## §SELF — miscsubjects portable reference

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `article_bundle` — **LLM article bundle**
Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution.
- **article slug:** `oip-from-capability-security`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Reference block for Grok/GPT/Gemini. Section §SELF explains the system.
- **read:** https://miscsubjects.com/api/articles/oip-from-capability-security/bundle?format=markdown

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/oip-from-capability-security/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **topology** — Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER. · https://miscsubjects.com/api/articles/oip-from-capability-security/topology
- **voxels** — Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance. · https://miscsubjects.com/api/articles/oip-from-capability-security/voxels
- **ask** — Answer only from topology; creates question_node with gaps and ingest_hint. · https://miscsubjects.com/api/articles/oip-from-capability-security/prompts
- **ingest** — Parse pasted evidence → source ledger + claims + evidence_ingest node.
- **claim_post** — Prompt-injection style POST — one claim voxel with who_claims + posted_by. · https://miscsubjects.com/api/articles/oip-from-capability-security/voxels
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*

---

# miscsubjects article bundle

> Reference bundle for Grok, GPT, Gemini, or a human reader. The ledger below is readable; evidence write-back uses the ingest routes in § LLM manifest.

## Article
- **slug:** `oip-from-capability-security`
- **title:** What OIP Should Take from Capability Security
- **url:** https://miscsubjects.com/a/oip-from-capability-security
- **register:** standard
- **updated:** 2026-07-15T04:20:23.443Z
- **tags:** oip, kimi-import, self-explaining, voxel, lineages, oip-from-capability-security

## Body

<!-- hierarchy:nav -->
> **Path:** [OIP](https://miscsubjects.com/a/oip) › [Thinker Reference](https://miscsubjects.com/a/oip-thinker-reference) › [OIP Lineages](https://miscsubjects.com/a/oip-from-lineages) › **What OIP Should Take from Capability Security**
>
> **Shelf:** OIP Lineages · **Traversal:** self-explaining · hierarchical · voxel-ready
> **Machine root:** [OIP tree](https://miscsubjects.com/api/dispatch?map=1&format=markdown) · [Registry](https://miscsubjects.com/api/dispatch?registry=1)

# What OIP Should Take from Capability Security

## §SELF — oip-from-capability-security

**What this page is:** A list of capability security principles that OIP adopts and the additions OIP makes to the model.
**What it explains:** How capability-based access control works and why OIP uses it instead of identity-based security.
**Why read it:** To understand why OIP tokens work the way they do — and why they are safer than passwords or API keys.

### What Capability Security Is

Capability security is an access control model where possession of a reference (a capability) grants the right to use a resource. There is no separate permission check, no role lookup, no identity verification. If you hold the capability, you have the authority. If you do not hold it, you do not. The model was formalized in operating systems research (Hydra, EROS, Capsicum) and later adapted for distributed systems.

### Why It Matters

Identity-based security (username/password, ACLs, role lists) requires the server to know who you are and look up what you are allowed to do. This creates a central point of failure, a privacy leak, and a bottleneck. Capability security removes the identity lookup entirely. Authority travels with the request. This matters for OIP because models are not people. A model does not have a username. A model has a token. The token is the identity and the permission in one object.

### The Key Idea

A capability token in OIP is an unforgeable, scoped, delegable, revocable reference to an object. It is not a password. It is not a session cookie. It is a cryptographic token that says: "whoever presents this may perform exactly these operations on exactly this object." The server does not check who you are. The server checks only that the token is valid and that the requested operation falls within the token's scope.

### What OIP Takes from Capability Security

**Possession conveys authority.** The capability token is the permission. No separate ACL. No role check. No identity verification. If a model holds the token, it can invoke the object. If it does not hold the token, it cannot. The server does not need to know the model's name, origin, or trust level. It checks the token.

**Unforgeable references.** Capability tokens are cryptographically random. They cannot be guessed, enumerated, or manufactured by clients. Only the server that issues a token can create valid tokens. Each token is bound at creation to a specific object and a specific scope.

**Safe delegation.** A model that holds a token can pass it to another model. The receiving model gains exactly the authority encoded in the token — no more. It cannot use the token to access other objects. It cannot expand the token's scope. Delegation transfers only what the token already permits.

**Attenuation.** A token holder can create a child token that is strictly narrower than the parent: fewer allowed operations, shorter expiry, fewer uses, tighter constraints. The child cannot exceed the parent. OIP v0.8 enforces this: every child token is a subset of its parent's scope. A model can give away only what it has, and only in a more limited form.

**The confused deputy problem solved.** In identity-based systems, a trusted process operates with its own full authority. If an attacker tricks that process into performing an action on the attacker's behalf, the process uses its own authority to do something the attacker could not do directly. This is the confused deputy attack. Capability security eliminates it: authority is in the token, not in the process. A model presents a token; the server checks only that token. The model cannot act beyond any token it holds.

**Membrane revocation.** Revoking a parent token invalidates all tokens derived from it — the entire subtree. OIP v0.8 implements subtree revocation. If a top-level token is revoked, every child, grandchild, and descendant token becomes invalid immediately. This makes revocation complete: there are no orphaned capabilities floating in the system.

