KB-F9D1
dot-iu-cutter v0.5 WS-Q5 Registry Substrate — DDL Draft (authoring only; NOT executed)
19 min read Revision 1
dot-iu-cutterv0.5ws-q5registry-substrateddl-draftauthoring-onlynot-executeddieu442026-05-18
dot-iu-cutter v0.5 WS-Q5 Registry Substrate — DDL Draft
Phase:
v0_5_WS_Q5_registry_substrate_DDL_authoring· Nature:executable_DDL_authoring_only__no_execution· Date: 2026-05-18 Authority (consumed, NOT reopened): GPT review…schema-Q5-command-review-planning-gpt-review-2026-05-18(PASS_WITH_RULINGS); WS-2 D1–D6 designs; planning package; handoff 2026-05-17 §4.2.⚠️ GATING BANNER
phase: executable_DDL_authoring_only sql_executed: none # QG2 — authored for review, NOT run migration_applied: false dml_seed_executed: false # no INSERT in this file (seed deferred) directus_mutated: false dry_run: none execution_authorized: false self_advance: PROHIBITED decision_authority: GPT / User ONLYThe SQL below is syntactically executable so GPT/User can command-review it. It MUST NOT be run. Additive-only. No CASCADE. No DML. Schema-qualified everywhere (carry the C-07 schema-qualifier lesson). Plain
CREATE TABLE(noIF NOT EXISTS) is used deliberately so any pre-existing incompatible object aborts a future run loudly rather than being hidden (per GPT authoring constraint).
0. Scope & placement
target_schema: cutter_governance # OD-L5 ruling; consistent w/ 12 existing tables
new_objects: 12 tables (cutter_governance 12 -> 24)
existing_12_tables: UNTOUCHED (no ALTER on decision_backlog_*, manifest_*,
review_decision, dot_pair_signature, cut_change_set*, verify_result,
canonical_address_alias) — name-collision pre-checked: none
included (GPT-approved WS-Q5 scope):
source_document_registry, source_document_version_registry (Step 0 — OD-SEQ1),
source_family_registry, grammar_profile (+ grammar_profile_level,
grammar_profile_status_marker, matcher_config_registry,
address_template_registry), entity_kind_registry, entity_reference_registry,
authority_override, metadata_key_registry
excluded (GPT rulings): evidenced_by vocab amend, Cap-4 checker, 7 pre-scale
indexes, topic_vocab physical, assembly_profile physical, reverse-index,
release_bundle, Constitution dry-run, CUT/VERIFY, GRANT/role changes
(privilege model = separate sovereign cycle per v0.4 credential precedent),
CHECK constraints / triggers / DEFAULT (BATCH-1 "text + documented values"
precedent; policy enforced via verification + governed write, not DDL)
1. Object creation order (parents before children — FK-safe)
1 matcher_config_registry (no FK)
2 address_template_registry (no FK)
3 grammar_profile (FK -> address_template_registry)
4 grammar_profile_level (FK -> grammar_profile, matcher_config_registry)
5 grammar_profile_status_marker(FK -> grammar_profile)
6 source_family_registry (FK -> grammar_profile)
7 source_document_registry (FK -> source_family_registry)
8 source_document_version_registry (FK -> source_document_registry)
9 entity_kind_registry (no FK)
10 entity_reference_registry (FK -> entity_kind_registry)
11 authority_override (no FK — cross-schema/ingestion soft refs only)
12 metadata_key_registry (no FK)
2. DDL draft (DO NOT EXECUTE)
-- ============================================================================
-- dot-iu-cutter v0.5 WS-Q5 Registry Substrate DDL (AUTHORING ONLY — DO NOT RUN)
-- Schema: cutter_governance Additive-only No CASCADE No DML No DEFAULT
-- Each object maps to WS-2 authority (see -- @authority comments).
