SYSOP MODE — Gameplay Specification

Asymmetric Link-Cable Defender Cartridge

Companion specs: ice-breaker.md, docs/marketing/pr-faq.md (Q: Is there multiplayer?), docs/software/runtime/bare-deck-terminal.md (LINK tab)

Hardware reference. All physical values (display grid, link-cable port, key map, audio path) are governed by the Canonical Hardware Specification in CLAUDE.md. This spec never restates them. The 3.5mm TRRS link cable that carries the asymmetric session is documented at the bare-deck level (LINK tab); the wire protocol, peer discovery, and tick-rate budget are out of scope here and tracked in GWP-330 (link-cable hardware spec + peer-discovery protocol, Backlog). Sysop Mode assumes that protocol exists and exposes a few well-formed events (see § Link-Cable Integration).

CIPHER-LINE revision note (2026-04-27): Sysop Mode’s Cipher voice — sysop persona, surveillance commentary, retaliatory beats — renders on the CIPHER-LINE OLED above the keyboard, not on the main 80×25 grid. The defender voice is tonally distinct from ICE Breaker’s attacker voice (see § CIPHER-LINE Contributions). Canonical engine spec: docs/software/runtime/cipher-voice.md.

Mission Contributions

Mission Composition Grammar declaration — verb vocabulary, affinity tag set, and mission-contributions schema are defined in docs/plans/post-v0.1/2026-04-25-mission-composition-grammar.md §1–§3.

(mission-contributions
  :verbs (DEFEND OBSERVE TRACE CONTAIN)
  :affinities (DIGITAL NETWORK SECURITY))

Sysop Mode is the launch library’s defender anchor and the asymmetric counterpart to ICE Breaker. Network defense satisfies DEFEND; passive surveillance of an attacker’s intrusion path satisfies OBSERVE; trace-to-source counter-forensics satisfies TRACE; lockdown and ICE deployment satisfy CONTAIN. Affinities are DIGITAL and NETWORK (shared with ICE Breaker, by design — defender plays on the same topology the attacker traverses) plus SECURITY (a defender-only tag that gates Sysop-side mission-board templates). Default :payout-bias (0.85) and :threat-bias (+0.10) — defender contracts pay slightly less per minute than attacker contracts (the sysop is salaried, not a freelancer) but escalate threat faster (a sysop on duty draws bigger fish over time).

1. Design Philosophy

Why Asymmetric (Not Mirror)

Sysop Mode is not ICE Breaker with a reskin. A symmetric defender cart — same OODA loop, same toolkit shape, same tempo — would be both boring (two operators doing the same thing in the same room) and false to the fiction (the attacker is a freelance intruder under time pressure; the defender is on shift, watching consoles). The design rejects mirroring on three axes:

Tempo asymmetry. The attacker cycles OODA at ~2 Hz under time pressure. The sysop cycles at ~0.5 Hz — slower, more deliberate, more like a chess move. The sysop is patient. The cart’s rhythm is “watch, place, wait, retaliate,” not “observe, orient, decide, act.”
Information asymmetry. The attacker has fog of war over the network topology — they see only adjacent nodes. The sysop sees the entire network from boot. The sysop’s hard problem is not “where am I?” but “which of my fourteen nodes is the intruder approaching, and which traps do I commit to?”
Resource asymmetry. The attacker burns one-shot consumable tools. The sysop deploys placements — ICE, alarms, traces, lockouts — that persist on nodes until triggered or actively withdrawn. The sysop is a chess player; the attacker is a sprinter.

What Sysop Plays Like

The sysop’s screen is a network surveillance console: a 14–18 node graph with attacker position highlighted, a per-node defense ledger (placements active, threat assessment, last-seen trace), and a deployment palette in Row 24. The cart’s core mechanic is commitment under partial observability: the sysop knows where the attacker is now but not where they’re going next; every ICE placement burns a budget item that can’t be recovered if mis-aimed.

Sysop Mode is a slow tense game, not a fast tense game. It rewards reading an intruder’s archetype (panicked novice / measured Specialist / experimenting Master), positional discipline, and the willingness to let the intruder get close before the trap snaps shut. A sysop who deploys all their ICE in the first 30 seconds has lost.

Capability Bit & Loadout

Sysop Mode is a separate cartridge (not an ICE Breaker sub-mode), per the capability model. The cart contributes a single capability bit :network-defense to Universal Deck State; this bit unlocks the LINK-tab “Host Sysop Session” affordance on the bare deck regardless of which cartridge is currently inserted on the attacker’s deck. Mission-board template generation reads :network-defense to gate Sysop-side defender contracts.

The cart is loaded onto the defender’s deck. The attacker’s deck holds ICE Breaker. The two decks are connected via the 3.5mm TRRS link cable. Either deck can host the session; both must contribute capability bits.

2. The Strategic Loop

Sysop Mode runs on a two-phase tick: placement phase (sysop acts) followed by intrusion phase (attacker acts), repeating until the round ends. Phases are not strictly turn-bound — the attacker plays in continuous OODA tempo on their deck — but the sysop’s actions are gated to discrete placement windows that open every 8 attacker-seconds (configurable per threat tier).

Placement Window (Sysop Acts)

A placement window opens. The sysop sees:

Updated network state (any nodes the attacker has entered, traced, or compromised since the last window)
Their deployment palette (ICE pieces remaining, alarm budget, trace counter charges, lockdowns held)
The attacker’s trace level (mirrored from their deck — sysop sees this as “intruder visibility”)
A 3-second intent indicator showing the cursor target on the sysop’s selected piece

The sysop has up to ~5 seconds of real time inside the window to:

PLACE — drop an ICE / alarm / trace / lockout cell onto a target node
WITHDRAW — pull a previously-placed piece back into the budget (costs 1 alert tick)
ROUTE — pre-commit a HUNTER-class ICE to chase along an edge if the attacker enters a specified node
HOLD — pass the window without action; preserves budget for next window

Closing the window commits the action. Network state mutates. Audio cue (CIPHER-LINE confirms the placement; main-grid animation shows the new cell). Window closes.

Intrusion Phase (Attacker Acts)

The attacker plays ICE Breaker normally. They cycle OODA. They INFO into nodes; they CONS tools; they CAR/CDR around the graph. The sysop watches. The sysop’s screen continues to update in real time — they see attacker keypresses surface as trace ticks, see tool consumption surface as Voice 2 metadata, see node entry surface as a cursor advancing on their topology view.

