03 - BLOCKER B: U_legacy Independent PG-Native Root Denominator (in-blueprint)

Codex recheck-2 finding

U_legacy improved coverage (reverse write-effect closure, entrypoints, entry vectors) but the roots were still described as a prose list — "20 legacy qt001_* tables", "QT001 apply objects", "birth/permit resources". That is name/manual-shaped: the blueprint did not specify the independent sealed PG authority that selects the roots without a name inventory, so the denominator could remain circular (the output set defining its own input roots) or implementer-selected (recheck-2 doc 02).

The fix — roots come from an independent sealed authority already in the approved design

The root set is not authored as a prose list. It is the sealed protected-target set that is already first-class in the approved design:

1. Roots = authority_scope_manifest #20 rows with protected_target = true (TABLE objects — §2.7-sanctioned, no drift). Their exact membership is hash-sealed by gateway_manifest #26 protected_target_set_sha256 — the gateway's entire reason to exist is to protect exactly this set, so the set is defined by an independent approved authority, sealed and hash-bound before use, not by the closure it seeds and not by a name scan.
2. Closure derived by the sealed analyzer, not by the implementer. From those sealed roots, the reverse write-effect closure is produced by the sealed analyzer (analyzer_contract_manifest #24
   • analyzer_run evidence) into dependency_manifest #11 reverse edges: root_object_identity = protected target, dependency_identity = writer routine, dependency_kind_id/resolution_status_id from sealed catalog families, analyzer_run_id + evidence_id bound. Source: pg_depend where native, plus #11 edges and dynamic_sql_target_manifest #22 rows for PL/pgSQL body calls / dynamic SQL pg_depend cannot see.
3. Dynamic/unsupported calls fail closed. Any call the analyzer cannot resolve makes the run UNRESOLVED, which blocks seal — never silently dropped.
4. Effective-executable principals (proacl expanded via pg_auth_members) and entry vectors (pg_trigger/pg_event_trigger/scheduler/frozen-DOT) union into the universe.
5. Minus DO_NOT_TOUCH by sealed object identity (birth-gateway family + DOT-118/119), never by name.

U_legacy = (reverse_write_effect_closure ∪ effective_executable_principals ∪ entry_vector_writers) − DO_NOT_TOUCH. The analyzer derives the closure; it never defines the roots, and the roots are an independent sealed/hash-bound authority — which is exactly what Codex required. The both-EXCEPT exact-set proof and G-LEGACY-TARGET-CLOSED-DENOMINATOR are unchanged in shape, but the membership of U_legacy is now carried as #11 reverse-closure rows, not as #20 LEGACY_* rows (see blocker C).

Interaction with blocker C

This fix gives U_legacy an independent, PG-native, sealed root set and derivation. What it does NOT do — and cannot do without the blocker-C amendment — is assign each derived legacy routine a disposition (REVOKE_ONLY / FREEZE / DEPRECATE / STUB), because the disposition enum and its rule have no approved home (doc 04). The denominator's membership check therefore runs over #11 reverse-closure rows, independent of any disposition. The blocker-C amendment decides what is done with each member.

PG-native, no new surface

Roots = #20 protected_target TABLE rows (approved, §2.7-sanctioned) + #26 protected_target_set_sha256 (approved). Closure = #11 + #22 rows produced by the sealed #24 analyzer. Entry-vectors = pg_trigger/pg_event_trigger. No new authority surface, column, family, or hash.

Self-check

PASS only if the denominator's roots are an independent sealed PG-native authority (not the closure output, not a name scan) and the closure is analyzer-derived with dynamic calls failing closed. PASS — roots = sealed #20 protected_target set hash-bound by #26; closure = sealed #24 analyzer into #11/#22; both-EXCEPT enforced; name/owner scans widen candidate discovery only.