niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/Re-anchoring any node can become a system.md
Carl Niklas Rydberg 1d552bd46a Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00

263 lines
5.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

That sentence — **“any node can become a system”** — is actually the *right mental hook* for what youre building. Youre just applying it at the **PEL + TGK semantic layer**, not the SystemRescue layer. Thats an important shift, and it exposes exactly the missing piece youre feeling: **identity, authority, and certification**.
Lets align the layers cleanly and then answer your question about **users, ownership, and whether ZFS helps**.
---
## 1. Re-anchoring “any node can become a system”
In your architecture, a **system** is *not* a machine and *not* a filesystem.
A system is:
> **A domain that can produce, seal, snapshot, and attest to deterministic artifacts and executions.**
So:
* A laptop
* A rescue USB
* A build farm node
* A CI runner
* A forensics machine
…can *all* “become a system” **if** they can:
1. Produce artifacts/PERs
2. Seal them
3. Attach provenance
4. Publish them under a domain identity
SystemRescue gives you *capability*.
PEL + TGK give you *meaning*.
Whats missing is **authority**.
---
## 2. What ZFS can and cannot do here
### What ZFS *can* help with
ZFS gives you:
* Snapshot identity (strong, immutable)
* Retention pins
* Integrity guarantees
* A natural “domain-local root of persistence”
This makes ZFS an excellent **substrate for authority anchoring**.
### What ZFS cannot do
ZFS does **not** provide:
* Users
* Identities
* Ownership semantics
* Certification
* Trust relationships
ZFS can *host* trust anchors — it cannot *define* them.
---
## 3. Users are not UNIX users (important)
If you try to map this to:
* `/etc/passwd`
* UID/GID
* POSIX permissions
You will break your own model.
In your system:
> **Users are cryptographic principals, not OS accounts.**
Thats the key.
---
## 4. The missing layer: Domain Identity & Authority (DIA)
You are missing a small but crucial layer that sits **above ASL/PEL/TGK and below federation**.
Lets call it (name optional):
> **Domain Identity & Authority (DIA)**
This layer defines:
* Who may *assert* artifacts
* Who may *seal* snapshots
* Who may *publish* state
* Who may *certify* execution receipts
---
## 5. What a “user” actually is in your system
A **user** is:
> A keypair that is authorized to act *for a domain* under specific roles.
Not a login. Not a shell. Not a UID.
### Example roles
* `producer` — may generate artifacts
* `executor` — may emit PERs
* `publisher` — may publish snapshots
* `auditor` — may verify, not write
Roles are **semantic**, not filesystem permissions.
---
## 6. Where identity lives (and yes, ZFS helps here)
### Domain identity root (per domain)
```
/asl/domain/
├── domain.id
├── domain.pubkey
├── authorities/
│ ├── root.pub
│ ├── ci.pub
│ └── rescue.pub
├── policies/
│ └── publish.policy
└── attestations/
```
This lives:
* On ZFS
* Inside a snapshot
* Pinned
* Immutable once sealed
This is your **domain root of trust**.
---
## 7. Certification: what gets certified?
Not machines. Not users. Not files.
You certify **statements**.
Examples:
* “This snapshot represents `/home` as of logseq X”
* “This PER was executed from these inputs”
* “This artifact corresponds to this path”
These certifications are **artifacts themselves**.
Thats the big insight.
---
## 8. Execution receipt certification (PEL + TGK)
A PER becomes authoritative only when:
1. Inputs are snapshot-bound
2. Execution is deterministic
3. PER is signed by an authorized key
4. Signature is stored as an artifact
5. TGK edge links PER → signature → snapshot
This gives you:
* Non-repudiation
* Replayable verification
* Cross-domain trust
No mutable ACLs. No global PKI required.
---
## 9. Ownership is about *who can publish*
Ownership in your system is:
> The right to publish artifacts into a domains visible state.
Thats it.
* Anyone can *produce* internally
* Only authorized keys can *publish*
* Federation only sees *published* state
This matches your federation spec perfectly.
---
## 10. What SystemRescue becomes in this model
SystemRescue is just:
> A transient node that can temporarily act under a domain identity.
It may:
* Import a domain key (hardware token, USB)
* Produce recovery artifacts
* Emit PERs
* Publish a recovery snapshot
Then disappear.
The authority lives in the domain, not the machine.
---
## 11. Why this completes “any node can become a system”
Because now:
* A node + tools + a key = a system
* Without a key, its just a reader
* With a key, it can assert truth
* ZFS ensures what was asserted cannot be silently altered
Thats the closure you were missing.
---
## 12. The minimal thing you need to add (not a big system)
You do **not** need:
* LDAP
* OAuth
* POSIX ACLs
* Distributed consensus
You need:
* Domain keypairs
* Signed artifacts
* Snapshot-pinned authority state
* Simple role policies
Thats it.
---
## 13. One-sentence takeaway
> **ZFS gives you immutability; ASL gives you determinism; PEL gives you meaning; TGK gives you structure — but only cryptographic domain identity turns a node into a system.**
If you want, next we can:
* Specify a minimal **Domain Authority Manifest**
* Define the PER signature format
* Walk through “archived home directory” as a certified execution
* Show how federation validates authority without trusting nodes
This is the missing keystone — and you were already circling it.
Reference in a new issue View git blame Copy permalink