T1-Max Review - Construction-Order Implementability
06 - SUPERTRACK F: Construction-Order Implementability (no-guess)
Lens: a future implementer must be able to execute S00-S19 without inferring any list, order, DDL, role, or grant.
Checks
| check | result |
|---|---|
| every step has exact input docs | PASS - each S-step cites its source (approved RP-03 order, doc 02 byte DDL, #20/#21/#26/#27, doc 06 guards) |
| every step has an unambiguous output artifact | PASS - DDL/DATA/seed/proof artifacts named per step |
| every precondition checkable | PASS - predecessor S-step + named guard greens |
| every no-go checkable | PASS - each S-step row has a concrete stop condition |
| every proof concrete | PASS - guard names, both-EXCEPT, recomputed hashes, #11 closure |
| every step marks author-only vs operator-gated | PASS - who column splits T1 (author/read-only) vs OP (LIVE/SEAL/ACTIVATE/REVOKE/FREEZE) |
| no "etc." for load-bearing objects | PASS-after-fix - S15/S16 no longer say "apply/writer"/"enumerated ...": both now reference the S00-captured complete legacy control-object set (MB-01) |
| no "as appropriate" | PASS - none found |
| no inferred list/order/DDL/role/grant | PASS-after-fix - the one inferred list (the neutralization/cutover target) is now a catalog-derived sealed set captured at S00, re-validated at PKG-D |
| every affected hash/readiness/rollback dependency named | PASS - regclass/regprocedure binding-order note (XHO-01); #20 before seal; rollback rows per step |
| S19 precondition correct | PASS - S18 (XHO-01); S19 cites the full 30-guard suite |
Finding (folded into MB-01)
The only genuine no-guess gap was the neutralization/cutover set being described by adjective
("apply/writer", "enumerated legacy ... control objects"). Fixed under MB-01: S00 now captures the
COMPLETE legacy control-object set (catalog-derived from pg_class/pg_proc), and S15 (neutralize),
S16 (cutover), and S17 (freeze) all reference that single captured set - so an implementer never has
to decide "which functions count." The set is the authority, derived live, not inferred.
Atomicity / coherence (Max-D, see doc 04)
S15 and S16 are now explicitly single atomic operator transactions with guard-verified end states and immediate stub/snapshot rollback, so a partial step cannot strand the system in a half-cutover state an implementer would have to reason about ad hoc.
Verdict
CONSTRUCTION_ORDER_IMPLEMENTABILITY_PASS_AFTER_FIX - S00-S19 are executable from named inputs to
named outputs with checkable preconditions/no-gos; the single inferred-list gap is closed by the
S00-captured catalog-derived set; nothing load-bearing is left to implementer judgment.