00 - Readme First

Date: 2026-06-08 Author: T1 (production Agent for Agent Data) Macro: PROGRAM_PATCH_T1_FIX7_BLUEPRINT_AFTER_CODEX_RECHECK_OWNER_SEMANTICS_FAIL Mode: READ-ONLY production; blueprint KB-doc direct-revision only; NO production mutation.

Final status

FIX7_REFACTOR_BLUEPRINT_T1_PATCHED_AFTER_CODEX_RECHECK_READY_FOR_CODEX_RECHECK_2

What happened

Codex's recheck of the previously-patched FIX7 refactor blueprint FAILED it (FIX7_REFACTOR_BLUEPRINT_CODEX_RECHECK_FAIL_HARDCODE_OR_PG_NATIVE_GAP). The decisive root cause is PostgreSQL owner semantics: at S15 the legacy routines were still owned by directus, and a PostgreSQL object owner keeps implicit privileges, so REVOKE EXECUTE cannot make directus effective EXECUTE = 0 while it still owns the routines. G-NOLEGACY-POST was therefore impossible as ordered, and the construction/package order was not executable as written.

T1 re-patched every recheck blocker directly in the blueprint docs, grounded on fresh read-only live evidence and the approved byte-level DDL, then self-reviewed against Codex's exact failed checks. No design amendment was required - every fix uses an already-approved surface/column.

The 8 recheck blockers fixed (A-H)

• A - PG owner semantics / G-NOLEGACY phase. Redesigned S14-S16: S14 STAGED (no activation); S15 atomic ordered owner-transfer (off directus→qt001_cp_owner) → REVOKE/stub → verify G-NOLEGACY-POST → activate+repoint; superuser explicitly dispositioned. (doc 02)
• B - closed PG-native denominator. U_legacy = reverse write-effect closure ∪ effective-EXECUTE principals ∪ entry-vectors − DO_NOT_TOUCH; +G-LEGACY-TARGET-CLOSED-DENOMINATOR. (doc 03)
• C - approved byte-DDL conflict. Removed the invented disposition/privilege_acl_hash/ expected_legacy_set_sha256 columns; mapped to existing approved #20 columns; disposition COMPUTED; set integrity = existing manifest seal. 0 new column. (doc 04)
• D - G-NOMIXED vs S14 ACTIVE. S14 STAGED; activation moved into the atomic PKG-F after neutralization; G-NOMIXED tests the ACTIVE route fact, not manifest existence. (doc 05)
• E - rollback source artifact. STUB body restore source = sealed evidence_registry artifact (artifact_uri+artifact_sha256), pinned by #27; a hash cannot restore a body. (doc 06)
• F - operator_authorization / set-hash PG-native contract. operator_authorization_artifact = evidence_registry non-authority evidence consumed by a PG-native decision; expected_legacy_set_sha256 eliminated. (doc 07)
• G - permit terminology. Replaced the stale "operator permit" in doc 08; grep claim. (doc 09)
• H - ACL snapshot order. Snapshot captured at S14, BEFORE the S15.1 owner transfer; superuser dispositioned; both-direction effective-privilege verify. (doc 08)

Live grounding (read-only, DB directus, 2026-06-08)

• directus: rolsuper = false (NON-superuser) - so ownership-transfer-off-directus + REVOKE can reach effective EXECUTE = 0. This is what makes the owner-isolation fix feasible.
• Cluster superuser: workflow_admin (rolsuper/rolbypassrls = true) - inherently bypasses object ACL; explicitly dispositioned in every effective-privilege guard (cannot be ACL-zeroed).
• qt001_cp_owner/migrator/reader roles still ABSENT; legacy qt001_* directus-owned (FIX..FIX6).

Boundaries (unchanged)

Official FIX7 design remains approved. The blueprint and implementation-authoring planning are NOT approved. Implementation, Stage 2.6B, qt001_backfill_permit, REAL_RUN, QT001 apply, manifest activation, repoint, and owner/ACL cutover all remain BLOCKED. Next is Codex recheck 2 only.

Read order: 01 failure matrix → 02..09 per-blocker fixes → 10 hardcode/PG-native self-review → 11 cross-layer self-review → 12 direct blueprint revisions applied → 13 final verdict.