public
/
website
5
0
Fork 0
Code Issues 4 Pull Requests 3 Packages Projects Releases Wiki Activity

Compare commits

base: public:83f014707e6d9e6ab7746734b73e9f7975fc6108
Branches Tags
public:main
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci
...
compare: public:863ad2c0975b151aee343c4e8516565f9c9797b5
Branches Tags
public:main
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci

39 Commits
83f014707e ... 863ad2c097

Author SHA1 Message Date
Ksenia Lesko 863ad2c097
blog edits 2025-04-01 20:19:54 -07:00
Ksenia Lesko 1825b7152f
blog refinements 2025-04-01 20:19:53 -07:00
Ksenia Lesko 15593cafdc
edits to the first few sections 2025-04-01 20:19:51 -07:00
Ksenia Lesko 43cf9bbed3
edit intro 2025-04-01 20:19:50 -07:00
Anton Livaja be5f353aea
update blog content 2025-04-01 20:19:49 -07:00
Anton Livaja d81c235377
fix: remove blog header and add top margin 2025-04-01 20:19:47 -07:00
Ryan Heywood b441167f8f
fix weird whiteness quirk 2025-04-01 20:19:46 -07:00
Ryan Heywood d53788c2b5
fix shifting things, fix links, add automatic read time 2025-04-01 20:19:44 -07:00
Anton Livaja 9ca7d9134a
minor fixes 2025-04-01 20:19:42 -07:00
Anton Livaja 5472201f45
move rss to footer 2025-04-01 20:19:41 -07:00
Anton Livaja eb54e18885
clean up blog layout 2025-04-01 20:19:32 -07:00
Anton Livaja 0ef09ca124
integrate ryan's feedback 2025-04-01 20:19:30 -07:00
Anton Livaja 35fa7abacb
clean up blog styling and add bybit content 2025-04-01 20:19:29 -07:00
Anton Livaja 52635d4a2a
replace initial blog post with bitby report 2025-04-01 20:19:27 -07:00
Ryan Heywood c4e9b33e5b
fix: add .html to blog permalinks 2025-04-01 20:19:26 -07:00
Ryan Heywood 2d6754d908
fix: blog formatting 2025-04-01 20:19:24 -07:00
Anton Livaja 1d2e3a4940
fix: add context about orgs supporting stagex 2025-04-01 20:19:23 -07:00
Anton Livaja dd64438ab0
fix: spacing and blog path 2025-04-01 20:19:21 -07:00
Anton Livaja 38370a3ae4
fix: format blog 2025-04-01 20:19:19 -07:00
Anton Livaja 6de8e1017d
fix: paths 2025-04-01 20:19:18 -07:00
Anton Livaja 7784afc471
chore: more blog edits 2025-04-01 20:19:16 -07:00
Anton Livaja 9fd1c9cdc8
feat: first blog draft 2025-04-01 20:19:14 -07:00
Anton Livaja 0e2ddd78e5
chore: comment out latest post on landing page 2025-04-01 20:19:13 -07:00
Anton Livaja 5705647720
feat: add rss 2025-04-01 20:19:11 -07:00
Anton Livaja 7a223d1b44
fix: remove title in post so preview displays properly 2025-04-01 20:19:09 -07:00
Anton Livaja 28a4b9af7c
feat: add blog 2025-04-01 20:19:05 -07:00
Anton Livaja a55c67a7e9
fix typo 2025-03-31 16:45:19 -07:00
Anton Livaja a8cf6fc8be
remove unused classes and fix company page 2025-03-31 16:42:14 -07:00
Anton Livaja e0f42cd5f9
fix video path for visual 2025-03-29 21:34:48 -07:00
Anton Livaja bae4637c70
revert change 2025-03-29 21:14:10 -07:00
Anton Livaja 991f94977b
remove note 2025-03-29 21:13:00 -07:00
Anton Livaja f75a310aeb
remove icons dir 2025-03-29 21:12:27 -07:00
Anton Livaja ae71305718
many updates 2025-03-29 21:09:50 -07:00
Ryan Heywood 46defc69d1
be more specific on css selector 2025-03-22 23:17:23 -04:00
Anton Livaja e81f052317
make avtive button in nav bar white 2025-03-22 19:56:37 -07:00
Anton Livaja e47aef5b74
use padding insead of adjusting height for text 2025-03-22 18:21:57 -07:00
Anton Livaja 7e91d45cde
add open source messaging 2025-03-22 17:14:35 -07:00
Anton Livaja 8e34a219ec
copy update 2025-03-22 17:10:28 -07:00
Anton Livaja 82f761eaad
rename roadmap to software 2025-03-22 16:40:27 -07:00
28 changed files with 1084 additions and 835 deletions
Show Stats Expand all files Collapse all files

