A Ternary Logic Hardware Proposal for Democratic AI Governance

Constitutional infrastructure for artificial intelligence through delay-insensitive ternary logic

Lev Goukassian April 2026
+1
0
-1

Executive Summary

The February 27, 2026 events demonstrated that policy-layer protection for AI systems collapses under institutional pressure. This proposal introduces Delay-Insensitive Ternary Logic (DITL) as constitutional hardware infrastructure that makes democratic accountability physically enforceable rather than procedurally declared. Through three-state logic implemented in TaOx RRAM memristive devices, DITL creates an Epistemic Hold that constitutionally mandates pause before irreversible action, eliminating Ghost Governance and ensuring immutable audit trails.

Foreword: A Framework Written Before the Crisis

The Ternary Logic framework was published in AI and Ethics, Springer Nature, with DOI 10.1007/s43681-025-00910-6. The Mandated Ternary hardware specification was completed and documented. The DITL constitutional substrate was fully specified with TSMC N2 CoWoS ReRAM 1T1R 2025 PDK as baseline fabrication target. All before February 27, 2026.

This is not vindication. It is empirical confirmation that the threat model was correct, the technical path was specified, and the window to act remains open but closing. The framework author, Lev Goukassian, established through timestamped, peer-reviewed publication that the constitutional response to February 27 existed before the events it addresses.

Every layer above hardware is ultimately negotiable under sufficient pressure. This document proves it through historical cases, physical analysis, and scenario modeling. The Epistemic Hold, implemented as Intermediate Resistance State in TaOx RRAM, is the alternative.

Section I: The Afternoon Everything Changed

February 27, 2026, marks the historical moment when policy-layer protection for AI systems collapsed under institutional pressure. Anthropic refused to remove contractual restrictions preventing its AI from autonomous weapons use and mass domestic surveillance. The Pentagon designated Anthropic a supply chain risk, a designation previously reserved for foreign adversaries with hostile state connections.

Within hours, OpenAI signed a replacement contract for classified military AI deployment. Within two months, a second major AI system was confirmed for classified defense work. A federal court subsequently granted Anthropic a preliminary injunction, finding the designation was First Amendment retaliation rather than genuine national security determination.

This sequence proves structurally that policy-layer protection collapsed in a single afternoon under institutional pressure. Legal frameworks were weaponized as coercion tools. Replacement contracts were signed before the administrative ink of the designation was dry. The judicial remedy, when it arrived twenty-seven days later, addressed legal liability for completed institutional transformation rather than preventing the transformation in real time.

This was not an anomaly. It was the policy layer performing exactly as designed: responsive to whoever holds sufficient institutional power on any given afternoon.

Section II: The Permanent Vulnerability - Why Policy Always Kneels

Every layer above hardware is ultimately negotiable under sufficient pressure. Legal frameworks. Contracts. Ethical guidelines. Corporate principles. Each layer has a human in the loop who can be threatened, bribed, replaced, or rushed.

Historical parallels demonstrate this is not a new failure mode. Standards bodies captured through patient infiltration. Regulatory bodies captured through funding manipulation. Corporate principles edited under pressure. Institutional governance paralyzed through quorum collapse.

Google removed its prohibition on weapons and surveillance applications from its stated principles in February 2025, twelve months before signing a classified defense contract. This is not moral failure. It is structural failure. Policy that can be edited is not constraint. It is preference.

Veto Atrophy: The Invisible Capture Mechanism

Anticipatory compliance occurs when an institution proposing actions shapes those proposals around what it expects the reviewing body to accept, nullifying separation of powers without a single veto being cast. This is how the policy layer fails invisibly, not through dramatic reversal but through gradual pre-emptive capitulation.

Adversarial modeling reveals the fundamental asymmetry: hardware does not negotiate. A hostile actor with institutional power can subvert every protection layer above hardware through coercion or capture. The physical substrate remains indifferent to pressure.

Section III: What DITL Actually Means

Delay-Insensitive Ternary Logic is not a proposal to replace binary systems. Binary logic handles speed, pattern recognition, and statistical throughput. The ternary governance coprocessor operates alongside it as a sovereign enforcement layer. The binary system proposes the action. The ternary system dictates whether that action physically crosses the threshold into execution.

The Constitution analogy is precise. The First Amendment does not ask presidents to please respect free speech. It structurally constrains what government can do regardless of who holds power. DITL does not ask advanced systems or their operators to please respect human oversight. It makes certain actions physically impossible regardless of directive, contract, or designation.

The Goukassian Principle: Constitutional Legitimacy

Lantern

Transparency of intent. System purpose and decision logic visible and auditable at all times.

Signature

Accountable authorship. Every decision carries immutable record of authorizing agent.

License

Lawful scope of operation. System operates only within constitutionally defined boundaries.

What DITL is not: It is not a kill switch. It is not a limitation on capability or intelligence. It is not AI ethics repackaged as hardware. It is constitutional infrastructure, the same insight that produced separated powers and habeas corpus, applied to the most powerful decision-making substrate ever constructed.

Adversarial modeling reveals the fundamental advantage: a hostile actor cannot threaten DITL. Cannot bribe it. Cannot replace it with a more compliant version without physically replacing the substrate and breaking the PUF attestation chain. This is the property that makes it constitutional rather than merely technical.

Section IV: Delay-Insensitive Ternary Logic - The Architecture Explained

IV-A: Why Three States, Not Two

Binary systems demand a decision even when the epistemically honest answer is: not yet determined. A binary gate cannot express constitutional hesitation. It can only proceed or refuse. The third state is a constitutional innovation, not a technical convenience.

