CCSL Documentation

Everything you need to build with the Central Compute Self-Processing Language

Getting Started

CCSL (Central Compute Self-Processing Language) is a verification-first computation framework that ensures code cannot execute until its behavior is proven compliant with policy. This documentation will guide you through installation, core concepts, and implementation.

Prerequisites: Python 3.8+ or Rust 1.70+, basic understanding of cryptographic primitives, familiarity with policy-based security models.

Installation

Python SDK

pip install ccsl

Rust Core

cargo install ccsl-runtime ccsl-verifier --version

From Source

git clone https://github.com/verity-intelligence/ccsl.git cd ccsl cargo build --release

Verify Installation

ccsl --version # Output: ccsl 1.0.0

Quick Start

Your First Verified Execution

from ccsl import Policy, Compartment, VerifiedExecutor # Define security policy policy = Policy( name="hello-world", compartment=Compartment.PUBLIC, allowed_operations=["print", "string_manipulation"] ) # Create executor executor = VerifiedExecutor(policy) # Code to execute code = """ message = "Hello, CCSL!" print(message) """ # Execute with verification result = executor.run(code) if result.success: print(f"Execution verified! Trust level: {result.trust_level}") print(f"SAF ID: {result.saf_record.saf_id}") else: print(f"Verification failed: {result.violations}")

Core Concepts

1. Policies

Policies define what code is allowed to do. Every CCSL execution must have an associated policy that declares permitted operations, resource limits, and security constraints.

2. Compartments

Compartments isolate code execution into security zones:

  • PUBLIC - Minimal restrictions, public data only
  • INTERNAL - Organization-internal operations
  • CONFIDENTIAL - Sensitive data, restricted operations
  • RESTRICTED - Highest security, maximum verification

3. Verification Layers

CCSL employs four verification layers:

  1. Static Analysis - Code structure and policy compliance
  2. Policy Compilation - Transform policy into enforceable rules
  3. Runtime Monitoring - Observe execution behavior
  4. Multi-Party Attestation - Independent verifiers co-sign results

4. SAF Records

Structured Audit Format (SAF) v2 provides cryptographic proof of execution. Every verified execution produces a SAF record containing state hashes, signatures, policy results, and execution metadata.

Architecture

System Components

┌─────────────────────────────────────┐ │ CCSL Application Code │ └──────────────┬──────────────────────┘ │ ┌──────────────▼──────────────────────┐ │ Policy Layer │ │ - Security declarations │ │ - Resource limits │ └──────────────┬──────────────────────┘ │ ┌──────────────▼──────────────────────┐ │ Verification Engine │ │ - Static analysis │ │ - Policy compilation │ └──────────────┬──────────────────────┘ │ ┌──────────────▼──────────────────────┐ │ Execution Runtime │ │ - Sandboxed environment │ │ - Deterministic execution │ └──────────────┬──────────────────────┘ │ ┌──────────────▼──────────────────────┐ │ Attestation Layer (SAF v2) │ │ - Multi-party signatures │ │ - Cryptographic proofs │ └─────────────────────────────────────┘

API Reference

Data Structures

StateDescriptor, StateTransition, CcslEntry, and core types

SAF v2 Format

Structured Audit Format specification and examples

CLI Tools

ccsl-node, ccsl-verifier, and command-line utilities

Source Code

Complete reference implementation on GitHub

Examples

Example 1: File Processing with Verification

from ccsl import Policy, Compartment, VerifiedExecutor # Define policy for file operations policy = Policy( name="file-processor", compartment=Compartment.INTERNAL, allowed_operations=["file.read", "file.write", "data.transform"], resource_limits={"max_memory": "1GB", "max_duration": "60s"} ) executor = VerifiedExecutor(policy) code = """ with open('input.txt', 'r') as f: data = f.read() processed = transform_data(data) with open('output.txt', 'w') as f: f.write(processed) """ result = executor.run(code) print(f"SAF Record: {result.saf_record}")

Example 2: Multi-Party Verification

from ccsl import VerificationRequest, VerifierPool # Create verification request request = VerificationRequest( code_hash="a1b2c3...", policy_hash="d4e5f6...", required_verifiers=5 ) # Submit to verifier pool pool = VerifierPool.connect("https://verifiers.verity-intelligence.com") attestations = pool.request_verification(request) # Wait for threshold if attestations.count() >= 3: # 3-of-5 threshold print("Verification consensus achieved") result.commit_to_ledger()

Contributing

We welcome contributions to CCSL! Here's how to get started:

Development Setup

git clone https://github.com/verity-intelligence/ccsl.git cd ccsl cargo build cargo test

Contribution Guidelines

  • Follow the contribution guidelines
  • Write tests for new features
  • Document public APIs
  • Submit pull requests with clear descriptions
  • Join our Discord for discussions

Areas for Contribution

Core Runtime

Rust implementation, performance optimization, security hardening

Language Bindings

Python SDK, TypeScript bindings, language integrations

Documentation

Tutorials, examples, API documentation, translations

Tooling

IDE plugins, debuggers, visualization tools

Need Help? Join our Discord community or check the complete technical whitepaper for detailed specifications.