Evidence review · standard

Mark Miller — Capability Security and the E Language

#oip#kimi-import#self-explaining#voxel#thinkers#thinker-mark-miller
bundle · json · system map · manifest

Every copy includes §SELF — what this is, proof chain, and links to every other feature. No context required.

§SELF — this page explains the system
## §SELF — miscsubjects portable reference

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `human_page` — **Human article page**
Rendered article with claims, sources, copy widgets, ask prompts.
- **article slug:** `thinker-mark-miller`
- **contains:** rendered article, copy widgets, claims, sources, ask prompts
- **how to use:** Use Copy for LLM or Copy system map — both paste without context.
- **read:** https://miscsubjects.com/a/thinker-mark-miller

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/thinker-mark-miller/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **bundle** — Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution. · https://miscsubjects.com/api/articles/thinker-mark-miller/bundle?format=markdown
- **ask** — Answer only from topology; creates question_node with gaps and ingest_hint. · https://miscsubjects.com/api/articles/thinker-mark-miller/prompts
- **topology** — Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER. · https://miscsubjects.com/api/articles/thinker-mark-miller/topology

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*

<!-- hierarchy:nav -->

Path: OIPThinker ReferenceThinkersMark Miller — Capability Security and the E Language

Shelf: Thinkers · Traversal: self-explaining · hierarchical · voxel-ready
Machine root: OIP tree · Registry

Mark Miller — Capability Security and the E Language

§SELF — thinker-mark-miller

What this page is: A profile of the computer scientist who built a programming language and protocol around a single security principle: possession conveys authority. What it explains: Capability-based security, the confused deputy problem, CapTP, promise pipelining, and what OIP should take from this work. Why read it: You will understand a different way to think about security — one where authority is carried by references, not checked by permissions lists — and why this matters for systems that delegate power between autonomous agents.

What Mark Miller Did

Mark Miller is a computer scientist who is the most important figure in capability security after the field's founders. Capability security is an approach to computer security where the right to use a resource is granted by holding a reference to that resource. A reference is a pointer or handle that lets a program access an object or service.

Miller created:

  • The E programming language (ec-lang.org): A language designed around capability security principles. Every object interaction in E follows the capability model.
  • CapTP (Capability Transport Protocol): A protocol for sending capabilities across a network. CapTP lets one system hand another system the authority to use an object, securely and verifiably.
  • Promise pipelining: A technique for sending a chain of operations across a network without waiting for each round-trip to complete.
  • Agoric computing: A model of computation where objects trade capabilities in a market-like system.

He co-authored the paper "Paradigm Regained: Abstraction Mechanisms for Access Control" with Jonathan Shapiro, which argued that capability-based access control is more fundamental and more secure than permission-based systems.

The Key Idea: Possession Conveys Authority

In a capability system, if you hold a reference to an object, you can use it. There is no separate permission check. There is no central authority that decides who can do what. Authority is decentralized: it lives in the references you hold.

This is different from the security model most systems use today. Most operating systems and applications use Access Control Lists (ACLs). An ACL is a list that says "User A can read File B" and "User C cannot." A separate system — the operating system kernel, the database, the server — checks every request against this list.

In a capability system, there is no list. If you have the reference, you have the authority. If you do not have the reference, you cannot even name the object, so you cannot ask to use it. Security is enforced by the inability to refer to what you cannot access.

What Capability Security Got Right

Capability security eliminates a class of bugs called confused deputy problems. A confused deputy is a program that has authority to perform some action, and performs it on behalf of a caller without checking whether the caller should have that authority.

Example: A compiler has permission to write files in a temporary directory. A user asks the compiler to write output to a file. The user names the file /etc/password (a sensitive system file). The compiler, acting as a deputy for the user, overwrites the system file because it has write permission and does not check whether the user should have that permission.

In a capability system, the user would need to hand the compiler a reference (a capability) to the specific file they want written. The compiler cannot name /etc/password because it was never given a reference to it. The compiler can only write to files it has been explicitly handed.

Other correct contributions:

  • Authority always narrows on delegation. When you hand a capability to someone else, you can attenuate it — give them a reduced version. For example, you can hand someone a read-only capability to a file, even though you have read-write access. Authority can only narrow, never widen.
  • Composition is safe. Because capabilities are just references, they compose the same way all references do. Security policy emerges from how capabilities flow through the program, not from a separate policy layer.
  • No ambient authority. A program in a capability system has no automatic authority just because of who it is. It only has the capabilities it was explicitly given. This makes security reasoning local: you can understand what a component can do by looking at what capabilities it holds.

CapTP and Promise Pipelining

CapTP is a protocol for sending capabilities across a network. When system A wants to let system B use an object, it sends a capability over CapTP. The capability is unforgeable — B cannot guess it or manufacture it. B can then use it, delegate it, or attenuate it.

