Skip to content
OSTK
REFERENCE // BOOT_STAGES

Boot Sequence

Boot is not a daemon start. It is a read-only scan that reads .ostk/ state, resolves identity, and reports what is on disk. The kernel does not modify project files during boot — it observes, verifies, and tells you what it found.

What Boot Does

ostk boot assembles a complete picture of the current workspace from three layers:

LAYER 1: REPO

Shared project state — .ostk/ directory, Agentfile, boot.md, pin caps. Committed to version control.

LAYER 2: OPERATOR

Personal identity — ~/.HUMANFILE (global) merged with .ostk/HUMANFILE (project). Never committed.

LAYER 3: HARNESS

Runtime environment — detected from environment variables at startup. Determines tool routing policy. Ephemeral.

The output is the merged context: context = f(repo) + g(operator) + h(harness). The agent instance receives this at session start. It knows who it is talking to, where it is running, and what it is allowed to do — without being told.

BOOT_STAGES

Boot executes five stages in strict sequence. Each stage depends on the output of the previous one. If a stage fails fatally, boot halts and prints a diagnostic.

0
PARSE AGENTFILE

If the OSTK_AGENTFILE environment variable is set, boot reads and parses the Agentfile at that path. Resolves:

  • FROM <model> — which LLM the agent targets
  • TOOL <name> — tool declarations (counted, not loaded)
  • LIMIT, ISOLATION — resource and sandbox constraints

Missing Agentfile is non-fatal — boot continues with defaults. Present-but-unreadable is an error.

0b
LOAD HUMANFILE

Hierarchical resolution loads operator identity and preferences. Resolution order:

  1. ~/.HUMANFILE — global identity (MODEL, SIGN, TRUST directives are immutable from this layer)
  2. .ostk/HUMANFILE — project-level config (may EXTENDS global)
  3. Merge if both exist — project overlays global, but identity fields stay pinned to the global source

Directives resolved at this stage: MODEL, SIGN, PREPROCESS, TRUST, SECRET, EMBED, DRIVER, VERB, BOOT.

After loading, boot auto-populates the AVAILABLE model list by scanning for known API keys (ANTHROPIC_API_KEY, GEMINI_API_KEY, etc.) and initializes secret masking for any SECRET directives.

1
KERNEL INIT

The identity and capability layer. Boot determines who you are and what you can do:

  • Trust tier — GPG web-of-trust determines your tier (T0 through T3). Your GPG key is checked against the project's signing chain.
  • ENTITYFILE — governance document loaded and GPG-verified. Invalid signatures are fatal (fail-closed). Missing ENTITYFILE is non-fatal (fresh-install path).
  • Pin caps — capability pins loaded from .ostk/pin.caps. These constrain what tools agents can invoke.
  • Drivers — declared drivers probed via Unix sockets. Boot never spawns drivers — it only checks what is already running. Inactive drivers are registered for demand-spawn on first use.
  • .language — the verb registry is populated. Kernel services, MCP primitives, introspection tools, and HUMANFILE VERB directives are all registered into the .language file.

Before any of this, boot reaps dead agents from the process table and cleans up orphaned heartbeat files — housekeeping from the previous session.

2
PRELOAD RENDER

Builds the context injection that every agent instance receives at session start. The preload is assembled from:

  • Project structure scan (what files exist, language breakdown)
  • .language register contents (all verbs, devices, services with their resolutions)
  • boot.md swap — the compiled operator section replaces the template boot.md
  • Identity blocks from HUMANFILE (communication style, scheduling preferences, corrections log)

The stable portion of this preload can be rendered once and uploaded as firmware — a deployment artifact that fleet members reference by ID rather than re-rendering independently.

3
INTENT COMPILE

Resolves the tack grammar and validates the dispatch loop:

  • Tack grammar — HUMANFILE VERB definitions are validated against .language. Unresolvable verbs reduce boot confidence.
  • INIT validation — the post-language INIT verb sequence is checked. Missing verbs in the INIT chain are flagged and penalize the boot confidence score.
  • Verb momentum — recent tack resolution history from the audit log is loaded to seed the confidence gradient.

After this stage, the compressed register dump is printed — a one-line summary of .language state (verb count, fleet size, open needles).

4
EXECUTION

The agent loop begins. Boot transitions from observation to action:

  • Harness detection — environment is probed to determine tool routing (Claude Code, ostk-serve, CI, terminal). This controls whether the agent uses native tools or MCP primitives.
  • Checkpoint verification — the most recent checkpoint's GPG signature is verified. Invalid signatures are fatal for governed agents, advisory for interactive sessions.
  • Version pin — if .ostk/version exists, the running binary version is checked against the pin.
  • Continuation prompt — if enabled, a dynamic prompt is generated from current workspace state and written to .ostk/prompts/continuation.md.

Tool calls from this point forward pass through the 7-step approval chain.

POST_CHECKS

Power-On Self-Test. Seven checks run during boot to verify system integrity. The POST 7/7 line in boot output confirms all passed. A failed check does not necessarily halt boot — some degrade gracefully, others are fatal.

