Skip to content

Aeluin-Technologies/loth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
examples
examples
 
 
proto
proto
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.rs
build.rs
 
 
schema.zed
schema.zed
 
 

Repository files navigation

Loth 🌳

"I perceive the Dark Lord and know his mind, or all of his mind that concerns the Elves. And he gropes ever to see me and my thought. But still the door is closed!""

Loth is a high-performance authorization engine that combines ReBAC using SpiceDB and ABAC using Cedar. It provides a secure, contextual, and scalable gateway guardrail for distributed systems.

Architecture

  • ReBAC Layer: Uses SpiceDB as the structural source of truth for ontology relationships.
  • ABAC Layer: Uses Cedar for final contextual edge-filtering (device compliance, IP, timestamps).
  • Hybrid Orchestrator: Fuses structural permissions and dynamic context into a single boolean decision.

It supports basic dual-writing between database and SpiceDB. But for strict replication, you must pair ReplicationWorker with a Postgres outbox.

About

Authorization engine combing ReBAC and ABAC.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Contributors

Languages