Pack 22 rev6 — IU Native Creation + Auto-Birth Contract Design
Pack 22 rev6 — IU Native Creation + Auto-Birth Contract Design
Date: 2026-05-06 | Status: DESIGN rev6 — approved for P0 inspection Controlling: GPT rev5 review (7 patches) Scope: Design only. Next step = P0 read-only inspect. §0-AU: mọi identifier discover from catalog. Role, constraint, trigger, function = proposed until P0 confirms.
§1. Native Creation Contract
1.1 Invariants (unchanged from rev5)
I1-I5: IU exists, UV v1 linked, anchors exact, birth exists, UV birth follows metadata strategy.
1.2 Caller provides (unchanged)
canonical_address, title, body, actor (required). unit_kind, section_type, owner_ref, publication_type, parent_ref (optional with defaults).
1.3 System derives (unchanged)
IU id, UV id, content_hash, version_seq=1, identity_profile, anchors.
1.4 All adapters → same contract (unchanged)
1.5 Direct INSERT = non-canonical (unchanged)
§2. Function Catalog + Permissions
2.1 Proposed function names (P0 must confirm no existing equivalent)
| Function | Purpose | Security | Access |
|---|---|---|---|
| fn_iu_create | Execute | SECURITY DEFINER | GRANT to <P0-discovered adapter role> |
| fn_iu_create_plan | Dry-run | SECURITY DEFINER | GRANT to <P0-discovered adapter role> |
| fn_iu_verify_invariants | Post-commit verify | SECURITY INVOKER | GRANT to <P0-discovered adapter role> |
| fn_iu_create_preflight | Runtime prereqs | SECURITY INVOKER | Internal |
| fn_iu_classify_existing | Idempotency | SECURITY INVOKER | Internal |
| fn_content_hash | Hash helper | SECURITY INVOKER | Internal |
| fn_iu_resolve_default | Config lookup | SECURITY INVOKER | Internal |
"Proposed" = these names are candidates. P0 must search pg_proc + DOT + API hooks. If equivalent exists → extend/adopt, not duplicate.
2.2 Role discovery (not hardcoded)
-- P0 must run:
SELECT current_user, session_user;
SELECT rolname, rolsuper, rolcreatedb, rolcanlogin FROM pg_roles ORDER BY rolname;
directus is a snapshot candidate from current system. P0 confirms which role(s) adapters use. GRANT targets only P0-confirmed roles.
2.3 search_path + schema (unchanged)
SET search_path = pg_catalog, public. All table refs schema-qualified.
§3. Vocab / Default Resolution (unchanged from rev5)
No blind seeding. Lookup chain: explicit → dot_config → STOP + choices.
§4. Race-Safe Idempotency (unchanged)
Advisory lock = optimization (documented as non-correctness). Unique constraint = final guard. Classify existing handles 0/1/N UV v1.
§5. Preflight
5.1 Required columns = contract fields
These column names are contract requirements — fn_iu_create reads/writes them. Preflight checks that runtime satisfies the contract. They are NOT dynamic runtime counts.
If schema evolves to rename a column → contract must be updated → function must be updated. This is intentional coupling: function depends on specific columns by design.
5.2 Gate function names = canonical or observed?
P0 must determine:
- Are
fn_birth_registry_auto,fn_iu_birth_gate_layer1,fn_iu_birth_gate_layer2law-governed canonical names (defined in Đ0-G / Đ4)? - Or are they runtime observations that could change?
If law-governed → preflight can check by name (it's contract, not hardcode). If runtime observation → preflight should check by behavior pattern (e.g. "any BEFORE INSERT trigger that validates vocab").
Rev6 default: Treat as "canonical candidates needing P0 verification." P0 inspects trigger inventory and confirms which function names are stable.
5.3 Deferrable FK discovery = exactly one
-- Must return exactly 1 row
SELECT conname FROM pg_constraint
WHERE conrelid = 'public.information_unit'::regclass
AND confrelid = 'public.unit_version'::regclass
AND contype = 'f' AND condeferrable;
-- count != 1 → STOP
Not LIMIT 1. If zero → missing prerequisite. If >1 → ambiguous → STOP.
§6-§9. (fn_iu_create, plan, verify, adapter — unchanged from rev5)
Key rev6 clarifications incorporated:
- §6: Deferrable FK exactly-one discovery
- §7: Plan output no body leak (body_length + hash only)
- §8: Main function flow unchanged
- §10: Adapter body safety: preferred = DB driver parameter binding or temp table/COPY. psql variable pattern requires separate review. No generic "safe" claim.
§10. Execution Split (6 gates)
| Phase | Scope |
|---|---|
| P0 | Read-only inspect: existing functions, DOT, API, Directus hooks, schema, triggers, deferrable FK candidates, roles, vocab. HARD GATE. |
| P1 | CREATE helpers only. No IU rows. |
| P2 | CREATE main functions + REVOKE/GRANT. No IU rows. |
| P3 | fn_iu_create_plan dry-run test. Read-only. |
| P4 | Execute 1 pilot IU + verify invariants. |
| P5 | CLI adapter (reviewed pattern) + DOT registration. |
§11-§14. (Health, Future, NT14, §0-AU audit — unchanged from rev5 with rev6 patches incorporated)
Pack 22 rev6 | 2026-05-06 | 7 GPT patches. Next = P0 inspection prompt. Design only.