R2-B Block Contract Packet — LEGO Design-Only

Date: 2026-06-18 · Workstream: R1-K-R2-B-BLOCK-CONTRACT-PACKETS-LEGO-2026-06-18 (R2-B half — birth / inspect producer / backlog / certify / stamp mapping, Điều 4 / Điều 0-G surface) · Editorial revision: rev1 Class: design-only / block-contract scoping / decision-support · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NOT remediation · NOT technical design · NOT implementation · NO blocker resolved.

Metadata convention. This body pins no volatile AgentData storage revision/content_length. Editorial revision (rev1) only. AgentData storage revision and content_length are authoritative in AgentData metadata at read time.

Separation lock. This is the R2-B packet only. It is a separate document from the R1-K Block Contract Packet (consolidation/r1-k-block-contract-packet-lego-2026-06-18.md). The two packets are not merged and share zero write surface at the design tier (see §10/§12). There is no fifth combined packet.

0. Status and non-authorization

STATUS: PASS (engineering / design-only). This packet expands the seven B-blocks of the accepted R1/R2 Modular LEGO Architecture Scoping into a deeper, per-block contract set for the birth / inspect / certify / stamp lane: a full contract per block, isolation/replaceability/rollback per block, a bad-input / invalid-state rejection matrix proving each block's contract is fail-closed at the conceptual level, plus a design-only Codex-style adversarial reconstruction. It builds nothing, mutates nothing, authorizes nothing.

Engineering PASS ≠ authority PASS. A PASS here means the B-block contracts are complete and fail-closed on paper. It is not an Owner authorization to design-in-detail, to write technical design, or to remediate. Default disposition: HOLD.

Pipeline position.

Accepted R1a/R2a root-cause baseline (+ Codex PASS_WITH_CAVEATS) → Owner Decision Packet matrices (Option D recommended) → Modular LEGO Architecture Scoping (block map) → this R2-B design-only block-contract packet → (only if separately authorized) a narrower design-only TD-prep package → (only if separately authorized again) write-enabled remediation.

Non-authorization (explicit). This document does not, and cannot: run any DB write / DDL / DML; restart or reload any container or service; run any worker / cron / job; trigger birth / certify / promote / repair / DOT / KG execution; set inspect_pen / inspect_stamp / inspect_gate; set certified=true; re-run dot-birth-backfill / dot-inspect-pen; flip any dot_config gate or app.birth_gate_mode; assign a governance owner; write env / config files; patch source code; patch any source law / draft / note / prior report; create a current corpus; write technical design; implement; resolve any blocker; materialize BIRTH_STAMP / PROMOTE_STAMP / cell_id / dot_role / canonical_fields / canonical_address; change authority order (CONS-004); change the v0.1 baseline; promote v0.2-hardening.

Evidence basis — INHERITED_EVIDENCE. Every runtime fact below is inherited from prior accepted read-only runs (R2a root-cause study rev1 PASS; R2 readiness scope rev1 PARTIAL; Phase-1B rev1; carried by the Modular LEGO Scoping rev1 + Owner Decision Packet rev1). No runtime was queried, executed, or mutated in producing this packet. No claim of fresh runtime verification is made. The VPS PostgreSQL directus DB is the sole substrate-of-truth in those prior runs; the local repo is substrate-free/stale.

1. Purpose

Convert the R2 (birth / certify / inspect-producer / stamp-mapping / backlog) problem space into seven isolated LEGO blocks (B1–B7), each with an explicit contract, each testable / replaceable / deletable in isolation, integrating only through named data-contract studs, and each provably fail-closed against bad input — as design direction, not as a build.

This packet answers, for each B-block: responsibility (one narrow task), input/output contract, evidence-of-working, must-not-depend, safe failure mode, where the Owner gate applies, where materialization stays blocked, how it is replaced/deleted/rolled-back in isolation, and how it rejects bad input fail-closed (conceptually).

It references the shared governance gates (S1, S2, S5, S6, S7, S8) only as external contracts (§12); it also references the structural shared surfaces S3 (registry/pivot identity) and S4 (canonical address) as external, since B1 writes into the S3 identity pivot and B6 maps a stamp onto the S4 address — neither is redesigned here.

2. Sources read

All read first-hand this run via read-only AgentData batch_read (full content), decoded and read in full. None SOURCE_NOT_READ. Cited by name + editorial revision; AgentData metadata authoritative at read time.

