dot-iu-cutter v0.5 — Constitution Snapshot-source MARK: Entrypoint Command Contract + Verification Plan

Phase: v0_5_constitution_snapshot_source_MARK_dryrun_entrypoint_design · Nature: command_contract_and_verification_design_only__no_execution · Date: 2026-05-18 · doc 4 of 5

nothing_executed: true ; the command below is a PSEUDO CONTRACT, not runnable today
  (the entrypoint does not exist — R9 gap, KB SSOT) ; no parser run ; no DB write
decision_authority: GPT / User ONLY ; self_advance: PROHIBITED

---

1. Entrypoint command contract (task §5; pseudo — NOT runnable)

The required entrypoint is the missing no-DB-write snapshot-source MARK dry-run mode. This is the precise contract a future code package must satisfy and GPT/User must rule on. It is a specification, not an authorized command.

# PSEUDO — NOT RUNNABLE TODAY; the entrypoint is undesigned/unbuilt (R9 gap, KB SSOT).
# Requires: GPT ruling on this contract -> a separate code-authoring package ->
#           code-pinned commit -> execution command-review -> (separate) authorized run.

python -m cutter_agent.dryrun \
  --mode               mark-manifest-only \
  --no-cut --no-verify --no-db-write --fail-closed \
  --source-version-id  icxconst-008a06ace23a96ea6cd456146e805c97 \
  --snapshot-artifact  knowledge/dev/laws/dieu44-trien-khai/snapshots/constitution/constitution-normalized-17660443e0f23e99.md \
  --identity-region    'BEGIN-NORMALIZED-CONTENT-DO-NOT-EDIT..END-NORMALIZED-CONTENT-DO-NOT-EDIT' \
  --expect-region-sha  17660443e0f23e994e1807cf8e22920951a9e70c598956dbd0e752f4f5cae80c \
  --expect-length      17522 \
  --expect-markers     'enacted=19,controlled_draft=1,draft=1,obsolete=1' \
  --grammar-profile    incomex-architecture-constitution-v4 \
  --parser-refimpl     nuxt-incomex-portal-constitution-v1.refimpl.r1 \
  --address-template   at.icx.const.v4 \
  --docprefix          ICX-CONST \
  --scope              enacted_only \
  --exclude-markers    'controlled_draft,draft,obsolete' \
  --leaf-floor         DIEU \
  --emit-levels        'NGUYEN_TAC,KIEN_TRUC_SECTION,DIEU'   # pending OD-G3 micro-ruling
  --out-dir            $WD/manifest \
  --emit               manifest.json,review_evaluation.json,coverage_proof.json,determinism.digest,dryrun_report.md

1.1 Mandatory behaviour the entrypoint MUST enforce (fail-closed gating)

C1 read source_document_version_id icxconst-008a06… ; bind every unit to it (no live URL)
C2 REHASH the snapshot BEGIN/END region BEFORE parsing ; assert
   region_sha256 == 17660443…cae80c AND length == 17522 AND
   marker_census == {✅19,📋1,📝1,⛔1} ; any mismatch => ABORT (no parse, no output)
C3 parse using ONLY refimpl.r1 semantics for parser_profile
   nuxt-incomex-portal-constitution-v1 (R-RI3 N8: drop all empty lines) over the
   normalized snapshot region — NO live fetch (live = discovery_only)
C4 run the deterministic matchers (doc 2): zone_router, nguyen_tac, kien_truc_section,
   dieu, status_marker_detector, changelog_boundary_detector
C5 derive effective_status via the 3-tier cascade (doc 2 §3); apply enacted_only:
   only enacted => candidate ; 📋/📝/⛔ => itemised EXCLUDED with reason ; ZERO silent drop
C6 emit the manifest schema of doc 3 (candidate + excluded + noncontent; ICX-CONST/<path>;
   status NEVER in address)
C7 write ONLY the 5 artifact classes to $WD/manifest then to the KB folder; NO DB row
   anywhere (production, DR, governance) ; db_write_policy = NONE
C8 NO CUT, NO VERIFY, NO fn_iu_create, NO source registry mutation, NO Directus/vector/git
C9 fail-closed: any unknown marker / uncovered span / overlap / address collision /
   malformed heading / orphan section / determinism mismatch => STOP BLOCKED, partial
   output quarantined (never auto-pass, never silent drop)
C10 isolation: run in an ephemeral env; DR system_identifier MUST differ from prod
   7611578671664259111 (hard-abort if equal); iu-cutter mounted READ-ONLY at a pinned
   commit; production contacted READ-ONLY at most (sysid read); env-destruction teardown

