Module capability

Expand description

Capability-based access control for the Oxios kernel.

This module implements a capability system inspired by seL4 and capability-based security research. Capabilities are unforgeable tokens that encode authority over specific resources.

§Architecture

Capability: An unforgeable token binding rights to a resource.
CSpace: An agent’s complete set of capabilities (capability space).
Rights: Bit-flag permissions (READ, WRITE, EXECUTE, DELEGATE).
ResourceRef: Identifies a protected resource in the system.

§Module layout

Module	Purpose
`types`	Core types: Capability, CSpace, Rights, ResourceRef, etc.
`template`	Preset CSpace configurations for common agent roles.
`resolve`	Resolves an agent’s CSpace from Seed + Config.

Re-exports§

pub use types::CSpace;
pub use types::Capability;
pub use types::CapabilityId;
pub use types::Issuer;
pub use types::ResourceRef;
pub use types::Rights;

Modules§

resolve: CSpace resolution — determines an agent’s initial capability space from Seed + Config inputs.
template: Capability templates — preset CSpace configurations for common agent roles.
types: Core capability types for the Oxios capability system.

Module capability

Module capability Copy item path

§Architecture

§Module layout

Re-exports§

Modules§

Module capability