Oblíbený

Secure edge language for reversibility and accountability in hostile environments.

Oblíbený (Czech for "favorite" or "beloved") is a dual-form programming language that guarantees termination through Turing-incompleteness while maintaining full reversibility and complete accountability. Built for deployment in hostile environments where formal guarantees are essential.

Table of Contents

• Status: Production-Ready (100%)
• Unique Features
  • Dual-Form Architecture
  • Guaranteed Termination
  • Complete Reversibility
  • Full Accountability
• Installation
  • Prerequisites
  • Build from Source
  • Verify Installation
• Quick Start
  • Hello World
  • Fibonacci (with Static Bounds)
  • Static Analysis
• CLI Reference
• Reversible Debugger
• Formal Verification
• Deployment
  • Svalinn/Vordr Stack (Recommended)
  • Standalone Container
• Documentation
• Architecture
• Security Model
  • Turing-Incompleteness Guarantee
  • Post-Quantum Cryptography
• Project Statistics
• Contributing
• License
• Related Projects
• Contact

Status: Production-Ready (100%)

Integration Complete — All core components implemented, tested, and formally verified (2026-02-07)

Component	Status	Description
Compiler & Runtime	✅ 100%	OCaml compiler with lexer, parser, type checker, evaluator, constrained form validator
Static Analyzer	✅ 100%	Resource bounds tracking, reversibility checking, trace coverage analysis
LSP Server	✅ 100%	Language Server Protocol with diagnostics, hover, completion (789 LOC)
Debugger	✅ 100%	Reversible debugger with forward/backward stepping, checkpoint inspection
Profiler	✅ 100%	Performance profiling with resource bounds, efficiency analysis, bottleneck detection
VSCode Extension	✅ 100%	Syntax highlighting, reversible op highlighting, invalid keyword detection
Documentation	✅ 100%	Language specification, tutorial, security model, API reference
Crypto FFI	✅ 100%	Post-quantum crypto (liboqs + libsodium) via Zig FFI with Idris2 ABI proofs
Deployment	✅ 100%	Svalinn/Vordr verified container stack with formal verification

Unique Features

Dual-Form Architecture

Oblibený separates compile-time and runtime concerns:

// Factory Form (Turing-complete, compile-time)
(define (generate-loop n)
  (emit `(for i in 0..,(const n) {
    trace("iteration", i);
  })))

// Constrained Form (Turing-incomplete, runtime)
fn main() -> () {
    checkpoint("start");
    for i in 0..10 {  // Static bound required
        trace("iteration", i);
    }
    checkpoint("end");
}

Guaranteed Termination

Theorem: All valid constrained form programs terminate.

Enforcement: - ❌ NO while or loop keywords (rejected by parser) - ❌ NO recursive function calls (enforced by call graph checker) - ✅ ONLY bounded iteration: for i in 0..N where N is static - ✅ Acyclic call graph guaranteed

Complete Reversibility

Every operation has a well-defined inverse:

incr(x, 5);   // Inverse: decr(x, 5)
swap(a, b);   // Self-inverse
x ^= val;     // Self-inverse (XOR)

Reversible debugger can step backward through execution!

Full Accountability

Every operation produces an immutable audit trail:

checkpoint("start");
trace("event", arg1, arg2);
assert_invariant(condition, "message");
checkpoint("end");

Traces are cryptographically hashed for integrity.

Installation

Prerequisites

# Fedora/RHEL
sudo dnf install opam ocaml-dune ocaml-menhir

# Build dependencies
opam install dune menhir sedlex yojson ppx_deriving ppx_deriving_yojson alcotest

# Crypto libraries (for FFI)
sudo dnf install libsodium-devel

Build from Source

git clone https://github.com/hyperpolymath/oblibeny.git
cd oblibeny
dune build
dune install

Verify Installation

oblibeny --version
oblibeny-lsp --version

Quick Start

Hello World

Create hello.obl:

fn main() -> () {
    checkpoint("start");
    trace("message", "Hello, Oblíbený!");
    checkpoint("end");
}

Run:

oblibeny hello.obl

Fibonacci (with Static Bounds)

fn main() -> () {
    let mut a: i64 = 0;
    let mut b: i64 = 1;

    checkpoint("start_fibonacci");

    // Bounded iteration with static N
    for i in 0..10 {
        trace("fib", a);
        let tmp: i64 = a + b;
        a = b;
        b = tmp;
    }

    checkpoint("end_fibonacci");
    assert_invariant(a == 55, "10th Fibonacci should be 55");
}

Static Analysis

oblibeny --analyze fibonacci.obl

Output:

