4.6 KiB
Passepartout
What Passepartout is.
Passepartout is a project that builds toward a personal computing environment where you own your computation, your data, and your agency — and the architecture proves it, not promises it.
It is a single system that is simultaneously:
- Your editor, browser, shell, and AI agent — not separate programs but a single environment where everything works together because everything shares the same structure.
- Your knowledge base — a living memex of everything you read, write, and decide, stored in a format you can read and your machine can read, with no translation layer between them.
- Your gatekeeper — a system that checks every action against your rules before taking it, whether the action comes from you, from the AI, or from the network.
- Your identity and communication protocol — cryptographic identity, encrypted messaging, and provable exchanges between instances.
These are not separate products. They are one project, one architecture, one machine.
Why it exists.
The modern computing stack is built from independently built, independently untrusted layers: hardware, firmware, operating system, compilers, runtime, network protocols, applications. Each layer assumes the layers below it are either trusted or someone else's problem. The gaps between layers are where exploits live.
Security is reactive. We find bugs, we patch them, we run antivirus, we monitor logs. The model is probabilistic: "no known vulnerabilities" does not mean none exist, only that none have been found. The patching treadmill has been running for forty years and shows no sign of slowing.
Passepartout asks a different question: what if you eliminated the boundaries between layers instead of trying to secure them? What if the entire stack shared one structure, one verification, one proof — from the rules that authorize an action to the hardware that executes it?
This eliminates entire categories of threats by structural design, not by patching. Memory corruption exploits, compiler backdoors, malware with execution paths that bypass the rules — these are not mitigations you add on top of an unsafe system. They are classes of threat that cannot exist in a system built on this principle.
What it replaces.
| Current approach | Passepartout |
|---|---|
| Separate editor, browser, shell, agent — each a different program with different trust assumptions | One environment where all are functions in the same memory space |
| Knowledge stored in a database you cannot inspect | Knowledge stored in a file format you read and edit directly |
| Security through permissions, firewalls, antivirus, audits | Security through a rule system that checks every action before it executes |
| Separate identity systems for every service (Google login, GitHub, Slack) | One cryptographic identity you control |
| Vulnerabilities found and patched reactively | Categories of threat eliminated by architecture |
How we get there.
The full system is the destination, but every intermediate stage delivers value on its own. The project is designed as a staged migration from conventional hardware to the full architecture, with no rewrite required between stages. Stage 0 is running today.
What it means.
A system built this way shifts computing from an empirical trust model — "this has passed our tests" — to a deductive one: "this is structurally impossible for the following reasons." The downstream effects cascade beyond any single user:
- A company's compliance obligations become a set of rules the system enforces by construction, not a binder of documents an auditor reviews once a year.
- AI safety becomes a rule system between the AI and the actions it can take, not a set of probabilities and guardrails.
- Software certification becomes a shared suite of proofs from every deployed instance — a public attestation that a system behaves as specified.
Passepartout creates a new category: verified infrastructure. Not a safer operating system, not a better AI agent, not another social network — but the foundation beneath all three, built on a principle that the current approach cannot offer: that the system, by its structure, is trustworthy.
—
- Architecture — the system in detail
- Systemic Effects — what verification cascades into
- Staged Roadmap — from today to Stage 7