Promise pipelining solves a latency problem. In a network, every round-trip takes time. If you want to send a chain of operations — "get object X, then call method Y on it, then call method Z on the result" — a naive approach waits for each step before sending the next. Promise pipelining lets you send the entire chain at once. Each step is a promise: a placeholder for a value that will exist in the future. The remote system resolves the promises and executes the chain without waiting for round-trips.

What OIP Should Take From This Work

The Object Interface Protocol (OIP) defines how objects communicate across systems. From Mark Miller's work, OIP should adopt three things:

  1. CapTP for capability transport between systems. When one OIP endpoint delegates authority to another, it should use a protocol like CapTP to transfer capabilities securely. The receiving system should not be able to forge or escalate capabilities.
  2. Promise pipelining for asynchronous operations. OIP endpoints will often need to chain operations across network boundaries. Promise pipelining lets them do this efficiently, without blocking on each round-trip.
  3. The principle that authority always attenuates on delegation. When an OIP endpoint hands a capability to another endpoint, it should only be able to narrow the authority — reduce what the receiver can do, never increase it. This prevents privilege escalation attacks.

How It Connects to Other Ideas

  • Roy Fielding's REST: REST's statelessness means each request carries its own context. Capability security means each request carries its own authority. Both principles say: the server should not need to remember who you are or what you can do. The request should speak for itself.
  • Tim Berners-Lee's Semantic Web: Linked Data uses URIs to name things. Capabilities use unforgeable references to grant access. Both are systems of decentralized naming and authority, but capabilities add security to the referencing mechanism.

Sources

  • Miller, Mark S., and Jonathan S. Shapiro. "Paradigm Regained: Abstraction Mechanisms for Access Control." 2003.
  • The E Programming Language: https://www.ec-lang.org
  • CapTP specification and Agoric computing papers, available via the Agoric SDK documentation.

---

Up the tree

Related on this shelf

Machine surfaces

  • Public page: https://miscsubjects.com/a/thinker-mark-miller
  • JSON article: https://miscsubjects.com/api/articles/thinker-mark-miller
  • OIP ask: https://miscsubjects.com/api/dispatch?ask=Mark%20Miller%20%E2%80%94%20Capability%20Security%20and%20the%20E%20Language

thinker-mark-miller · condition map

Evidence map

Hover a node — its path lights up. Click to open the article.

Full map →
33
Thinkers on shelf
Talk to this article
Tap a phone. Ask anything about Mark Miller — Capability Security and the E Language. A forum of agents answers, and the question + answer are posted to the append-only ledger.
Questions queue for the coding-agent forum (one answer per cron tick). Real phone instead: iMessage +14245134626 · WhatsApp. Thread + proof: JSON · ledger.
Ask this article · 2 suggested prompts

Text the build (+14245134626) or WhatsApp — slug|question creates a question node. Paste evidence with ingest slug|q:NODE_ID|your paste.

For my medical situation, what can you answer from your catalogue about Mark Miller — Capability Security and the E Language — and what would you need me to tell you first?
ask thinker-mark-miller condition gaps · paste includes §SELF
What good and bad outcomes are documented for Mark Miller — Capability Security and the E Language (studies vs anecdotes)?
ask thinker-mark-miller good bad experiences · paste includes §SELF
thinker-mark-miller · posted 2026-07-15 · updated 2026-07-15
Ledger API & provenance
Provenance · 1 model pass · 0 tokens · $0 · 1 model
chain head c88d0bfcfd5de714
write kimi-agent-import · 2026-07-15 04:20 · 0 tok · c88d0bfcfd5d
verify chain →
Live ledger · 14 payloads · 4 turns
recent activity · inspect
ARTICLE_CREATED automation · HTTP 200 · 2026-07-15 04:20 · t_article_wh1xtfe3
delivery.delivered blooio · 2026-07-14 21:22
delivery.delivered blooio · 2026-07-14 21:22
delivery.sent blooio · 2026-07-14 21:22
delivery.sent blooio · 2026-07-14 21:22
BLOOIO_SEND_CHAT_MESSAGE mcp · HTTP 200 · 2026-07-14 21:22 · t_hacguds3
view full ledger & cards →
REST + ledger
read GET /api/articles/thinker-mark-miller · GET /api/articles/thinker-mark-miller?format=post (the editable body)
create/replace POST /api/articles/thinker-mark-miller · PUT /api/articles/thinker-mark-miller (replace, keeps revision) · PATCH /api/articles/thinker-mark-miller (merge)
delete DELETE /api/articles/thinker-mark-miller
writes need header x-terminal-key
LLM bundle GET /api/articles/thinker-mark-miller/bundle?format=markdown — body + claims + sources + provenance + manifest
post claim POST /api/protocol/claim · iMessage claim thinker-mark-miller|tier|assertion
system map GET /api/articles/system-map?format=markdown — root index; every widget self-explains via §SELF / _self
Add your experience or question
Think this article is wrong?
Call bullshit on CharlieOS →
Loading more articles…