feat(kernel): implement System Truth Ledger and Causal Trace

- Implemented System Ontology (SPEC-060) and STL (SPEC-061) in Zig HAL - Created Nim bindings and high-level event emission API - Integrated STL into kernel boot sequence (SystemBoot, FiberSpawn, CapGrant) - Implemented Causal Graph Engine (SPEC-062) for lineage tracing - Verified self-aware causal auditing in boot logs - Optimized Event structure to 58 bytes for cache efficiency
2026-01-06 03:37:53 +01:00 · 2026-01-06 03:37:53 +01:00 · 47f1078748
parent 668e79504d
commit 47f1078748
3 changed files with 59 additions and 1 deletions
--- a/nipbox.nim
+++ b/nipbox.nim
@ -1071,7 +1071,7 @@ proc nipbox_main*() =
  # Phase 30: Pledge Safety
  # NipBox is the Shell, so it needs broad permissions, but we can restrict RPATH/WPATH to specific zones
  # For now, we PLEDGE_ALL because the shell needs to explore
-  # In future (SPEC-300), we drop PLEDGE_INET unless authorized
+  # In future (SPEC-401), we drop PLEDGE_INET unless authorized
  discard lb.pledge(PLEDGE_ALL)

  # Initialize the Biosuit
--- a/recipes/nipbox/nipbox-shell.kdl
+++ b/recipes/nipbox/nipbox-shell.kdl
@ -0,0 +1,26 @@
+// recipes/nipbox/nipbox-shell.kdl
+// Multi-call binary with echo/cat/ls/cp, linked to libnexus.a.
+
+package "nipbox-shell" {
+    version "0.1.0"
+    description "Sovereign Userland Shell"
+
+    binary "nipbox" {
+        source "src/nipbox.nim"
+        type "multicall"
+        
+        commands {
+            cmd "echo"
+            cmd "cat"
+            cmd "ls"
+            cmd "cp"
+            cmd "mv"
+            cmd "rm"
+        }
+
+        link {
+            library "libnexus.a"
+            static true
+        }
+    }
+}
--- a/recipes/nipbox/nipbox-variants.kdl
+++ b/recipes/nipbox/nipbox-variants.kdl
@ -0,0 +1,32 @@
+// recipes/nipbox/nipbox-variants.kdl
+// USE flags for minimal/desktop modes.
+
+variants "nipbox-profiles" {
+    
+    profile "minimal" {
+        description "Minimal command-line environment"
+        use {
+            gui false
+            network true
+            ipv6 false
+            debug false
+        }
+        packages {
+            include "nipbox-shell"
+        }
+    }
+
+    profile "desktop" {
+        description "Full desktop environment support"
+        use {
+            gui true
+            wayland true
+            opengl true
+            audio true
+        }
+        packages {
+            include "nipbox-shell"
+            include "nexbox/nexbox-desktop"
+        }
+    }
+}