Expand description
Safe Rust SDK for building User-Space Capsules on Astrid OS.
§Design Intent
This SDK is meant to feel like using std. Module names, function
signatures, and type patterns follow Rust standard library conventions so
that a Rust developer’s instinct for “where would I find X?” gives the
right answer without reading docs. When Astrid adds a concept that has no
std counterpart (IPC, capabilities, interceptors), the API still follows
the same style: typed handles, Result-based errors, and impl AsRef
parameters.
See docs/sdk-ergonomics.md for the full design rationale.
§Module Layout (mirrors std where applicable)
| Module | std equivalent | Purpose |
|---|---|---|
fs | std::fs | Virtual filesystem |
net | std::net | Unix domain sockets |
process | std::process | Host process execution |
[env] | std::env | Capsule configuration / env vars |
time | std::time | Wall-clock access |
log | log crate | Structured logging |
runtime | N/A | OS signaling and caller context |
ipc | N/A | Event bus messaging |
kv | N/A | Persistent key-value storage |
http | N/A | Outbound HTTP requests |
uplink | N/A | Direct frontend messaging |
elicit | N/A | Interactive install/upgrade prompts |
identity | N/A | Platform user identity resolution |
approval | N/A | Human approval for sensitive actions |
types | N/A | IPC payload types and LLM schemas |
Re-exports§
pub use borsh;pub use serde;pub use serde_json;
Modules§
- approval
- Human-in-the-loop approval for sensitive actions.
- capabilities
- Capability introspection.
- contracts
- Shared IPC event types generated from the canonical WIT contracts.
- elicit
- The Elicit Airlock - User Input During Install/Upgrade Lifecycle
- env
- Capsule configuration (like
std::env). - fs
- Virtual filesystem — mirrors
std::fsnaming and conventions. - http
- The HTTP Airlock — External Network Requests Outbound HTTP — typed request API over the host HTTP airlock. HTTP client with SSRF protection and streaming.
- identity
- Request human approval for sensitive actions from within a capsule.
- interceptors
- Auto-subscribed interceptor bindings for run-loop capsules.
- ipc
- Event bus messaging (like
std::sync::mpscbut topic-based). Event bus messaging — topic-based pub/sub plus therequest_responsehelper that wraps the capsule-conventional correlation-id handshake. - kv
- The KV Airlock — Persistent Key-Value Storage Per-capsule, per-principal key-value storage.
- log
- Structured logging — mirrors the
logcrate conventions. - net
- Networking — Unix-domain sockets, outbound TCP, UDP, and DNS lookup.
- prelude
- process
- Sandboxed host process spawning.
- runtime
- OS runtime introspection and signaling.
- time
- Wall-clock access — mirrors
std::time. - types
- Shared Astrid data types (IPC payloads, LLM schemas, kernel API).
- uplink
- Direct frontend messaging (uplinks to CLI, Telegram, etc.).
Enums§
- SysError
- Core error type for SDK operations.