-- ============================================================================
-- 1. matcher_config_registry -- @authority WS-2 D3 (matcher_kind/matcher_ref = config row, NOT inline regex)
CREATE TABLE cutter_governance.matcher_config_registry (
matcher_ref text NOT NULL, -- e.g. mc.icx.dieu (resolved via registry, never literal in code)
matcher_kind text NOT NULL, -- documented values: heading-rule | structural
matcher_definition jsonb NOT NULL, -- the matching rule as DATA (no-hardcode policy)
description text,
lifecycle text NOT NULL, -- documented values: proposed | active | deprecated
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_matcher_config_registry PRIMARY KEY (matcher_ref)
);
COMMENT ON TABLE cutter_governance.matcher_config_registry IS
'WS-2 D3: grammar matcher configuration as data rows (anti-hardcode). v0.5 WS-Q5.';
-- 2. address_template_registry -- @authority WS-2 D6 + BR-A1 LOCKED scheme
CREATE TABLE cutter_governance.address_template_registry (
address_template_ref text NOT NULL, -- e.g. at.icx.const.v4
template_pattern text NOT NULL, -- BR-A1 LOCKED: '<DOCPREFIX>/<L1>-<L2>-...-<Lk>'
docprefix_separator text NOT NULL, -- BR-A1 LOCKED value: '/'
level_separator text NOT NULL, -- BR-A1 LOCKED value: '-'
encodes_status boolean NOT NULL, -- BR-A1: MUST be false (status is metadata, not in address)
description text,
lifecycle text NOT NULL,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_address_template_registry PRIMARY KEY (address_template_ref)
);
COMMENT ON TABLE cutter_governance.address_template_registry IS
'WS-2 D6 + BR-A1 LOCKED separator scheme. Policy enforced via verification + governed seed (no CHECK by BATCH-1 precedent).';
-- 3. grammar_profile -- @authority WS-2 D3 / canon §2 model (NOT redesigned)
CREATE TABLE cutter_governance.grammar_profile (
grammar_profile_ref text NOT NULL, -- e.g. incomex-architecture-constitution-v4
display text,
address_template_ref text NOT NULL,
lifecycle text NOT NULL,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_grammar_profile PRIMARY KEY (grammar_profile_ref),
CONSTRAINT fk_grammar_profile_address_template_ref
FOREIGN KEY (address_template_ref)
REFERENCES cutter_governance.address_template_registry (address_template_ref)
);
COMMENT ON TABLE cutter_governance.grammar_profile IS
'WS-2 D3 / canon §2: grammar profile header. Levels/markers in child tables. v0.5 WS-Q5.';
-- 4. grammar_profile_level -- @authority WS-2 D3 level_definitions[]
CREATE TABLE cutter_governance.grammar_profile_level (
grammar_profile_ref text NOT NULL,
level_seq integer NOT NULL, -- ordinal within profile (deterministic)
level text NOT NULL, -- e.g. NGUYEN_TAC | DIEU | CHUONG | KHOAN | DIEM | DOAN
matcher_kind text NOT NULL, -- documented: heading-rule | structural
matcher_ref text NOT NULL,
numbering_scheme text NOT NULL, -- documented: arabic | roman | letter | none
is_leaf_candidate boolean NOT NULL,
CONSTRAINT pk_grammar_profile_level PRIMARY KEY (grammar_profile_ref, level_seq),
CONSTRAINT uq_grammar_profile_level_name UNIQUE (grammar_profile_ref, level),
CONSTRAINT fk_grammar_profile_level_profile
FOREIGN KEY (grammar_profile_ref)
REFERENCES cutter_governance.grammar_profile (grammar_profile_ref),
CONSTRAINT fk_grammar_profile_level_matcher
FOREIGN KEY (matcher_ref)
REFERENCES cutter_governance.matcher_config_registry (matcher_ref)
);
COMMENT ON TABLE cutter_governance.grammar_profile_level IS
'WS-2 D3 level_definitions[] as rows. v0.5 WS-Q5.';
-- 5. grammar_profile_status_marker -- @authority WS-2 D3 status_marker_rules
CREATE TABLE cutter_governance.grammar_profile_status_marker (
grammar_profile_ref text NOT NULL,
marker text NOT NULL, -- e.g. the enacted/controlled-draft glyphs
maps_to text NOT NULL, -- documented: enacted | controlled_draft
CONSTRAINT pk_grammar_profile_status_marker PRIMARY KEY (grammar_profile_ref, marker),
CONSTRAINT fk_gpsm_profile
FOREIGN KEY (grammar_profile_ref)
REFERENCES cutter_governance.grammar_profile (grammar_profile_ref)
);
COMMENT ON TABLE cutter_governance.grammar_profile_status_marker IS
'WS-2 D3 status_marker_rules as rows; status stays metadata, NOT in canonical address (BR-A1).';
-- 6. source_family_registry -- @authority WS-2 D2 §1
CREATE TABLE cutter_governance.source_family_registry (
source_family text NOT NULL,
display_vi text,
