R1/R2 Modular LEGO Architecture Scoping

Date: 2026-06-18 · Workstream: R1 ∥ R2 Design-Only Modular LEGO Architecture Scoping (R1-R2-DESIGN-ONLY-MODULAR-LEGO-ARCHITECTURE-SCOPING-2026-06-18) · Revision: rev1 Class: design-only / architecture scoping / decision-support · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NOT remediation · NOT technical design · NOT implementation · NO blocker resolved.

0. Status and non-authorization

STATUS: PASS — this is a complete design-only modular block map for R1 ∥ R2. It defines which isolated blocks must exist, what each block's contract is, how blocks stay decoupled, and which future writes are Owner-gated. It builds nothing, mutates nothing, authorizes nothing.

This packet sits one step downstream of the Owner Decision Packet:

Accepted R1a/R2a root-cause baseline (+ Codex PASS_WITH_CAVEATS) → Owner Decision Packet matrices (Option D recommended) → this Modular LEGO Architecture Scoping (design-only block map) → (only if separately authorized) a narrower per-package design-only block-contract packet → (only if separately authorized again) write-enabled remediation.

This packet is design-direction only. Its product is a block map and a set of contracts, all PENDING_OWNER. It is not a build, not a technical design, not a migration plan, not an SQL/DDL/function proposal.

Non-authorization (explicit). This document does not, and cannot: run any DB write / DDL / DML; restart or reload any container or service; run any worker / cron / job; trigger DOT / KG / birth / certify / promote / repair execution; backfill provenance; quarantine edges; set inspect_pen / inspect_stamp / inspect_gate; set certified=true; flip any dot_config gate; assign a governance owner; promote any agent-api contract DRY_RUN→REAL_RUN; write env / config files; patch source code; patch any source law / draft / note / prior report; create a current corpus; write technical design; implement; resolve any blocker; materialize KG / provenance / stamps / cell_id / dot_role / canonical_fields; change authority order; change the v0.1 baseline; promote v0.2-hardening.

Default disposition: HOLD. PASS = a complete design-only block map; it is not an Owner authorization to design-in-detail or to remediate.

1. Purpose and Owner-approved direction

Owner approved Option D at the design-only level: open R1 and R2 design-only in parallel.

R1 = Knowledge Graph / provenance / quarantine / KG gates (Điều 39 surface).
R2 = Birth / certify / inspect-producer / stamp-mapping / backlog (Điều 4 / Điều 0-G surface).

Option D is not write-enabled remediation, not implementation, not runtime mutation, not detailed coding-grade technical design. It produces design-direction memos behind a further Owner gate (per Owner Decision Packet §9 and Codex's explicit anti-automation condition: "If Owner chooses D/C/B, start only the selected design-only decision-design package; no TD or write-enabled work starts automatically.").

The purpose of this packet is to convert the R1/R2 problem space into a modular LEGO architecture: a map of the smallest independent blocks, each with a clear contract, each testable / replaceable / deletable in isolation, integrating only through explicit contracts. The output is a map of blocks and boundaries, not code and not TD.

2. Sources read

All required sources were read in full via four parallel read-only KB reader passes. None SOURCE_NOT_READ.

#	Source	Status	Used for
0.1a	`consolidation/owner-decision-packet-r1a-r2a-root-cause-2026-06-18.md`	READ	Option D, R1-D1..D7 / R2-D1..D7, cross-package matrix, convergence points
0.1b	`reports/owner-decision-packet-r1a-r2a-root-cause-execution-report-2026-06-18.md`	READ	caveat cross-map, non-authorization posture
0.1c	`reports/codex/codex-review-owner-decision-packet-r1a-r2a-root-cause-2026-06-18.md`	READ	Codex `PASS_WITH_CAVEATS`, anti-automation condition, Option-C caveat
0.2a	`reports/r1a-kg-runner-log-provenance-source-root-cause-2026-06-18.md`	READ	R1 root cause (runner health, 5 gates, 1/36 contract, 2199 edges 0-prov)
0.2b	`reports/r2a-birth-inspection-runner-cron-log-root-cause-2026-06-18.md`	READ	R2 root cause (one-shot bootstrap, starved consumer, 1.21M backlog)
0.2c	`reports/r1a-r2a-runner-cron-log-root-cause-execution-report-2026-06-18.md`	READ	combined exec posture (CAV-6 metadata note)
0.2d	`reports/codex/codex-review-r1a-r2a-runner-cron-log-root-cause-2026-06-18.md`	READ	the 6 caveats, `PASS_WITH_CAVEATS`
0.3a	`consolidation/phase1b-runtime-truth-blocker-decision-packet-2026-06-17.md`	READ	5 macro packages R1–R5, OD-1..OD-8, blocker bundle
0.3b	`reports/r1-d39-kg-provenance-quarantine-execution-readiness-scope-2026-06-17.md`	READ	KG substrate inventory (kg_* tables, quarantine ABSENT)
0.3c	`reports/r2-birth-certify-canonical-stamp-readiness-scope-2026-06-17.md`	READ	birth substrate inventory (inspect_* chain, fn_birth_auto_certify)
0.3d	`reports/r1-r2-parallel-readonly-scoping-execution-report-2026-06-17.md`	READ	12-finding classification, design-only/materialization split
0.4a	`notes/dieu39-knowledge-graph-compatibility-note.md`	READ	KG provenance/quarantine/fail-closed discipline
0.4b	`notes/dieu4-birth-process-compatibility-note.md`	READ	birth≠canonical, PEN→STAMP→GATE lifecycle
0.4c	`notes/dieu32-approval-owner-gate-compatibility-note.md`	READ	Owner gate / Mức-3 / ESCALATE_L3
0.4d	`notes/dieu35-dot-governance-compatibility-note.md`	READ	fix_repair_dot pattern, scanner=list-only, reuse-pattern-not-system
0.4e	`laws/dieu39-knowledge-graph-law.md`	READ	golden rule, trust_score, NT1/NT11 no-parallel-SSOT
0.4f	`architecture/birth-registry-law.md`	READ	Đ0-G lifecycle, inspect_* semantics, unused columns
0.4g	`laws/dieu32-approval-law.md`	READ	quorum mechanism, anti-bypass, unimplemented-handler block
0.4h	`ssot/operating-rules.md`	READ	Assembly First, fail-closed default, no-parallel-SSOT

Substrate note (carried): the VPS PostgreSQL directus DB (public + iu_core) is the sole source of truth for the runtime facts below; the local repo is substrate-free/stale. All runtime facts in §3 are read-only catalog observations from prior accepted runs — re-verified by none of them being mutated here.

3. Accepted root-cause baseline (carried, not re-derived)

Codex PASS_WITH_CAVEATS accepted both root causes. The headline: neither package is a broken runner. Both fixes are net-new governed build/design, not a restart.

