12 - Direct Blueprint Revisions Applied

All fixes were applied DIRECTLY to the blueprint KB documents under knowledge/dev/reports/architecture/t1-fix7-existing-system-refactor-execution-blueprint-2026-06-08/. READ-ONLY production; no production mutation; KB blueprint-doc revision only.

Per-document changes

blueprint doc	final revision	what changed this recheck pass
02 design-to-live mapping	rev 17	§H.2 rewritten to approved #20 columns (no disposition/privilege_acl_hash/expected_legacy_set_sha256 columns); §H.3 closed-denominator exact-set; §H.4 NEW closed universe U_legacy; §I disposition COMPUTED + STUB restore via evidence_registry; §G owner-isolation; §E action cell owner-transfer-first; §H header
04 construction order	rev 33	S00/S09/S13 mapped to approved #20 cols + closed denominator + evidence_registry; S14 → STAGE+snapshot (no activation); S15 → atomic ordered owner-transfer→revoke→verify→activate→repoint; S16 → remaining relations (routine ownership at S15.1); S19 36-guard; NEW PG-owner-semantics dependency note; activation-order/no-mixed note; phase-explicit owner table updated
05 rollback	rev 18	invariant 3 snapshot-before-transfer (S14) + superuser disposition; note 5 step 4 owner-restore + evidence_registry body; S14/S15/S16 rows; completeness verdict
06 test/guard	rev 25	G-NOLEGACY-PRE/POST (superuser + owner-transfer ordering); G-NOMIXED route=ACTIVE fact; G-LEGACY-TARGET-SEALED approved cols + manifest seal; NEW G-LEGACY-TARGET-CLOSED-DENOMINATOR; G-OWNER-CUTOVER S14 snapshot + superuser; G-EPOCH-TOCTOU at S15; guard-quality rule 5; total 35→36
07 package split	rev 28	PKG-E create+seal+STAGE (no activation) + snapshot capture; PKG-F atomic ordered owner+revoke+verify+activate+repoint; PKG-G uses PKG-E snapshot, remaining relations; PKG-D +closed-denominator guard; §Terminology operator_authorization=evidence_registry; activation-moved bullet
08 hard blocks	rev 10	unlock-chain "operator permit"→"operator_authorization" + PKG order; qt001_backfill_permit row evidence_registry storage note; manifest-activation future-gate (activation at PKG-F)
12 final self-verdict	rev 12	top-line status → ..._T1_PATCHED_AFTER_CODEX_RECHECK_READY_FOR_CODEX_RECHECK_2; NEW recheck patch-pass section (A-H table + grep claim); guard count 36; explicit asks for recheck 2

Invariant ledger (preserved)

AUTHORITY_SURFACES=27 · RUNTIME_EVIDENCE=11_NON_AUTHORITY · READINESS_GATES=14_DATA ·
HASH_CONTRACTS=7_H01..H07 · NEW_AUTHORITY_SURFACE=0 · NEW_READINESS_GATE=0 · NEW_HASH_CONTRACT=0 ·
NEW_#20_COLUMN=0 · NEW_CATALOG_FAMILY=0 · GUARDS=36_TEST_VERIFICATION (not readiness gates) ·
PRODUCTION_MUTATION=0 ·
STAGE_2_6B/PERMIT/REAL_RUN/QT001_APPLY=BLOCKED · ACTIVATION/REPOINT/OWNER_ACL_CUTOVER=OPERATOR_GATED

No design amendment

Every recheck fix uses an already-approved surface/column: #20 (existing columns), #27, the manifest seal, evidence_registry, dependency_manifest #11, dynamic_sql_target_manifest #22, and PG roles. The only design-owner item is a CONFIRMATION (the §H.2 semantic-scope note - LEGACY_* rows in #20), which requires no byte-DDL change. Therefore the status is READY_FOR_CODEX_RECHECK_2, not REQUIRES_DESIGN_AMENDMENT.