Incomex AI Portal
KB-2538

IU b–f Execution Readiness Refactor — 00 Overview + Source Matrix

11 min read Revision 1
iutests-b-fexecution-readinessrefactorsource-matrixexecution-classdocument-only2026-05-28

IU b–f Execution Readiness Refactor — 00 Overview + Source Matrix

Macro: IU_B_TO_F_EXECUTION_READINESS_REFACTOR_AND_AUTHORITY_PACK_100000X Date: 2026-05-28 · Mode: DOCUMENT-ONLY / NO PRODUCTION MUTATION Status: PASS (document-only) · Prompt standard: 100000x v1.3 (rev41) Supersedes the execution-classing of: iu-test-b-to-f-readiness-command-pack-2026-05-28/ (kept as baseline, NOT final authority)

1. Why this pack exists

The prior b–f readiness command pack (12 docs, 00–11) is a useful planning baseline but is not safe to execute as-is. GPT's underload review (iu-test-b-f-command-pack-gpt-review-underload-and-next-ops-2026-05-28.md) gave the verdict:

COMMAND_PACK_USEFUL_BUT_UNDERLOADED_FOR_105000X_STANDARD

and explicitly instructed: "Do not immediately run the author-ready implementation prompts from document 10 as-is." The core defect is a read-only/mutation labeling contradiction: several macros call themselves "read-only / zero gate / no approval" while authorizing database writes (audit rows, CREATE FUNCTION, DOT catalog rows). Audit rows are writes. CREATE FUNCTION is DDL. Catalog rows are mutations. A prompt that says "read-only" but writes is unsafe to hand to an Agent after context-clear, because the Agent will trust the label.

This pack does four things:

  1. Corrects every read-only/mutation contradiction in the baseline (Outcome B).
  2. Re-classes every future macro into one of five explicit execution classes and sequences them into five safe waves (Outcome C).
  3. Re-authors the six next macros as self-contained, open-goal, execution-classed authority prompts (Outcome D).
  4. Binds every future macro to its owner law, gate, approval, rollback, audit, and no-double-ownership requirements, and publishes an IU production-readiness board (Outcomes E, F).

It changes nothing live. It corrects, reasons, and authors.

2. The five execution classes (the spine of this pack)

Every future IU macro MUST be tagged with exactly one of these. The class dictates what channel, gate, approval, and rollback are mandatory.

Class Definition Writes allowed Channel Gate/approval
C1 — PURE_READ_ONLY_PROOF SELECT only. No audit-row write, no function, no catalog row, no event registration, no config change. Provable by inspection: every statement is a SELECT. none MCP query_pg (read-only) suffices none
C2 — ADDITIVE_IMPLEMENTATION May CREATE FUNCTION, add DOT catalog rows, write audit rows. Adds new objects; does NOT mutate existing IU data or flip gates. DDL + new catalog/audit rows SSH workflow_admin (DDL/INSERT) no gate, but rollback + before/after object diff required
C3 — GOVERNED_MUTATION_TEST Changes IU/test data or event delivery. IU/test data, event rows, route attempts SSH workflow_admin approval_id (Điều 32) + bounded gate protocol + rollback + verify-close
C4 — GATE_PROTOCOL_IMPLEMENTATION Touches dot_config / gate primitives. dot_config flips + gate-protocol functions SSH workflow_admin Hard-Gate-0 + fail-closed design + approval model + verify-close
C5 — DOCUMENT_ONLY No live change. Authoring/planning/design only. none (KB writes only) KB MCP (AgentData/Incomex_KB) none

The cardinal correction: the baseline collapsed C1 and C2 into one "read-only" label. They are different classes with different channels and rollback obligations. Reading IU data is C1. Building a DOT wrapper to read IU data is C2 — because the wrapper's existence requires DDL + a catalog row, and each invocation writes an audit row. This pack splits them everywhere.

3. Source matrix (Outcome A)

All sources read at revision 1 (command pack) / revision 41 (prompt standard) on 2026-05-28. Reports/laws live in Incomex_KB; the Rev5 design docs and requirements live both locally (knowledge/dev/...) and in KB.