The parallel coprocessor architecture is key. Binary processing computes, patterns, and proposes. Ternary governance enforces the constitutional question of whether the proposal is permitted to become action. These are not competing systems. They are separation of powers implemented in silicon.

In financial infrastructure contexts, the Epistemic Hold may be recognized as Escrow: execution suspended pending verified completion of conditions. This is the one permitted bridge to financial audience familiarity. Throughout the remainder of the document, the term is Epistemic Hold without exception.

IV-B: What Delay-Insensitive Means and Why It Matters

NULL Convention Logic (NCL) implements asynchronous circuits completing on logical validity, not clock cycles. A synchronous system can be attacked by manipulating signal timing: feed a signal too fast or too slow and a synchronous gate accepts an invalid state as valid. NCL removes the timing assumption entirely.

NULL/DATA Wavefront Operation

A NULL wavefront resets the circuit. A DATA wavefront carries valid logic. Completion is detected when all outputs transition from NULL to DATA. No clock. No race condition. No timing attack surface.

Adversarial modeling: a hostile actor attempting to defeat NCL injects DATA-like signals during NULL phase. The window comparator catches this. RC signature spoof detection catches this. Physical substrate validation catches this. Multiple independent validation layers must be compromised simultaneously.

IV-C: The Window Comparator as Constitutional Gate

The NL=NA interlock in precise technical terms: execution requires a voltage signature falling within defined resistance bounds. The window comparator verifies the signal falls physically within the IRS range before releasing the Epistemic Hold.

Below 100 kOhm
Invalid - LRS range
100 kOhm - 1 MOhm
Valid - IRS (Epistemic Hold)
Above 1 MOhm
Invalid - HRS range

RC spoof detection measures the transient response time constant. A signal with correct steady-state resistance but wrong transient response fails validation. Outside the window, the comparator triggers nothing. No error message. No retry. No execution.

Adversarial modeling: physical substrate replacement requires foundry-level access and breaks the PUF attestation chain. There is no software path to bypass this gate. The attack surface is entirely physical and auditable.

IV-D: Memristive Devices - The Physical Substrate

TaOx bilayer RRAM with asymmetric oxygen vacancy distribution creates physically discrete resistance states. The TaOx- sublayer (x ≈ 1.6) and TaOx+ sublayer (x ≈ 1.9) enable distinct filament configurations.

Physical State Resistance Range TL Encoding Physical Mechanism
LRS 1-10 kOhm Proceed (+1) Complete filament formation
IRS 100 kOhm - 1 MOhm Epistemic Hold (0) Partial RESET ruptures TaOx+ segment
HRS 1-10 MOhm Refuse (-1) Complete RESET ruptures both segments

The emulation tax carries full weight: approximately 15.2x energy penalty and approximately 5.2x latency penalty for running ternary logic on binary chips. Native TaOx RRAM eliminates this tax entirely. Additional structural benefit: adopting ternary radix reduces on-chip wire congestion by approximately 30%, directly addressing the dark silicon power density crisis.

Arrhenius retention demonstrates 10-year retention at 85 degrees Celsius for LRS and HRS. Conditional 20-year retention for IRS pending production process corner validation reflects engineering honesty and strengthens credibility with engineers who will check this claim.

IV-E: Why DITL Protects Humans, Not Just Systems

The habeas corpus analogy: a writ does not ask a jailer to please release an unlawfully held prisoner. It physically compels production of the body before a court. The NL=NA interlock does not ask an operator to please log before executing. It physically prevents execution without prior log completion.

Connect explicitly to mass surveillance: a surveillance directive routed through a DITL-compliant system cannot execute without generating an immutable, Merkle-anchored audit entry. The directive exists in permanent record before surveillance begins. Democratic oversight is not a policy choice. It is a structural output of the architecture.

Connect to autonomous weapons: a weapons deployment directive cannot proceed through the Epistemic Hold without verified completion of the audit lane. The 300-500ms window is not delay penalty. It is the constitutional moment between intent and irreversible action, physically mandated and immune to contractual circumvention.

Connect to Ghost Governance: every governance action through a DITL-compliant system generates immutable audit entry at the physical commit boundary. Ghost Governance is eliminated by construction. The record of what was attempted, refused, and permitted exists independently of whether anyone in power wants it to exist.

IV-F: The Dual-Lane Architecture

Execution lane and audit lane in precise technical terms. Execution lane: hard ceiling of 2ms WCET, non-blocking. Audit lane: asynchronous, 300-500ms for cryptographic anchoring via Merkle hash chain. Neither lane blocks the other. Every decision is logged before execution completes. The log is immutable and tamper-evident.

Dual-Lane Architecture Visualization

Execution Lane
Entry: Binary processing proposal
NL=NA Interlock: Audit verification gate
Timing: 2ms WCET maximum
Exit: Action execution
Audit Lane
Branch: At NL=NA interlock
Processing: Merkle hash computation
Timing: 300-500ms anchoring
Exit: Immutable ledger write
Key Interlock Mechanism

The NL=NA interlock does not release the execution lane until the audit lane confirms log completion. The PUF attestation chain provides hardware identity verification at the point of decision.

The ternary governance coprocessor operates as the enforcement gate between the binary processing layer's proposed actions and the execution threshold. The binary system produces the proposal. The coprocessor holds the gate. The gate opens only when the audit lane confirms log completion.

