niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/Ready-for-Pick-Up v2.md
Carl Niklas Rydberg 1d552bd46a Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00

5 KiB
Raw Blame History

Yes — and that alternative is very powerful, because it flips the posture from “rescued object” to “self-sovereign entrant asking for admission”. Both modes must exist, and youre now describing the second one.

Let me formalize it cleanly, without mixing layers or over-specifying.

Ready-for-Pick-Up v2

(Pre-Minted Domain + Certificates, Asking for Admission)

This is a deliberate, anticipatory stance:

“I arrive with a domain, keys, intent, and discipline. I ask to be accepted, not rescued.”

1. What You Bring to the Table

You do not bring ASL internals. You bring authority and intent.

1.1 A Domain (Already Minted)

You arrive with:

DomainID
  - stable identifier
  - self-declared scope
  - empty or near-empty state

This domain:

  • Has no data obligations yet
  • Is capable of holding blocks and logs
  • Is isolated and sovereign

It may contain:

  • zero artifacts
  • bootstrap artifacts
  • policy manifests

1.2 Authority Material (Offline-Minted)

You arrive with:

  • Domain Root Certificate

  • Signing key

  • Policy hash

  • Optional:

    • operator certificate
    • device certificate (SystemRescue image)

No federation required yet. No trust assumed yet.

This is ASL-AUTH territory, not ASL-CORE.

1.3 A Domain Authority Manifest (DAM)

This is the single most important object you bring.

It says:

“This is who I am, what I claim, and how I will behave.”

Minimal DAM contents:

- DomainID
- Root public key
- Policy hash
- Declared invariants
- Requested relationship(s)

No artifacts required yet.

2. What You Ask For (The Admission Request)

You dont ask for “access”.

You ask for recognition under constraints.

Example:

Admission Request:
  - Accept my DomainID
  - Accept my root certificate
  - Allow me to publish artifacts
  - Optionally grant courtesy storage
  - Subject to my declared policy

This is not trust yet. It is acknowledgment.

3. How Common / Unity Responds

Common does not execute your code. Common does not ingest your data yet.

It performs:

3.1 Structural Validation

  • DomainID well-formed
  • DAM syntactically valid
  • Policy hash declared
  • Keys match manifest

3.2 Policy Compatibility Check

  • No invariant violations
  • No forbidden claims
  • No escalation attempt

3.3 Admission Outcome

One of:

Outcome Meaning
Accepted Domain may publish
Accepted (limited) Courtesy storage only
Deferred Await manual review
Rejected No interaction

This is governance, not storage.

4. After Acceptance: What Changes

Only after acceptance:

  • Your domain may:

    • publish sealed artifacts
    • pin snapshots
    • emit PERs

  • Common may:

    • pin your published snapshots
    • replicate your log
    • reference your artifacts

You still own your data. Common only recognizes it.

5. Why This Is Better Than “Blind Rescue”

Rescue Mode Admission Mode
Common acts first You act first
Data arrives untrusted Authority arrives first
Provenance reconstructed later Provenance anchored immediately
Courtesy is implicit Courtesy is negotiated

Both are valid — but this one scales better socially.

6. How This Fits Your SystemRescue Image

Your patched SystemRescue now becomes:

A portable domain factory + admission client

It can:

  • generate a domain
  • mint keys offline
  • produce DAM
  • present admission request
  • wait

Standing ready is literal now.

7. What Can Be Implemented Right Now (No ASL Needed)

You can implement all of this today:

  • DAM schema
  • Certificate layout
  • Policy hash definition
  • Admission request format
  • Verification logic
  • Human / semi-automated approval

No ASL-CORE. No PEL. No TGK.

Just authority and intent.

8. Key Insight (This Is Important)

Storage is not the entrance. Authority is.

ASL begins after admission.

This prevents:

  • garbage ingestion
  • unbounded courtesy
  • identity ambiguity
  • provenance ambiguity

9. Where This Leads Next

From here, the natural next specs are:

  1. ASL-AUTH v0.1 (you already started this)
  2. Domain Admission Protocol
  3. DAM canonical encoding
  4. Policy hash registry
  5. Courtesy lease semantics

10. Final Framing

You are no longer saying:

“Please take my data.”

You are saying:

“Here is a domain. Here is my authority. Here is my discipline. May I participate?”

Thats exactly the right posture for the system youre building.

If you want, next I can:

  • formalize the Domain Admission Protocol
  • draft the DAM schema precisely
  • define courtesy leases
  • or show how rescue-mode and admission-mode unify cleanly

Just point.