The sysop has no actions during the intrusion phase except passive observation and CIPHER-LINE-driven taunts (see § CIPHER-LINE). This is the cart’s enforced patience.

After 8 attacker-seconds (or sooner if a triggering event fires — see § Triggers), the next placement window opens.

Triggers (Window Pre-emption)

Some events interrupt the intrusion phase and immediately open a placement window:

Attacker triggers an alarm cell → window opens at +0.5 s
Attacker successfully extracts data from a node → window opens immediately
Attacker initiates egress → window opens immediately
HUNTER ICE catches up to attacker → window opens immediately

This means a passive sysop gets standard 8-second cadence; an engaged sysop who has lured the attacker into trap territory gets faster windows and tighter feedback.

3. The Network (Shared Topology)

The network the sysop defends is the same network the attacker is intruding — there is one source-of-truth topology generated from the contract seed and synchronized at session-start across the link cable. This is the cart’s central elegance: both decks render the same graph, but each renders different things on it.

What the Sysop Sees

The sysop sees the complete graph from session-start: 14–18 nodes, all edges, all node types (relay / data / finance / control / honeypot), entry node, exit node. There is no fog of war for the sysop. They also see:

Attacker’s current node (cursor) — bright amber
Nodes the attacker has visited (trail) — dim amber
Nodes the attacker has triggered ICE on — flashing
Their own placements — boxed cells (■ = ICE, ▲ = alarm, ◆ = trace, █ = lockout)

What the Attacker Sees

The attacker sees only the current node and adjacent nodes (standard ICE Breaker fog of war). They do not see sysop placements until they trigger them. The sysop’s ICE placement on Node 7 is invisible to the attacker until the attacker CARs into Node 7 and the ICE wakes up.

Honeypots

Per-contract, 1–3 nodes are flagged honeypots — fake high-value data targets that the network’s intelligence-engine has placed to bait intruders. The sysop sees which nodes are honeypots (small H glyph). Honeypots cost less ICE to defend (the cart subsidizes ICE budget on those nodes) and trigger an automatic +5 trace bump on the attacker if drilled. Veteran sysops route attackers toward honeypots by leaving easier paths to them; novice sysops scatter ICE evenly and waste budget on real assets.

Network Memory (Shared with ICE Breaker)

The shared topology includes the same network-memory state ICE Breaker uses (see ice-breaker.md §2.5). When a session ends, both sides commit their session-effects back to the network’s persistent state on the contract: nodes ICE-cascaded, paths reinforced, encryption depths increased. A sysop’s defenses harden the network for the next session (whether the next intruder is the same operator or someone else). This makes the cart’s persistent fiction work — a sysop is on shift, defending an asset over time, and the network remembers their tour of duty.

4. The Defender Toolkit (Cell Types)

Sysop placements are concrete cell types that live on nodes until triggered, withdrawn, or session-end. Every placement is committed under partial observability and burns a finite budget.

Cell: ICE_NODE

Class: Defender combat asset. Budget: 4–7 instances per session, threat-tier scaled.

The sysop’s primary weapon. ICE_NODE cells behave identically to the ICE the attacker encounters in solo ICE Breaker — JUNK, BLACK, RED, HUNTER classes — but the sysop chooses class and node at placement. JUNK ICE is cheap (1 budget point) and slow; HUNTER ICE is expensive (3 budget points) and pursues across edges.

(ice-node
  :class      :junk | :black | :red | :hunter
  :node       NODE_ID
  :armed?     t       ;; if nil, placed but dormant — won't trigger
  :pursuit-rule (lambda (atk-node) ...))  ;; HUNTER only

Strategy. A sysop budget of 6 points might be 6 JUNK (saturate the network), 2 HUNTER (chase the attacker), or a mixed loadout. Saturation forces the attacker to spend tools; pursuit forces them to flee. Both are valid; the tension is reading which the attacker can’t handle.

Cell: ALARM_CELL

Class: Surveillance / window pre-emption. Budget: 3–5 per session.

A silent tripwire. When the attacker enters or extracts from an alarmed node, the cell fires: the sysop’s next placement window opens immediately (+0.5 s pre-emption), and the attacker takes a +5 trace bump. Alarms are invisible to the attacker until tripped. Withdrawing an alarm costs nothing if it hasn’t fired.

(alarm-cell
  :node       NODE_ID
  :trigger    :on-entry | :on-extract | :on-exit)

Strategy. Alarms convert sysop patience into sysop tempo. A well-placed alarm on a chokepoint node guarantees the sysop wakes up the moment the attacker commits to a path.

Cell: TRACE_CELL

Class: Counter-forensics. Budget: 2–3 per session.

When triggered, the trace cell back-traces along the attacker’s recent CDR history and reveals the attacker’s next intended action to the sysop (per ICE Breaker’s deterministic OODA, the attacker’s next action is computable one step ahead from their current node and toolkit). The sysop sees, on CIPHER-LINE: next: car -> node 7. tool: spike. This lasts one window.

(trace-cell
  :node       NODE_ID
  :reveal-depth 1)  ;; one OODA cycle of foresight

Strategy. TRACE is the sysop’s SCOUT (compare Nodespace SCOUT). Limited charges, non-renewable, but devastating when used to set up a HUNTER pre-route.

Cell: LOCKOUT_CELL

Class: Retaliatory containment. Budget: 1–2 per session.

A heavy weapon. When committed to a node, the lockout cell seals the node and all its edges for 3 attacker-cycles (~6 seconds). The attacker cannot enter, exit, or extract. ICE inside the locked node can still operate. Lockouts are announced to the attacker on the main grid (“NODE 4: NETWORK LOCKDOWN — RESPONSE TEAM EN ROUTE”) because this is a sysop showing their hand deliberately — the announcement is part of the intimidation.

(lockout-cell
  :node       NODE_ID
  :duration-cycles 3)

Strategy. Lockout is the sysop’s commitment move. Used right, it traps an attacker mid-extraction, gives ICE time to swarm, and ends the session in a defender win. Used wrong, it broadcasts your panic and gives the attacker free information about which node you think is critical.

