Checkpoint — Codex Birth Gateway SSOT + QT-001 Design Plan

Date: 2026-06-06
Status: PASS — design complete; read-only; no implementation

Decision

Current documentation is insufficient as one executable design. The required solution is a staged birth control-plane:

1. Freeze dangerous old DOT execution.
2. Make an immutable gateway release + semantic runtime contract the SSOT.
3. Remove gateway redefine authority from trigger setup.
4. Make realtime and QT-001 share policy/identity/register functions.
5. Repair QT-001 as paired metadata-driven plan/apply DOTs.
6. Hard-gate QT-003/QT-003R first row.
7. Handle QT-005 as an orchestrated policy transition.
8. Design/approve QT-006 universal lifecycle separately.

Key Live Conditions

global DOT preflight currently BLOCKED
birth admission permit absent
backfill ledgers absent
BIRTH_REQUIRED=74
required identity unclassified=43
required without birth trigger=5
native status available=54/74 required collections

Three Declarations

• Vĩnh viễn: immutable release + shared PG path + semantic drift detector.
• Nhầm: writer DOTs and first-row admission fail closed.
• 100% tự động: paired verifier/scanner detects contract, trigger, policy, backfill, lifecycle, and RP drift.

First Implementation Macro

BIRTH_P0_STAGE0_DANGEROUS_DOT_EXECUTION_FREEZE

Canonical Design Package

knowledge/dev/reports/architecture/codex-birth-gateway-ssot-qt001-design-plan-2026-06-06/