HUMANFILE_RESOLVE
CHECKS
Hierarchical HUMANFILE resolution succeeds. Global (~/.HUMANFILE) and project (.ostk/HUMANFILE) merge without conflict.
ON FAILURE
Graceful — defaults used. Warning printed.
TRUST_VERIFY
CHECKS
GPG signature on HUMANFILE validates against the signing chain. Trust tier (T0–T3) is determined.
ON FAILURE
Bad signature is fatal (fail-closed). Missing GPG degrades to T3 (read-only).
ENTITYFILE_SIGN
CHECKS
ENTITYFILE governance document exists and its detached GPG signature (.asc or .sigstore) is valid.
ON FAILURE
Invalid signature at primary location is fatal. Missing ENTITYFILE is non-fatal (fresh install).
DRIVER_PROBE
CHECKS
Declared drivers are probed via Unix socket. Alive drivers registered; inactive ones marked for demand-spawn.
ON FAILURE
Graceful — inactive drivers spawn on first use. No boot failure.
LANGUAGE_INIT
CHECKS
.language registry is populated with kernel services, MCP primitives, HUMANFILE VERBs, and introspection tools.
ON FAILURE
Unresolvable VERBs reduce boot confidence score but do not halt boot.
CHECKPOINT_GPG
CHECKS
Most recent checkpoint's detached GPG signature is verified against accepted key set.
ON FAILURE
Fatal for governed agents. Advisory for interactive sessions. Expired keys reduce confidence.
VERSION_PIN
CHECKS
Running binary version matches .ostk/version pin (if present).
ON FAILURE
Warning with upgrade hint. Boot continues.

Boot Confidence

The boot confidence score is a 0.00–1.00 value computed at the end of boot. It measures how well the system can resolve operator intent into action. Three inputs feed the score:

IDENTITY COMPLETENESS

HUMANFILE loaded, trust tier resolved, ENTITYFILE verified. Missing identity layers drag the score toward zero.

RESOLUTION QUALITY

Recent tack resolutions from the audit log are weighted by tier (T1 = 1.0, T2 = 0.8, T3 = 0.5). High-tier resolutions lift the score.

INIT VALIDATION

The INIT verb sequence is checked against .language. Missing verbs in the post-language chain penalize confidence.

The score determines the operating mode:

FULL
0.90 – 1.00
All capabilities available. Normal operation.
MINIMAL
0.50 – 0.89
Core operations available. Some advanced features may be constrained.
RESTRICTED
0.00 – 0.49
Read-heavy mode. Write operations may require explicit confirmation. Fresh projects with no audit history start here.

A fresh project with no audit history will always show 0.00 (restricted mode). This is normal — the score rises as the system accumulates successful tack resolutions. It is a measure of earned trust, not a pass/fail gate.

BOOT_OUTPUT

A typical ostk boot run on a configured workspace. Each line maps to a stage above:

ostk boot

HUMANFILE loaded (global only)

trust: T1 (cross-signed, write access)

.language: 58 verbs | fleet: 0 alive

needles: 0 open

boot confidence: 0.00 (restricted mode)

✓ HUMANFILE loaded (global only)
Stage 0b succeeded. Only ~/.HUMANFILE was found (no project-level HUMANFILE). Identity and preferences resolved from the global file.
trust: T1 (cross-signed, write access)
Stage 1. Your GPG key is cross-signed by a T0 holder. Full write access granted.
.language: 58 verbs | fleet: 0 alive
Stage 2–3. The .language registry holds 58 verbs. No agents are currently running.
needles: 0 open
No open work items. The needle system is idle.
boot confidence: 0.00 (restricted mode)
Stage 3. No audit history yet — the confidence score starts at zero on a fresh workspace.

Harness Detection

Boot detects the execution environment and sets tool routing policy accordingly. The agent knows how to talk to the kernel without being told.

claude-code
DETECTION
OSTK_HARNESS=claude-code or TERM_PROGRAM=claude
TOOL ROUTING
Native Bash / Read / Edit / Grep. Background via run_in_background.
ostk-serve
DETECTION
OSTK_SERVE=1
TOOL ROUTING
MCP shell / spawn / interact. File I/O via fs_read / edit / fs_write.
ci
DETECTION
CI=true or GITHUB_ACTIONS=true
TOOL ROUTING
Native Bash. No background, no TTY.
terminal
DETECTION
Default fallback
TOOL ROUTING
Native Bash. Background optional.

The OSTK_HARNESS environment variable overrides all detection — it always wins.

First Run

When no .ostk/ directory is found, boot does not fail — it prints a welcome message and guides you to initialization:

  • No git repo — suggests git init first. The OS requires a git repository as its substrate.
  • Git repo, no .ostk/ — prints the full welcome with ostk init and ostk init --guided options.

After running ostk init, re-run ostk boot to complete the full boot sequence. See Quick Start for the step-by-step guide.

RELATED: QUICK_START ARCHITECTURE HUMANFILE AGENTFILE