KB-5601
05 — dot-apr-approve DOT Lifecycle Plan (staged, not executed)
4 min read Revision 1
05 — dot-apr-approve DOT lifecycle plan (STAGED · NOT EXECUTED under HOLD)
DOT-100% applies to the DOT that creates the approval channel itself. Because the owner chose HOLD, none of the mutations below were performed (0 executed). They are the staged, warrant-covered plan for a future warranted session. Each row carries: command · expected mutation · readback · rollback · why-inside-warrant · why-not-a- reusable-bypass.
Lifecycle table
| stage | command (future) | expected mutation | readback | rollback | why in warrant | why not a general bypass |
|---|---|---|---|---|---|---|
| reuse-first | (survey, file 02) | none | files 02/04 | n/a | proves net-new | scoped to one approve primitive |
| birth/khai sinh | governed DOT birth path for dot-apr-approve |
1 DOT birth record | birth row read back | retire birth record | primitive needed for quorum | one DOT, not a framework |
| governance/admission | DOT admission/governance path | admission record | admission read back | revoke admission | sovereign one-time | no arbitrary action_code |
| registration | dot-dot-register C1-style targeted/idempotent (--only-prefix, by DOT code) |
1 dot_tools row (dot-apr-approve) |
SELECT … WHERE code='dot-apr-approve' = 1 |
delete that one row | makes the DOT runnable | avoids registrar duplicate defect (addendum §4); exactly 1 row, not backlog |
| catalog / CAT-006 | catalog entry (code,name,script_path,file_path) | 1 catalog row | catalog read back | remove catalog row | discoverability | single named tool |
| ledger / DOT-manage | DOT-manage ledger + KB readback | 1 ledger entry | KB readback | annotate retire | audit trail | evidence, not power |
| substrate | governed DDL for apr_approver_seat + audit table (file 04) |
seat/audit tables | schema read back | drop tables | required for G3/G10 | seat store only, no grants |
| rollback/retire | retire DOT + remove catalog/contract; additive revert of bin/dot/dot-apr-approve |
DOT inactive, bin removed | absence read back | n/a (is the rollback) | reversibility | clean teardown |
| readback | catalog + ledger + orphan all read back | — | all present | — | proof | — |
| orphan check | scan for dangling contract/registry/grant after the above | 0 orphans | scan result | — | hygiene | — |
Deploy vehicle note
Writing bin/dot/dot-apr-approve to runtime is a patch_ops_code change = risk high ⇒ under normal rules
it needs quorum (1 president + 2 ai_council) — the very channel this DOT creates (the bootstrap paradox). The
sovereign warrant (file 01) is the only legitimate substitute, and it is consumable only after the real
3-seat substrate exists (file 04 §5). Until then: staged, not executed.
Execution status this turn
birth executed ............ NO
admission executed ........ NO
registration executed ..... NO
catalog written ........... NO
ledger written ............ NO (this KB package is the staging record, not a governed ledger mutation)
substrate DDL executed .... NO
DOTs created .............. 0 → orphan DOTs: 0