1
Gemfile
View File

@ -1,2 +1,3 @@
source "https://rubygems.org"
gem "jekyll-theme-console", path: "./_vendor/jekyll-theme-console"
gem 'jekyll-feed'

8
_config.yml
View File

@ -8,8 +8,9 @@ banner: "https://distrust.co/assets/base/distrust-thumbnail.png"
header_pages:
- index.md
- services.md
- roadmap.md
- software.md
- company.md
- blog.md
- contact.md
style: dark
@ -19,6 +20,11 @@ footer: '© 2025 Distrust LLC'
theme: jekyll-theme-console
permalink: blog/:title.html
plugins:
- jekyll-feed
# Exclude from processing.
# The following items will not be processed, by default.
# Any item listed under the `exclude:` key here will be automatically added to

32
_includes/companies-carousel.html Normal file
View File

@ -0,0 +1,32 @@
<section class="mid-tall-section">
{% unless include.hide_title == 'true' %}
<div class="flex-container-inner">
<div class="text-well center">
<h4 class="carousel-title" >trusted by industry leaders</h4>
</div>
</div>
{% endunless %}
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>

6
_includes/footer.html
View File

@ -5,9 +5,13 @@
</div>
<div>
<a class="footer-link" href="/services.html">Services</a>
<a class="footer-link" href="/roadmap.html">Roadmap</a>
<a class="footer-link" href="/software.html">Software</a>
<a class="footer-link" href="/company.html">Company</a>
<a class="footer-link" href="/contact.html">Contact</a>
<a class="footer-link" href="/feed.xml" style="vertical-align: middle;">
<img style="filter: grayscale(100%); width: 22px; vertical-align: sub" src="/assets/base/rss.png" />
</a>
</div>
</div>
<script type="text/javascript" src="/assets/js/main.js"></script>

7
_includes/head.html
View File

@ -103,14 +103,17 @@
<a href="/services.html">Services</a>
</div>
<div>
<a href="/roadmap.html">Roadmap</a>
<a href="/software.html">Software</a>
</div>
<div>
<a href="/company.html">Company</a>
</div>
<div>
<a href="/blog.html">Blog</a>
</div>
<div>
<a href="/contact.html">Contact</a>
</div>
</div>
</div>
</div>
</head>

35
_includes/header.html
View File

@ -3,7 +3,7 @@
<div class="menu">
<div class="left-menu">
<a id="home-link" href="/index.html">
<img class="menu-logo" src="assets/base/distrust-text-white.svg"
<img class="menu-logo" src="/assets/base/distrust-text-white.svg"
alt="Distrust broken chain logo with white text" />
</a>
</div>
@ -20,6 +20,7 @@
<li class="show">
<a href="/contact.html" class="mega-inverted button">Work with us</a>
</li>
</ul>
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">
<input id="menu-toggle" type="checkbox" />
@ -29,4 +30,36 @@
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function () {
let pathSegment = window.location.pathname.split('/')[1];
if (pathSegment.endsWith('.html')) {
pathSegment = pathSegment.replace('.html', '');
}
const navLinks = document.querySelectorAll('.header-page-links li a');
navLinks.forEach(link => {
let linkPath = link.getAttribute('href').replace('/', '').replace('.html', '');
if (linkPath === pathSegment) {
link.classList.add('active');
}
});
});
let prevScrollPos = window.scrollY;
const hamburgerMenu = document.querySelector('.menu-content');
window.addEventListener('scroll', () => {
const currentScrollPos = window.scrollY;
if (currentScrollPos > prevScrollPos) {
hamburgerMenu.style.display = 'none';
}
prevScrollPos = currentScrollPos;
});
</script>
</header>