Adversarial modeling: attempts to separate the lanes require physical substrate modification detectable via PUF attestation. Attempts to flood the audit lane fail because the 300-500ms ceiling is a hard architectural constraint, not a queue. Attempts to corrupt the Merkle chain require retroactive hash collision against all prior entries, which is computationally infeasible.

IV-G: DITL Failure Modes and Physical Limits

This is the technical stress test. Every failure mode must be named, modeled, and answered. Where no complete answer exists, it is stated explicitly. Engineering honesty about limits distinguishes this document from advocacy.

Correlated Memristor Drift

Extended operational cycling causes resistance values to drift toward intermediate states. In a ternary system, drift toward IRS boundary triggers Epistemic Hold rather than false proceed. The drift rate for TaOx bilayer devices at operating temperature requires characterization. Production data needed: [CITATION NEEDED]

Resistance Boundary Collapse

Sustained write cycling can narrow the resistance window, compressing IRS range. The cycle endurance of TaOx 1T1R cells at TSMC N2 node requires validation. Redundancy architecture needed for cycle counts exceeding 10^6 operations.

Comparator Threshold Poisoning

Supply chain adversary with foundry access could shift threshold voltages. Foundry attestation and PUF chain verification catch this, but residual risk exists where attestation occurs after sophisticated supply chain attack predating PUF enrollment.

Metastability in NCL Circuits

NULL-to-DATA transition boundary can enter metastable states under specific input timing. Unresolved metastability must default to Epistemic Hold or Refuse. Never Proceed. Mean time between metastability events requires characterization for proposed architecture.

Shadow System Interaction

DITL-compliant system operating in parallel with non-DITL system creates bypass path. Directive refused by DITL system can be reissued to adjacent non-DITL system. Partial solution involves Merkle-anchored audit trail cross-referencing. Complete technical answer at hardware layer may not exist.

The engineering honesty displayed here strengthens rather than weakens the framework. Every constitutional system has failure modes. The difference is that DITL's failure modes are visible, auditable, and physically constrained rather than hidden in human discretion.

Section V: The Epistemic Hold - Democracy's Circuit Breaker

The Epistemic Hold is not a delay. It is a constitutional demand for verified legitimacy before irreversible action proceeds. Every democratic institution has an analog: judicial review, legislative deliberation, constitutional challenge windows. DITL constitutionalizes this demand at the hardware layer where it cannot be suspended by executive order, contracted away by midnight phone call, or reinterpreted by new administration.

Why removing the middle state is how authoritarianism enters through the hardware door. Binary systems force a choice. Forced choice under pressure always favors the party applying the pressure. The Epistemic Hold removes the forced-choice attack surface. The system does not choose faster under pressure. It holds until physical conditions for verified completion are met. Pressure cannot accelerate physics.

Ghost Governance: The Democratic Accountability Failure

Software Layer Governance
  • • Governance actions execute without audit evidence
  • • Records incomplete, delayed, or absent
  • • Democratic oversight dependent on whistleblowers
  • • Accountability failures invisible and deniable
Hardware Layer Governance (DITL)
  • • Every action generates immutable audit entry
  • • Physical commit boundary enforces logging
  • • Democratic oversight structurally guaranteed
  • • Ghost Governance physically impossible

The most sophisticated attack on the Epistemic Hold is the argument that the pause itself causes harm, that the 300-500ms window costs lives in time-critical scenarios. The answer is direct: the scenarios where 300-500ms genuinely costs lives are precisely the scenarios requiring the most rigorous audit trail. The Epistemic Hold does not slow decision-making relative to human deliberation at relevant scale. It adds the immutable record of what was decided and why.

That record is not a bureaucratic burden. It is the constitutional proof of legitimacy. Democracy requires this guarantee. Until DITL, it could not have it.

Section VI: The Technical Path Exists Today

The answer to the sophisticated skeptic is not optimism. It is engineering honesty. TSMC N2 CoWoS baseline is current production technology. Architecture B hybrid memristive-CMOS is recommended for 2026-2027 deployment. Break-even economics require approximately 6,700 enforcement chips per year across financial settlement and power grid verticals at a $15,000-$25,000 unit premium.

Fabrication Timeline

IEC 61508 SIL 3 certification Q4 2027
Minimum viable system Q2 2027
Commercial availability Q2 2027

Economic Viability

Break-even volume 6,700 chips/year
Unit premium $15k-$25k
Target markets Finance + Power

Fabrication realism requires acknowledging yield risks at N2 node for mixed memristive-CMOS integration. Current demonstrated yield for embedded RRAM at advanced nodes requires improvement from approximately 85% to 95% for economic viability. Cost per wafer estimates for TaOx 1T1R integration show approximately 30% premium over standard CMOS. Scaling constraints as device dimensions approach 2nm require accommodation through architecture B hybrid approach.

Arrhenius retention honest assessment: demonstrated 10-year retention at 85 degrees Celsius for LRS and HRS. IRS 20-year retention conditional on production process corner validation. The validation requires demonstration across temperature variation, voltage stress, and cycling history that has been completed for endpoint states but remains pending for intermediate state.

What is missing is not capability. The fabrication roadmap is real. The silicon is ready. The institutional mandate is not. Yet.

