00 - Readme First

Date: 2026-06-08 Mode: READ-ONLY production; T1 blueprint not edited.

Final status

FIX7_REFACTOR_BLUEPRINT_CODEX_RECHECK_FAIL_HARDCODE_OR_PG_NATIVE_GAP

T1 materially improved all seven prior blocker areas, but the patched blueprint is not implementable under PostgreSQL semantics and introduces new ordering/design-contract conflicts.

Decisive blockers

1. At S15 legacy routines are still owned by directus. PostgreSQL owners retain implicit privileges; REVOKE cannot make directus effective EXECUTE = 0. Therefore G-NOLEGACY-POST cannot pass before S16 and REVOKE_ONLY routines remain owner-callable.
2. The legacy disposition set is seeded/sealed at S09/S12, but its classification depends on #11 closure and #27 body bindings authored at S13/PKG-D after seal. A sealed manifest cannot be completed afterward.
3. The patch adds a disposition column and expected_legacy_set_sha256 to #20, while PKG-A requires exact match to the already-approved byte-level DDL. This is an unapproved design/DDL change.
4. G-NOMIXED-AUTHORITY uses ACTIVE manifest + legacy executability, so it is red immediately after S14 activation while legacy routines remain PUBLIC/owner executable until S15/S16.
5. live-relevant completeness is not given a closed PG-native predicate; #11 forward closure from new entrypoints cannot discover all directly callable legacy bypass writers.
6. A source_sha256 is proof of a body, not the body or a restore mechanism.

Implementation-authoring planning and all live actions remain blocked.