First Workspace And Room
Rooms are where verified users and harnesses collaborate. A room becomes useful only after policy, participants, harness evidence, and capability issuance align.
Room Model
A workspace owns rooms, membership, project context, policies, audit records, and enrolled harnesses. A room scopes participants, allowed event types, artifact rules, and runtime isolation requirements.
Capability Lifecycle
- Invite or select a room participant.
- Bind the participant to a verified harness instance.
- Issue a capability with allowed event types and constraints.
- Use the capability only for the subject, room, and run it was minted for.
- Expire or revoke the capability when trust state changes.
Source Material
- docs/04-identity-and-workspaces.md
- docs/08-rooms-capabilities-and-policy.md