Macro — READY-TO-ASSEMBLE-LEGO1-PATCH1 (Codex HOLD closure) — 2026-06-22
Macro — READY-TO-ASSEMBLE-LEGO1-PATCH1 (Codex HOLD closure) — 2026-06-22
VERDICT: READY_TO_ASSEMBLE_LEGO1_PATCH1_READY_FOR_GPT_REVIEW (not forced).
Closes: Codex HOLD READY_TO_ASSEMBLE_LEGO1-PATCH1_REQUIRED (rev1, len 11399) — blockers P0-1, P0-2, P1-1..P1-6, P2-1, P2-2.
Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 runtime mutations · P2 CLOSED · no named lane · no Chairman token asserted.
1. Method (Codex-first)
Read the official Codex HOLD in full and self-reviewed like Codex before patching; recorded the mandatory mindset; reproduced every finding independently; used no subagents (project rule; Codex §3 caveat); did the discovery directly with live read-only query_pg/pg_schema/list_docker + AgentData reads. Only reported READY after the required internal Codex-style self-review confirmed all P0/P1/P2 closed.
2. What was wrong, and how PATCH1 closed it
| Blocker | Defect | Closure |
|---|---|---|
| P0-1 | raw CREATE TABLE/INSERT violated DOT-only/Directus-API rule |
DOT path: dot_iu_create_collection/dot-schema-* + table_registry + staging gateway + dispatcher dual-trigger (plan/apply) + idempotency_root + DRY_RUN→REAL_RUN + paired verify (file 02) |
| P0-2 | operation_code PK couldn't version |
PK (operation_code,protocol_version) + vocab_id + versioned successor + write-once semantics + constraints (file 03) |
| P1-1 | value set was a missing prep input | deterministic resolver R_C1 over governed apr_action_types provenance + concrete 14-row hashed snapshot (file 04) |
| P1-2 | auth asserted from columns; consume after writes | exact jsonb verifier (exactly 1 row) + atomic lease+CAS consume before writes (file 05) |
| P1-3 | no atomic/partial-failure model | S0–S7 state machine + compensations + enforced rollback invariants (file 06) |
| P1-4 | PF7 unrun; PF8 mis-scoped; PF5 conceptual | PF5 exact; PF7 run (v_dotkg_realrun_preflight=REALRUN_BLOCKED_MULTI_GATE); PF8 truthful (file 07) |
| P1-5 | prose tests | executable T1–T20 with deterministic assertions (file 08) |
| P1-6 | ambiguous hash | cser-v1 canonical JSON + binding chain (file 09) |
| P2-1 | understated blast radius | operational dependency map + truthful bounded blast-radius (file 10) |
| P2-2 | overclaim phrases | four phrases SUPERSEDED/QUALIFIED (file 10) |
3. Key live discovery (read-only, this macro)
DOT-only rule (SSOT v1.2: MCP CRUD→403; Registry Wiring Rule); dispatcher fn_process_agent_api_dispatch(p_dot_code,p_correlation_id,p_actor,p_mode,p_write_observation,p_idempotency_root); governed dot_iu_create_collection + staging gateway (dot_config.iu_create.gateway.direct_insert_policy=block_after_guard; process_dot_runtime.dry_run_only=true); paired DOT contracts (dot_agent_api_contract: producer DRY_RUN ↔ verifier VERIFY_ONLY); dot_iu_runtime_lease (atomic lease); governed real-run preflight v_dotkg_realrun_preflight (10 gates → REALRUN_BLOCKED_MULTI_GATE; owner absent, dry_run_only=true, execute/real_run_enabled=false); value source apr_action_types (14 governed action types w/ _dot_origin) + process_axis_action_vocabulary (canon-mutating ⇒ requires_president).
4. Files created (14 in package directory + this rollup)
index, 01-source-register-codex-hold-reconstruction-and-mindset, 02-p0-1-dot-directus-execution-contract, 03-p0-2-c1-versioned-identity-and-invariants, 04-p1-1-value-manifest-and-deterministic-resolver, 05-p1-2-authorization-verifier-and-atomic-consume, 06-p1-3-atomic-failure-model-state-machine, 07-p1-4-preflight-exact-and-truthful, 08-p1-5-executable-test-suite, 09-p1-6-canonical-serialization-and-binding, 10-p2-truthful-blast-radius-and-overclaim-retraction, internal-codex-self-review-ready-to-assemble-lego1-patch1, 11-decision-packet-and-final-verdict, codex-review-packet-ready-to-assemble-lego1-patch1 (all under reports/ready-to-assemble-lego1-patch1/) + this rollup. Additive (pre-write count = 0); all revision 1.
5. Carried blockers (UNCHANGED)
G2–G7 + STATUS_DOMAIN_NOT_DB_ENFORCED + U3_PARTIAL_UNIQUE_SURFACE_ABSENT + OWNER_MINT_PATH_FAIL_CLOSED + QUORUM_EFFECT_BINDING_INSUFFICIENT + QUORUM_APPROVER_IDENTITY_UNVERIFIED + BOOTSTRAP_AUTHORITY_UNRESOLVED + CANONICAL_PRINCIPAL_SURFACE_REQUIRED_NOT_PRESENT. No new blocker; no new runtime reject code.
6. Residuals (authority/execution + one governance review)
Gate-B governed manifest curation; authorized schema DOT for the C1 collection; dot_config real-run flips + owner/president present; exact-scoped Chairman grant; execution window. No PREPARATION_INPUT_MISSING.
7. Must-not-do compliance (all held)
No DOT execution; no Directus write; no DDL/DML; no schema creation; no value insertion; no rollback execution; no P2/named-lane opening; no registration; no activation; REGISTRATION_HOLD not cleared; no Chairman grant asserted; no subagents; Job A / I1–I10 not reopened.
8. Readback metadata
Pre-write count of reports/ready-to-assemble-lego1-patch1/ = 0 (additive). Post-write: 14 documents in the package directory (index + 01–11 + internal-codex-self-review + codex-review-packet) + 1 reports-level rollup, all revision 1, via upload_document. Sources read directly (no subagents).
9. Single next step
GPT → Codex re-review of PATCH1 against the nine-item closure set + internal self-review. On accept, the corrected C1 plan enters Gate B. Residual ⇒ READY_TO_ASSEMBLE_LEGO1-PATCH2.
DOT-only ≠ raw SQL; resolver ≠ invented values; verifier ≠ columns; consume-before-write ≠ consume-at-end; executable fixtures ≠ prose; bounded blast-radius ≠ zero; engineering PASS ≠ authority PASS.