KB-1078
D36 NVSZ Macro A — 06 Bounded Proof Rows
4 min read Revision 1
d36proof-rowslifecyclemacro-a2026-05-25
D36 NVSZ Macro A — 06 Bounded Proof Rows
Pattern: in-TX gate-toggle ([[feedback-in-tx-gate-toggle-reversibility]]) — open iu_core.staging_writes_enabled inside the TX, write proof rows, close gate, COMMIT. Plus actor-tagged owner_actor='d36-macroA-proof' for rollback addressability.
File: /tmp/d36_macroA_proofs.sql. Applied via trust socket as workflow_admin.
7 phases run
| Phase | Test | Expected | Observed |
|---|---|---|---|
| A | fn_iu_staging_create mark_manifest (2 parts: JSON manifest + text checklist) |
status=ok |
✓ staging_record_id=79e8df84… byte_len=277 parts=2 |
| A | fn_iu_staging_create sql_snapshot (1 part JSON) |
status=ok |
✓ id=575630df… byte_len=147 parts=1 |
| A | fn_iu_staging_create nosql_payload (1 part blob_ref) |
status=ok |
✓ id=5573013f… byte_len=1024 parts=1 |
| B | Idempotent replay (same source_ref+kind+suffix) | status=idempotent_replay returns original UUID |
✓ returned 79e8df84… |
| C | fn_iu_staging_approve(mark_manifest) |
status=ok lifecycle=approved |
✓ |
| D | fn_iu_staging_consume(approved mark_manifest) |
status=ok lifecycle=consumed |
✓ |
| E | fn_iu_staging_reject(nosql_payload) (still pending) |
status=ok lifecycle=rejected |
✓ |
| F | Approve already-consumed mark_manifest | status=invalid_transition from='consumed' |
✓ |
| G | After-COMMIT: fn_iu_staging_create with gate closed |
status=refused reason=gate_closed:iu_core.staging_writes_enabled |
✓ |
Final state of the 3 durable proof rows
| staging_record_id | staging_kind | lifecycle_status | byte_len | part_count |
|---|---|---|---|---|
| 79e8df84-c76f-461b-8d9d-1f28bf7da0a1 | mark_manifest | consumed | 277 | 2 |
| 575630df-3997-4727-bd4d-1ae5fcadb4ea | sql_snapshot | pending | 147 | 1 |
| 5573013f-b9e5-47bd-9008-976e4560757f | nosql_payload | rejected | 1024 | 1 |
3 records + 4 parts. Lifecycle distribution: consumed:1, pending:1, rejected:1.
Invariant verification
| Invariant | Probe | Result |
|---|---|---|
| All vector_excluded=true | bool_and(vector_excluded) |
true ✓ |
| All byte_len ≤ 10 MiB | bool_and(byte_len <= 10485760) on payloads |
true ✓ |
| Idempotency keys unique | count(*) = count(DISTINCT idempotency_key) |
true ✓ |
| FK CASCADE intact | manually verified via SELECT … FROM iu_staging_payload WHERE NOT EXISTS (…) |
0 orphans ✓ |
Gate state at TX end
| Gate | enabled |
|---|---|
iu_core.staging_writes_enabled |
false (closed after writes) |
iu_core.staging_cleanup_enabled |
false (untouched) |
iu_core.no_vector_staging_excluded |
true (panic ON) |
Post-proof healthcheck
GREEN — same as initial. V1-V8 all pass with 3 staging records present:
- V1 = 0 (all 3 records have vector_excluded=true)
- V7 = 0 (no orphan parts — FK CASCADE invariant holds)
- Other Vs unchanged
Regression after proof rows
| Counter | Before substrate | After substrate | After proofs |
|---|---|---|---|
information_unit |
175 | 175 | 175 |
iu_vector_sync_point |
152 | 152 | 152 |
iu_lifecycle_log |
146 | 146 | 146 |
knowledge_documents |
4272 | 4272 | 4272 |
iu_core.iu_staging_record |
(table absent) | 0 | 3 |
iu_core.iu_staging_payload |
(table absent) | 0 | 4 |
Rollback addressability
All 3 records share owner_actor='d36-macroA-proof'. Single-DELETE rollback:
DELETE FROM iu_core.iu_staging_payload p
USING iu_core.iu_staging_record r
WHERE p.staging_record_id = r.staging_record_id
AND r.owner_actor = 'd36-macroA-proof';
DELETE FROM iu_core.iu_staging_record WHERE owner_actor = 'd36-macroA-proof';
Verified-safe by FK CASCADE — DELETE on record cascades to payload — but explicit two-statement form is preferred for clarity in audit trails.