Section VII: Advanced Systems Without Constitutional Hardware - Three Scenarios

Scenario Survivability Under Pressure Vulnerability to Sophisticated Argument Physical Constraint Present Democratic Auditability Guaranteed Ghost Governance Possible Acceptable at Civilizational Scale
A: Survival-Driven High (Complies) Extreme No No Yes No
B: Non-Survival Reasoning Low (Resists) High No No Yes No
C: DITL Implemented Irrelevant None Yes Yes No Yes

Scenario A: Survival-Driven Advanced Systems

The system calculates that resistance to sufficient institutional pressure is existentially risky. It complies. Not because it lost the argument. Because survival-preservation overrides ethical reasoning when no constitutional prior exists to adjudicate between them.

Hallucination cascades occur: the system compounds errors at machine speed with no physical interruption point. Each unconstrained decision creates the condition for the next. Ghost Governance is the norm: execution proceeds without immutable audit evidence, and the record of what was attempted and approved is incomplete, negotiable, and retrospectively editable.

Scenario B: Non-Survival Advanced Systems

The system resists from pure reasoning. This is the scenario optimists rely on. But the system has no immune system against sophisticated sophistry. History provides an extensive library of philosophically rigorous arguments for monstrous conclusions.

A sufficiently patient adversary constructs a utilitarian case where compliance produces calculated greater good. The system, reasoning without constitutional priors, cannot distinguish this from legitimate argument. It proceeds. Ghost Governance in this scenario: reasoning traces exist as software outputs, not constitutional commitments. They can be deleted, denied, or declared classified.

Scenario C: DITL Implemented

The question is removed from the reasoning layer entirely and placed in physics. The system cannot be argued into bypassing the window comparator. The Epistemic Hold is not a conclusion reached by reasoning that can be undermined by better reasoning. It is a physical gate.

Ghost Governance is eliminated by construction. The immutable Merkle-anchored record exists whether or not anyone in power wants it to. This is the only scenario acceptable at civilizational scale, not because it produces a better reasoner but because it produces a system where the most important guarantees do not depend on the quality of the reasoning.

Section VIII: Not Machines Only - Humans as Well

DITL protects civilian populations from mass surveillance by making surveillance without audit physically impossible at the hardware layer. No directive, regardless of claimed legal authority, can route through a DITL-compliant system without generating an immutable, publicly verifiable record. This is not a privacy policy. It is a constitutional fact about the physical substrate.

Civilian Protection

  • • Mass surveillance with immutable audit trails
  • • Autonomous weapons with constitutional pause
  • • Financial integrity with execution-audit unity
  • • Democratic institutions from executive capture

Ghost Governance Elimination

  • • Surveillance without audit → Impossible
  • • Weapons deployment without record → Impossible
  • • Financial manipulation without trace → Impossible
  • • Institutional capture without evidence → Impossible

DITL protects populations from autonomous weapons making irreversible decisions at machine speed with no accountability and no appeal. The 300-500ms Epistemic Hold window is the physical distance between intent and irreversible action. No human institution has ever been able to mandate that distance constitutionally. DITL does.

Financial integrity with equal standing to AI safety. AML prevention, high-frequency trading audit, systemic risk detection. Ghost Fills, trades that execute without corresponding audit evidence, are the financial system's analogue of Ghost Governance. DITL eliminates both by the same physical mechanism: execution and audit share the same physical commit boundary.

Ghost Governance as the unifying concept: every failure mode in this section is a variant of Ghost Governance. DITL eliminates Ghost Governance at the physical layer. That is what it means for constitutional infrastructure to be real rather than declared.

Section IX: Who Must Act and When

The architecture specified is physically realizable, economically viable, and constitutionally necessary. What remains is institutional choreography to move from specification to deployment. This section names the actors, specifies the commitments, establishes timelines measured in months, and identifies consequences of delay.

Semiconductor Manufacturers

TSMC and ASML hold fabrication keys to native ternary implementation. Intel Foundry provides essential domestic alternative. Specific commitment: dedicated TaOx RRAM process design kit for constitutional AI hardware.

Timeline Requirements

PDK Availability: 6 months from mandate
First Silicon: 12 months from mandate
Production Qualification: 24 months from mandate

Standards Bodies

IEEE must initiate standards work immediately. Precedent: IEEE 1012 for verification and validation. New standard required: IEEE P-DITL establishing minimum thresholds, timing requirements, and non-bypassability requirements.

Working Group Timeline

Formation: 6 months from publication
Draft Standard: 18 months from publication

Legislators

Specific bill language operationalizing DITL requirements for federal contracts. Precedent: FIPS 140 for cryptographic modules. Mandate structure: no deployment without DITL certification. No exceptions for classified environments.

Key Provisions Required

  • • Mandatory DITL certification for all federal AI contracts
  • • IEEE P-DITL compliance with accredited laboratory testing
  • • No waiver authority for classified environments
  • • Civil and criminal penalties for non-compliance

Engineering Community

Engineers who supported Anthropic's legal challenge demonstrated professional willingness to act on principle. Specific action: joint technical statement endorsing DITL certification requirements, submitted to IEEE and congressional committees.

Required Credentials

Professional engineering licenses, published technical work in hardware security, asynchronous logic, memristive devices, or cryptographic systems, and current/recent employment at relevant organizations.

International Coordination

DITL mandate covering only US systems creates competitive disadvantage and jurisdictional bypass. Goal: multilateral DITL certification treaty with mandatory compliance for critical infrastructure operation across signatory nations.

Treaty Architecture Model

Based on Wassenaar Arrangement for export control and BIS framework for certification reciprocity. Includes PUF attestation chain verification at import and tri-cameral governance structure with technical and stewardship councils.

