KB-760D
IU Limited-Production Promotion + KG Relationship + 4 Mothers Gate Authority — 00 Overview & Pilot-Readiness Verdict (2026-05-28)
7 min read Revision 1
iulimited-production-pilotreadiness-verdictkg-relationship4-mothers-gateauthority-bundle2026-05-28ppubreview-decisiondieu39
IU Limited-Production Promotion + KG Relationship + 4 Mothers Gate Authority Bundle
Doc 00 — Overview & Pilot-Readiness Verdict
- Macro:
IU_LIMITED_PRODUCTION_PROMOTION_KG_RELATIONSHIP_AND_4MOTHERS_GATE_AUTHORITY_BUNDLE_1000000X - Date: 2026-05-28
- Class: mixed authority / design / live-safe (executed as read-proof + authority pack only; zero mutation)
- Host/DB: contabo VPS · container
postgres(postgres:16, healthy) · dbdirectus@ 172.19.0.3 · PG 16.13 - Read channel: MCP
query_pgrolecontext_pack_readonly(READ ONLY txn, AST-validated, stmt_timeout 5s, LIMIT 500) - Status: PASS — branches A–G completed; B and C resolved as authority packs (lawful deferral, unsafe to apply now); D mapped as readiness/design pack; no unsafe mutation occurred.
Hard Gate 0 — preflight result (PASS)
| Check | Result |
|---|---|
| Host = contabo VPS | ✅ |
Container = postgres (postgres:16, Up 5 weeks healthy) |
✅ |
Database = directus @ 172.19.0.3, PG 16.13 |
✅ |
workflow_admin apply channel reachable (SELECT-first discipline) |
✅ (not used — no apply needed) |
fn_iu_gate_verify_closed() |
✅ all_safe=true, never_flip_intact=true, all_governed_closed=true |
Gate snapshot (all 10 closed): composer / delivery / operator_runtime / structure_ops / three_axis_auto_refresh / emit_enabled / dlq.replay / job_substrate = false (governable); iu_core.vector_sync_enabled = false (never_flip); iu_enact.allow_no_review_decision = false (never_flip).
Baseline counts (frozen this run, unchanged at exit):
| Table | n | Table | n |
|---|---|---|---|
| information_unit | 219 (216 live + 3 retired) | dot_iu_command_catalog | 52 |
| iu_piece_collection | 45 | dot_iu_command_run | 55 |
| iu_piece_membership | 227 | event_type_registry | 31 |
| iu_split_set | 1 | event_outbox | 150,114 |
| iu_merge_set | 0 | iu_route_dead_letter | 0 |
| iu_sql_link | 3 | iu_gate_transition | 0 |
Consistent with the prior bundle (iu-production-hardening-and-durable-governed-run-bundle-2026-05-28). Zero drift.
Branch A — IU Limited-Production-Pilot Readiness Board
Status legend: PASS (live-proven, repeatable) · PILOT_READY (safe for governed limited pilot, full-production needs more) · PARTIAL (works with a known caveat) · BLOCKED.
