---
vault_clearance: KETER
halo:
  classification: RESTRICTED
  confidence: HIGH
  front: "38_Project_FIREWALL — IP-clean replication of NIH-touched vault derivations"
  custodian: "Jixiang Leng"
  created: 2026-05-03
  wing: READY
  containment: "Operator IP firewall. Inventory of NIH-tainted derivations + clean-room replication state. Gitignored. Discuss only with retained IP/corporate counsel + operator + AI seats inside this project."
---

# Project FIREWALL

## What this is

The operator's IP firewall. A dedicated project that:

1. **Inventories every NIH-tainted derivation** across the vault — where it sits, what made it tainted, what's downstream
2. **Tracks the clean-room replication state** for each tainted derivation — has it been re-derived on public data via operator-personal compute? what's the verification status?
3. **Houses the bounties** for outstanding replications + the personal-compute infrastructure they run on
4. **Maintains the doctrine** for what counts as "clean" vs "tainted" — the verification protocol that makes the replication legally defensible

This project is operationally separate from `37_Project_Sovereign` (strategic infrastructure) and from the domain projects (`35_TheHats`, `28_RedFromTheGrave`, `12_BloodyEchoes`, `20_MarathonLament`, `27_WingsAboveMorning`, `34_DeadShape`). FIREWALL is the **execution layer** that converts NIH-tainted vault outputs into LLC-ownable, commercially-deployable, patent-defensible IP.

## Why this exists

Operator is a Postbaccalaureate Researcher at NIH/NIA (Dr. Nan-Ping Peter Weng's lab at Baltimore Bayview campus). Per [37 CFR Part 501 (Executive Order 10096 codification)](https://www.ecfr.gov/current/title-37/chapter-IV/part-501), the federal government takes title to inventions made:

- During working hours, OR
- Using government resources, OR
- Directly related to employee duties

Government **may** take title for outside-of-duty inventions if there is "some Government contribution" or the invention is "directly related to duties" ([37 CFR § 501.6](https://old.govregs.com/regulations/expand/title37_chapterIV_part501_section501.6)).

**The vault contains a mix:**
- Work substantially developed BEFORE NIH employment (LENG / The_Resolved_Chord; Daemon; the Antenna framework foundations) — operator's clear ownership
- Work developed DURING NIH employment using lab cohort BAMs and NIH-funded GCP VMs (BT104+105+106 splicing thread; per-archetype tomography; cohort-bulk peak-and-release receipts) — **fully NIH-tainted**
- Work developed during NIH employment but on operator-personal hardware + outside duty hours, with no government data — defensible as personal IP but needs documented timeline
- Work developed during NIH employment incorporating mentor's lab data (Gorospe Seurat objects, tri-culture wet-lab results) — derivative; needs separate analysis per case

The IP_FIREWALL_NIH_COHORT.md doctrine in `37_Project_Sovereign/` (added 2026-05-03 by parallel Claude session) flagged this as the central blocker for VitaDAO submission. **This project operationalizes that doctrine across the entire vault.**

## The boundary

| In scope (FIREWALL tracks) | Out of scope (lives elsewhere) |
|---|---|
| What's NIH-tainted and what isn't | Strategic outreach (Sovereign) |
| Public-data accession lists for replication | Domain biology / physics findings (35_TheHats, 28_RedFromTheGrave, 27_WingsAboveMorning, 05_LENG) |
| Personal-compute infrastructure for clean re-derivation | LLC formation + legal counsel (Sovereign §E) |
| Per-bounty verification status | Track-record / vindicated predictions (Sovereign HALO_TRACK_RECORD_LEDGER) |
| OpenTimestamps anchoring of replication outputs | Patent provisional drafting (Sovereign + IP counsel) |
| Replication tooling (Docker / pinned versions / deterministic builds) | Patient cases / clinical work (27_WingsAboveMorning) |