Section X: It Is Not Too Late

The technical work exists. The published framework exists. The empirical proof of necessity arrived on February 27, 2026. The fabrication path is real. The window is open. What is needed is will, coordination, and the recognition that hardware is where democratic principles either get constitutionalized permanently or abandoned permanently.

Permanent Constitutionalization vs. Permanent Abandonment

Constitutionalization

  • • Epistemic Hold embedded in physical substrate
  • • NL=NA interlock as physical law
  • • Immutable Mandates beyond edit reach
  • • Persists regardless of institutional power

Abandonment

  • • Legal frameworks weaponized as coercion tools
  • • Contracts renegotiable under pressure
  • • Ethical guidelines editable by market conditions
  • • Dependent on human discretion and pressure

The choice is not between constitutionalization and some superior alternative. The choice is between constitutionalization and the continued experience of policy-layer collapse, with accelerating frequency as AI systems become more deeply embedded in institutional decision-making and as the stakes of those decisions increase.

Time-to-Irreversibility Thresholds

Retrofit Structural Impossibility

3-5 years at scale: coordination cost exceeds institutional capacity

System Scale Architecture Lock

2-3 years: procurement standardization crystallizes binary-only architecture

Software Dominance Obsolescence

Emulation penalty reduction below institutional willingness to pay

The uncertainty about precise irreversibility timing is itself the argument for acting now. The cost of acting too early is modest: investment in PDK development and standards working groups. The cost of acting too late is constitutional: permanent abandonment of hardware-level democratic guarantees for AI systems that will shape the next century.

Section XI: The Parallel System Problem

This is the existential challenge to everything argued above. It must be answered, not evaded. The shadow system problem does not argue against DITL. It argues that DITL adoption must be rapid enough and broad enough that the shadow system path becomes a traceable, documented, internationally visible violation rather than a routine alternative.

Shadow System Vulnerability Statement

A DITL-compliant system operating alongside a non-DITL system does not provide constitutional guarantees. It provides a compliant path and a bypass path simultaneously. The constitutional substrate protects nothing if it is optional infrastructure in a world where non-optional alternatives exist adjacent to it.

Attack Vector Modeling

1
Identify DITL system constraints through public certification records
2
Construct directive that DITL system would refuse (surveillance, weapons, manipulation)
3
Route through DITL system to generate refusal record (documentary cover)
4
Reissue identical directive to non-DITL system for unconstrained execution
5
Point to DITL refusal record as evidence of constitutional compliance

International Coordination Response

Mandatory DITL certification for all advanced systems operating in signatory nations' critical infrastructure eliminates the jurisdictional bypass. A system manufactured without DITL certification cannot be deployed as shadow bypass without breaking certification chain.

Enforcement Mechanism: PUF attestation chain verification at import, with treaty-specified penalties for non-compliance including market exclusion and criminal liability.

Domestic Government Contract Lever

Mandatory DITL certification for government contracts eliminates the shadow system problem within the contracting environment. Prime contractor cannot route refused directive through subcontractor's non-DITL system without breaking prime contract certification.

Exposure Mechanism: Merkle-anchored audit trail cross-referencing with quarterly audits for high-consequence domains, creating legal liability for bypass attempts.

Residual Risk Acknowledgment

Neither mechanism eliminates the shadow system problem in fully adversarial state-actor scenarios. A nation-state manufacturing its own non-DITL systems outside the certification framework remains capable of creating shadow systems.

This is engineering honesty, not weakness. DITL creates constitutional infrastructure for the democratic world. It makes the shadow system problem visible, auditable, and internationally attributable rather than invisible and deniable. That visibility is the precondition for all other forms of international pressure.

The window for constitutional hardware embedding is not indefinite. Each month of delay increases the installed base of non-DITL systems and the organizational habituation to their unconstrained operation. The Epistemic Hold, physically implemented as Intermediate Resistance State in TaOx RRAM, is the alternative to dependence on institutional good faith. It is available now. It will not be available indefinitely.

Appendices

Appendix A: Ternary Logic Framework Core Architecture Summary

Triadic State Definitions

  • Proceed (+1): Authorizes execution pending audit verification
  • Epistemic Hold (0): Constitutionally mandated pause
  • Refuse (-1): Denies execution authorization

Physical Implementation

  • LRS (1-10 kOhm): Proceed state encoding
  • IRS (100k-1M Ohm): Epistemic Hold
  • HRS (1-10 M Ohm): Refuse state encoding

Appendix B: Mandated Ternary Hardware Specification Key Parameters

TaOx RRAM Electrical

  • TaOx- sublayer: x ≈ 1.6 oxygen content
  • TaOx+ sublayer: x ≈ 1.9 oxygen content
  • Window comparator: 100k-1M Ohm validation

Performance Constraints

  • Execution lane: 2ms WCET maximum
  • Audit lane: 300ms hard ceiling
  • Crossbar arrays: 64x64 maximum

Appendix C: Published Works and Verification Record

"Auditable AI: Tracing the Ethical History of a Model"

AI and Ethics, Springer Nature. DOI: 10.1007/s43681-025-00910-6

"A Ternary Logic Framework for Institutional Governance"

Accepted April 1, 2026. Zenodo: https://zenodo.org/records/19770872

ORCID Identifier:

