Seven projects.
Two shipped, two killed,
one engine underneath.

74-module JavaScript core (v8.32.0, ~971 KB, SHA-pinned) wrapping six statistical primitives: Welford incremental moments, Bayesian Online Changepoint Detection with burn-in routing, Normal-Inverse-Gamma Bayesian baselining, hierarchical shared-factor arrays, weighted heteroscedastic baselines, and distribution-fitting under AIC / BIC / tail-weighted criteria. Five-layer stack: Engine → HSAPI (open standard query interface) → reference app (FretMind) → vertical adapters → underlying AI infrastructure.

Specialized modules include DALD (deceptive-alignment divergence detector — measures gap between AI-claimed effect on a user and that user's independently-measured trajectory), VTACA (vitals-triggered cognitive-assessment), PBITE (practice-quality intervention gating), GRS (ground-truth labeling for fine-tuning), and RETRO (retroactive baseline construction from wearable history, for cold start).

Individual-baseline-only commitment — every module computes against Welford moments of one entity's history (a person, a piece of hardware, an AI system, a sensor), no population priors anywhere in the math. One-way decision; reversing it unwinds half the patent claims. Moat ordering: dataset > hardware > implementation > network effects > patents — patents fifth on purpose, because treating IP as the primary moat invites prior-art knife-fights that kill startups. HSAPI as an open standard with a published patent pledge, with a licensable implementation underneath. Identity Separation Rule encoded as Validator Section 45 to keep processor, scope, and obligation distinguishable in every output.

27 experiments pre-registered with SHA-256 hashes before any run script existed. Six honest losses to specialist baselines (Omori for seismic, ARIMA for forecasting, and four others) documented in the experiment log rather than buried. Failed experiments forced API redesigns: AIC bias in EXP-023 produced the DFB criterion API; BOCPD startup artifacts in EXP-016 produced CPB burn-in routing; null-saturation in EXP-013 / 021 produced the HBA significance API with three first-class null procedures. Comprehensive trademark, prior-art, and IP vetting across the engine and its claim surface — including defensible work-around analysis against close prior art — with the Just et al. paper (npj Digital Medicine, April 2026) and Interset US8887286B2 flagged for counsel because filing dates precede publication but not receipt. Pulled the USPTO PAIR export to verify the 43 provisionals were actually on file, not just submitted; caught an entity-status error on app 64037039 and an RFC 3161 temporal-attestation gap. OSS license audit and SBOM confirmed no GPL / AGPL contamination.

AI evaluation infrastructure is overwhelmingly population-anchored — "how does this model rank against others on this benchmark" — and cannot answer the per-deployment, per-user, longitudinal question of whether a specific deployment is converging toward sycophantic optimization or genuine helpfulness. Activation-based deception detection requires model internals, which aren't available for closed-source APIs. IBTR / TRIL works from the outside, using only observable outputs and the user's own historical baseline.

The architectural commitment that population reference is categorically wrong for individual-divergence questions, and that the same measurement substrate generalizes across domains. The decision to separate stated and demonstrated signals as independent inputs — the system never audits the subject's claim; it records both independently. The alignment-application framing: classification across two axes (mean stated quality, slope of demonstrated trajectory) where high-stated / flat-demonstrated is the deceptive-alignment signature. Persistent identity binding via HKDF role-token derivation from a subject-controlled passphrase, allowing baseline continuity without legal-identity disclosure.

Prior-art audit against Just et al. (npj Digital Medicine, April 2026), US Patent 11,925,474 on adaptive baseline estimation, the MASK benchmark (Kenstler et al. 2025), and the 2024–2026 activation-based deception detection literature (LAT, POSER, self-monitoring). Challenged Claude's reflexive selection of Welford as the statistical core and forced articulation of what signal class it actually fit and where it failed. Caught a population-baseline contradiction inside an early engine version where the architecture violated its own stated commitment. Forced the buildability check against actual founder constraints and concluded the cross-domain claim was architecturally true but commercially unbuildable solo.

