KB-5A2A
Endgame Campaign — 12 Law / Forbidden / Self-Review
4 min read Revision 1
self-reviewforbidden-compliancelaw-crosswalkacceptancerollbackdieu0gdieu7dieu30dieu32dieu37dieu39dieu452026-05-28
12 — Law / Forbidden / Self-Review
1. Forbidden-compliance (§15) — line by line
| Forbidden | Honored? | Evidence |
|---|---|---|
| No 4 Mothers runtime generation | ✅ | factory rows status='draft'; all runtime gates closed |
| No generated workflows/tasks/forms/reports | ✅ | zero rows created in those tables |
| No Nuxt/UI implementation | ✅ | doc-only mappings (04/09) |
| No Directus mutation | ✅ | all writes via psql to governance/event/domain tables only |
| No Qdrant/vector write | ✅ | vector_sync_enabled never-flip intact = false |
| No unsafe P-pub block | ✅ | P-pub untouched |
| No production approval shortcut | ✅ | G3 left to privileged human build (doc 03) |
No iu_enact.allow_no_review_decision=true |
✅ | gate verify: never_flip intact, value=false |
No iu_core.vector_sync_enabled=true |
✅ | same |
| No gate left open | ✅ | all_governed_closed=true post-commit |
| No hidden second SoT | ✅ | KG kept as projection only (doc 06) |
| No law enactment | ✅ | referenced NRM-LAW-07 as existing FK; enacted nothing |
| No final OSS/tool selection | ✅ | none made |
| No real event delivery | ✅ | mother.* active=false, delivery gate closed |
| No job execution | ✅ | job substrate absent + gated off |
2. Law crosswalk
- Điều 0-G / 36 (birth): factory births auto-registered uncertified (
certified=f) — lawful draft state, not orphan. G1 births deferred to certification. - Điều 7 (Assembly-First): no-double-ownership proven live (capability matrix disjoint).
- Điều 30 (reversibility): every commit has a tested rollback; G1/role-registry births deferred precisely because meta_catalog cascade/guards reduce clean reversibility.
- Điều 32 (approval): no agent self-mint; G1/G3/G4 certification reserved for human/council.
- Điều 37 (governance): factory class added under governance_registry; human-org-role law review-ready, not enacted.
- Điều 39 (KG): provenance-or-quarantine intact;
v_kg_edges_allprojection; no second SoT. - Điều 45 (event/queue):
mother.*registered dormant; job substrate untouched; executor boundary documented.
3. Acceptance (§17) self-check
- Branches A–K completed or precisely deferred ✅
- ≥2 hard gates materially advance ✅ (G4 live + G1 proven; also Đ45 substrate)
- Safe live changes applied where justified ✅ (E, B committed)
- Dry assembly closer to live than before ✅ (binds to committed rows, doc 09)
- IU pilot Day 1 executable ✅ (doc 08)
- Phase 0 go/no-go explicit ✅ (doc 10)
- ≥20 large prompts ✅ (doc 11)
- No unsafe mutation ✅ (gate verify all_safe=true entry==exit) Verdict: PASS.
4. Full rollback (entire campaign)
-- Branch E
DELETE FROM event_type_registry WHERE event_domain='mother';
-- Branch B
DELETE FROM birth_registry WHERE entity_code IN ('GOV-MOW','GOV-MOT','GOV-MOIT','GOV-MOUT');
DELETE FROM governance_registry WHERE code IN ('GOV-MOW','GOV-MOT','GOV-MOIT','GOV-MOUT');
DELETE FROM dot_domains WHERE code IN ('assembly.workflow','assembly.task','assembly.input','assembly.output');
DELETE FROM dot_domains WHERE code='assembly';
ALTER TABLE governance_registry DROP COLUMN capability;
-- Branch A / C / D / F: nothing committed (rehearsed/rolled-back/authority-pack only)
Post-rollback expected: event_type_registry=31, governance_registry=5, dot_domains=41, no capability column, iu=219/rel=60/catalog=53/run=55 unchanged.
5. Residual risk
- Low. All committed objects are inert (draft/dormant) and reversible by simple DELETE/DROP COLUMN (none touch meta_catalog's guarded/cascade surface). No runtime reachability. Never-flip gates verified intact entry and exit.