11 — Final decision

VERDICT

C1_LEGO_PROD_WRITE_PLAN_HARDENED_FOR_OWNER_STEP_APPROVAL

with mandatory SSOT sub-verdict (from 00a):

C1_LEGO_PLAN_SSOT_CONFIRMED_LOCAL_STAGING_ONLY

• ready for Codex final confirmation: NO
• ready for governed dry-run: NO
• ready for production: NO
• production writes this turn: 0 · subagents: 0 · scope: C1 only (C2–C7/prod untouched)

Zero-prod-write proof

Operations this turn: ssh ls, read-only SELECT, docker exec cat/inspect, local Read/grep, offline simulation. No INSERT/UPDATE/DELETE, no directus_create, no write_file to prod, no registrar real-run, no Secret value access. Live baseline unchanged: dot_tools=309, contracts=2, table_registry=21, collections=164, grants=0, apr_active=14, DOT_C1=0. before == after.

SSOT (the gate that was raised mid-run)

C1_LEGO_PLAN_SSOT_CONFIRMED_LOCAL_STAGING_ONLY — CODE SSOT = VPS /opt/incomex (host vmi3080463, branch feat/s177-sprint1-round-a, HEAD bbf9c436, no readable remote, 209 dot scripts; executor source /opt/incomex/deploy/agent-api-executor/ hash-matched to the running container). EVIDENCE SSOT = AgentData KB. LOCAL web-test = staging only (branch main, HEAD 5b9eb23b, 163 scripts, registrar hash differs, knowledge/dev untracked). All staged artifacts labeled LOCAL_STAGING_NOT_SSOT / NOT_GOVERNED_RUNTIME / NOT_DEPLOYED / NOT_REGISTRY_PROOF / NOT_DRYRUN_READY_PROOF. Every governed-code claim re-grounded on the VPS (00a §5); none changed.

G1–G4 proof summary

• G1 (registrar 287-defect) — RESOLVED. Root cause = multi-format path-join failure (stored bin/163 / opt/63 / dot/2 vs absolute disk glob; grep -qF matches none) + 76 backups in glob. New finding: even a correct basename+code matcher still yields 15 unrelated rows (Run B) ⇒ a C1-only include filter is mandatory. Mitigation = patched governed registrar (basename+code idempotency, --only-prefix dot-c1-, backup denylist, --max-new abort). Proven over real VPS data: OLD=287, new no-filter=15, C1-filter today=0, C1-filter post-W1 = exactly the 7 named DOT_C1 rows (exit 0). VPS-SSOT-confirmed matcher.
• G2 (DOT-approved targeted registration) — PROVEN. Registration path = the patched governed registrar DOT (the only governed dot_tools creator on the VPS), NOT a manual Directus POST. Prior plan's manual-POST W2 explicitly replaced. GOVERNED_C1_DRYRUN_REJECT_DOT_BYPASS does not fire.
• G3a (contract register) — PROVEN (staged). New C1-scoped dot-c1-contract-register (VPS confirms 0 existing writers); idempotent; born+registered first; operator-migration precedent located.
• G3b (C1 endpoint) — PROVEN. Source/deploy SSOT located + hash-matched; minimal 3-change additive patch to a generic fixture-keyed no-mutation service; route/input/output/REAL_RUN-refusal/health/rollback specified. Deploy = operator image rebuild (disclosed).
• G3c (grant issuer) — PROVEN (staged). Minimal scope-locked dot-c1-grant-issue; single-use, manifest-bound, TTL, revocable, full reject matrix. Handler unimplemented today (disclosed) ⇒ staged.
• G4 (KB staged artifacts) — PROVEN. Exact paths, file list, sizes, sha256, readback in report 08.

Updated W1→W9 plan

LEGO-small, in report 09: W1 registrar patch + stage scripts · W2 birth/admission · W3 surface (collection+registry, no --dry-run on dot-collection-create — corrected) · W4 tool registration (patched registrar --only-prefix) · W5 contract binding · W6 endpoint deploy · W7 grant/ownership · W8 preflight+bad-input (read-only) · W9 evidence. Every step: command·DOT path·payload·expected mutation·readback·rollback/retire·blast radius·stop·Codex-attack. Net deltas bounded (dot_tools+8, contracts+2, collections+1, registry+1+1, grants+1, image+1).

Remaining blockers (each with a lawful path; none silently)

1. Endpoint = operator image rebuild on the VPS SSOT (W6).
2. authorize_build_step + ownership handlers unimplemented → staged issuer DOT or operator migration (W7).
3. DOT-manage/admission store off-checkout → ledger writes target the governed SoR (W2/W9).
4. Local↔VPS divergence → operators must apply staged artifacts against /opt/incomex, not assume parity.

Is the next step owner-approved per-write execution?

Yes — the plan is hardened and SSOT-grounded enough for the owner to authorize W1→W9 one write at a time. Each write is small, readback-checked, and reversible. The gated governed dry-run runs only AFTER W1–W9 + Codex final confirmation + explicit Owner authorization.

Gates (explicit)

• ready for Codex final confirmation: NO
• ready for governed dry-run: NO
• ready for production: NO