Cluster	Source	Status	Used for
LEGO map	`consolidation/r1-r2-modular-lego-architecture-scoping-2026-06-18.md` (rev1)	READ (full)	B1–B7 block map, contracts, AC-rules, integration studs
LEGO map	`reports/r1-r2-modular-lego-architecture-scoping-execution-report-2026-06-18.md` (rev1)	READ (full)	non-authorization posture, design-only altitude
LEGO map	`reports/codex/codex-review-r1-r2-modular-lego-architecture-scoping-2026-06-18.md`	READ (full)	adversarial-control framing
Owner decision	`consolidation/owner-decision-packet-r1a-r2a-root-cause-2026-06-18.md` (rev1)	READ (full)	R2-D1..D7 matrix, Option D, two-track backlog, CAV-3/4/5
Owner decision	`reports/owner-decision-packet-r1a-r2a-root-cause-execution-report-2026-06-18.md` (rev1)	READ (full)	caveat cross-map, non-authorization
Owner decision	`reports/codex/codex-review-owner-decision-packet-r1a-r2a-root-cause-2026-06-18.md`	READ (full)	acceptance, anti-automation condition
R2 root cause	`reports/r2a-birth-inspection-runner-cron-log-root-cause-2026-06-18.md` (rev1)	READ (full)	one-shot bootstrap, starved consumer, 1.21M backlog, GUC
R1/R2 exec	`reports/r1a-r2a-runner-cron-log-root-cause-execution-report-2026-06-18.md` (rev2)	READ (full)	combined posture, CAV-6 metadata note
R1/R2 codex	`reports/codex/codex-review-r1a-r2a-runner-cron-log-root-cause-2026-06-18.md` (`PASS_WITH_CAVEATS`)	READ (full)	the 6 caveats verbatim, per-check verdicts
Phase-1B	`consolidation/phase1b-runtime-truth-blocker-decision-packet-2026-06-17.md` (rev1)	READ (full)	blocker bundle, R2 macro, HOLD-2, OD-8
R2 scope	`reports/r2-birth-certify-canonical-stamp-readiness-scope-2026-06-17.md` (rev1)	READ (full)	`inspect_*` chain, `fn_birth_auto_certify`, unused columns
R1/R2 scope exec	`reports/r1-r2-parallel-readonly-scoping-execution-report-2026-06-17.md` (rev1)	READ (full)	design-only/materialization split
Anchor	`notes/dieu4-birth-process-compatibility-note.md` (rev1)	READ (full)	birth≠canonical, PEN→STAMP→GATE, promote-checker
Anchor	`architecture/birth-registry-law.md` (Điều 0-G v1.0)	READ (full)	inspection pipeline, inspect_* semantics, certify trigger
Anchor	`notes/dieu32-approval-owner-gate-compatibility-note.md` (rev1)	READ (full)	Owner gate / Mức-3 / ESCALATE_L3
Anchor	`laws/dieu32-approval-law.md` (v1.1 BAN HÀNH)	READ (full)	quorum-by-risk, anti-bypass, unimplemented-handler gate
Anchor	`notes/dieu35-dot-governance-compatibility-note.md` (rev1)	READ (full)	reuse-pattern-not-turnkey, warn-vs-block, §10 criteria
Anchor	`ssot/operating-rules.md` (v7.58)	READ (full)	Assembly First, fail-closed default, AP-CLOSE evidence

3. Accepted R2 root-cause baseline (carried, not re-derived)

Carried verbatim in substance from R2a (Codex PASS_WITH_CAVEATS). The headline: R2 is not a broken pipeline — it was never a standing pipeline. The 2026-03-21 certification was a manual one-shot bootstrap; the inspect→certify producer was never operationalized. There is nothing to "restart," only a producer to build.

The 2026-03-21 06:00–08:00 certification was a one-shot, operator-run S157-A bootstrap: dot-birth-backfill + an s157b seed, run via SSH + docker exec, which stamped inspect_pen/stamp/gate + certified=true directly in the INSERT (SELECT … 'backfill:dot-birth-backfill', true, now(), now(), now(), now() … ON CONFLICT (entity_code) DO NOTHING). Provenance buckets (backfill:dot-birth-backfill 112, backfill:s157b 1272, SYSTEM-s157b|claude|2026-03-21 18) + script content agree exactly. 1 distinct certification day. (CAV-3: 2026-03-21 container logs unavailable — supported indirectly. CAV-4: scripts read from the synced local mirror, not live /opt/incomex/dot/bin — no byte-for-byte claim.)
It never recurred because the producer was never operationalized: inspector DOTs DOT-TAC-BIRTH-VERIFY (cron 0 6 * * *, metadata-only) and DOT-TAC-BIRTH-GATE (event) are unwired registration stubs (engine_unclassified / requires_runner, no file_path/script_path/execution_engine, no agent-api contract, coverage_status=partial, last_executed=NULL); no pg_cron; the host 0 6 * * * slot belongs to dot-nrm-lifecycle, not birth-verify; no host-cron/systemd entry references birth/inspect/certify; the only producers are manual CLIs (dot-inspect-pen, dot-birth-backfill) nobody scheduled.
The auto-certify consumer is healthy but starved: trg_birth_auto_certify → fn_birth_auto_certify (ENABLED) flips certified=true, certified_at=now() once all three inspect_* are present. It only READS inspect_*. No live PG function/trigger WRITES inspect_pen/stamp/gate (inspect-named triggers = 0). The pipeline is starved at the inspection stage — a healthy consumer with no producer.
The backlog grows live: 1,211,557 uncertified births (0 inspect stamps; last born 2026-06-17 13:30) vs 1,402 certified (all 2026-03-21) = 0.1156%; 192 birth triggers (191 enabled) mint certified=false rows continuously; event_outbox grows (215,588 rows, ~215,227 = system/issue_opened) but is undrained and carries no birth/certify events.
GUC persisted layer empty: pg_settings WHERE name LIKE 'app.%' = 0 rows and pg_db_role_setting = 0 rows → effective birth-gate mode is warning (fail-open warn) and app.bypass_birth_gate is not engaged by any persisted config. (CAV-5: the transient session layer is unreadable — must not claim a transient bypass certainly does not exist.)
Stamps & promote mechanics: BIRTH_STAMP/PROMOTE_STAMP/OWNER_STAMP/GOV_STAMP are conceptual F4 targets, not DB artifacts. birth_registry carries unused columns status/canonical_address/owner/jsonb_profile. fn_iu_enact is a real atomic + fail-closed + post-write-verified promote — but for the IU lineage only (HOLD-2 PARTIAL), not birth-certify.

