO-GO (the readiness boundary)
| Track | Decision | Gate |
|---|---|---|
| Concept / principle canonical design (this canon + the surface/foundation concept-patch sections) | GO — done in this round | carry M-DEF-1..10 + §0-GOV + flag blockers |
| Apply / remediation-binding design (the DOT writing owner edges) | NO-GO | until SB-1 + SB-2 + SB-3 |
| IU surface / owner-binding design | NO-GO | until OP-B (C-3) + C-4 |
| IU axis-envelope generalization (substrate) | NO-GO | IU technical design after OP-B (SB-3) |
| Law-file patch (Đ37/31/32/35/44/45 text) | NO-GO | content-only L-1 + L-2 first, then a separate law-patch macro |
| Law enactment | NO-GO | separate human phase: SB-5 + SB-6 + H-1 |
3.7 Deferred-technical declaration
This canon designs no technology. The following are explicitly DEFERRED to later tiers behind the blockers above, and must not be inferred from any concept card here:
- PG schema (tables, columns, CHECK changes, the object-ownership edge, the
iu_axis_valuestore). - DOTs (scan / propose / apply / audit coverage DOT family; paired_dot; handlers).
- Scanner SQL / views / functions; inventory-completeness reconciliation.
- Issue / event registration (
event_type_registry,dot_coverage_requiredrows). - Apply / remediation binding (any code that writes an owner/axis edge or grants an exception).
- IU surface / owner-binding / axis-envelope generalization.
- Production UI / API / route / Directus / Qdrant / Nuxt change.
- Law enactment / version bump /
normative_registry/law_catalog/governance_docswrite / approval creation.
Readiness verdict for the next tier: the concept layer is tight (closed open-question ledger, all-domain proof, count>1 rule, 100%-caught Red-Team v3). The apply/IU-surface/law/enactment tiers remain NO-GO behind the 3 substrate deltas (SB-1/2/3) and the 8-item council/human surface. No condition here may be satisfied by self-approval.