R1 — Knowledge Graph (REGISTERED_NOT_EXECUTED by design):

Runner incomex-agent-api-executor (agent-api-executor-local:v1, Up 13 days, healthy), endpoint :8090/dispatch, bound in dot_agent_api_contract. v_dotkg_realrun_preflight.precond_endpoint_bound=GO.
KG real-run verdict = REALRUN_BLOCKED_MULTI_GATE (NO_GO) — five intentional fail-closed BLOCK gates: gate_real_run_enabled=false, gate_execute_enabled=false, gate_dry_run_only_cleared (dry_run_only=true), gate_dotkg_owner_present=0 (governance_object_ownership=0 rows), gate_contract_realrun_mode=DRY_RUN. 0 REAL_RUN ever.
Only 1 of 36 KG DOTs contracted (DOT_KG_EXPLAIN, DRY_RUN pilot, 2026-06-04). 35/36 — including DOT_KG_PROVENANCE_TAG / DOT_KG_PROVENANCE_AUDIT — have no agent-api contract and no runner binding.
2199 universal_edges (2039 LEGACY|S167H seed @ 2026-03-19 + 160 DIRECTUS structural sync), 0 carry provenance; 0 ever quarantined; edge creation stopped 2026-04-21. No provenance source-of-truth exists in the inspected substrate.
pg_cron not installed; kg_quality_log=0 rows; GOV-KG-SYS registered+active but inert (health_dot=NULL, primary_collection=NULL). Config layer is Đ39-aligned and fail-closed but untested (kg_auto_approve_rules 6 rows fail-closed TBox-human; kg_source_authority 5-tier). Quarantine mechanism ABSENT (only fn_preflight_guard references the word; only fn_iu_kg_edge_audit touches edges+provenance, and it only audits — no writer/backfiller).

R2 — Birth / certify (manual one-shot bootstrap, never operationalized):

2026-03-21 06:00–08:00 certification = a one-shot, operator-run S157-A bootstrap (dot-birth-backfill + s157b seed) via SSH + docker exec, stamping inspect_pen/stamp/gate + certified=true directly in the INSERT. Never recurred (1 distinct certification day).
Inspector DOTs DOT-TAC-BIRTH-VERIFY (cron 0 6 * * *, metadata-only) and DOT-TAC-BIRTH-GATE (event) are unwired stubs (no file/engine/contract, last_executed=NULL). Host 0 6 slot belongs to dot-nrm-lifecycle. No pg_cron.
Consumer trg_birth_auto_certify → fn_birth_auto_certify (ENABLED) is healthy: it flips certified=true, certified_at=now() once all three inspect_* are present. It only READS inspect_*. Nothing WRITES inspect_* (inspect-named triggers = 0). The pipeline is starved at the inspection stage — a healthy consumer with no producer.
1,402 certified (all 2026-03-21) vs 1,211,557 uncertified (0 inspect stamps; last born today, 2026-06-17 13:30) = 0.1156%. 192 birth triggers (191 enabled) mint certified=false rows live.
Birth-gate GUC: app.birth_gate_mode defaults to 'warning' (fail-open warn-mode); app.bypass_birth_gate kill-switch not engaged by any persisted config (0 rows in pg_settings/pg_db_role_setting). BIRTH_STAMP/PROMOTE_STAMP are conceptual F4 targets, not DB artifacts. fn_iu_enact is a real atomic + fail-closed + post-write-verified promote — but for the IU lineage only, not birth-certify. Columns status/canonical_address/owner/jsonb_profile exist on birth_registry but are unused.

Findings (accepted): 13 root-cause findings (7 R1a + 6 R2a) / 12 readiness findings — 0 CRITICAL, no active mutation/bypass/execution. All blockers OPEN.

4. Mandatory caveats (carried verbatim in substance — all six)

These six Codex caveats constrain every block contract below. They are carried, not resolved.

Caveat	Statement (carried)	Constrains which blocks
CAV-1	R1a has no executor process-log proof — `docker_logs incomex-agent-api-executor` was DENIED. R1 is proven at the DB-contract / preflight / config layer, not the process-log layer. No claim of direct executor process-log behavior.	K1 (runner gate), K2 (DOT contract)
CAV-2	R1a "no provenance source-of-truth" means no SoT in the inspected substrate — it does not mean provenance can never be recovered via a future S167H / Directus source-recovery effort.	K3 (provenance source recovery), K4 (tagging), S6 (source recovery)
CAV-3	R2a "manual one-shot bootstrap" is supported by DB `dot_origin` buckets + synced local script content, but the 2026-03-21 container logs are unavailable. Supported indirectly, not by old logs.	B2 (inspect producer), B5 (backlog)
CAV-4	R2a producer scripts were read from the synced local mirror, not the live `/opt/incomex/dot/bin`. No byte-for-byte live-file claim — synced-mirror evidence corroborated by matching DB `dot_origin`.	B2 (inspect producer), B5 (backlog)
CAV-5	The GUC conclusion is limited to no persisted server/db/role bypass/default. The transient session state remains unreadable. Must not claim a transient bypass certainly does not exist.	B7 (GUC / gate policy)
CAV-6	The combined R1a/R2a execution report has a non-material metadata typo (body `rev1`/`14799` vs AgentData metadata `rev2`/`14798`; metadata wins). Non-material; a cosmetic patch is a separate Owner-gated decision, not done here.	(documentary only — no block; not patched here, per forbidden list)

5. LEGO invariant and design filter

The invariant (above all other details):

Build the system like LEGO. Each block is isolated; has a clear contract; can be tested alone; can be replaced or deleted without breaking the whole. Integration happens through explicit contracts, not hidden coupling. If a design is wrong, remove that block and rebuild it without cascading damage.

Why the root-cause baseline makes this the right filter — the evidence already shows LEGO succeeding and LEGO failing:

LEGO succeeding (decoupling that worked — preserve it). The birth-certify consumer (trg_birth_auto_certify, block B4) is decoupled from its producer (block B2) through the inspect_* data contract (block B3). That is precisely why the consumer is "healthy but starved": the missing producer did not break the consumer. You can build, test, and replace the producer against the existing inspect_* contract without touching the consumer. This is the LEGO ideal, already present in the substrate. The fix is to build one missing block to an existing contract — not to rewire the pipeline.
LEGO failing (hidden coupling that hurt — never repeat it). The 2026-03-21 bootstrap collapsed register + inspect + certify into a single INSERT … certified=true, inspect_pen=now(), inspect_stamp=now(), inspect_gate=now() statement — blocks B1+B2+B3+B4 fused into one mega-statement. It "worked" once but (a) certified without genuine inspection (the stamps were faked as now()), and (b) it cannot be operationalized, tested, or rolled back block-by-block. Re-running that fused statement at 1.21M scale is the forbidden mega-pipeline. The lesson is exactly AC-1 / AC-2: registration must not certify, and inspection-evidence must not be faked at INSERT.
The KG gate is already a good block — don't remove it, build around it. The five-gate v_dotkg_realrun_preflight (block K1) is a correct fail-closed brake: it refuses real-run until a provenance SoT, an owner, and a promoted contract exist. The wrong move (mega-shortcut) is to clear the gates to "make KG run." The LEGO move is to build the missing blocks (K3 source recovery → K4 tagging, S2 owner, K2 contract) so the gates can be cleared one at a time, in order, each independently verifiable (the R1-D2 sequence is itself a LEGO assembly order).