=== Oblíbený Static Analysis Report ===

## Constrained Form Validation
✓ VALID - Program conforms to Turing-incomplete constrained form

## Resource Bounds (Static Guarantees)
Max loop iterations: 10
Max call depth: 0
Estimated memory: 24 bytes

## Reversibility Analysis
✓ All reversible operations are properly balanced

## Accountability Trace Coverage
Coverage: 40.0%

CLI Reference

oblibeny input.obl              # Compile and execute
oblibeny --check input.obl      # Validate constrained form only
oblibeny --analyze input.obl    # Static analysis with resource bounds
oblibeny --dump-ast input.obl   # Show parsed AST
oblibeny --dump-trace input.obl # Show accountability trace
oblibeny -v input.obl           # Verbose output

Reversible Debugger

oblibeny --debug program.obl

Commands:

s, step      - Step forward
b, back      - Step BACKWARD (reversible!)
p, print     - Show current state
t, trace     - Show accountability trace
c, continue  - Run to next checkpoint
h, help      - Show help
q, quit      - Exit debugger

Formal Verification

Oblibeny integrates with:

• Idris2: ABI proofs for FFI safety (src/abi/*.idr)

• Zig: Memory-safe FFI implementation (ffi/zig/)

• Vörðr: Runtime verification with formal proofs

Verified properties: - ✓ Termination guaranteed - ✓ Resource bounds computable statically - ✓ Call graph is acyclic - ✓ No unbounded loops - ✓ Reversible operations correct

Deployment

Svalinn/Vordr Stack (Recommended)

# Build with formal verification
svalinn-compose build

# Deploy LSP server (2 replicas)
svalinn-compose up

# Scale analyzer/debugger on-demand
svalinn-compose up --scale analyzer=1

See svalinn-compose.yaml for full configuration.

Standalone Container

podman build -f Containerfile -t oblibeny:latest .
podman run -p 8765:8765 oblibeny:latest

Documentation

• Language Specification - Complete grammar and semantics

• Tutorial - Step-by-step guide with examples

• Examples - 10+ example programs

• Core Specification - Formal specification in Scheme

Architecture

┌─────────────────────────────────────────────────────────┐
│                  Oblíbený Architecture                  │
├─────────────────────────────────────────────────────────┤
│                                                         │
│  ┌──────────────┐         ┌──────────────┐            │
│  │ Factory Form │────────▶│  Constrained │            │
│  │ (Turing-     │ emits   │  Form        │            │
│  │  complete)   │         │ (Turing-     │            │
│  │              │         │  incomplete) │            │
│  └──────────────┘         └──────┬───────┘            │
│   Compile-time                   │ Runtime             │
│   Metaprogramming                │ Execution           │
│                                  ▼                      │
│                         ┌─────────────────┐            │
│                         │ Accountability  │            │
│                         │ Trace           │            │
│                         │ (Immutable)     │            │
│                         └─────────────────┘            │
│                                                         │
├─────────────────────────────────────────────────────────┤
│ Tooling Layer                                          │
├─────────────────────────────────────────────────────────┤
│ Compiler │ Static Analyzer │ Debugger │ Profiler       │
│ LSP      │ VSCode Ext      │ CLI      │ Crypto FFI     │
└─────────────────────────────────────────────────────────┘

Security Model

Turing-Incompleteness Guarantee

Oblibeny’s constrained form is intentionally Turing-incomplete:

1. Syntactic restrictions prevent unbounded computation

2. Call graph analysis ensures acyclicity

3. Static bounds checking verifies all loops terminate

4. Formal verification proves termination mathematically

This makes Oblibeny ideal for: - Hardware Security Modules (HSMs) - Secure enclaves (SGX, TrustZone) - Smart cards - Critical embedded systems - High-assurance cryptographic code

Post-Quantum Cryptography

Crypto stack via Zig FFI: - Dilithium5 - Lattice-based signature - SPHINCS+ - Hash-based signature - Kyber1024 - Lattice-based KEM - Ed25519 - Classical fallback

Libraries: liboqs 0.10.0+ and libsodium 1.0.19+

Project Statistics

Metric	Value
Lines of Code	5,200+
Files	65
Languages	OCaml (54 files), Zig (3 files), Idris2 (1 file)
Completion	100%
Test Coverage	Core components tested
Documentation	Complete (spec + tutorial + examples)
Container Size	~50MB (minimal runtime)

Contributing

See CONTRIBUTING.md for development guidelines.

Code of Conduct: CODE_OF_CONDUCT.md

License

SPDX-License-Identifier: PMPL-1.0-or-later

Oblíbený is free software under the Palimpsest License (PMPL-1.0-or-later).

See LICENSE for full terms.

Related Projects

• Svalinn - Edge gateway for verified containers

• Vörðr - Formally verified container runtime

• Selur - Zero-copy WASM bridge

• Verified Container Spec - Formal specification

• NextGen Languages - Language portfolio

Contact

• Issues: https://github.com/hyperpolymath/oblibeny/issues

• Discussions: https://github.com/hyperpolymath/oblibeny/discussions

• Author: Jonathan D.A. Jewell <jonathan.jewell@open.ac.uk>

---

Guardian of correctness. Keeper of accountability. Beloved for its guarantees. 🔐✨