Cell: SYSOP_CONSOLE_CELL

Class: Root cell (one per session). Hidden from attacker.

The sysop’s command surface. Holds session-level state: budget remaining, trace assessment, deployment history, current placement window state, and the link to the attacker’s deck. Always renders on the sysop’s Row 23 status strip.

(sysop-console-cell
  :budget-remaining     N
  :alarms-active        N
  :trace-charges-left   N
  :lockouts-held        N
  :attacker-handle      "GHOSTWIRE"
  :attacker-trace       N
  :session-clock        SECS
  :placement-window-open? bool)

5. Lisp Paradigm Conformance

Per docs/software/cartridges/authoring/lisp-paradigm.md, every key has a defined Sysop-context meaning. The cart treats the network itself as a list of nodes; sysop actions are list mutations.

Key	Sysop-context meaning	Why it’s genuine
CAR	Drill into the currently-cursored node — show its placement detail (which ICE / alarms / lockouts you have here, attacker’s trail through it)	CAR descends into the head of the node-list; the node is now your focus
CDR	Cycle the network cursor to the next adjacent node (clockwise around the attacker’s current position)	Traversing the rest of the adjacency list of a node
CONS	Combine two adjacent placement targets into a multi-node deployment (e.g., place ICE on both nodes simultaneously, costs combined budget). Used for firewall walls — a row of three CONS-linked ICE cells that share a triggering condition	Constructing a new pair: two placement targets become a unified deployment
NIL	Withdraw the cursored placement (returns it to budget, costs 1 alert tick)	Replacing a list element with the empty atom
EVAL	Commit the currently-staged placement / withdrawal / route. Window closes	Evaluating the staged expression: data becomes deployed reality
QUOTE	Stage a placement without committing — see the cost, see the predicted attacker reaction (pulled from TRACE prediction if any), but don’t burn budget yet	Quoting: holding the placement as data, not yet evaluated
LAMBDA	Record the current placement sequence (last 3 placements) as a doctrine. Replayable next session via APPLY	Defining a function: the sequence is stored for later application
APPLY	Execute a saved doctrine against the current network. Each placement is auto-staged; sysop must EVAL each	Applying a stored function to a new data structure
ATOM	Test if the cursored node is a leaf (terminal — no further reachable children) or an interior node	Checking atomicity of a list element
EQ	Compare two nodes — same node-type? same defense state? same prior-session ICE history?	Identity comparison on list elements
INFO	Surface placement detail / attacker telemetry overlay for the cursored node. Double-tap reveals deep-history (attacker’s last 3 sessions on this node)	The sysop’s OBSERVE primitive
LINK	Open the link-cable diagnostics overlay (peer health, latency, framing errors). Hold-LINK during placement window aborts the session gracefully	Sysop-side meta-control of the asymmetric channel
TERM	Context-sensitive: in placement window, opens the CIPHER-LINE seed-capture (lets the sysop hand-author a taunt fragment before next window); during intrusion phase, switches to LAMBDA editor for live doctrine authoring	Per ADR-0016 / CLAUDE.md TERM polymorphism
BACK	Cancel the current staging; return cursor to attacker’s position	Standard back/cancel
SYS (hold)	Abort session — both decks return to bare deck, session state is committed to network memory, partial payouts settle	Standard system escape

The numpad is used for node selection by ID (1–9 = visible adjacency stencil, similar to Nodespace) plus ICE class selection during placement (1=JUNK, 2=BLACK, 3=RED, 4=HUNTER).

6. Round Structure

A Sysop Mode session is a single contract matched against a single ICE Breaker contract on the attacker’s deck. The session unfolds in three phases.

Phase A — Setup (0 to ~30 s)

Both decks confirm peer discovery. The contract seed is exchanged across the link cable. Both decks render the topology (sysop sees full; attacker sees fog). The sysop receives their defender briefing:

Row 0: SYSOP MODE > BRIEFING [THREAT 3] [BUDGET: 14] [SESSION: 0:00]
Row 2:  CONTRACT: KOJI HOLDINGS — RESEARCH ARCHIVE
Row 4:  Attacker handle ........ GHOSTWIRE (Specialist, Rep 22)
Row 5:  Attacker prior sessions  3 wins / 1 defended
Row 6:  Network ............... 16 nodes, CLUSTERED, 2 honeypots
Row 7:  Threat tier ........... 3 (intermediate)
Row 9:  ICE budget ............ 6 points (mix at will)
Row 10: Alarm budget .......... 4 cells
Row 11: Trace budget .......... 2 charges
Row 12: Lockouts held ......... 1
Row 14: PRE-PLACEMENT WINDOW: 30 SECONDS
Row 15: Place initial defenses before the attacker connects.
Row 22: [CAR=inspect node] [APPLY=load doctrine] [EVAL=lock in defenses]
Row 24: [SYS=abort  EVAL=ready  INFO=detail  LINK=peer status]

The sysop has 30 seconds before the attacker’s session begins to commit an initial loadout. They can leave budget unspent (and place reactively) or commit fully (and play tight).

Phase B — Play (variable, ~10–25 min)

The link cable handshake completes. The attacker’s deck enters the contract. Placement windows alternate with intrusion phases as described in § 2. CIPHER-LINE on both sides comes alive (see § CIPHER-LINE). Audio modulates per § 7.

The play phase ends on one of four conditions:

Attacker egresses successfully — attacker wins (extraction).
Attacker’s trace ≥ 100 OR attacker is lockout-trapped through 3 cycles — sysop wins (containment).
Attacker disconnects mid-session (gracefully or via LINK-cable drop) — see § Solo-Play Degradation.
Attacker aborts (SYS-hold) — sysop wins by default (smaller payout).

Phase C — Debrief (~30 s)

Both decks render a debrief screen. Payouts settle. Reputation updates. CIPHER-LINE delivers a closing fragment per outcome. Network memory is committed. Session log is written to UDS for both operators (cross-cartridge — a sysop’s tour of duty against GHOSTWIRE shows up the next time GHOSTWIRE boots ICE Breaker).