The design filter applied to every block below (reject on any failure):

One narrow responsibility (Đ39 DOT-một-việc-hẹp; Đ35 paired narrow DOT). If a block does two things that can fail independently, split it.
Explicit contract surface — a block integrates only by reading/writing a named data contract (a column, a status enum, a provenance JSONB shape), never by reaching into another block's internals.
Testable alone — the block can be exercised against its contract with the rest of the system absent.
Replaceable / deletable alone — the block can be deleted and rebuilt without cascading change, as long as the contract is honored.
Fail-closed by default (operating-rules "Không chắc đúng = sai"; Đ39 golden rule "AI đề xuất, không tự ban hành") — the safe state is no-op / quarantine / pending-Owner / certification-stays-false.
Assembly First — extend an existing ledger/field/pattern; do not stand up a parallel SSOT, store, or registry (Đ39 NT1/NT11; operating-rules Luật gốc #2/#3).
Propose, never self-enact anything canonical/kernel/TBox/system-impacting — route to the Đ32 Owner gate (Mức 3).

The "stud" rule. In LEGO, blocks connect through standard studs. Here the studs are data contracts: the inspect_* timestamp columns, the certified/certified_at pair, the provenance JSONB shape, the status='quarantine' lane, the kg_quality_log explanation record, the Đ32 approval_requests record. Integration = reading/writing these surfaces, fail-closed, each block blind to the others' internals. No block calls another block's body; no block shares mutable internal state.

6. Block inventory

Twenty-two blocks across three areas. No mega-block. Where two blocks share a soft boundary (B6/S4 stamps↔canonical-address; K3/S6 provenance-recovery↔general-recovery) they are kept separate on purpose — the LEGO rule is when in doubt, split, don't merge.

Area	Block IDs	Count
Birth / Certify	B1, B2, B3, B4, B5, B6, B7	7
KG / Provenance / Quarantine	K1, K2, K3, K4, K5, K6, K7	7
Shared governance / approval / registry	S1, S2, S3, S4, S5, S6, S7, S8	8

Build-state legend (read-only observation, not a build plan): [EXISTS] present & healthy in substrate · [PARTIAL] present but incomplete/inert · [MISSING] not built (the gap) · [CONCEPT] a conceptual target with no artifact.

ID	Block	Build-state	One-line role
B1	Birth registration	[EXISTS]	Mint identity-root + `certified=false` record at INSERT
B2	Inspect producer	[MISSING]	Produce PEN/STAMP/GATE inspection results for uncertified births
B3	Inspect result (contract surface)	[PARTIAL]	The `inspect_*` data contract between producer and consumer
B4	Certify consumer	[EXISTS]	Flip `certified=true` once all `inspect_*` present (atomic per row)
B5	Backlog handling	[MISSING]	One-time governed inspection pass over the 1.21M historical uncertified rows
B6	Stamp mapping	[CONCEPT]	Map BIRTH_STAMP/PROMOTE_STAMP onto existing fields (no net-new SSOT)
B7	GUC / gate policy	[PARTIAL]	Decide warn vs block birth-gate mode
K1	KG runner gate	[EXISTS]	The 5-gate fail-closed real-run preflight
K2	KG DOT contract	[PARTIAL]	agent-api contract binding for KG DOTs (1/36 today)
K3	Provenance source recovery	[MISSING]	Derive/recover the provenance source-of-truth for edges
K4	Edge provenance tagging	[MISSING]	Write `provenance` onto edges from a source-of-truth
K5	Quarantine decision	[MISSING]	"No provenance = quarantine" lane + fail-closed no-provenance gate
K6	KG quality / explainability log	[PARTIAL]	The `kg_quality_log` explanation record ("no explanation = no execution")
K7	Qdrant / vector separation	[EXISTS]	Keep vector search separate from provenance (category-error guard)
S1	Owner / Điều 32 approval	[EXISTS]	The quorum + Owner gate every write routes through
S2	`dot:kg` / producer owner assignment	[MISSING]	Assign governance owner for KG family and birth producer
S3	Registry / pivot identity	[EXISTS]	Identity-root pivot (`birth_registry` PREFIX-NNN)
S4	Canonical address	[PARTIAL]	Canonical addressing scheme (output at promote)
S5	CONS/CELL dependency	[BLOCKER]	The materialization-prerequisite gate (composition model)
S6	Source-recovery	[MISSING]	Out-of-band, Owner-controlled source recovery (Đ0-G + S167H)
S7	Evidence / audit log	[PARTIAL]	The evidence/audit trail every block emits
S8	Rollback / delete-and-rebuild boundary	[PATTERN]	The per-block snapshot/rollback discipline

7. Birth / Certify block map (R2)

The birth-certify lane is a producer → contract → consumer chain that is already correctly decoupled; the missing piece is one block (B2) and a one-time variant (B5). Studs are shown as ──contract──.

B1 ──(certified=false row)──▶ [B3 inspect_* contract] ◀──writes── B2 (forward standing producer)
                                        │                          ▲
                                        │                          └── B5 (one-time backlog pass: same contract, historical rows)
                                        ▼
                              B4 ──(certified/certified_at)──▶ B6 (stamp mapping → S4 canonical address, at promote)
B7 (GUC policy) wraps B1's birth-gate mode (warn|block).   S1/Đ32 gates every write-enabled move.  S7 collects evidence.