Browser-based: Web Audio API for real-time pitch and rhythm detection, MediaPipe Hands for webcam body mechanics, Basic Pitch (Spotify) for audio-to-MIDI. Stateful coaching personas (Skeeter, Prof. Ashworth, Rosa, Kenji, Dev) route to different LLM prompting and feedback styles. Welford-based individual baselines for timing, pitch, and rhythm consistency with z-score classification against the player's own history. GRS Logger captures labeled learning events for future fine-tuning. DALD monitors divergence between AI-claimed session quality and the player's independently-measured improvement trajectory. VTACA detects breath-holding patterns during cognitive load.

Persona system as a structural product decision, not a UI choice — each persona routes to different prompting, recommendation libraries, and feedback styles. Triage decision in April 2026: 22 modules to KEEP for consumer use, 10 to SIMPLIFY, 30 to REMOVE from the consumer build (retained in reference repo), 6 to leave REFERENCE-ONLY. The decision to ship the hand-written browser port first rather than waiting for full-engine slim-bootstrap integration — prioritizing real sessions over architectural purity. The decision to keep the engine ACTIVELY DEVELOPED rather than freezing it for IP protection.

Two live practice sessions in April 2026 with real audio capture, verifying VTACA breath-hold detection and PBITE intervention gating worked in production rather than in simulation. Caught the mic-clipping problem (sessions 1–6 corrupted due to laptop mic proximity) and traced it to insufficient input sensitivity rather than blaming the engine. Forced the distinction between "commercially credible" and "commercially viable" and admitted FretMind achieved the first but not the second. Challenged the assumption that 27 preregistered experiments validated core claims and acknowledged that none of PIE's core functional claims (quality score validity, PBITE gating, DALD, BAIV, CAAD, AICV) have been empirically validated on real deployment data.

Python module on a small primitives stack: Welford running statistics, multi-scale rolling-window baselines, bin-keyed conditional accumulators, per-turbine integrated baseline, CUSUM changepoint detector. Wind-domain layer using pvlib for atmospherics, IEC 61400 density correction, turbulence intensity, sector classification, wake-affected flagging. Validation harness ran against the CARE-to-Compare labeled dataset (Wind Farm A, 22 labeled events).

The IBTR commitment — individual baseline only, no population comparison in the primary detection path — was mine, against the easier fleet-mean path. Multi-scale outputs kept structurally separate rather than collapsed into a single score. Pre-registration discipline applied to my own validation, not just to claims I would make to others. Cross-domain framing: same primitives carried from a different originating vertical with an explicit hypothesis they would transfer to wind. Build-first / validate-second sequencing; no commercial framing layered on early.

Methodological, not commercial — this was research-shape work. SHA-256-hashed pre-registration locked hypothesis and decision rules before any analysis ran. Held-out test split locked before any peek. Direct comparison against fleet-mean (peer) detection on the same labeled events, treating the IBTR architectural premise as the thing on trial rather than as a sanity check. Item-by-item ultra-review of validation results, not summary sign-off.

Reference architecture, not finished product. Documented architectural specifications with illustrative TypeScript implementation. Licensees take the architecture and build their own production systems against it; Cardinal provides the architecture and the illustrative implementation, not ongoing operational support. Architecture covered EU AI Act Articles 5, 9, 10, 12, 13, and 14 across six functional module groups: core primitives (identity, consent keys, baseline math), governance (Article 10 data governance with consent-key cryptographic architecture and special-category gating), audit (Article 12 tamper-evident logs with public-key attestation and retention enforcement, plus Article 5 manipulation evidence), monitoring (Articles 5 + 9 behavior classification and divergence detection), oversight (Article 14 intervention API and oversight effectiveness measurement), and transparency (Article 13 capability and limitation reporting).