46
_includes/powered-by.html Normal file
View File

@ -0,0 +1,46 @@
<section style="margin-bottom: 0px;" class="flex-container">
<div class="flex-container-inner">
<h2 class="hero-header gradient-text center">powered by distrust</h2>
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies across high-risk industries adopt our methodologies and tooling to secure their critical systems.<p>
</div>
</section>
<section style="margin-top: 40px;" class="flex-container powered-by">
<div class="flex-container-inner">
<div class="text-well card">
<div class="img-container">
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
</div>
<p>Distrust team helped build Turnkey, which leverages StageX, and AirgapOS to improve the security of their systems which help manage billions of dollars worth of value.</p>
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<div class="img-container">
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
</div>
<p>The creators of the SUI cryptocurrency partner with Distrust for advice and use StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
<a href="https://github.com/MystenLabs/sui/blob/main/docker/sui-node-deterministic/Dockerfile" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<div class="img-container">
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
</div>
<p>Sidero labs has relied on Distrust for consulting and is using StageX to build their widely used Talos Linux distribution which delivers best in-class kubernetes features.</p>
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>

8
_includes/primary-cta.html Normal file
View File

@ -0,0 +1,8 @@
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>

16
_includes/values.html Normal file
View File

@ -0,0 +1,16 @@
<section class="flex-container tall-section">
<div class="flex-container-inner">
<h2 class="gradient-text">our manifesto</h2>
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>
</section>

39
_layouts/blog.html Normal file
View File

@ -0,0 +1,39 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main class="blog">
<div class="entry">
<div class="posts">
{% for post in site.posts %}
<div class="blog-details">
<div class="blog-details-date">{{ post.date | date: "%b %e, %Y" }}</div>
<div class="blog-details-read-time">{{ post.content | number_of_words | divided_by: 200 }} min read</div>
</div>
<a class="blog-link" href="{{ post.url | relative_url }}" title="{{ post.title }}">
<article>
<h1>{{ post.title }}</h1>
<p>{{ post.excerpt | strip_html | truncatewords: 35 }}</p>
</article>
<div class="arrow-link">
Read
<span class="arrow">&#x2192;</span>
</div>
</a>
{% endfor %}
</div>
</div>
<p>
{% for author in page.authors %}
— {{ author.name }}{% unless forloop.last %}, {% endunless %}
{% endfor %}
</p>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

41
_layouts/company.html
View File

@ -26,7 +26,7 @@
</p>
<p class="hero-p">We dont just advise on security. We build it. We open-source it. And we teach organizations how to think critically about risk—because security isnt about checking boxes.
</p>
<a href="/roadmap.html" class="arrow-link">
<a rel=”noopener noreferrer href="/software.html" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
@ -40,28 +40,33 @@
<h5>Lance Vick</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9">PGP: 36C8AAA9</a>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/6B61ECD76088748C70590D55E90A401336C8AAA9">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://lance.dev/">Website</a>
</div>
<div class="flex-container-inner card">
<h5>Anton Livaja</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">PGP: 52E0BA4D</a>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://antonlivaja.com">Website</a>
</div>
</div>
<div class="flex-container">
<div class="team flex-container">
<div class="flex-container-inner card">
<h5>Ryan Heywood</h5>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72">PGP: A3FBEF72</a></p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/88823A75ECAA786B0FF38B148E401478A3FBEF72">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://ryansquared.pub">Website</a>
</div>
<div class="flex-container-inner card">
<h5>Danny Grove</h5>
<p>Security Engineer</p>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">PGP: 193F2DBD</a>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://dannygrove.com/">Website</a>
</div>
</div>
</div>
<div class="flex-container-inner who-we-are">
<h2 class="gradient-text">who we are</h2>
<p class="hero-p" style="max-width: 550px">Distrust is made up of engineers behind some of the most security-critical projects in the world—including BitGo, Turnkey, and Unit410.</p>
@ -72,29 +77,9 @@
</div>
</section>
<section class="flex-container tall-section">
<div class="flex-container-inner">
<h2 class="gradient-text">our manifesto</h2>
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>
</section>
{% include values.html %}
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
{% include primary-cta.html %}
</main>
{%- include footer.html -%}
</div>

