KB-28A5
READY-TO-ASSEMBLE-LEGO1-PATCH1 01 — Source Register, Codex HOLD Reconstruction & Mindset — 2026-06-22
6 min read Revision 1
ready-to-assemble-lego1-patch1source-registercodex-hold-reconstructionmindsetno-subagentsregistration-hold2026-06-22
READY-TO-ASSEMBLE-LEGO1-PATCH1 01 — Source Register, Codex HOLD Reconstruction & Mindset — 2026-06-22
Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 runtime mutations.
0. Mandatory mindset (recorded before any patch)
- I do not trust my READY report.
- I do not trust category completeness (Codex confirmed categories PASS but technical detail FAIL).
- I inspect actual governed files and actual planned commands.
- I reject any preparation package that uses prohibited raw DDL/DML.
- I reject overclaim that authority/execution are the only residuals if any design/preparation input remains.
- I must find the same bugs Codex found before reporting; Codex is for confirmation, not for discovering my bugs.
1. Direct-read register (no subagents)
Per Codex §3 caveat (the project rule forbids background agents/subagents, and file 01 of the prior package improperly cited subagent reads), PATCH1 used no subagents — every source below was read directly in the main process via mcp__agent-data__* and live read-only query_pg/pg_schema/list_docker.
| Source | rev/len | proves |
|---|---|---|
codex/codex-review-ready-to-assemble-lego1-preparation-package-2026-06-22.md |
rev1, len 11399, truncated=false | controlling HOLD; findings P0/P1/P2; closure set |
ready-to-assemble-lego1/ package (15 docs) |
rev1–2 | the defective wordings/commands being patched |
ssot/directus/directus-operating-rules.md |
v1.2 (S107) | DOT-only schema rule; MCP CRUD → 403; Registry Wiring Rule (table_registry) |
laws-new/newlaws/dot-manage/dot-usage-handbook.md |
canonical | dispatcher fn_process_agent_api_dispatch(p_dot_code,p_correlation_id,p_actor,p_mode,p_write_observation,p_idempotency_root); plan/apply pairs; "cannot itself execute a DOT" |
laws-new/newlaws/dot-manage/README.md |
canonical | "Directus/Postgres/schema is DOT-only. No manual SQL, no psql, no generic collection creation." |
live dot_config |
— | iu_create.gateway.direct_insert_policy=block_after_guard; process_dot_runtime.dry_run_only=true |
live dot_agent_api_contract |
— | paired DOT contract (producer DRY_RUN ↔ verifier VERIFY_ONLY); no_mutation_assertion; verifier_schema |
live dot_iu_command_catalog |
— | governed dot_iu_create_collection (mutating, reversible); staging gateway commands |
live dot_iu_runtime_lease |
— | atomic lease surface (lease_name,lease_token uuid,expires_at) |
live v_dotkg_realrun_preflight |
— | governed real-run gates → REALRUN_BLOCKED_MULTI_GATE |
live apr_action_types / process_axis_action_vocabulary |
— | authority-backed value source (provenance _dot_origin; canon-mutating ⇒ requires_president) |
2. Codex finding reconstruction (reproduced independently)
| Code | Codex finding (reconstructed) | I reproduced it by | Closed in |
|---|---|---|---|
| P0-1 | File 06 plans raw CREATE TABLE/INSERT/audit-insert/UPDATE — violates DOT-only/Directus-API rule; WRITE_PLANNED_NOT_RUN label does not make the future plan valid |
reading file 06 §3 templates against SSOT v1.2 + dot_config.iu_create.gateway.direct_insert_policy=block_after_guard |
file 02 |
| P0-2 | operation_code text PRIMARY KEY cannot represent the same code across protocol_versions; successor_code not versioned; rollback updates by operation_code → wrong version |
reading file 04 §1 schema + file 08 §5 rollback SQL | file 03 |
| P1-1 | Value set deferred to build = PREPARATION_INPUT_MISSING, not AUTHORITY_MISSING_ONLY; Gate B needs a reviewed hashed manifest or deterministic resolver |
reading file 12 §2 / file 13 §2 claims vs absence of any value source | file 04 |
| P1-2 | Columns ≠ enforcement; PF5 conceptual not executable; consume at S8 after writes → double-execute/partial-failure-without-consume | reading file 06 step order (S8) + file 09 PF5 + file 11 §4 | file 05 |
| P1-3 | No transaction boundaries / compensation / retry / partial-failure; rollback allows :successor=NULL, no successor-exists/version-binding/atomic-audit |
reading file 06 §2 + file 08 §5 | file 06 |
| P1-4 | PF7 "not tailed" yet claimed complete; PF8 proves denial on postgres DB not the directus/DOT write path; PF5 not exact |
reading file 09 PF7/PF8/PF5 | file 07 |
| P1-5 | Matrix is prose not executable; weak count>0/"by construction"; missing concurrency/version/partial-failure/forged-authority/serialization/audit-failure cases |
reading file 07 §1–§6 | file 08 |
| P1-6 | Hash `a | b | c |
| P2-1 | "no incoming carrier edge" ≠ no build dependency; "blast radius=0" false (new schema/metadata/audit/auth/lookup) | reading file 05 §3 + file 06 §6 "blast radius=0" | file 10 |
| P2-2 | Remove "blast radius zero / structurally complete / inventory complete / only authority/execution remains" until proven | reading files 02/11/13 | file 10 |
3. What PATCH1 does NOT reopen
Carrier selection (C1) remains valid (Codex §3 PASS_WITH_CAVEATS — "C1 is a plausible first carrier"); the accepted upstream Job A / I1–I10 / RBP oracle / Gate A-B split are not reopened. PATCH1 corrects only the C1 execution/identity/manifest/verifier/failure-model/preflight/test/serialization/blast-radius defects.
4. Boundary attestation
Direct reads only; no subagents; no runtime mutation; no DDL/DML; no Directus write; no DOT execution. REGISTRATION_HOLD retained; CAN_PROCEED = NO; 0 runtime mutations.