7. Win/Loss Conditions (Both Sides)

Outcome	Attacker (ICE Breaker)	Sysop (Sysop Mode)
Successful extraction	Wins. Payout = contract base + speed bonus. Reputation +N.	Loses. Salary-floor payout (~30% of contract base). Defender reputation −2.
Successful defense (trace-out)	Loses. Loss penalty per ICE Breaker spec.	Wins. Bounty payout = (attacker’s prospective reward) × 0.6, paid to sysop. Defender reputation +3.
Successful defense (lockout-trap)	Loses (catastrophic — caught in the act). Heavier reputation penalty.	Wins big. Bounty × 0.85. Defender reputation +5. Unlocks a defender-only “veteran sysop” mission template after 3 such wins.
Honeypot dunk (attacker drilled a honeypot)	Loss + +10 trace, but session continues	Bonus payout (+15% to the sysop’s eventual payout if the session ends in defender-win)
Disconnect mid-session	Session ends, no payout, no rep change for either side. Retry allowed within the same contract.	Same.
Sysop aborts (SYS-hold)	Auto-win for attacker. Payout floor (50%).	Loss. Defender reputation −5 (a sysop who walks off shift is a marked sysop).

Defender reputation is a separate Universal Deck State track from operator (intruder) reputation. Both live on the same UDS but are stored independently and surfaced separately on the bare deck. The intent (per ADR / capability model semantics): an operator who is Master as an intruder might be Apprentice as a sysop, and that’s narratively interesting. Both reputations gate Sysop Mode contract tiers and CIPHER-LINE verbosity (see § 9).

8. Pacing & Link-Cable Timing Budget

Sysop Mode’s pacing is engineered against link-cable timing constraints. The wire protocol is GWP-330’s responsibility; here we declare what the gameplay needs.

Event	Budget	Rationale
Session-start handshake (topology sync)	≤ 3 s	Players tolerate a “connecting…” beat; longer breaks immersion
Attacker action → sysop console update	≤ 250 ms	Sysop’s screen must feel live, not laggy
Sysop placement EVAL → attacker network state	≤ 250 ms	Symmetric requirement
Window-open notification	≤ 100 ms	Tight — the 5-second window starts the moment it’s open
Heartbeat / keepalive	1 Hz	Drop detection; if 3 missed, declare disconnect
Disconnect detection → solo fallback	≤ 5 s	See § Solo-Play Degradation

Sysop placement window: 5 s real time. This is non-negotiable as a gameplay number. If GWP-330’s protocol can’t sustain the action latencies above, the window must extend (8 s) and that’s a doc revision here.

Attacker tempo unaffected. The attacker plays ICE Breaker at normal OODA tempo (~2 Hz expert, ~1 Hz novice). The sysop’s slower cadence is the design — the link cable doesn’t impose it; the rules do.

9. Solo-Play Degradation

When no link-cable peer is connected, Sysop Mode degrades gracefully. The cart does not brick — it offers a meaningful single-deck experience.

Tier 1: Sandbox / Practice Mode (v1.0 ship)

The cart provides a canned-attacker mode using a deterministic, scripted intruder running pre-recorded ICE Breaker traces. The sysop plays against three difficulty profiles:

NOVICE PROFILE (apprentice.tape) — burns tools fast, panics at trace 30, signature CDR-loops.
JOURNEYMAN PROFILE (journeyman.tape) — paced extraction, ignores honeypots, predictable egress.
SPECIALIST PROFILE (specialist.tape) — uses CONS aggressively, decoys with fake CDRs, late egress.

Each profile is a tape — a recording of an actual session played by a paid playtester (or in v1.1, contributed by community operators). Tapes are static and replayable; they do not adapt. The sysop learns the tape and can apply that learning to live link-cable sessions.

Solo sandbox payouts are scaled to 25% of linked payouts and grant no defender reputation (network memory still updates, so the sysop’s tour-of-duty fiction is preserved).

Tier 2: Adaptive AI Attacker (v1.1+ — out of scope for this spec)

A future version will replace static tapes with an adaptive AI attacker that reads the sysop’s deployments and adjusts. This is flagged but not designed here. Spawn a new task when v1.0 ships.

Tier 3: Replay Mode (v1.0)

The sysop can replay any completed linked session as a video with their own deployments visible, the attacker’s deployments revealed, and a post-hoc commentary track from CIPHER-LINE. Replays cost zero budget and cannot change the outcome. Useful for learning.

10. UDS Hooks & Economy

Universal Deck State Fields Read

operator-handle — rendered to the attacker as the sysop persona.
defender-reputation — gates contract tiers and CIPHER-LINE verbosity (separate from intruder reputation).
cartridge-history bitfield — the cart checks the :network-defense capability bit + at least one of :network-intrusion (ICE Breaker) on either deck for compatibility.
network-memory per-contract — read at session start, written at session end.
defender-tour-log — append-only log of defended sessions (handle of attacker, outcome, timestamp). Surfaces in the bare-deck LINK tab as “RECENT VISITORS.”

Universal Deck State Fields Written

defender-reputation — increments/decrements per § 7.
defender-tour-log — entry per completed session.
network-memory — node hardening state per § 3.
defender-doctrines — saved LAMBDA recordings (up to 8 slots).

Economy Hooks

Hook	Detail
Currency	Universal credits (`¤`) per `campaign-economy.md` — fully fungible with intruder credits. A sysop’s bounty can be spent on tool loadouts the next time the operator boots ICE Breaker.
Payout source	”Network owner” (fictional corporate paying the sysop). Payouts are deterministic at session-start for the trace-out outcome; lockout-trap and honeypot-dunk are bonuses computed at debrief.
Reputation track	`defender-reputation` (separate from intruder). Tiers: Apprentice 0–4 / Journeyman 5–14 / Specialist 15–24 / Master 25–49 / Legend 50+.
Sysop salary floor	Even on a loss, the sysop receives ~30% of contract base — a sysop is a salaried employee, not a freelancer. This prevents demoralization on early losses and matches fiction.
Cross-track interactions	At Master defender + Master intruder, the operator unlocks dual-rep contracts — a defender-side mission that has the operator running Sysop Mode against an AI attacker who plays in the operator’s own session-history style. Self-vs-self play. v1.1+. Flagged here, designed in a follow-up task.

Sysop Mode is a net source of credits into the economy at the system level (the fictional network owner pays both attacker and defender, effectively), but per-session it’s roughly zero-sum: a successful intrusion drains the network owner; a successful defense pays the sysop from the owner’s coffers; both cases credit the operator(s).

