06 — Final Human / Sovereign Activation Pack (B-5)

Executable by a human/sovereign session without further technical discovery. The agent has closed B-2/B-3/B-4/P-1; this pack commits the births once the human-only Điều 32 authority exists.

0. What only a human can do (B-5)

1. Enact the law clause authorizing the Candidate Registry family (Điều 0-G/36/37) — agent must NOT enact.
2. Mint the Điều 32 review_decision(s) certifying the 3 births in cutter_governance, cross-signed ≥2 (council/human/sovereign) — agent must NOT self-mint.
3. Choose the tier owner among GOV-COUNCIL (recommended) / GOV-SIV / GOV-FND (doc 03) and authorize the ownership write.

1. Required human decisions (no hidden choices)

#	Decision	Default recommendation
D1	Enact Candidate Registry family law clause	Yes — under Điều 0-G/36/37
D2	Tier_registry owner	GOV-COUNCIL (Đ37 authority)
D3	Cascade/rollback model accepted	Soft-retire as default reversal (doc 04 path B)
D4	Birth-trigger-per-registry included	Yes (production-correct; cascade = +60)
D5	Cross-sign signatories (≥2)	name 2 of {council, human admin, sovereign}

2. Cross-sign requirements

• ≥2 distinct signatories on the Điều 32 review_decision(s); automated_agent is not an eligible signer.
• Manifest must bind to the real birth artifacts (the 3 collection codes). No test-scope sentinel.
• Per the prior governance findings, production review_decision lives behind cutter_governance (privilege-walled); the human session needs the council/sovereign role to write it.

3. Preflight queries (run as workflow_admin; all must pass)

-- 3a. gate closed
SELECT (fn_iu_gate_verify_closed())->>'all_safe' AS all_safe;          -- expect true
-- 3b. no orphan tx
SELECT count(*) FROM pg_stat_activity WHERE state LIKE '%idle in transaction%'; -- expect 0
-- 3c. codes free + format (doc 02 query)
SELECT
  (SELECT count(*) FROM meta_catalog WHERE code IN ('CAT-1011','CAT-1012','CAT-1013')) m,
  (SELECT count(*) FROM collection_registry WHERE code IN ('FIELD-001','FORM-001','TIER-001')) c,
  (SELECT count(*) FROM entity_species WHERE species_code IN ('field_registry_species','input_form_registry_species','tier_registry_species')) s,
  (SELECT max((regexp_replace(code,'\D','','g'))::int) FROM meta_catalog WHERE code ~ '^CAT-[0-9]+$') maxcat; -- m=c=s=0, maxcat≥1010
-- 3d. tables absent
SELECT to_regclass('public.field_registry'), to_regclass('public.input_form_registry'), to_regclass('public.tier_registry'); -- all NULL
-- 3e. Điều 32 review_decision(s) exist & cross-signed (human-verified before commit)

If maxcat > 1010, set the three CAT codes to CAT-(maxcat+1..+3) in §4.

4. Commit procedure

Run as one stdin-fed psql invocation (do not leave an interactive open tx). Set server-side timeouts. Use the exact DDL from doc 01 and inserts from doc 05, wrapped in BEGIN … COMMIT instead of ROLLBACK. Order per registry: CREATE TABLE → INSERT meta_catalog → INSERT entity_species → INSERT species_collection_map → INSERT collection_registry → CREATE TRIGGER trg_birth_*. Then the tier-ownership UPDATE (after tier_registry's collection_registry row exists), then certify, then COMMIT.

\set ON_ERROR_STOP on
SET statement_timeout='120s'; SET lock_timeout='10s'; SET idle_in_transaction_session_timeout='180s';
BEGIN;
  -- [paste the 3 CREATE TABLE + 12 INSERT + 3 CREATE TRIGGER from doc 01/05, codes per §3]
  -- tier ownership (D2):
  UPDATE governance_registry
     SET capability = jsonb_build_object('owns', jsonb_build_array('tier_registry'),'role','dieu37_tier_authority'),
         output_target='tier_registry', primary_collection='tier_registry'
   WHERE code='GOV-COUNCIL';
  -- assert pre-birth-check 5/5 for each (must all be true)
  SELECT bool_and(passed) FROM fn_pre_birth_check('field_registry','FIELD-001','Field Registry','MIGRATION');
  SELECT bool_and(passed) FROM fn_pre_birth_check('input_form_registry','FORM-001','Input Form Registry','MIGRATION');
  SELECT bool_and(passed) FROM fn_pre_birth_check('tier_registry','TIER-001','Tier Registry','MIGRATION');
  -- assert cascade is the expected +60 (sanity)
  -- (optional) compare birth_registry count delta to a captured baseline = 60
  -- Điều 32 certification (HUMAN/COUNCIL session only — real cross-signed review_decision; NOT agent):
  UPDATE birth_registry SET certified=true, certified_at=now()
   WHERE collection_name IN ('field_registry','input_form_registry','tier_registry') AND certified=false;
COMMIT;

Stop and ROLLBACK if any bool_and(passed) is not true, any insert errors, or the cascade delta ≠ expected.

5. Post-commit verification

SELECT to_regclass('public.field_registry'), to_regclass('public.input_form_registry'), to_regclass('public.tier_registry'); -- all non-NULL
SELECT code,status FROM collection_registry WHERE code IN ('FIELD-001','FORM-001','TIER-001');
SELECT collection_name,count(*) c, count(*) FILTER (WHERE certified) cert
  FROM birth_registry WHERE collection_name IN ('field_registry','input_form_registry','tier_registry') GROUP BY 1; -- certified all true
SELECT code,capability->'owns' FROM governance_registry WHERE code='GOV-COUNCIL'; -- ["tier_registry"]
SELECT (fn_iu_gate_verify_closed())->>'all_safe'; -- still true

6. Soft-retire procedure (default reversal — doc 04 path B)

See doc 04 §B: retire collection_registry/entity_species/birth_registry rows, disable measurements, revert GOV-COUNCIL. Preferred over hard rollback.

7. Hard rollback procedure (emergency, permitted only with fresh authorization)

See doc 04 §C. Must SET LOCAL app.allow_meta_update='true' for the guarded meta_catalog DELETE; scope entity_labels/system_issues/birth_registry deletes by the born_at window captured at commit. Run under server-side timeouts. Never client-timeout-kill.

8. Stop conditions

• gate verifier all_safe≠true at any point;
• any orphan/idle-in-transaction appears;
• fn_pre_birth_check not 5/5;
• cascade delta ≠ expected (+60 with triggers / +57 without);
• Điều 32 review_decision missing or not cross-signed ≥2;
• any attempt would require flipping allow_no_review_decision or vector_sync_enabled (NEVER-flip).

9. Incident handling

• If a transaction is interrupted: do not kill the client mid-tx. Let server-side idle_in_transaction_session_timeout abort it, or SELECT pg_terminate_backend(pid) only for a confirmed-stuck backend, then verify pg_stat_activity clean (lesson from the prior 8-orphan incident).
• If post-commit verify fails: prefer soft-retire (path B); escalate to council before hard rollback.

10. Owner / responsibility table

Step	Owner
Enact law clause (D1)	Sovereign / Council
Mint Điều 32 review_decision, cross-sign ≥2 (B-5)	Human + Council/Sovereign
Choose tier owner (D2)	Sovereign
Run preflight + commit script	Human admin (workflow_admin)
Post-commit verify	Human admin
Reversal decision	Council

This pack is self-contained: every code, column, FK, guard, validator, cascade figure, and rollback path is fixed and proven. No further agent discovery is required before a human commit.