[Whitepaper] Windows SDOS: Stateless Parasitic Architecture Implementation Specification

⚖️ Honest Declaration & Legal Disclaimer

The technical framework described in this document originates from my initial concepts; however, all technical details, architectural analysis, and citations were deeply authored and generated by Gemini Deep Research. I am not a computer science expert and assume no responsibility for the technical feasibility, system stability, or legal risks (including but not limited to EULA infringement) involved. This project is licensed under the Apache License 2.0 and is provided on an "AS IS" basis. I will not actively maintain this repository and have disabled all interaction features.

1. Introduction: The Crisis of Generational Fragmentation

The evolution of Windows is essentially a continuous struggle over "state management" and "environmental isolation."

• Technical Pain Points: With Windows 11 24H2 introducing stricter kernel filter driver specifications and TPM 2.0 restrictions, traditional physical cloning has become incompatible with modern hardware (such as NVMe Gen5 or AI-accelerated hardware).
• Historical Limitations:
  • Windows XP Era: Introduced .local redirection to address "DLL Hell," pioneering the 1-to-1 static isolation path.
  • Windows 7/10 Era: The massive expansion of the WinSxS directory led to system bloat, sparking the VHDX parasitic concept of "Base Disk + Differential Disk."
• Solution Path: Shifting from "Physical Cloning" to "Software-Defined," dividing the system into a hardware-aware "Physical Skeleton" and a software-aware "Virtual DNA Map."

2. Physical Foundation: The 15GB VHDX Skeleton

To boot on modern hardware, a miniaturized, hardware-aware boot core must first be established.

• Core Solidification (Storage Tuning): Use DISM /ResetBase to lock the component store, stabilizing the core VHDX at approximately 5GB - 8GB ¹.
• Redirection Strategy: Retain only \Windows on the C: drive. Use mklink /J to redirect \Users to a physical host disk (e.g., D:), ensuring setting persistence without consuming VHDX space ².
• Resource Optimization: Use Diskpart boot scripts to move Pagefile.sys to physical disks and disable SysMain and Indexer to maintain static boot RAM usage between 600MB - 900MB.
• WDAC Proactive Defense: Implement Windows Defender Application Control (WDAC) whitelisting to replace energy-intensive background real-time scanning, significantly saving CPU cycles ³.

3. Software-Defined Layer: ProjFS Dynamic Projection (SDOS)

This is the core leap from "Files as System" to "Instruction as System," enabling the instantaneous materialization of stateless environments.

• Process-Aware Projection:
  • Leverage TriggeringProcessId within Windows Projected File System (ProjFS) callback data ⁴.
  • Dynamic Adaptation Logic: When legacy Software A requests a file, the provider projects the Windows 7 version of ntdll.dll; when modern Software B requests it, the native Windows 11 version is provided ⁵.
• 16-Bit Translation Integration: For Windows 95/98 era software, integrate a lightweight otvdm (winevdm) translation layer (~50MB), granting 64-bit cores the native ability to execute 16-bit instructions.

4. Resource Core: Global Unified DNA Maps

The DNA Map is the soul of the system, defining a content-addressable index for cross-generational binaries.

• DNA Construction Logic:
  • Resource Pool Deduplication: Utilize WIM Single Instance Storage (SIS) features; cross-generational component overlap often exceeds 85%.
  • Coverage Strategy: Use the first version (RTM) of each generation as a baseline and scan all subsequent Latest Cumulative Updates (LCU) to extract all evolutionary DNA.
  • Key Calculation: Precise indexing based on symbols and hash logic: Key = Hex(Timestamp) + Hex(SizeOfImage) ⁶.
• Efficient Distribution & P2P:
  • Local Cache: Downloaded DLLs are stored in a local \Resource_Pool for zero-latency secondary launches.
  • P2P Streaming: Set the registry DODownloadMode = 3 to utilize Windows Delivery Optimization (DO) technology, allowing LAN devices to share verified component blocks ⁷.

5. Legal & Compliance: Zero-Distribution Model

When distributed on GitHub, this architecture adopts a "Share Logic, Not Binaries" strategy to comply with EULA.

• Community Contribution: Share only JSON-formatted DNA Maps and processing scripts; no copyrighted Microsoft files are included ⁸.
• Legal On-the-Fly Extraction: Scripts guide users to extract required binary components locally from official ISOs or the Microsoft Symbol Server ⁹.
• License Inheritance: Utilize the host machine's HWID digital binding to ensure the parasitic environment shares the legal license activation of the host.