B1 — Birth registration. [EXISTS] The 192 birth triggers (fn_birth_registry_auto family) that mint an uncertified birth_registry row (certified=false) + identity-root (PREFIX-NNN) at entity INSERT, for governance_role ∈ {governed, observed}. Boundary: registration only — it grants identity, never certifies (AC-1). Healthy today; the block is not the problem. Replacement: the trigger fabric can be regenerated as long as it keeps writing certified=false and never touches inspect_*/certified.
B2 — Inspect producer. [MISSING — the core R2 gap] A standing, governed process that reads uncertified births and writes the three inspection results per the Đ0-G rules (PEN = identity-completeness; STAMP = descriptive-completeness; GATE = species/business-rule fit). Contract: input = uncertified rows + Đ0-G inspection rule-set; output = inspect_pen/inspect_stamp/inspect_gate (the B3 surface) and only those — it must never set certified (AC-2/AC-3). Reuse direction (R2-D4): reuse the dot-inspect-pen PEN pattern but redesign the producer into a standing runner; do not reuse the SSH+docker exec stamp-in-INSERT shortcut. The producer channel (host cron / pg_cron / agent-api executor / job_queue worker — R2-D2) is an internal implementation detail, NOT the block boundary — the contract is channel-independent. Channel choice and producer build are FUTURE_TECHNICAL_DESIGN_REQUIRED, Owner-gated. Constrained by CAV-3/CAV-4 (bootstrap evidence is indirect/mirror-based).
B3 — Inspect result (contract surface). [PARTIAL] The inspect_pen/inspect_stamp/inspect_gate timestamp columns — the stud between B2 and B4. This is the reason the lane is LEGO-shaped: producer and consumer never call each other; they meet only here. The columns exist (shape present) but are unpopulated for the 1.21M backlog. Boundary: it is a contract, not a behavior — B3 owns the meaning and shape of "inspected", nothing else. Changing the contract is a coordinated change to B2+B4; that coupling is intentional and explicit (it is the interface), not hidden.
B4 — Certify consumer. [EXISTS — healthy, starved] trg_birth_auto_certify → fn_birth_auto_certify: reads B3, and once all three inspect_* are present, atomically flips certified=true, certified_at=now(). Boundary: it consumes inspection evidence; it never produces it (AC-3). It is per-row atomic. The block is correct and needs no rebuild — only its upstream (B2/B5) is missing. Canonical caveat (Đ4 note): for canonical/kernel entities, auto-certify alone is insufficient — certification must additionally pass a fail-closed promote checker + Owner gate (S1/Đ32); B4's async flip is the documentary ancestor, not the canonical promote.
B5 — Backlog handling. [MISSING] A one-time, governed inspection pass over the 1,211,557 historical uncertified rows — the second track of R2-D3's two-track design (forward standing B2 + one-time backlog B5). Boundary: B5 is a bounded, Owner-gated variant of B2 that runs once over historical rows through the same B3 contract and the same fail-closed inspection rules — it must not be a mass shortcut (the 2026-03-21 fused stamp-in-INSERT at scale is the explicit anti-pattern). Disposition (re-run vs leave-uncertified vs phased) is a write-enabled decision, Owner-gated, after B2's channel and CONS/CELL + Đ0-G recovery are settled. FUTURE_TECHNICAL_DESIGN_REQUIRED.
B6 — Stamp mapping. [CONCEPT] Map the F4 vocabulary onto existing mechanism (R2-D5): BIRTH_STAMP → certified/certified_at; PROMOTE_STAMP → an end-to-end atomic birth-certify promote (evaluate reusing the fn_iu_enact atomic/fail-closed/post-verify pattern); use already-present unused canonical_address/owner/jsonb_profile columns. Boundary: B6 decides which existing field carries which stamp — it must not define net-new stamp columns (that would create a parallel SSOT against Đ39 NT11 / Assembly First). Conceptual only; materialization gated on HOLD-2 + CONS/CELL (S5). Mapping design is design-only; any field write is FUTURE_TECHNICAL_DESIGN_REQUIRED + Owner-gated.
B7 — GUC / gate policy. [PARTIAL] The policy block that decides birth-gate mode: app.birth_gate_mode (warning default = fail-open) and the app.bypass_birth_gate kill-switch. Boundary: B7 owns the decision warn-vs-block and the criteria for flipping; it must not flip to block while no standing producer (B2) exists (AC-9) — that would hard-fail the 192 live birth triggers. CAV-5: the persisted layer is confirmed empty; the transient session value is unreadable, so B7's "no bypass" statement is limited to the persisted layer. Out-of-band confirmation is read-only; the flip to block is FUTURE_TECHNICAL_DESIGN_REQUIRED + Owner-gated, after B2 stands up.

8. KG / Provenance / Quarantine block map (R1)

The KG lane is a recovery → tagging → quarantine provenance chain gated by a fail-closed runner preflight. The chain does not exist yet; the gate does (and should stay shut until the chain is built).

S6 ─▶ K3 (provenance source-of-truth) ──(provenance record)──▶ K4 (tag edges) ──(provenance JSONB)──▶ K5 (no-provenance ⇒ quarantine)
S2 (dot:kg owner) ─▶ K1 (5-gate preflight) ─gates─▶ K2 (DOT contract DRY_RUN→REAL_RUN) ─gates─▶ KG execution
K6 (quality/explanation log) is the "no explanation = no execution" stud.   K7 (Qdrant) stays SEPARATE — never a provenance source.
S1/Đ32 gates every gate-clear, owner-assign, contract-promote.   S7 collects evidence.

K1 — KG runner gate. [EXISTS — correct fail-closed] v_dotkg_realrun_preflight = REALRUN_BLOCKED_MULTI_GATE over the five BLOCK gates. Boundary: K1 gates real-run; it does not execute and does not fix anything. It must stay shut until provenance SoT (K3/K4), owner (S2), and a promoted contract (K2) exist; the gates clear one at a time in the R1-D2 order (owner → contract coverage → promote → dry_run_only → master switches last). CAV-1: K1 is proven at the DB-contract/preflight layer, not the executor process-log layer — no claim about executor process behavior. Every gate-clear is a write, Owner-gated.
K2 — KG DOT contract. [PARTIAL — 1/36] The dot_agent_api_contract binding that routes a KG DOT to the dispatch endpoint. Today only DOT_KG_EXPLAIN (DRY_RUN). Boundary: K2 binds and modes a DOT's dispatch; it does not decide provenance or quarantine. Reuse direction (R1-D4): extend the proven EXPLAIN dispatch pattern to the provenance/quality DOTs (DOT_KG_PROVENANCE_TAG/_AUDIT, DOT_KG_HEALTH/_ORPHAN). Contract promotion DRY_RUN→REAL_RUN routes through S1/Đ32. Build/wiring is FUTURE_TECHNICAL_DESIGN_REQUIRED + Owner-gated.
K3 — Provenance source recovery. [MISSING — the core R1 gap] Establish the provenance source-of-truth for the 2199 edges, which has two distinct origins requiring two sources: (i) the 160 DIRECTUS edges → derivable now (in design) from Directus relation/collection definitions (structural, low-controversy); (ii) the 2039 LEGACY|S167H edges → the seed manifest is not in the substrate and requires out-of-band Owner-controlled recovery via S6 — SOURCE_RECOVERY_REQUIRED. CAV-2: "no SoT" is substrate-scoped; recovery may be possible — do not overclaim either way. Boundary: K3 produces a provenance source-of-truth; it must not itself write edge provenance (that is K4) and must not backfill (AC-5).
K4 — Edge provenance tagging. [MISSING] The writer that stamps provenance JSONB ({source_doc_id, section_id, extraction_method, confidence, timestamp}) onto edges from K3's source-of-truth. The intended artifact DOT_KG_PROVENANCE_TAG is registered but never run; today only fn_iu_kg_edge_audit exists and it only audits. Boundary: K4 tags from a SoT; it must not create the SoT (AC-4) and must obey Đ39 idempotency (deterministic key + OCC; "Agent CẤM blind-update universal_edges"). Backfill is a write, Owner-gated, and additionally gated on CONS/CELL (S5).
K5 — Quarantine decision. [MISSING — absent today] The "Không provenance = quarantine" decision lane: a status='quarantine' lane + a fail-closed no-provenance gate honoring TBox-human/ABox-AI (and the trust_score survival rule — trust_score=0 ⇒ quarantine when any mandatory component is missing/invalid/below kg_thresholds). Quarantine is absent today (0 edges ever quarantined). Boundary: K5 decides quarantine from provenance presence/threshold; it must not mutate edges without an Owner-gated write package (AC-6). Design now is paper-only (R1-D6), sequenced with/after K3. Build is FUTURE_TECHNICAL_DESIGN_REQUIRED.
K6 — KG quality / explainability log. [PARTIAL — table exists, 0 rows] kg_quality_log plus the quality/explanation views. Đ39 C7: "không giải thích = không thực thi" (no explanation = no execution). Boundary: K6 is report-only / scanner-style (Đ39/Đ35 scanner = list-only, no auto-fix); it records explanation/quality, it does not act. Writers (DOT_KG_HEALTH/_ORPHAN/_CORRECT) never ran. Wiring is FUTURE_TECHNICAL_DESIGN_REQUIRED.
K7 — Qdrant / vector separation. [EXISTS] incomex-qdrant (entity_embeddings) vector store. Boundary (a guard block, not a pipeline stage): K7 exists to enforce a separation — vector/semantic search is never a provenance source-of-truth (AC-8). Edges are structural (USES/BELONGS_TO/CONTAINS); provenance is a governance attribute, not an embedding. Treating Qdrant as provenance is a category error. K7 is "done" as a boundary; the design action is only to state and hold the separation.

