READY-TO-ASSEMBLE-LEGO1-PATCH2 02 — DOT/Directus Execution-Path Proof (B1) — 2026-06-22

Closes/holds Codex 5.1 (REJECT_DOT_DIRECTUS_PATH_INCOMPLETE). Gate: REGISTRATION_HOLD · CAN_PROCEED = NO · 0 runtime mutations.

---

1. What the named primitives actually do (live proof)

Claimed in PATCH1	Live reality (verified)	Verdict
dispatcher does dual-trigger DRY_RUN→REAL_RUN	fn_process_agent_api_dispatch RAISES on p_mode='REAL_RUN'; only PLAN_ONLY/VERIFY_ONLY/DRY_RUN; "never writes DRY_RUN/REAL_RUN"	dispatcher is a validate/observe channel, not an executor
dot_iu_create_collection creates the Directus C1 schema	fn_iu_collection_create → INSERT INTO public.iu_piece_collection; gated by iu_core.composer_enabled (=false)	creates an IU content piece-collection record, not directus_collections/directus_fields/a physical table/table_registry
staging gateway admits the C1 values	fn_iu_staging_create(p_staging_kind, p_payload_type, p_parts jsonb, p_referenced_iu_ids uuid[], …) etc.	IU piece staging — wrong domain for governance-vocabulary rows
DOT_C1_VOCAB_BUILD pair governs the build	dot_agent_api_contract has only DOT_KG_EXPLAIN(+_VERIFY); c1_contracts=0	absent

The full 54-row dot_iu_command_catalog was inspected: no command performs Directus schema DDL, table_registry wiring, or governance-vocabulary admission. The only schema-DDL asset Codex found (dot/bin/dot-schema-ensure) is hard-coded for agent_views (carried from the controlling HOLD; I independently confirmed there is no PG-function or catalog primitive for parameterized C1 schema creation).

Conclusion: the C1 schema/data/audit capability does not exist in any current governed primitive. PATCH1's path was an alias onto IU-content functions that cannot perform it.

2. Controlling rule (raw SQL stays rejected)

Directus Operating Rules SSOT v1.2: schema work is DOT-only (dot-schema-*), MCP CRUD → 403; a new collection must create a table_registry record; dot_config iu_create.gateway.direct_insert_policy = block_after_guard (enforced). PATCH1 file 05's raw INSERT/UPDATE consume templates and any raw CREATE TABLE are therefore invalid even as future plan, and are superseded by the governed contracts below.

3. Form-B governed contracts the C1 path requires (exact spec; NONE currently exist)

3.1 DOT_C1_SCHEMA_ENSURE — schema-creation DOT (new)

• Payload: {collection:"governance_canonical_operation_vocab", fields:[…file 03 field set…], constraints:[…file 03 invariants…], table_registry:{collection, owner_axis, kind:"governance_vocab"}, schema_digest:<cser-v1>}.
• Validator: DOT-only writer marker; fields/constraints must hash to schema_digest (file 09); table_registry row mandatory; refuses if MCP/raw path detected.
• Outputs: directus_collections + directus_fields metadata, the physical table, the table_registry row, and a read-only definition readback (information_schema + directus_collections).
• Reject codes: RAW_SQL_FORBIDDEN, SCHEMA_DIGEST_MISMATCH, TABLE_REGISTRY_MISSING, MCP_403, COMPOSER/SCHEMA_GATE_CLOSED.
• Evidence plan: post-apply SELECT … information_schema.columns + directus_fields readback equals schema_digest.

3.2 DOT_C1_VOCAB_BUILD / DOT_C1_VOCAB_BUILD_VERIFY — producer/verifier pair (new dot_tools + dot_agent_api_contract rows)

Mirrors the only working precedent (DOT_KG_EXPLAIN): producer mode=DRY_RUN role=producer paired_dot=…_VERIFY endpoint_ref=http://incomex-agent-api-executor:8090/dispatch fixture_ref=FIXTURE:dot:c1:vocab:v1 output_namespace=DRYRUN-NS:dot:c1:vocab no_mutation_assertion=true; verifier mode=VERIFY_ONLY role=verifier.

3.3 DOT_C1_VALUE_ADMIT — governed value-admission handler (new; NOT IU staging, NOT raw INSERT)

• Payload: {manifest_digest, values:[{operation_code, protocol_version, act_type, semantics_frozen, governing_authority_ref}], idempotency_root}.
• Behavior: one governed write per value, idempotent by (operation_code, protocol_version); each value's governing_authority_ref must be a governed apr_action_types._dot_origin (file 04); set must hash to manifest_digest.
• Reject codes: MANIFEST_DIGEST_MISMATCH, UNGOVERNED_PROVENANCE, DUPLICATE_VERSIONED_VALUE, RAW_INSERT_FORBIDDEN.

3.4 Audit + REAL_RUN channel

Audit is written by a governed handler (the fn_dot_iu_command_log pattern), never a raw insert. REAL_RUN runs at the external executor endpoint (…:8090/dispatch) under governed promotion (owner present + execute_enabled/real_run_enabled flips + contract DRY_RUN→REAL_RUN), exactly as v_dotkg_realrun_preflight models for DOT_KG — not through fn_process_agent_api_dispatch (which raises on REAL_RUN). DRY_RUN/VERIFY_ONLY go through the dispatcher.

4. The eleven required questions

1. Build request receiver → DOT_C1_VOCAB_BUILD (absent). 2. Payload shape → §3.2/§3.3. 3. Payload validator → contract validator + schema_digest/manifest_digest. 4. Creates Directus collection/fields → DOT_C1_SCHEMA_ENSURE (absent). 5. Registry → table_registry row in §3.1. 6. Writes values → DOT_C1_VALUE_ADMIT (absent). 7. Audit → governed log handler. 8. Dry-run output → dispatcher observation + executor DRY_RUN at …:8090/dispatch. 9. DRY_RUN→REAL_RUN → governed promotion (config + owner + contract), not dispatcher. 10. Blocks direct insert → block_after_guard + MCP 403. 11. Prevents raw DDL/DML authority → DOT-only SSOT + no raw templates anywhere here.

5. Honest status — why B1 is a remaining PREPARATION_GAP

Codex §5.1: "identify or prepare a governed, carrier-specific schema/data/auth/audit path with actual registered artifacts and read-only definition evidence. Authorization may remain absent; the executable contract may not."

• The contracts in §3 do not exist (c1_contracts=0, c1_dot_tools=0, c1_table=0).
• Registering them is DML/DDL/Directus-write/registration — all forbidden to PATCH2 and under REGISTRATION_HOLD.
• Therefore the executable contract remains absent, which Codex says may not be the state. A specification (Form B) is necessary progress but does not satisfy the "actual registered artifacts + read-only definition evidence" bar.

Classification: PREPARATION_GAP (not authority-only). This is the controlling reason for the package verdict …_HOLD_DOT_DIRECTUS_PATH_INCOMPLETE. The corrected blueprint above is the input to a future Gate-B build-prep authorization that would permit registering these contracts; only after they exist and are read-back-verifiable is a dry-run dispatchable and dry-run authorization requestable.

6. Boundary attestation

Design/spec only; no contract registered, no DOT executed, no schema/data/audit written. REGISTRATION_HOLD retained; CAN_PROCEED = NO; 0 runtime mutations. Supersedes PATCH1 file 02 §3/§4 (dispatcher-REAL_RUN, IU-create-as-schema, staging-as-value-admission) and PATCH1 file 05 §3 raw DML.