Flight Core Profile
Flight Core is the 0x0 subset intended for analyzable flight-software
prototypes. It is a profile over current 0x0 implementation evidence, not a new
language.
The profile is defined by space/flight-core-policy.tsv and enforced locally
by make flight-core-profile-check.
Allowed Surface
Flight Core permits:
- primitive values and explicit tagged values;
- pure functions and checked calls;
- imports from locked package inputs;
- static allocation;
- stack allocation with budget evidence;
- explicit arena allocation when reviewed;
- manual memory only with ownership, release, and review evidence;
- MMIO, volatile access, CPU-specific operations, and FFI only with review IDs.
Forbidden Surface
Flight Core forbids:
- implicit host filesystem, network, process, or browser effects;
- optional GC in flight-profile artifacts;
- broad unknown type fallback;
- unbounded recursion;
- reflection-like metadata;
- unbounded dynamic dispatch;
- physical board claims without accepted physical evidence.
Required Evidence
Before a Flight Core release claim, the project must provide:
- source profile check results;
- type/effect check results;
- memory section and stack budget reports;
- native verifier or equivalent backend evidence;
- package lockfile and provenance evidence;
- hardware emulator evidence;
- physical evidence if a physical target is claimed;
- trace rows linking requirements and hazards to evidence.
Source Gate
make flight-core-profile-check validates:
- allowed and forbidden source forms in
space/flight-core-source-forms.tsv;
- positive corpus builds in
examples/flight-core/; - fail-closed negative fixtures in
tests/fixtures/flight-core/; - memory budgets in
space/flight-core-memory-budgets.tsv; - review-required unsafe operation rows in
space/flight-core-unsafe-ops.tsv;
- trace stages in
space/flight-core-traceability.tsv; REQ-S1-001throughREQ-S1-005in
space/requirements-trace.tsv.
The gate is local and bounded. It does not run physical hardware, self-hosting,
or final release verification.