KB-79B8 rev 2
RP-01 - Exact Non-Authority Runtime-Evidence Tables
13 min read Revision 2
codexfix7design-correctionruntime-evidencerp-01
RP-01 - Exact Non-Authority Runtime-Evidence Tables
Status: RESOLVED_BLOCKING
These 11 physical tables are runtime facts/evidence, not policy or authority. The proposed
capability_environment table is folded into capability_run. All tables are owner
qt001_cp_owner, append-only after finalization, Directus/PUBLIC inaccessible, hash/evidence
bound, and enumerated as runtime-evidence objects by typed authority_scope_manifest #20 rows.
CREATE TABLE qt001_cp.signoff_binding (
signoff_id uuid PRIMARY KEY,
activation_id uuid NOT NULL REFERENCES qt001_cp.manifest_activation(activation_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
target_manifest_id uuid NOT NULL REFERENCES qt001_cp.manifest_set(manifest_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
plan_content_hash qt001_cp.sha256 NOT NULL, scope_hash qt001_cp.sha256 NOT NULL,
quorum_profile_id uuid NOT NULL REFERENCES qt001_cp.code_catalog_item(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
required_principal_class_id uuid NOT NULL REFERENCES qt001_cp.principal_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
slot_ordinal qt001_cp.positive_bigint NOT NULL,
tier_id uuid NULL REFERENCES qt001_cp.tier_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
action_id uuid NOT NULL REFERENCES qt001_cp.authority_action_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
reviewer_principal_id uuid NOT NULL REFERENCES qt001_cp.principal_registry(principal_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
binder_principal_id uuid NOT NULL REFERENCES qt001_cp.principal_registry(principal_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
reviewer_human_identity_id uuid NOT NULL REFERENCES qt001_cp.human_identity_registry(human_identity_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
binder_human_identity_id uuid NOT NULL REFERENCES qt001_cp.human_identity_registry(human_identity_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
reviewer_evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
binding_evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
control_epoch qt001_cp.nonnegative_bigint NOT NULL,
signed_at timestamptz NOT NULL, bound_at timestamptz NOT NULL, valid_until timestamptz NOT NULL,
UNIQUE(activation_id,quorum_profile_id,required_principal_class_id,slot_ordinal,action_id,scope_hash),
CHECK(bound_at>=signed_at), CHECK(valid_until>bound_at)
);
CREATE TABLE qt001_cp.capability_run (
run_id uuid PRIMARY KEY,
capability_id uuid NOT NULL REFERENCES qt001_cp.capability_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
workload_profile_id uuid NOT NULL REFERENCES qt001_cp.workload_profile_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
verifier_principal_id uuid NOT NULL REFERENCES qt001_cp.principal_registry(principal_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
environment_evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
environment_sha256 qt001_cp.sha256 NOT NULL,
control_epoch qt001_cp.nonnegative_bigint NOT NULL,
started_at timestamptz NOT NULL, finalized_at timestamptz NULL,
CHECK(finalized_at IS NULL OR finalized_at>=started_at)
);
CREATE TABLE qt001_cp.capability_measurement (
measurement_id uuid NOT NULL,
run_id uuid NOT NULL REFERENCES qt001_cp.capability_run(run_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
measurement_requirement_id uuid NOT NULL REFERENCES qt001_cp.capability_measurement_requirement(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
metric_id uuid NOT NULL REFERENCES qt001_cp.metric_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
measured_bigint bigint NULL, measured_numeric numeric NULL, measured_text text NULL,
measured_boolean boolean NULL, measured_uuid uuid NULL, measured_oid oid NULL,
measured_sha256 qt001_cp.sha256 NULL, measured_timestamptz timestamptz NULL,
evaluated_pass boolean NOT NULL, measured_at timestamptz NOT NULL,
PRIMARY KEY(measurement_id,measured_at),
UNIQUE(run_id,measurement_requirement_id,measured_at),
CHECK(num_nonnulls(measured_bigint,measured_numeric,measured_text,measured_boolean,measured_uuid,
measured_oid,measured_sha256,measured_timestamptz)=1)
) PARTITION BY RANGE(measured_at);
CREATE TABLE qt001_cp.capability_artifact (
capability_artifact_id uuid NOT NULL,
run_id uuid NOT NULL REFERENCES qt001_cp.capability_run(run_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
artifact_requirement_id uuid NOT NULL REFERENCES qt001_cp.capability_artifact_requirement(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
artifact_kind_id uuid NOT NULL REFERENCES qt001_cp.code_catalog_item(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
created_at timestamptz NOT NULL,
PRIMARY KEY(capability_artifact_id,created_at),
UNIQUE(run_id,artifact_requirement_id,evidence_id,created_at)