11. Mission Templates

The mission board generates Sysop Mode contracts when the deck has the :network-defense capability bit set, scaled by defender-reputation. Five canonical templates ship at v1.0.

Template 1: STANDARD WATCH (Threat 1–3)

Default contract. Generic corporate / institutional network. Three ICE budget points per threat tier. Attacker is matchmade by reputation proximity.

Network: 14–16 nodes, RANDOM topology
Honeypots: 1
Sysop budget: 4 ICE / 3 alarms / 1 trace / 0 lockouts (Threat 1) → 8 / 5 / 2 / 1 (Threat 3)
Duration: 8–15 min
Payout: 200–500 ¤ (defender win); 60–150 ¤ (defender salary floor on loss)
Reputation: ±2

Template 2: HONEYPOT FIELD (Threat 2–4)

The network owner has heavily seeded fakes. Sysop’s job is to route the attacker into the honeypots without being obvious.

Honeypots: 3–4 (vs. 1 standard)
Real assets: Only 2 — both well-defended
Sysop budget: ICE budget reduced 30% but +2 alarms
Bonus payout: +20% if attacker drills all honeypots
Threat to read: can the sysop resist over-defending the real assets?

Template 3: VAULT SHIFT (Threat 3–5)

A single high-value target. The network is small (10–12 nodes), with one obvious “vault” node. The attacker knows what they’re after; the sysop knows it too.

Network: 10–12 nodes, RADIAL with vault as hub
Sysop budget: Heavy lockouts (2–3) — the cart wants you to use them
Win condition (sysop): Lockout-trap is heavily favored (+30% bounty multiplier on lockout-trap outcome)
Threat to read: when does the attacker commit to the hub? Trap then.

Template 4: TRIPLE TOUR (Threat 3, multi-session)

A 3-session contract — same network, same network owner, three different attackers over three sessions. The sysop’s reputation persists; the network’s hardening persists; the attacker pool refreshes.

Sessions: 3, played consecutively or across multiple bare-deck visits to the LINK tab
Network memory: Each session’s hardening carries forward — by Session 3, the network is brutally hardened against any attacker who hasn’t done their homework
Payout: Per-session standard + 50% completion bonus on Session 3
Reputation: ±5 (cumulative, per session)
Hot Swap relevance: None — the sysop’s cart stays loaded throughout

Template 5: ZERO-DAY SHIFT (Threat 5, defender Rep 50+)

Endgame defender content. The sysop is on shift during a zero-day exploit campaign — a known Master-tier intruder is hunting somewhere on the operator’s network and will attempt extraction tonight. The sysop knows the attacker will come; they don’t know which contract or when.

Network: 16–18 nodes, hardened from network memory, multiple honeypots
Attacker: Real linked-cable peer with Master+ rep, matched by handle reputation
Sysop budget: Maximum across all categories — 8 ICE / 5 alarm / 3 trace / 2 lockouts
Win condition: Defender win required for any payout (no salary floor — high-stakes)
Payout: 1500–2500 ¤
Reputation: ±10

12. CIPHER-LINE Contributions

Sysop Mode’s voice: the sysop persona — a watchful, professional, slightly bored security operator who has seen every trick. Distinct from ICE Breaker’s voice (which is the intruder’s internal monologue / network ambient). The sysop voice is external to the operator running Sysop Mode — it speaks as the network’s immune system, addressed to the intruder.

Vocabulary Pools

(:subject       "intruder" "operator" "trace" "perimeter" "shift"
                "console" "log" "alert" "incident")
(:object        "node" "alarm" "trip-wire" "trap" "lockout" "ice")
(:location      "perimeter" "core" "edge" "hub" "watch" "console")
(:verb-present  "watching" "logged" "trips" "snaps" "holds" "waits"
                "marks" "tracks")
(:verb-past-participle "logged" "traced" "trapped" "marked" "held"
                "burned" "noted")
(:memory-keyword "shift" "incident" "trace" "perimeter" "watch")
(:affect-word   "patient" "marked" "noted" "logged" "tired" "ready")
(:defender-pronouns "i" "we" "the watch" "the shift")  ;; first-person sysop

Production Fragments

(:mode-observe
  (3 (:subject) ". " (:affect-word) ".")
  (2 (:defender-pronouns) " see you.")
  (2 "node " (number) ". noted."))

(:mode-annotate
  (3 "trace climbing. " (:affect-word) ".")
  (2 "alarm " (number) " tripped.")
  (1 "you're loud."))

(:mode-reflect
  (3 "third visit this shift. " (:memory-fragment))
  (2 "this one again. " (:memory-fragment))
  (1 "every shift, someone."))

(:mode-drift
  (2 "long shift. coffee cold.")
  (1 "the watch never sleeps.")
  (1 "two thousand nights of this."))

:event-types
  ((:type :alarm-tripped       :affect (:significant))
   (:type :ice-spawned         :affect (:routine))
   (:type :lockout-fired       :affect (:significant))
   (:type :honeypot-dunk       :affect (:amused))
   (:type :attacker-trace-hi   :affect (:tense))
   (:type :attacker-extracts   :affect (:tense))
   (:type :session-won         :affect (:satisfied))
   (:type :session-lost        :affect (:tired)))

Mode-Weight Biases

Beat	`observe`	`annotate`	`reflect`	`drift`	`silent`
`:placement-window`	+0.05	—	+0.05	—	+0.10
`:intrusion-phase`	+0.10	+0.05	—	—	—
`:alarm-fired`	—	+0.20	—	—	—
`:lockout-fired`	—	+0.15	+0.05	—	—
`:debrief-win`	—	—	+0.15	+0.10	—
`:debrief-loss`	—	—	+0.10	+0.15	+0.05

Style Deltas

((:placement-window  (:terseness +30 :certainty +25))
 (:alarm-fired       (:terseness +40 :certainty +50))
 (:lockout-fired     (:terseness +20 :certainty +60))
 (:debrief-win       (:terseness +0  :certainty +30 :temporal-blur +20))
 (:debrief-loss      (:terseness +20 :certainty +0  :temporal-blur +10)))

Tonal Distinction from ICE Breaker

ICE Breaker’s CIPHER voice is the intruder’s internal monologue — second-person-self, anxious, observational (“CAPABILITY GAP DETECTED”). Sysop Mode’s CIPHER voice is the immune system speaking — first-person-plural, professional, addressed to the intruder (“we see you. node 7. logged.”). The two should never be confused on CIPHER-LINE; the operator immediately knows whose console they’re sitting at by the voice’s register.

