dot-iu-cutter v0.5 — Final Bridge · Guarded Production Adapter Package

doc 3 of 6 · 2026-05-19 · leg A AUTHORED + LOCALLY TESTED + COMMITTED (feature branch only). Leg B fail-closed (GAP-B1). No DB connect/mutation.

1. What was built (commit)

repo: /Users/nmhuyen/iu-cutter-build/repo/iu-cutter
branch: feature/constitution-snapshot-mark-dryrun (NOT main; no push/merge/tag)
pre: f0120ac  →  post: 152e7db  (3 new files, 0 existing modified)
files (untracked→committed):
  cutter_agent/prod_iu_adapter.py  sha256 b012d196… 
  cutter_agent/cutprod.py          sha256 cb745473…
  tests/test_prod_iu_adapter.py    sha256 221be6dd…
cutwrite.py: byte-UNCHANGED 31ce88dc… (ratified W-3 factory reused, not edited)
tests: NEW 20/20 GREEN; regression cutwrite 22 + MARK 21 + cutplan 15 = 58/58
  unchanged-GREEN; py_compile OK. Total 78 green. NO DB connection in any test.
reversible: git reset --hard f0120ac.

2. prod_iu_adapter.py — guarded leg-A birth writer (capabilities)

import-safe: stdlib + cutter_agent.cutwrite (ratified pure factory) +
  cutter_agent.signing (StubSigning) only. NO psycopg/socket/requests at load
  (test_no_psycopg_or_socket_at_import). Default connection provider RAISES
  ProductionAccessNotAuthorized (cannot connect without an injected real
  provider + approved env + approval id — none in code/tests).
guards (fail-closed, all enforced & unit-tested):
  G1 sovereign approval flag + resolvable KB id (absent → refuse, no connect)
  G2 pinned manifest file-sha/digest/count/source-version/region (mismatch→refuse)
  G3 rows ONLY from cutwrite.run_dry; writer_digest == d99a31d4… (else refuse);
     NOOP_ALREADY_APPLIED scratch pre-existence → refuse (never re-insert)
  G4 post-connect SELECT current_user == 'cutter_exec' (else refuse)
  G5 in-session read-only catalog drift precheck (19/16 cols, L1 f38c94d0…,
     L2 078ba005…, vocab 6/6) — mismatch → refuse, zero writes
  G6 G-CUT-ONCE: count(ICX-CONST) == 0 (else NO-OP, never re-insert)
  G7 fresh verified backup gate (≤60 min) callback — unsatisfied → refuse
leg-A SQL (parameterised, defence-in-depth allowlists; unit-tested):
  schema allowlist {public}; table allowlist {information_unit, unit_version};
  column allowlists = the exact 19 / 16 live columns; the ONLY UPDATE is the
  column-scoped (version_anchor_ref, content_anchor_ref) anchor on
  information_unit. Ordering: SET CONSTRAINTS ALL DEFERRED → 60 INSERT IU →
  60 INSERT unit_version → 60 anchor UPDATE (asserted by tests). NO DELETE/
  TRUNCATE/DDL/GRANT/other-table/other-column can be emitted (asserted).
  adapter-supplied envelope cols (created_at/by, updated_at/by — NOT in the
  ratified rowset, do NOT affect writer_digest) are explicit & fixed.
DOT-991 signing: build_executor_signature_row() via StubSigning (RD-C3
  ratified posture); assert_lane_overlap_invariants() enforces signer_dot_id=
  DOT-991 + signature_kind=executor + cross-ref change_set_id ONLY + exactly
  one xref; negative tests (both / neither / swapped / unknown lane) all raise.
single-txn seam: leg_a_in_txn(conn,…) runs on a CALLER-owned connection/txn
  (does NOT open/commit) so the future leg A+B composer owns ONE atomic txn.

3. cutprod.py — thin composer entrypoint

--mode plan-only  : no-connect guards + ratified 60+60 rowset + writer_digest
  assertion; prints PLAN_OK …; exit 0. NO DB. (verified)
--mode production : ALWAYS exit 3 BLOCKED (GAP-B1) — leg B unavailable; a
  public-only CUT would be an ungoverned mutation ⇒ refused, not fabricated.
fail-closed: wrong mode / missing --fail-closed|--exclude-dieu-44 / wrong
  --expect-writer-digest / any DB env var ⇒ exit 2 (verified by tests).

4. GAP-B1 — the exact remaining adapter gap (leg B)

gap: NO committed production-shaped cutter_governance governed-ledger row-
  builder. ledger.py is the dry-run SKELETON shape and structurally diverges
  from the live 24-col cut_change_set (+ rich manifest_envelope/unit_block/
  dot_pair_signature/decision_backlog_*); the v0.4 production trial's rich
  builder was never committed to this branch (doc 1 §2 evidence).
why_not_fabricated: authoring 7 rich tables incl. a NOT-NULL review_decision_id
  (needs a live-shaped governed REVIEW sub-pipeline, also uncommitted) by
  guessing the NOT-NULL/semantic contract = the exact failure the project
  forbids ("BLOCKED over a guessed PASS"). prod_iu_adapter.execute_cut()
  therefore raises LegBUnavailable; the production CUT is REFUSED.
status: guarded_production_adapter = LEG_A_COMPLETE_AND_TESTED ·
  LEG_B_BLOCKED_GAP_B1. Unblock = UB-1 / UB-2 (doc 4 §4).

doc 3 of 6. No production mutation. Self-advance PROHIBITED.