) PARTITION BY RANGE(created_at);
CREATE TABLE qt001_cp.gate_fact_result (
result_id uuid NOT NULL,
gate_id uuid NOT NULL REFERENCES qt001_cp.readiness_gate_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
control_epoch qt001_cp.nonnegative_bigint NOT NULL,
fact_sha256 qt001_cp.sha256 NOT NULL, evaluated_pass boolean NOT NULL,
measured_at timestamptz NOT NULL,
PRIMARY KEY(result_id,measured_at),
UNIQUE(gate_id,control_epoch,evidence_id,measured_at)
) PARTITION BY RANGE(measured_at);
CREATE TABLE qt001_cp.bypass_vector_fact_result (
result_id uuid NOT NULL,
vector_id uuid NOT NULL REFERENCES qt001_cp.bypass_vector_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
control_epoch qt001_cp.nonnegative_bigint NOT NULL,
fact_sha256 qt001_cp.sha256 NOT NULL, evaluated_blocked boolean NOT NULL,
measured_at timestamptz NOT NULL,
PRIMARY KEY(result_id,measured_at),
UNIQUE(vector_id,control_epoch,evidence_id,measured_at)
) PARTITION BY RANGE(measured_at);
CREATE TABLE qt001_cp.quorum_vote (
vote_id uuid PRIMARY KEY,
activation_id uuid NOT NULL REFERENCES qt001_cp.manifest_activation(activation_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
quorum_profile_id uuid NOT NULL REFERENCES qt001_cp.code_catalog_item(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
required_principal_class_id uuid NOT NULL REFERENCES qt001_cp.principal_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
slot_ordinal qt001_cp.positive_bigint NOT NULL,
principal_id uuid NOT NULL REFERENCES qt001_cp.principal_registry(principal_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
human_identity_id uuid NOT NULL REFERENCES qt001_cp.human_identity_registry(human_identity_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
voted_at timestamptz NOT NULL,
UNIQUE(activation_id,quorum_profile_id,required_principal_class_id,slot_ordinal)
);
CREATE TABLE qt001_cp.denied_attempt_evidence (
denied_attempt_id uuid NOT NULL,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
object_identity qt001_cp.nonempty_text NOT NULL, attempted_action qt001_cp.nonempty_text NOT NULL,
control_epoch qt001_cp.nonnegative_bigint NOT NULL, occurred_at timestamptz NOT NULL,
PRIMARY KEY(denied_attempt_id,occurred_at)
) PARTITION BY RANGE(occurred_at);
CREATE TABLE qt001_cp.dashboard_export (
export_id uuid NOT NULL,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
export_sha256 qt001_cp.sha256 NOT NULL, denominator_set_sha256 qt001_cp.sha256 NOT NULL,
control_epoch qt001_cp.nonnegative_bigint NOT NULL, exported_at timestamptz NOT NULL,
PRIMARY KEY(export_id,exported_at)
) PARTITION BY RANGE(exported_at);
CREATE TABLE qt001_cp.level_b_packet_execution (
execution_id uuid NOT NULL,
principal_id uuid NOT NULL REFERENCES qt001_cp.principal_registry(principal_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
human_identity_id uuid NOT NULL REFERENCES qt001_cp.human_identity_registry(human_identity_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
storage_class_item_id uuid NOT NULL REFERENCES qt001_cp.storage_class_manifest(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
packet_sha256 qt001_cp.sha256 NOT NULL,
control_epoch qt001_cp.nonnegative_bigint NOT NULL, executed_at timestamptz NOT NULL,
PRIMARY KEY(execution_id,executed_at)
) PARTITION BY RANGE(executed_at);
CREATE TABLE qt001_cp.post_activation_verifier_state (
verifier_state_id uuid PRIMARY KEY,
activation_id uuid NOT NULL REFERENCES qt001_cp.manifest_activation(activation_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
verifier_principal_id uuid NOT NULL REFERENCES qt001_cp.principal_registry(principal_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
evidence_id uuid NOT NULL REFERENCES qt001_cp.evidence_registry(evidence_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
state_code_id uuid NOT NULL REFERENCES qt001_cp.code_catalog_item(item_id) ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE,
state_sha256 qt001_cp.sha256 NOT NULL, verified_at timestamptz NOT NULL,
UNIQUE(activation_id,verifier_principal_id,evidence_id)
);
Every FK explicitly uses ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE.
evaluated_pass and evaluated_blocked are accepted only from owner generic guards and cannot be
caller-authored.
The seven high-volume event/result tables are declaratively range-partitioned on their immutable
event time. Partition boundaries and creation cadence come from the bound sealed storage-class
row, never from source literals. capability_run, signoff, quorum, and post-activation state stay
unpartitioned identity anchors so inbound FK identity remains stable.
H04 maps to signoff_binding; H05 maps to capability_run, capability_measurement,
capability_artifact, with environment folded into capability_run; H02 maps to signoff,
capability, and post-activation rows. H06 is unchanged.
Net new authority surfaces: zero. New readiness gates: zero. New hash contracts: zero.