"Binary hardware. Ternary mind."
Rusty Penguin is a complete operating system written from scratch in pure Rust β its own boot, kernel, drivers, window manager and apps, with no Linux kernel and no libc underneath. The goal: a daily-driver desktop OS you can install in place of Ubuntu. Ternary logic ( -1 / 0 / +1) is a first-class primitive at every layer, from the scheduler to the AI runtime.
Built by RFI-IRFOS as part of the
Ternary Intelligence Stack.
Preinstalled: albert
Β· ternlang
Β· albert-cli
Β· ternlang-mcp
Rusty Penguin Googles itself β on its own bare-metal kernel. The OS fetches google.com/search?q=rusty+penguin+os over our own TLS 1.3 stack and finds "rusty-penguin - crates.io: Rust Package Registry" in the results. No X11, no Wayland, no libc, no Linux kernel underneath.
Binary computers have two states: on and off. Every value, every decision, every
process is either 1
or 0
.
Rusty Penguin treats a third state as real: dormant. Not running, not stopped β resting. A process that hasn't been asked for anything yet is not the same as a process that failed. A memory page that hasn't been touched is not dead. A neural-network weight of zero should cost nothing to compute.
Every primitive in this system expresses three states:
| Trit | Value | Meaning |
|---|---|---|
| Pos | +1 | Active, running, promoted |
| Zero | 0 | Dormant, idle, neutral |
| Neg | -1 | Suppressed, terminated, rejected |
Dormancy is sacred. Zero is not nothing β and the renderer, the scheduler and the AI runtime all skip dormant work instead of grinding through it.
A from-scratch x86_64 OS, hand-written in Rust top to bottom:
Boot handoff β pure-Rust kernelβ Multiboot2, 32-bit β 64-bit long mode, physical/virtual memory management, interrupts, a custom syscall ABI, ring-3 userspace, PS/2 keyboard + mouse, a 1920Γ1080 framebuffer, and Intel HDA audio.A native desktopβ frosted-glass window manager (drag / resize / minimize / maximize), a floating dock, a start menu, an arrow cursor, and a warm stone-green visual language. No external UI toolkit; every pixel is drawn by our own framebuffer + ternary-CSS engine.Real appsβ terminal (psh), file manager, text editor, calculator, system monitor, settings, the TIS console, plus Snake, Minesweeper and a pure-Rust DOOM-style raycaster.A ternary runtimeβ balanced-ternary arithmetic and a sparse-skip inference engine that physically skips zero-weight multiplications.
No libc. No C dependencies. No UI framework. Systems programming from first principles.
A from-scratch OS has a chicken-and-egg problem β none of the world's existing software was compiled for it. We solve this without giving up the pure-Rust ternary core: the kernel is growing a Linux ABI compatibility layer β a one-way translation shim that lets unmodified, already-compiled Linux/glibc binaries run on top of our Rust kernel.
This is not "boot Linux instead." There is no Linux kernel here. The native syscall surface is our own, ternary-flavored ABI; the Linux ABI sits beside it purely so the binary ecosystem (eventually a real browser) can run while the native, ternary-native app ecosystem grows to replace it.
It is honest, brick-by-brick work:
Done: the kernel runs real unmodified glibc programs natively β both statically and dynamically linked.printf
, TLS (__thread
),malloc
, SSE floating point, fullatexit
/exit
, file I/O, andld.so
- relocating + running a dynamically-linked binary against
libc.so.6
.Next: threads (clone
/futex
), per-process virtual memory + demand paging,/proc
, more of the syscall surface, then a framebuffer GUI app β and on that road, a real web browser.
A browser is the long pole. Be clear-eyed: full web parity is a multi-year horizon. The path is real and the early bricks are laid, but we don't pretend velocity equals completion.
