The most fundamental concept that organizes Gnosis is that of authority. Authority may be held by programs and passed to other programs. The kernel implements some basic kinds of authority and supports programs in synthesizing new kinds of authority. This synthesis of new authority from basics is similar to the building of new functions from basic functions with subroutines.

The authority of a program is composed of the set of actions that it can take. Each action is allowed to the program by the kernel because of a (_key) that the program holds and designates. These keys are, indeed, the only form of authority in the system. They each provide a capability to the holder.

The program logic of the kernel determines the sense in which programs hold keys. The program can do only what the kernel allows with the key. This manual describes the rules governing the use of keys.

These keys are also the fundamental method of naming things in Gnosis. Thus one may not name things over which he has no authority and one has no authority over things that he cannot name.

There is a body of literature about “capability based” hardware and operating systems. Our use of the term is in approximate agreement with that literature. We use “key” where the literature uses “capability”.