Reverse Engineering an SPI-like Communication

Hi,

I am a team of two, trying to understand this custom SPI communication:
The Communication is basically a variant of SPI with CPOL=1, CPHA=1. There is no framing or CS signal, which complicates parsing, and there is an additional variable length ACK clock pulse driven by the MISO (kind of like I²C clock stretching).
Default clock period is 13µs (6.5µs per half cycle) = 77 kHz (80 kHz). This decreases to 2µs for newer Slaves devices (1µs per half cycle) = 500 kHz Intended duty cycle seems to be 50% (fast mode seems to be 0.8µs low / 1.2µs high, but this is likely just an analogy effect).
Power-on timing:
• 1µs low glitch on MOSI (?)
• 42µs delay (?)
• Single 6.5µs low pulse on MOSI (does this serve a purpose?)
• 103µs delay
Command byte timing:
• Master drives MOSI at a random value for ~18µs (slow mode) or ~4µs (fast mode)
• This seems to usually be whatever the last bit of the previous command was, but not always consistent.
• Each bit is driven (by both master and slave) on the falling edge of LCLK, and sampled on the rising edge.
• Master drives MOSI high (or stops driving?) and stops driving LCLK 1µs after the last rising edge of LCLK (this is half a cycle in fast mode, but much shorter than half a cycle in slow mode).
• Slave releases DLC ~4.3µs after the last rising edge of LCLK
• Slave drives LCLK low ~14µs after the last rising edge of LCLK (ACK/BUSY)
• ACK/BUSY pulse seems to last at least 4µs but may be much longer
• Gap between bytes (rising edge of LCLK ACK/BUSY to first falling edge of LCLK) is at least 120µs in slow mode and at least 18µs in fast mode.
Is it possible for you helps us understand this SPI communication.