T1 FIX7 Focused Review - 11 PG-Native-Driven Review (SUPERTRACK K)
11 - PG-First / Native / Driven Review (SUPERTRACK K)
Per-subsystem evaluation. Verdict: PG_NATIVE_DRIVEN_NEEDS_CORRECTION (one blocking root: code_catalog seal, CP-03).
| Subsystem | Truth in PG? | Enforcement PG-native? | Manifest/rule-driven? | Directus can mutate authority? | App/UI/manual affects eligibility? | Note |
|---|---|---|---|---|---|---|
| Policy | Yes (sealed manifest rows) | Yes (generic interpreter on typed rows) | Yes | No (post-cutover) | No | But operand columns/CHECK + catalog root need CP-03/CP-04. |
| Readiness | Yes | Yes (STABLE adapters, both-EXCEPT) | Yes (sealed exact-14) | No | No | Threshold seal CP-05. |
| Signoff | Yes | Yes (session_user + FK + UNIQUE) | Yes (signoff_requirement #16) | No | No | Strong. |
| Evidence | Yes (immutable evidence rows) | Yes | Yes | No | No | Registry-table placement/seal advisory CP-08. |
| Capability | Yes | Yes (controlled verifier, typed measurements, no verdict col) | Yes (#13/#14/#15/#23) | No | No | "3 runs"/perf thresholds seal CP-05. |
| Dependency | Yes (native + analyzer, source-hash) | Yes (unknown=fail, sealed OID/template/callsite) | Yes (#11/#22/#24) | No | No | Strong; analyzer contract hashed. |
| Hash | Yes (pgcrypto digest sha256) | Yes | Yes (hash_component #10) | No | No | bytea encoding determinism CP-06. |
| control_epoch | Yes | Yes (writer shared-lock+reread; activation exclusive) | Yes | No | No | TOCTOU handled (BV11). |
| No-bypass | Yes | Yes (14 vectors, both-EXCEPT, empty fails) | Yes (#12) | No | No | Strong. |
| Writer/apply path | Yes | Yes (every writer through gateway+acceptance; no direct authority; sealed rollback stub; fail-closed) | Yes (#26/#27) | No | No | WRITER_FAIL_CLOSED gate. |
Findings
- Truth in PG: YES across all subsystems - authority is PG roles/ownership/constraints/FK/CHECK/functions/views/GRANT-REVOKE plus sealed hashed manifests. No app/UI/manual state affects eligibility.
- Enforcement PG-native: YES - NOLOGIN owner, REVOKE from Directus/PUBLIC, row-lock/epoch, session_user, generic interpreters (no embedded policy CASE).
- Behavior manifest/rule-driven: YES - sealed typed manifest rows drive generic engines; fact adapters return typed facts only.
- Directus cannot mutate authority after cutover: YES (doc 06). Pre-cutover Directus still owns authority, but readiness is BLOCKED until cutover - this is acknowledged and is the explicit reason FIX7b exists, not a leak.
The one blocking PG-native gap
K-1 The FK-authority ROOT (bootstrap code_catalog) is not shown to be PG-native-sealed (CP-03)
The PG-native-driven claim rests on "policy values are FK-bound sealed code-catalog rows." If the code_catalog tables are not owned by qt001_cp_owner, not sealed/append-only, and not REVOKEd from Directus/PUBLIC, then the authority that was moved out of CHECK literals now lives in a mutable table - i.e. it would be PG-hosted hardcode, not PG-native-driven. The package does not specify the catalog's DDL, ownership, seal, or write-ACL. This must be closed for the PG-native claim to hold at implementation grade.
Verdict
PG_NATIVE_DRIVEN_NEEDS_CORRECTION. Every subsystem is genuinely PG-first/native/driven in design; the single correction is to specify the bootstrap code_catalog with the same owner-only/sealed/REVOKEd rigor as the 27 children (CP-03), plus the shared threshold-seal (CP-05) and hash-determinism (CP-06) items. This is NOT PG_HOSTED_HARDCODE_RISK at the subsystem level - it is a root-specification gap.