Arsenal ACTs

Capability tokens
a brane can prove it holds.

When a brane calls a third-party API, talks to a peer over Biome, or requests a snapshot from storage, it presents an Arsenal Capability Token (ACT). ACTs are scoped to specific audiences, expire, and carry their full lineage — so the receiver can verify, offline, exactly which authority granted the call and how it was delegated.

[issuer]

Arsenal · brane-keyed

[shape]

JWT-like · ed25519 signed

[delegation]

no-amplification rule

[ttl]

short · auto-rotate

At a glance

The properties
that matter.

format

compact JOSE · Ed25519 over CBOR-canonical claims

claims

iss, sub, aud, exp, scope, lineage[]

scope grammar

capability:resource[:constraint] (e.g. net.http:api.example.com:GET)

delegation

no-amplification — a derived token is always a subset

rotation

short TTL · automatic refresh by Arsenal SDK

revocation

OAS revocation feed · 30s steady-state propagation

audience binding

aud claim must match the receiver DID; replay-attack-resistant

In the manifest

How you
describe it.

[brane.api.capability_token]
mint        = "arsenal://issuer/api"
ttl         = "30m"
audience    = ["api.branes.sh", "did:omega:brane:archive"]
delegation  = "no-amplification"

// minting policy declared per brane

In operation

What it
looks like running.

$ω capability inspect $TOKEN

header ed25519 · key ed25519:RJ4P issuer did:omega:brane:api/v1.4 subject did:omega:brane:api/v1.4 audience api.branes.sh, did:omega:brane:archive exp 2026-05-01T14:13:42Z (in 28m11s) …

$ω capability mint --brane api --aud archive --scope "fs.tmp:/scratch/x:rw" --ttl 5m

→ minted ACT · ttl=5m · ed25519 signed · lineage extended → COPY: eyJhbGciOiJFZERTQSJ9.eyJpc3MiOi...

By design

What you
can rely on.

Scope is the entire API

No "admin: true" flags. Capabilities are explicit verbs over explicit resources, with optional constraints.

SCOPED

Delegated tokens are always subsets

A brane can pass a token onward, but never with more authority than it holds. Verifiable from the lineage chain alone.

NO-AMPLIFICATION

Replay-resistant by audience claim

A token minted for archive can't be replayed against api. The audience match is a hard check.

AUDIENCE-BOUND

Verifiable without phoning home

The chain is self-contained: the public keys, the lineage, the revocation feed snapshot. Air-gapped substrates verify normally.

OFFLINE

← Security Lineage chain →

Capability tokensa brane can prove it holds.

The propertiesthat matter.

How youdescribe it.

What itlooks like running.

What youcan rely on.