## Routing

| Looking for… | Go here |
|---|---|
| The replication doctrine: what counts as "clean" vs "tainted" + verification protocol | [HALO_FIREWALL_DOCTRINE.md](HALO_FIREWALL_DOCTRINE.md) |
| Comprehensive inventory of NIH-tainted derivations across all source projects | [HALO_REPLICATION_TARGETS.md](HALO_REPLICATION_TARGETS.md) |
| Operator-personal compute infrastructure (Google Cloud, AWS, etc.) + billing isolation | [HALO_PERSONAL_COMPUTE.md](HALO_PERSONAL_COMPUTE.md) |
| Time-boxed bounties — every replication target with status | [BOUNTY_BOARD.md](BOUNTY_BOARD.md) |
| Public datasets catalog (GEO/SRA/ENCODE/etc.) | [BOOK.md](BOOK.md) |
| Project decision log | [WORLDLINE.md](WORLDLINE.md) |

## Hub & vault spine

- **This project:** [BOUNTY_BOARD.md](BOUNTY_BOARD.md) · [WORLDLINE.md](WORLDLINE.md) · **Ring #38**
- **Vault:** [Lab protocol](../README.md#lab-protocol) · [Vault bounty](../BOUNTY_BOARD.md) · [Vault worldline](../WORLDLINE.md)
- **Sister projects most relevant:**
  - [37 Sovereign](../37_Project_Sovereign/README.md) — strategic infrastructure (LLC chain, counsel, IP_FIREWALL_NIH_COHORT.md doctrine origin)
  - [35 TheHats](../35_Project_TheHats/README.md) — splicing thread (BT104+105+106, primary tainted target)
  - [28 RedFromTheGrave](../28_Project_RedFromTheGrave/README.md) — fungal cell / Recycler hypothesis (mixed taint)
  - [12 BloodyEchoes](../12_Project_BloodyEchoes/README.md) — UHRF1 / TE silencing (mixed taint)
  - [20 MarathonLament](../20_Project_MarathonLament/README.md) — annotation-free atlas / Ghosts of Transcript (uses lab BAMs, tainted)
  - [05 LENG](../05_Project_LENG/README.md) — physics (no NIH dependency; **clean** — included for completeness)
  - [06 Daemon](../06_Project_Daemon/README.md) — verification engine (operator-personal hardware; **clean**)

## How to use this project

1. **Read [HALO_FIREWALL_DOCTRINE.md](HALO_FIREWALL_DOCTRINE.md)** to absorb what makes a derivation tainted vs clean and the verification protocol.
2. **Read [HALO_REPLICATION_TARGETS.md](HALO_REPLICATION_TARGETS.md)** to see the inventory of what needs replication.
3. **Use [BOUNTY_BOARD.md](BOUNTY_BOARD.md)** as the action checklist. Each bounty has a verification gate — when it passes, mark `SOLVED` with date + receipt links.
4. **Log decisions in [WORLDLINE.md](WORLDLINE.md).** Every replication start, every verification pass, every cross-checked assumption gets a worldline entry.

## What this project is NOT

- **Not legal advice.** All bounties + verification protocols are research-strategist methodology. Final legal scope determination requires retained IP / corporate counsel.
- **Not the replication itself.** This project is the **plan + tracker**; the replication runs on operator-personal compute and produces outputs that get filed in the source domain projects' `replication/` subdirectories.
- **Not blocked on perfection.** Some replications can be completed in days; others (e.g., wet-lab tri-culture re-derivation) may require months or external collaborators. The inventory captures both.
- **Not a substitute for NIH OTT consultation.** For specific items, formal NIH OTT clearance may be the right path. FIREWALL bounties run in parallel; OTT path is tracked via `37_Sovereign/SOV-X1`.

## Provenance

Initialized 2026-05-03 by Claude (this session) at operator's direction:

> *"We have google SDKs and a thousand other things. Create project FIREWALL. And place the bounties. We have a lot more than that derived from those projects."*

The trigger was the IP_FIREWALL_NIH_COHORT.md doctrine added to `37_Project_Sovereign/` earlier the same day, which identified the BT104+105+106 splicing thread as fully NIH-tainted and blocked the VitaDAO proposal submission. Operator's instruction expanded the scope from one thread to the full vault inventory, leveraging operator's existing personal cloud infrastructure (Google Cloud SDK, AWS, etc.) for the clean-room replication compute.