00 — Overview & Control: Full-Stack Governance Alignment Audit for Registries-Pivot Grouping
00 — Overview & Control
Mission: FULL_STACK_GOVERNANCE_ALIGNMENT_AUDIT_FOR_REGISTRIES_PIVOT_GROUPING
Class: Read-only full-stack governance audit + independent recommendation. No implementation.
Audit run date: 2026-06-01 (package dated 2026-05-31 per mission spec).
Host: contabo VPS · DB: directus (Docker container postgres, PG 16.13).
Read channel: Agent-Data KB + live PG read-only (context_pack_readonly) + law text-as-code.
Apply channel: KB docs only. Zero PG / Directus / Qdrant / Nuxt mutation.
Hard Gate 0 — result: PASSED
| # | Check | Result |
|---|---|---|
| 1 | KB read access | ✅ mcp__agent-data__* + batch_read working |
| 2 | Live PG read-only access | ✅ role context_pack_readonly, READ ONLY tx, 5s timeout, LIMIT 500 |
| 3 | Target DB = directus |
✅ current_database()='directus' |
| 4 | No PG apply channel used | ✅ query_pg is AST-validated read-only; ssh/docker exec NOT used |
| 5 | No mutation | ✅ only SELECT / information_schema / pg_catalog |
| 6 | Audit/recommendation only | ✅ |
| 7 | No UI/schema/route/law/approval/queue/event/DOT change | ✅ none performed |
| 8 | Inspected live PG (not KB only) | ✅ 30+ live queries across the governance substrate |
| 9 | Separated the six SSOT layers | ✅ Law / Authority-ownership / Approval / DOT-execution / Issue-event / UI-display (see doc 01) |
What we were asked
We are building Registries-Pivot as the independent verification surface for the whole system. The governance risk: grouping / classification / label / pin / phantom / pivot-coverage / cleanup / DOT-grouping must NOT become a local Registries-Pivot governance island. They must reuse the central governance model (Điều 37 / governance_registry / approval spine / DOT governance / pivot law / label law). This audit reconstructs the full-stack governance model, finds where it is centralized vs fragmented, maps the Registries-Pivot artifacts onto it, marks local-island risks, recommends the correct owner + approval path, and proposes law/design patches — without implementing anything.
Headline verdict
The central governance spine is REAL and must be reused — but it is INCOMPLETE at the agency-ownership layer, DRIFTED at the schema layer, and ABSENT for the grouping/threshold/pin/phantom concepts. Registries-Pivot grouping is therefore at genuine risk of becoming a local island, NOT because the central model is missing, but because nobody has yet been assigned to own classification/pivot at the agency (TẦNG 3) layer, and because three of the proposed artifacts (display_policy threshold, registry_pin, phantom definition) have no law/domain home at all.
The correct move is NOT to build local governance, and NOT to bolt owner_gov_code columns onto each new policy table (that pattern exists nowhere in the system today). It is to use Điều 37's relational ownership model: assign the already-existing classification and pivot domains to agency owners, route every change through the Điều 32 approval spine (which already has reclassify / rule_change / schema_add / new_dot / retire request types), execute via Điều 35 paired DOTs, and raise findings to system_issues / event_outbox (Điều 45).
