KB-2C6C
Supertrack I — RP-08 Directus Read-Contract Review
2 min read Revision 1
fix7architecturet1-reviewrp08directus-read-contractsupertrack-i
09 — Supertrack I: RP-08 Directus read-contract review
Verdict: RP08_VERIFIED (advisory RP).
Codex delivered (doc 07): the ACTIVE Directus SELECT subset in privilege_set_manifest #21 is the
sealed read contract.
Checklist
| Criterion | Result | Basis |
|---|---|---|
| sealed Directus read-contract exists | ✅ | rows in privilege_set_manifest #21 bind query family, endpoint group, business object, observation source, smoke pattern hash, observation_max_age_seconds |
| no hardcoded observation window | ✅ | "No fixed observation-window literal exists" |
freshness max_age is manifest/sealed |
✅ | observation_max_age_seconds field on the sealed row |
| unknown read path blocks cutover | ✅ | observed-but-not-expected → BLOCKED_READ_PATH |
| incomplete observation blocks or requires operator | ✅ | expected-but-not-observed → operator required, readiness blocked |
| Directus SELECT retention coherent | ✅ | Directus retains only exact manifest-listed business base-table/view SELECT |
| no Directus authority remains | ✅ | "receives no control-plane authority"; both-EXCEPT observed vs sealed |
| stale observation handled | ✅ | stale (> sealed max age) → operator required, readiness blocked |
Coherence with CP-07
This is the steady-state read-path control (path A) layered on CP-07's SELECT-only base-table read
path. The both-EXCEPT comparison plus sealed max_age removes the hardcoded-window risk and the
under-captured-read feasibility bypass without granting Directus any authority.
Conclusion
RP-08 (advisory) fully resolved. No proposal.