02 - BLOCKER 1: Legacy Target Authority Fix (disguised hardcode → sealed PG-native set)

Codex finding

S00 derived the neutralize/cutover/freeze target by owner=directus + QT001 name pattern and then used that set as load-bearing authority for S15 REVOKE / S16 ownership / S17 freeze. That is name-pattern authority — disguised hardcode — contradicting G-PGNATIVE and S00's own "diagnostic only" claim. (Codex CHECK_B/CHECK_H/CHECK_I FAIL; CR-B1/CR-B3.)

Live proof the name pattern cannot be authority (read-only, 2026-06-08)

query (public)	result
views qt001% prefix	0
views v_qt001% prefix	183
views %qt001% substring	196
routines %qt001%	45 functions (prokind='f') + 1 procedure (prokind='p')
routines outside public	0
tables qt001%	20

All 46 routines: owner directus, proacl=NULL (PUBLIC EXECUTE), prosecdef=false; all 196 views owner directus. The view count swings 0 → 183 → 196 purely by the literal chosen, and the prior blueprint prose "46 functions" conflated the 45 functions with the 1 apply procedure. A load-bearing set that changes with the literal is exactly the disguised hardcode Codex flagged.

The fix - sealed legacy-disposition set (blueprint doc 02 §H/§I)

Candidate discovery is diagnostic only; the operational set is sealed and hash-bound.

• Authority surface: typed DATA rows in the existing authority_scope_manifest #20 (which already hosts typed TABLE/CONSTRAINT/INDEX/runtime-evidence rows) — object_kind (LEGACY_FUNCTION/PROCEDURE/TABLE/VIEW), object_ref (regprocedure/regclass), prokind, oid_at_capture (provenance only), schema/name/identity-args, owner_at_capture, source_sha256, privilege_acl_hash (over proacl/relacl/attacl), disposition, and a per-set roll-up expected_legacy_set_sha256. STUB_FAIL_CLOSED body/rollback bindings live in #27.
• Establishment pipeline (candidate → sealed): S00 name+owner scan = candidate evidence (non-binding) → typed classification by dependency_manifest #11 structural closure + effective-privilege evidence → exact-set both-EXCEPT vs the live catalog (sealed − live = ∅ AND live-relevant − sealed = ∅; 0 UNKNOWN_REQUIRES_REVIEW) → seal at S12 (OPERATOR + quorum). Only the sealed set is operational authority for S15/S16/S17.
• Guards: G-LEGACY-TARGET-SEALED fails if any step's target is name-pattern-derived, unsealed, set-hash-mismatched, or has a non-empty both-EXCEPT. G-PGNATIVE extended to reject name-pattern binding authority anywhere.

The count is now evidence, not authority: whatever the sealed exact-set both-EXCEPT proves is the set; a different name literal cannot silently include/exclude an object. This directly answers CR-B1, CR-B3, CHECK_H, CHECK_I.

Self-check

PASS only if the operational target is sealed/manifest-bound/hash-bound, not pattern-bound → PASS. The #20 set is sealed (S12), hash-bound (expected_legacy_set_sha256 + per-row source_sha256/privilege_acl_hash), exact-set proven (both-EXCEPT vs catalog), and identity-bound (regprocedure/regclass/prokind/OID). Name/owner scans are explicitly diagnostic candidates. G-LEGACY-TARGET-SEALED + G-PGNATIVE enforce it.

Invariant impact

0 new authority surface (DATA rows in existing #20 + one typed disposition column), 0 new readiness gate, 0 new hash contract (expected_legacy_set_sha256 is a roll-up of existing per-row hashes, not one of the 7 H01..H07). 27/11/14/7 preserved.

Flagged for Codex confirmation

Adding a typed LEGACY_* row class + disposition column to #20 implements Codex's own prescribed mechanism (BLOCKER 1: "authority_scope_manifest #20 typed rows ... or writer_repoint_manifest #27 ... explicitly sealed object identity rows with OID/regclass/regprocedure + source hash + owner + privilege hash"). Flagged for confirmation that the #20 typed-row class is the intended home.