About PermawebOS
PermawebOS packages the PermawebOS kernel into deployable execution
environments. The kernel is the AO-Core implementation: it executes devices,
produces signed results, and exposes node state through HTTP paths such as
~meta@1.0, ~measurement@1.0, and ~relay@1.0.
The project does not claim one universal hardware trust model. It exposes measured evidence so verifiers, services, and future admission policies can decide which machines they accept.
Architectures
Current PermawebOS builds are strictly in the alpha stage. The alpha is intended for the technically adventurous with a spare machine to dedicate to the experiment.
Provisioning a machine for LapEE can render the laptop incapable of booting any other operating system. Proceed at your own risk! While measures have been taken to ensure safety and security, we are not able to offer support beyond docs and source code.
| Target | Use | Evidence surface |
|---|---|---|
| LapEE laptop | Boot a laptop directly into PermawebOS as a single-purpose appliance. | TPM-backed measurement, PCR 15 node binding, Secure Boot state, system evidence. |
| TEE / SEV-SNP | Run PermawebOS in an AMD SEV-SNP guest or host environment. | ~snp@1.0 evidence through the common measurement device. |
| AndEE | Run PermawebOS as an Android app. | The Android runtime. |
| Bare kernel | Run the kernel directly for development or trusted deployments. | Kernel signatures and node policy; no hardware measurement by default. |
Hardware Trust
Hardware security is a spectrum. SNP, LapEE with TME/SME, LapEE without memory encryption, and Android-backed execution all make different claims. The useful question is not whether a machine is perfectly secure; it is which attack costs the evidence raises, and whether that is enough for the value at risk.
LapEE is not a general desktop or a general cloud TEE. It is a single-purpose laptop appliance: boot, measure, start one PermawebOS node, expose the network API, and keep local runtime surfaces small.
Measurement
~measurement@1.0 is the common evidence interface. A boot measurement contains
the system report and the signed node message. The architecture backend binds
that subject to hardware evidence:
~tpm@2.0afor LapEE laptops.~snp@1.0for SEV-SNP.- future architecture devices through the same contract.
For LapEE, PCR 15 is the bridge from measured boot to node identity. The boot measurement subject includes the public node message, and the runtime extends PCR 15 with that subject so a verifier can connect the TPM quote to the node that later signs AO-Core results.