KB-252C
23-P3D4C0X — Universal Event/Outbox/Notification Architecture Review — Report
12 min read Revision 1
p3d4c0xreportarchitectureuniversaleventoutboxnotificationreviewpass
23-P3D4C0X — Universal Event/Outbox/Notification Architecture Review — Report
Date: 2026-05-08 Prompt: knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3d4c0x-universal-event-outbox-notification-architecture-review-prompt.md (rev2) Design note: knowledge/dev/laws/dieu44-trien-khai/design/23-p3d4c0x-universal-event-outbox-notification-architecture.md (rev1) Executor: Claude Opus 4.7 (1M context) Phase: ARCHITECTURE_DESIGN_REVIEW (read-only) Status: PASS
§1. Tóm tắt
KB-only architecture design review. Đã tạo design note rev1 trả lời 17 verification fields trong rev2 prompt. Không PG/Directus/Nuxt mutation. Không P3D4C1 resume. Không tạo runtime table/function/trigger mới. Không exposure body/payload/vector/secret.
Recommendation: UNIVERSAL_WITH_IU_COMPAT (Option C). IU notification runtime đang ACTIVE (P3D1+P3D2) được giữ nguyên, không phá front-door API. Universal event_outbox + event_read + event_subscription xây cho domain mới (Đ43 system, DOT, Health, Birth, TAC, KG, Governance) — IU converge ở Phase 3 qua view-based compat.
§2. Phase status
phase_status=PASS
laws_surveyed=13/13
domain_event_matrix=PASS
five_layer_design=PASS
event_envelope_proposed=PASS
recipient_model_proposed=PASS
lifecycle_states_evaluated=PASS
lifecycle_phase1_defined=PASS
grouping_generalized=PASS
signal_channels_mapped=PASS
table_strategy_proposed=PASS
iu_migration_strategy=C
dieu43_deep_assessed=PASS
law_ownership_proposed=PASS
directus_strategy=PASS
inclusion_criteria_defined=PASS
pg_first_checklist=PASS
not_activity_log_boundary=PASS
recommendation=UNIVERSAL_WITH_IU_COMPAT
no_pg_mutation=true
no_directus_mutation=true
no_nuxt_code=true
no_hermes=true
no_codex_dispatch=true
no_external_scheduler=true
no_p3d4c1_resume=true
no_new_runtime_tables=true
no_iu_notification_runtime_change=true
no_body_payload_exposure=true
next_required_pack=P3D4C0Y_UNIVERSAL_PHASE2_POC_SCOPE_PLAN_REVIEW
§3. Inputs read (read-only inventory)
| # | Document | Purpose |
|---|---|---|
| 1 | prompts/23-p3d4c0x-universal-event-outbox-notification-architecture-review-prompt.md (rev2) | Specification |
| 2 | reports/23-p3d1-notification-schema-functions-report.md | IU schema + fn_iu_unread/mark_read state |
| 3 | reports/23-p3d2-notification-triggers-report.md | IU triggers + fn_iu_notification_board ACTIVE |
| 4 | reports/23-p3d3-notification-context-directus-exposure-report.md | Context-pack + Directus exposure design |
| 5 | design/23-p3d-notification-outbox-design-note.md (rev3) | Schema rationale baseline |
| 6 | design/23-p3d3-user-notification-board-directus-exposure-design.md | Directus boundary design |
| 7 | context-packs/iu-agent-front-door-context.md | Front-door API surface |
| 8 | prompts/23-p3d4c1-staging-outbox-worker-notification-implementation-prompt.md (rev3) | Staging + worker design (paused) |
| 9 | knowledge graph snippets — Đ22 self-healing v1.2, Đ35 DOT v5.2, Đ37 governance v3.3, Đ43 context-pack §6 + dot-context-pack-build/verify | Domain context |
| 10 | KB matrix references for HP NT13, Đ0-G, Đ7, Đ28, Đ33, Đ36, Đ38, Đ39, Đ44 | Architecture constraints |
13 laws surveyed: HP, Đ0-G, Đ7, Đ22, Đ28, Đ33, Đ35, Đ36, Đ37, Đ38, Đ39, Đ43, Đ44 — domain × event × actor × frequency matrix tổng hợp 24 dòng (xem design note §A).
