secureops-ipc
Unix-domain-socket JSON-RPC protocol and peer-credential authentication for the SecureOps control plane.
Why this crate exists (PRODUCT.md A.3, A.4)
The privileged daemon (secureops-daemon) and the unprivileged clients
(secureops-cli, the secureops-napi shim) talk over a unix domain
socket. Per PRODUCT.md A.3 ("Process & privilege model"), the daemon does
not trust a bearer token the agent could leak — instead it authenticates
the connecting process's uid/pid directly from the kernel via
SO_PEERCRED (Linux) / LOCAL_PEERCRED (macOS). This module is the single
shared definition of:
- the request/response wire enums ([
IpcRequest] / [IpcResponse]), - the peer-credential type ([
PeerCred]) and its OS-specific reader ([peer_cred]), - the server ([
serve]) and client ([connect]) skeletons.
Because both Ring 1 (napi) and Ring 2 (daemon) speak this protocol over the
same socket, the wire format is a frozen contract (PRODUCT.md A.5): all enums
derive serde with rename_all = "camelCase" / snake_case tags so the
bytes are stable across the migration window.
All transport bodies are fully implemented (peer_cred, serve, connect, request).