Skip to content

sptos-boot

SPF boot loading for SPTOS Cognition Kernel

Overview

sptos-boot implements the five-stage boot sequence from ADR-087 Section 9.1. It handles SPF (SPT Package Format) manifest parsing, ML-DSA-65 signature verification, kernel object creation, component mounting with capability distribution, and the first attestation to the witness log. Signature failure causes an immediate panic with no fallback boot path.

Key Features

  • Five-stage boot — Hardware init, SPF verify, object create, component mount, first attestation
  • ML-DSA-65 signatures — NIST FIPS 204 post-quantum signature verification for SPF manifests
  • Capability distribution — Root task drops to minimum capability set after component mounting
  • Append-only witness log — Cryptographically linked boot attestation chain
  • Bare metal supportbaremetal feature for Phase B no-std, no-libc targets

Dependencies

Key internal dependencies:

  • sptos-types — Kernel type definitions
  • sptos-region — Region creation during Stage 2
  • sptos-queue — Queue creation during Stage 2
  • sptos-cap — Capability distribution during Stage 3
  • sha2 — Hashing for signature verification

Usage

rust
use sptos_boot::{BootLoader, BootConfig, SpfManifest};
use sptos_boot::stage;

let config = BootConfig::default();
let mut loader = BootLoader::new(config);

let manifest = SpfManifest::parse(&spf_bytes)?;
let result = loader.boot(&manifest)?;
assert_eq!(result.stage, stage::FIRST_ATTESTATION);

API Reference

Core Types

TypeDescription
BootLoaderOrchestrates the five-stage boot sequence
BootConfigBoot configuration options
SpfManifestParsed SPF package manifest with components and wiring
SignatureVerifierML-DSA-65 signature verification
CapabilityDistributionMaps components to their initial capability sets
SpfMountMounts an SPF component into the kernel
WitnessLogAppend-only boot attestation log
BootAttestationAttestation record for a completed boot stage

Released under the MIT License.