Incomex AI Portal
KB-7CFD

dot-iu-cutter v0.5 — Production Bridge · Production CUT Command-Review Package & Sovereign Approval Request (doc 5)

6 min read Revision 1
dot-iu-cutterv0.5production-bridge-to-cut-approval-readinessproduction-cut-command-reviewgap-c5sovereign-approval-requestcommand-withhelddieu442026-05-19

dot-iu-cutter v0.5 — Production Bridge · Production CUT Command-Review Package & Sovereign Approval Request

doc 5 of 7 · 2026-05-19 · command-review contract. The runnable production CUT command is WITHHELD (it cannot be honestly written before the U-W4d adapter exists). No execution. No mutation.

1. Pinned identity (the CUT operates ONLY on this)

manifest file sha256 : 7d56f3ce…           (84157 bytes)
manifest digest      : 9d908a62…
candidate_count      : 60  (NT 15 · KT 3 · DIEU 42 ; Điều 44 EXCLUDED)
source_document_version_id : icxconst-008a06…
snapshot region sha256     : 17660443…
writer_digest (ratified)   : d99a31d4a4be907c510ae15965e9f7bb3387e9e28676e9f32adf463828b1aa28
repo: feature/constitution-snapshot-mark-dryrun · HEAD f0120ac · tree clean
cutwrite.py sha256: 31ce88dca8f68abd1bff484d665235f396272b0b4f64448812de8a93a1f901d3

2. CUT contract (what the future gated entrypoint MUST satisfy)

principal: cutter_exec (DOT-991 lane) via approved .env secret (never logged).
entrypoint: a NEW thin prod composer = cutwrite.build_rows() (pure, ratified)
  + cutter_agent.prod_iu_adapter (doc 4, gate U-W4d). cutwrite.py UNCHANGED.
flags (all mandatory, fail-closed): --production --fail-closed --exclude-dieu-44
  --manifest <path> --expect-manifest-file-sha 7d56f3ce…
  --expect-manifest-digest 9d908a62… --expect-candidate-count 60
  --snapshot-artifact <path> --expect-region-sha 17660443…
  --source-version-id icxconst-008a06… --expect-writer-digest d99a31d4…
  --i-have-sovereign-production-write-approval <kb-doc-id>
prechecks: doc 6 PC-0..PC-8 ALL pass (incl. live L1/L2 md5 re-verify
  f38c94d0… / 078ba005…, 19/16 cols, 4 constraints, vocab, ICX-CONST==0,
  fresh verified backup ≤60 min, current_user==cutter_exec).
mutation (exact): ONE atomic txn in the directus DB =
  +60 public.information_unit  +60 public.unit_version
  +60 anchor UPDATE (version_anchor_ref, content_anchor_ref only)
  +1 manifest_envelope +60 manifest_unit_block
  +1 decision_backlog_entry +1 decision_backlog_history transition
  +1 cut_change_set (content_hash=9d908a62…) +60 cut_change_set_affected_row
  +1 dot_pair_signature (DOT-991 executor; cross-ref change_set_id only).
  NO UPDATE of any other column; NO DELETE/TRUNCATE; NO DDL; NO alias write;
  NO source/source_version write; NO Directus app / vector / NoSQL.
idempotency: G-CUT-ONCE — pre-existing ICX-CONST or existing cut_change_set for
  9d908a62… ⇒ NO-OP exit 0, never re-insert.
rollback: in-txn fault ⇒ atomic ABORT, zero rows. Post-commit fault ⇒
  forward-compensation by cutter_verify/DOT-992 ONLY (doc 6 §4); NEVER physical
  DELETE. Source/snapshot immutable & pinned.
VERIFY: separate, by cutter_verify/DOT-992 (SoD) — VW-1..VW-10 (doc 6 §3).

3. Runnable command — WITHHELD (why, and what unblocks it)

why_withheld: a runnable `python -m cutter_agent.<prod-composer> --production …`
  cannot be honestly emitted before cutter_agent.prod_iu_adapter exists (gate
  U-W4d). Fabricating an executable command for a non-existent entrypoint is the
  exact failure this project forbids. The CONTRACT (§2) is fully specified; only
  the entrypoint module and the sovereign approval id are missing.
unblock (each its own gate, not self-advanced):
  GD-1  sovereign ruling: apply principal for the doc-2 GRANT (owner directus
        vs workflow_admin); then
  U-W4b sovereign-gated execution of the doc-2 scoped GRANT (+ catalog/behavioral
        verify, rollback-on-any-gate, mirrors v0.4 C_01..C_12 discipline).
  U-W4c sovereign ruling on RD-C3 (Stub-with-lane-invariants vs require real
        DOT-991 crypto before the Constitution CUT).
  U-W4d gated build of cutter_agent.prod_iu_adapter (doc 4) + scratch/ledger-
        mirror integration proof; feature branch only; still no production write.
  U-W5  this CUT command-review re-finalized as RUNNABLE + a SEPARATE explicit
        sovereign production-DB-write approval + live drift re-verify, then
        sovereign-gated execution; VERIFY separately.

4. GAP-C5 — Sovereign production-write approval REQUEST (for GPT/User)

request: issue (or decline) an explicit, written, KB-persisted sovereign
  production-DB-write approval for the Constitution first CUT, scoped to:
  - exactly manifest digest 9d908a62… / 60 candidates / writer_digest d99a31d4…
  - target directus.public.information_unit + unit_version + the
    directus.cutter_governance ledger leg, ONE atomic txn, append-only
  - principal cutter_exec; Điều 44 excluded; G-CUT-ONCE; forward-comp only
  the approval doc id becomes the value of
  --i-have-sovereign-production-write-approval (guard G1).
this approval is INTENTIONALLY NOT self-issuable and is NOT assumed. It is a
  precondition of U-W5, distinct from the GRANT approval (U-W4b).

5. Status

production_cut_command_review: CONTRACT_READY · RUNNABLE_COMMAND_WITHHELD
exact_final_gates: GD-1, U-W4b, U-W4c, U-W4d, U-W5(+C5 approval)
production_mutation: NONE

doc 5 of 7. No production mutation. Self-advance PROHIBITED.

Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/v0.5-production-bridge-to-cut-approval-readiness/dot-iu-cutter-v0.5-production-cut-command-review-package-2026-05-19.md