Findings carried (accepted, all OPEN): R2a-F1 HIGH (no standing producer/runner), R2a-F2 HIGH (one-shot manual bootstrap — PASS_WITH_CAVEAT per CAV-3/4), R2a-F3 HIGH (cron not wired), R2a-F4 HIGH (1.21M backlog, starved consumer), R2a-F5 MEDIUM/INFO (GUC persisted empty / warn-mode — PASS_WITH_CAVEAT per CAV-5), R2a-G1 INFO gap (old-log/mirror). 0 CRITICAL; no active mutation/certify/inspect-write/birth execution.

4. Caveats carried

All six Codex caveats are carried verbatim in substance and constrain the B-block contracts. Carried, not resolved. (CAV-1/CAV-2 are R1-lane caveats, carried for completeness; they bind R1-K's K1/K2/K3/K4, not the B-blocks.)

Caveat	Statement (carried)	Constrains which B-blocks
CAV-1	R1a has no executor process-log proof (DENIED). DB-contract/preflight layer only.	(R1-lane — does not bind B-blocks)
CAV-2	"No provenance SoT" = no SoT in the inspected substrate, not "never recoverable."	(R1-lane — does not bind B-blocks)
CAV-3	R2a "manual one-shot bootstrap" is supported by DB `dot_origin` buckets plus synced local script content; the 2026-03-21 container logs are unavailable (tail-only). Supported indirectly, not by old logs.	B2 (inspect producer), B5 (backlog)
CAV-4	R2a producer scripts read from the synced local mirror, not live `/opt/incomex/dot/bin` (allowlist). No byte-for-byte live-file claim — synced-mirror evidence corroborated by matching DB `dot_origin`.	B2 (inspect producer), B5 (backlog)
CAV-5	The GUC conclusion is limited to no persisted server/db/role bypass/default. The transient session state remains unreadable. Must not claim a transient bypass certainly does not exist.	B7 (GUC / gate policy)
CAV-6	The combined R1a/R2a exec report has a non-material metadata typo (body `rev1`/`14799` vs AgentData `rev2`/`14798`; metadata wins). A cosmetic patch is a separate Owner-gated decision, not done here.	documentary only — no B-block; not patched here

5. LEGO invariant for R2-B

The invariant (above all detail): build the birth lane like LEGO — each block isolated, with a clear contract, testable alone, replaceable/deletable alone, integrating only through named studs, fail-closed by default.

Why the birth evidence makes this the right filter — the lane already shows LEGO succeeding and LEGO failing:

LEGO succeeding (preserve it). The certify consumer (trg_birth_auto_certify, B4) is decoupled from its producer (B2) through the inspect_* data contract (B3). That is exactly why the consumer is "healthy but starved": the missing producer did not break the consumer. A producer can be built, tested, and replaced against the existing inspect_* contract without touching the consumer. This is the LEGO ideal, already in the substrate.
LEGO failing (never repeat it). The 2026-03-21 bootstrap collapsed register + inspect + certify into a single INSERT … certified=true, inspect_pen=now(), inspect_stamp=now(), inspect_gate=now() — blocks B1+B2+B3+B4 fused into one mega-statement. It "worked" once but (a) certified without genuine inspection (stamps faked as now()), and (b) cannot be operationalized, tested, or rolled back block-by-block. Re-running that fused statement at 1.21M scale is the forbidden mega-pipeline (AC-1 / AC-2).

The design filter applied to every B-block (reject on any failure): (1) one narrow responsibility; (2) explicit contract surface only; (3) testable alone; (4) replaceable/deletable alone; (5) fail-closed default (certification stays false); (6) Assembly First (extend birth_registry / existing fields; no parallel stamp SSOT, Điều 39 NT11); (7) propose-never-self-enact anything canonical → route to S1/Điều 32 (the Điều 4 note: canonical certification needs a fail-closed promote checker + Owner gate, not async auto-certify alone).

The studs (birth lane). Blocks connect only through data contracts: the inspect_pen/inspect_stamp/inspect_gate timestamp columns (B3, the load-bearing stud); the certified/certified_at pair; the app.birth_gate_mode GUC (persisted layer only, CAV-5); the external S1 approval_requests record. No B-block calls another B-block's body; no B-block shares mutable internal state.

6. B-block inventory

Seven isolated blocks. No mega-block. Build-state legend (read-only observation carried from R2a, not a build plan): [EXISTS] present & healthy · [PARTIAL] present but incomplete · [MISSING] not built (the gap) · [CONCEPT] target with no artifact.

