dot-iu-cutter v0.5 — Cutwrite DB-Isolated Writer · Authoring Plan + Code Summary

Phase: v0_5_cutwrite_DB_isolated_writer_authoring · Date: 2026-05-19 · doc 1 of 5 Authorized by GPT ruling …cutplan-dryrun-writer-decision-gpt-ruling-2026-05-19 (OD-W1..OD-W9 RATIFIED; next phase = W-3 DB-isolated writer authoring, production_write not_authorized).

kb_read: confirmed · kb_upload: confirmed (this doc)
production_mutation: NONE · git: local feature-branch commit only · self_advance: PROHIBITED

1. Pre-state (read-only)

repo: /Users/nmhuyen/iu-cutter-build/repo/iu-cutter
branch: feature/constitution-snapshot-mark-dryrun
pre_commit_HEAD: d66a60d9d7d11d60366825b08e0ea3d5d2d6aeef  (S2 cutplan committed)
cutplan.py f1f… verified · dryrun.py f1f42e83…2efa1422 · working tree clean
GPT rulings consumed: OD-W1 all-60-IU · OD-W2 law_unit · OD-W3 parent-by-address-path/
  top-level-NULL/no-synthetic-root · OD-W4 verbatim address · OD-W5 OD-1+preexistence+
  UNIQUE+G-CUT-ONCE · OD-W6 no vocab seed (precheck) · OD-W7 DB-isolated-first ·
  OD-W8 enacted/open · OD-W9 body=span, sha256(body)==span_sha256 fail-closed.

2. Deliverable (committed on feature branch)

post_commit_HEAD: f0120ac018b8942fdafaf105923b0e6f8dba6b40
commit_subject: "feat: add W-3 DB-isolated constitution writer (cutwrite) + tests"
files (2; 877 insertions; 0 existing files modified; main 4367c83 UNCHANGED):
  cutter_agent/cutwrite.py        sha256 31ce88dca8f68abd1bff484d665235f396272b0b4f64448812de8a93a1f901d3
  tests/test_cutwrite_snapshot.py sha256 e1b4f4971425de2b8e12eeb505ce7ce4297648b00d81a0e63bf4a5399c1932eb
no merge/push/tag/deploy. Reversible: git reset --hard d66a60d.

3. Code summary — cutter_agent/cutwrite.py

entrypoint: python3 -m cutter_agent.cutwrite --mode db-isolated-dryrun ...
import_isolation: stdlib (argparse,hashlib,json,os,sys,uuid,pathlib,__future__)
  + ONLY `from cutter_agent import dryrun as D` (the ratified no-DB MARK module,
  used for deterministic region extraction). Does NOT import db_adapter/phases/
  ledger/signal/signing/psycopg/socket/requests/sqlalchemy. Asserted by an
  AST test (TestNoDbImportIsolation).
guards (exit 2 REFUSED): mode != db-isolated-dryrun; missing --no-production/
  --fail-closed/--exclude-dieu-44; scope != enacted_only; any DB env var set
  (PG_DSN/DATABASE_URL/DIRECTUS_URL/PGPASSWORD/PGHOST/PGUSER).
manifest gates (exit 3 BLOCKED): file sha != 7d56f3ce…; recomputed digest
  (dryrun/cutplan algorithm) != 9d908a62… and != header self-digest;
  candidate_count != 60; source_version/docprefix/scope mismatch.
region gate: D.extract_region(snapshot) ; sha256(region) == 17660443… else BLOCKED.
ScratchGovernedDB (in-memory, faithful re-impl of production captured read-only):
  - UNIQUE(canonical_address) (txn + committed address sets)
  - fn_iu_birth_gate_layer1 (BEFORE INSERT): non-empty canonical_address/unit_kind/
    lifecycle_status/owner_ref/conformance_status; unit_kind ∈ vocab.unit_kind;
    identity_profile.title/owner_lookup_ref/primary_section_type_ref present;
    primary_section_type_ref ∈ vocab.section_type; publication_type_ref ∈
    vocab.publication_type; publication_authority_ref + publication_type_ref
    treated as MANDATORY ("production sẽ BLOCK" pilot warning hardened).
  - fn_iu_birth_gate_layer2 (DEFERRED @ commit): content_anchor_ref non-empty;
    version_anchor_ref not null; ∃ unit_version WHERE id=anchor AND unit_id=IU.id;
    content_anchor_ref == str(version_anchor_ref).
  - SCRATCH_VOCAB embeds the exact production dot_config vocab captured 2026-05-19.
row mapping (60×, per OD-W*): information_unit{canonical_address VERBATIM,
  unit_kind=law_unit, lifecycle=enacted, owner_ref=incomex_council,
  conformance=open, doc_code=ICX-CONST, section_type=
  {NGUYEN_TAC:principle,KIEN_TRUC_SECTION:section,DIEU:article}, section_code,
  parent_or_container_ref=address-path (flat ICX-CONST/<seg> ⇒ NULL all 60),
  identity_profile{title(from span),owner_lookup_ref,primary_section_type_ref,
  publication_type_ref=law,publication_authority_ref=incomex_council,
  provenance{source_document_version_id,manifest_digest,snapshot_region_sha256,
  span_sha256,idempotency_key}}} + unit_version{unit_id,body=span slice,
  content_hash=span_sha256,version_seq=1,lifecycle=enacted,content_profile,
  created_by}; then UPDATE anchor (version_anchor_ref/content_anchor_ref).
birth transaction: ONE txn — INSERT 60 IU (L1 each) → INSERT 60 unit_version →
  UPDATE 60 anchors → commit (L2 for all). Any L1/L2 reject ⇒ rollback ⇒ 0 rows.
idempotency: OD-1 key sha256(canon(sv,canonical_address,content_hash));
  pre-existence check; UNIQUE backstop; pre-existing ICX-CONST set ⇒
  status NOOP_ALREADY_APPLIED (G-CUT-ONCE), exit 0, zero new rows.
determinism: build_rows run twice; writer_digest (content-addressed, excludes
  random uuids) compared; mismatch ⇒ BLOCKED.
artifacts (/tmp out-dir only): cutwrite_dryrun_report.md, iu_rowset.json,
  unit_version_rowset.json, birth_gate_result.json, writer_digest.md.

4. No-mutation statement

performed: code authoring + local CI + a /tmp scratch dry-run (shredded) +
  ONE local feature-branch commit (W-3 lineage, R1/S2 precedent) + read-only KB.
NOT performed: production DB/IU write · CUT · VERIFY · psycopg/DB connection ·
  merge/push/tag/deploy · source/version mutation · invented production command ·
  self-advance.

doc 1 of 5. No production mutation. Self-advance PROHIBITED.