6. Project Policy & Interaction Settings

• Read-Only Research: This repository has disabled Issues, Discussions, and Wiki features. It does not accept feedback during the process.
• Fork-Oriented: Readers who wish to implement this architecture should Fork the project and develop their own branches.
• Summoning Witness: I will not actively monitor this project. If the vision becomes a reality, please mention (@) me in your Fork or external discussion; I will receive an email notification to witness the results.

📚 References

[技術白皮書] Windows SDOS：無狀態寄生架構之實務實作規範

⚖️ 誠實聲明與法律免責 (Disclaimer)

本文件描述之技術框架源於本人之初始構想，但全文技術細節、架構分析與引用來源均由 Gemini Deep Research 深度撰寫生成。本人非計算機科學專家，對文中涉及之技術可行性、系統穩定性及法律風險（包括但不限於 EULA 侵權）不負任何形式之保證責任。本專案採 Apache License 2.0 授權，按「現狀」(AS IS) 提供。本人將不主動維護此儲存庫並已關閉所有互動功能。

一、 緒論：Windows 世代演進中的相容性斷層 (Introduction)

Windows 的發展史是一場關於「狀態管理」與「環境隔離」的鬥爭。

• 技術痛點：隨著 Windows 11 24H2 引入更嚴苛的核心過濾驅動規範與 TPM 2.0 限制，傳統的物理克隆已無法適配現代硬體（如 NVMe Gen5 或 AI 加速硬體）。
• 歷史侷限：
  • XP 時代：引入 .local 重定向嘗試解決「DLL 地獄」，開創 1-to-1 靜態隔離先河。
  • Win 7/10 時代：WinSxS 目錄劇烈膨脹導致系統臃腫，催生「母盤 + 差分盤」的 VHDX 寄生思維。
• 解決路徑：從「物理克隆」轉向「軟體定義」，將系統劃分為具備硬體感知能力的「實體骨架」與具備軟體感知能力的「虛擬 DNA 地圖」。

二、 實體基礎層：15GB VHDX 骨架系統 (Physical Foundation)

為了在現代硬體上啟動，必須先建立一個微小化、具備硬體感知能力的啟動核心。

• 核心固化 (Storage Tuning)：透過 DISM /ResetBase 鎖死組件庫，將核心 VHDX 穩定在 5GB - 8GB。
• 重定向策略：僅保留 \Windows 於 C 碟，利用 mklink /J 將 \Users 指向實體硬碟 D: 槽，確保設定持久化且不佔用 VHDX 空間。
• 資源優化：利用 Diskpart 開機腳本將 Pagefile.sys 移至實體磁碟，並禁用 SysMain 與 Indexer，維持開機靜態 RAM 占用於 600MB - 900MB。
• WDAC 主動防禦：實施 Windows Defender Application Control (WDAC) 白名單，取代耗能的後台即時掃描，大幅節省 CPU 循環。

三、 軟體定義層：基於 ProjFS 的動態投影 (SDOS)

這是將「檔案即系統」轉化為「指令即系統」的核心躍升，實現無狀態環境的即時實體化。

• 進程感知投影 (Process-Aware Projection)：
  • 利用 ProjFS 回呼數據中的 TriggeringProcessId。
  • 動態適配邏輯：當舊軟體 A 請求時投影 Win7 版本之 ntdll.dll；當新軟體 B 請求時則提供原生 Win11 之 ntdll.dll。
• 16 位元轉譯整合：針對 Win95/98 世代軟體，整合輕量級 otvdm (winevdm) 轉譯層（約 50MB），賦予 64 位元核心原生執行 16 位元指令的能力。

四、 資源核心：全球統一 DNA 地圖 (Resource Core)

DNA 地圖是本系統的靈魂，定義了跨世代二進位文件的內容定址索引。

• DNA 構建邏輯：
  • 資源池去重：利用 WIM 單實例儲存 (SIS) 特性，跨世代組件重複率通常超過 85%。
  • 覆蓋策略：以各世代第一個版本 (RTM) 為基準，掃描後續所有累積更新補丁 (LCU)，提取所有演化 DNA。
  • 鍵值計算：基於符號與雜湊邏輯進行精確索引。
• 高效分發與 P2P：
  • 本地快取：下載過的 DLL 存儲於本地 \Resource_Pool。
  • P2P 續傳：設定註冊表 DODownloadMode = 3，利用 Windows 傳遞優化 (DO) 技術讓區域網路設備共享組件塊。