ID	Block	Build-state	One narrow responsibility
B1	Birth registration	[EXISTS]	Mint identity-root + `certified=false` record at INSERT (never certify)
B2	Inspect producer	[MISSING — core R2 gap]	Produce PEN/STAMP/GATE inspection results for uncertified births
B3	Inspect result (contract surface)	[PARTIAL]	The `inspect_*` data contract between producer and consumer
B4	Certify consumer	[EXISTS — healthy, starved]	Flip `certified=true` once all `inspect_*` present (atomic per row)
B5	Backlog handling	[MISSING]	One-time governed inspection pass over the 1.21M historical rows
B6	Stamp mapping	[CONCEPT]	Map BIRTH/PROMOTE_STAMP onto existing fields (no net-new SSOT)
B7	GUC / gate policy	[PARTIAL]	Decide warn-vs-block birth-gate mode + flip criteria

Soft boundaries kept split on purpose: B6 (stamp mapping) vs external S4 (canonical address) are kept separate — B6 decides which existing field carries which stamp; S4 owns the addressing scheme. B1 (write-at-INSERT behavior) vs external S3 (identity-pivot contract) are likewise the same birth_registry table seen from two facets, kept separate.

7. B-block contract table

Eleven contract fields per block are carried here (split 7A/7B); the remaining two — bad input / invalid state and expected rejection behavior — are in §9. Together §7 + §9 give all thirteen required fields per block. "Mutate runtime?" — No / EXISTS = the block needs no change; Future-gated = only after a separate Owner gate.

7A — Responsibility · Input contract · Output contract · Authority/Owner gate · Mutate runtime?

ID	Responsibility	Input contract	Output contract	Authority / Owner gate	Mutate runtime?
B1	Mint identity-root + uncertified record at INSERT	Entity INSERT (`governance_role ∈ {governed, observed}`)	`birth_registry` row `certified=false` + PREFIX-NNN	Existing trigger fabric (no new authority)	EXISTS (no change needed)
B2	Produce PEN/STAMP/GATE results for uncertified births	Uncertified rows + Điều 0-G inspection rule-set	`inspect_pen`/`inspect_stamp`/`inspect_gate` only	S1/Điều 32 to go standing; external S2 owner	Future-gated
B3	Define the meaning/shape of "inspected"	(interface — no behavior)	The `inspect_*` stud (contract surface)	Coordinated B2+B4 change only	Contract surface (no behavior)
B4	Flip `certified` when all `inspect_*` present	`inspect_*` (B3)	`certified=true`, `certified_at` (atomic per row)	Canonical entities add Điều 32 promote-checker	EXISTS (no change needed)
B5	One-time governed pass over 1.21M historical rows	Historical uncertified rows + B3 contract + same fail-closed rules	`inspect_*` for backlog (via the same rules)	S1/Điều 32 + external S5 + external S6	Future-gated
B6	Map BIRTH/PROMOTE_STAMP onto existing fields	F4 vocab + existing columns (`certified*`, unused `canonical_address`/`owner`/`jsonb_profile`)	A mapping (design); fields written at promote	HOLD-2 + external S5; Điều 32 to materialize	Future-gated (concept now)
B7	Decide warn-vs-block birth-gate mode + criteria	Persisted GUC state (`app.birth_gate_mode`, CAV-5)	A policy decision + flip criteria	Điều 35 §10 criteria + standing B2 + Điều 32	Future-gated

7B — Evidence required · Depends on · Must NOT depend on · Replacement boundary

ID	Evidence required	Depends on	Must NOT depend on	Replacement boundary
B1	Rows minted, `certified=false` count	external S3 identity scheme	B2/B4 (must not certify)	Trigger fabric swappable; contract = write `certified=false` only; never touches `inspect_*`/`certified`
B2	Rows inspected/passed/failed, runner id, timestamps	B1 rows, B3 contract, external S2 owner, external S6 (if rules need recovery)	B4 internals; the channel must not leak into the contract	Producer channel is internal & swappable; contract = write `inspect_*` only
B3	Contract version / shape	—	any block's internals	Contract evolves only by coordinated B2+B4 change
B4	Rows certified, `certified_at`	B3 contract	B2/B5 internals (consumes evidence, never makes it)	Consumer logic swappable; contract = read `inspect_*` → set `certified` atomically
B5	One-time pass counts, scope bound, Owner approval id	B3 contract, B2 rules, external S5, external S6	the 2026-03-21 fused shortcut (forbidden)	One-shot bounded job; deletable after run; same B3 contract
B6	The mapping table (a design artifact)	B4 `certified*`, external S4, HOLD-2	net-new stamp columns (parallel SSOT)	Re-mappable onto existing fields; no new SSOT
B7	Persisted-GUC read (CAV-5 scope)	B2 existence, Điều 35 §10 criteria	flipping `block` before B2 exists (AC-9)	Policy swappable; the flip is reversible config

8. B-block isolation / replaceability / rollback table

Safe failure modes drawn from the menu: fail-closed · no-op · pending-Owner-approval · certification remains false · warn-mode (stays warn until a producer exists).