9. Shared governance / approval / registry block map

These eight blocks are shared by R1 and R2. They are the convergence surface — the Owner Decision Packet's "Net": R1 and R2 are independent at the design-only tier (zero shared write surface) and converge only at Đ32/Đ37 (any write-enabled clear/build) and CONS/CELL + source-recovery (any materialization).

S1 — Owner / Điều 32 approval. [EXISTS] The quorum gate (high: ≥1 president + ≥2 ai_council + 0 reject; medium: ≥1 president; low: ≥1 approve or valid auto-rule). Boundary: S1 is the single approval lane every write-enabled move routes through; fail-closed, verdict-only, ESCALATE_L3 on canonical/kernel. It must not be bypassed — the live fn_auto_approve_add bypass (RISK-BYPASS) is a violation to close, never a feature to imitate (AC-11). Unimplemented handlers must be blocked at the DB gate (Đ32 §7).
S2 — dot:kg / producer owner assignment. [MISSING] Assign the governance owner for the KG DOT family (dot:kg, clears K1 gate-4 via PROC-OWN-04) and for the birth producer (B2). governance_object_ownership=0 rows today. Boundary: S2 decides accountability via Đ37 authority mapping → Đ32; design the assignment, do not write it (R1-D3). Writing ownership is a write, Owner-gated.
S3 — Registry / pivot identity. [EXISTS] birth_registry as the identity-root pivot (PREFIX-NNN at INSERT). Boundary: S3 grants identity, not canonical status (birth ≠ canonical, Đ4 note). It must not depend on KG reasoning output (AC-7) — identity is structural and precedes any graph inference. (S3 is the registry identity facet of the same table B1 writes; B1 is the write-at-INSERT behavior, S3 is the identity-pivot contract.)
S4 — Canonical address. [PARTIAL — column unused] The canonical_address scheme (and owner), shared across birth and IU lineage. Boundary: S4 defines the canonical addressing format; B6 decides which stamp lands in it. Canonical address is an output at promote (F4), not an INSERT-time fact. Materialization gated on CONS/CELL (S5) + Đ0-G recovery (S6). Design-only; materialization Owner-gated.
S5 — CONS/CELL dependency. [BLOCKER — open] The materialization-prerequisite gate: CONS-002 (thin 5-field IO contract vs Module-Contract-First), CONS-003 (6-Lớp vs 7-dimension composition model — unadjudicated), CELL-003/004/007 (cell_id dimensions unmaterialized). Boundary: S5 is a gate, not a producer: read-only scoping/design may proceed without it; any materialization of provenance / cell_id / dot_role / canonical_fields / stamps may not (R1-D7 / R2-D7 / OD-8). All open; resolution is a separate Owner-gated workstream.
S6 — Source-recovery. [MISSING — out-of-band] The Owner-controlled, out-of-band recovery capability for sources the read-only tools cannot reach: the LEGACY|S167H seed manifest (feeds K3) and Đ0-G (Constitution ref law-00g-birth.md broken; Đ0-G lives in architecture/ as a temporary working source — gates any R2 canonical materialization). Boundary: S6 recovers a source; it must not itself backfill or materialize (AC-5). SOURCE_RECOVERY_REQUIRED; CAV-2/CAV-3/CAV-4 apply (no overclaim of recoverability or live-file fidelity).
S7 — Evidence / audit log. [PARTIAL] The evidence trail every block emits (per-run counts, IDs, timestamps, hashes, paths — operating-rules AP-CLOSE; inspect-failure audit queue; kg_quality_log; governance_audit_log; event_outbox). Boundary: S7 is append-only evidence; it records, it does not decide or act. Every other block's "evidence required" contract field writes here.
S8 — Rollback / delete-and-rebuild boundary. [PATTERN] The per-block snapshot/rollback discipline that makes "delete and rebuild without cascading damage" real. The reusable pattern exists: fn_iu_enact (atomic + post-write-verify), Đ39's mandatory snapshot/rollback for ABox self-learning. Boundary: S8 defines, per block, the rollback unit (what one block's change can be undone without touching others). It is a discipline/contract, not a script — no concrete rollback script is written here (forbidden).

10. Block contract table

Eleven contract fields per block, split across two tables for readability (10A = responsibility/IO/gate; 10B = evidence/dependencies/replacement). "Mutate runtime?" — No = design-only forever for this block's nature; Future-gated = only after a separate Owner gate.

10A — Responsibility · Input · Output · Authority gate · Mutate runtime?

