Diff: systems/console-os
From 4bd58eb to 4bd58eb
+0 / −0 lines
| Before | After |
|---|---|
| --- | --- |
| schema: foundry-doc-v1 | schema: foundry-doc-v1 |
| title: "Command ledger" | title: "Command ledger" |
| slug: console-os | slug: console-os |
| category: systems | category: systems |
| type: concept | type: concept |
| quality: complete | quality: complete |
| status: active | status: active |
| audience: vendor-public | audience: vendor-public |
| bcsc_class: public-disclosure-safe | bcsc_class: public-disclosure-safe |
| language_protocol: PROSE-TOPIC | language_protocol: PROSE-TOPIC |
| last_edited: 2026-05-15 | last_edited: 2026-05-15 |
| editor: pointsav-engineering | editor: pointsav-engineering |
| paired_with: console-os.es.md | paired_with: console-os.es.md |
| short_description: "os-console is the human-facing surface of the PointSav platform — a Command Ledger that connects to a Totebox and renders its state to the operator via a keyboard-driven, F-key-structured interface." | short_description: "os-console is the human-facing surface of the PointSav platform — a Command Ledger that connects to a Totebox and renders its state to the operator via a keyboard-driven, F-key-structured interface." |
| cites: [] | cites: [] |
| references: | references: |
| - id: 1 | - id: 1 |
| text: "Green, C. 'Improved Alpha-Tested Magnification for Vector Textures and Special Effects.' ACM SIGGRAPH 2007 courses, 2007." | text: "Green, C. 'Improved Alpha-Tested Magnification for Vector Textures and Special Effects.' ACM SIGGRAPH 2007 courses, 2007." |
| url: "https://dl.acm.org/doi/10.1145/1281500.1281665" | url: "https://dl.acm.org/doi/10.1145/1281500.1281665" |
| - id: 2 | - id: 2 |
| text: "ISO 19650-1:2018 — Organization and digitization of information about buildings and civil engineering works, including building information modelling (BIM)." | text: "ISO 19650-1:2018 — Organization and digitization of information about buildings and civil engineering works, including building information modelling (BIM)." |
| url: "https://www.iso.org/standard/68078.html" | url: "https://www.iso.org/standard/68078.html" |
| --- | --- |
| `os-console` is the human-facing surface of the PointSav platform — a Command Ledger that connects to one [[totebox-os|Totebox]] and renders its state to the operator. It does not store data and does not run services; it is a high-fidelity terminal purpose-built around keyboard-driven operator flow. The reference point is the Bloomberg Terminal: a single keyboard, a small set of [[os-console-platform|function keys]], and a relentless focus on the operator's context. The binary is written from scratch in Rust for sub-50-millisecond cold start and a 15-megabyte footprint. This article covers how os-console runs, the F-key surface, the [[three-ring-architecture|rendering stack]], and the two operating modes. | `os-console` is the human-facing surface of the PointSav platform — a Command Ledger that connects to one [[totebox-os|Totebox]] and renders its state to the operator. It does not store data and does not run services; it is a high-fidelity terminal purpose-built around keyboard-driven operator flow. The reference point is the Bloomberg Terminal: a single keyboard, a small set of [[os-console-platform|function keys]], and a relentless focus on the operator's context. The binary is written from scratch in Rust for sub-50-millisecond cold start and a 15-megabyte footprint. This article covers how os-console runs, the F-key surface, the [[three-ring-architecture|rendering stack]], and the two operating modes. |
| ## How it runs | ## How it runs |
| `os-console` ships as a single executable. On the host operating system — Windows, macOS, or Linux — it acts as a Virtual Machine Monitor: it uses the host's native virtualisation API to create a small, isolated VM in RAM and boots an [[sel4-microkernel-substrate|seL4]] environment inside it. | `os-console` ships as a single executable. On the host operating system — Windows, macOS, or Linux — it acts as a Virtual Machine Monitor: it uses the host's native virtualisation API to create a small, isolated VM in RAM and boots an [[sel4-microkernel-substrate|seL4]] environment inside it. |