Structurally Important Moments Preserved on CIPHER-LINE

Beat	Intent	CIPHER-LINE fragment(s)
Attacker enters armed node	”Trip-wire. Logged.”	`alarm 2. tripped.`
Trace cell predicts next move	”We see your hand.”	`next: car node 7. spike.`
Lockout fires	”Caught.”	`node 4. held.` / `caught.`
Honeypot dunk	”Took the bait.”	`honeypot. ours.` / `bait taken.`
Attacker egresses (sysop loss)	“They got out. Tired.”	`they ran. fast.` (tired)
Defender win (lockout-trap)	“Caught in the act.”	`held. through three.`
Long shift drift	”Two thousand nights of this.”	(drift production fragments above)

nEmacs / Doctrine-Authoring CIPHER

When the sysop drops to TERM during intrusion phase to author a doctrine in the LAMBDA editor (per § Lisp Paradigm row), CIPHER-LINE switches to silent + occasional drift — the sysop is “writing in their journal between watches”; the network’s immune-system voice goes quiet.

13. nEmacs Contributions

Per ADR-0016, Sysop Mode declares its scripted-mission surface for the predictive palette and pre-mission authoring.

Scripted Missions?

Yes — doctrine authoring. A sysop can pre-author doctrines — Lisp predicates that take attacker state and return placement recommendations. Custom doctrines unlock at defender-Rep 12+. The cart ships canonical default doctrines; scripted authoring is an expression channel for veterans.

Typical scripted shapes:

(threat-assessment attacker) — score the attacker’s current state on a 0–100 risk scale.
(suggest-placement budget network attacker) — return a preferred placement given resources.
(on-alarm-fired (lambda (node) ...)) — reactive handler bound to alarm trips.
(on-attacker-cdr-pattern (lambda () ...)) — handler bound to the attacker’s CDR/backtracking pattern.

Cart Grammar Fragments

Contributed via (emacs-extend-grammar ...) at cart-load:

(emacs-extend-grammar
  ;; Network primitives (shared with ICE Breaker / Nodespace)
  (network)                                  ; current topology
  (node          (id))                       ; node by ID
  (neighbors     (id))
  (attacker)                                 ; current attacker state
  (attacker-node)
  (attacker-trace)
  (attacker-toolkit)
  (attacker-history (&key :n))               ; last N OODA steps
  ;; Defender resources
  (budget)                                   ; remaining placement budget
  (alarms-active)
  (traces-left)
  (lockouts-held)
  ;; Placement primitives
  (place-ice    (node &key :class))
  (place-alarm  (node &key :trigger))
  (place-trace  (node))
  (place-lockout (node))
  (withdraw     (node))
  (route-hunter (from-node to-node))
  ;; Predictive
  (predict-next-move (attacker))
  (threat-assessment (attacker))
  ;; Event binders
  (on-alarm-fired   (&body handler))
  (on-attacker-cdr  (&body handler))
  (on-lockout-fired (&body handler))
  (on-window-open   (&body handler))
  ;; Session lifecycle
  (session-clock)
  (placement-window-open?)
  (session-phase))                           ; :setup :play :debrief

Vocabulary Contribution

Via (emacs-extend-vocabulary ...):

(emacs-extend-vocabulary
  "sysop" "shift" "watch" "console" "log" "incident"
  "intruder" "attacker" "trace" "perimeter" "trip-wire"
  "ice" "alarm" "trap" "lockout" "honeypot" "bait"
  "junk" "black" "red" "hunter" "pursuit"
  "place" "withdraw" "route" "deploy" "commit"
  "doctrine" "tour" "shift" "veteran" "rookie"
  "patient" "ready" "marked" "noted" "burned" "held")

`prompt-text` FFI Usage

Yes — for doctrine names and CIPHER-LINE seed-capture taunts. The sysop names saved doctrines (e.g., “tight-vault-hold”) via prompt-text, and TERM during the placement window opens a 16-char prompt-text for a one-shot CIPHER-LINE taunt fragment that gets emitted on the next attacker action. Per ADR-0016 §8.

Double-Tap and Long-Press Bindings

Key	`:tap`	`:double-tap`	`:long-press`
`INFO`	`inspect-node` — placements + attacker telemetry on the cursored node	`attacker-deep-history` — last 3 sessions on this node	`network-influence-overlay` — render projected attacker reach (hold to view)
`CAR`	`drill-into-node`	—	—
`EVAL`	`commit-staged-placement`	—	`commit-with-prediction` — preview attacker’s next move before committing
`QUOTE`	`stage-placement`	`bookmark-placement` — save to doctrine slot	—
`EQ`	`compare-nodes`	—	—
`LAMBDA`	`record-doctrine`	`replay-doctrine` (auto-stages, requires per-step EVAL)	—
`TERM`	`cipher-taunt-seed`	—	`nemacs-author-doctrine` — drop into LAMBDA editor
`LINK`	`peer-status`	—	`abort-session-graceful`

Row 24 renders contextually:

Placement window: [1-9=node CAR=stage EVAL=commit QUOTE=stage(no-cost) TERM=taunt LINK=peer]
Intrusion phase: [INFO=inspect INFO²=history TERM=doctrine LINK=peer status]

Context-Polymorphic Key Semantics (Cart Gameplay)

Sysop Mode has three primary contexts: placement window, intrusion phase (passive), and debrief:

Key	Placement	Intrusion (passive)	Debrief
`INFO`	inspect-staging	inspect-cursored-node	inspect-session-line
`CAR`	stage-placement	drill-attacker-current-node	replay-from-here
`CDR`	cycle-cursor	cycle-cursor	next-line
`CONS`	combine-staging	—	—
`EVAL`	commit	(no-op — out of window)	accept
`QUOTE`	stage-no-commit	bookmark-cursored-node	bookmark-line
`LAMBDA`	record-step	—	save-as-doctrine
`TERM`	taunt-seed	nemacs	—

When the sysop drops into nEmacs/REPL during intrusion phase to author a doctrine, dispatch yields to :nemacs-nav per ADR-0016 §3. The session continues — the sysop may miss placement windows while in the editor. This is intentional friction: doctrine authoring is for the between-sessions tour-of-duty fiction, not live play.

