sptos-boot
SPF boot loading for SPTOS Cognition Kernel
Overview
sptos-boot implements the five-stage boot sequence from ADR-087 Section 9.1. It handles SPF (SPT Package Format) manifest parsing, ML-DSA-65 signature verification, kernel object creation, component mounting with capability distribution, and the first attestation to the witness log. Signature failure causes an immediate panic with no fallback boot path.
Key Features
- Five-stage boot — Hardware init, SPF verify, object create, component mount, first attestation
- ML-DSA-65 signatures — NIST FIPS 204 post-quantum signature verification for SPF manifests
- Capability distribution — Root task drops to minimum capability set after component mounting
- Append-only witness log — Cryptographically linked boot attestation chain
- Bare metal support —
baremetalfeature for Phase B no-std, no-libc targets
Dependencies
Key internal dependencies:
sptos-types— Kernel type definitionssptos-region— Region creation during Stage 2sptos-queue— Queue creation during Stage 2sptos-cap— Capability distribution during Stage 3sha2— Hashing for signature verification
Usage
rust
use sptos_boot::{BootLoader, BootConfig, SpfManifest};
use sptos_boot::stage;
let config = BootConfig::default();
let mut loader = BootLoader::new(config);
let manifest = SpfManifest::parse(&spf_bytes)?;
let result = loader.boot(&manifest)?;
assert_eq!(result.stage, stage::FIRST_ATTESTATION);API Reference
Core Types
| Type | Description |
|---|---|
BootLoader | Orchestrates the five-stage boot sequence |
BootConfig | Boot configuration options |
SpfManifest | Parsed SPF package manifest with components and wiring |
SignatureVerifier | ML-DSA-65 signature verification |
CapabilityDistribution | Maps components to their initial capability sets |
SpfMount | Mounts an SPF component into the kernel |
WitnessLog | Append-only boot attestation log |
BootAttestation | Attestation record for a completed boot stage |