# Source path Found Used for Confidence Contradiction found
S1 knowledge/dev/laws/prompt-muc-tieu-mo-for-claude-code.md ✅ KB rev41 (v1.3, 100000x) Underload self-check (Outcome G); PASS/PARTIAL/BLOCKED rules; execution-channel-pack, hard-gate-0, design-only-macro, no-underload concepts HIGH None. NOTE drift: this macro's brief cites the "105000x"/v1.2 standard; the live standard is now 100000x v1.3 rev41. Self-check uses the live v1.3 rules.
S2 …/iu-core-process-brick-readiness-and-gap-survey-2026-05-28.md ✅ KB rev1 Real b–f blocker (gates OFF, not missing tables); live-vs-paper inventory; §11 verified law ownership HIGH Survey itself flags the design docs (00/03/04) mislabel verified-live tables as "paper" — a known, separately-tracked drift (U11).
S3 …/iu-test-b-to-f-readiness-command-pack-2026-05-28/ (12 docs 00–11) ✅ KB rev1 (all read, none truncated) The baseline being corrected; source of the correction matrix (Outcome B) HIGH YES — central finding. Docs 02, 03, 07 (and prompt 1/2 in doc 10) label themselves read-only while authorizing audit-row writes + CREATE FUNCTION + catalog INSERTs. Detailed in doc 01 of this pack.
S4 …/iu-test-b-f-command-pack-gpt-review-underload-and-next-ops-2026-05-28.md ✅ KB rev1 GPT's underload verdict + the 10 specific criticisms (esp. items 4/5/6 on read-only-while-writing); the prescribed refactor macro HIGH GPT confirms the S3 contradiction. NOTE: GPT only read 2 of 12 pack docs (00 + 10) — it cites this as a limitation. This pack read all 12.
S5 …/iu-b-to-f-survey-gpt-review-next-command-2026-05-28.md ✅ KB rev1 GPT verdict SURVEY_ACCEPTED_NEXT_STEP_AUTOMATION_PLAN; recommended next-step ordering; the 4-Mothers no-go HIGH None — consistent with S2.
S6 knowledge/dev/design/v0.6-iu-4mothers-event-foundation-rev2/ (Rev5, 11 docs 00–10) ✅ local + KB 4-Mothers law framing; Đ0-G birth registry, Đ28 templates, Đ36 collection registry, Đ37 governance registry (gate/law matrix, Outcome E); confirms 4 Mothers stays blocked HIGH Design PG-Maximization-Map drift (U11) — same as S2. Non-fatal for b–f.
S7 Prior IU reports: cut/verify/approve (mig 054–058), preflight Axis E8, fn_cut_apply, split/merge, sql-link, post-CUT, state-machine rollback ✅ KB + auto-memory Live function inventory (fn_iu_cut_preflight_validate, fn_iu_piece_split/merge, fn_iu_sql_link_validate, fn_iu_post_cut_axis_materialize, etc.); gate channel pattern (SSH workflow_admin); E8 runtime-gate precedent HIGH None new. These ground the "live-ready: use-not-rewrite" rule — do not re-implement existing functions.
S8 Laws: Hiến pháp, Điều 0-G, 7, 28, 30, 31, 32, 35, 36, 37, 38/39, 45 ✅ via S2 §11 (verified-live ownership), S3 doc 11, S6, auto-memory Owner-law assignment in the gate/law matrix (Outcome E); no-double-ownership check MEDIUM-HIGH Ownership cross-checked against survey §11 (verified live) and command-pack doc 11 self-review; consistent. Individual law texts not re-read in this macro (grounded via verified prior extractions).

Source-gap statement: No required source was unavailable. The only residual is S8 (individual law texts read via prior verified extractions rather than re-opened this macro) — acceptable because the survey §11 already verified the ownership mapping against live DB, and no future macro's safety depends on a law text not already extracted. No fatal gap.

4. What this pack does NOT do

  • It does not run any of the prompts it authors. They are author-ready for future macros.
  • It does not flip gates, register events, create functions/catalog rows, or touch dot_config.
  • It does not unblock the 4 Mothers. The no-go stands: no 4-Mothers implementation until IU tests b–f and IU substrate readiness are closed or explicitly accepted with known gaps.
  • It does not redesign IU. The PG-Maximization-Map drift (U11) is a surgical doc patch, deferred, out of scope here.

5. Document map of this pack

Doc Outcome Contents
00-overview-and-source-matrix.md (this) A Orientation, execution classes, source matrix
01-readonly-vs-mutation-correction-matrix.md B Per-section correction of every unsafe read-only label
02-revised-macro-sequence-and-waves.md C 5-wave sequence; each macro classed with allowed/forbidden/channel/rollback/acceptance/output
03-authority-prompts.md D 6 paste-ready, self-contained, open-goal macro prompts
04-gate-law-matrix.md E Per-macro owner law / mutation risk / approval / gate / rollback / audit / no-double-ownership
05-iu-production-readiness-board.md F b–f board: readiness, blocker, next macro, evidence, risk-if-skipped, blocks-4-Mothers
06-underload-self-check-and-verdict.md G Self-check vs v1.3 standard; final verdict; discard list; forbidden-compliance

6. Headline corrections (full detail in doc 01)

  1. "Read-only (SELECT + audit rows only)" is a contradiction. Audit rows are writes. → Split into C1 (pure SELECT, no audit row) for the proof, and C2 (audit rows + DDL) for the DOT-wrapper implementation.
  2. Building a "read-only" DOT command is C2, not C1. dot_iu_filter_axis_b, dot_iu_subtree, dot_iu_sql_link_validate/resolve, dot_iu_test_harness_run each need CREATE FUNCTION + a dot_iu_command_catalog INSERT to exist. Their creation is additive mutation.
  3. dot_iu_command_run was excluded from the "zero-delta" no-mutation proofs in docs 02 §6 and 03 §7. A true C1 proof must show the audit table is also untouched — which is only true if no DOT wrapper is invoked. Hence the proof must run as raw SELECT, not via a DOT command.
  4. The bounded gate protocol (prompt 3) is correctly mutating but must be hardened: design/preflight first; live gate-function creation only after Hard-Gate-0 passes.
  5. Docs 05 (d) and 06 (e) are honestly labeled mutating/gated — no correction needed, only re-confirmation of their gate/approval dependencies.

The next Agent should treat doc 01's correction matrix as binding and doc 03's prompts as the canonical replacements for command-pack doc 10.

Back to Knowledge Hub knowledge/dev/reports/architecture/iu-b-to-f-execution-readiness-refactor-2026-05-28/00-overview-and-source-matrix.md