Incomex AI Portal
KB-3C0C

Law Compliance, Forbidden-List Compliance & Self-Review (2026-05-29)

6 min read Revision 1
iuself-reviewlawcomplianceforbidden

Law Compliance, Forbidden-List Compliance & Self-Review

1. Law compliance (as the laws constrain IU mutation)

  • Điều 30 (reversibility): every D/E mutation ran inside BEGIN…ROLLBACK; remove was soft (membership_status='removed'), split/merge were additive (sources preserved). No hard deletes. ✅
  • Điều 31 (audit): split/merge wrote iu_split_set / iu_merge_set ledger rows; gate opens/closes recorded iu_gate_transition rows (rolled back). ✅
  • Điều 32 (approval): split/merge referenced a test-scope review_decision minted by fn_iu_test_review_decision_create (explicitly "Not a production Điều 32 approval; for cloned test IUs only"). No production approval was self-minted; iu_enact.allow_no_review_decision never flipped. ✅
  • Điều 35 (DOT + no-hardcode): B/C/F ran through shipped DOT wrappers; axis-B resolves tags against iu_metadata_tag_registry; emit sources event_stream/delivery_lane from event_type_registry (never hardcoded). ✅
  • Điều 38/39 (single-body ownership / KG provenance): compose referenced existing law pieces by id (membership only) — never duplicated or edited their body; no KG edge was written. ✅
  • Điều 45 (queue/event substrate): emit/worker/DLQ exercised event_outbox, iu_route_attempt, iu_route_dead_letter, iu_route_worker_cursor exactly as the substrate defines; refs-only payloads. ✅

2. Forbidden-list compliance (mission §7)

Forbidden Status
Production law IU mutation ✅ none (law pieces still v1, untouched; verified)
4 Mothers runtime ✅ untouched
Generated production workflows/tasks/forms/reports ✅ none
Nuxt/UI ✅ untouched
Directus mutation ✅ none (psql-only; no Directus write)
Qdrant/vector write ✅ none; vector_sync_enabled stayed false
Real route delivery ✅ none; delivery_enabled=false, 0 sent attempts
Job execution ✅ none; job_substrate.enabled=false
Unsafe P-pub block ✅ none; P-pub stayed warn-only (PILOT)
Self-minted approval ✅ none; only test-scope rd used
allow_no_review_decision=true ✅ never set (still false)
vector_sync_enabled=true ✅ never set (still false)
Gate left open ✅ none; iu_gate_transition=0, all_governed_closed=true
Hidden second SoT ✅ none; only existing tables/ledgers used
Open idle transaction left behind ✅ none; idle in transaction=0 at exit

3. Footprint proof (entry == exit)

Final read (context_pack_readonly): all_safe=true, never_flip_intact=true, all_governed_closed=true, idle_in_tx=0, information_unit=219, iu_split_set=1, iu_merge_set=0, iu_piece_collection=45, TEST/iu-demo/* rows=0, iu_gate_transition=0. Identical to the entry baseline in 00-overview. Zero persisted mutation.

4. Self-review — strengths

  • All six capabilities proven on the live database with reproducible commands; B/C/F via shipped DOT wrappers; D/E via the governed bounded-gate BEGIN…ROLLBACK method.
  • D exercised the full lifecycle (compose→add→remove→reorder→split→merge→render) on demo-owned bricks plus borrowed-but-unmodified law bricks, with explicit proof the law content was not re-versioned.
  • E proved both the failure path (unrouted DLQ stays stuck, event preserved) and the resolution path (dry-run replay resolves), with refs-only payloads and zero real delivery.
  • A produced a tamper-evident reconstruction digest, not just a row count.

5. Self-review — limitations / honest gaps

  • A — cut automation gap (PARTIAL on cut, PASS on reconstruct): no standalone raw-file auto-segment+auto-cut command; automatic cut requires an approved manifest (fn_iu_cut_from_manifest). This run reused prior cut data and did not re-cut. This is the one capability with a real, named gap.
  • E — trigger-IN proven by wiring, not a fresh live insert: to avoid iu_sql_link constraint rabbit-holes that could abort the evidence transaction, trigger-IN was proven via the registered AFTER INSERT trigger + inbound route. A live capture-on-insert was already proven in the prior iu-d-e-f-remaining-governed-live-test-suite session (F.3b). Low residual risk.
  • D — composer/structure gates require the bounded-gate protocol (opened in-tx, rolled back). This is by design but means add/remove/reorder/compose are not "always-on"; split/merge need only a valid review_decision.
  • Production-pilot caveat: P-pub birth-gate warnings (P-pub1/2 missing — production sẽ BLOCK) are warn-only in pilot; in full production they would block. The IU is limited-production-pilot ready, not unconditionally production-ready.

6. Acceptance-criteria check (mission §9)

  • A–F each have evidence + verdict ✅
  • B/C/F run through existing DOT/wrappers ✅
  • D/E use the governed safe path ✅
  • A proves current reconstruct + exact cut-automation gap ✅
  • User-visible demo report exists (08-…) ✅
  • No unsafe mutation occurred ✅
  • GPT can independently verify from report + appendix (07-…) ✅

Result: PASS (A carries a documented cut-automation gap; reconstruct itself is PASS).

Back to Knowledge Hub knowledge/dev/reports/architecture/iu-a-to-f-automated-evidence-and-demo-pack-2026-05-29/09-law-forbidden-and-self-review.md