Home

Oreulius began with a refusal.

A refusal to accept that the inherited shape of operating systems is the only shape they can have.

For decades, kernels have been built around assumptions so familiar they almost disappear: authority is ambient, state is opaque, and native execution is the natural center of the machine. Those assumptions produced extraordinary systems. They still do. But they also define what becomes easy to build, what becomes difficult to inspect, and what remains dangerously implicit.

Oreulius began with a different question:

What would a kernel look like if authority were explicit, state could remember, and sandboxed execution stood at the center of the system?

That question became the project.

Oreulius explores a design in which authority is carried through capabilities instead of ambient privilege. Power is not merely assumed from context; it is granted, delegated, constrained, and made visible. Delegation is not left as an invisible side effect of the system. It becomes a structure the kernel can inspect and defend.

It also explores a kernel in which state is not only changed, but remembered. Instead of treating mutation as a trail that vanishes behind the present moment, Oreulius asks whether kernel objects should carry history: snapshots, rollback, branching, merge, replay. Not as an afterthought, but as part of the architecture itself.

And at the level of execution, Oreulius asks whether WebAssembly belongs not only in browsers or runtimes, but in the operating system's own story. Not as a novelty, but as a serious execution surface: portable, sandboxed, language-neutral, and tightly mediated by the kernel.

None of these ideas are entirely new on their own.

Capabilities have roots in systems like Genode, seL4, and L4Re. Checkpointing and snapshotting exist in CRIU, container orchestration, and filesystem layers. WebAssembly runtimes exist in browsers, servers, and even as kernel modules. These ideas have been explored, separately, for decades.

What matters is the attempt to bring them together.

There is no operating system that combines all three: a capability attenuation model the kernel can inspect and defend, temporal state built into kernel objects themselves, and a WASM-first execution model with in-kernel JIT tightly mediated by the kernel's capability system. No system treats these as a unified architecture rather than separate concerns bolted together.

Oreulius is built on the belief that explicit authority, temporal state, and sandbox-first execution may belong to the same architectural future. If that belief is correct, the result could be a kernel that is more auditable, more replayable, and more disciplined about how power moves through the system. If it is wrong, the experiment still matters, because real systems only reveal their truth when ideas are forced through implementation.

That is why Oreulius exists.

Not to imitate Linux. Not to replace mature operating systems. Not to pretend that decades of systems design can be discarded with a manifesto.

Oreulius exists to test a serious alternative in code.

It is a kernel built around a question: whether the foundations of operating systems can be made more explicit, more inspectable, and more verifiable than the defaults we inherited.

Everything else follows from that.

If you would like to read the doc on resolving security issues involving JIT kernel WASM compilation, please read: https://github.com/reeveskeefe/Oreulius-Kernel/blob/main/docs/runtime/oreulia-jit-security-resolution.md to get a clearer idea of how this is planned security-wise.

Thanks! Keefe