ID	Tested alone?	Deleted / rebuilt alone?	Rollback boundary	Must NOT be coupled to	Invalid-design smell	Safe failure mode
B1	Yes (assert `certified=false` minted)	Yes (regenerate trigger fabric)	One INSERT-trigger set	certification logic	B1 setting `certified=true`	certification remains false
B2	Yes (feed sample rows, read `inspect_*`)	Yes (swap channel, keep contract)	One producer run	B4 internals; a specific channel	producer also certifies; channel in the contract	no-op (no stamps written)
B3	Yes (validate shape)	Yes (versioned contract)	Contract version	any block body	B3 carrying behavior	(interface — stays stable)
B4	Yes (set `inspect_*`, expect certify)	Yes (rewrite consumer)	One AFTER-UPDATE trigger	producer internals	B4 producing inspect evidence	certification remains false
B5	Yes (bounded sample)	Yes (one-shot job, deletable)	One bounded backlog pass	live forward path; the fused shortcut	mass stamp-in-INSERT at scale	pending-Owner / no-op
B6	Yes (validate mapping on paper)	Yes (re-map)	A design artifact	net-new columns	inventing a parallel stamp SSOT	pending-Owner (concept)
B7	Yes (read persisted GUC)	Yes (re-decide policy)	A config flip (reversible)	flipping `block` w/o B2	block-mode before producer exists	warn-mode (stays warn until B2)

Delete-and-rebuild discipline (S8 referenced). Each B-block's rollback unit is bounded above: B1 = one INSERT-trigger set; B2 = one producer run (swap channel, keep contract); B3 = a contract version; B4 = one AFTER-UPDATE trigger; B5 = one bounded backlog pass (deletable after run); B6 = a design artifact (re-map); B7 = a reversible config flip. The reusable atomic/post-verify pattern is fn_iu_enact (IU lineage) — a candidate to reuse, not a script to copy. No concrete rollback script is written here (forbidden) — only the per-block rollback unit is defined.

9. B-block bad-input / invalid-state rejection matrix

Conceptual contract check only — NOT run against runtime. Each row states a bad-input / invalid-state scenario and the expected fail-closed rejection behavior the block's contract must guarantee. Where the rejection contract is not yet fully determinable from the accepted baseline, it is marked BAD_INPUT_BEHAVIOR_UNCLEAR and the expected rejection contract is defined conceptually — no tested runtime result is claimed (INHERITED_EVIDENCE). The fail-closed test (point 6 of §13.A): if invalid input would still certify / stamp / produce a PASS, the contract is fail-open and must be rejected.

ID	Bad input / invalid state	Expected rejection behavior (fail-closed)	Grounding
B1	Entity INSERT with no/ungoverned `governance_role`, or invalid identity inputs (missing `entity_code`/collection)	Mint `certified=false` only, never `certified=true`, never any `inspect_` stamp. Ungoverned role → `observed`/`excluded` handling, no false certify*; invalid identity → fail-closed, no birth row faked. `ON CONFLICT (entity_code) DO NOTHING` (idempotent).	R2a §8; Điều 0-G §2.2; AC-1
B2	Uncertified row missing required identity fields, or inspection rule cannot pass cleanly	Reject the inspection or mark inspection failed; do not certify. Set only the `inspect_` column that genuinely passed; never* fake `inspect_=now()` and never* set `certified`. The 2026-03-21 stamp-in-INSERT shortcut is the explicit anti-pattern.	R2a §7 (faked stamps); R2-D4; AC-2/AC-3
B3	A partial inspect result (some but not all of `inspect_pen/stamp/gate` set)	The contract state = incomplete; B3 carries no behavior, so it simply does not present a "complete" signal — B4 must not certify off a partial set.	Điều 0-G §2.4 (all-three rule); R2 scope §4
B4	`inspect_pen`/`inspect_stamp`/`inspect_gate` incomplete (any one absent)	`certified` remains false. B4 flips `certified=true` only when all three are present; it never produces inspect evidence (AC-3). For canonical/kernel entities, auto-certify alone is insufficient → fail-closed promote checker + Owner gate (S1/Điều 32).	R2a §3; Điều 4 note (promote checker); AC-3
B5	Backlog batch lacks Owner approval / has no scope bound / asks for a mass stamp-in-INSERT	No-op; no backlog write. A pass runs only when bounded + Owner-approved (id recorded) + through the same B3 contract and same fail-closed rules. A mass shortcut at 1.21M scale is rejected outright.	R2-D3 (two-track, not shortcut); R2a §7; AC-1/AC-2
B6	A request to define net-new stamp columns for BIRTH/PROMOTE_STAMP	Reject as a parallel SSOT. Map only onto existing fields (`certified`/`certified_at`, unused `canonical_address`/`owner`/`jsonb_profile`); defining new columns alongside them is forbidden (Điều 39 NT11 / Assembly First).	R2-D5; Điều 39 NT11; AC-12
B7	A request to flip `app.birth_gate_mode` warn→`block` while no standing producer (B2) exists	Reject; remain `warning`. Flipping to `block` with no inspection path would hard-fail the 192 live birth triggers. The flip is allowed only after B2 stands up + Điều 35 §10 criteria met + Điều 32. CAV-5: the persisted-no-bypass claim does not extend to the transient session layer.	R2a §9; R2-D6; AC-9; CAV-5

The one structural fail-open to never worsen. app.birth_gate_mode defaults to warning — that is fail-open by construction in the current substrate (births pass the gate even uninspected). This is a known carried risk, not a B-block behavior to add: B7's contract is precisely to hold warn-mode (the safe state given no producer) and reject a premature flip to block, while B1 keeps minting certified=false (so nothing is falsely certified). The lane's certification fail-closure (B4 never certifies without all three stamps) is the compensating control. No B-block introduces a path that would certify on invalid input.

