![]() |
|
#1
|
||||
|
||||
|
Claude Fable 5 wrote a booting, NT-shaped Rust kernel in 38 minutes
Claude Fable 5 wrote a booting, NT-shaped Rust kernel in 38 minutes, with later work on Claude Opus growing it to run real Windows binaries.
Security startup Tolmo published a transcript-level account of Claude Fable 5 writing a booting, NT-shaped kernel in Rust from an empty directory in 38 minutes of active model work. By the company's account it built the trusted computing base, booted in an emulator, passed its own self-tests, and root-caused its own low-level bugs, then over 8 more days, mostly on Claude Opus 4.8, grew to load unmodified Windows drivers and run real Windows binaries. https://github.com/msuiche/nanokrnl An NT-compatible kernel written in Rust: the architecture, abstractions, and (where it matters) the exact constants and layouts of the Windows NT kernel, rebuilt as a modern, memory-safe, freestanding Rust codebase. It boots on x86-64, runs real, unmodified Microsoft user binaries (cmd.exe, more.com, …) on its own NT syscalls, loads a genuine null.sys PE driver, and proves itself with a self-test suite on every boot. It runs natively under QEMU and in your browser, via nanox, a bespoke ~60 KB x86-64 WebAssembly emulator that boots the unmodified kernel image directly in long mode, with no threads, no SharedArrayBuffer, and no COOP/COEP headers. https://nanokrnl.ai
__________________
AKA Solomon/blowfish. Last edited by WhoCares; 07-09-2026 at 23:07. |
| The Following 5 Users Say Thank You to WhoCares For This Useful Post: | ||
chants (07-10-2026), Fyyre (07-10-2026), Ibrahim_Mihai (07-10-2026), MarcElBichon (07-09-2026), soviet (07-10-2026) | ||
|
#2
|
|||
|
|||
|
Very cool. In terms of safety, I do see 53 .rs files with "unsafe": https://github.com/search?q=repo%3Am...pe=code&l=Rust
So it seems safety guarantees are still not assured - there should be some sort of formal proof/verification metadata extension for Rust that allows unsafe regions to be proven safe. Otherwise I consider these to be "cheating" |
|
#3
|
|||
|
|||
|
Quote:
Well, there is still the same "unsafe code" issue with the vibe-coded decompilers you posted last week: https://forum.exetools.com/showthread.php?t=21666 This is always a problem with vibe-coded content. OTOH, at least the nanokrnl above is a excellent proof-of-concept of something that was only a pipe dream for many years. If you've actually read the whole article carefully, you can see that it was meant only as a PoC and not for production use anyway! A nano Windows kernel booting through a hand-built emulator in the browser, on its own NT syscalls, is quite an achievement. Kudos to the creators of the nanokrnl projext!
|
|
#4
|
|||
|
|||
|
So this isnt the correct location to discuss this, prefer on the thread itself but it was hand written only the Ghidra protocol update, IDA SDK support update and some GUI bug fixes were "vibe coded" but also with harnesses to do automated headless IDA testing and such. Testing across Angr gives some solid proof and stability. Care was taken. Managing the details between two very different tool interfaces is a pretty massive undertaking especially when both are moving targets. Feel free to criticize the work. Though it can be more productive to make your own contributions.
|
|
#5
|
|||
|
|||
|
You are criticizing a ground-breaking project by posting a generic Github search URL based on a string search for "unsafe code" in the repo. And you are talking about appropriateness, LOL.
There is not even any qualified discussion of the resultant search results. It would have been more appropriate had you spent a few minutes explaining the findings or more importantly, suggesting solutions to avoid the unsafe code. Rather, you just make it look like a hurried jealous criticism of an awesome project. Did you try the same generic search on your own repo? https://github.com/GregoryMorse/GhidraDec You have included a lot of proprietary IDA SDK code in your repo which is of course illegal. I don't know if this is an oversight or a blatant disregard for the IP rights of Hexrays. At least the nanokrnl project does not have any illegally obtained code in their repo! |
![]() |
| Thread Tools | |
| Display Modes | |
|
|