03 — Observation Write-Path Proof (Workstream B)

Goal

Prove the ledger can record and query a safe, clearly non-production observation, with idempotency, and that discovery views consume it without ever mistaking it for real runtime.

Test observation set (all SIMULATED_DRY_RUN, all non-production)

• Pilot candidate: PROC-CAND:dot:kg
• Pilot pair: DOT_KG_EXPLAIN (producer) + DOT_KG_EXPLAIN_VERIFY (verifier)
• source_system: dry_run_harness (recognisable, non-production)
• Header process_run_observation: process_run_id=dd000000-0000-4000-8000-00000000e001, correlation_id=SIMRUN:dot:kg:explain:20260604, evidence_type=SIMULATED_DRY_RUN, status=completed, idempotency_key=SIM:dot:kg:explain:run, evidence_ref={simulated:true,non_production:true,dry_run:true,...}.
• Components process_component_observation:
  • producer: DOT_KG_EXPLAIN, role producer, event process.run.started, status step_completed, idem SIM:dot:kg:explain:producer.
  • verifier: DOT_KG_EXPLAIN_VERIFY, role verifier, event process.run.completed, status step_completed, idem SIM:dot:kg:explain:verifier.
• Both components share the run's process_run_id + correlation_id.

Results

• Insert run 1: header INSERT 0 1, components INSERT 0 2.
• Idempotency proof: re-insert header with same idempotency_key (different PK) via ON CONFLICT (idempotency_key) WHERE idempotency_key IS NOT NULL DO NOTHING → INSERT 0 0 (no duplicate). The partial unique index does the work.
• Read-back (container psql): 1 header row (SIMULATED_DRY_RUN / completed / dry_run_harness) + 2 component rows (producer + verifier) sharing the correlation_id.
• Cross-channel read-back (MCP query_pg, RO role): v_process_discovery_runtime_observed shows dot:kg → run_count 1, real_run_count 0, simulated_count 1, distinct_correlation_ids 1, component_count 2. Header table confirms evidence_type=SIMULATED_DRY_RUN, source_system=dry_run_harness.

Honesty guarantees met

• No fake REAL_RUN. evidence_type is SIMULATED_DRY_RUN throughout.
• Not marked verified. v_process_discovery_verified_candidates_v3 does NOT contain dot:kg (see doc 05). The view logic explicitly distinguishes simulated from real.
• Not confused with production. source_system dry_run_harness, evidence_ref flags simulated:true / non_production:true.

Result: WRITE/READ PATH PROVEN with no fake runtime.