--- vault_clearance: KETER halo: classification: RESTRICTED confidence: HIGH front: "38_Project_FIREWALL — replication-progress decision log" custodian: "Jixiang Leng" created: 2026-05-03 wing: READY containment: "Operator IP-firewall decision narrative. Each replication SOLVED, each verification gate passed, each receipt-package created gets a worldline entry." --- # FIREWALL — Worldline Project decision log. Each major move (replication start, replication SOLVED with verification, accession added to BOOK, doctrine refinement, attorney consultation outcome) gets an entry. Format per entry: - **YYYY-MM-DD HH:MM (UTC) — Decision title.** Status. Notes. --- ## 2026-05-03 — Project initialization **Status:** SOLVED (project initialized). Operator instruction: > *"We have google SDKs and a thousand other things. Create project FIREWALL. And place the bounties. We have a lot more than that derived from those projects."* The trigger was the IP_FIREWALL_NIH_COHORT.md doctrine added to `37_Project_Sovereign/` earlier the same day (added by parallel Claude session), which identified the BT104+105+106 splicing thread as **fully NIH-tainted** because of its dependence on the NIH cohort BAMs (P1-P3/S1-S3 from Gorospe lab) and NIH-billed compute VMs. That doctrine blocked the VitaDAO proposal submission (SOV-X11) until the biomarker is replicated on public WI-38 senescence data via operator-personal compute. Operator's instruction expanded the scope from one thread to **the full vault inventory**, leveraging operator's existing personal cloud infrastructure (Google Cloud SDK, AWS, Azure, Anthropic / OpenAI / Gemini / Grok APIs, HuggingFace, Cellxgene, ENCODE, etc.) for the clean-room replication compute. This project was initialized with: - `.vault_ignored_reason.md` — KETER classification + gitignore reason - `.gitignore` updated with `38_Project_FIREWALL/` line ahead of file creation (per the post-DeadShape vault-guard policy: gitignore-FIRST) - `README.md` — project orientation + boundary (FIREWALL = execution layer; Sovereign = strategic infra; domain projects = science) - `HALO_FIREWALL_DOCTRINE.md` — what counts as NIH-tainted vs clean; verification protocol per output - `HALO_REPLICATION_TARGETS.md` — comprehensive inventory of NIH-tainted derivations across 8 source projects (35_TheHats, 28_RedFromTheGrave, 12_BloodyEchoes, 20_MarathonLament, 27_WingsAboveMorning, 34_DeadShape, 13_MemoryOfMind, plus LENG / Daemon as clean-tier reference) - `BOUNTY_BOARD.md` — 50+ bounties across 7 tiers (infrastructure setup, splicing thread, Recycler, BloodyEchoes, MarathonLament, audit-only, operator-action-only, continuous) - `HALO_PERSONAL_COMPUTE.md` — operator-personal compute infrastructure inventory + billing-isolation discipline + verification protocol - `BOOK.md` — public-data + reference + tools catalog - `WORLDLINE.md` — this file **Key architectural decisions:** 1. **Tier separation:** FIREWALL is the execution layer for clean-room replication. Sovereign is the strategic infrastructure layer (LLC chain, counsel, IP_FIREWALL_NIH_COHORT origin doctrine). Source domain projects own the science. FIREWALL stays operationally separate from all three. 2. **Doctrine of taint:** an output is NIH-tainted if data, compute, time-and-place, or indirect-derivation contamination applies. Clean = public-data + personal-compute + outside-duty-hours, all three holding. 3. **Verification protocol:** every replication output gets a 5-part receipt package (compute-isolation, data-source, tool-version, output, audit-trail) with OpenTimestamps anchor. Automated via `firewall_verify.py` (FW-I5). 4. **Highest-priority replications:** - FW-S3/S4/S5 (BT104+105+106 splicing thread on GSE226225 WI-38) — unblocks VitaDAO + senolytic-timing patent - FW-R5 (chitin-high persister-cancer panel on public NSCLC + GBM) — unblocks cancer-subtype consulting + parallel proposal - FW-B1 (UHRF1 -71% on GSE226225 + GSE150247) — unblocks BloodyEchoes anti-aging IP - FW-M3 (BT70 fossil-layer enrichment on public BAM atlas) — unblocks annotation-free methodology paper 5. **Aggregate budget:** ~$400-600 for highest-priority replications; ~$2,000-4,000 for full FIREWALL across all PENDING bounties. ~3-5 weeks operator time at moderate pace. 6. **Wet-lab dependency identified:** Phase 3B amphotericin B tri-culture data (28_RedFromTheGrave) is mentor-lab IP and cannot be replicated via public data. Treated as inheritable mentor-lab work; operator's clean-IP claim does NOT include those specific numbers. Mechanism preserved; specific tri-culture results retire. 7. **Clean-tier projects identified:** LENG (05) and Daemon (06) have no NIH dependency — both substantially developed pre-employment on operator-personal hardware. They serve as the foundational clean-tier credentialing assets without needing replication. **Implications:** - All Sovereign Tier-1 bounties dependent on splicing-thread IP (SOV-1b patent provisional, VitaDAO proposal, ASTERA essay if it cites BT104+105) become BLOCKED-on-FIREWALL. - FIREWALL FW-S11 (splicing-thread receipt package) unblocks SOV-1b + VitaDAO when SOLVED. - The operator's claim that "we have a lot more than that derived from those projects" is correct — the inventory in HALO_REPLICATION_TARGETS spans 8 source projects with ~50 distinct findings to audit/replicate. - "Google SDKs and a thousand other things" — the personal-compute infrastructure is well-resourced; constraint is operator-time + isolation-discipline, not capability. **Reversibility:** - Doctrine: zero-cost reversible. - Bounty board entries: revisable per session as more findings surface or audit results arrive. - Replication runs (once executed): not reversible per se, but produce permanent receipts that strengthen IP claim. Cleanups for failed runs = discard the receipt package, no impact. **Next decision points expected:** - **FW-I1**: operator creates personal GCP project. ~30 min operator time. Triggers infrastructure setup chain. - **FW-I2**: spin up FIREWALL VM. ~30 min operator time + spin-up wait. - **FW-S3/S4/S5**: first major replication run. ~3-5 days from clean start. - **FW-S11**: receipt package + cross-project Sovereign WORLDLINE entry. **This is the moment VitaDAO proposal submission unblocks.** Once FW-S11 lands, the Sovereign Tier-1 chain (LLC formation → IP assignment → patent provisional → preprint → external outreach) can proceed without IP-firewall risk on the splicing-thread material. --- ## Future entries Format: ``` ## YYYY-MM-DD HH:MM (UTC) — [Decision title] **Status:** [OPEN/IN-PROGRESS/SOLVED/DEFERRED] [Decision context: what bounty, what verification gate, what receipt was produced.] **Receipt package location:** [path or URL] **OpenTimestamps proof:** [.ots file path] **Cross-references:** [Sovereign WORLDLINE entry; source domain project HALO updates] **Next decision point expected:** [What event or date triggers the next entry?] ```