| Component | Status |
|---|---|
| Boot β long mode, memory mgmt, interrupts, syscalls, ring-3 | β |
| Framebuffer 1920Γ1080, PS/2 keyboard + mouse | β |
| USB xHCI HID β keyboard + mouse on modern laptops | |
| β QEMU verified | |
| Intel HDA audio + Sound mixer app | β |
| Window manager, floating dock, start menu, arrow cursor | β |
| Quick Settings panel (Wi-Fi/BT/dark/volume tiles, tray-anchored) | |
| β GNOME-style | |
| Apps: terminal, files, editor, calculator, monitor, settings, TIS console | β |
| NIC drivers: RTL8139, Intel e1000/i219, Realtek r8169 | |
| β ~95% laptop coverage | |
| TCP/IP stack: ARP/ICMP/UDP/DHCP/DNS/TCP/HTTP | |
| β fetches real internet | |
| TLS 1.3 client (X25519 Β· ChaCha20-Poly1305 Β· from scratch) | |
| β real HTTPS, QEMU-verified vs live web | |
| Live web browser β type host β real page | |
| β http + https, follows redirects | |
fetch , wget terminal commands |
|
| β | |
| Linux ABI layer (static + dynamic glibc binaries) | β Bricks 1β5 done |
| Multi-user login (SHA-256 passwords, /home/) | |
| β | |
| In-memory VFS within a session | β |
| Persistent bare-metal disk storage (RPFS + AHCI) | |
| β settings/files survive reboot |
| Component | Status |
|---|---|
Install to disk (rp-install /dev/nvme0n1 ) |
|
| β UEFI/GPT | |
| Standalone boot from disk (no ISO) | β |
Persistent /home (ext4) |
|
| β survives reboots | |
Package manager (rpm install <url> ) |
|
| β with SHA-256 + ed25519 signing | |
| WiFi: wpa_supplicant + iw bundled | |
| β auto-assoc on boot | |
wifi-setup command (console: wifi-setup <SSID> <pass> ) |
|
| β | |
| Chrome / Firefox on X11 | β |
| Recovery console | β |
- TLS certificate-chain validation (the TLS 1.3 client does the handshake + verifies the server Finished, but has no CA trust store or wall clock yet β confidentiality vs a passive attacker, not active-MITM protection)
- GPU acceleration (framebuffer only; software rendering)
- WiFi on bare-metal kernel (needs per-chip driver + firmware) The real work-week path today: install to disk + rp.web mode
Paste this into a fresh Linux or macOS terminal. It installs the Rust toolchain and all required tools, builds the ISO, and launches it in QEMU automatically:
curl -sSf https://raw.githubusercontent.com/rfi-irfos/rusty-penguin/main/install-dev.sh | bash
What it does: installs rustup
(nightly + required targets), grub-mkrescue
/
xorriso
, and qemu-system-x86_64
via your system package manager, clones the
repo, runs bash iso/build.sh
, then launches bash launch.sh
. Total time on a fast connection: ~3 minutes.
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain nightly
source ~/.cargo/env
rustup component add rust-src --toolchain nightly
sudo apt-get install -y qemu-system-x86 grub-pc-bin grub-efi-amd64-bin xorriso
git clone https://github.com/rfi-irfos/rusty-penguin && cd rusty-penguin
bash iso/build.sh && bash launch.sh
sudo dd if=rusty-penguin.iso of=/dev/sdX bs=4M status=progress && sync
#
bash launch.sh
qemu-system-x86_64 -machine q35 -cdrom rusty-penguin.iso -m 512M \
-netdev user,id=n0 -device e1000,netdev=n0 \
-device qemu-xhci,id=xhci -device usb-kbd,bus=xhci.0 \
-display sdl
The preselected GRUB entry, Rusty Penguin (bare metal), boots the pure-Rust kernel. For a full work week (browser, persistence, Git), use the Web (X11) entry after installing to disk.
Click the Doom icon in the dock. The kernel suspends the desktop, hands the raw framebuffer to id Software's 1993 shareware DOOM (E1M1) via fbDOOM, and restarts the desktop when you quit. No X, no Wayland, no SDL:
A separate GRUB entry, ** Rusty Penguin -- DOOM (demoable)**, boots straight into DOOM without the desktop at all (for maximum performance demo).
Balanced ternary represents the same range in fewer digits:
- 9 trits β Β±9841 (vs 9 bits β Β±255 unsigned)
- Multiplication maps to shift-and-add on a ternary number line
- Neural networks quantized to
{-1, 0, +1}
skip every zero-weight multiplication β the entire basis of the sparseai-runtime
rp$ tri 6 * 7
6 * 7 = 42
ternary: 000000+-0 * 000000+-+ = 0000+---0
rp$ ai 8 4
sparse ternary inference -- 4 layers x dim 8
L0 [00000+-0] -> [+-++-+++] dormancy 79%
...
4 layers avg dormancy 46% skipped 120/256 ops
This is the same insight behind BitNet and ternary LLM quantization β implemented here from first principles in Rust, running bare-metal in a bootable OS. Each win is logged, with its honest basis, in docs/TERNARY_FINDINGS.md.
| Module | Source |
|---|---|
compiler/ |
|
| ternlang-core lexer/parser/BET bytecode/VM | |
filesystem/ |
|
| ternlang-fs VFS patterns | |
ipc/ |
|
| ternlang-runtime TernNode actor model | |
hardware-abstraction/ |
|
| ternlang-driver HAL traits | |
ai-runtime/ |
|
| ternlang-ml TritTensor + sparse inference |
MIT β see workspace Cargo.toml
.