Incomex AI Portal
KB-8A91

dot-iu-cutter v0.2 — P0-2 Manifest Design Master (2026-05-16)

8 min read Revision 1
dot-iu-cutterdieu44v0.2p0-2manifestdesign-masterno-ddlpending-gpt-review

dot-iu-cutter v0.2 — P0-2 Manifest Design Master

document_path: knowledge/dev/laws/dieu44-trien-khai/v0.2-design/dot-iu-cutter-v0.2-p0-2-manifest-design-master-2026-05-16.md
revision: r1
date: 2026-05-16
author: Agent (Claude Code CLI, Opus 4.7 1M)
sovereign: User / anh Huyên
verifier: GPT (P0-2 design review — PENDING)
phase: v0.2 — P0-2 manifest DESIGN (LOGICAL ONLY; no DDL)
mutation_performed: false
ddl_written: false
dry_run_started: false
production_migration_allowed: false
br_6_status: closed_with_notes (GPT, 2026-05-16; Option D)

§1 — Objective

Produce the logical design of the P0-2 manifest layer — cutter_governance.manifest_envelope (scope item v0.2-D-1) and cutter_governance.manifest_unit_block (v0.2-D-2) — that:

  • represents a topology-change proposal (first cut, split, merge) losslessly so it can be reviewed and later enacted by the P1 executor;
  • carries the BR-6 minimum hooks + invariants ratified by the BR-6 absorption GPT review (Option D, closed_with_notes);
  • does not embed any split/merge execution machinery (that is P1).

This master coordinates six sibling design documents (see §9).

§2 — Scope

in_scope:
  - logical design of cutter_governance.manifest_envelope
  - logical design of cutter_governance.manifest_unit_block
  - BR-6 invariant integration (INV-1..INV-6) at the design level
  - GOV-1/2/3 decision register (registration only; not resolution)
  - Đ32 risk-class estimate + future dry-run/verification planning note
  - design report + readiness-for-GPT-review statement
output_form: p0_2_manifest_logical_design_set

§3 — Non-Scope

not_in_scope:
  - any DDL / SQL / ALTER / CREATE statement (logical field tables only)
  - DDL authoring lane (separate, gated on GOV-1/2/3 + design review)
  - dry-run / env provisioning
  - production mutation / migration / deploy
  - CUT / VERIFY execution
  - split/merge EXECUTION pipeline (P1: edge redistribution, birth/lifecycle writes,
    alias emission, hierarchy re-parenting, render_order recompute)
  - P0-6 review_decision design (dependency NOTE only — see §6.3)
  - P0-5 remainder (decision_backlog_history / _dependency / _sweep_log)
  - resolving GOV-1/2/3 (registered, owned by councils/GPT — not self-closed)
  - alias write pathways (canonical_address_alias stays empty; P1)

§4 — Dependency Graph

v0.1 live (empty)         Phase α live                 P0-2 (this design)
─────────────────         ────────────                 ──────────────────
decision_backlog_entry ◄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄ escalation_ref (soft)
cut_change_set         ◄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄┄ cut_change_set_ref (soft)
verify_result          ◄┄┄┄ (INV-6: enactment proven here at P1)
                                              manifest_envelope (1)
public.tac_logical_unit ◄┄ target_unit_id (soft uuid)  │ 1
  .canonical_address (SSOT)                              │ N  (in-schema FK)
  .authority (Phase α)   ◄┄ proposed_authority           ▼
  .canonical_address_format_version (Phase α) ◄┄┄ inherited  manifest_unit_block
canonical_address_alias ┄┄ NO coupling (INV-4: P1 emits)

scope-backlog §6 order:  phase1 canonical-reconcile (DONE, Phase α)
                       → phase2 P0-2 (THIS)  → phase3 P0-6 → phase4 P0-5-remainder
legend: ◄┄┄ soft uuid reference (no PG FK);  ── in-schema FK (only one allowed)

§5 — Relationship to v0.1 Live Tables

The five v0.1 cutter_governance tables are live and empty and are not touched by this design:

  • decision_backlog_entry — target of manifest_envelope.escalation_ref (soft uuid).
  • cut_change_set / cut_change_set_affected_row — target of manifest_envelope.cut_change_set_ref (soft uuid); P1 enacts via these (INV-6).
  • verify_result — P1 proves enactment here (INV-6); not referenced from the manifest.
  • dot_pair_signature — unrelated to P0-2; untouched.

manifest_envelope / manifest_unit_block become the 7th and 8th tables in cutter_governance when created (later, gated). No existing table gains a column, constraint, or trigger.

