KB-7568
O8F implement F2/F3/GAP6 deploy+proof — 10-final-blocker-matrix
5 min read Revision 1
dieu44iu-cutterv0.6o8fblocker-matrixf1f4gap7gap8
O8F Report 10 — Final blocker matrix (G9)
- macro:
v0.6-o8f-implement-f2-f3-gap6-deploy-proof - date_utc: 2026-05-21 · gate: G9 — blocker matrix · result: G9 PASS
Status legend: CLOSED / PARTIAL / OPEN.
F1 — full ProductionLiveExecutionAdapter method bodies
status: PARTIAL (advanced by O8F)
o8f_did: the F3 generic governance_writer / verify_writer collaborators
now EXIST (make_governance_writer / make_verify_writer) — the
residue O8E flagged as "the F3 writers" is closed. The leg-B
governance INSERT path is real-DB rollback-only-proven.
residue: the adapter method bodies (cut_leg_a / leg_b_record / write_verify
/ lifecycle_enact) executing end-to-end AS A LIVE COMMIT — still
gated by the kill-switch; needs the GAP7 sovereign flip.
next: at the first sovereign-gated run, wire connection_provider =
Psycopg2ConnectionShim(psycopg2.connect(**cutter_<role>_kwargs))
+ governance_writer=make_governance_writer() +
verify_writer=make_verify_writer(); exercise rollback-only first.
F2 — cutplan body/title live-text sourcing
status: CLOSED (O8F)
o8f_did: LiveReadOnlyDiscoverer.source_unit_texts() + LiveDryRunDiscoverer
wiring; 12 tests; real-DB read-only proof = 60 genuine units.
next: none — F2 closed. (Live titles are empty in the ICX-CONST data;
that is a data fact, not a residue.)
F3 — generalised LegB/Verify recorders
status: CLOSED (O8F)
o8f_did: new governance_writers.py — GenericLegBRecorder /
GenericVerifyRecorder, no hard N=60; 27 tests; real-DB
rollback-only proof (all 8 tables accepted). v0.5 recorders left
byte-identical — M1 writer_digest d99a31d4… preserved.
next: none for the generic path. A live committed governance write
happens only at the GAP7-gated first run.
GAP6 — per-cut revert / compensation
status: CLOSED (O8F)
o8f_did: new compensation.py — non-mutating planner + Compensation A
(soft-revert SQL text, no hard-delete default) + Compensation B
(append-only review_decision builder) + snapshot + HOLD; 20 tests;
VPS non-mutating validation.
next: executing a real compensation is a separately sovereign-gated
action — invoked only if a real run fails.
F4 — backup GPG key (BACKUP_GPG_FPR)
status: OPEN (unchanged — VPS provisioning, out of O8F source scope)
next: provision a dedicated backup GPG keypair on the VPS; publish
BACKUP_GPG_FPR in /opt/incomex/docker/.env; inject a backup_runner;
rollback-only-prove pre_write_backup. (O8E Report 03 package.)
GAP7 — sovereign SG_1 / SG_2 approval
status: OPEN (intentionally — O8F must not flip the kill-switch)
next: sovereign ruling on the O8E Report 07 approval package — the
single-run-scoped kill-switch flip. This gate also unblocks the F1
method-body live-commit residue.
GAP8 — safe target document
status: OPEN (unchanged)
next: select / intake a low-stakes target document + its cutplan per the
O8E Report 06 criteria; Mode.DRYRUN it; pair with GAP7.
NEW — cutter_exec / cutter_verify governance grant audit
status: OPEN (surfaced by the O8F rollback-only proof)
finding: cutter_exec can INSERT into all 8 leg-B governance tables but
lacks SELECT on verify_result + cut_change_set_affected_row.
next: before the first run, audit + (if needed) provision: cutter_exec
SELECT on the leg-B governance tables it must re-read; cutter_verify
SELECT+INSERT on verify_result + dot_pair_signature.
blocks_first_run: the verify-writer live path needs the cutter_verify grant.
Roll-up
| Item | Pre-O8F | Post-O8F | Blocks first run? |
|---|---|---|---|
| F1 method bodies | PARTIAL | PARTIAL (F3 writers now exist) | yes — GAP7 flip |
| F2 live-text | OPEN | CLOSED | no |
| F3 generic recorders | OPEN | CLOSED | no |
| GAP6 compensation | RUNBOOK | CLOSED (planner + helpers) | no |
| F4 backup key | OPEN | OPEN | yes |
| GAP7 approval | OPEN | OPEN | yes — authorising gate |
| GAP8 target | OPEN | OPEN | yes |
| governance grant audit | — | OPEN (new) | yes — verify path |
g9: PASS — F2/F3/GAP6 CLOSED; F1 advanced to a sharper PARTIAL;
F4/GAP7/GAP8 + the new grant audit each carry an exact next action.