Okay, I don't know if this has been brought up before or not. From what I know, R4DS/M3Simply, other carts of the time, and more modern carts all used the same NoPass method to get the DS/DSL to boot them up without the need of another (legit/licensed) game. This (NoPass) method was discovered/developed/designed/whatever by the developer of no$gba and the other nocash projects, Martin. He dumped the BIOS (or whatever code was used) for the DS (or DSL) and managed to find the code that is used to determine whether or not the inserted cartridge is a legit/licensed one. Honestly, I probably don't know enough to help out with the situation, although I thought I would put this out there as a possibility.
Here are some things that might help:
Does anyone know if the (known/public?) method was missing part of the routine which was not necessarily used in the DS/DSL units but is now used in the DSi?
Has anyone attempted, or better yet, successfully dumped the BIOS (or whatever code is was previously dumped) in a form usable for disassembly and analysis of the code?
If we manage to dump the same portion of the code that Martin (developer of the nocash projects) dumped previously, we may be able to analyze the code and determine how the routine (for headers or whatever is used to determine whether or not the cart is legit) works.
That's just my 2 cents. Hope it helps, and good luck on getting this all sorted out!
-gamefreakfatty