27
_layouts/contact.html
View File

@ -10,7 +10,7 @@
<div class="capsule">contact</div>
</div>
<br>
<h2 class="gradient-text center contact-header">tell us about your biggest security challenges</h2>
<h2 class="gradient-text center hero-header">tell us about your biggest security challenges</h2>
</section>
<section class="flex-container" style="margin-top: 80px">
<div class="flex-container-inner">
@ -54,29 +54,8 @@
</div>
</div>
</section>
<section style="margin-bottom: 0px">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
{% include companies-carousel.html hide_title='true' %}
</main>
<br />
{%- include footer.html -%}

48
_layouts/landing.html
View File

@ -17,7 +17,7 @@
<div class="flex-container-inner">
<div class="text-well">
<h1 class="gradient-text hero-header landing-header">security without blind trust</h1>
<p class="hero-p" style="margin-top: 0px">Distrust applies a first principles approach to securing mission critical infrastructure. No guessing, no shortcuts, only verifiable security.</p>
<p class="hero-p" style="margin-top: 0px">Distrust secures mission critical infrastructure by applying a first principles approach. No guessing, no shortcuts, only verifiable security.</p>
<br />
<a href="/contact.html" class="mega button">Work with us</a>
<br />
@ -27,35 +27,8 @@
</div>
</section>
<section class="mid-tall-section">
<div class="flex-container-inner">
<div class="text-well center">
<h4 class="carousel-title" >trusted by industry leaders</h4>
</div>
</div>
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
{% include companies-carousel.html %}
<section>
<div class="center">
@ -76,13 +49,13 @@
</div>
</div>
</a>
<a href="/roadmap.html" class="arrow-link">
<a href="/software.html" class="arrow-link">
<div class="flex-container-inner card roadmap-card roadmap-card-teal" style="background: #00191E; border: 1px solid #01586A">
<div class="text-well">
<h4>roadmap</h4>
<h4>software</h4>
<p>Security is always evolving—so are we. Distrust is building the next generation of security infrastructure that eliminates reliance on any single computer, person, or system. Using full-source bootstrapping, determinism, and quorum-based security, we ensure verifiable, trustless protection at every layer.</p>
<br>
View roadmap
View software
<span class="arrow">&#x2192;</span>
</div>
</div>
@ -90,14 +63,11 @@
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
{% include powered-by.html %}
{% include values.html %}
{% include primary-cta.html %}
</main>
{%- include footer.html -%}
</div>

25
_layouts/post.html Normal file
View File

@ -0,0 +1,25 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main class="blog">
<article class="post">
<h1>{{page.title}}</h1>
<div class="entry">
{{ content }}
</div>
<p>
{% for author in page.authors %}
— {{ author.name }}{% unless forloop.last %}, {% endunless %}
{% endfor %}
</p>
</article>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

