Read-Only Evidence Index (R2-B2 Evidence & Owner-Path Macro, 2026-06-18)
Read-Only Evidence Index — R2-B2
Date: 2026-06-18 · Workstream: LEGO-PILOT-SLICE-0-R2-B2-READONLY-EVIDENCE-OWNER-PATH-MACRO-2026-06-18 (Deliverable 1 of 30) · Editorial revision: rev1
Class: read-only evidence index / evidence routing · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NOT remediation · NOT technical design · NOT implementation · NO blocker resolved · NO write performed.
Metadata convention. Editorial revision (rev1) only. AgentData storage revision and
content_lengthare authoritative in AgentData metadata at read time; not pinned in this body.
Evidence-index lock. This packet is the hub of the 30-file read-only evidence macro: it lists every read-only check run this session, labels each finding FRESH_READONLY_EVIDENCE vs INHERITED_KB_EVIDENCE, and routes each to the deliverable that interprets it. Reading evidence reduces uncertainty; it authorizes nothing. No gate is closed as Owner-authorized; no write is performed.
0. Status and non-authorization
STATUS: PASS — engineering / read-only. This is a complete read-only evidence index: the fresh-query ledger (FQ-1…FQ-20), the fresh-vs-inherited labeling, and the routing to Deliverables 5–22. It mutated nothing.
Engineering PASS ≠ authority PASS. A PASS means the evidence was gathered read-only and indexed faithfully. It is not an Owner authorization to close a gate, select a channel, write TD, build staging, or remediate. Default disposition: HOLD.
Non-authorization (explicit). This run did not, and this packet cannot: run any DB write / DDL / DML; restart/reload any container/service; run any worker/cron/job; trigger DOT/KG/birth/certify/promote/repair; set inspect_pen/inspect_stamp/inspect_gate; set certified=true; flip app.birth_gate_mode or any dot_config gate; assign a governance owner; install pg_cron; promote any agent-api contract DRY_RUN→REAL_RUN; enable any queue worker; write env/config; patch source/law/draft/note/prior report; create a current or staging corpus/schema; write technical design; implement; resolve any blocker; select a channel; overwrite the v0.1-stable / FIX7 V3 baseline; promote Tool-Kiem-Thu v0.2-hardening as authority.
Evidence basis — FRESH_READONLY_EVIDENCE + INHERITED_KB_EVIDENCE. Unlike the prior Mega Gate Bundle (INHERITED_EVIDENCE only), this run queried the live directus PostgreSQL substrate read-only via query_pg (AST-validated, READ ONLY transaction, read-only role, statement_timeout 5s, hard LIMIT 500 — it cannot write/DDL) and list_docker (read-only). Runtime facts not reachable by these tools (executor process logs; the 2026-03-21 script content; transient session GUCs; governance_object_ownership count) remain INHERITED_KB_EVIDENCE, labeled as such.
Reading discipline (Codex caveat, honored). All 37 KB sources and all 20 runtime checks were performed directly by the main process, in bounded, sequential calls — no parallel reader-agents, no background reader-agents, no sub-agents, no local-prose inference. Two oversized KB batch results were decoded locally by the main process only to render already-fetched bytes readable (/tmp decode-scratch only, never SSOT).
1. Purpose
Be the single index that answers macro question 1 ("which gates can be read-only re-verified now?") at the evidence layer. It answers:
- What read-only checks were run? — §4 FQ ledger.
- Which findings are fresh vs inherited? — §4 label column.
- Where is each finding interpreted? — §4 routing column.
- What did the fresh evidence change? — §5 (it reduced uncertainty; it closed nothing as Owner-authorized).
The one rule, above all detail. Fresh read-only evidence converts carried (INHERITED) facts into current evidence — moving the read-only-closeable gate halves from "Partial (inherited)" to "Partial (read-only verified)". It does not make any gate Owner-closed, select any channel, or authorize any write.
