niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/ops/legacy/Rescue Node ASL Deployment.md
Carl Niklas Rydberg 74efedf62c Rework ops specs
2026-01-17 09:21:47 +01:00

7.5 KiB
Raw Blame History

Perfect. Lets map out a Rescue Node ASL Deployment for your scenario, integrating personal domain, common domain (Unity/Rakeroot), foreign-domain trust, and ASL layers. Ill keep it clear and structured.

Rescue Node ASL Deployment Conceptual Diagram

1. Overview

Goal: A rescue node (e.g., old laptop booted with SystemRescue) can:

  • Read old material and register it in a new personal domain
  • Store resurrected artifacts safely
  • Interact with common/shared domains (Unity / Rakeroot)
  • Respect foreign-domain trust (read-only imported artifacts)
  • Produce signed PERs for auditing and traceability

2. Layered Architecture

┌───────────────────────────────────────────────────────────────┐
│ Rescue Node / SystemRescue Runtime                              │
│  (ASL-HOST)                                                     │
│ ┌───────────────────────────────────────────────────────────┐ │
│ │ Store Handles / Filesystems (POSIX/ZFS)                     │ │
│ │  - personal domain store                                    │ │
│ │  - common / Unity store                                     │ │
│ │  - optional foreign domain caches                           │ │
│ └───────────────────────────────────────────────────────────┘ │
│ ┌───────────────────────────────────────────────────────────┐ │
│ │ ASL-STORE(-INDEX)                                           │ │
│ │  - Handles blocks, snapshots, sealed segments              │ │
│ │  - CURRRENT reconstruction, GC                              │ │
│ │  - Uses store handles provided by ASL-HOST                 │ │
│ └───────────────────────────────────────────────────────────┘ │
│ ┌───────────────────────────────────────────────────────────┐ │
│ │ ASL-AUTH                                                   │ │
│ │  - Domain authority (personal / common / foreign)          │ │
│ │  - PER signing and verification                             │ │
│ │  - Policy hash and offline root enforcement                │ │
│ └───────────────────────────────────────────────────────────┘ │
│ ┌───────────────────────────────────────────────────────────┐ │
│ │ PEL / TGK Execution                                         │ │
│ │  - Generates PERs from recovered artifacts                 │ │
│ │  - TGK edges record provenance                              │ │
│ │  - Deterministic DAG execution                              │ │
│ └───────────────────────────────────────────────────────────┘ │
└───────────────────────────────────────────────────────────────┘

3. Domains

Domain Purpose Storage / Backing
Personal Domain Newly minted domain on rescue node; stores rescued material ZFS dataset or POSIX store, encrypted optionally
Common / Unity Domain Group-shared artifacts; Unity / Rakeroot ZFS dataset shared among users, snapshot-based
Foreign Domains (optional) Imported read-only artifacts; pinned by trust Cache store / ASL-HOST mount

4. Domain Initialization

  1. Personal Domain

    • Create store: CreateStore("/mnt/rescue/personal")
    • Generate DA manifest
    • Sign manifest with offline root
    • Mount snapshot overlay if needed

  2. Common / Unity Domain

    • Mount read-only: OpenStore("/mnt/common")
    • Synchronize snapshot to local host
    • Pin trusted foreign domains if group members exist

  3. Foreign Domains

    • Configure trust pin: Domain ID + Policy hash
    • Mount local cache for imported artifacts
    • Access read-only, verified via ASL-AUTH

5. Storage / Filesystem Layout

/mnt/rescue/
  personal/       <-- personal domain store (ZFS/POSIX)
    blocks/
    segments/
    logs/
  common/         <-- Unity / Rakeroot (shared read-only store)
    blocks/
    segments/
    logs/
  foreign/        <-- optional cache for foreign domains
    domainX/
      blocks/
      segments/
  • Blocks: immutable, sealed by ASL-STORE
  • Segments: index entries + metadata
  • Logs: append-only, monotonic ordering

6. Snapshot Strategy

  • ZFS snapshots (or overlayfs copies) per domain
  • Personal domain snapshots allow deterministic recovery
  • Common domain snapshots define group-visible CURRENT
  • Foreign domain snapshots pinned by trust
personal@rescue-snap-2025-12-28
common@unity-snap-2025-12-28
foreign-domainX@snap-2025-12-01

7. PER Signing & Provenance

  1. PEL executes DAG over rescued artifacts

  2. Generates PERs

  3. ASL-AUTH signs PERs with:

    • Personal domain authority key
    • Policy hash embedded

  4. PERs stored in personal domain, optionally referencing:

    • Common / Unity artifacts
    • Foreign pinned artifacts (read-only)

8. Optional Encryption / Public Domain Courtesy

  • Blocks from personal domain can be encrypted when storing in common domain
  • Ensures privacy while allowing shared indexing
  • Encryption keys managed by personal DA

9. Trust & Governance

  • Offline root(s) provide deterministic trust
  • Policy hash enforces publishing and cross-domain rules
  • Personal domain can safely publish selected artifacts to Unity / Rakeroot
  • Foreign-domain pins enforce read-only deterministic import

10. Summary

  • Rescue node can bootstrap personal + common + foreign domains
  • Storage handled by ASL-HOST (POSIX/ZFS)
  • Indexing, snapshots, sealing by ASL-STORE(-INDEX)
  • PER signing and cross-domain trust by ASL-AUTH
  • Execution provenance tracked via PEL/TGK
  • Flexible architecture for personal, group, and federated domains

If you want, I can draw a fully labeled diagram showing how artifacts flow from the rescued home directory into personal domain, common domain, and PER generation, including snapshots, seals, and trust pins. This would be a visual reference for your rescue mission.

Do you want me to do that next?