503
_layouts/roadmap.html
View File

@ -1,503 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
<div class="flex-container-inner" style="padding-top: 0px">
<div class="text-well center">
<div class="capsule-teal">roadmap</div>
<br>
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
<br>
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. Were redesigning security for transparency from the ground up.</p>
<div class="button-container center">
<a href="#roadmap" class="mega-teal button">View roadmap</a>
</div>
</div>
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<h3>creating the building blocks for provable security</h3>
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasnt been tampered with?</p>
<p class="hero-p">Weve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isnt just a claim—its provable.</p>
<a href="#roadmap" class="arrow-link">
See what we're building
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner"></div>
</section>
<span class="roadmap" id="roadmap">
<h2 class="center gradient-text">our roadmap</h2>
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
<section id="sourceid" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SourceId</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">source code integrity</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SourceId ensures that source code integrity is verifiable. It prevents tampering of archives and other formats used for delivering source code by standardizing code and generating a hash-based fingerprint of the tree which includes all essential files.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sourceid" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="sigrev" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SigRev</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">crowdsourced code review</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SigRev is a crowdsourcing framework extending SourceID with signed code reviews. It enhances open-source security by making comprehensive manual reviews discoverable, overcoming the limitations of static analysis tools.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sigrev" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="stagex" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">StageX</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic reproducibility</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>StageX is a hermetic, deterministic and reproducible toolchain providing multi-signed OCI images for popular software. This approach removes single points of failure in sofware builds.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/stagex" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="repros" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">ReprOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">ephemeral build environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>ReprOS is a bare-bones immutable OS designed for securely reproducing and signing software. Each build is executed in a one-time use environment, eliminating persistent risks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/repros" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="keyfork" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Keyfork</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Keyfork simplifies cryptographic material management by deriving any number or type of keys from a single entropy source. This greatly simplifies secret management complexity while maintaining security.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="icepick" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Icepick</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">cryptographic operations</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Icepick provides a framework for offline verified cryptographic signing operations. Its modular design provides a unified interface for a wide range of cryptographic signing tasks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="airgapos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">AirgapOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">air-gapped OS</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>AirgapOS is a minimal, immutable offline first environment for secret management. It ships with a swiss-army knife of tools and an extensibility framework to cover most secure administration needs.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/airgap" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="bootproof" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Bootproof</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">remote attestation</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>Bootproof provides a way to prove what software booted on a given system by leveraging platform hardware or firmware remote attestation technologies.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/bootproof" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="enclaveos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">EnclaveOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">trusted execution environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>EnclaveOS is a minimal and immutable operating system for running security critical software with high accountability. It can be extended to support multi-party management of secrets such that no person can control them alone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/enclaveos" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="vault" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Vault</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">prescriptive key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>Detailed set of practices, ceremonies and documentation for generating, backing up and using secrets that you can't afford to lose. Combines the best of tactics of major custodians as an open framework available for everyone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#airgapos">
<div class="capsule-transparent">AirgapOS</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://qvs.distrust.co/" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
</span>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
</div>
</section>
<section style="margin-bottom: 0px;" class="flex-container">
<div class="flex-container-inner">
<h2 class="powered-header gradient-text center">powered by distrust</h2>
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies are already choosing to adopt our methodologies and tooling to help secure their systems.<p>
</div>
</section>
<section style="margin-top: 40px;" class="flex-container powered-by">
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
<p>Using StageX and ReprOS to improve their supply chain security story.</p>
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
<p>The SUI cryptocurrency is leveraging StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
<a href="https://github.com/MystenLabs/sui/issues/13476" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
<p>Using StageX to build their widely used Talos Linux distribution specialized in delivering kubernetes features.</p>
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
<div class="button-container center">
<a href="/contact.html" class="mega-teal button">Get in touch</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

