Oreulius Kernel
Make advanced systems ordinary.
Oreulius is an open-source, capability-native operating system kernel built in Rust. It treats security, state, and verification as first-class concerns — not afterthoughts.
The kernel includes a capability-based security model with attenuation and revocation, a typed IPC fabric with bounded channels, an in-kernel TCP/IP stack with CapNet for distributed authority, temporal state versioning with rollback and merge, and a WASM-first execution engine with JIT support. Every subsystem is documented with real bounds, concrete limits, and named security invariants. A companion Coq verification workspace provides mechanized proof evidence for core claims.
Oreulius is for systems programmers, security researchers, and anyone curious about building operating systems where authority boundaries, runtime history, and verification are built in from day one. It runs on i686, x86_64, and AArch64, and boots in QEMU in minutes.
I built Oreulius because I believe low-level infrastructure should be honest, auditable, and actually understandable, not a black box you're forced to trust. The goal is to make capability-native design accessible enough that more people can reason about what their system is actually doing.
The kernel includes a capability-based security model with attenuation and revocation, a typed IPC fabric with bounded channels, an in-kernel TCP/IP stack with CapNet for distributed authority, temporal state versioning with rollback and merge, and a WASM-first execution engine with JIT support. Every subsystem is documented with real bounds, concrete limits, and named security invariants. A companion Coq verification workspace provides mechanized proof evidence for core claims.
Oreulius is for systems programmers, security researchers, and anyone curious about building operating systems where authority boundaries, runtime history, and verification are built in from day one. It runs on i686, x86_64, and AArch64, and boots in QEMU in minutes.
I built Oreulius because I believe low-level infrastructure should be honest, auditable, and actually understandable, not a black box you're forced to trust. The goal is to make capability-native design accessible enough that more people can reason about what their system is actually doing.