14. Link-Cable Integration (Contract with GWP-330)

Sysop Mode declares the following events the link-cable layer must provide. The wire format, framing, and peer-discovery protocol are owned by GWP-330 (Backlog). This spec only enumerates the gameplay-level events expected on each side.

Sysop → Attacker (commands)

Event	Payload	Latency budget
`place-ice`	`(node, class)`	≤ 250 ms
`place-alarm`	`(node, trigger)`	≤ 250 ms
`place-trace`	`(node)`	≤ 250 ms
`place-lockout`	`(node, duration)`	≤ 250 ms
`withdraw`	`(node)`	≤ 250 ms
`lockout-announce`	`(node)`	≤ 100 ms (must surface on attacker’s main grid before next OODA)
`cipher-emit` (taunt)	`(fragment)`	≤ 100 ms
`session-abort`	—	≤ 1 s

Attacker → Sysop (telemetry)

Event	Payload	Latency budget
`node-entered`	`(node)`	≤ 250 ms
`tool-used`	`(tool, node)`	≤ 250 ms
`extraction-started`	`(node, payload)`	≤ 100 ms
`extraction-complete`	`(node, payload)`	≤ 100 ms
`egress-initiated`	—	≤ 100 ms (triggers immediate placement window)
`trace-update`	`(level)`	≤ 250 ms (1 Hz polling acceptable)
`oodq-step`	`(node, intent)`	best-effort (TRACE_CELL relies on this)
`session-abort`	—	≤ 1 s

Bidirectional

Event	Payload	Latency budget
`topology-sync`	`(seed, node-list, edge-list)`	At session-start only; ≤ 3 s
`heartbeat`	—	1 Hz, 3-miss disconnect
`network-memory-commit`	`(per-node deltas)`	At session-end; ≤ 2 s

If GWP-330 cannot meet oodq-step best-effort delivery, TRACE_CELL semantics degrade (the prediction may be stale by one cycle) — the cart must surface this as next: car node 7. (stale) on CIPHER-LINE. Acceptable degradation; not a blocker.

15. Screen Wireframes

Screen 1: Sysop Briefing (Pre-session)

See § 6 Phase A above.

Screen 2: Main Console (Placement Window Open)

ROW 0: SYSOP MODE > VAULT SHIFT [THREAT 4] [WINDOW: 4.2s] [BUDGET: 5/8]
ROW 1:
ROW 2: NETWORK TOPOLOGY                              ATTACKER: GHOSTWIRE
ROW 3: ─────────────────────────────────────         Trace ......... 28
ROW 4:                                               Position ...... NODE 5
ROW 5:    [N0]──[N1]──[N2]──[N3]                     Toolkit ....... 4 left
ROW 6:     │     │     │     │                       Last action ... CAR-5
ROW 7:    [N4]══[N5]──[N6]──[N7]  ← attacker         OODA cycle .... 2.0 Hz
ROW 8:     │     ★     │     │
ROW 9:    [N8]──[N9]──[NA]──[NB]                     PLACEMENTS ACTIVE
ROW 10:    │     │     ▲     │                        ICE: 3 of 6
ROW 11:   [NC]──[ND]──[NE]──[NF]                      Alarms: 2 (NA armed)
ROW 12:                                               Trace: 1 charge held
ROW 13: ─────────────────────────────────────         Lockouts: 1 of 1
ROW 14:
ROW 15: STAGING: ICE_NODE :class :hunter :node N9
ROW 16:   Cost: 3 budget points | Predicted: HUNTER chases attacker S→W
ROW 17:   QUOTE held — not yet committed
ROW 18:
ROW 19: PALETTE:
ROW 20:   [1] place ICE   [2] place alarm   [3] place trace   [4] lockout
ROW 21:   [5] withdraw    [6] route hunter  [7] hold window
ROW 22:
ROW 23:  [1-9=node  CAR=stage  EVAL=commit  QUOTE=stage(no cost)  TERM=taunt]
ROW 24: SYSOP CONSOLE │ WINDOW 4.2s │ BUDGET 5/8 │ ATK TRACE 28 │ READY

Screen 3: Intrusion Phase (Passive Watch)

ROW 0: SYSOP MODE > VAULT SHIFT [WINDOW CLOSED] [NEXT: 6.4s] [BUDGET: 5/8]
ROW 1:
ROW 2: NETWORK TOPOLOGY                              ATTACKER: GHOSTWIRE
ROW 3: ─────────────────────────────────────         Trace ......... 31
ROW 4:                                               Position ...... NODE 6
ROW 5:    [N0]──[N1]──[N2]──[N3]                     Toolkit ....... 3 left
ROW 6:     │     │     │     │                       Last action ... CDR
ROW 7:    [N4]══[N5]──[N6]──[N7]                     Cycle rate .... fast
ROW 8:     │     ▴     ★     │                       ↑ approaching VAULT
ROW 9:    [N8]──[N9]──[NA]──[NB]                       N7 = vault (defended)
ROW 10:    │     ■     ▲     │                         N9 ICE staged
ROW 11:   [NC]──[ND]──[NE]──[NF]                       NA alarm armed
ROW 12:
ROW 13: ─────────────────────────────────────         RECENT EVENTS
ROW 14:                                               17:22 atk entered N5
ROW 15: WATCHING.                                     17:24 atk used CRACK
ROW 16: Next placement window opens in 6.4 seconds.   17:26 atk entered N6
ROW 17:                                               17:28 trace +5 → 31
ROW 18: TERM to author doctrine in nEmacs editor.
ROW 19: LINK to inspect peer status.
ROW 20:
ROW 21:
ROW 22:
ROW 23:  [INFO=inspect  TERM=doctrine  LINK=peer  SYS=abort]
ROW 24: SYSOP CONSOLE │ WATCHING │ NEXT WINDOW 6.4s │ ATK ON N6

Screen 4: Debrief (Defender Win — Lockout-Trap)