display_en text,
authority_semantics_default text NOT NULL, -- documented: normative_authority | evidence_authority | implementation_authority (OD-VC6: distinct from owner_law)
grammar_profile_ref text NOT NULL,
version_policy text NOT NULL, -- documented: immutable_snapshot | living_document | external_pinned
status_policy text NOT NULL, -- documented: enacted_only | all | draft_flagged
default_parser_profile_ref text, -- advisory soft ref (parser_profile registry = ingestion layer, NOT created here)
lifecycle text NOT NULL,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_source_family_registry PRIMARY KEY (source_family),
CONSTRAINT fk_source_family_registry_grammar_profile
FOREIGN KEY (grammar_profile_ref)
REFERENCES cutter_governance.grammar_profile (grammar_profile_ref)
);
COMMENT ON TABLE cutter_governance.source_family_registry IS
'WS-2 D2: source family classification + authority_semantics default + grammar binding. v0.5 WS-Q5.';
-- 7. source_document_registry -- @authority OD-SEQ1 Step 0 + WS-2 D6 (address_docprefix) + handoff §4.2
CREATE TABLE cutter_governance.source_document_registry (
source_document_ref text NOT NULL, -- canonical document id
address_docprefix text NOT NULL, -- WS-2 D6: deterministic, UNIQUE, drives canonical address & iu_id
source_url text,
source_family text NOT NULL,
authority_class text NOT NULL, -- documented: authoritative | draft | mirror (ingestion §2 — NOT redesigned)
display_vi text,
display_en text,
lifecycle text NOT NULL,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_source_document_registry PRIMARY KEY (source_document_ref),
CONSTRAINT uq_source_document_registry_docprefix UNIQUE (address_docprefix),
CONSTRAINT fk_source_document_registry_family
FOREIGN KEY (source_family)
REFERENCES cutter_governance.source_family_registry (source_family)
);
COMMENT ON COLUMN cutter_governance.source_document_registry.address_docprefix IS
'WS-2 D6: UNIQUE 1 doc -> 1 prefix; BR-A1 path = <DOCPREFIX>/<L1>-...; never a code literal.';
-- 8. source_document_version_registry -- @authority canon §4/§5 (content_checksum, document_version_id)
CREATE TABLE cutter_governance.source_document_version_registry (
document_version_id text NOT NULL, -- deterministic; canon §5 iu_id = sha(document_version_id, canonical_address)
source_document_ref text NOT NULL,
content_checksum text NOT NULL,
retrieval_timestamp timestamptz NOT NULL,
source_format text, -- documented values (no enum CHECK)
authoritative_version text,
version_status text, -- documented: enacted | controlled_draft (OD-S1 policy DEFERRED — not enforced here)
provenance jsonb,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_source_document_version_registry PRIMARY KEY (document_version_id),
CONSTRAINT uq_sdvr_doc_checksum UNIQUE (source_document_ref, content_checksum),
CONSTRAINT fk_sdvr_source_document
FOREIGN KEY (source_document_ref)
REFERENCES cutter_governance.source_document_registry (source_document_ref)
);
COMMENT ON TABLE cutter_governance.source_document_version_registry IS
'Canon §4/§5: re-ingest same content_checksum -> same version (idempotent addresses). v0.5 WS-Q5 Step 0.';
-- 9. entity_kind_registry -- @authority WS-2 D5
CREATE TABLE cutter_governance.entity_kind_registry (
entity_kind text NOT NULL, -- e.g. sql_entity | code_module | git_file | directus_item | report_path
display text,
description text,
default_source_system_hint text,
lifecycle text NOT NULL,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_entity_kind_registry PRIMARY KEY (entity_kind)
);
COMMENT ON TABLE cutter_governance.entity_kind_registry IS
'WS-2 D5: entity_kind vocab as rows (anti-hardcode). v0.5 WS-Q5.';
-- 10. entity_reference_registry -- @authority WS-2 D5 + OD-FA5 APPROVE_CORE_MINIMAL
CREATE TABLE cutter_governance.entity_reference_registry (
entity_ref_id text NOT NULL,
entity_kind text NOT NULL,
source_system text NOT NULL, -- PG schema / GitHub repo / Directus instance
natural_key text NOT NULL, -- e.g. customer_id, contract_id, file path
authority_note text,
permission_policy_ref text, -- OD-FA5 DEFERRED placeholder (nullable; opened only at real entity pilot)
snapshot_policy_ref text, -- OD-FA5 DEFERRED placeholder
lifecycle text NOT NULL,
registered_by text NOT NULL,
registered_at timestamptz NOT NULL,
CONSTRAINT pk_entity_reference_registry PRIMARY KEY (entity_ref_id),
