AIN-506 P0 Embedding Contract Gate Handoff
The build-time gate is green, non-live, and aligned with the production embedding lane.
The AIN-506 P0 gate proves the embedding contract and retrieval harness without calling Gemini. Paid Vertex embedding jobs are now allowed only when explicitly requested, while runtime embedding authority remains unpromoted until the production lane proves the next expansion step.
Status
The AIN-506 build-time embedding contract gate is implemented and passing locally on the VDS. The gate itself does not call Gemini. It validates the model decision, 768-dimensional schema, Pandera/Pydantic contracts, Parquet/DuckDB storage shape, exact-cosine retrieval harness, and runtime boundary flags.
Live embedding config is intentionally enabled for paid Vertex runs, but runtime embedding authority is not promoted by the P0 gate. The production embedding proof is tracked in docs/handoff/2026-06-12-production-semantic-embedding-milestone-handoff.md.
| Config | Value |
|---|---|
| Auth mode | vertex_adc |
| Vertex project | aina-495702 |
| Vertex location | us |
| Model | gemini-embedding-2 |
| Dimensions | 768 |
| Legacy Developer API route | disabled unless explicitly opted in |
| Secret handling | .env.local ignored, mode 600, no key values printed |
What Changed
- Added AIN-506 Pydantic contracts and Pandera dataframe schemas in
src/aina_data_engine/embedding_contracts.py. - Added exact-cosine retrieval harness and P0 gate receipt writer in
src/aina_data_engine/retrieval_quality.py. - Added Gemini embedding defaults to
EngineSettings, including Vertex ADC project/location and paid-project confirmation. - Added CLI command
ain-506-p0-gate. - Made
validateinclude the AIN-506 gate. - Added paired design docs in
docs/ain-506-embedding-data-contract.mdand.html. - Added secret-safe local env loading; receipts record only key presence, auth mode, project, and location.
Current P0 Proof
uv run aina-data-engine --root /srv/aina/aina-data-engine-room ain-506-p0-gate
| Receipt field | Value |
|---|---|
| Status | pass |
| Valid | true |
| gemini_api_key_present | true |
| auth_mode | vertex_adc |
| vertex_project | aina-495702 |
| vertex_location | us |
| live_api_enabled | true |
| paid_api_project_confirmed | true |
| live_embedding_jobs_allowed | true |
| runtime_embedding_authority_promoted | false |
| live_gemini_api_invoked | false |
live_embedding_jobs_allowed: true means Ali has authorized paid Vertex embedding jobs when explicitly requested. live_gemini_api_invoked: false means the P0 gate itself stayed non-live.
Related Production Embedding Proof
Current production embedding handoff:
docs/handoff/2026-06-12-production-semantic-embedding-milestone-handoff.mddocs/handoff/2026-06-12-production-semantic-embedding-milestone-handoff.html
| Production surface | Current proof |
|---|---|
| Clean semantic corpus chunks | 302,234 |
| Clean Gemini vectors retained | 9,353 |
| Old raw-market orphan vectors pruned | 647 |
| Top 1,000 ICP title vectors | 1,000 / 1,000 |
| Top 500 hardening vectors | 500 / 500 |
| Current cleanup model calls | 0 |
Validation Proof
uv run pytest tests/test_production_embeddings.py tests/test_embedding_contracts.py -q uv run ruff check src/aina_data_engine/production_embeddings.py src/aina_data_engine/cli.py tests/test_production_embeddings.py tests/test_embedding_contracts.py uv run aina-data-engine --root /srv/aina/aina-data-engine-room ain-506-p0-gate uv run aina-data-engine --root /srv/aina/aina-data-engine-room validate
| Check | Result |
|---|---|
| Focused tests | 15 passed |
| Ruff | All checks passed |
| AIN-506 P0 gate | pass |
| Full validation | pass |
Resume Commands
cd /srv/aina/aina-data-engine-room git status --short --branch uv run aina-data-engine --root /srv/aina/aina-data-engine-room ain-506-p0-gate uv run aina-data-engine --root /srv/aina/aina-data-engine-room validate
Use this gate as the non-live contract check, then make embedding expansion decisions from the production semantic embedding handoff.