• Two's complement thruout: no dedicated sign bit, no bias, unbroken number line; single sentinel exponent replaces IEEE's five special-case categories
• Escaped values (Exploded/Vanished) preserve sign and orientation beyond representable range; unlike IEEE ±∞ they continue participating in absolute operations, preserving the multiplicative identity a×b=0 iff a|b=0 that IEEE violates
• GPU kernels (HIP/WebGPU): division 2.24× faster than native f32 on RX 6800; single runtime-selectable datapath covers 16 precision combinations, ~48% smaller than an equivalent multi-width HardFloat instantiation

Measured on FPGA silicon via CE-gated self-test harness.

• VSF: content-addressed binary serialization with mandatory BLAKE3 provenance hash on every document, ed25519 signatures, EWE variable-width encoding with no ceiling, schema-free wire format, and native spectral colour support (AGB primaries)
• TOKEN: passless cryptographic identity with social key recovery, no central authority, and device fingerprint attestation; A=1 (authenticate once per device lifetime, never again)
• CLUTCH: twelve-layer post-quantum key exchange

• A=1: passwords prove nothing about identity, only that you know a secret. Photon authenticates once via social attestation (two humans who know you vouch in person), then never again
• Identity is hardware-bound: keys derived deterministically from device fingerprint, never stored; lose your devices and trusted contacts reconstruct your identity via key sharding
• Rolling-chain encryption: each message cryptographically depends on all previous messages, so deletion and editing break the chain, making tampering provably detectable for the first time in any messenger
• True P2P with no message servers means no legal vulnerability, no subpoena surface, no surveillance; FGTW DHT provides peer discovery without ICANN or certificate authorities

• Ring memory replaces page tables via two's complement wraparound and 2-instruction bounds checks; no TLB, no MMU page walks; continuous per-process offset rotation makes ROP impossible by construction
• Structural elimination, not mitigation: fork, signals, setuid, VFS, OOM killer, and ~340 of Linux's ~350 syscalls do not exist in the architecture, not sandboxed or patched around
• Five kernel responsibilities only: memory (rings + grants), scheduling, capability-gated IPC, boot (vault root scan), and interrupt routing; every driver is a restartable userspace process
• Killswitch-ready: hardware power cutoff, no software in the loop; vault root ring restores last committed state in 16 reads (O(log₂ 65536), BLAKE3-chained entries, dual UFS/SD mirror)
• Bare-metal verified on hardware: DWC3 USB controller, SD 4-bit block I/O, 72KB kernel hot-reload over Photon Transport in under 1s without fastboot

• Independent power domain: constant current sink makes power draw invariant to computation, eliminating shared-rail power analysis at the hardware level rather than managing it
• Asynchronous clock provably defeats timing correlation; pin probing and DPA attacks have no signal to lock onto
• Photonic isolation: EM barrier between secure and host domains makes passive and active correlation attacks structurally impossible within the non-photonic threat surface

• Per-process base and limit registers with no MMU, no TLB, no page table walks, and no broadcast TLB shootdown on context switch
• Invalid accesses return cipher output derived from a hardware-protected key and the accessed address, indistinguishable from valid data without the key; both paths execute unconditionally on every access, power signature identical for valid and invalid
• Context switch: one clock edge to update current_pid, making seL4's 300-cycle world-record irrelevant as a design constraint
• Toroidal address space under two's complement structurally eliminates the null pointer dereference class

• Spectral reflectance calibration across 350–1,100nm in 1nm steps using 29 base colourants and 14 pure colourants; 0.4 ΔE00 colour tolerance in production
• Chameleon software: FFT deconvolution locates bullseye fiducials, reads serialized Roundcode identity, corrects fisheye and vignette, computes Direct Scene-Referred (DSR) IDTs from spectral curves under any chosen illuminant
• Inverts the chromatic-adaptation paradigm by capturing scene spectra rather than RGB, enabling correct illuminant replacement and future-proof colour data as capture and display technologies evolve
• Field-hardened IP69K build with urethane-bound pigments and live UV/IR/fugitive wear indicators; ingests Adobe DNG, ARRI ARI, Cinema DNG, Canon, Nikon, Sony, Fuji, Hasselblad, Leaf, Mamiya, Pentax, Samsung, Olympus, Panasonic, and naked RAW

• Single-technician duplex fiber polarity and loss diagnosis without equipment at the end
• Colourblind-friendly 605nm / 515nm matched-luminosity LEDs with direct application to SFP link qualification, duplex A/B polarity, and multi-run identification