ID	Name	Responsibility	Input	Output	Authority gate	Mutate runtime?
B1	Birth registration	Mint identity-root + uncertified record at INSERT	Entity INSERT (governed/observed)	`birth_registry` row `certified=false` + PREFIX-NNN	Existing trigger fabric (no new authority)	EXISTS (no change needed)
B2	Inspect producer	Produce PEN/STAMP/GATE results for uncertified births	Uncertified rows + Đ0-G rules	`inspect_pen/stamp/gate` only	Đ32 to go standing; Đ37 owner (S2)	Future-gated
B3	Inspect result (contract)	Define meaning/shape of "inspected"	(interface)	The `inspect_*` stud	Coordinated B2+B4 change only	Contract surface (no behavior)
B4	Certify consumer	Flip `certified` when all `inspect_*` present	`inspect_*` (B3)	`certified=true`,`certified_at`	Canonical adds Đ32 promote-checker	EXISTS (no change needed)
B5	Backlog handling	One-time governed pass over 1.21M historical rows	Historical uncertified rows + B3 contract	`inspect_*` for backlog (via same rules)	Đ32 + S5 + S6	Future-gated
B6	Stamp mapping	Map BIRTH/PROMOTE_STAMP onto existing fields	F4 vocab + existing columns	A mapping (design); fields at promote	HOLD-2 + S5; Đ32 to materialize	Future-gated (concept now)
B7	GUC / gate policy	Decide warn-vs-block birth-gate mode + criteria	Persisted GUC state (CAV-5)	A policy decision + flip criteria	Đ32; requires standing B2	Future-gated
K1	KG runner gate	Gate real-run behind 5 fail-closed gates	`dot_config` + ownership + contract mode	NO_GO / per-gate verdict	Đ32 per gate-clear	Future-gated (gates stay shut)
K2	KG DOT contract	Bind/mode KG DOTs to dispatch	KG DOT + endpoint	Contract binding + `DRY_RUN`/`REAL_RUN` mode	Đ32 to promote mode	Future-gated
K3	Provenance source recovery	Establish provenance source-of-truth (2 origins)	Directus relations; S167H manifest (S6)	A provenance source-of-truth	Đ32; S6 for S167H	Future-gated (design/study now)
K4	Edge provenance tagging	Stamp `provenance` onto edges from SoT	K3 SoT + edges	`provenance` JSONB on edges	Đ32 + S5 to backfill	Future-gated
K5	Quarantine decision	"No provenance = quarantine" + threshold gate	`provenance` presence + `kg_thresholds`	`status='quarantine'` decision	Đ32 to mutate edges	Future-gated (design now)
K6	KG quality/explain log	Record explanation/quality (report-only)	KG DOT outputs	`kg_quality_log` rows (no action)	Report-only (no enact)	Future-gated (wiring)
K7	Qdrant/vector separation	Hold vector≠provenance separation	(guard)	A stated, enforced boundary	n/a (design statement)	No (boundary guard)
S1	Owner / Điều 32	Single approval lane for all writes	`approval_requests` + quorum	approve/reject/ESCALATE_L3	Self (the gate)	EXISTS (must not be bypassed)
S2	Owner assignment	Assign `dot:kg` + producer owners	Đ37 authority map	Ownership decision (design)	Đ37 → Đ32	Future-gated
S3	Registry/pivot identity	Identity-root pivot	INSERT identity	PREFIX-NNN identity contract	Existing (structural)	EXISTS
S4	Canonical address	Canonical addressing scheme (at promote)	Promote event	`canonical_address` value	S5 + S6; Đ32	Future-gated
S5	CONS/CELL dependency	Gate all materialization	Composition-model resolution	Materialization allow/deny	Separate Owner workstream	No (a gate; blocks others)
S6	Source-recovery	Out-of-band recover Đ0-G + S167H	Owner-controlled external sources	Recovered source	Owner (out-of-band)	Future-gated (out-of-band)
S7	Evidence/audit log	Append-only evidence trail	All blocks' run-evidence	Audit/evidence records	Append-only (no decide)	Future-gated (writers)
S8	Rollback boundary	Per-block snapshot/rollback discipline	Per-block change unit	A rollback contract (not a script)	Design discipline	No (discipline/contract)

10B — Evidence required · Depends on · Must NOT depend on · Replacement boundary

ID	Evidence required	Depends on	Must NOT depend on	Replacement boundary
B1	Rows minted, `certified=false` count	S3 identity scheme	B2/B4 (must not certify)	Trigger fabric swappable; contract = write `certified=false` only
B2	Rows inspected/passed/failed, runner id, timestamps	B1 rows, B3 contract, S2 owner, S6 (if rules need recovery)	B4 (must not certify); the channel must not leak into contract	Producer channel is internal & swappable; contract = write `inspect_*` only
B3	Contract version / shape	—	any block's internals	Contract evolves only by coordinated B2+B4 change
B4	Rows certified, `certified_at`	B3 contract	B2/B5 internals (consumes evidence, never makes it)	Consumer logic swappable; contract = read `inspect_*`→set `certified` atomically
B5	One-time pass counts, scope bound, Owner approval id	B3 contract, B2 rules, S5, S6	the 2026-03-21 fused shortcut (forbidden)	One-shot bounded job; deletable after run; same B3 contract
B6	The mapping table (design artifact)	B4 `certified*`, S4, HOLD-2	net-new stamp columns (parallel SSOT)	Re-mappable onto existing fields; no new SSOT
B7	Persisted-GUC read (CAV-5 scope)	B2 existence, Đ35 §10 criteria	flipping `block` before B2 exists (AC-9)	Policy swappable; flip is reversible config
K1	Per-gate GO/BLOCK verdict	S2 owner, K2 contract, K3/K4 provenance	executor process-log claims (CAV-1)	Gate set swappable; contract = fail-closed multi-gate verdict
K2	Contract rows, mode	K1 order, dispatch endpoint	provenance/quarantine logic	Contract binding swappable; reuse EXPLAIN pattern
K3	Source-of-truth manifest/derivation	S6 (S167H), Directus defs	K1 reasoning output (AC-7-adjacent)	DIRECTUS vs S167H sub-paths independently replaceable
K4	Edges tagged, idempotency key	K3 SoT	creating the SoT (AC-4)	Tagger swappable; contract = write `provenance` from SoT, OCC-safe
K5	Quarantine decisions, threshold basis	K4 provenance, `kg_thresholds`	mutating edges without Đ32 (AC-6)	Quarantine lane swappable; contract = decide from provenance presence
K6	`kg_quality_log` rows	KG DOT outputs	acting on its own findings (report-only)	Log/scanner swappable; report-only contract
K7	The stated separation	—	being used as provenance (AC-8)	Boundary statement; vector store swappable behind it
S1	Quorum records, votes	Đ32 quorum config	self-approve of own high-risk; Owner risk self-downgrade	The approval lane; never bypassed
S2	Ownership decision record	Đ37 authority map	KG output deciding ownership	Owner assignment re-decidable
S3	Identity assignment record	—	KG reasoning output (AC-7)	Identity pivot stable; structural
S4	Canonical address value	S5, S6, promote event	INSERT-time canonical claim (birth≠canonical)	Address scheme re-definable at promote
S5	CONS/CELL resolution status	composition-model decision	being treated as resolved (it is OPEN)	A gate; resolution is separate workstream
S6	Recovered source + provenance of recovery	Owner out-of-band action	claiming recoverability before recovery (CAV-2)	Per-source recovery independently replaceable
S7	The evidence records themselves	all blocks	deciding/acting (append-only)	Log sink swappable; append-only contract
S8	Per-block rollback unit definition	`fn_iu_enact`/snapshot pattern	a concrete script (forbidden here)	Rollback unit re-definable per block

11. Isolation / replaceability / rollback table

Safe failure modes are drawn from the menu: fail closed · quarantine · no-op · pending-Owner-approval · read-only report only · certification remains false · KG DOT remains DRY_RUN.