| | Host | Native VMM API | | | Host | Native VMM API | |
| |---|---| | |---|---| |
| | Windows | Windows Hypervisor Platform (WHPX) | | | Windows | Windows Hypervisor Platform (WHPX) | |
| | macOS | `Hypervisor.framework` | | | macOS | `Hypervisor.framework` | |
| | Linux | KVM | | | Linux | KVM | |
| The operator thinks they opened an application. What they have done is spun up a hardware-isolated secure environment in roughly 50 milliseconds. When the application closes, the secure memory is wiped. Nothing touches the host hard drive. The security model relies on [[machine-based-auth|hardware-bound pairings]] rather than usernames or passwords. | The operator thinks they opened an application. What they have done is spun up a hardware-isolated secure environment in roughly 50 milliseconds. When the application closes, the secure memory is wiped. Nothing touches the host hard drive. The security model relies on [[machine-based-auth|hardware-bound pairings]] rather than usernames or passwords. |
| ## The F-key surface | ## The F-key surface |
| The interface organises every entity's reality into a fixed set of pillars. Each pillar is a function key: | The interface organises every entity's reality into a fixed set of pillars. Each pillar is a function key: |
| | Key | Pillar | Service | | | Key | Pillar | Service | |
| |---|---|---| | |---|---|---| |
| | F1 | HELP | [[app-console-input|content-wiki-documentation]] (read-only operating procedures) | | | F1 | HELP | [[app-console-input|content-wiki-documentation]] (read-only operating procedures) | |
| | F2 | PEOPLE | [[service-people|service-people]] — the identity ledger | | | F2 | PEOPLE | [[service-people|service-people]] — the identity ledger | |
| | F3 | EMAIL | [[service-email|service-email]] — the Comm Diode | | | F3 | EMAIL | [[service-email|service-email]] — the Comm Diode | |
| | F4 | CONTENT | [[service-content|service-content]] — the drafting and synthesis engine | | | F4 | CONTENT | [[service-content|service-content]] — the drafting and synthesis engine | |
| | F5 | MINUTEBOOK | service-minutebook — deep records | | | F5 | MINUTEBOOK | service-minutebook — deep records | |
| | F6 | BOOKKEEPER | service-bookkeeper — the financial ledger | | | F6 | BOOKKEEPER | service-bookkeeper — the financial ledger | |
| | F12 | INPUT MACHINE | [[app-console-input]] — the human-in-the-loop ingestion gateway | | | F12 | INPUT MACHINE | [[app-console-input]] — the human-in-the-loop ingestion gateway | |
| F12 is mandatory per [[architecture-decisions|SYS-ADR-10]]. The [[app-console-input|Input Machine]] is the only surface through which raw external files can enter a Totebox. Files dropped into F12 have execution permissions stripped, are tagged against the operator's [[archetypes-and-chart-of-accounts|Chart of Accounts]], and are routed to F5 or F6. | F12 is mandatory per [[architecture-decisions|SYS-ADR-10]]. The [[app-console-input|Input Machine]] is the only surface through which raw external files can enter a Totebox. Files dropped into F12 have execution permissions stripped, are tagged against the operator's [[archetypes-and-chart-of-accounts|Chart of Accounts]], and are routed to F5 or F6. |
| ## The rendering stack | ## The rendering stack |
| `os-console` is not a TUI inside a host terminal. It is a standalone graphics application that happens to display text. The stack is owned end-to-end and shares its design philosophy with [[design-philosophy|the broader PointSav design system]]: | `os-console` is not a TUI inside a host terminal. It is a standalone graphics application that happens to display text. The stack is owned end-to-end and shares its design philosophy with [[design-philosophy|the broader PointSav design system]]: |
| | Layer | Component | Notes | | | Layer | Component | Notes | |
| |---|---|---| | |---|---|---| |
| | Window | `pointsav-window` | Custom Win32 / Cocoa / X11/Wayland wrapper | | | Window | `pointsav-window` | Custom Win32 / Cocoa / X11/Wayland wrapper | |
| | GPU | `pointsav-gpu` | WGPU (Vulkan / Metal / DX12 abstraction); licence embedded in binary | | | GPU | `pointsav-gpu` | WGPU (Vulkan / Metal / DX12 abstraction); licence embedded in binary | |
