Skip to content
NAILS logo NAILS Docs

Architecture

Core idea

Section titled “Core idea”

NAILS keeps a visible base system and layers a hidden environment over it at runtime.

That gives the project its main shape.

  • visible decoy system underneath
  • hidden storage as the source of alternate state
  • OverlayFS used for switching behavior
  • NixOS rebuild and profile logic used to bring hidden services and packages online

Why this matters

Section titled “Why this matters”

This model is different from reboot based privacy systems and different from VM centered compartment systems.

It is built for a narrower purpose, namely a dual-environment workflow on a single NixOS machine.

Why Rust

Section titled “Why Rust”

The implementation stays in a compiled binary rather than leaning on an interpreted runtime. That supports the broader project goal of keeping the runtime footprint smaller and easier to reason about.

Boundaries that follow from the architecture

Section titled “Boundaries that follow from the architecture”
  • overlay behavior is visible while the hidden environment is active
  • hidden storage quality directly affects overall posture
  • memory contents still matter during active use