ID	Tested alone?	Deleted/rebuilt alone?	Rollback boundary	Must NOT be coupled to	Invalid design smell	Safe failure mode
B1	Yes (assert `certified=false` minted)	Yes (regenerate trigger fabric)	One INSERT-trigger set	certification logic	B1 setting `certified=true`	certification remains false
B2	Yes (feed sample rows, read `inspect_*`)	Yes (swap channel, keep contract)	One producer run	B4 internals; a specific channel	producer also certifies; channel in contract	no-op (no stamps written)
B3	Yes (validate shape)	Yes (versioned contract)	Contract version	any block body	B3 carrying behavior	(interface — stays stable)
B4	Yes (set `inspect_*`, expect certify)	Yes (rewrite consumer)	One AFTER-UPDATE trigger	producer internals	B4 producing inspect evidence	certification remains false
B5	Yes (bounded sample)	Yes (one-shot job)	One bounded backlog pass	live forward path; the fused shortcut	mass stamp-in-INSERT at scale	pending-Owner / no-op
B6	Yes (validate mapping on paper)	Yes (re-map)	A design artifact	net-new columns	inventing a parallel stamp SSOT	pending-Owner (concept)
B7	Yes (read persisted GUC)	Yes (re-decide policy)	A config flip (reversible)	flipping block w/o B2	block-mode before producer	warn-mode (fail-open) → stays warn until B2
K1	Yes (evaluate preflight)	Yes (redefine gate set)	Per-gate config	executor process-log claims	clearing gates to "make it run"	NO_GO (fail closed)
K2	Yes (bind one DOT DRY_RUN)	Yes (reuse EXPLAIN pattern)	One contract row	provenance/quarantine	contract deciding provenance	KG DOT remains DRY_RUN
K3	Yes per origin (Directus / S167H)	Yes (per sub-path)	One source derivation	K1 reasoning output	recovery writing edges	read-only report only
K4	Yes (tag sample from SoT)	Yes (rebuild tagger)	One idempotent tag batch	creating the SoT	tagger inventing provenance	no-op (untagged → quarantine via K5)
K5	Yes (decide on sample)	Yes (redefine lane)	One status decision	mutating edges w/o Đ32	quarantine auto-mutating edges	quarantine (the safe state itself)
K6	Yes (write a log row)	Yes (rebuild scanner)	Append-only rows	acting on findings	log auto-fixing	read-only report only
K7	Yes (assert separation)	Yes (swap vector store)	A boundary statement	being a provenance source	vector treated as provenance	no-op (provenance absent → quarantine)
S1	Yes (run a quorum vote)	Yes (within Đ32)	One approval decision	self-approve; risk self-downgrade	a bypass path	fail closed (no approval → no write)
S2	Yes (decide owner on paper)	Yes (re-decide)	One ownership record	KG output	KG deciding its own owner	pending-Owner
S3	Yes (assert identity)	Yes (structural)	One identity assignment	KG reasoning (AC-7)	identity from inference	fail closed (no identity → no birth)
S4	Yes (validate scheme)	Yes (re-define)	A scheme definition	INSERT-time canonical	canonical-at-INSERT	pending-Owner (no canonical)
S5	n/a (a gate)	n/a (resolution = separate workstream)	The materialization gate	being assumed resolved	materializing while OPEN	fail closed (block materialization)
S6	Yes per source	Yes per source	One recovery	claiming recovery pre-fact (CAV-2)	asserting a source exists	read-only report only
S7	Yes (write+read a record)	Yes (swap sink)	Append-only log	deciding/acting	log that mutates state	append-only (no-op on read)
S8	Yes (define a rollback unit)	Yes (re-define)	The per-block unit	becoming a live script here	a concrete mutate-script in this packet	(discipline — design only)

12. Integration boundaries

Blocks integrate ONLY through named contract surfaces (studs). No block calls another block's body; no block shares mutable internal state.

B2 → B4 via B3 (inspect_* columns). The producer writes the three timestamps; the consumer reads them. Neither knows the other's internals. This is the load-bearing decoupling that already lets B4 be "healthy but starved." B5 (backlog) plugs into the same stud.
B4 → B6 via certified/certified_at. Certification result is the stud; stamp mapping reads it. B6 → S4 via canonical_address (at promote only).
B7 wraps B1's birth-gate mode via the app.birth_gate_mode GUC (persisted layer only — CAV-5). It is a policy around registration, not inside it.
K3 → K4 via a provenance source-of-truth record. Recovery produces the SoT; tagging reads it. K3's two origins (Directus, S167H) are two independent sub-studs.
K4 → K5 via the provenance JSONB on edges. Tagging writes provenance; quarantine reads presence/threshold. Absence of the stud is itself the trigger ("no provenance = quarantine").
K1 gates K2 gates execution. The five-gate preflight verdict is the stud; contract-mode promotion is the next stud; both are fail-closed and ordered (R1-D2).
K6 is the explainability stud ("no explanation = no execution") — read-only; it never feeds back as an action.
S1/Đ32 is the universal write stud. Every write-enabled move in any block produces an approval_requests record and waits for a quorum verdict before proceeding. This is the only place R1 and R2 converge for writes.
S5 is the universal materialization stud. Any block reaching materialization (K4 backfill, B5 disposition, B6/S4 stamps, cell_id/dot_role/canonical_fields) checks the S5 gate first; OPEN ⇒ blocked.
S6 is the out-of-band recovery stud feeding K3 (S167H) and S4 (Đ0-G). S7 is the universal evidence stud: every block appends run-evidence; no block reads S7 to make a decision.

Cross-package boundary (the central isolation claim). R1 (K-blocks) and R2 (B-blocks) share zero write surface at the design tier. They touch only the shared S-blocks, and only at two convergence gates: S1 (Đ32/Đ37 Owner authorization) for any write-enabled clear/build, and S5 + S6 (CONS/CELL + source-recovery) for any materialization. Neither convergence is reached by a design-only package. R1 ∥ R2 is therefore safely parallelizable now.

13. Forbidden couplings and anti-patterns

The twelve anti-coupling rules, each grounded in the root-cause evidence. All are MUST-NOT.

Rule	Statement	Evidence it guards against
AC-1	Birth registration (B1) must not directly certify (B4).	The 2026-03-21 fused `INSERT … certified=true` mega-statement.
AC-2	Inspect producer (B2) must not stamp `certified=true` without an inspect result.	Bootstrap faked `inspect_*=now()` + `certified=true` together.
AC-3	Certify consumer (B4) must not produce inspect evidence (B3).	Keeps the producer/consumer decoupling that makes B4 testable.
AC-4	KG runner (K1) / tagger (K4) must not create the provenance source-of-truth (K3).	No SoT exists; a runner inventing one = ungoverned provenance.
AC-5	Provenance recovery (K3/S6) must not directly backfill edges (K4).	Recovery is read-only/design; backfill is a separate Owner-gated write.
AC-6	Quarantine decision (K5) must not mutate edges without an Owner-gated write package.	Quarantine is absent today; arming it as auto-mutate skips Đ32.
AC-7	Registry/pivot identity (S3) must not depend on KG reasoning output.	Identity is structural and precedes inference; KG is `REGISTERED_NOT_EXECUTED`.
AC-8	Qdrant/vector search (K7) must not be treated as provenance.	Category error: embeddings ≠ governance provenance.
AC-9	GUC policy (B7) must not flip to `block` without a standing producer (B2).	Would hard-fail 192 live birth triggers with no inspection path.
AC-10	No block may auto-fix another block.	Scanner = list-only (Đ39/Đ35); auto-fix → proposal via Đ32.
AC-11	No report PASS may become Owner authorization.	`PASS_WITH_CAVEATS` ≠ authorization; default HOLD.
AC-12	No mega-registry / mega-graph / mega-pipeline.	The fused bootstrap and "one KG engine" are the prohibited shapes.

