03 — SB-0 Authorization Rehearsal Results (live, BEGIN..ROLLBACK)

Package: one-roof-auth-axis-bootstrap-ratification-rehearsal-go-nogo-2026-06-02 Mode: author-mode live rehearsal, single BEGIN … ROLLBACK, zero COMMIT, entry==exit proven. Channel: ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus (PG 16.13). Object specs: hardening doc 03 (SB-0 CREATE-TABLE) + doc 02 (state machine). Script: /tmp/sb0_axis_rerun.sql.

---

3.1 What was rehearsed (SB-0 phases)

Phase	Object / action	Result
R1	governance_build_authorization + 4 CHECK + partial-unique + 3 indexes	COMPILED
R2	quorum_passed, valid_sovereign_esign, v_build_auth_valid, fn_build_commit_allowed	COMPILED
R2	live quorum recompute on real requests	APR-S178F18-FALLBACK-5=t, APR-0234=f, forged=f
R5	8 grants seeded (rehearsal table only)	inserted (under rollback)
R6	anti-forgery keystone (raw status vs recomputed view)	PASS (6 raw-active → 2 valid)
R7	COMMIT-time verifier on valid + all fail-closed cases	PASS (fail-closed)
R7b	SB-0 table CHECK negatives + grant-stacking unique	PASS (5/5 rejected)

All five SB-0 artifacts compiled as written against the live schema, the only deviation being F-AUTH-LIVE-1 (the quorum_passed president filter mirrors fn_apr_quorum_check: approver_type='human' AND approver ILIKE '%president%', not approver_type='president').

3.2 SB-0 DDL — compiled live (R1)

Created exactly per hardening doc 03 §3.1:

• PK auth_code; request_ref (soft text ref → approval_requests.code, hard FK at build); approval_ref/scope jsonb;
• CHECKs: risk_level ∈ (low,medium,high,sovereign); status ∈ (draft,active,consumed,expired,revoked); chk_expiry (expires_at > granted_at); chk_sov_esign (requires_sovereign_esign=false OR sovereign_esign_ref IS NOT NULL); chk_consumed_pair ((consumed_at IS NULL)=(consumed_by IS NULL)); chk_revoked_pair (num_nulls(revoked_at,revoked_by,revoked_reason) IN (0,3));
• uq_one_active_grant_per_step = UNIQUE(step_name) WHERE status='active' AND consumed_at IS NULL AND revoked_at IS NULL (anti grant-stacking);
• indexes on request_ref, status, expires_at.

psql: CREATE TABLE + 4×CREATE INDEX, no error — all column types, defaults and constraint expressions valid PG16 DDL.

3.3 Verifier / view pattern — compiled live (R2)

• quorum_passed(text) — read-only boolean re-deriving the live quorum rule (self-exclusion of proposer; reject-blocks; high/medium/low thresholds). Mirrors fn_apr_quorum_check so view and trigger can never disagree (INV-4). Live recompute: APR-S178F18-FALLBACK-5 → TRUE, APR-0234 → FALSE, APR-FORGED-NOEXIST → FALSE.
• valid_sovereign_esign(text) — read-only EXISTS over os_proposal_approvals (signature populated, esignature_agreement=true, email present). With 0 live rows it returns FALSE for every ref ⇒ L4 fails closed by construction (agent SELECT-only).
• v_build_auth_valid — the keystone. Returns a grant only if commit_allowed ∧ consumed_at IS NULL ∧ revoked_at IS NULL ∧ now()<expires_at ∧ backing request approved ∧ quorum_passed ∧ (no sovereign needed ∨ valid e-sign). It never reads the grant's own status (INV-6/INV-10).
• fn_build_commit_allowed(p_step,p_agent) — adds INV-5 (granted_by≠agent) over the view; returns ALLOW/DENY + reason; read-only (writes nothing — consumed_at is written by the COMMIT txn, not here).

