Hyperledger Burrow comes with a capabilities-based, evolvable permissioning layer.
This claim by Burrow brings up a question. Can capabilities-based abstractions be independent of defensive programming languages?
Put another way is it fair to claim or advisable to aim for a capabilities-based, evolvable provisioning layer in a vulnerable attack surface.
## Permission Layer "Hyperledger Burrow comes with a capabilities-based, evolvable permissioning layer."
"The network is booted with an initial set of accounts with permissions plus a global default set of permissions. Network participants with the correct permission can modify the permissions of other accounts by sending an appropriate transaction type to the network. This transaction is vetted by the network validators before the permissions are updated on the target account. Through the EVM, further sophisticated roles-based permissioning can be leveraged through Hyperledger Burrow’s roles on each account. Roles can be updated through discrete transactions or smart contracts."
"In addition, Hyperledger Burrow exposes the ability for smart contracts within the permissioned EVM to modify the permission layer and account roles. Once a contract with this functionality has been deployed to a chain, a network participant with the appropriate permissions can grant the contract that capability." page 