dot-iu-cutter v0.5 — Constitution Snapshot-source MARK Dry-run Entrypoint: Operational Framing (operations-first; pinned snapshot in; manifest-only out; NOTHING executed)
dot-iu-cutter v0.5 — Constitution Snapshot-source MARK Dry-run Entrypoint: Operational Framing
Phase:
v0_5_constitution_snapshot_source_MARK_dryrun_entrypoint_design· Nature:design_and_command_authoring_only__no_dryrun__no_cut__no_verify__no_DB_write· Date: 2026-05-18 · doc 1 of 5nothing_executed: true ; dry_run: none ; cut: none ; verify: none ; parser_run: none ; DB_write: none input_basis: pinned_normalized_snapshot_artifact (NOT live page) KB_is_SSOT: true ; decision_authority: GPT / User ONLY ; self_advance: PROHIBITED
This document is written operations-first per
handoffs/dot-iu-cutter-current-operating-objectives-and-principles-2026-05-18.md
(operational goal → workflow state machine → marking/review model → safety/verification →
data/code). It defines what the missing entrypoint enables and means before any
mechanism. It implements the GPT next-phase directive in
reviews/dot-iu-cutter-v0.5-constitution-first-dryrun-planning-gpt-review-and-next-phase-2026-05-18.md
(next_phase: v0_5_constitution_snapshot_source_MARK_dryrun_entrypoint_design,
nature: design_and_command_authoring__no_dryrun_execution).
1. What this entrypoint enables for the future "Cắt Hiến pháp"
The long-term operator UX is a single command — Cắt Hiến pháp. That command is a
closed-loop decision workflow MARK → REVIEW → CUT → VERIFY, not a text splitter.
Today the chain is broken at its very first link: there is no ratified, safe code
path that turns the pinned normalized snapshot text into a candidate cut manifest
without writing Information Units. Every existing MARK surface (per KB SSOT, planning
doc 3 §1) assumes pre-existing tac_logical_unit rows or a restored-DB corpus — none
ingests a snapshot artifact.
what_this_entrypoint_is:
the missing FIRST LINK of "Cắt Hiến pháp": snapshot text -> candidate IU manifest
it is the MARK stage (plus a REVIEW evaluation pass) operating on a frozen artifact,
hard-stopped strictly BEFORE CUT
why_it_matters_operationally:
- it is the only place the hard human/semantic decision lives ("where are the cut
boundaries, and why exactly there"); per the batch-factory direction (objectives
doc §5) everything after an approved manifest is meant to be automated
- without it, "Cắt Hiến pháp" cannot even rehearse; the source identity foundation
is already CLOSED (B1/B5/B6/SC3) but the pipeline cannot consume it
- it converts a CLOSED source identity into a reviewable segmentation proposal,
enabling the first dry-run command-review WITHOUT risking any production row
future_factory_role:
this same entrypoint, once ratified, generalises to "Cắt 10 văn bản này":
mark many pinned snapshots -> manifests -> review exceptions only -> approve ->
(separately) automated cut/verify/store. This phase builds the first, single,
Constitution-scoped instance of that mark step — design only.
2. Input — the pinned snapshot, never the live page (QG1)
input_authority:
source_document_ref: incomex-constitution
source_document_version_id: icxconst-008a06ace23a96ea6cd456146e805c97
source_checksum: 17660443e0f23e994e1807cf8e22920951a9e70c598956dbd0e752f4f5cae80c
source_basis: pinned_normalized_snapshot_artifact (write-once, rev1)
snapshot_artifact_path: knowledge/dev/laws/dieu44-trien-khai/snapshots/constitution/constitution-normalized-17660443e0f23e99.md
identity_region: the bytes strictly BETWEEN the sentinels
`<<<BEGIN-NORMALIZED-CONTENT-DO-NOT-EDIT` and
`END-NORMALIZED-CONTENT-DO-NOT-EDIT>>>`
normalized_content_length: 17522
marker_counts: { enacted: 19, controlled_draft: 1, draft: 1, obsolete: 1 }
parser_reference_impl: nuxt-incomex-portal-constitution-v1.refimpl.r1
grammar_profile: incomex-architecture-constitution-v4 (address_template at.icx.const.v4)
docprefix: ICX-CONST
scope_policy: enacted_only
live_url_role: discovery_only (NEVER an identity or input source)
The entrypoint reads only the BEGIN/END region of the write-once artifact as the segmentation input. The artifact is rehashed before parsing; a drifted or edited artifact aborts the run before any work (fail-closed). The live Nuxt page is render-volatile and is excluded by construction (planning doc 1 §2; grounding-report MISMATCH-1/3).
