09 - Implementation Staging Plan

This is a staged patch/rehearsal plan; no live apply is authorized.

FIX7a - Additive Authority Foundation

T1 authors; operator creates privileged roles/schema/pgcrypto if required. Create isolated qt001_cp constrained objects, capture ACL/owner/source snapshots, generate candidate manifests, but seal nothing active and repoint nothing. Existing writer/readiness/source/trigger/gateway paths remain unchanged.

FIX7b - Authority And ACL Cutover

Operator executes T1-generated reviewed SQL in one transaction. Preconditions: sealed exact object manifest covers full current inventory, generated ALTER/REVOKE statements exactly match it, restore script exists, secure function search paths verified, no-go tests rehearsed, and apply/readiness remain blocked. Transfer only manifest objects to qt001_cp_owner; never use REASSIGN OWNED BY directus. Revoke Directus/PUBLIC DML/DDL/EXECUTE and grant Directus SELECT only on curated views. Any assertion failure aborts.

FIX7c - Controlled Evidence And Authoritative Repoint

Deploy controlled verifier/signoff/binder functions, import real static-analysis evidence, create sealed readiness/capability/dependency manifests, repoint authoritative writer to qt001_cp.v_fix7_acceptance, deploy paired scheduled verifier/scanner, and remove old readiness/hardcode/self-audit authority from apply path. Writer/apply/permit remain blocked because real capability evidence is absent.

Every Level-B mutation entrypoint is paired with a Level-A verifier/guard. Writer check is realtime; scheduled verifier is independent safety net. T1 must paste real outputs for ACL denials, denominator attacks, spoof/self-sign/stale signoff, fake capability, canonical hash sensitivity, unknown dependency, and protected-state no-worse.

Hat 1: T1 implements. Hat 2: Codex independently re-audits. Codex must not perform live cutover.