KB-716D
dot-iu-cutter v0.5 — First Controlled CUT · Final Approval Report (READY conditional on A1; STOP → GPT/User) (doc 7)
9 min read Revision 1
dot-iu-cutterv0.5first-controlled-cut-approval-packagefinal-approval-reportready-conditional-on-a1stop-route-gpt-userub-2sovereign-approvals-requireddieu442026-05-20
dot-iu-cutter v0.5 — First Controlled CUT · Final Approval Report
doc 7 of 7 · 2026-05-20 · STOP → route GPT/User
result : A — READY_FOR_GPT_PRODUCTION_GRANT_AND_CUT_APPROVAL (conditional on a tiny sovereign-gated pick: GAP-A1 = pick R1 or R2) kb_read : confirmed (3 GPT rulings + 6 final-bridge + 5 cutwrite + 6 W-4 docs) kb_upload: confirmed (this doc + 6 preceding docs of this package) production_mutation : NONE self_advance : PROHIBITED
1. Outcome — package complete; the sovereign decisions remaining are exactly four
result : A — READY_FOR_GPT_PRODUCTION_GRANT_AND_CUT_APPROVAL
rationale :
The package is complete enough for GPT/User to issue the four discrete
sovereign approvals listed in §3. The smallest remaining open item is
GAP-A1 (which RUNNABLE shape for the leg-A-only CUT — R1 or R2), and that
is itself a sovereign pick included in the §3 approval ruling, not a
precondition for opening the approval cycle.
why this is honest :
- leg-A guarded adapter is BUILT, TESTED, COMMITTED (152e7db ; 78 green)
- the writer_digest, manifest pins, candidate count, and exclusions are
bit-exact and unit-asserted against the ratified factory.
- live PG re-verified ZERO drift this phase vs the W-4 / Final-Bridge pins.
- the GRANT delta is minimal, scoped, append-only, SoD-safe, with byte-
inverse REVOKE and a complete verification harness.
- the CUT command package specifies the exact mutation set, transaction
model, STOP conditions, fail-closed guards, and runnable options for
UB-2 leg-A-only execution.
- the verification plan (VW-1..VW-12) covers row counts, exclusions,
address uniqueness, provenance binding, body/hash agreement, coverage,
birth-gate consistency, idempotency, reconstruction, no-side-effect on
pre-existing rows, leg-B untouched invariant, and post-CUT drift recheck.
- the rollback/compensation plan separates R-1/R-2 (atomic abort) from R-3
(forward-compensation only ; NEVER hard delete) and constrains backup
restore to a sovereign declaration of catastrophic breach.
- the post-CUT leg-B governed-recording obligation is explicit, with a
full row-set inventory (126 rows), package shape requirement, audit-debt
budget (≤24 h), and 9 cross-binding invariants (INV-A..INV-I).
2. Definition-of-done coverage (per the macro prompt)
1 scoped GRANT execution package for least-privilege : DONE (doc 2)
2 production CUT command package for leg-A : DONE (doc 3 ; R1|R2)
3 preflight / drift / backup plan : DONE (doc 1 §3/§4/§6 +
doc 3 §2/§5/§6 +
doc 5)
4 verification plan after CUT : DONE (doc 4)
5 rollback / compensation plan : DONE (doc 5)
6 post-CUT governed recording obligation for leg-B : DONE (doc 6)
7 final approval report (this doc) : DONE (doc 7)
⇒ 7/7 done ; package complete ; result A.
3. Required sovereign approvals (the FOUR remaining gates)
A-1 GAP-A1 runnable-shape pick (smallest)
pick exactly one of :
R1 — micro-author `cutprod --mode production-leg-a-only` + add
ProdIuBirthAdapter.execute_leg_a_only ; new tests ; commit on
feature branch ; review-and-commit-gate ruling.
R2 — review the sovereign-operator wrapper (kept OUT of the repo, in
/opt/incomex/dot/specs/) ; record its sha256 ; sovereign-gated
command-review package for the wrapper.
decision authority : GPT/User
nothing executes until this is picked.
