Trust-Kernel: A Sealing Engine for Identity-Bound Computing

Trust-Kernel is a sealing engine for identity-bound computing at the operating-system layer. It separates validation from execution: untrusted input is first evaluated by an isolated kernel ("Voorproever"), then forwarded over a one-way signed bus to the executing kernel ("Archivaris") only if it is accepted and sealed.

Persistent state is protected by Airlock Bifurcation, an at-rest sealing model in which ciphertext is the default state and plaintext is produced only inside the Archivaris after both identity and policy checks pass. Trust-Kernel sits beneath the TIBET provenance chain and the JIS identity layer: TIBET proves what happened, JIS proves who is asking, and Trust-Kernel constrains what may execute and what may be opened.

Four design choices in v1 are made explicit: (1) at-rest sealing is actor-bound, (2) sharing is explicit re-sealing, (3) envelope encryption with deterministic KEK derivation and fresh DEKs is normative, and (4) policy and decryption are distinct gates with content-dependent policy as an explicit edge path. The architecture extends NIST SP 800-207 zero-trust principles from network to kernel layer.