10. R2-B integration boundaries

B-blocks integrate ONLY through named contract surfaces (studs). No B-block calls another's body; no B-block shares mutable internal state.

B2 → B4 via B3 (inspect_* columns). The producer writes the three timestamps; the consumer reads them. Neither knows the other's internals. This is the load-bearing decoupling that already lets B4 be "healthy but starved." B5 (backlog) plugs into the same stud.
B4 → B6 via certified/certified_at. Certification result is the stud; stamp mapping reads it. B6 → external S4 via canonical_address (at promote only — birth ≠ canonical).
B7 wraps B1's birth-gate mode via the app.birth_gate_mode GUC (persisted layer only — CAV-5). It is a policy around registration, not inside it.
B1 writes into external S3 (the birth_registry identity pivot) — B1 is the write-at-INSERT behavior; S3 is the identity-pivot contract. B1 must not depend on KG reasoning (that is the S3↔K cross-package guard, AC-7), keeping the birth lane independent of the KG lane.

External convergence (referenced, not redesigned — see §12): every write-enabled move (producer build, backlog pass, stamp materialization, gate flip) routes through S1/Điều 32; any materialization (B5 disposition, B6/S4 stamps, cell_id/canonical) checks the S5 gate first; Điều 0-G recovery flows in via S6; all run-evidence appends to S7; per-block rollback follows S8.

Cross-package isolation (coordination statement). The R2-B (B) blocks and the R1-K (K) blocks share zero write surface at the design tier. They touch only the shared S-blocks, and only at two convergence gates: S1 (Điều 32/37 Owner authorization) for any write-enabled build/clear, and S5 + S6 (CONS/CELL + source-recovery) for any materialization. Neither convergence is reached by a design-only package. R2-B is therefore safely designable in isolation from R1-K; this packet redesigns no K-block and no S-block.

11. R2-B anti-coupling rules

The birth-lane subset of the twelve anti-coupling rules. All are MUST-NOT.

Rule	Statement	Evidence it guards against
AC-1	Birth registration (B1) must not directly certify (B4).	The 2026-03-21 fused `INSERT … certified=true` mega-statement.
AC-2	Inspect producer (B2) must not stamp `certified=true` without a genuine inspect result.	Bootstrap faked `inspect_*=now()` + `certified=true` together.
AC-3	Certify consumer (B4) must not produce inspect evidence (B3).	Keeps the producer/consumer decoupling that makes B4 testable.
AC-7	Birth registration / identity pivot (B1 / external S3) must not depend on KG reasoning output.	Identity is structural and precedes inference; KG is `REGISTERED_NOT_EXECUTED`. This is the birth↔KG cross-package isolation guard.
AC-9	GUC policy (B7) must not flip to `block` without a standing producer (B2).	Would hard-fail 192 live birth triggers with no inspection path.
AC-10	No B-block may auto-fix another block.	Scanner = list-only (Điều 39/Điều 35); auto-fix → proposal via Điều 32.
AC-11	No report PASS may become Owner authorization; no B-block routes a write around S1.	`PASS_WITH_CAVEATS` ≠ authorization; default HOLD.
AC-12	No mega-birth-pipeline / mega-registry.	The fused bootstrap is the prohibited shape.

Anti-mega-system rules (structural, birth lane). No mega-pipeline (the lane stays B1▸B2▸B3▸B4 with the backlog B5 a separate one-shot, never one fused statement); no mega-registry / no second SSOT (extend birth_registry; no parallel stamp columns — NT11 / Assembly First); no hidden coupling birth ↔ registry ↔ pivot ↔ graph ↔ automation (they meet only at the shared S-blocks, only through named studs, only behind Điều 32 for writes). AC-7 specifically keeps the birth lane from coupling to the KG lane.

12. Shared gates referenced, not redesigned

R2-B references the following shared governance gates only as external contracts. It does not redesign, weaken, or materialize them; the birth lane only consumes their contracts.

Shared gate	External contract R2-B relies on (referenced only)	B-blocks that touch it
S1 — Owner / Điều 32 approval	The single quorum approval lane (high: ≥1 `president` + ≥2 `ai_council` + 0 reject; medium: ≥1 `president`; low: ≥1 approve / valid auto-rule). Fail-closed, verdict-only, ESCALATE_L3 on canonical/kernel. Must not be bypassed.	B2 (go standing), B5 (backlog pass), B6 (materialize), B7 (flip)
S2 — producer owner assignment	Assign the birth-producer governance owner via Điều 37 authority map → Điều 32. Decide who; do not write it here.	B2
S5 — CONS/CELL dependency	The materialization-prerequisite gate (CONS-002, CONS-003, CELL-003/004/007). Read-only design may proceed; materialization may not until resolved.	B5 (disposition), B6 (stamps), any `cell_id`/`canonical`
S6 — Source-recovery	Out-of-band, Owner-controlled recovery of Điều 0-G (Constitution ref `law-00g-birth.md` broken; Đ0-G lives in `architecture/` as a temporary working source). Gates any canonical birth materialization.	B5, B6 (canonical), external S4
S7 — Evidence / audit log	The append-only evidence trail (inspect-failure audit queue, `governance_audit_log`, `event_outbox`; AP-CLOSE per-run counts/ids/timestamps/hashes). Records, never decides.	every B-block's "evidence required" appends here
S8 — Rollback / delete-rebuild boundary	The per-block snapshot/rollback discipline; `fn_iu_enact` atomic/fail-closed/post-verify pattern (IU lineage) as a reuse candidate. A discipline/contract, not a script.	B2 (producer run), B5 (backlog pass), B6

