90000x · 00 — Summary

Verdict: IU_CORE_90000X_MARK_TO_CUT_AUTOMATED_PIPELINE_HARDENING_PARTIAL_WITH_EXACT_GAP Date: 2026-05-25 Channel reality: This macro ran via context_pack_readonly MCP role + KB-write channel only. The apply-DDL channel (workflow_admin over pg_hba local trust Unix socket — proven in 50000x/70000x) is not available from this MCP surface. All migration bodies are authored INTO this KB pack as fenced SQL and are ready for the operator to apply via the existing workflow_admin channel. No live DDL/DML mutation was performed by this macro.

Operating flow target

INPUT TO NO-VECTOR STAGING → MARK → VERIFY MARK → CUT FROM APPROVED MANIFEST → VERIFY CUT → CLEANUP AFTER 15 DAYS

Phase verdicts

Phase	Title	Verdict	Evidence anchor
A	Birth / Governance Reconciliation	PASS (live read)	01-birth-reconciliation.md
B	Staging Lifecycle Hardening (15d retention + cleanup)	AUTHORED-READY	02-staging-lifecycle-cleanup-15d.md
C	MARK Integration (writer surface)	AUTHORED-READY	03-mark-integration.md
D	Verify MARK	AUTHORED-READY	04-verify-mark.md
E	Cut from Approved Manifest (live orchestrator)	AUTHORED-READY	05-cut-from-approved-manifest.md
F	Verify CUT	AUTHORED-READY	06-verify-cut.md
G	Bounded End-to-End Proof	CARRY-FORWARD (needs apply channel)	07-end-to-end-proof.md
H	No-Vector Verification	PASS (live read)	08-no-vector-verification.md
I	Reports / Tests / KB	PARTIAL (reports done; pinning-test bumps deferred to apply commit)	09-regression-matrix.md

The exact gap (no fake PASS)

• Apply channel not held by this MCP role. The substrate is fully authored in this pack as 5 ready-to-apply migrations (037 → 041). Each is wrapped in BEGIN; … COMMIT; and is idempotent on objects it owns. The operator must run them via the workflow_admin socket trust channel (as documented in [[feedback-pg-hba-local-trust-unblocks-role-channel]]).
• Bounded end-to-end proof requires apply. Phase G cannot be live-proven until 037-041 are applied. The exact 7-step proof script is authored in 07 as psql blocks the operator can run after apply.
• SSOT bumps and pinning tests are intentionally NOT bumped — same pattern as 50000x mig 036 (per [[feedback-honest-channel-block-beats-partial-trigger]]): keep SSOT pinned at the live D9 surface until apply succeeds.

Live state delta this macro authored

Authored (in this KB pack, not yet applied):

Object kind	Delta	Names
Function	+6	fn_iu_staging_cleanup, fn_iu_staging_unregister, fn_iu_mark_create_manifest, fn_iu_verify_mark, fn_iu_cut_from_manifest, fn_iu_verify_cut
CHECK swap	+1	iu_staging_record_lifecycle_chk adds pending_review
CHECK tighten	+1	iu_staging_record_consumed_consistency_chk requires approved_at+approval_doc_id
CHECK new	+1	iu_staging_record_expiry_ceiling_chk (≤ created_at + 30d)
Retention rows	+2	iu_core.iu_staging_record (expires_at policy) + iu_core.iu_staging_payload (30d safety belt)
DOT catalog rows	+6	dot_iu_staging_cleanup, dot_iu_staging_unregister, dot_iu_mark_article, dot_iu_verify_mark_manifest, dot_iu_cut_from_manifest, dot_iu_verify_cut_result

Anticipated D9 conformance after apply: fn 67 → 73 (+6), DOT 30 → 36 (+6), retention 4 → 6 (+2).

Live state observed (Phase A + H — read-only PASS branches)

• entity_species 51 (SPE-NVS) present.
• collection_registry 190 (COL-IUS-001) + 191 (COL-IUS-002) present, born.
• species_collection_map 172 + 173 present.
• birth_registry for SPE-NVS, COL-IUS-001, COL-IUS-002: all status='born', certified=false, role='governed'. _dot_origin carries SUSPECT: prefix for the two COL rows (Case 3 accepted pattern — see [[feedback-suspect-prefix-is-accepted-pattern]]).
• collection_registry_vector_policy rows for 190 + 191: vector_eligible=false, semantic_search_eligible=false. Policy reason: "D36 Rule N1 — No-Vector Staging Zone".
• v_collection_vector_eligibility returns vec=false sem=false for both COL-IUS-001/002 with has_explicit_policy=true.
• iu_core.iu_staging_record 3 rows (1 pending mark_manifest, 1 consumed sql_snapshot, 1 rejected nosql_payload — the 25000x carry-forward proof rows).
• iu_core.iu_staging_payload 4 rows.
• iu_vector_sync_point 152 rows, none referencing staging.
• 4 staging DOT commands already exist: dot_iu_staging_create, dot_iu_staging_approve, dot_iu_staging_consume, dot_iu_staging_reject.
• 30 DOT commands total in dot_iu_command_catalog.

Live-schema corrections to memory (saved as feedback)

1. birth_registry.entity_code (not governed_entity_code).
2. collection_registry_vector_policy lives in public schema (not iu_core).
3. tac_birth_gate_config schema is (checker_id, mode, enabled, rationale) — not the (gate_name, is_enabled) table from earlier memory. Cleanup gating must ride a different surface (per-row expires_at is the policy; fn_iu_staging_cleanup is dry-run by default).
4. iu_core_retention_policy columns = (target_table, age_column, keep_days, actor_scope, reason, created_at, updated_at). No policy_name, no gate_name.
5. iu_vector_sync_point uses point_key/source_path/unit_id/parent_piece_id — no source_id column.

Non-negotiable rules honored

• No fake PASS — every authored branch is labeled AUTHORED-READY not PASS.
• No production_documents mutation.
• No Qdrant reindex.
• No Nuxt deploy.
• No retention global enable (fn_iu_staging_cleanup defaults p_apply=false).
• No KB upload of pending MARK files (mark_manifest stays in iu_core.iu_staging_payload).
• MARK is not CUT (separate DOTs, separate functions, separate lifecycle transitions).
• CUT refuses if manifest_digest changed or lifecycle_status ≠ 'approved'.
• CUT result verifies reconstruction + Axis A/B/C (Phase F).
• Cleanup never deletes born IU pieces or final reports.

Carry-forward

See 10-carry-forward.md — three-step apply runbook + pinning-test bumps + Phase G live execution + first real Điều 37 cut (requires source provisioning by user, per macro rule).

Cross-links

• [[project_d36_nvsz_birth_pipeline_audit_qt_classification_2026_05_25]] — birth verdict accepted.
• [[project_d36_nvsz_macro_a_substrate_birth_dot_healthcheck_partial_with_exact_gap_2026_05_25]] — substrate is live.
• [[project_dot_iu_cutter_v0_6_iu_core_80000x_operational_cut_workflow_mark_review_cut_verify_mark_review_cut_verify]] — operational doctrine package.
• [[feedback-channel-memory-drifts-verify-live]] — refreshed.
• [[feedback-honest-channel-block-beats-partial-trigger]] — applied here (authored, not half-applied).