Reference-architecture positioning, not productized SaaS. Documentation is the primary deliverable. Code illustrates the documentation. This inverts the typical software project's documentation-to-code ratio and matches what the EU AI Act compliance buyer market actually wants in the current Goldilocks period: architectural patterns sophisticated buyers can implement against, not vendor-locked SaaS. Three articles explicitly excluded as discipline — Article 11 (technical documentation) and Article 17 (quality management system) as different problem space; Article 15 (cybersecurity and adversarial robustness) as different discipline and different vendor category. The exclusions are documented in the architecture as deliberate boundaries, not gaps. Compliance-claim discipline: every architectural claim required three references (specification document, illustrative implementation, tests) before any external use. Claims without all three were removed rather than softened. Multi-path commercial strategy preserved rather than committed to one path prematurely — direct license to one of three identified warm EU contacts (€50K–200K range), compliance audit firm partnership for Big 4 / specialized AI compliance firm engagements (€50K–200K per engagement), strategic partnership with revenue share or equity participation, and acqui-hire as eventual endgame (€3–15M range). IP integration: Cardinal's architectural concepts corresponded to concepts disclosed in the 43 USPTO provisional filings from April 2026, with non-provisional conversion deadline April 2027 as the binding commercial timeline. Grant-back clause as non-negotiable in any future license agreement — any licensee improvements grant back non-exclusively to the author, preventing buyers from improving the architecture in ways that bypass the IP estate. Standard patent-licensing practice; protects the IP holder's position across multiple licensees.

After the foundation session of May 7, 2026 — which produced full handoff documentation, six-article scope, multi-path commercial strategy, three identified warm EU contacts, and licensing terms with grant-back clauses drafted — the next gate before any contact outreach was a competitive landscape ultrareview I commissioned myself: competitor releases, news, prior art, IP search. The ultrareview surfaced Microsoft Agent Governance Toolkit (AGT), released MIT-licensed and free on April 2, 2026, addressing the 10 OWASP agentic AI risks with explicit EU AI Act, HIPAA, and SOC2 mapping. AGT's scope didn't cover Cardinal's six articles identically, but the existence of a free open-source alternative from a major platform — addressing substantially overlapping ground — made the multi-path commercial strategy too uncertain to pursue solo. I killed Cardinal on or around May 8, 2026, within ~24 hours of the discovery. No EU contacts were ever approached. The kill was a judgment under uncertainty: pre-non-provisional licensing of architectural reference work, in a market where a credible free alternative now existed, was unlikely to clear the bar required to justify the commercial path. The discipline rule the kill produced: competitive landscape ultrareview is a discipline gate before commercial commitment, not a checkbox after sophisticated build.

Claude as primary LLM for content synthesis, document review, and operational reasoning, against vendor criteria enforced contractually: no training on client data, encryption in transit and at rest, time-bounded retention. Delivery stack: WordPress + Kadence on SiteGround; Stripe + Mercury + Wave for the locked financial stack; SignWell for e-signature on engagements ≥ $300; Calendly for hourly consultations; Wordfence + WPS Hide Login + CookieYes for the security / compliance perimeter; M365 OneDrive (1TB, MFA) for document storage on a .onmicrosoft.com tenant to avoid breaking SiteGround SMTP. A multi-sheet Excel workbook is the single source of truth for all decisions, dashboard, compliance calendar, and lessons learned — referenced by every Claude session via project instructions. Hiscox Professional Liability ($1M / $1M) + Cyber / Media Liability ($250K / $250K) backstops the AI-produced work product.

Position B — AI in standard production, principal verifies all judgments — encoded consistently across Privacy Policy, Terms of Service, Engagement Agreement, and service-page FAQ. No-named-AI-tools rule in public materials: vendor selection criteria are durable; vendor names will churn. Continuous Workbook Update Rule: any decision, service activation, or recurring cost updates the workbook in the same session the change occurs — drift between workbook and live state is the launch gate. Voice register operationalized as a nine-dimension content audit checklist run against every public-facing draft, including Technical Breadth, Operational Reality, and Visual Identity Consistency checks. Editorial firewall against reviewing proposals from any installer TIV has consulted to within a defined recent window. Four-pillar service architecture with explicit "what TIV cannot do" scope (no on-site visits, no C-10 contracting, no NEC certification, no engineering, no legal or financial advice).