五、 法律與合規：零分發 (Zero-Distribution) 模型

本架構在 GitHub 分發時採取「分享邏輯，不分發肉體」的策略以符合 EULA 規範。

• 社群貢獻：僅分享 JSON 格式的 DNA 地圖與處理腳本，不含任何微軟版權檔案。
• 合法現場提取：腳本引導用戶從官方 ISO 或 Microsoft Symbol Server 現場提取所需的二進位組件。
• 授權繼承：利用原機 HWID 數位綁定，確保寄生環境與主機共用合法授權啟動。

六、 專案政策與互動設定 (Project Policy)

• 唯讀研究：本儲存庫已關閉 Issues、Discussions 與 Wiki 功能，不接收任何過程中的反饋。
• Fork 導向：讀者若欲實踐此架構，請自行 Fork 專案並發展個人分支。
• 召喚見證：我不會主動關注此專案。若願景成真，請在您的 Fork 或外部討論標記 (@) 我，我將透過郵件通知前來見證成果。

引用文獻 (References)

[技術白皮書補遺：核心組件實作規範]

3.3 基於 Wimgapi/wimlib 的映像解構與流式提取

• 機制 (Mechanism)：
  • 無掛載提取 (Mountless Extraction)：本架構捨棄傳統 DISM 需掛載 VHDX/WIM 之繁瑣流程，改採 wimlib 進行底層映像掃描。這允許腳本在「不提權、不佔用掛載點」的情況下，直接從映像檔中流式提取（Streaming）特定雜湊值的二進位組件。
  • LWM 格式優化：透過 wimlib 處理 LWM (Linked WIM) 格式，實現跨多個 Windows 版本（如同時保留 Windows 7 與 Windows 11 組件）的單一實例儲存（Single-Instance Storage），將多版本共存的冗餘空間占用降至最低。

4.1 DNA Maps：基於雜湊的二進位識別與元數據索引

• 構建邏輯 (Construction Logic)：
  • 唯一鍵值生成 (Primary Key)：為了解決文件名相同但補丁版本不同的衝突，DNA Maps 採用 PE 標頭中的元數據作為索引鍵： DNA_Key = Hex(IMAGE_OPTIONAL_HEADER.TimeDateStamp) + Hex(IMAGE_OPTIONAL_HEADER.SizeOfImage) ⁶。此組合在 Windows 生態系中具備極高的碰撞抵抗力，能精確定位特定補丁等級的組件。
  • 逆向索引與資源解耦：DNA Maps 不僅記錄檔案路徑，更紀錄該檔案在 LCU（累積更新）或原始 WIM 映像中的分段位移 (Offset) 與壓縮區塊 (Chunk) 資訊。

​DNA Maps 在本架構中實際上承擔以下三項核心任務：

​消除版本歧義 (De-aliasing)：

​任務：Windows 系統中存在大量同名但字節（Byte）完全不同的檔案（例如 Windows 10 各個補丁版本的 kernel32.dll）。 ​實作：DNA Maps 放棄檔案路徑索引，改採 內容定址 (Content-Addressing)。透過計算 Hex(Timestamp) + Hex(SizeOfImage) ⁶ 生成唯一的 DNA 序列號。這確保了 ProjFS 在投影時，絕不會因為檔案同名而誤載錯誤版本的系統邏輯。

​映像檔內容解耦 (Decoupling From WIM/ESD)：

​任務：讓系統不再依賴「整個」映像檔，而是將映像檔視為一個組件資源池。 ​實作：DNA Maps 紀錄了特定組件在壓縮包（WIM/ESD）中的 區塊位移 (Block Offset) 與 壓縮演算法參數。配合 wimlib 的流式處理能力，系統可以直接「抽取出」所需的特定 DLL，而無需解壓整個 5GB 的 install.wim。

​橫向演化追蹤 (Evolutionary Tracking)：

​任務：建立跨時代的組件關聯。 ​實作：地圖中包含「演化路徑」，例如記錄某個 Windows 7 的特定功能組件在 Windows 11 中對應的替代檔。這使得 SDOS 能夠在投影層自動完成「環境補丁」，實現舊版軟體在現代內核上的無感寄生。

[Whitepaper Addendum: Core Component Implementation Specifications]

3.3 wimlib-based Image Deconstruction and Streaming Extraction

• Mechanism:
  • Mountless Extraction: This architecture abandons the cumbersome traditional DISM process which requires mounting VHDX/WIM files. Instead, it utilizes wimlib for low-level image scanning. This allows scripts to perform Streaming Extraction of binary components with specific hash values directly from image files without requiring administrative privileges or occupying mount points.
  • LWM Format Optimization: By leveraging wimlib to handle LWM (Linked WIM) formats, the system achieves Single-Instance Storage (SIS) across multiple Windows versions (e.g., simultaneously retaining Windows 7 and Windows 11 components). This minimizes the redundant storage footprint typically caused by multi-version coexistence.

