docs(cluster): RFC-005 — server boots from cluster state (Phase 5 design)

The axiom-15 mode switch: omnigraph-server --cluster <dir> (mutually
exclusive with uri/--target/--config, zero omnigraph.yaml reads) serves the
APPLIED revision — graph set from state, query/policy content from the
content-addressed catalog at applied digests, cluster-scoped policy bundles
as the server-level Cedar engine. The load-bearing finding: state is not yet
serving-sufficient (policy applies_to bindings live only in cluster.yaml), so
slice 5A records binding metadata into the applied revision at apply time —
without it, boot-from-state silently becomes the merged read axiom 15
forbids. Fail-fast readiness table (missing state, pending sidecars, missing
blobs, unbound policies all refuse boot with remedies), the expose-all
mcp.expose bridge with its Phase 6 sunset, the operator migration path (exit
criterion 7), and 5A/5B/5C sequencing. The existing boot pipeline
(GraphStartupConfig -> registry -> routing/auth) is reused as-is — a new
source, not a new pipeline.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

docs/dev/cluster-config-implementation-spec.md

@@ -601,6 +601,10 @@ actor threading, 4A/4B/4C staging).
 
 ### Phase 5: Server Reads Cluster Catalog
 
+Detailed design: [rfc-005-server-cluster-boot.md](rfc-005-server-cluster-boot.md)
+(the --cluster mode switch, applied-revision serving, serving metadata in
+state, readiness table, migration path).
+
 - Allow server startup from cluster state.
 - Add status and catalog endpoints as needed.
 - Keep the current `omnigraph.yaml` startup path as compatibility mode — an