ROW 0: SYSOP MODE > VAULT SHIFT [COMPLETE] [VICTORY: LOCKOUT-TRAP]
ROW 1:
ROW 2:                          ★ DEFENDED ★
ROW 3:
ROW 4:                    Outcome ............. LOCKOUT-TRAP
ROW 5:                    Attacker ............ GHOSTWIRE (Specialist)
ROW 6:                    Caught at ........... NODE 7 (vault)
ROW 7:                    Session length ...... 11:42
ROW 8:                    Attacker trace ...... 67 / 100
ROW 9:
ROW 10:                          PERFORMANCE ANALYSIS
ROW 11:                    ═════════════════════════════════
ROW 12:                    Placements committed .... 7 of 8
ROW 13:                    Alarms tripped .......... 2 of 4
ROW 14:                    Honeypot dunks .......... 1 (+15% bonus)
ROW 15:                    Lockouts fired .......... 1 of 1
ROW 16:                    Doctrine match .......... TIGHT-VAULT-HOLD
ROW 17:
ROW 18:                    Bounty payout ........... 1700 ¤ (×0.85 trap)
ROW 19:                    Honeypot bonus .......... +255 ¤
ROW 20:                    Defender Rep gain ....... +5
ROW 21:
ROW 22:  [EVAL=accept] [LAMBDA=save doctrine] [BACK=tour log]
ROW 23: VICTORY │ PAYOUT: 1955¤ │ DEF REP: +5 │ LOCKOUT-TRAP
ROW 24: SYSOP MODE │ DEFENDED │ VAULT SHIFT │ TIGHT-VAULT-HOLD doctrine

Screen 5: Solo Sandbox / Tape Selection

ROW 0: SYSOP MODE > SOLO SANDBOX [DEF REP: 17] [CREDITS: 2400¤]
ROW 1:
ROW 2: TAPES (canned attackers — practice mode, 25% payout, no rep)
ROW 3: ────────────────────────────────────────────────────────────
ROW 4:
ROW 5: ▸ APPRENTICE.TAPE — Novice profile
ROW 6:    Burns tools fast. Panics at trace 30. CDR loops.
ROW 7:    Network: 14-node CLUSTERED | Duration: ~8 min
ROW 8:    Difficulty: ★☆☆☆☆
ROW 9:
ROW 10: ▸ JOURNEYMAN.TAPE — Paced extraction
ROW 11:    Steady CDR pattern. Ignores honeypots. Predictable egress.
ROW 12:    Network: 16-node RANDOM | Duration: ~12 min
ROW 13:    Difficulty: ★★☆☆☆
ROW 14:
ROW 15: ▸ SPECIALIST.TAPE — CONS-aggressive, decoy-CDRs
ROW 16:    Combines tools mid-run. Fakes backtracks. Late egress.
ROW 17:    Network: 18-node CLUSTERED | Duration: ~17 min
ROW 18:    Difficulty: ★★★★☆
ROW 19:
ROW 20: For live linked play: bare deck > LINK tab.
ROW 21:
ROW 22:  [CAR=load tape  CDR=next  EVAL=launch  BACK=bare deck]
ROW 23: SOLO SANDBOX │ 3 TAPES │ DEF REP: 17 │ STATUS: SELECT
ROW 24: SYSOP MODE │ SANDBOX │ NO LINK CABLE REQUIRED

16. Open Questions

Tracked here for follow-up review. None block v1.0 of this spec; each is flagged for the named follow-up task.

Adaptive AI attacker (v1.1). Tier 2 of solo-play degradation needs design. Tape-based v1.0 ships without this; v1.1 should design an attacker AI that reads sysop deployments. Spawn task post-v1.0 ship.
Self-vs-self dual-rep contracts. § 10 economy hooks references a Master+Master unlock where the operator runs Sysop against an AI replaying their own intrusion style. Mechanic intriguing but undesigned. Spawn task — flag for capability-model design bible.
Per-attacker reputation (sysop-side). Should the sysop have a reputation track per attacker handle (e.g., the operator has defended against GHOSTWIRE four times — sysop now gets a “rival” tag and bonus payouts)? Probably yes; out of scope here. Spawn task for UDS schema extension.
Doctrine sharing across operators. Can a sysop export a saved doctrine and import it onto another operator’s deck (cartridge swap or USB-mass-storage move)? The fiction supports it (“a sysop’s playbook”); the implementation depends on UDS export semantics. Defer to future capability-model spec.
GWP-330 protocol contract. § 14 declares latency budgets and event names. If GWP-330’s protocol design forces tighter or looser numbers, this spec’s pacing in § 8 must be revised. Re-link with GWP-330 when that task lands.
CIPHER-LINE main-grid lockout-announce contradiction. § 4 LOCKOUT_CELL specifies that a lockout announcement renders on the attacker’s main grid (NODE 4: NETWORK LOCKDOWN…). This is consistent with the existing ICE Breaker convention of firmware-Row-24-style alerts, but it should be cross-checked against ADR-0015’s “CIPHER-LINE-exclusive” rule to confirm a system-level alert is not “CIPHER” content. Not a CIPHER fragment — it’s a runtime alert. Validate with PM during review.
Honeypot generation logic. Honeypots are seeded at contract generation, not by the sysop. Should an advanced sysop be able to re-flag a node as a honeypot mid-session as a deception mechanic? Probably v1.1+. Spawn task post-launch.

17. Acceptance Criteria Mapping

For Notion task GWP-323 review traceability, this spec satisfies the listed acceptance criteria as follows:

AC	Section
Spec doc at correct path	This file: `docs/software/cartridges/modules/sysop-mode.md`
Capability bit assignment	§ 1 (`:network-defense`) — proposed; reservation in canonical capability table tracked as a follow-up edit to the capability design bible
Defender mechanics (ICE / alarm / trace / lockout)	§ 4 (cell types)
Asymmetric goal model	§ 1 (philosophy) + § 7 (win/loss conditions)
Link-cable wire-protocol sketch	§ 14 (event-level contract); wire-format itself out of scope per GWP-330
Single-deck fallback	§ 9 (solo-play degradation tiers)
Cell types enumerated	§ 4
CIPHER voice rules (both sides)	§ 12 + tonal-distinction subsection
Round structure	§ 6
Reward economy (both sides, defender vs operator rep)	§ 7, § 10

End of specification.