2. Sources / evidence read
KB sources (37): the full §0.1–§0.5 required set of the macro prompt — the Mega Gate chain (bundle exec report + Codex review + owner-decision-options + no-go-closure-matrix + next-3-roadmap + codex-review-packet); the channel/TD/staging/proof files (R2-D2 recommendation, host-cron-vs-agent-api, channel-proof-obligations, b2-actual-td-entry-gate, b2-non-td-outline, staging-build-readiness, no-production-touch-proof-matrix, delete-fast-proof-obligations, bad-input-oracle-requirements, minimal-pilot-acceptance); the compatibility/source/evidence/rollback/invariant files (b3-b4-compatibility, dieu0g-source-authority-gap, s7-evidence-writer-readiness, s8-rollback-downstream-certify, r1-kg-invariant-cross-check); the prior baseline (r2-b2-inspect-producer-td-prep-lego + its Codex review, r2-b2-technical-design-readiness-lego, staging-io-contract, bad-input-delete-fast-verification-plan, planning-bundle Codex review); the runtime anchors (r2a root-cause + its Codex review, r2-birth-certify-readiness-scope, phase1b decision packet, architecture/birth-registry-law Đ0-G, dieu4/dieu32/dieu35 notes, dieu32 law, ssot/operating-rules). None SOURCE_NOT_READ.
Runtime read-only checks (20): §4 below — query_pg (READ ONLY) + list_docker (read-only), all by the main process.
3. Accepted baseline (carried, not re-derived)
- The accepted Mega Gate Bundle (Codex
PASS_WITH_CAVEATS) left actual B2 TD aggregate No-Go (G-1 Go; G-2/G-7/G-8/G-9/G-10 Partial; G-3/G-4/G-5/G-6/G-11 No-Go), all on INHERITED_EVIDENCE. - The recommended next step (Owner Decision Options Deliverable 1; Next-3 roadmap Macro-1) was a read-only runtime re-verification (Option E/F) to convert that inherited evidence to current evidence. This macro executes that read-only re-verification.
- Tool/packet lock carried: v0.1-stable / FIX7 V3 not overwritten; v0.2-hardening not authority.
- Blockers — all OPEN.
4. Read-only evidence observed — fresh-query ledger (FQ-1…FQ-20)
All query_pg calls ran in a READ ONLY transaction as a read-only role (no writes possible). list_docker is read-only. Read window: 2026-06-18.
| FQ | Read-only check (tool) | Result (verbatim figures) | Label | Routed to |
|---|---|---|---|---|
| FQ-1 | information_schema.columns birth_registry |
22 columns; inspect_pen/inspect_stamp/inspect_gate = timestamp with time zone, nullable; certified boolean NOT NULL; certified_at tstz; status varchar; canonical_address text; owner text; jsonb_profile jsonb NOT NULL |
FRESH | D5, D8 |
| FQ-2 | birth_registry GROUP BY certified | certified=false: 1,211,635 · certified=true: 1,402 | FRESH | D8 |
| FQ-3 | certified GROUP BY dot_origin | backfill:s157b=1272, backfill:dot-birth-backfill=112, SYSTEM-s157b|claude|2026-03-21=18 — all certified 2026-03-21 |
FRESH | D8 |
| FQ-4 | max(born_at) + uncert-with-any-stamp | last_born 2026-06-18 10:34:37; uncertified rows with ANY inspect_* set = 0 |
FRESH | D5, D8 |
| FQ-5 | pg_extension |
btree_gist, pgcrypto, plpgsql, postgres_fdw — no pg_cron | FRESH | D13 |
| FQ-6 | pg_settings WHERE name LIKE 'app.%' |
0 rows | FRESH | D9 |
| FQ-7 | pg_trigger birth patterns |
legacy_birth_trigger 131/131 enabled; trg_birth_pattern 40/40 enabled; inspect-named = 0 | FRESH | D7 |
| FQ-8 | pg_trigger auto_certify |
trg_birth_auto_certify tgenabled=O (enabled), on birth_registry |
FRESH | D6 |
| FQ-9 | pg_proc naming inspect_* |
only fn_birth_auto_certify references inspect_pen/stamp/gate |
FRESH | D6, D5 |
| FQ-10 | wf_host_crontab_snapshot |
54 entries; 0 birth/inspect/certify refs; 1 nrm-lifecycle ref | FRESH | D11 |
| FQ-11 | pg_db_role_setting |
0 rows | FRESH | D9 |
| FQ-12 | universal_edges |
2,199 total; 0 with provenance | FRESH | D22 |
| FQ-13 | kg_quality_log |