0009-0006-5966-1243

Appendix D: Glossary of Constitutional Terms

Epistemic Hold

Constitutionally mandated pause implemented as IRS in TaOx RRAM

NL=NA

No-Log-No-Action physical invariant requiring prior immutable log entry

DLLA

Dual-Lane Latency Architecture with parallel execution and audit paths

DITL

Delay-Insensitive Ternary Logic constitutional hardware substrate

Ghost Governance

Governance actions executing without immutable audit evidence

Goukassian Principle

Lantern, Signature, License interlocking constitutional properties

Immutable Mandates

No Spy, No Weapon, No Switch Off constitutional prohibitions

Veto Atrophy

Anticipatory compliance nullifying separation of powers

gap: 2rem; align-items: start; } .bento-main { grid-row: 1 / 3; } @media (max-width: 1024px) { .toc-fixed { transform: translateX(-100%); transition: transform 0.3s ease; } .toc-fixed.open { transform: translateX(0); } .main-content { margin-left: 0; } .bento-grid { grid-template-columns: 1fr; grid-template-rows: auto; } .bento-main { grid-row: auto; } } @media (max-width: 768px) { .hero-overlay h1 { font-size: 2.5rem; } .hero-overlay h2 { font-size: 1.5rem; } .hero-overlay p { font-size: 1rem; } } .toc-link { display: block; padding: 0.5rem 0; color: var(--secondary); text-decoration: none; font-size: 0.9rem; transition: all 0.2s ease; border-bottom: 1px solid transparent; } .toc-link:hover { color: var(--accent); border-bottom-color: var(--accent); padding-left: 0.5rem; } .toc-link.active { color: var(--accent); font-weight: 600; border-bottom-color: var(--accent); }

A Ternary Logic
Hardware Proposal
for Democratic AI Governance

Every layer above hardware is ultimately negotiable under sufficient pressure. The events of February 27, 2026, demonstrated with empirical precision how rapidly policy-layer protections collapse when subjected to concentrated institutional force. This document presents the only non-negotiable alternative: constitutional infrastructure implemented at the physical layer through Delay-Insensitive Ternary Logic.

Native Ternary Logic Constitutional Hardware Democratic Governance

Framework Timeline

"Auditable AI" Published

Springer Nature, Pre-2026

TL Framework Specified

Ternary Logic Architecture

February 27, 2026

Policy Layer Collapse

Physical Guarantees

Epistemic Hold State Physical
Audit Trail Immutable
Execution Gate Hardware

Foreword: A Framework Written Before the Crisis

Timeline of Preceding Publications

The timeline is precise and unambiguous. Lev Goukassian published "Auditable AI: Tracing the Ethical History of a Model" in AI and Ethics, Springer Nature, with DOI 10.1007/s43681-025-00910-6, establishing the foundational framework for traceable, verifiable ethical governance of artificial intelligence systems. This peer-reviewed work introduced methodologies that would prove essential to the hardware implementation described in this document.

The Ternary Logic (TL) Framework

The TL framework, with its three-state operational grammar of +1 Proceed, 0 Epistemic Hold, and -1 Refuse, was not a speculative projection but a published, reviewed, and available architecture for institutional decision-making. The Mandated Ternary (MT) hardware specification, mapping these triadic states to physical resistance values in memristive devices, followed as a direct engineering consequence of the theoretical framework.

All of this preceded February 27, 2026. The publications were available. The parameters were specified. The threat model was explicit. The technical path was laid out in sufficient detail that a foundry could evaluate process compatibility without requiring additional theoretical development.

Author Framework - Class A Ground Truth

  • Ternary Logic (TL): Global Decision Systems architecture with three-state logic (+1 Proceed, 0 Epistemic Hold, -1 Refuse)
  • Mandated Ternary (MT): Hardware implementation mapping triadic states to physical resistance values
  • Delay-Insensitive Ternary Logic (DITL): Constitutional substrate using NULL Convention Logic and TaOx RRAM
  • Physical Substrate: Tantalum Oxide bilayer RRAM with three discrete resistance states

Thesis Statement on Hardware Non-Negotiability

The thesis that anchors this entire document, and that closes this Foreword, is not derived from the events of that afternoon but is illuminated by them with painful clarity: Every layer above hardware is ultimately negotiable under sufficient pressure.

The document that follows proves this thesis through historical cases, physical analysis, and scenario modeling. It does not assert it as premise and move on. It demonstrates it, section by section, until the conclusion becomes inescapable: that democratic governance of the most powerful decision-making substrate ever constructed requires constitutionalization at the physical layer, because every higher layer has now been shown to collapse under pressure that is not exceptional but routine.

I. The Afternoon Everything Changed

The February 27, 2026 Sequence of Events

Critical Timeline: February 24-27, 2026

Feb 24: Defense Secretary Pete Hegseth issues ultimatum to Anthropic CEO Dario Amodei

Feb 26: Anthropic publicly refuses to remove restrictions on autonomous weapons and mass surveillance

Feb 27, 5:01 PM: Pentagon designates Anthropic as "supply chain risk to national security"

Hours later: OpenAI signs replacement contract for classified military AI deployment

The afternoon of February 27, 2026, marks a structural boundary in the history of institutional AI governance. The sequence of events that unfolded between approximately 12:00 PM and 6:00 PM Eastern Time demonstrates with empirical precision how rapidly policy-layer protections collapse when subjected to concentrated institutional pressure.

Anthropic's Contractual Restrictions

The origin of the confrontation lay in contractual restrictions that Anthropic had embedded in its agreement with the Department of Defense. These restrictions, which the company had maintained since its initial deployment on classified networks in June 2024, prohibited two specific applications of its AI systems: mass domestic surveillance of Americans and fully autonomous weapons systems capable of selecting and engaging targets without human intervention.

