07-dot-c1-lifecycle-birth-governance-ledger-proof-2026-06-22.md
07 — DOT_C1 lifecycle: birth / governance / registration / ledger (STAGED)
Nothing here is executed. Authored, review-ready DOT lifecycle artifacts. DOT-100%: every governed change routes through a DOT or DOT-approved CLI/deploy. No manual SQL/DDL, no manual Directus edit, no manual registry insert.
1. The DOT_C1 family (8 DOTs — reuse-first)
| DOT | bin file | tier | role | dispatchable | paired | new? |
|---|---|---|---|---|---|---|
| DOT_C1_VOCAB_BUILD | dot-c1-vocab-build | B | producer | yes (contract+endpoint) | DOT_C1_VOCAB_VERIFY | new |
| DOT_C1_VOCAB_VERIFY | dot-c1-vocab-verify | A | verifier | yes (endpoint NULL) | DOT_C1_VOCAB_BUILD | new |
| DOT_C1_PREFLIGHT | dot-c1-preflight | A | check | no | DOT-HEALTH-DOT | new |
| DOT_C1_BAD_INPUT_HARNESS | dot-c1-bad-input-harness | A | check | no | DOT-HEALTH-DOT | new |
| DOT_C1_EVIDENCE_READBACK | dot-c1-evidence-readback | A | check | no | DOT-HEALTH-DOT | new |
| DOT_C1_ROLLBACK_CHECK | dot-c1-rollback-check | A | check | no | DOT-HEALTH-DOT | new |
| DOT_C1_CONTRACT_REGISTER | dot-c1-contract-register | B | registrar | no | DOT-HEALTH-DOT | new (report 04) |
| DOT_C1_GRANT_ISSUE | dot-c1-grant-issue | B | issuer | no | DOT-HEALTH-DOT | new (report 06) |
Reused as-is (NOT re-created): dot-dot-register (patched via patch_ops_code), dot-collection-create, dot-collection-register, dot-schema-table-registry-ensure, dot-catalog-sync, dot-species-register, dot-birth-backfill, dot-entity-retire. All confirmed present in local dot/bin.
Rejected as over-creation: generic DOT_SCHEMA_ENSURE, dot_iu_create_collection (wrong domain), any generic *_VERIFY / generic contract-registry / generic authz.
2. Per-DOT lifecycle obligations (ALL before "registered")
- Birth —
dot-species-registermaps the script;dot-birth-backfillrecords_dot_origin. - Admission/governance — ledger row in the governed system of record (staged:
staged-artifacts/dot-manage/dot-manage-c1-ledger-update.staged.md). ⚠️ DOT-manage store is absent in this checkout — admission applied on the governed SoR at execution time, never invented locally. - Registration — patched registrar
--only-prefix dot-c1-(report 02 Run C2 → exactly these 8; note 7 bin files register because verify/build share patterns — readback by code), thendot-catalog-sync→ CAT-006. - Pairing — every Cấp-A paired to producer or
DOT-HEALTH-DOT; no unpaired Cấp-B. - Rollback/retire —
dot-entity-retire/ status-flip (retire-not-delete on governed rows). - No-orphan —
DOT_C1_ROLLBACK_CHECKasserts no dangling/orphan after each step.
3. Two distinct births
- Tools (the 8 DOTs) → registered in
dot_tools(objects of type tool). - Object — the vocab itself → born as a Directus collection row-set
governance_canonical_operation_vocab(object of type collection) viadot-collection-create. Both via DOT, never manual.
4. FROZEN/MONITORED check
None of the 8 C1 DOTs reuse a frozen birth DOT; all are new + additive. The reused registrars are active governed DOTs.
5. Ledger / handbook payload (staged)
staged-artifacts/dot-manage/dot-manage-c1-ledger-update.staged.md carries: 8 DOT birth/admission rows, surface/object rows (collection + table_registry + contracts + grant), the registrar-patch row (patch_ops_code), and the armed HOLD trigger C1_LEGO_PLAN_HOLD_DOT_MANAGEMENT_LEDGER_NOT_UPDATED.
6. Status
All birth/governance/registration/ledger artifacts authored & staged. 0 executed. Runtime items remain NOT-SATISFIED by design this turn.