youtube image
From YouTube: SES-mtg: Chained Attenuation


Recorded from the "Frozen Realms shim collaboration" meeting on Jan 22, 2019. See

Unfortunately, we accidentally started recording well after this discussion started.

We discussed how the policy decisions expressing what authority should be provided to packages are expressed, who makes those policy decisions, and what the workflow is to make a new policy decision --- or raise an alarm --- when a new version demands more authority.


From outside an application, express and enforce policy on what authority is provided to an application as a whole. We call this the "aggregate authority", as it is aggregated over all packages that comprise the application.

The is an example of an application's internal expression and enforcement of policy about how the authority provided to the application as a whole is to be further subdivided and attenuated among the individual packages that comprise the application.

Example: The outside policy may express that the "fs" module that the application as a whole sees is attenuated to providing access to example/*, whereas the application layers on this a further attenuated to provide a particular package with access only to example/log.txt