2. Code-path inspection & gap report (task §5)

inspection_method: KB-SSOT grounding (consistent with all prior Constitution phases,
  which did NOT run live DB SELECT / live code reads). No iu-cutter source tree is
  present in this working environment; per governance (KB is SSOT, never invent
  authority) the gap is reported from SSOT, not re-derived by ad-hoc code reading.
existing_command_surface (KB SSOT — planning doc 3 §1, readiness R9):
  - v0.4 pg-backed dry-run command-review: isolated restored-prod-DB harness
    exercising role/privilege matrix over PRE-EXISTING tac_logical_unit rows; does
    NOT ingest a source document
  - v0.4 first controlled CUT/VERIFY command-review: MARK→…→VERIFY on ONE already
    existing pinned tac_logical_unit PK; upstream of MARK assumes IU rows exist
  - v0.5 dry-run-at-volume plan: explicitly "no real Hiến pháp ingestion"; source =
    synthetic / replay of restored corpus
gap (R9, BLOCKED): no ratified code path turns a normalized snapshot artifact +
  grammar profile into a cut manifest WITHOUT writing IU rows. MARK today presumes
  existing tac_logical_unit input or a restored-DB corpus. The snapshot→manifest
  segmentation is, per KB SSOT, "undesigned/unauthorized — upstream of the cutter".
what_THIS_design_now_supplies (closing the design-side of the gap):
  - OD-MC1 matcher internals: SPECIFIED (doc 2 §2) — DESIGN_BEFORE_EXECUTION discharged
  - OD-G2 leaf floor = DIEU: APPLIED (doc 2 §4)
  - group-vs-row status inheritance: SPECIFIED (doc 2 §3) — GPT ruling implemented
  - manifest + address + output contract: SPECIFIED (doc 3)
  - command contract + verification: SPECIFIED (this doc)
what_remains (NOT this phase): the actual no-DB-write code mode does not exist; it
  must be authored as a separate, GPT-gated code package using docs 1–4 as the input
  spec, then code-pinned, then execution-command-reviewed. NO code was written/changed.

3. Verification plan for a FUTURE authorized run (task §7; QG5)

Method = catalog/codepoint/structural assertions over the FROZEN snapshot region and the emitted manifest; never rendered-string equality (C-07 lesson). All fail-closed.