| # | Capability | Status | Evidence | Remaining blocker | Blocks pilot? |
|---|---|---|---|---|---|
| 1 | a — cut / reconstruct | PASS | Durable governed run created→split→committed→retired; reconstruct invariants verified (fn_iu_verify_invariants inside fn_iu_create) |
none | no |
| 2 | b — domain axis (axis-B) | PASS | Live read-proof; dot_iu_filter_axis_b (read, non-mutating); 536 metadata tags, 216/216 axis_b_tags consistent |
none | no |
| 3 | c — tree axis | PASS | fn_iu_subtree authoritative; 0 orphan/cycle; stored axis_c_depth stale (auto_refresh OFF) → use function not column |
use fn_iu_subtree, not stored depth |
no |
| 4 | d — compose / split / merge | PILOT_READY | d-suite PASS in BEGIN..ROLLBACK; split/merge are SECDEF additive, require FK-probed review_decision_id; iu_split_set=1, iu_merge_set=0 |
production review_decision builder (Branch C) | no (test builder suffices for pilot) |
| 5 | e — trigger in / out | PILOT_READY | Inbound capture→attempt proven; emit gated by piece_event_runtime.emit_enabled (closed); forced DLQ→dead_lettered proven |
emit_enabled must open under protocol per emission | no |
| 6 | f — SQL link | PASS | dot_iu_sql_link_validate/resolve (read); 3 links enabled=false validate resolved:true; trigger AFTER INSERT only |
none | no |
| 7 | durable governed run | PASS | First committed non-ROLLBACK governed IU run; durability proven via FRESH psql connection; lawful retire ×3 | none | no |
| 8 | DLQ replay | PASS | fn_iu_route_dead_letter_replay proven {replayed,dry_run,resolved}; gated by master routes gate (not queue.dlq.replay_enabled) |
none | no |
| 9 | bounded gate protocol | PASS | fn_iu_gate_open/close/verify_closed/watchdog live; iu_gate_transition table; fail-closed; all_safe=true now |
none | no |
| 10 | review_decision path | PARTIAL | TEST builder fn_iu_test_review_decision_create live (catalog dot_iu_test_review_decision_create, category=lifecycle); production path undefined |
production builder (Branch C authority pack) | blocks full production, not limited pilot |
| 11 | birth gate | PILOT_READY | L1 (BEFORE INSERT) hard-blocks U2/U3/U4/U7/U10 + vocab + P-id1/2/3; L2 (deferred constraint) anchors U5/U6 | P-pub1/P-pub2 warn-only (Branch B authority pack) | blocks full production, not limited pilot |
| 12 | vector boundary | PASS | iu_core.vector_sync_enabled=false (never_flip), intact; Qdrant up but governed-disabled |
none | no |
| 13 | governance / audit | PASS | dot_iu_command_run=55 audited; gateway write-guard allowlist; Đ30/31/32 enforced; lifecycle_log on retire |
none | no |
Verdict
IU Core is LIMITED-PRODUCTION-PILOT READY.
- Items that gate full production (not limited pilot): #10 production review_decision and #11 P-pub birth-gate hard enforcement. Both are authority-packed below (Branches C and B). For a limited pilot under sovereign supervision, the TEST review_decision builder + warn-only P-pub are acceptable provided the pilot operating protocol (Branch G macro 5) is in force: bounded gate open/close per operation, every emission under protocol, no never-flip change, audited DOT path only.
- No blocker prevents a limited pilot. Two blockers prevent declaring full production.
Branch summary (detail in docs 01–07)
| Branch | Subject | Outcome | Doc |
|---|---|---|---|
| A | Pilot-readiness board | PASS — LIMITED-PRODUCTION-PILOT READY | 00 (this) |
| B | P-pub birth-gate promotion | AUTHORITY PACK (warn→block unsafe now) | 01 |
| C | Production review_decision path | AUTHORITY PACK (agent must not self-authorize Đ32) | 02 |
| D | IU object relationship & Đ39 KG | READINESS/DESIGN PACK (generic edge table exists, IU not in it) | 03 |
| E | Live-vs-design reconciliation | PASS — reconciliation table + patch flags | 04 |
| F | 4 Mothers gate decision | PASS — explicit blockers + sequence | 05 |
| G | Next macro pack (6 prompts) | PASS | 06 |
| — | Law / forbidden / self-review | PASS | 07 |
Forbidden compliance: VERIFIED. No 4 Mothers impl, no Nuxt/UI, no Directus mutation, no Qdrant/vector write, no P-pub hard-block applied, no production review_decision shortcut, no Đ32 bypass, no never-flip flip, no gate left open, no real route delivery, no law enactment, no OSS final selection, no hidden second graph SoT. Zero rows written — all evidence via read-only query_pg.