3. Output — candidate manifest artifacts only, never production IU, no DB write
output_of_the_entrypoint (allowed):
- a CUT MANIFEST: candidate units (level ∈ {NGUYEN_TAC, KIEN_TRUC_SECTION, DIEU}),
each with source_span over the snapshot region, canonical_address proposal
(ICX-CONST/<path>), heading, title, normalized_text, cut_reason, parent,
status_marker_observed, effective_status, in_scope|excluded(+reason), provenance
- a REVIEW EVALUATION over that manifest (coverage / no-overlap / vocab / hierarchy)
- a COVERAGE PROOF (span reconciliation over the snapshot region)
- a DETERMINISM DIGEST (manifest hash; re-run equality)
- a DRY-RUN REPORT (PASS / FAIL / BLOCKED + one-line operator view)
output_of_the_entrypoint (FORBIDDEN — fail-closed):
- ANY DB write: tac_logical_unit, cutter_governance.* (incl.
source_document_registry, source_document_version_registry, manifest_envelope,
cut_change_set, verify_result, canonical_address_alias, dot_pair_signature,
decision_backlog_*), or any DR/isolated governance table
- fn_iu_create / CUT / VERIFY
- source_document / source_document_version mutation
- Directus / vector / NoSQL / git write
db_write_policy: NONE. Artifact-only. Any uncertainty resolves to "no DB write".
The manifest is data about a proposed cut, not the cut.
4. Where this entrypoint sits in the workflow state machine
[pinned snapshot artifact]
│ rehash BEGIN/END region (fail-closed gate)
▼
MARK (this entrypoint) ── deterministic matchers ──▶ candidate manifest
│
▼
REVIEW evaluation (coverage / no-overlap / scope / hierarchy / addressing)
│
▼
[STOP — manifest + proofs only] ◀── this phase ends design here
┊
┊ (FORBIDDEN this phase and until separately authorized)
▼
CUT → VERIFY → store
operational_boundary_of_THIS_phase:
produces: a design + command-authoring package (exactly 5 KB docs)
executes: NOTHING (no parser run, no dry-run, no SSH, no DB SELECT of
cutter_governance, no harness provisioning, no code change)
next_gate: GPT / User review -> rule whether/how the entrypoint may be built+run
self_advance: PROHIBITED
5. Success definition for a FUTURE authorized dry-run (framing only)
success (when later authorized, judged by doc 4 verification plan):
S1 snapshot_rehash : recomputed region sha256 == 17660443…cae80c ; length == 17522
; markers == {✅19,📋1,📝1,⛔1} (else ABORT, no parse, no output)
S2 provenance : every unit binds source_document_version_id icxconst-008a06…
+ snapshot span ; zero live-URL dependency
S3 scope_correct : only effective_status=enacted units are candidates ; 📋 Điều 44,
📝 Điều 34, ⛔ obsolete entries appear ONLY as itemised EXCLUDED
rows with reason ; ZERO silent drop
S4 coverage : candidate ∪ excluded ∪ classified-boilerplate spans cover the
region with no gap and no overlap
S5 addressing : unique ICX-CONST/<path> per unit ; status NEVER in address
S6 determinism : same snapshot + same profile + refimpl.r1 ⇒ byte-identical manifest
S7 zero_production : no production row created/changed ; no CUT ; no VERIFY ;
system_identifier 7611578671664259111 unchanged
A run that creates even one IU, touches production, or relies on the live page is a FAIL by definition, regardless of manifest quality.
6. Statement
- QG1 satisfied: input is the pinned artifact
17660443e0f23e99(write-once, rev1); live URL = discovery_only; rehash gate precedes any parse. - QG6 satisfied: nothing executed; this is design/authoring only.
- doc 1 of 5; STOP after 5 docs → route GPT/User. Self-advance PROHIBITED.
Companion docs: matcher-and-status-design (2), manifest-contract (3), command-and-verification-plan (4), entrypoint-design-report (5).