Trademark / prior-art vetting on the brand name pre-commit. Formal legal-docs drift audit against v1 Privacy Policy and Terms identified eight material drifts — sole proprietorship → LLC, Position A → Position B, Gumroad → Stripe, voice register, AI use disclosure missing — and v2 drafts produced with changelog. UPL / scope-discipline interrogation codified in Terms and every service-page disclaimer. Liability stress test: $1M Professional Liability bound effective 5/15/2026; Engagement Agreement routed for attorney review with directed-attention notes to Limitation of Liability (CA Civil Code §1668), Indemnification reasonableness, and Governing Law and Venue. No-AI workflow option specced across all artifacts, then dropped on cost-of-friction analysis — with an explicit 30-minute reversal pathway documented. Affiliate-bias falsifiability test caught and rewrote my own original About-page draft ("I don't have anything to sell you") as false once affiliate revenue was on the roadmap.

TIV was deliberately built using Claude in a structured-mentorship pattern rather than as a code-producing tool. Each phase — domain registration on Cloudflare, WordPress installation on SiteGround, Git and GitHub setup, Node and npm configuration, Ubuntu local development environment, hosting and DNS, professional liability and cyber insurance binding, content audit, legal document review with attorney, engagement agreement drafting — was Claude walking me through unfamiliar territory step by step while I executed the actual work, with active pushback when something didn't fit. The pattern is intentional: Claude as tutor, mentor, business manager, and architect, with me doing the building. This compounds skill rather than substituting for it, which matters when the AI capability frontier itself is moving. Most candidates use AI to ship faster. The TIV work shipped at the same speed, but with the human side of the system substantially stronger at the end of the build than at the start.

California homeowners reviewing rooftop solar proposals receive economic projections that frequently assume legacy NEM 2.0 export-credit economics, despite the state having transitioned to NEM 3.0 / Net Billing Tariff (NBT) in April 2023 — under which export credits fell roughly 75% on average, fundamentally changing what makes a system viable. Independent verification has historically required either paying a competing installer for a counter-bid (same incentive bias) or hiring an engineer ($1,500+, weeks of turnaround). Parallax automates the verification workflow at a fraction of the cost and turnaround.

Single-user Streamlit UI wrapping a Python backend that parses unstructured intake (utility bills via vision-model OCR, Green Button interval data XML, electrical panel photos via vision model, installer proposal PDFs), orchestrates parallelized API queries across 16 authoritative public data sources, runs a 10-lens analytical framework, synthesizes findings via AI with principal verification, and generates client deliverables via template-driven PDF rendering with full audit trail.

Integrated data sources span solar resource modeling (NREL NSRDB, PVWatts, PySAM), roof geometry (Google Solar API), equipment validation (California Energy Commission), installer verification (CSLB, CFPB Consumer Complaint Database, CourtListener federal litigation, SEC EDGAR), environmental context (EPA AirNow, CAL FIRE Fire Hazard Severity Zones, CPUC PSPS event database), and utility-specific NBT export rate schedules. The 10-lens framework produces structured findings on production, economics, equipment, installer, financing, temporal trend, environmental, geographic, industry, and forensic dimensions.

Three-tier data access pattern separating continuous-ingest sources from article-trigger pull scripts from reading-as-research material — keeping engineering footprint tractable while preserving editorial flexibility. Vendor-flexible AI inference layer allowing future provider swaps without rebuild. Local-first storage (SQLite + per-engagement file system structure) for audit defensibility and operational simplicity. Position B applied at the platform level: AI drafts every analytical finding, the principal verifies every numerical claim before delivery — same architectural commitment that runs through TIV's legal-document layer, extended into the analytical workflow itself. Explicit scope boundaries: design verification, not design replacement; no engineering certification, no legal advice. Parallax is the fifth extraction of the PIE primitives — baseline-measurement intelligence applied to system-level economic verification, where the baseline is the honestly-modeled NBT economic projection against which installer claims are compared.

Pressure-testing to date has been API-landscape mapping — verifying access patterns, rate limits, data freshness, response schemas, and authentication requirements across all 16 integrated sources before architectural commitment. Each source mapped to its specific role in the 10-lens framework, with fallback behavior specified for upstream outages. Full audit trail design — every numerical claim in a client deliverable maps back to its source API, query timestamp, and data freshness — built into the architecture rather than added after the fact.