01 — Authority Bypass Root Cause & Containment
Supertrack A — Authority Bypass Root Cause & Containment
Root cause (proven from live DDL)
The approval lifecycle had a structural quorum bypass on the INSERT path:
- Trigger
trg_apr_auto_approve= BEFORE INSERT onapproval_requests→ functionfn_auto_approve_add(). For any row withaction='add'andstatus='pending', it rewrote the row in place tostatus='approved', stampingreviewed_by='system_auto_approve'. The row was therefore born approved — no pending row was ever written. - Trigger
trg_apr_quorum_check= BEFORE UPDATE OF status with conditionnew.status='approved' AND old.status='pending'→fn_apr_quorum_check(). Because auto-approval happened at INSERT, there was no pending→approved UPDATE transition, so the quorum guard never fired. Quorum was bypassed entirely. - The lifecycle guard (
fn_enforce_apr_lifecycle) and apply guard (fn_apr_block_unimplemented_handler) are also UPDATE-only and do not check quorum, so an already-approved row could be applied without any vote.
Containment applied (narrow, reversible, fail-closed)
fn_auto_approve_add() was replaced (CREATE OR REPLACE) so that action='add' rows are no longer approved at INSERT; they remain pending and carry a stamped note (AUTO-APPROVE DISABLED 2026-06-06 …). The row must now transit pending→approved via UPDATE, where trg_apr_quorum_check enforces quorum. The trigger trg_apr_auto_approve was not dropped (no global trigger disable); only the function body changed.
- Rehearsed first in
BEGIN…ROLLBACK: reproduced the live bypass (add/pending→approved), applied the patch, proved closure (add/pending stays pending), and proved fail-closed (pending→approved with 0 votes on a high-risk action raisesAPR quorum (high)…). Post-rollback confirmed the live function was still the original — zero live mutation during rehearsal. - Applied with birth before==after = 1,210,783. Verified live:
no_longer_approves=true, containment marker present, and a rolled-back live insert of anaddrow now landspending. - Rollback staged:
99_rollback_authority_containment.sqlrestores the exact original body verbatim.
Affected-request inventory (live)
| bypass class | total | applied | approved (undisposed) | rejected/expired (inert) | mechanism now |
|---|---|---|---|---|---|
insert_path_auto_approve (system_auto_approve) |
8 | 3 | 1 | 4 | contained |
scanner_apply_without_vote (auto-apply-function) |
18 | 18 | 0 | 0 | still live (dormant; 0 fuel) — flagged P1 |
All bypass rows had 0 votes and quorum_passed=false.
No-go guard (v_authority_bypass_no_go_guard) — 6/6 PASS
insert_autoapprove_contained · containment_marker_present · auto_approve_trigger_preserved · quorum_trigger_present_enabled · lifecycle_trigger_present_enabled · no_new_insert_bypass_since_fix.
Views built
v_authority_bypass_inventory, v_authority_bypass_affected_requests, v_authority_bypass_no_go_guard.
Residual (P1, not P0)
The scanner path auto_apply_approval() still applies pending scanner rows (birth_orphan/reclassify) with no vote. It is not DB-scheduled (no pg_cron) and currently has 0 applyable rows (dormant). Flagged for hardening in doc 03/09; not contained this session because it is the documented P0 only in spirit and is dormant — the routed next step gates it.