SandStorm.io on Genode ?

Kenton Varda kenton at ...403...
Fri Feb 26 05:51:00 CET 2016 

Hi all,

>From a brief look at Genode, it seems it and Sandstorm have a lot in common
at an abstract level. We're both building capability systems, and we're
both aiming to solve security an the platform level so that apps don't have
to think about it.

Practically speaking, though, Sandstorm applications currently expect a
Linux ABI (including most common syscalls), which probably means that
making Sandstorm run directly on top of Genode would be a complicated
project. I would love to see Sandstorm running on a better kernel than
Linux someday, but it's going to be tricky.

In the shorter term, the way to achieve interoperability between the
systems would be to define some sort of a bridge between Cap'n Proto and
Genode's RPC -- or maybe adopt Cap'n Proto as the RPC system in Genode, if
that is still possible. If we can all agree on a capability transport
protocol then it becomes a lot easier to gradually move software into purer
systems. (Note that Cap'n Proto is based on CapTP with direct input from
Mark Miller. But, compared to CapTP, Cap'n Proto is much more efficient to
encode/decode.)

-Kenton

On Sat, Feb 20, 2016 at 1:13 PM, Peter Lindener <lindener.peter at ...9...>
wrote:

> Dear
>    Kenton  (Varda <https://github.com/kentonv> founder of SandStorm.io
> <https://sandstorm.io/>,
>    Norman (Feske  <https://github.com/nfeske>founder of genode-labs.com
> <http://genode.org/>
>
>        and Fellow Genodians...
>
>    Given Kenton's concern for security in SandStorm.io
> <https://sandstorm.io/>..
> and that it's unlikely that Linux, with it's humongous monolithic kernel,
> will ever deliver anything that resembles real security..
>
> .. so I'm wondering if it might be a good match to look at running
> SandStorm.io <https://sandstorm.io/> severs within the Genode OS
> <http://genode.org/> ?
>
>    To further fill out a possible vision:
> I just ordered a couple of Pine_64, Quadcore ARM64 boards
> <https://www.pine64.com/> (with 2GB of ram)..
>
>    I am currently bringing up the code for Social Decision System kernel
> based upon the Groves-Clarke Mechanism
> <http://www.econ.ucsb.edu/~tedb/Courses/UCSBpf/pflectures/groves.pdf>,
> which is essentially the ideal when it comes to Strategic Voting Game
> Theoretic Mechanism Design
> <http://www.eecs.harvard.edu/~parkes/pubs/ch2.pdf>..
>    while the Python / C++11 code is still in an embryonic state... the
> underlying theory for how this Game Theoretic solver would operate is
> fairly far along..
>     The plan is to open source this solver code, once it passes a full set
> of included cross validation unit tests.
>     I have been looking at how this Groves-Clarke Mechanism
> <http://www.econ.ucsb.edu/~tedb/Courses/UCSBpf/pflectures/groves.pdf> solver
> can be deployed across a network, to permit this algorithm to scale up to
> tackle larger problems in Information / Game Social Choice
> <https://en.wikipedia.org/wiki/Social_choice_theory> theory. (i.e, the
> longer term direction of our democracy)...
>
>     I was encouraged to find Kenton's 2nd generation work Cap'n-proto
> <https://capnproto.org/> which I gather provides some of SandStorm.io
> <https://sandstorm.io/>'s core network functionality... a clear advance
> in the state of networked system affairs...
>    I also have taken notice of Genode's Server framework
> <http://genode.org/documentation/api/base_index#Inter-process_communication>..
>  and I would like to leverage the advanced perspectives of both,  as I
> construct the network services layer that will underlie this computer
> assisted support of a truly democratic Social Decision system.
>
>    my wish list is as follows:
> 1. Genode might somday run on ARMv8 (64bit)...   It would be great if the
> Pine_64 would eventualy run Genode right out of the box..
>
> 2.Cap'n-proto <https://capnproto.org/> might be supported within the
> Genode ecosystem...  and that a collaboration between Kenton and Norman...
> might end up yielding the nicest Client / Server framework / protocol stack
> the world might have the privilege to enjoy.
>
> 3. That people with significant technical vision and influence, will see
> the ultimate level of creativity that will be leveraged if SandStorm.io
> <https://sandstorm.io/> and genode-labs.com <http://genode.org/> would be
> provided with real financial support for striving towards the
> inter-operation of these significant advancements of a better foundation
> for network based computation.
>
> 4. That SandStorm.io <https://sandstorm.io/>'s open source code
> <https://github.com/sandstorm-io/sandstorm> might also run eventually on
> the Pine_64 <https://www.pine64.com/>, within Genode OS
> <http://genode.org/>, such that the Trusted Computing Base
> <https://en.wikipedia.org/wiki/Trusted_computing_base> of SandStorm
> <https://sandstorm.io/>'s personal sever system would be further reduced..
>
> 5.. That the release of an open source network based (Information/Game
> Theoretic) Social Decision system kernel, will inspire many to dream about
> the very bright future that our truly democratic society will begin to
> explore.
>
>    I thus close, requesting that many may choose to support the vision
> that is already well underway in the implementations of both SandStorm
> <https://sandstorm.io/> the Genode OS <http://genode.org/>,..  and that
> such a collaboration will yield a close to ideal foundation upon which this
> advanced, Information/Game Theoretic Social Design systems might then
> flourish..
>
>    With the greatest of respect for those who would help pull these pieces
> together.
>       your's Sincerely
>            Peter (SaxMan) Lindener.
>
> -----------
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20160225/9c72a030/attachment.html>

More information about the users mailing list