Telos Lang Compiler
Formally Verified Policy Compiler
Section titled “Formally Verified Policy Compiler”Telos Lang is a Rust-based compiler that translates high-level security intent declarations into Z3-verified eBPF bytecode. It uses Hoare Logic and BitVector analysis to mathematically prove policy safety before kernel deployment.
Dual-Target Pipeline
Section titled “Dual-Target Pipeline”The compiler generates code for two targets simultaneously in a single compilation pass:
| Target | Architecture | Purpose |
|---|---|---|
| x86_64 Host | ELF binary | User-space policy loader and bootstrap |
| BPF Kernel | eBPF bytecode | Kernel sandbox enforcement |
Compilation Phases
Section titled “Compilation Phases”- Parsing — Chumsky parser extracts intent blocks and IFC annotations from
.telosfiles - Type Checking — Static IFC lattice verification (
Secret<T>,Public<T>,Tainted<T>) - Z3 Verification — SMT solver proves all eBPF basic blocks are memory-safe
- Code Generation — LLVM
inkwellbackend emits dual-target IR - Bootstrap —
llvm.global_ctorsinjector loads eBPF sandbox beforemain()
CLI Interface
Section titled “CLI Interface”telosc new <name> # Create new policy environmenttelosc check <file> # Static IFC typecheck without compilingtelosc verify <file> # Z3 formal verificationtelosc build <file> # Full compilation to ELF + BPFIFC Lattice
Section titled “IFC Lattice”The Information Flow Control lattice defines how data flows between security levels:
Secret<T> ← highest security level ↓Tainted<T> ← elevated by sensitive operations ↓Public<T> ← default level, may flow to networkData flows are only permitted downward in the lattice. A Secret<T> value cannot be cast to Public<T> without explicit cryptographic declassification (SHA-256 or AES-GCM boundary casting).