§4. Hard boundaries — attestation
| Boundary | Compliance |
|---|---|
| ❌ KHÔNG implement | ✅ |
| ❌ KHÔNG mutate PG | ✅ |
| ❌ KHÔNG mutate Directus | ✅ |
| ❌ KHÔNG code Nuxt | ✅ |
| ❌ KHÔNG Hermes | ✅ |
| ❌ KHÔNG Codex dispatch | ✅ |
| ❌ KHÔNG external scheduler | ✅ |
| ❌ KHÔNG P3D4C1 resume / patch | ✅ — P3D4C1 vẫn pause; design note ghi rõ "paused, pending P3D4C0Y outcome" |
| ❌ KHÔNG runtime tables/functions/triggers mới | ✅ |
| ❌ KHÔNG đổi iu_notification_* runtime | ✅ — design giữ nguyên iu_notification_event, iu_notification_read, fn_iu_* API surface |
| ❌ KHÔNG exposure body/raw/vector/secret | ✅ — envelope CHECK constraint cấm body/content/vector/secret/token keys trong safe_payload |
| ❌ KHÔNG solve grouping/routing trong Directus/Nuxt | ✅ — grouping ở L2 worker, routing ở L4 PG view |
| ❌ KHÔNG duplicate Đ43/DOT/context-pack machinery | ✅ — Đ43 builder vẫn là SoT cho context-pack lifecycle; universal event chỉ consume (ghi event sau PASS/FAIL) |
| ❌ KHÔNG claim IU board complete | ✅ — design note nói rõ Phase 1 = IU only ACTIVE; Phase 2+ là proposal |
| ✅ KB document create only | ✅ — 1 design note + 1 report |
| ✅ PG read-only inventory | ✅ — chỉ tham chiếu hash/runtime state qua KB report (không SQL execute) |
§5. Key architectural decisions
| # | Decision | Lý do |
|---|---|---|
| 1 | 5-layer pipeline tách rõ Fact → Pending → Durable → Routing → Exposure | Hot path O(1) bắt buộc; debounce/grouping deferred khỏi trigger |
| 2 | Event envelope universal với event_domain + event_type + event_stream + event_subject_* + correlation_id + causation_id |
Phủ multi-domain, cho phép pair (DOT exec/verify), trace causation |
| 3 | Stream taxonomy: comment, review, update, birth, task, alert, health (7) |
Đủ phủ 24 event types từ matrix, không bị khái quát quá mức |
| 4 | Recipient model = event_subscription config table + view resolution + implicit_self_read universal rule |
Tách actor vs recipient; subscription dễ thêm bớt agency/role mà không touch function |
| 5 | Lifecycle states Phase 1: pending, emitted, read, implicit_self, unread; Phase 2: suppressed, acknowledged, dead_letter; Phase 1 filter (not state) cho resolved | Đồng bộ với P3D1+P3D2 actionable filter; không thêm complexity sớm |
| 6 | Stable grouping key (source_doc/import_batch/correlation_id), debounce default 90s với per-domain override | Generalize từ P3D4C1 IU-specific sang multi-domain |
| 7 | PG signal channels Phase 1: Directus view + Agent SQL + Nuxt assembly; Phase 2 evaluate LISTEN/NOTIFY; Phase 3+ webhook adapter | No external service; PG-native + existing UI infra |
| 8 | Universal event_outbox/event_read + per-domain event_pending (staging) |
Single SoT for cross-domain query; staging stays per-domain để index optimization |
| 9 | IU migration: Option C UNIVERSAL_WITH_IU_COMPAT (C-i Phase 2 → C-ii Phase 3) | Zero hot-path impact; zero breaking change cho fn_iu_* API; eventual convergence rõ ràng |
| 10 | Đ43 không duplicate: builder/verify/health Đ43 produce events; universal worker không tự build context-pack | Một SoT cho context-pack lifecycle; universal là dispatcher |
| 11 | Law ownership: design seam Đ44 + cross-ref HP/Đ37/Đ35/Đ43; defer Đ45 mới đến sau Phase 2 PoC | Tránh ban hành luật khi PoC chưa chứng minh |
| 12 | Inclusion criteria 3-câu rubric (Object OQC + state transition + actionable) | Hard boundary chống "general activity log" creep |
§6. IU compatibility — explicit plan
Phase 1 (already ACTIVE):
- 2 tables, 6 functions, 3 triggers, 7 active objects (P3D2 report).
- Front-door API:
fn_iu_save,fn_iu_comment,fn_iu_apply_edit_draft,fn_iu_unread,fn_iu_mark_read,fn_iu_notification_board. - Không touch.