| | Text | `pointsav-text` | Signed Distance Field (SDF) glyph renderer [^1]; infinite-zoom fidelity | | | Text | `pointsav-text` | Signed Distance Field (SDF) glyph renderer [^1]; infinite-zoom fidelity | |
| | Layout | `pointsav-layout` | Recursive row/column grid in roughly 500 lines of Rust | | | Layout | `pointsav-layout` | Recursive row/column grid in roughly 500 lines of Rust | |
| | Widget logic | Forked from ratatui core | Logic only; ratatui's renderer replaced by the WGPU pipeline | | | Widget logic | Forked from ratatui core | Logic only; ratatui's renderer replaced by the WGPU pipeline | |
| The result is a terminal interface with variable-weight headers, bloom effects, and smooth scrolling — while remaining purely keyboard-driven and rendering at the fidelity required by ISO 19650 [^2] document-state suffixes. | The result is a terminal interface with variable-weight headers, bloom effects, and smooth scrolling — while remaining purely keyboard-driven and rendering at the fidelity required by ISO 19650 [^2] document-state suffixes. |
| ## Direct mode and aggregate mode | ## Direct mode and aggregate mode |
| `os-console` operates in two modes determined by what it pairs with: | `os-console` operates in two modes determined by what it pairs with: |
| | Mode | Pair | Use case | | | Mode | Pair | Use case | |
| |---|---|---| | |---|---|---| |
| | Direct | One [[totebox-os|Totebox]] | A single entity's deep view; the default for individual operators | | | Direct | One [[totebox-os|Totebox]] | A single entity's deep view; the default for individual operators | |
| | Aggregate | One [[os-orchestration|os-orchestration]] (which aggregates many Toteboxes) | A portfolio view for executives and commercial-tier deployments | | | Aggregate | One [[os-orchestration|os-orchestration]] (which aggregates many Toteboxes) | A portfolio view for executives and commercial-tier deployments | |
| Both modes use the same `os-console` binary. The aggregator does not require a different Console. The complexity lives in `os-orchestration`. | Both modes use the same `os-console` binary. The aggregator does not require a different Console. The complexity lives in `os-orchestration`. |
| ## Single, unified, universal | ## Single, unified, universal |
| `os-console` is one product. There is no "Home" edition and no "Pro" edition. An individual hosting one Totebox uses the same Command Ledger as the administrator of a [[compliance-and-continuous-disclosure|Reporting Issuer]] aggregating hundreds. Commercial differentiation is determined by the presence or absence of `os-orchestration`, never by a tiered Console. The [[six-tier-sovereignty-matrix|six-tier sovereignty model]] governs how commercial tiers are structured across the platform. | `os-console` is one product. There is no "Home" edition and no "Pro" edition. An individual hosting one Totebox uses the same Command Ledger as the administrator of a [[compliance-and-continuous-disclosure|Reporting Issuer]] aggregating hundreds. Commercial differentiation is determined by the presence or absence of `os-orchestration`, never by a tiered Console. The [[six-tier-sovereignty-matrix|six-tier sovereignty model]] governs how commercial tiers are structured across the platform. |
| ## See also | ## See also |
| - [[totebox-os]] — the Totebox archive that os-console connects to and renders | - [[totebox-os]] — the Totebox archive that os-console connects to and renders |
| - [[app-console-input]] — the F12 Input Machine; deep coverage of the mandatory ingestion gateway | - [[app-console-input]] — the F12 Input Machine; deep coverage of the mandatory ingestion gateway |
| - [[diode-standard]] — why commands flow in one direction through the established pair | - [[diode-standard]] — why commands flow in one direction through the established pair |
| - [[os-family-overview]] — the five OS surfaces and how os-console fits among them | - [[os-family-overview]] — the five OS surfaces and how os-console fits among them |
| - [[deployment-patterns]] — how os-console appears in each of the six canonical deployment configurations | - [[deployment-patterns]] — how os-console appears in each of the six canonical deployment configurations |