Reference port · Rust · aarch64 + x86_64

VectraOS

A single-user, multi-machine, capability-secure operating system. No account. No cloud landlord. No marketplace standing between you and your own silicon. The computer serves exactly one set of interests — yours.

THE SETTLEMENT WE REFUSE

The smartphone era made a deal on your behalf. The operating system became a marketplace. The human became inventory. Your identity is a login someone else can revoke; your data lives in a datacenter that can lose it; your software is a license, not a thing you own.

Personal computing is being eaten by other people's computers. We are not asking nicely.

THE SETTLEMENT WE BUILD

You do not rent your computer. You do not license your identity. Trust is a property of the bytes you are looking at, not the network you got them from.

When the company that hosted the repo goes bankrupt, your code doesn't. When the cloud loses your data, your identity persists in twenty-four words you wrote on paper.

The whole system, in four sentences

Four foundations. No fifth.

01 The Person

A 256-bit secret encoded as 24 English words you can write on paper. The only root of trust. It materialises in RAM exactly twice in its life: when you create it, and when you recover it.

02 The Fleet

A set of Machines you have signed. They act on your behalf. A compromised Machine costs one certificate — your identity survives it. One human, many machines, no master key on disk.

03 Packages

Bytes addressed by their hash, verified locally. The receiver always verifies. There is no "trust me, this is the right binary" path. Mirrors are convenience, never authority.

04 The Network

Whatever happens to be reachable. Trust never travels through it. The network is a courier for bytes you will check yourself — not a court whose word you take.

A substrate small enough to read in one sitting

The kernel exports six primitives — and nothing else.

Files, sockets, mutexes, processes, signals, allocators — every abstraction you know is either composed from those six or thrown out as unnecessary. No heap. No driver code. No filesystem. No fork. Everything else is userspace.

Task Capability Ring Signal Mask Bundle Reticle
This is not a whitepaper. It boots.

The Rust port, today.

2architectures · arm64 + x86-64
0third-party crates in the kernel
6/6primitives implemented
93host tests green

A capability-secure microkernel in pure Rust. Boots to a real userland on QEMU for both aarch64 and x86_64. Preemptive per-hart SMP, kernel threads + futex, a C standard library and Rust std on the metal — and a real OpenZFS filesystem, on a virtio-blk disk, served through a userland router. See the milestone map →

Decentralisation is not an ideology. It is a property of a system that survives the bankruptcy of its hosts.