I'm your example it sounds like invites are a form of capability based security, which is what sandstorm uses.
I'm not an expert, but my understanding is that sandstorm takes all of the system calls from your apps, and uses capn proto to serialize those calls to the powerbox. The powerbox then checks to see if that operation is allowed for that user, and if so it executes the call, and serializes it back to the app (which then displays it to the user, for example).
Sandstorm uses CapnP because it's technically sound, battle tested, and efficient.
You could just make http requests back and forth (that's kinda if the default for web apps) but there is latency overhead and way more surface area with http.
I'm not an expert, but my understanding is that sandstorm takes all of the system calls from your apps, and uses capn proto to serialize those calls to the powerbox. The powerbox then checks to see if that operation is allowed for that user, and if so it executes the call, and serializes it back to the app (which then displays it to the user, for example).
Sandstorm uses CapnP because it's technically sound, battle tested, and efficient.
You could just make http requests back and forth (that's kinda if the default for web apps) but there is latency overhead and way more surface area with http.