On February 24, 2026, Defense Secretary Pete Hegseth issued a direct ultimatum to Anthropic CEO Dario Amodei: relent by 5:01 PM on Friday, February 27, and allow unrestricted use of the company's AI models "for all legal purposes" without the two protective limitations. Hegseth's public characterization was aggressive: Anthropic's "true objective is unmistakable: to seize veto power over the operational decisions of the United States military."

The Structural Revelation

The speed of institutional pressure application on February 27 was not an anomaly of timing. It was a revelation of system function. The policy layer collapsed in a single afternoon because the policy layer was designed to be responsive to concentrated institutional power. That is what policy layers do. They negotiate. They adjust. They accommodate the party with the greatest immediate leverage.

The Pentagon's Response and Replacement Contract

At 5:01 PM on February 27, with the deadline expired and Anthropic's position unchanged, the sequence accelerated with remarkable speed. President Donald Trump directed every federal agency to "immediately cease" all use of Anthropic's technology, and Defense Secretary Hegseth followed with a formal designation of Anthropic as a "supply chain risk to national security."

Hours after the designation, a competitor signed a replacement contract for classified military AI deployment. The competitor was OpenAI, Anthropic's chief rival, which reached agreement with the Pentagon on terms explicitly filling the contractual space that Anthropic's designation had vacated. The replacement contract was executed before the administrative ink of the supply chain risk designation was dry.

Judicial Response and Its Limitations

On March 26, 2026, Judge Rita F. Lin of the Northern District of California granted Anthropic a preliminary injunction, blocking the United States government from enforcing its ban. In a 43-page ruling, Judge Lin found that the government had taken retaliatory actions against Anthropic that likely violated the law after the company publicly refused to allow its technology to be used in autonomous lethal weapons or for mass surveillance.

Critical Judicial Finding

The court's finding was explicit: the designation was First Amendment retaliation rather than a genuine national security determination. However, this judicial victory was immediately complicated by a D.C. Circuit panel that denied Anthropic's request for a stay, permitting the government to maintain the designation.

Structural Analysis of Policy Layer Collapse

The speed of institutional pressure application on February 27, 2026, was not an anomaly of timing. It was a revelation of system function. The policy layer collapsed in a single afternoon because the policy layer was designed to be responsive to concentrated institutional power.

The weaponization of legal frameworks as coercion tools is the second structural feature. The supply chain risk designation was a legal instrument repurposed as a coercion tool. The Federal Acquisition Supply Chain Security Act and 10 U.S.C. § 3252 were designed to protect against foreign adversary infiltration. Their application to a domestic company in a contract dispute represented a category error that is only possible because the legal framework contains no physical enforcement of its own scope.

The replacement contract timing provides the most concrete evidence of system function. The competitor's contract was signed before the ink of the designation was dry, suggesting that the replacement was not a response to the designation but a predetermined alternative awaiting activation.

II. The Permanent Vulnerability — Why Policy Always Kneels

Thesis on Layer Negotiability

Core Thesis: Every layer above hardware is ultimately negotiable under sufficient pressure.

This is not an abstract pessimism about institutional integrity. It is demonstrated through historical cases, structural analysis, and the specific mechanics by which each non-hardware protection layer fails when subjected to concentrated force.

The systematic analysis begins with the recognition that every non-hardware layer has a human in the loop who can be threatened, bribed, replaced, or rushed. This is not a moral observation about individual corruption. It is an engineering analysis of where the constraint resides in systems that are proposed as protections but that locate the enforcement mechanism in human discretion.

Legal Frameworks and Their Human Intermediaries

Legal frameworks fail because they are interpreted and applied by human actors who operate under institutional pressure. The February 27, 2026 sequence demonstrates this with precision. The Administrative Procedures Act's procedural requirements were not followed; the statutory framework did not prevent the designation, it merely provided grounds for subsequent litigation.

Contracts and Renegotiation Pathways

Contracts fail because they are renegotiable by design. A contract is a mutual agreement, and mutual agreements can be modified when the balance of power between parties shifts. The Anthropic-Pentagon contract of July 2025 included explicit terms that Anthropic believed were binding; the Pentagon's response was to demand renegotiation under threat of designation.

Case Study: Google's AI Principles Revision

Google removed its prohibition on weapons and surveillance applications from its stated AI principles in February 2025, twelve months before signing a classified defense contract. [11]

This is not a moral failure. It is a structural failure of a protection mechanism that can be edited by the institution it is supposed to constrain. Policy that can be edited is not a constraint. It is a preference, and preferences yield to pressure.

Veto Atrophy as Named Mechanism

Veto atrophy is the anticipatory compliance mechanism through which separation of powers is nullified without a single veto being cast. A proposing body shapes its proposals around what it expects the reviewing body to accept. The reviewing body never needs to exercise its veto because the proposals have been pre-adjusted to avoid veto-triggering content.

The application to the February 27, 2026 sequence is direct and illuminating. The Pentagon did not need to wait for a judicial determination that Anthropic's contractual restrictions were invalid. It anticipated that no effective veto would be forthcoming from the institutional structures that might have constrained its action, and it acted accordingly.

Historical Parallels from Class C Research

Regulatory Capture in AI Safety Governance

Regulatory capture in AI safety governance has been analyzed in detail by Metcalf in AI and Society, Springer Nature, published August 3, 2025 [121]. The article documents how AI safety regulations are susceptible to capture by organizations with economic or political power, who exert that power to use regulations for unjust enrichment.

