Aether Enclave is a radiation-resilient, bare-metal WebAssembly unikernel for aerospace, maritime, and extreme edge deployments. It runs sovereign diagnostic logic in an isolated WASM sandbox, commits a verifiable outcome to hardware MMIO, and self-annihilates—zeroing memory and returning to deep dormancy—so no persistent attack surface or data residue remains between wake cycles.
Built for operators who require absolute data sovereignty, privacy-first execution (no network stack, no disk, no OS), and stateless wake-run-scrub cycles on every physical interrupt.
| Principle | What it means in practice |
|---|---|
| Data sovereignty | Sensor reads and uplink commits occur only through a fixed MMIO map you control; the guest never sees host pointers. |
| Privacy-first | #![no_std] Ring-0 image: no libc, no scheduler, no background services. |
| Stateless execution | Each IRQ triggers reset_arena() → WASM run → sandbox annihilation → cli/hlt; nothing survives the cycle. |
| Edge / radiation posture | Static allocation, bump arena, strict guest linear-memory cap—predictable memory, no heap fragmentation surprises. |
Every mission cycle follows the same deterministic pipeline:
┌─────────────┐ ┌──────────────┐ ┌─────────────────┐ ┌──────────────────┐ ┌──────────────────┐
│ Dormancy │───▶│ Hardware IRQ │───▶│ WASM Payload │───▶│ MMIO Proof Commit │───▶│ Self-Annihilation │
│ (HLT/STI) │ │ 0x20 / 0x21 │ │ evaluate_limits │ │ 64-bit digest │ │ zero + cli/hlt │
└─────────────┘ └──────────────┘ └─────────────────┘ └──────────────────┘ └──────────────────┘
- Dormancy — The core idles with interrupts enabled, executing
hltuntil a physical (or bench-injected) IRQ fires. - Hardware IRQ — Vectors
0x20(atmospheric pressure threshold) or0x21(kinetic joint) latch the wake; the ISR callssovereign_bootstrapwith interrupts masked. - WASM payload —
aerospace_payloadruns inside wasmi on a fresh 4 MiB bump arena; it reads pressure/dose via theaetherhost bridge, evaluates limits, and commits telemetry. - MMIO proof — The host fuses guest status + sensor state into a 64-bit digest and writes
REG_UPLINK_COMMIT_LO/HI(verifiable outcome for ground systems / ZKP pipelines). - Self-annihilation — Sandbox and arena are zeroed, GPRs cleared, PMU dormancy issued, then
cli+hlt(QEMU:isa-debug-exitwith success code 33).
See ARCHITECTURE.md for register maps, memory layout, and boot/IDT details.
| Crate | Target | Role |
|---|---|---|
enclave_kernel |
x86_64-unknown-none |
Ring-0 unikernel: bootloader entry, IDT, MMIO, wasmi host, shutdown |
aerospace_payload |
wasm32-unknown-unknown |
#![no_std] cdylib guest: limit evaluation + telemetry |
enclave_kernel/build.rs compiles the payload at kernel build time and embeds WASM_BYTES in src/wasm_payload.rs (auto-generated; do not edit by hand).
- Rust (toolchain per
rust-toolchain.toml) - Nightly (for
build-stdon the kernel target) bootimage—cargo install bootimage- QEMU
qemu-system-x86_64withisa-debug-exit(configured inenclave_kernel/Cargo.toml)
rustup target add x86_64-unknown-none wasm32-unknown-unknown
rustup component add rust-src --toolchain nightly
cargo install bootimageFrom the workspace root:
cargo +nightly build -p enclave_kernel \
-Z build-std=core,alloc,compiler_builtins \
-Z build-std-features=compiler-builtins-memcargo +nightly run -p enclave_kernel \
-Z build-std=core,alloc,compiler_builtins \
-Z build-std-features=compiler-builtins-memSerial output appears on COM1 (-serial stdio). The stock bench harness injects an O₂/pressure drop and software IRQ 0x20; a successful cycle prints:
[AETHER] cycle success — guest=3 proof=0x........ vector=0x20 — self-annihilation
QEMU then exits with process exit code 33 — that is the expected success path (see ARCHITECTURE.md § QEMU exit code 33).
Change aerospace_payload/src/lib.rs, then rebuild enclave_kernel; wasm_payload.rs regenerates automatically.
Guest imports (module "aether"):
#[link(wasm_import_module = "aether")]
extern "C" {
fn read_atmospheric_pressure() -> f32;
fn read_radiation_dosimeter() -> i32;
fn commit_telemetry_vector(ptr: i32, len: i32);
fn commit_uplink(proof_lo: i32, proof_hi: i32);
}Guest exports: evaluate_limits, diagnostic, payload_version, memory.
Under bench injection (sim_inject_o2_drop: 0.12 atm, 1250 dose), evaluate_limits returns status bitmask 3 (STATUS_PRESSURE_LOW | STATUS_DOSE_HIGH).
AGPL-3.0-or-later — see crate manifests (enclave_kernel, aerospace_payload). Network deployment or SaaS use may require source distribution to users; review the license before production deployment.
- ARCHITECTURE.md — Ring-0 boot, memory enclave,
cap_guest_memory, IDT/ISR, proof algebra, self-annihilation