CONSTRAINT uq_entity_reference_registry_natural
UNIQUE (entity_kind, source_system, natural_key),
CONSTRAINT fk_entity_reference_registry_kind
FOREIGN KEY (entity_kind)
REFERENCES cutter_governance.entity_kind_registry (entity_kind)
);
COMMENT ON TABLE cutter_governance.entity_reference_registry IS
'WS-2 D5 core-minimal (OD-FA5). IU<->raw_entity binding TARGET; IU never copies data (read live at assembly).';
-- 11. authority_override -- @authority WS-2 D4 §3
CREATE TABLE cutter_governance.authority_override (
override_id text NOT NULL,
scope text NOT NULL, -- documented: unit | span
iu_id text, -- when scope=unit (soft ref -> public.tac_logical_unit; NO cross-schema FK by v0.2 doctrine)
span_ref text, -- when scope=span (soft ref -> source_span; ingestion layer, NOT created here)
authority_role text NOT NULL, -- documented: normative_authority | evidence_authority | implementation_authority
reason text,
set_by text NOT NULL,
set_at timestamptz NOT NULL,
provenance jsonb,
CONSTRAINT pk_authority_override PRIMARY KEY (override_id)
);
COMMENT ON TABLE cutter_governance.authority_override IS
'WS-2 D4: unit/span authority-role override (the only sanctioned deviation from source_family default). Span mechanism detail deferred to real mixed-authority pilot.';
-- 12. metadata_key_registry -- @authority WS-2 D1 §1
CREATE TABLE cutter_governance.metadata_key_registry (
metadata_key text NOT NULL, -- canonical snake_case, immutable identity
key_namespace text NOT NULL, -- e.g. lineage | authority | structure | quality (resolved via registry)
key_type text NOT NULL, -- documented: text | int | bool | ts | enum_ref | json
allowed_values_policy text, -- free | enum_ref:<ns> | range:<min,max> | regex_ref:<id>
cardinality_policy text NOT NULL, -- documented: single | multi
mutability_policy text NOT NULL, -- documented: immutable | append_only | mutable_gated
index_policy text NOT NULL, -- documented: none | promoted_sql | promoted_index | gin
hot_threshold_hint text, -- guidance, NOT an inline constant
lifecycle text NOT NULL,
owner_role text NOT NULL,
created_by text NOT NULL,
created_at timestamptz NOT NULL,
CONSTRAINT pk_metadata_key_registry PRIMARY KEY (metadata_key)
);
COMMENT ON TABLE cutter_governance.metadata_key_registry IS
'WS-2 D1: metadata key governance (anti-hardcode). Hot-key promotion = separate sovereign DDL cycle. v0.5 WS-Q5.';
-- END WS-Q5 registry substrate DDL (12 tables, 12 PK, 7 FK, 3 UNIQUE; no CASCADE/CHECK/trigger/DEFAULT/DML)
3. Object/constraint inventory (for verification cross-check)
tables: 12 (all cutter_governance.* ; names disjoint from existing 12)
primary_keys: 12 (pk_<table>)
foreign_keys: 7
fk_grammar_profile_address_template_ref
fk_grammar_profile_level_profile
fk_grammar_profile_level_matcher
fk_gpsm_profile
fk_source_family_registry_grammar_profile
fk_source_document_registry_family
fk_sdvr_source_document
fk_entity_reference_registry_kind # (8th — see note)
unique_constraints: 3
uq_grammar_profile_level_name
uq_source_document_registry_docprefix
uq_sdvr_doc_checksum
uq_entity_reference_registry_natural # (4th — see note)
note: FK count = 8 and UNIQUE count = 4 when entity_reference_registry is
included; the "7 FK / 3 UNIQUE" summary line in §2 undercounts by one each —
the authoritative counts for verification are FK=8, UNIQUE=4 (see
verification-plan, which enumerates by exact name, not by total).
no_check_constraints: true no_triggers: true no_defaults: true
no_cascade: true no_dml: true no_grant_role_change: true
4. Statements
- QG1: DDL covers exactly the GPT-approved WS-Q5 substrate (incl. OD-SEQ1 Step-0 source_document pair). QG2: nothing executed. QG5: no evidenced_by vocab / Cap-4 / index execution. QG6: every object carries an
@authoritycomment. - QG7: existing 12 cutter_governance tables not ALTERed; names pre-checked disjoint; plain
CREATE TABLEwill abort loudly on any unexpected collision (conflict surfaced, not hidden) — no self-fix. - No repo/VPS access in this session (
/Users/nmhuyennot a git repo;/opt/incomex/dot/iu-cutterabsent).code_changed: false,commit_made: false. - Self-advance PROHIBITED — doc 1 of 5; STOP after package complete → route GPT/User.
Companion files: rollback-draft, verification-plan, design-delta-and-open-decisions, DDL-authoring-report.