Phase 2 (proposed C-i, requires P3D4C0Y dispatch):
- Tạo
event_outbox,event_read,event_subscription,event_pendingcho domain mới. - IU vẫn ghi vào
iu_notification_eventqua existing 3 triggers. - View
v_event_unifiedUNION ALL hai bảng cho cross-domain board. - Cross-domain
fn_event_unread(p_actor)query view này.
Phase 3 (proposed C-ii, requires separate review):
- Copy 1 lần
iu_notification_event→event_outbox WHERE event_domain='iu'. - Drop physical IU tables, replace bằng view trên
event_outbox. - Rewrite
fn_iu_*body để queryevent_outbox+ filter domain. Signature & return shape unchanged.
Hard guarantee: Trong cả 3 Phase, fn_iu_unread, fn_iu_mark_read, fn_iu_notification_board API surface (input/output) bất biến. Đ43 context-pack chỉ advertise function names, không advertise table names → context-pack rebuild không cần thiết.
§7. What was NOT done (explicit non-implementation)
- ❌ No PG DDL/DML executed.
- ❌ No Directus collection/permission/flow created or modified.
- ❌ No Nuxt page/component touched.
- ❌ No P3D4C1 prompt patch hay resume.
- ❌ No new runtime function/trigger/table.
- ❌ No new external scheduler/tool/service.
- ❌ No SQL query against VPS PG.
- ❌ No Hermes start.
- ❌ No Codex dispatch.
KB writes: 2 documents
knowledge/dev/laws/dieu44-trien-khai/design/23-p3d4c0x-universal-event-outbox-notification-architecture.md(rev1, ~22KB)knowledge/dev/laws/dieu44-trien-khai/reports/23-p3d4c0x-universal-event-outbox-notification-architecture-review-report.md(this document)
§8. Open questions for GPT/User review
| # | Question | Decision needed |
|---|---|---|
| 1 | Approve UNIVERSAL_WITH_IU_COMPAT (Option C) over the other 3 options? |
YES/NO |
| 2 | Approve C-i in Phase 2 PoC scope (next pack P3D4C0Y) before C-ii consideration? | YES/NO |
| 3 | Stream taxonomy 7 streams (comment, review, update, birth, task, alert, health) — accept hoặc adjust? |
Accept/adjust |
| 4 | Inclusion criteria 3-câu rubric (§M.3 design note) đủ để chống activity log creep? | YES/Refine |
| 5 | Law ownership — đồng ý defer Đ45 mới đến sau Phase 2 PoC? | YES/NO |
| 6 | P3D4C1 (IU staging+worker, paused) — quyết định: (a) generalize cùng P3D4C0Y; (b) proceed as IU-specific Phase 1.5; (c) cancel nếu universal sẽ thay thế. | a/b/c |
| 7 | LISTEN/NOTIFY Phase 2 evaluate: cho phép PoC scope hoặc defer Phase 3? | Phase 2 / Phase 3 |
| 8 | Đ43 red_zones section feed universal alerts qua pg_query template — cần Đ43 review/amend hay additive thông qua existing source mode? |
Review needed / additive only |
§9. Next required pack
next_required_pack=P3D4C0Y_UNIVERSAL_PHASE2_POC_SCOPE_PLAN_REVIEW
P3D4C0Y scope (proposal, không dispatch trong session này):
- §1 Phase 2 PoC scope: chọn 1 domain mới (gợi ý
system_issuestừ Đ22 vì simplest lifecycle) + IU compat C-i variant. - §2 DDL design (event_outbox, event_read, event_subscription, event_pending) — design only, chưa apply.
- §3 Migration windows + rollback contract per Đ41 NT12.
- §4 Test suite parity với P3D1+P3D2; cross-domain board test; subscription routing test; CHECK constraint enforcement test.
- §5 Re-evaluate P3D4C1 (IU staging+worker, currently paused) — decision: generalize, proceed as-is, hay cancel.
P3D4C0Y phải qua GPT/User review trước khi dispatch.
§10. Hard-boundary attestation summary
no_pg_mutation=true
no_directus_mutation=true
no_nuxt_code=true
no_hermes=true
no_codex_dispatch=true
no_external_scheduler=true
no_p3d4c1_resume=true
no_new_runtime_tables=true
no_iu_notification_runtime_change=true
no_body_payload_exposure=true
no_grouping_in_directus_or_nuxt=true
no_duplicate_dieu43_machinery=true
kb_documents_created=2
implementation_intent=design_review_only
P3D4C0X rev1 architecture design review | KB-only | recommendation=UNIVERSAL_WITH_IU_COMPAT | next=P3D4C0Y review | All hard boundaries honored