EACL: Enterprise Access ControL is a situated ReBAC Authorization system based on SpiceDB, built in Clojure and backed by Datomic – https://github.com/theronic/eacl

'Situated' here means that your permission schema & permission data live with your data, which has a number of benefits:

- one less network hop, so can be faster than Spice for typical workloads,

- one less distributed consistency & syncing problem,

- one less component to run in prod with full consistency,

- potential to implement ZedToken / Zookies via Datomix txid, and

- easy to test new schemas with in-memory Datomic.

EACL is plenty fast without a cache since horizontally-scalable Datomic Peers already cache datoms aggressively, but there is another 10-100x improvement in the pipeline. EACL is especially suitable to real-time multiplayer apps built in frameworks like Electric Clojure.

IMHO, EACL is currently the best-in-class authorization library in the Clojure ecosystem and is improving every week. ReBAC subsumes both ABAC & RBAC. I recently applied for Clojurists Together funding to improve cursors for intermediate resource traversal, which is the primary perf. bottleneck.

EACL was not "vibecoded" as all tests were written by me and all code is human-reviewed, but EACL would not be possible for a single engineer to build mainly in his spare time without AI assistance.

Docs with rationale: https://eacl.dev/