A-2 GD-1 GRANT apply principal ruling
pick exactly one of :
directus (PREFERRED — owns public.* ; least surprise ; matches v0.4)
superuser (more powerful than required)
decision authority : GPT/User
log the picked principal's KB id in the U-W4b execution log.
A-3 GRANT execution approval (U-W4b)
approve issuing doc 2 §2 GRANT delta via the A-2 principal ;
operator then runs doc 2 §6.1 structural verification immediately ;
optional doc 2 §6.2 behavioral probe on a scratch schema.
decision authority : GPT/User
blocks until A-2 closed.
A-4 sovereign production-write approval (C5) for the leg-A CUT (U-W5)
issue (or decline) a KB-persisted approval doc scoped to :
manifest_digest = 9d908a62…
candidate_count = 60
writer_digest = d99a31d4…
target = directus.public.information_unit + unit_version
principal = cutter_exec
txn = single atomic
append_only = true ; G-CUT-ONCE = true
exclusions = Điều 44, draft, obsolete
forward_comp_only = true (R-3 doctrine)
its KB id is supplied to the runner via
--i-have-sovereign-production-write-approval <kb-doc-id>
decision authority : GPT/User
blocks until A-1 and A-3 are closed.
VERIFY execution approval (LATER)
after the CUT commits successfully, sovereign issues a SEPARATE approval
for cutter_verify to run doc 4 VW-1..VW-12 ; this is the SoD partner.
decision authority : GPT/User
POST-CUT governed recording approval / package (LATER)
after the leg-A CUT, sovereign approves and the operator runs the
SEPARATE 6–7 doc package described in doc 6 §3 to record the 126
cutter_governance leg-B rows, closing the audit-debt window
(recommended ≤24 h ; INV-A..INV-I cross-bindings must hold).
decision authority : GPT/User
4. Explicit no-mutation statement for THIS phase
production_mutation_this_phase :
- NO production DB write
- NO information_unit / unit_version / dot_config / cutter_governance.* row touched
- NO GRANT / REVOKE issued
- NO VERIFY run
- NO source_document / source_document_version write
- NO deploy / restart / docker rebuild
- NO main branch merge / push / tag
- NO secret rotation / secret echo / DSN handling
- NO new code committed this phase (this is a documentation-only package;
the leg-A adapter / cutprod / tests were committed in the prior phase as
f0120ac → 152e7db, byte-unchanged here)
read-only actions this phase :
- KB reads (3 GPT rulings + 6 Final-Bridge + 5 cutwrite + 6 W-4 docs)
- KB uploads (this doc + 6 preceding docs of this package)
- local repo reads ; local test re-runs (78/78 PASS, NO DB connect)
- PostgreSQL read-only catalog / ACL / constraint / function probes via
the read-only context_pack_readonly role (5 SELECT queries total)
5. Self-advance is PROHIBITED ; route → GPT/User
disposition : STOP → GPT/User
the Agent will NOT :
- pick A-1 / A-2 / A-3 / A-4 itself
- author the leg-B row-builder
- execute the leg-A CUT
- run VERIFY
- merge / push / tag the feature branch
once GPT/User rules :
- if R1 picked : open a separate sovereign-gated authoring micro-cycle for
--mode production-leg-a-only + execute_leg_a_only +
unit tests ; commit on feature branch ; route back.
- if R2 picked : open a separate sovereign-gated command-review for the
operator wrapper ; record sha256 ; route back.
- after A-2 + A-3 close : operator runs the GRANT and the structural verify.
- after A-1 + A-3 + A-4 close : operator runs the leg-A CUT (R1 or R2 form).
- then SoD-partner runs VERIFY ; then the leg-B governed-recording package.
6. Final status
status : READY_FOR_GPT_PRODUCTION_GRANT_AND_CUT_APPROVAL
exact remaining sovereign gates: A-1 (GAP-A1 runnable pick) ·
A-2 (GD-1 principal ruling) ·
A-3 (U-W4b GRANT execution) ·
A-4 (C5 sovereign production-write approval for CUT) ·
LATER (VERIFY execution approval) ·
LATER (post-CUT leg-B governed-recording package + approval)
production_mutation : NONE
self_advance : PROHIBITED
next_action : route → GPT/User
doc 7 of 7. No production mutation. Self-advance PROHIBITED.