4.1 DNA Maps: Hash-based Binary Identification and Metadata Indexing

• Construction Logic:

  • Primary Key Generation: To resolve conflicts where different patch versions share the same filename, DNA Maps utilizes metadata from the PE header as the index key:

    ⁶ This combination offers extremely high collision resistance within the Windows ecosystem, enabling the precise localization of components at specific patch levels.

  • Reverse Indexing and Resource Decoupling: DNA Maps record more than just file paths; they document the Block Offset and Compression Chunk information of the file within an LCU (Latest Cumulative Update) or the original WIM image.

4.2 Core Missions of DNA Maps

In this architecture, DNA Maps fulfill three primary missions:

• De-aliasing (Version Conflict Resolution):

  • Task: Windows systems contain numerous files with identical names but entirely different byte content (e.g., various patched versions of kernel32.dll in Windows 10).
  • Implementation: DNA Maps discard file-path-based indexing in favor of Content-Addressing. By generating a unique DNA serial number via the Hex(Timestamp) + Hex(SizeOfImage) formula, the system ensures that ProjFS never misloads an incorrect version of system logic due to filename collisions.

• Decoupling from WIM/ESD Content:

  • Task: To shift the system away from depending on the "entire" image file, treating it instead as a Component Resource Pool.
  • Implementation: DNA Maps store the specific Block Offset and compression algorithm parameters for each component within the compressed package (WIM/ESD). Combined with the streaming capabilities of wimlib, the system can "extract" specific required DLLs on-the-fly without decompressing the entire 5GB install.wim.

• Evolutionary Tracking:

  • Task: Establishing component relationships across different eras of Windows.
  • Implementation: The maps include "Evolutionary Paths," such as mapping a specific functional component from Windows 7 to its corresponding replacement in Windows 11. This allows SDOS to automatically apply "environment patches" at the projection layer, enabling legacy software to achieve Seamless Parasitism on a modern kernel.

1. [專案描述] (GitHub About Section)

Full-fidelity Technical Whitepaper for Windows SDOS. A stateless parasitic architecture utilizing ProjFS and Content-Addressable DNA Maps. Deeply authored by Gemini Deep Research.

2. [Topics 標籤] (GitHub Topics)

windows-internals projfs stateless-os architecture-whitepaper concept-only apache-2-0 operating-systems virtualization dna-maps research-paper

3. [SEO 關鍵字] (SEO Keywords)

Windows SDOS Architecture, ProjFS Virtualization Implementation, Stateless Parasitic OS, DNA Map Binary Indexing, Zero-Distribution Compliance Framework, Windows Component Offloading, Content-Addressable Storage for OS, Windows 11 24H2 Compatibility Research, ntdll.dll Redirection, DISM ResetBase Optimization.

[Static Whitepaper] Windows SDOS: Stateless Parasitic Architecture

[靜態技術白皮書] Windows 軟體定義作業系統：無狀態寄生架構規範

🔒 ARCHIVED & READ-ONLY / 已封存與唯讀聲明

English: This repository has been ARCHIVED. It is a static technical record of a conceptual framework. No further updates will be provided.

中文： 本儲存庫已封存。此為一套構想框架的靜態技術紀錄，未來將不再提供任何更新。

⚖️ FINAL DISCLAIMER / 最終免責聲明

本人非技術專家 (I am not a technical expert). >

1. Content Origin: All technical details, reverse-engineering logic, and architectural specifications were Deeply Authored by Gemini Deep Research.

2. No Binaries: This project contains ZERO copyrighted binaries. It is a pure logic framework.

3. License: Provided "AS IS" under Apache License 2.0.

Footnotes

1. Microsoft, "WinSxS folder, component store". ↩

2. Superuser, "Directory junction vs Directory symbolic link on NTFS". ↩

3. Microsoft Learn, "Windows Defender Application Control (WDAC) deployment guide". ↩

4. Microsoft, "PRJ_CALLBACK_DATA structure and TriggeringProcessId usage". ↩

5. Microsoft, "Windows Projected File System (ProjFS) overview". ↩

6. Bruce Dawson, "Symbols the Microsoft Way". ↩ ↩² ↩³ ↩⁴

7. Microsoft, "Delivery Optimization reference (DODownloadMode)". ↩

8. Microsoft, "End-User License Agreement (EULA) Terms". ↩

9. Microsoft, "Using Microsoft Symbol Server to get symbols manually". ↩