CP-02 Exact Inter-Manifest FK Targets
03 - CP-02 Exact Inter-Manifest FK Targets
Universal FK Rules
- Every child table has
UNIQUE(item_id)in addition to(manifest_id,item_id)PK. - Typed cross-child references target the exact child table's
item_id, never only the generic envelope. - Catalog references target
code_catalog_item(item_id). - Runtime/evidence references target the exact runtime table named below.
- All FKs are
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE. - No physical delete exists; RESTRICT is defense-in-depth.
- FKs do not create activation deadlock because activation locks
control_epochfirst, thenmanifest_set, catalog set, and child tables in deterministic table-name/item-id order. FK validation reads already-sealed parent rows and never activates a parent.
Exact Typed FK Map
| Source | Target |
|---|---|
manifest_set.manifest_type_id, lifecycle_status_id |
code_catalog_item.item_id |
policy_rule_manifest.rule_set_id, fact_id |
code_catalog_item.item_id families RULE_SET, FACT_DEFINITION |
policy_rule_manifest.operator_primitive_id |
operator_primitive_manifest.item_id |
policy_rule_manifest.operand_type_id |
code_catalog_item.item_id family OPERAND_TYPE |
metric_manifest.unit_id |
unit_manifest.item_id |
metric_manifest.value_type_id |
code_catalog_item.item_id family VALUE_TYPE |
operator_primitive_manifest.volatility_code_id |
code_catalog_item.item_id family VOLATILITY |
principal_separation_manifest.action_id |
authority_action_manifest.item_id |
principal_separation_manifest.left_class_id/right_class_id |
principal_class_manifest.item_id |
readiness_gate_manifest.policy_rule_set_id |
code_catalog_item.item_id family RULE_SET |
hash_component_manifest.canonicalizer_id |
code_catalog_item.item_id family CANONICALIZER |
dependency_manifest.dependency_kind_id/resolution_status_id |
catalog families DEPENDENCY_KIND / RESOLUTION_STATUS |
dependency_manifest.analyzer_run_id/evidence_id |
analyzer_run.run_id / evidence_registry.evidence_id |
bypass_vector_manifest.policy_rule_set_id |
catalog family RULE_SET |
capability_manifest.verifier_class_id |
principal_class_manifest.item_id |
capability_manifest.workload_profile_id |
workload_profile_manifest.item_id |
capability_measurement_requirement.capability_id/metric_id/operator_primitive_id |
capability_manifest.item_id / metric_manifest.item_id / operator_primitive_manifest.item_id |
capability_artifact_requirement.capability_id |
capability_manifest.item_id |
capability_artifact_requirement.artifact_kind_id |
catalog family ARTIFACT_KIND |
signoff_requirement_manifest.scope_type_id |
catalog family SCOPE_TYPE |
signoff_requirement_manifest.tier_id |
tier_manifest.item_id |
signoff_requirement_manifest.action_id |
authority_action_manifest.item_id |
signoff_requirement_manifest.required_principal_class_id |
principal_class_manifest.item_id |
activation_policy_manifest.target_manifest_type_id/quorum_profile_id |
catalog families MANIFEST_TYPE / QUORUM_PROFILE |
quorum_requirement_manifest.quorum_profile_id |
catalog family QUORUM_PROFILE |
quorum_requirement_manifest.required_principal_class_id |
principal_class_manifest.item_id |
privilege_set_manifest.privilege_code_id |
catalog family PRIVILEGE_CODE |
writer_repoint_manifest.gateway_item_id |
gateway_manifest.item_id |
Required Post-Create Byte-Level Constraints
The 27 CREATE TABLE statements declare every typed FK whose target already exists. These four forward references are added after all 27 tables exist:
ALTER TABLE qt001_cp.policy_rule_manifest
ADD CONSTRAINT fk_policy_rule__operator_primitive
FOREIGN KEY(operator_primitive_id) REFERENCES qt001_cp.operator_primitive_manifest(item_id)
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE;
ALTER TABLE qt001_cp.metric_manifest
ADD CONSTRAINT fk_metric__unit
FOREIGN KEY(unit_id) REFERENCES qt001_cp.unit_manifest(item_id)
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE;
ALTER TABLE qt001_cp.capability_manifest
ADD CONSTRAINT fk_capability__workload_profile
FOREIGN KEY(workload_profile_id) REFERENCES qt001_cp.workload_profile_manifest(item_id)
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE;
ALTER TABLE qt001_cp.signoff_requirement_manifest
ADD CONSTRAINT fk_signoff_requirement__tier
FOREIGN KEY(tier_id) REFERENCES qt001_cp.tier_manifest(item_id)
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE;
Runtime/evidence constraints are added after their exact tables from docs 09/10 exist:
ALTER TABLE qt001_cp.dependency_manifest
ADD CONSTRAINT fk_dependency__analyzer_run FOREIGN KEY(analyzer_run_id)
REFERENCES qt001_cp.analyzer_run(run_id)
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE;
ALTER TABLE qt001_cp.dependency_manifest
ADD CONSTRAINT fk_dependency__evidence FOREIGN KEY(evidence_id)
REFERENCES qt001_cp.evidence_registry(evidence_id)
ON UPDATE RESTRICT ON DELETE RESTRICT NOT DEFERRABLE;
No alternative target, natural-code FK, deferrability, action, or agent-selected constraint is permitted.
Catalog-family correctness cannot be expressed by a bare FK, so seal invokes
fn_assert_catalog_family(item_id, expected_family_id) using the expected family ID stored in the
sealed reference_contract catalog. The function contains no family code/string literals.
The ACTIVE catalog exact-set contains one reference_contract row for every catalog-typed FK
column across the 27 children and all support/runtime-evidence tables. Seal compares discovered
catalog-typed columns to these rows in both EXCEPT directions. Missing, extra, duplicate, retired,
or wrong-family mapping blocks seal.
The final deferred-ALTER set is normative in the RP-correction consolidated-order artifact. It
includes the catalog retirement-evidence FK and every cyclic/runtime FK. Every realized
PK/UNIQUE/FK/CHECK/authority-relevant index must match the typed authority_scope_manifest #20
expected rows and per-table expected_constraint_set_sha256; omission is
OBJECT_AUTHORITY_IMMUTABLE FAIL.
Negative tests: wrong typed target, unknown target, retired target, target family mismatch, delete referenced parent, and activation-order inversion all reject.