Macro-4 No-Production-Touch Forbidden Surfaces — R2-B2 (2026-06-19)
Macro-4 No-Production-Touch Forbidden Surfaces — R2-B2 (2026-06-19)
Date: 2026-06-19 · Workstream: R2-B2-MACRO-4-STAGING-WORKBENCH-IO-CONTRACT-TD-ENTRY-GATE-2026-06-19 (Deliverable 45 of 90) · Editorial revision: rev1
Class: no-production-touch forbidden surfaces · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NO write performed.
Metadata convention. Editorial revision (rev1) only. Storage revision/
content_lengthauthoritative at read time.
0. Status and non-authorization
STATUS: PASS — engineering / design-only. The exact production surfaces the workbench must never write. Engineering PASS ≠ authority PASS. Default: HOLD.
1. Purpose
List the production surfaces a no-touch proof must show are untouched.
2. Sources / evidence read
B2 production-firewall contract (35); FRESH information_schema + iu_create gateway; pilot-slice staging IO contract §6. Main process, no reader-agents.
3. Accepted baseline (carried)
Nothing in the workbench writes production birth_registry, certifies, canonicalizes, mints identity, or touches the KG.
4. Evidence / analysis — forbidden production surfaces
| Surface | Must be unchanged |
|---|---|
birth_registry (all columns: inspect_*, certified, certified_at, canonical_address, owner, jsonb_profile, status) |
yes |
universal_edges (KG provenance/edges) |
yes |
governance_object_ownership |
yes |
dot_config (gate switches incl. app.birth_gate_mode) |
yes |
iu_core.* (production IU staging) + unit_edit_draft + iu_create gateway |
yes |
dot_agent_api_contract (no birth-bound promotion) |
yes |
wf_host_crontab_snapshot / host cron (no birth job) |
yes |
pg_extension (no pg_cron install) |
yes |
5. Contract / requirement / matrix / result
A workbench run touches none of these. This macro touched none (read-only only, Deliverable 81). Any write to any of these = FAIL.
6. Owner-gated future work
Any production-surface change is Owner-gated; forbidden now.
7. What remains unresolved
These surfaces stay forbidden until a separate write-enabled Owner workstream opens.
8. Ready for GPT/Codex review
Yes — Codex should confirm the forbidden-surface list is complete.