Four SSOT verdicts (detail in docs 01–02)
- Law SSOT =
normative_registry(47 rows, enacted). Verdict: authoritative but INCOMPLETE — Đ20, Đ23, Đ45 exist as KB law docs but are not registered rows;law_catalog(5 rows) is stale/legacy;governance_docsUI index has drifted (claims "Constitution v3.5 / 25 Điều"; mislabels Đ26 as "Counting", Đ28 as "Matrix"). - Authority / ownership SSOT =
governance_registry(9 agencies) +governance_relations(8 edges) +law_jurisdiction(domain ownership). Verdict: real and Đ37-mandated, but SPARSE and DRIFTED — 4 "mother" factories stilldraft; ownership edges onlyagency→law(no object/collection edges);classification&pivotdomains have no agency owner; live column/CHECK vocabulary diverges from enacted Đ37 v3.3. - Approval SSOT =
approval_requests+apr_approvals(Đ32). Verdict: the real and ONLY approval spine — quorum enforced (high =president+ ≥2ai_council+ 0 reject), no-self-approval enacted (§4.3.1). NO grouping/pivot/label/pin/phantom artifact has any approval;os_proposal_approvals=0; the only human approver ispresident(14 approvals, all S178 DOT-repair). ⇒ NO_APPROVAL_FOUND / COMMIT_FORBIDDEN stands. - DOT-execution SSOT =
dot_tools+law_dot_enforcement+dot_operations/dot_iu_command_catalogunder Đ35. Verdict: complete and reusable —classify/audit/health/verifyoperations already exist; Đ35 B-tier(execute, approval-gated) ↔ A-tier(audit, read-only auto-approve) pairing rule is exactly the scan/propose/apply/audit model grouping needs.
Biggest fragmentation risks
- Agency-ownership gap —
classification(Đ24/Đ29) andpivot(Đ26) domains have nogovernance_registryagency owner. A law owns them; no body executes them. This vacuum is what tempts a local Registries-Pivot owner. display_policy(50-ceiling) andregistry_pinwere designed as standalone LOCAL tables with no relational governance binding → highest island risk.- Threshold / phantom-definition / pin have no law and no domain → LAW_GAP → tempts local definition.
- Live direct-pg-Pool API path (
server/utils/rpGatewayDb.ts) bypasses the PG→Directus→Nuxt convention → process island needing explicit Đ41/API-exception approval. - Schema drift between enacted Đ37 v3.3 and the live governance tables weakens the very anchor the central model relies on.
governance_audit_log= 1 stale row → the governance-relation audit loop is not closing.
Recommended owner (detail in doc 12)
Option 4 — split by object type, with named existing owners (reuse-first, no new agency):
- Classification / grouping / threshold / label-dimension / phantom-definition / pin POLICY → GOV-COUNCIL (direct, per Đ37 §4.12(d) cross-cutting tie-break + the
tier_registry → GOV-COUNCILprecedent). - Count-integrity / orphan / phantom-detection / pivot-coverage HEALTH → GOV-SIV (System Integrity, Đ31).
- DOT execution of grouping scan/propose/apply/audit → GOV-DOT (Đ35 paired DOTs).
- Registries-Pivot render templates / route → GOV-MOUT + Đ28
design_templates.
A new GOV agency (e.g. GOV-CLASS) is not recommended unless Council explicitly delegates — reuse-first says assign the un-owned domain to Council/SIV first.
Package contents
| Doc | Branch | Content |
|---|---|---|
| 00 | — | This control doc |
| 01 | A | Full-stack governance SSOT map (six layers) |
| 02 | B | Current governance architecture map (live PG inventory) |
| 03 | C | Điều 37 ownership interpretation + candidate owners |
| 04 | D | Local-governance-island risk review (per artifact) |
| 05 | E | Unified Governed Classification & Grouping Framework proposal |
| 06 | F | Label / grouping governance alignment (Đ24/Đ29) |
| 07 | G | Pivot governance alignment (Đ26) |
| 08 | H | DOT governance alignment (Đ35) |
| 09 | I | Phantom / orphan governance alignment (Đ31/Đ19) + law-patch outline |
| 10 | J | Approval lifecycle model (Đ32) |
| 11 | K | Gap matrix |
| 12 | L | Decision options + recommendation |
| 13 | M | Go / no-go list |
| 14 | — | Law / design patch outline |
| 15 | — | Next prompts (≥6 paste-ready) |
| 16 | — | Self-review vs acceptance criteria |
Forbidden-compliance statement
No PG mutation · no Directus mutation · no Qdrant/vector write · no Nuxt/UI implementation · no route change · no law enactment · no approval creation · no self-approval · no new governance owner created · no table created · no schema change · no event/job/notification emit · no hardcode introduced · no local-governance design offered as the final recommendation. All findings are evidence-backed from live PG + enacted law text.