niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/ASL-HOST v0-1.md
Carl Niklas Rydberg 1d552bd46a Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00

173 lines
5.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Heres a clean **v0.1 draft for ASL-HOST**, scoped to what we discussed — minimal, environment-focused, without touching semantics or storage encoding. This is the runtime/host interface layer that bridges ASL-STORE(-INDEX) to a real system.
---
# ASL-HOST v0.1 Host/Runtime Interface for ASL Stores
## 1. Purpose
**ASL-HOST** specifies the **runtime contract** between an ASL store and the host environment.
It defines **what the host must provide** for an ASL store to operate correctly, without imposing:
* Storage semantics
* Encoding
* Policy
* Security beyond minimal integrity guarantees
It supports **POSIX filesystems, ZFS, object stores**, or other backing layers.
---
## 2. Core Concepts
| Concept | Definition |
| ----------------- | ------------------------------------------------------------------------- |
| **StoreHandle** | Opaque reference to a host-provided store instance |
| **StoreLocation** | Host-defined location where a store exists (path, URI, mount point, etc.) |
| **AppendUnit** | Minimum atomic write unit for the append-only log |
| **SnapshotID** | Opaque identifier of a host-provided snapshot |
| **HostClock** | Monotonic counter or timestamp source |
| **HostIdentity** | Unique machine or user identity for signing or domain minting |
---
## 3. Store Instantiation
### 3.1 Store Creation
* `CreateStore(location: StoreLocation) → StoreHandle`
* Must guarantee crash-consistent initialization.
* Location may be:
* POSIX path
* ZFS dataset
* Object store bucket
* StoreHandle is **opaque**, only valid while the store exists on host.
### 3.2 Store Open
* `OpenStore(location: StoreLocation) → StoreHandle`
* Host must provide durable, consistent view.
* Opening an existing store must not corrupt previous data.
### 3.3 Store Close
* `CloseStore(store: StoreHandle)`
* Ensures all writes are persisted to durable media.
* Optional: triggers host-specific flush or checkpoint.
---
## 4. Atomic Append / Log Operations
* Host must provide **atomic append** semantics.
* Minimum guarantees:
* Sequential ordering (logseq monotonicity)
* Crash consistency (partial writes are not visible)
* AppendUnit:
* Defined by host; could be page-size or object-size
* ASL-STORE must tolerate hosts granularity
---
## 5. Snapshot Management
* Optional but recommended.
* Host provides:
* `CreateSnapshot(store: StoreHandle) → SnapshotID`
* `MountSnapshot(store: StoreHandle, id: SnapshotID) → StoreHandle`
* Guarantees:
* Snapshot captures a consistent view of sealed blocks
* Mounting snapshot produces read-only store handle
* Host may use:
* ZFS snapshot
* POSIX filesystem copy-on-write overlay
* Object store versioning
---
## 6. Durability & Crash Semantics
* Host must ensure:
* Writes are durable after append or flush
* Crash recovery restores store to last durable state
* Open, unsealed blocks may be lost without breaking invariants
* StoreHandle and append-only log are **atomic units** visible to ASL-STORE
---
## 7. Minimal Identity & Logging
* Host must provide:
* `HostClock()` → monotonic timestamp / counter
* `HostIdentity()` → machine or user ID for signing / domain minting
* Optional log for debugging or auditing
---
## 8. Error Semantics
* Operations may return:
* `STORE_OK`
* `STORE_EXISTS`
* `STORE_NOT_FOUND`
* `STORE_IO_ERROR`
* `STORE_CONCURRENT_MODIFICATION`
* ASL-STORE must handle errors deterministically
---
## 9. Security Considerations
* ASL-HOST does **not enforce cryptography**.
* Host may provide optional:
* Encryption at rest
* Access control
* Secure snapshot mechanisms
* Certificates and trust are handled in **ASL-AUTH**, separate layer
---
## 10. Example Implementations
| Backend | How ASL-HOST maps |
| ---------------- | ---------------------------------------------------------------------------------- |
| POSIX filesystem | StoreLocation = path; append = write+fsync; snapshot = overlayfs copy |
| ZFS dataset | StoreLocation = dataset; append = zfs sync; snapshot = zfs snapshot |
| Object store | StoreLocation = bucket/namespace; append = object PUT; snapshot = versioned bucket |
---
## 11. Versioning
* Spec version: **0.1**
* Backward incompatible changes must bump major version.
* Minimal compliance: implement store creation/open/close and append guarantees.
---
## 12. Summary
**ASL-HOST v0.1**:
* Defines **runtime contract** between ASL store and host
* Provides **store handles, atomic append, snapshots, identity**
* Layered cleanly above ASL-STORE(-INDEX), below system or OS
* Keeps **semantics, encoding, and trust separate**
---
If you like, I can **draft ASL-AUTH v0.1** next, and then show how **SystemRescue could instantiate ASL-HOST with POSIX/ZFS to seed a personal domain**. That would give a complete view for your rescue scenario.
Do you want me to do that next?
Reference in a new issue View git blame Copy permalink