Skip to content
STIMSMITH

CHERI-256 capability format

Concept

The CHERI-256 capability format is an early, uncompressed representation of a CHERI capability used in the first iterations of the CHERI architecture. It stores an explicit base address and length (rather than a compressed bounds encoding) together with permissions, object type (otype), and flags, producing a 256-bit capability that is four times the size of the native integer address pointer.

First seen 6/11/2026
Last seen 6/11/2026
Evidence 1 chunks
Wiki v1

WIKI

Overview

The CHERI-256 capability format is the initial capability encoding used in early iterations of the CHERI architecture. It was superseded in later designs by the compressed encoding produced by the CHERI Concentrate Compression algorithm, but it is useful as a reference representation because it makes every field a CHERI capability must convey explicit and visible.

Layout

READ FULL ARTICLE →

NEIGHBORHOOD

No graph connections found for this entity yet. It may appear in future ingestion runs.

explore full graph →

RELATIONSHIPS

1 connections
capability compression ← derived from 85% 1e
The CHERI-256 format was the uncompressed precursor to the current compressed capability format.

LINKED ENTITIES

1 links
capability compression DERIVED_FROM Extracted graph relationship

CITATIONS

8 sources
8 citations — click to expand
[1] CHERI-256 was the capability format used in the first iterations of the CHERI architecture and it does not compress the boundaries of the capability. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[2] CHERI-256 requires four times the size of the integer address pointer because it stores base and length explicitly and additionally carries permissions, otype, and flags. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[3] CHERI-256 stores base and length rather than base and top, and this is functionally equivalent as long as the entire address space is reachable by 64-bit addresses. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[4] The CHERI-256 capability contains the fields permissions, otype, flags, a 256-bit length, base, and address. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[5] CHERI-256 is intended as a starting point that clearly visualizes what CHERI needs to represent in a capability. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[6] CHERI capability compression (CHERI Concentrate Compression, introduced by Woodruff et al.) was developed to improve encoding efficiency over the uncompressed CHERI-256 layout by storing the values E and B together with the internal exponent flag E_A, and recovering the actual base and top via decompression. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[7] CHERI capabilities encode bounds such that the address may temporarily go out of bounds, and only dereferencing an out-of-bounds capability raises an exception, which is what enables prevention of buffer overflows and out-of-bounds execution. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...
[8] For the RISC-V CHERI profile, a single flag bit (flag_cap_mode) is used to control opcode interpretation on instruction fetch, switching between capability mode and default decoding; flags are orthogonal to capability monotonicity. CHERI-RISC-V VP++: A Virtual Prototyping Platform Enabling Fine ...