diff --git a/docs/MAN_CISS_ISO_BOOT_CHAIN.md b/docs/MAN_CISS_ISO_BOOT_CHAIN.md
index a9866a3..da1b7b4 100644
--- a/docs/MAN_CISS_ISO_BOOT_CHAIN.md
+++ b/docs/MAN_CISS_ISO_BOOT_CHAIN.md
@@ -40,77 +40,70 @@ include_toc: true
 
 # 5. End-to-End Boot Flow
 ```mermaid
-sequenceDiagram
-autonumber
+flowchart TD
+  subgraph Trusted HW Manufacturer
+    0000["System Power On"] e00@--> 0010["CPU reset 0xFFFFFFF0, POST"];
+    0010 e01@--> 0020["UEFI DXE Phase enumerates devices"];
+    0020 e02@--> 0030["Secure Boot (if enabled): db, dbx, KEK, PK loaded from NVRAM"];
+    e00@{ animation: fast }
+    e01@{ animation: fast }
+    e02@{ animation: fast }
+  end
 
-box lightgrey Trusted Manufacturer
-participant 0000 as Power On
-participant 0010 as POST
-participant 0020 as UEFI Initialisation
-end
+  subgraph Trusted Secure Boot
+    0030 e03@--> |SUCCESSFUL| 0040["Loading \EFI\BOOT\BOOTX64.EFI"];
+    0040 e04@--> 0050["Loading \EFI\BOOT\GRUBX64.EFI"];
+    0050 e05@--> 0060["Loading initrd.img"];
+    e03@{ animation: fast }
+    e04@{ animation: fast }
+    e05@{ animation: fast }
 
-box lightblue Trusted Secure Boot
-participant 0030 as Secure Boot Initialisation
-participant 0040 as bootx64.efi
-participant 0050 as grubx64.efi
-end
+  end
 
-box lightgreen Trusted CISS.debian.live.builder
-participant 0060 as initrd.img
-participant 0070 as Kernel Entry Point
-participant 0080 as Kernel Decompress
-participant 0090 as /init
-participant 0100 as Dropbear Remote Unlock
-participant 0110 as live-boot mounts ISO FS
-participant 0122 as 0022-ciss
-participant 0124 as 0024-ciss
-participant LUKS as LUKS2 & dm-integrity
-participant ROOT as RootFS (SquashFS/Overlay)
-participant 0126 as 0026-ciss
-participant 0130 as 0030-ciss
-participant 0142 as 0042-ciss
-participant 9000 as switch_root
-participant 9010 as /sbin/init
-participant 9020 as Target Units
-participant 9030 as Login
-end
+  subgraph Trusted Live ISO
+    0060 e06@--> 0070["Transfer Control to Kernel Entry Point"];
+    0070 e07@--> 0080["Decompress Kernel"];
+    0080 e08@--> 0090["/init Phase"];
+    0090 e09@--> 0100["Starting CISS.hardened dropbear"];
+    0100    -.-> 9000["Living CISS.hardened dropbear"];
+    0100 e10@--> 0110["Executing live-boot, mounting ISO FS"];
+    0110 e11@--> 0122["Executing 0022-ciss: Hardening tmpfs for OverlayFS upper/work"];
+    0122 e12@--> 0124["Executing 0024-ciss: LUKS open (dm-crypt & integrity)"];
+    0124 e13@--> |SUCCESSFUL| LUKS["Unlocking LUKS2 Argon2id PBKDF → XTS + HMAC-SHA512"];
+    LUKS e14@--> ROOT["Assemble RootFS OverlayFS"];
+    ROOT e15@--> 0126["Executing 0026-ciss: Hardening early sysctls"];
+    0126 e16@--> 0130["Executing 0030-ciss: Verification of authenticity and integrity via embedded and pinned GPG of ISO edge"];
+    0130 e17@--> |SUCCESSFUL| 0142["Executing 0042-ciss: Attestation of RootFS"];
+    0142 e18@--> |SUCCESSFUL| 9000["Switching root"];
+    9000 e19@--> 9010["Starting /sbin/init -> systemd"];
+    9010 e20@--> 9020["Starting Target Units"];
+    e06@{ animation: fast }
+    e07@{ animation: fast }
+    e08@{ animation: fast }
+    e09@{ animation: fast }
+    e10@{ animation: fast }
+    e11@{ animation: fast }
+    e12@{ animation: fast }
+    e13@{ animation: fast }
+    e14@{ animation: fast }
+    e15@{ animation: fast }
+    e16@{ animation: fast }
+    e17@{ animation: fast }
+    e18@{ animation: fast }
+    e19@{ animation: fast }
+    e20@{ animation: fast }
+  end
 
-0000->>0010: CPU reset 0xFFFFFFF0, POST
-0010->>0020: UEFI DXE Phase enumerates devices
-0020->>0030: Secure Boot (if enabled): db, dbx, KEK, PK loaded from NVRAM
-0030->>0040: Loading \EFI\BOOT\BOOTX64.EFI
-0040->>0050: Loading \EFI\BOOT\GRUBX64.EFI
-0050->>0060: Loading initrd.img
-0060->>0070: Transfer Control to Kernel Entry Point
-0070->>0080: Decompress Kernel
-0080->>0090: /init Phase
-0090->>0100: Starting CISS.hardened dropbear
-0100->>9000: Living CISS.hardened dropbear
-0100->>0110: Executing live-boot, mounting ISO FS
-0110->>0122: Executing 0022-ciss: Hardening tmpfs for OverlayFS upper/work
-0122->>0124: Executing 0024-ciss: LUKS open (dm-crypt & integrity)
-0124->>LUKS: Unlocking [Argon2id PBKDF → XTS + HMAC-SHA512]
-LUKS->>ROOT: Assemble RootFS OverlayFS
-ROOT->>0126: Executing 0026-ciss: Hardening early sysctls
+  subgraph Finale State
+      9020 e21@--> 9030{{"CISS.debian.live.builder Waiting for Login"}};
+      X{{"CISS.debian.live.builder Boot process halted"}};
+      e21@{ animation: fast }
+  end
 
-0126->>0130: Executing 0030-ciss: Verify ISO edge (gpgv, FPR pin)
-alt 0130 SUCCESSFUL
-0130->>0060: Verified authenticity and integrity of ISO edge
-else 0130 FAIL
-0130-x 0060: CISS boot process stopped
-end
-
-0130->>0142: Executing 0042-ciss: RootFS attestation, dmsetup health checking
-alt 0142 SUCCESSFUL
-0142->>0060: Verified confidentiality, authenticity and integrity of opened LUKS2 RootFS
-else 0142 FAIL
-0142-x 0060: CISS boot process stopped
-end
-
-0142->>9000: Switching root
-9000->>9010: Starting /sbin/init -> systemd
-9010->>9020: Starting Target Units
-9020->>9030: Waiting for Login
+0030 -- FAIL --> X;
+0124 -- FAIL --> X;
+0130 -- FAIL --> X;
+0142 -- FAIL --> X;
 ```
 
 # 6. LUKS/dm-integrity Layering