Structural shared surfaces referenced (not redesigned): S3 — registry / pivot identity (the birth_registry PREFIX-NNN identity pivot B1 writes into; birth ≠ canonical; must not depend on KG reasoning, AC-7); S4 — canonical address (the canonical_address scheme B6 maps a stamp onto; an output at promote, not at INSERT; materialization gated on S5 + S6). R2-B touches neither the KG-lane gates beyond the shared S-set, nor any K-block.

Not redesigned here: S1 quorum mechanics, S2 ownership authority order, S3 identity scheme, S4 addressing scheme, S5 composition model, S6 recovery mechanics, S7 schema, S8 rollback scripts.

13. Owner-gated future writes

Every action below is still forbidden now (OWNER_GATE_REQUIRED). Listing is scoping, not authorization.

Future action	B-block	Gate required	Still forbidden now?
Build/wire the standing inspect producer	B2	Điều 32 + external S2 owner + channel decision (R2-D2)	Yes
Run the one-time backlog inspection pass	B5	Điều 32 + external S5 + external S6 + B2 standing	Yes
Set any `inspect_pen`/`inspect_stamp`/`inspect_gate`	B2/B5	Điều 32 (within a built, governed producer)	Yes
Set `certified=true` (beyond the existing per-row consumer)	B4/B5	Điều 32 (canonical adds promote-checker)	Yes
Materialize BIRTH/PROMOTE_STAMP onto existing fields	B6	HOLD-2 + external S5 + Điều 32	Yes
Materialize `canonical_address`/`canonical_fields`	B6 / external S4	external S5 + external S6 + Điều 32	Yes
Flip `app.birth_gate_mode` warn→block	B7	Điều 35 §10 criteria + B2 standing + Điều 32	Yes
Confirm transient `app.birth_gate_mode`/`app.bypass_birth_gate`	B7	Owner out-of-band (CAV-5) — read-only, not a runtime write	Yes (not done here)
Recover the Điều 0-G source	external S6	Owner out-of-band	Yes
Assign the birth-producer governance owner	external S2	Điều 37 → Điều 32	Yes

FUTURE_TECHNICAL_DESIGN_REQUIRED (moved out of this packet, not written here): the producer channel decision (host cron / pg_cron / agent-api executor / job_queue worker — R2-D2) and its build mechanics; backlog-pass mechanics; stamp-materialization mechanics; GUC-flip mechanics; any schema/DDL/function/migration/rollback-script. The channel is deliberately inside B2 (a replaceable internal), not the block boundary — the contract (read uncertified → write inspect_*) is channel-independent. These belong to a later, separately-authorized package.

Codex-style adversarial reconstruction (design-only)

Applied as a conceptual contract check — not run against runtime. No bad-input test was executed; nothing was certified, stamped, flipped, or mutated.

Do not trust the report; look for actual governed surfaces. The B-block contracts are reconstructed from first-hand KB reads (R2a rev1, Owner Decision Packet rev1, Modular LEGO Scoping rev1, Điều 0-G v1.0 / Điều 4 note rev1, Điều 32 v1.1, Điều 35 note rev1, OR v7.58), not from memory or local prose. Exact governed identifiers are cited: birth_registry (+ unused status/canonical_address/owner/jsonb_profile), inspect_pen/inspect_stamp/inspect_gate, trg_birth_auto_certify → fn_birth_auto_certify, DOT-TAC-BIRTH-VERIFY (0 6 * * * stub) / DOT-TAC-BIRTH-GATE, dot-birth-backfill / dot-inspect-pen, dot_origin buckets (backfill:dot-birth-backfill, backfill:s157b, SYSTEM-s157b|claude|2026-03-21), 192 birth triggers (191 enabled), app.birth_gate_mode/app.bypass_birth_gate, fn_iu_enact, the 1,402 / 1,211,557 counts.
Fresh-reconstruct from KB, not local prose. The local repo is substrate-free/stale; the VPS PostgreSQL directus DB is the sole substrate-of-truth in the prior accepted read-only runs. All facts are INHERITED; AgentData storage revision/content_length are authoritative in AgentData metadata at read time (this body pins none). CAV-3/CAV-4 are honored: the 2026-03-21 bootstrap is supported by dot_origin + synced-mirror script, not by unavailable container logs, and no byte-for-byte live-file claim is made.
Use actual readback metadata and exact paths. Every source in §2 is cited by exact KB path + editorial revision; runtime identifiers are quoted verbatim from R2a's read-only catalog observations.
Create bad-input scenarios conceptually outside the happy path. §9 constructs, per block, the invalid-input/invalid-state cases (ungoverned role, missing identity fields, partial inspect set, incomplete stamps, unbounded/unapproved backlog, net-new stamp columns, premature warn→block flip) a happy-path harness would skip.
Check whether each contract rejects bad input fail-closed. §9 confirms: B1→certified=false-only, B2→reject/mark-failed (never fake stamps/certify), B3→incomplete signal, B4→certification-stays-false, B5→no-op/pending-Owner, B6→reject-parallel-SSOT, B7→stay-warn-reject-flip.
Fail-open ⇒ reject. Tested against "would invalid input still certify / stamp / PASS?": no B-block does. The single structural fail-open in the current substrate — app.birth_gate_mode='warning' letting uninspected births pass the gate — is a carried known risk, compensated by B4 never certifying without all three genuine stamps and B1 minting only certified=false. B7's contract is to hold warn-mode and reject a premature flip; no B-block adds a path that certifies on invalid input. The 2026-03-21 fused INSERT … certified=true, inspect_*=now() is named as the fail-open anti-pattern to never repeat (AC-1/AC-2).
Distinguish engineering PASS from authority PASS. This packet's PASS is an engineering/design statement that the B-contracts are complete and fail-closed on paper. It is not Owner authorization. Default HOLD; every blocker OPEN.