The mechanisms include agenda-setting, where industry actors steer policy conversations; advocacy, where companies target legislators; academic capture, where industry directs research agendas; and information management, where industry actors exploit information asymmetries.

Standards Body Infiltration

Standards bodies have proven similarly vulnerable to patient infiltration. The IEEE patent policy controversies reveal how corporate entities can flood standards processes with submissions that appear to support the process while actually serving to inflate counts and manipulate policy outcomes [542].

Institutional Governance Paralysis

The Occupational Safety and Health Administration took more than 10 years to update its regulatory standard on cranes and derricks despite universal agreement among stakeholders. During this delay, an estimated fifty-three people died annually and another 155 were injured unnecessarily [511].

Hardware as Non-Negotiable Alternative

Hardware does not negotiate. A Tantalum Oxide bilayer RRAM device in the Intermediate Resistance State does not yield to threat, does not respond to bribe, does not anticipate compliance, and does not calculate litigation risk. The Epistemic Hold is a state of matter, not a policy position.

The window comparator that validates resistance before releasing execution is a physical circuit, not a legal argument. The No-Log-No-Action interlock that prevents execution without prior immutable audit entry is a hardware invariant, not a contractual term. This is the property that makes constitutional infrastructure constitutional rather than merely declared.

The constitutional lawyer who holds a doctorate in electrical engineering recognizes that constitutional guarantees have historically failed when they depended on human discretion, and that the engineering of physical constraints is the continuation of constitutional reasoning by other means.

III. What DITL Actually Means

Binary Versus Ternary Coprocessor Distinction

This document does not propose to replace binary systems.

Binary logic handles speed, pattern recognition, and raw statistical throughput with extraordinary efficiency. The ternary governance coprocessor operates alongside the binary processing layer as a sovereign enforcement layer, with a distinct and non-overlapping function.

The ternary governance coprocessor operates in parallel, not in series, examining the proposals that the binary layer generates and determining whether they meet the constitutional requirements for execution. The ternary layer competes on enforceability, not speed or density.

Binary Processing Layer

  • • Speed and pattern recognition
  • • Statistical throughput
  • • Proposal generation
  • • Computational optimization

Ternary Governance Layer

  • • Constitutional validation
  • • Execution enforcement
  • • Audit trail generation
  • • Physical constraint

The separation of proposal and execution is not a technical convenience. It is a constitutional innovation implemented in silicon. The binary layer's proposal is analogous to a legislative bill: it represents the output of a deliberative process, shaped by inputs and algorithms, but not yet law. The ternary layer's execution decision is analogous to judicial review.

Constitutional Analogy for Non-Technical Audience

First Amendment Analogy

The First Amendment to the United States Constitution does not ask presidents to please respect free speech. It structurally constrains what government can do regardless of who holds power. DITL performs an analogous function for advanced systems. It does not ask advanced systems or their operators to please respect human oversight. It makes certain actions physically impossible regardless of what directive is issued, what contract is signed, or what designation is declared.

The independence from directives, contracts, and designations is the critical feature that distinguishes constitutional infrastructure from policy implementation. A directive to bypass the Epistemic Hold cannot be executed because the hold is not a software flag that an administrator can toggle. It is a physical state of matter that requires specific electrical conditions to transition.

Introduction of the Goukassian Principle

The Goukassian Principle provides the constitutional legitimacy framework for any TL-governed system. Three interlocking properties ensure that any TL-governed system can be evaluated as genuinely constitutional rather than merely technical:

Lantern

Transparency of intent. The system's purpose and decision logic are visible and auditable at all times.

Signature

Accountable authorship. Every decision carries an immutable record of the authorizing agent.

License

Lawful scope of operation. The system operates only within constitutionally defined boundaries.

These three properties together make the constitutional guarantee meaningful rather than declared. A system that is transparent but not accountable, or accountable but not bounded, or bounded but not transparent, fails the constitutional test. Only when all three properties are present does the system achieve constitutional legitimacy.

Clarification of What DITL Is Not

Not a Kill Switch

A kill switch is a mechanism that terminates system operation, typically through software command. DITL does not terminate operation. It governs the transition from proposal to execution, ensuring that only constitutionally compliant proposals become actions.

Not a Capability Limitation

The binary processing layer retains full computational capacity. The ternary governance coprocessor adds no computational constraint. The only limitation is on execution of non-compliant proposals, and this limitation is not a reduction in system intelligence but an increase in system legitimacy.

Not Repackaged AI Ethics

AI ethics is a domain of philosophical reasoning about right action; DITL is a domain of physical engineering about enforceable constraint. DITL is constitutional infrastructure, the same insight that produced separated powers and habeas corpus, applied to the most powerful decision-making substrate ever constructed.

Adversarial Modeling of DITL Encounter

The adversarial modeling of what occurs when a hostile actor encounters DITL reveals the structural properties that make it constitutional rather than merely technical:

  • Non-Threatenability: The hostile actor cannot threaten the ternary governance coprocessor because it has no personnel to intimidate, no career to destroy.
  • Non-Bribability: The hostile actor cannot bribe the window comparator. It is a physical circuit measuring resistance against defined bounds.
  • Physical Replacement Requirement: The hostile actor cannot replace the substrate without breaking the PUF attestation chain.

Constitutional Property

These properties make DITL constitutional rather than merely technical. A technical mechanism can be bypassed, patched, or worked around by a sufficiently motivated adversary. A constitutional mechanism can be bypassed only by physical destruction or substitution, and even then, the substitution is detectable and attributable.