0 rows | FRESH | D17 |
| FQ-14 | pg_proc key functions |
fn_iu_enact, fn_birth_auto_certify, fn_birth_gate, fn_description_birth_guard — all present |
FRESH | D18, D6, D9 |
| FQ-15 | list_docker |
11 containers; incomex-agent-api-executor Up 2 weeks (healthy), :8090; postgres Up 2 months; no birth-inspection service |
FRESH | D12 |
| FQ-16 | dot_config switches |
process_dot_runtime.execute_enabled=false, .real_run_enabled=false, .dry_run_only=true; queue.worker.enabled=false; queue.job_substrate.enabled=false; iu_core.route_worker_enabled=true; queue.runtime.phase=phase2_governance |
FRESH | D12, D14 |
| FQ-17 | queue_heartbeat |
3 executors (cut_pipeline_operator, dieu45_phase3_pilot, iu_outbound_default); last tick 2026-05-26; none birth-related | FRESH | D14 |
| FQ-18 | dot_agent_api_contract |
2 contracts — DOT_KG_EXPLAIN (DRY_RUN/endpoint_bound) + DOT_KG_EXPLAIN_VERIFY (VERIFY_ONLY/contract_ready); 0 birth-bound |
FRESH | D12 |
| FQ-19 | event_outbox count |
215,597 rows (undrained; grew from R2a's 215,588) | FRESH | D14 |
| FQ-20 | information_schema.columns for dot_config/process_dot_runtime/queue_heartbeat/dot_agent_api_contract |
column shapes confirmed; process_dot_runtime is not a table (switches are dotted dot_config keys) |
FRESH | method |
Inherited (not re-confirmable read-only this run), labeled INHERITED_KB_EVIDENCE: the 2026-03-21 producer script content (dot-birth-backfill fused INSERT; SSH+docker exec); executor process/dispatch logs (tool-denied); the transient session GUC layer (query_pg cannot read current_setting() outside its allowlist); governance_object_ownership=0 for the birth producer (not re-queried this run); the Đ0-G STAMP/GATE "Phase B never built" history.
5. Classification / result
- The read-only-closeable set is now FRESH-verified. G-2 (B3 stud + B4 consumer), and the read-only halves of G-7 (S7 contract / writers-absent), G-8 (
fn_iu_enactpresent / B4 trigger live), and G-10 (persisted GUC empty) are now backed by current evidence, not carried evidence (Deliverable 2 records the delta). - The No-Go substrate is re-confirmed fresh. G-4 channel substrate is fail-closed (switches OFF, queue idle, no pg_cron, no birth cron, agent-api 0 birth-bound); G-6 staging is unbuilt; G-9 needs a producer; G-3/G-11 are source-authority / structural.
- Nothing is closed as Owner-authorized. Read-only verification is an engineering act; the gates it touches remain Owner-gated to actually close. Aggregate B2 TD remains NO-GO.
6. Owner-gated future work
| Future work | Gate required | Forbidden now? |
|---|---|---|
| Treat any read-only-verified gate half as Owner-closed | Owner decision (read-only verify ≠ closure) | Yes |
| Select a channel / assign S2 / recover Đ0-G | Owner decision / external S6 (Deliverables 3/4/16) | Yes |
| Build staging / S7 writers / producer | Điều 32 — write-gated | Yes |
7. What remains unresolved
- Aggregate B2 TD remains NO-GO; fresh evidence reduced uncertainty, closed nothing.
- Transient GUC, executor logs, S2-owner count, Đ0-G recovery remain out-of-band / inherited.
- Blockers — all OPEN: CONS-002/003, CELL-003/004/007, HOLD-1, HOLD-2, RISK-BYPASS, GOV-016/017, GOV-REUSE-001, Điều 39 runtime-EMPTY (2199/0-prov, FRESH-confirmed), Điều 35 production-readiness FAIL.
8. Ready for GPT/Codex review
Yes — as the read-only evidence index for the 30-file macro.
Core rule, kept above all detail: fresh read-only evidence (FQ-1…FQ-20) re-confirms the substrate and converts the read-only-closeable gate halves from inherited to current — without closing any gate as Owner-authorized, selecting any channel, or authorizing any write. Aggregate B2 TD remains NO-GO.
Default disposition: HOLD. Engineering PASS ≠ authority PASS. All blockers remain OPEN.