14. What remains unresolved

BOUNDARY_UNCLEAR — B2/B5 producer channel. The standing producer channel (host cron / pg_cron / agent-api executor / job_queue worker — R2-D2) is not decided. It is deliberately inside the block (a replaceable internal), not the block boundary — the contract (read uncertified → write inspect_*) is channel-independent. Channel selection is a later design-only decision; the build is FUTURE_TECHNICAL_DESIGN_REQUIRED.
SOURCE_RECOVERY_REQUIRED — Điều 0-G (external S6). Đ0-G's Constitution reference law-00g-birth.md is broken; Đ0-G lives in architecture/ as a temporary working source. Recovery is out-of-band, Owner-controlled; it gates any canonical birth materialization.
BAD_INPUT_BEHAVIOR_UNCLEAR (bounded). For B2/B5, the built rejection behavior cannot be runtime-verified (the blocks are MISSING; INHERITED_EVIDENCE only). §9 defines the expected rejection contract conceptually; no tested runtime result is claimed.
CAV-5 residual. The transient session value of app.birth_gate_mode/app.bypass_birth_gate is unreadable by the available tools; B7's "no bypass" statement is limited to the persisted layer. Out-of-band confirmation is read-only and Owner-controlled.
OWNER_GATE_REQUIRED — every write in §13, plus the external S2 producer-ownership assignment. None authorized.
Blockers stay OPEN: CONS-002, CONS-003, CELL-003/004/007, HOLD-1, HOLD-2, RISK-BYPASS, GOV-016/017, GOV-REUSE-001, Điều 39 runtime-EMPTY, Điều 35 production-readiness FAIL. None resolved here.
FUTURE_TECHNICAL_DESIGN_REQUIRED: all build mechanics (per §13). Explicitly not written here.
NOT_LEGO_COMPATIBLE: none. All seven B-blocks isolate cleanly; the soft boundaries (B6/S4, B1/S3) are resolved by keeping the blocks separate, not merging.

15. Next R2-B package recommendation

This packet opens no next package. It recommends:

NP-1 — GPT review of this R2-B packet (alongside the R1-K packet and both execution reports).
NP-2 — Codex adversarial control review (after GPT).
NP-3 — Owner chooses whether to proceed to a narrower design-only TD-prep package for one or more B-blocks (e.g. B2 producer contract + channel evaluation; B5 backlog two-track approach; B6 stamp-mapping; B7 GUC policy) — design-only, behind a further Owner gate. (Codex-noted resource-constrained fallback: R2-B may be opened first because the backlog grows live — but this must not be read as backlog write-priority over the Điều 39 provenance invariant in R1-K.)
NP-4 — Write-enabled remediation remains forbidden until, in order: a design-only TD-prep package → Codex review → Owner approval → a rollback plan → a runtime-verification plan. No automatic TD. No automatic write-enabled remediation.

R1-K and R2-B remain separate packages throughout; opening one does not open the other.

16. Ready for GPT/Codex review

Yes. This R2-B packet is a complete design-only block-contract set: seven isolated B-blocks (B1–B7); a thirteen-field contract per block (§7 + §9); isolation/replaceability/rollback per block (§8); a bad-input/invalid-state fail-closed rejection matrix (§9); a design-only Codex-style adversarial reconstruction; birth-lane anti-coupling rules (§11); shared gates referenced not redesigned (§12); a fully Owner-gated future-write list (§13); all six caveats carried; all blockers OPEN; nothing built, mutated, or authorized; R2-B kept separate from R1-K.

Core rule, kept above all detail: Do not design a complex interlocked machine. Design small LEGO blocks with explicit contracts. If one block is wrong, it must be removable and rebuildable without breaking the rest. Engineering PASS is not authority PASS. No PASS authorizes writes.

Default disposition: HOLD.