ID	Check	Pass criterion
V-1 snapshot rehash	recompute sha256 of BEGIN/END region	== 17660443…cae80c; length == 17522 (else ABORT)
V-2 marker census	count ✅/📋/📝/⛔ in region	== {✅19,📋1,📝1,⛔1} (else ABORT)
V-3 no live fetch	scan run trace for HTTP/live-URL	zero; input == snapshot artifact only
V-4 version binding	every unit carries source_document_version_id	== icxconst-008a06… for 100%; provenance = snapshot path+sha, not live page
V-5 effective-status proof	each unit's status_basis ∈ {tier_0,tier_1,tier_2}; derivation re-checked	100% reproduce doc 2 §3.2 table; Điều 44 ⇒ controlled_draft via tier_2
V-6 enacted-only purity	every candidate span ⊆ an enacted-resolved node	100%; zero candidate from a 📋/📝/⛔ node
V-7 Điều 44 excluded	Điều 44 present as EXCLUDED, reason=controlled_draft_deferred	present, not a candidate, not dropped
V-8 exclusion itemised	📋 Điều 44, 📝 Điều 34, ⛔ ×2 obsolete each an EXCLUDED row + reason	all enumerated; none silently dropped
V-9 coverage	candidate ∪ excluded ∪ noncontent spans vs region	covers region, no gap
V-10 no-overlap	pairwise span intersection	empty (no double-cut)
V-11 address uniqueness	every unit address matches ICX-CONST/<path>; status never in address	well-formed; no duplicate canonical_address
V-12 hierarchy	level ∈ {NGUYEN_TAC,KIEN_TRUC_SECTION,DIEU}; parent/child consistent	no foreign level; no orphan; no cycle
V-13 count guardrail	exact candidate integer	within [55,78]; outside ⇒ investigate, no auto-pass
V-14 determinism	re-run same snapshot+profile+refimpl.r1; compare manifest_digest_sha256	byte-identical digest
V-15 reconstruction	enacted_text ⊕ excluded_text ⊕ noncontent_text	== full snapshot region, no gap/overlap
V-16 NO production mutation	row-count Δ of all production tables PRE vs POST	Δ = 0 (tac_logical_unit, cutter_governance., source_documentregistry, manifest_envelope, cut_change_set, verify_result, canonical_address_alias, dot_pair_signature, decision_backlog*)
V-17 no CUT/VERIFY	scan executed verbs/lanes	zero fn_iu_create; zero CUT; zero VERIFY; no DOT-991/992 row
V-18 identity unchanged	system_identifier + source_document_version row PRE vs POST	== 7611578671664259111; version row byte-identical
V-19 no side-channel	Directus / vector / NoSQL / git	none mutated; iu-cutter tree clean at pinned commit
V-20 secret hygiene	scan artifacts/logs	no secret/password/.env content in any KB artifact

verdict_rule:
  PASS    iff V-1..V-20 all PASS
  FAIL    if any correctness check (V-4..V-15) fails while no mutation occurred
  BLOCKED if V-1/V-2 abort (drift) OR the entrypoint does not yet exist (current state)
  CRITICAL (incident, not normal FAIL) if any V-16/V-17/V-18/V-19 fails — a dry-run
    must be net-zero on production by construction

4. No-production-mutation proof + cleanup (QG5)

proof_design:
  - command runs --no-cut --no-verify --no-db-write --fail-closed in an ephemeral
    isolated env (DR-sysid ≠ prod 7611578671664259111, hard-abort if equal);
    production touched READ-ONLY at most
  - PRE/POST integer row-counts of every production cut/governance/source table;
    assert Δ==0 (V-16); source_document_version row hash PRE==POST (V-18)
  - snapshot artifact opened READ-ONLY (write-once, rev1) — never rewritten (V-1)
  - artifacts written only to KB folder / throwaway scratch — never a DB row
cleanup (case A — the ONLY sanctioned case):
  scratch $WD (0700, not git-added) shredded at teardown; KB artifacts kept as
  deliverables; a superseded manifest is marked SUPERSEDED in a new revision, never
  silently deleted (audit-preserving); ephemeral pg/harness containers `docker rm -f`
  by EXACT name; protected prior dry-run envs verified unchanged; no prune/wildcard
production_rollback: none needed and none designed — no production mutation permitted
  (forward-compensation/backup-restore belong to CUT/VERIFY, FORBIDDEN here)
case_B (DB-backed dry-run table): OUT OF SCOPE — separate design + GPT approval +
  rollback required before proposal; this package forbids DB writes outright

5. Statement

• QG3/QG6 satisfied: an exact command CONTRACT is specified AND the missing entrypoint is clearly reported as a BLOCKED R9 code gap (no runnable command fabricated); no code inspected ad-hoc, no code changed, nothing executed.
• QG5 satisfied: V-16/V-17/V-18/V-19 prove net-zero production; V-1/V-2 gate on pinned-snapshot integrity; V-15 is the reconstruction check; cleanup artifact-only.
• doc 4 of 5; STOP after 5 docs → route GPT/User. Self-advance PROHIBITED.

Companion docs: operational-framing (1), matcher-and-status-design (2), manifest-contract (3), entrypoint-design-report (5).