The following set of built-in permissions is available for any type of capability:
Transfer, which is necessary for transferring a capability using the transfer and transferR policies.Derive, which is necessary for transferring a capability using the derive and deriveR policies.Revoke, which is necessary for revoking capabilities using the revoke policy.Built-in permissions do not need to be declared in the configuration of the ocap family instance, but they must be transferred to an entity before the entity can use the corresponding policies.
For example, if the resource driver Dave does not transfer the Transfer and Derive permissions to the entity Bob during capability transfer, the entity Bob will not be able to transfer this capability further.