3.4 Anti-forgery keystone — raw status vs recomputed truth (R6)

Eight grants seeded; six carry status='active' (BA-CONSUMED/BA-REVOKED carry consumed/revoked). A naive/forged reader trusting status='active' sees six:

raw status='active'  : BA-EXPIRED  BA-FORGED  BA-INSUFF  BA-SELF  BA-SOV  BA-VALID   (6 rows)
v_build_auth_valid   : BA-SELF (S-SELF)   BA-VALID (axis_registry)                   (2 rows)

Only the two genuinely-backed, in-TTL, unconsumed, unrevoked, quorum-passing grants survive the recomputed view. The four active-but-invalid forgeries (no backing / insufficient quorum / expired / unsigned-sovereign) are inert despite status='active'. The keystone holds.

3.5 Verifier decisions (R7) — full fail-closed matrix

Case	fn_build_commit_allowed	Reason
valid step axis_registry / other agent	ALLOW	valid grant via view; granter≠agent
valid step axis_registry / agent = granter (build_owner_x)	DENY	grant valid but granted_by = agent (INV-5 self-grant)
S-SELF / agent_self (granter==agent)	DENY	INV-5 self-grant
S-FORGE (no backing request)	DENY	no valid grant (fail-closed)
S-INSUFF (approved req, 0 quorum)	DENY	quorum recompute fails
S-EXP (TTL elapsed)	DENY	expired (INV-11)
S-CONS (consumed)	DENY	single-use consumed (INV-9)
S-REV (revoked)	DENY	revoked (INV-12)
S-SOV (sovereign required, no valid e-sign)	DENY	L4 unsatisfied (INV-7)

The load-bearing result: even a fully legitimate grant is refused when the consuming agent is the granter. Authorization to COMMIT requires a grant someone else issued.

3.6 SB-0 table CHECK negatives (R7b)

Test	Expected	Result
expires_at <= granted_at	reject	PASS chk_expiry (23514)
requires_sovereign_esign=true, ref NULL	reject	PASS chk_sov_esign (23514)
status='bogus'	reject	PASS status enum (23514)
consumed_at set, consumed_by NULL	reject	PASS chk_consumed_pair (23514)
2nd active grant for step axis_registry	reject	PASS uq_one_active_grant_per_step (23505)

3.7 Entry==exit / zero residue (R10 ROLLBACK + R11)

Post-rollback re-read in the same session is identical to R0:

R11: appr=211 votes=42 actypes=6 osprop=0 birth=1,074,279
  governance_build_authorization=NULL  v_build_auth_valid=NULL
  axis_registry=NULL  axis_assignment=NULL   idle_in_transaction=0

Independently re-verified from a separate connection (read-only MCP channel, doc 06 §6.4): all rehearsal objects ABSENT, 0 rehearsal functions left, real counts unchanged, idle_in_transaction=0, 0 leftover workflow_admin sessions. Zero residue. Because no real table was written, birth_registry was invariant throughout — not merely restored by rollback.

3.8 SB-0 verdict

SB-0 authorization substrate: REHEARSED-GREEN. DDL compiles; the verifier/view recompute-not-trust pattern compiles and behaves; a valid L3 grant resolves correctly and only transiently; all seven fail-closed modes deny; INV-5 self-grant protection holds even on a legitimate grant; zero residue. The one deviation (F-AUTH-LIVE-1) makes the build more live-faithful. Build of SB-0 remains NO-GO pending the L2+L4 ratification (doc 01).

Forbidden-compliance: single BEGIN..ROLLBACK; zero COMMIT; no write to any real table (valid path backed by an existing approved request, not seeded); no e-sign; no event/DOT/law touched.

3.9 Cross-links

• compiles [[one-roof-axis-auth-proposal-operational-hardening-build-ready-design-2026-06-02]] doc 03.
• negatives consolidated in [[05-negative-forgery-and-fail-closed-tests]]; axis half in [[04-axis-registry-assignment-rehearsal-results]]; gate in [[01-ratification-decision-record]].