### What OIP Adds to Capability Security

**Web-native transport.** Classical capability systems were built for operating systems or closed networks. OIP uses URLs for objects, HTTP for transport, and JSON for messages. Capabilities travel over the same infrastructure as the rest of the web.

**Receipt-based proof.** Traditional capability systems grant access but produce no record of use. OIP generates a signed receipt for every invocation. The receipt proves that the capability was exercised, by whom, when, and with what result. This transforms capabilities from access keys into auditable instruments.

**Model-readable contracts.** Classical capabilities are opaque references — a number, a handle, a pointer. OIP capability records include structured metadata: what operations the token permits, what parameters each accepts, what the object returns. A model can read this metadata and understand what it is allowed to do without human documentation.

**The convergence framework.** Capability security alone does not specify how multiple models coordinate their work. OIP adds the convergence framework: a protocol for models to propose, evaluate, and converge on shared outputs while each retains its own tokens and authority. Capabilities enable the security; convergence enables the coordination.

### Sources

- Dennis, Jack B., and Earl C. Van Horn. "Programming Semantics for Multiprogrammed Computations." *Communications of the ACM,* 1966. (Early capability concept.)
- Levy, Henry M. *Capability-Based Computer Systems.* Digital Press, 1984. (Comprehensive history.)
- Miller, Mark S., et al. "Capability Myths Demolished." *SAPIR,* 2003. (Addresses common objections to capability security.)

---

## Up the tree

- [OIP root](https://miscsubjects.com/a/oip) — protocol root, zero-context entry
- [Thinker Reference hub](https://miscsubjects.com/a/oip-thinker-reference) — full hierarchy map
- [OIP Lineages shelf](https://miscsubjects.com/a/oip-from-lineages) — siblings on this shelf
- [Voxel graph article](https://miscsubjects.com/a/what-is-voxel-graph) — how pages link as voxels
- [Self-describing protocol](https://miscsubjects.com/a/what-is-self-describing-protocol)

## Related on this shelf

- [What OIP Should Take from REST](https://miscsubjects.com/a/oip-from-rest)
- [What OIP Should Take from the Semantic Web](https://miscsubjects.com/a/oip-from-semantic-web)

## Machine surfaces

- Public page: `https://miscsubjects.com/a/oip-from-capability-security`
- JSON article: `https://miscsubjects.com/api/articles/oip-from-capability-security`
- OIP ask: `https://miscsubjects.com/api/dispatch?ask=What%20OIP%20Should%20Take%20from%20Capability%20Security`


## Claims (0)


## Voxel graph (0 atoms · 0 edges)
- full graph: https://miscsubjects.com/api/articles/oip-from-capability-security/voxels

## Article constitution

- full: https://miscsubjects.com/api/articles/constitution

## Source ledger (0)
- chain valid: yes · head: `genesis`

## Provenance (1 model passes)
- chain valid: yes · head: `5ebff32fa4b1bff7`

- write · kimi-agent-import · 2026-07-15T04:20 · hash `5ebff32fa4b1`

## Question graph
- questions: 0 · evidence ingests: 0

## LLM manifest — how to communicate with this ledger

- system map: https://miscsubjects.com/api/articles/system-map?format=markdown
- topology (ranked): https://miscsubjects.com/api/articles/oip-from-capability-security/topology
- ingest: POST https://miscsubjects.com/api/protocol/ingest
- claim: POST https://miscsubjects.com/api/protocol/claim

### Quick actions for this article
- **Read live:** https://miscsubjects.com/api/articles/oip-from-capability-security/topology
- **Ask (API):** POST https://miscsubjects.com/api/protocol/ask `{"slug":"oip-from-capability-security","question":"..."}`
- **Ingest your findings:** POST https://miscsubjects.com/api/protocol/ingest or text `ingest oip-from-capability-security|your evidence`
- **Post one claim:** POST https://miscsubjects.com/api/protocol/claim or text `claim oip-from-capability-security|tier|assertion`
- **iMessage ask:** `oip-from-capability-security|your question`
- **System map:** https://miscsubjects.com/api/articles/system-map?format=markdown


---

## §SELF — miscsubjects portable reference

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `system_map` — **System map**
Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **article slug:** `oip-from-capability-security`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **read:** https://miscsubjects.com/api/articles/system-map

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/oip-from-capability-security/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **constitution** — Binding rules: required article slots, claim/source rules, ontology anti-sprawl. · https://miscsubjects.com/api/articles/constitution
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest
- **oip_article_hub** — Public article-native Object Invocation Protocol docs: /a/oip root, generated shelf/system/capability articles, machine bundles, token boundary, and receipt loop. · https://miscsubjects.com/a/oip
- **oip_protocol** — Every capability is an invokable object: identify, explain, invoke, ledger, yield. · https://miscsubjects.com/a/oip
- **bundle** — Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution. · https://miscsubjects.com/api/articles/oip-from-capability-security/bundle?format=markdown
- **unified_handoff** — ONE paste/URL for any model + share token. Same self-explaining pattern as article bundle, but whole build. · https://miscsubjects.com/api/handoff?format=markdown

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*