Architecture Decision Records

Each ADR captures a significant design decision — the context, the options considered, the decision made, and the rationale. They are the project's architectural memory.

• 001 Per-CPU Scheduling and SMP Task Management Accepted
• 002 Three-Layer Enforcement Pipeline for IPC and Syscalls Accepted
• 003 Content-Addressed Storage and Cryptographic Identity Accepted
• 004 Cryptographic Integrity — Blake3 Hashing and Ed25519 Signatures Accepted
• 005 IPC Primitives — Control Path and Bulk Data Path Accepted
• 006 Policy Service — Externalized Authorization Decisions Accepted
• 007 Capability Revocation and Audit Telemetry Accepted
• 008 Boot-Time-Sized Kernel Object Tables Accepted
• 009 Purpose, Deployment Tiers, and Scope Boundaries Accepted
• 010 Persistent ObjectStore — on-disk format Accepted
• 011 Graphics Architecture and Scaling Assumptions Accepted
• 012 Input Architecture and Device Classes Accepted
• 013 RISC-V (riscv64gc) Architecture Support Accepted
• 014 Compositor ↔ Scanout-Driver Protocol Accepted
• 015 Storage Tiers and the Commitment Ladder Proposed
• 016 Windows Compatibility via Bounded Static Shims Proposed
• 017 User-Directed Cloud Inference Proposed
• 018 Init Process and Boot Manifest Proposed
• 019 Process Fault Reaping and Peer-Generation Signaling Proposed
• 020 Typed User-Buffer Slices at the Syscall Boundary Accepted
• 021 Typed BootError Propagation Through the Init Path Accepted
• 022 Wall-Clock Time and the Path to Decentralized Time Accepted
• 023 Audit Consumer Capability and Principal Resolution Accepted
• 024 Syscall ABI in a Standalone Contract Crate (`cambios-abi`) Accepted
• 025 Principal as 32-byte AID (decoupled from key bytes) Accepted
• 026 Identity Transcription at the Kernel Ring Accepted
• 027 Service Clusters — Identity-Bound Channel Meshes Proposed
• 000 Zero-Trust Architecture and Capability-Based Access Control Accepted