Anti-mega-system rules (structural).

No mega-pipeline: the birth lane stays B1▸B2▸B3▸B4 with the backlog (B5) as a separate one-shot, never a single fused statement.
No mega-graph: KG stays recovery(K3)▸tag(K4)▸quarantine(K5) + gate(K1)▸contract(K2), each one narrow task (Đ39 DOT-một-việc-hẹp) — never one engine that reasons + tags + quarantines + certifies.
No mega-registry: extend birth_registry/universal_edges/existing ledgers (Assembly First); no second SSOT (Đ39 NT1/NT11) — no parallel stamp columns, no parallel graph store (NT8 "PG→AGE→Neo4j NEVER").
No hidden coupling across birth ↔ registry ↔ pivot ↔ graph ↔ automation: these meet only at the shared S-blocks, only through named studs, only behind Đ32 for writes.

14. Owner-gated future write actions

Every action below is still forbidden now. Each becomes possible only after a separate Owner gate (and, where noted, CONS/CELL + source recovery). Listing them is scoping, not authorization.

Future action	Block	Gate required	Still forbidden now?
Build/wire the standing inspect producer	B2	Đ32 + S2 owner + channel decision (R2-D2)	Yes
Run the one-time backlog inspection pass	B5	Đ32 + S5 + S6 + B2 standing	Yes
Materialize BIRTH/PROMOTE_STAMP onto existing fields	B6	HOLD-2 + S5 + Đ32	Yes
Flip `app.birth_gate_mode` warn→block	B7	Đ35 §10 criteria + B2 standing + Đ32	Yes
Clear any of the 5 KG gates (config flips)	K1	Đ32, in R1-D2 order, master switches last	Yes
Assign `dot:kg` owner (`PROC-OWN-04`)	S2/K1	Đ37 → Đ32	Yes
Promote `DOT_KG_*` contract `DRY_RUN→REAL_RUN`	K2	Đ32	Yes
Build/extend agent-api contracts for provenance/quality DOTs	K2	Đ32	Yes
Backfill edge `provenance`	K4	Đ32 + S5 + K3 SoT	Yes
Build the quarantine lane / quarantine any edge	K5	Đ32 (+ design after K3)	Yes
Wire KG quality/explanation writers	K6	Đ32	Yes
Recover the `LEGACY	S167H` manifest / Đ0-G source	S6/K3/S4	Owner out-of-band (CAV-2)
Materialize `cell_id`/`dot_role`/`canonical_fields`/canonical_address	S4/S5	CONS-002/003 + CELL-003/004/007 resolved + Đ32	Yes
Assign/write `governance_object_ownership`	S2	Đ37 → Đ32	Yes
Disposition the 170 unvoted-applied residue / close RISK-BYPASS	S1 (R4)	Đ32 (audit/annotate/quarantine — never auto-revert)	Yes

15. What remains unresolved

BOUNDARY_UNCLEAR — B2/B5 producer channel. The standing producer channel (host cron / pg_cron / agent-api executor / job_queue worker, R2-D2) is not decided. This is deliberately inside the block (a replaceable internal), not the block boundary — the contract (read uncertified → write inspect_*) is channel-independent. Channel selection is a later design-only decision; the build is FUTURE_TECHNICAL_DESIGN_REQUIRED.
SOURCE_RECOVERY_REQUIRED — K3 (S167H) and S4/S6 (Đ0-G). The LEGACY|S167H seed manifest is not in the substrate; Đ0-G's Constitution reference is broken. Both need out-of-band Owner-controlled recovery. Per CAV-2, we do not assert these are recoverable or unrecoverable — only that they are absent from the inspected substrate.
OWNER_GATE_REQUIRED — every write in §14, plus S2 ownership and S1 residue disposition. None authorized.
Blockers stay OPEN: CONS-002, CONS-003, CELL-003/004/007, HOLD-1, HOLD-2, RISK-BYPASS, GOV-016/017, GOV-REUSE-001, Đ39 runtime-EMPTY (0-provenance), Đ35 production-readiness FAIL. None resolved here.
FUTURE_TECHNICAL_DESIGN_REQUIRED (moved out of this packet, not written): producer-build mechanics, backlog-pass mechanics, quarantine-lane mechanics, provenance-tagging mechanics, contract-wiring, GUC-flip mechanics, any schema/DDL/function/migration/rollback-script. These are explicitly NOT written here — they belong to a later, separately-authorized package.
CAV-6 documentary typo in the prior combined exec report is carried but not patched (patching a prior report is forbidden); any cosmetic fix is a separate Owner decision.
NOT_LEGO_COMPATIBLE: none. Every major area split cleanly into isolated blocks. The two soft boundaries (B6/S4, K3/S6) were resolved by keeping the blocks separate, not by merging — consistent with the LEGO filter.

16. Recommended next package

This packet does not open any next package. It recommends the sequence:

NP-1 — GPT review of this modular scoping.
NP-2 — Codex adversarial control review (after GPT).
NP-3 — Owner chooses the exact next design-only block-contract package — one of:
- R1 design-only block-contract packet (K-blocks: K1 gate order, K2 contract extension, K3 source-recovery study, K4/K5 provenance+quarantine semantics, K6 explainability) — design-only; or
- R2 design-only block-contract packet (B-blocks: B2 producer contract + channel evaluation, B3 contract, B5 backlog approach, B6 stamp mapping, B7 GUC policy) — design-only; or
- R1 ∥ R2 block-contract packets in parallel — design-only (consistent with Option D; zero shared write surface).
- Resource-constrained fallback (Codex-noted): open R2 first (backlog grows live) — but this must not be read as backlog write-priority over the Đ39 provenance invariant.
NP-4 — Write-enabled remediation remains forbidden until, in order: a design-only block-contract package → Codex review → Owner approval → a rollback plan → a runtime-verification plan. No automatic TD. No automatic write-enabled remediation.

Expected recommendation: First GPT reviews this modular scoping; second Codex reviews; third Owner approves the exact next design-only package. Default HOLD.

17. Ready for GPT/Codex review

Yes. This packet is a complete design-only modular block map: 22 isolated blocks across Birth/Certify (B1–B7), KG/Provenance/Quarantine (K1–K7), and Shared governance (S1–S8); a contract per block; isolation/replaceability/rollback per block; explicit integration studs; 12 anti-coupling rules; a fully Owner-gated future-write list; all six caveats carried; all blockers open; nothing built, mutated, or authorized.

Core rule, kept above all details: Do not design a complex interlocked machine. Design small LEGO blocks with explicit contracts. If one block is wrong, it must be removable and rebuildable without breaking the rest.

Default disposition: HOLD. PASS = a complete design-only block map; it is NOT an Owner authorization to design-in-detail or remediate.