§6 — Relationship to Phase α Live Metadata

6.1 canonical_address (SSOT, preserved per Option D reconciliation)

public.tac_logical_unit.canonical_address is UNIQUE / NOT NULL / immutable; production syntax D{doc}-DIEU{N}-{S|ROOT}[-P{n}][-{n}]. The manifest never writes it. A result block carries a proposed address in proposed_canonical_address; the live SSOT column is mutated only by the P1 executor, never by the manifest (INV-1).

6.2 authority / canonical_address_format_version (Phase α columns)

  • proposed_authority snapshots the intended successor authority; bound by INV-2 (no escalation without re-enactment) and GOV-2 (inheritance rule, unresolved).
  • canonical_address_format_version is inherited, never stored as a downgrade (INV-3); the block design records the relation, not a writable column that can lower it.

6.3 canonical_address_alias (Phase α, empty)

No direct manifest↔alias coupling (binding constraint + GOV-3, lean = event-backed). Alias rows are emitted by the P1 executor at enactment (INV-4); the manifest only records the proposed canonical change, which is sufficient for P1 to derive alias rows.

6.4 review_decision (P0-6 — dependency NOTE only)

P0-6 is deferred and not designed here. Dependency note only: manifest_envelope exposes escalation_ref (soft → decision_backlog_entry) as the review/escalation hook; when P0-6 lands, review_decision will reference the envelope/backlog, not the reverse. INV-5 (split/merge is review-gated) is satisfied at the design level by this hook.

§7 — Relationship to BR-6 Invariants

INV-1..INV-6 are integrated per the dedicated integration document (File 4). Summary: the manifest encodes what is needed to honor the invariants at P1 (proposed addresses, block_role, soft change-set ref, escalation hook) and encodes nothing that would let the manifest itself violate them (no live-SSOT write, no alias coupling, no out-of-band mutation path).

§8 — Why Design Can Start Before GOV-1/2/3, but DDL Cannot Freeze

  • Design can start now: the BR-6 absorption GPT review explicitly set P0_2_design_allowed_after_explicit_prompt: true. Logical structure (entities, relationships, lifecycle, soft-ref policy) does not depend on the value of the GOV rulings — only on the existence of the columns that will carry them.
  • DDL cannot freeze yet: GOV-1 (address-coining rule), GOV-2 (authority inheritance), GOV-3 (manifest↔alias linkage) each determine the semantics/constraints of specific columns (proposed_canonical_address, proposed_authority, and whether any alias linkage column exists). Freezing DDL before they are ratified risks a wrong column shape. Per the GPT review: P0_2_DDL_freeze_allowed: false until GOV-1/2/3 resolved and this design is reviewed.

§9 — Sibling Documents (this set)

1 master (this file)
2 dot-iu-cutter-v0.2-p0-2-manifest-envelope-design-2026-05-16.md
3 dot-iu-cutter-v0.2-p0-2-manifest-unit-block-design-2026-05-16.md
4 dot-iu-cutter-v0.2-p0-2-br-6-invariant-integration-2026-05-16.md
5 dot-iu-cutter-v0.2-p0-2-gov-decision-register-2026-05-16.md
6 dot-iu-cutter-v0.2-p0-2-risk-and-dry-run-planning-note-2026-05-16.md
7 dot-iu-cutter-v0.2-p0-2-design-report-2026-05-16.md
all in: knowledge/dev/laws/dieu44-trien-khai/v0.2-design/

§10 — Hard Boundaries

no_DDL_written: TRUE
no_DDL_authoring_started: TRUE
no_dry_run: TRUE
no_mutation: TRUE
no_migration: TRUE
no_production_touch: TRUE
no_P0_6_design (dependency note only): TRUE
no_P0_5_remainder: TRUE
GOV_self_closed: FALSE
agent_self_advance: PROHIBITED
output_form: p0_2_manifest_design_master

End of P0-2 manifest design master.

Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/v0.2-design/dot-iu-cutter-v0.2-p0-2-manifest-design-master-2026-05-16.md