Skip to content

Authentication & Execution Authority

Forge Pool separates authentication according to execution authority rather than user roles.

Instead of relying on a single credential for every operation, the platform distinguishes between human identity, public execution authority, and trusted runtime infrastructure. Each trust domain has its own authentication model and clearly defined responsibilities.

This separation minimizes privilege overlap, simplifies security boundaries, and allows the execution runtime to evolve independently from user-facing services.


Authentication Philosophy

Authentication in Forge Pool is built around three independent trust domains.

Trust DomainPurposePublic
Human IdentityAuthenticate users and manage platform resourcesNo
Execution AuthoritySubmit distributed workloads through the public APIYes
Runtime TrustAuthenticate trusted execution infrastructureNo

Each domain uses independent credentials and serves a different purpose within the execution platform.


Execution Authority Model

Forge Pool defines three credential classes.

CredentialPrimary PurposeCan Execute WorkloadsPublic Interface
Project API TokenPublic execution authority
User TokenIdentity and platform management
Node TokenTrusted runtime participation

Authentication therefore represents execution authority rather than a generic login mechanism.


Project API Tokens

Project API Tokens are the canonical credentials used to submit workloads through the public execution API.

http
Authorization: Bearer fpak_XXXXXXXXXXXXXXXX

These tokens are:

  • scoped to a single project
  • validated by the public API
  • associated with billing and quota context
  • required for public workload execution

Project API Tokens authorize execution.

They do not represent a human identity.


User Tokens

User Tokens authenticate human users interacting with the Forge platform.

Typical operations include:

  • signing into Forge Studio
  • managing projects
  • creating Project API Tokens
  • configuring infrastructure
  • managing billing and organizations

User authentication is intentionally separated from workload execution.

Authenticated users manage execution resources, but workloads are executed through Project API Tokens.


Node Tokens

Node Tokens authenticate trusted runtime participants.

They are used internally for operations such as:

  • runtime registration
  • execution participation
  • workload processing
  • runtime verification
  • execution reporting

Node credentials are never used as public API credentials and cannot be used to submit public execution requests.


Trust Boundaries

Separating authentication domains prevents authority overlap between users, projects, and runtime infrastructure.

This design prevents situations such as:

  • user identities acting as execution credentials
  • execution credentials impersonating runtime infrastructure
  • runtime credentials accessing user-facing platform services

Each credential authenticates exactly one trust domain.

This separation simplifies auditing, improves operational security, and establishes clear execution boundaries throughout the platform.


Public Execution Flow

From the perspective of a public client, authentication follows a simple lifecycle.

text
User

Project

Project API Token

Forge Pool API

Planetary Kernel

Execution Result

The internal runtime authentication model remains behind the public execution contract.


Credential Lifecycle

Credentials are designed to support long-term operational management.

Project API Tokens can be generated, rotated, revoked, and replaced without affecting project identity.

User authentication follows the platform identity lifecycle.

Node credentials may be revoked or replaced independently as trusted runtime infrastructure evolves.

Credential lifecycle management provides controlled recovery from credential rotation, infrastructure changes, and compromise events without altering the public execution model.


Verification

Authentication establishes execution authority.

Verification establishes execution trust.

Successful authentication authorizes a workload for execution, while runtime verification confirms how that workload was executed and provides the evidence required for replay, inspection, and independent validation.


Related Documentation

Continue with:


Final Note

Authentication defines who may interact with the platform.

Execution authority defines who may submit workloads.

Runtime trust defines which infrastructure may participate in execution.

Treating these concerns as independent trust domains allows Forge Pool to maintain a stable public execution model while preserving strong security boundaries across the distributed execution platform.

Deterministic execution infrastructure for distributed compute.