167
_layouts/services.html
View File

@ -5,22 +5,22 @@
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container" style="top: 350px">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content">
<div class="video-background-container" style="top: 350px">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content">
<div class="flex-container-inner">
<div class="text-well center">
<div class="text-well" style="text-align: center; margin: auto">
<div class="capsule">services</div>
</div>
<br>
<h1 class="services-header hero-title gradient-text hero-header">
<h1 class="hero-title gradient-text hero-header">
hire Distrust to solve your hardest security challenges
</h1>
<br>
@ -32,89 +32,102 @@
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<div class="text-well">
<h3>security assessments</h3>
<p style="max-width: 540px">Our assessments go beyond identifying vulnerabilities—we strategically eliminate risks at their source. Using a first-principles methodology, we pinpoint single points of failure and deliver clear, actionable recommendations to secure your systems against sophisticated threats.</p>
<ul>
<li>Secure architecture review</li>
<li>Threat modeling</li>
<li>Penetration testing</li>
<li>Secure code review</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Schedule an assessment
<span class="arrow">&#x2192;</span>
</a>
{% include companies-carousel.html hide_title='true' %}
<section class="why-choose-distrust">
<div class="flex-container">
<div class="flex-container-inner">
<h2 class="gradient-text">why choose Distrust</h2>
<p>Benefit from our approach—a blend of proven methodologies and open source tooling we created, shaped by lessons from securing some of the world's highest-risk organizations.</p>
</div>
<div class="flex-container-inner">
</div>
</div>
<div class="flex-container-inner">
<div class="text-well">
<h3>retainer or fractional CISO</h3>
<p style="max-width: 540px">Gain continuous, high-level security leadership tailored precisely to your organization's needs. We work closely with your teams, providing strategic security direction, eliminating blind trust, and protecting critical infrastructure from sophisticated threats.</p>
<ul>
<li>Security program development</li>
<li>Incident response</li>
<li>Due diligence</li>
<li>Vetting security talent</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Work with us
<span class="arrow">&#x2192;</span>
</a>
<br>
<div class="flex-container properties">
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height=="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-layers-icon lucide-layers"><path d="M12.83 2.18a2 2 0 0 0-1.66 0L2.6 6.08a1 1 0 0 0 0 1.83l8.58 3.91a2 2 0 0 0 1.66 0l8.58-3.9a1 1 0 0 0 0-1.83z"/><path d="M2 12a1 1 0 0 0 .58.91l8.6 3.91a2 2 0 0 0 1.65 0l8.58-3.9A1 1 0 0 0 22 12"/><path d="M2 17a1 1 0 0 0 .58.91l8.6 3.91a2 2 0 0 0 1.65 0l8.58-3.9A1 1 0 0 0 22 17"/></svg>
<p><b>Eliminate root causes</b></p>
<p>We don't just scan for bugs—we eliminate entire categories of bugs at the source using a first-principles methodology.</p>
</div>
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-circle-check-big-icon lucide-circle-check-big"><path d="M21.801 10A10 10 0 1 1 17 3.335"/><path d="m9 11 3 3L22 4"/></svg>
<p><b>Verifiable</b></p>
<p>No guessing, no shortcuts. Every recommendation is backed by logic and rigor, not gut feel or just to check boxes.</p>
</div>
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-shield-alert-icon lucide-shield-alert"><path d="M20 13c0 5-3.5 7.5-7.66 8.95a1 1 0 0 1-.67-.01C7.5 20.5 4 18 4 13V6a1 1 0 0 1 1-1c2 0 4.5-1.2 6.24-2.72a1.17 1.17 0 0 1 1.52 0C14.51 3.81 17 5 19 5a1 1 0 0 1 1 1z"/><path d="M12 8v4"/><path d="M12 16h.01"/></svg>
<p><b>Proven track record</b></p>
<p>Our security engineers have secured some of the highest risk infrastructure in the world (BitGo, Turnkey, Unit 410).</p>
</div>
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-handshake-icon lucide-handshake"><path d="m11 17 2 2a1 1 0 1 0 3-3"/><path d="m14 14 2.5 2.5a1 1 0 1 0 3-3l-3.88-3.88a3 3 0 0 0-4.24 0l-.88.88a1 1 0 1 1-3-3l2.81-2.81a5.79 5.79 0 0 1 7.06-.87l.47.28a2 2 0 0 0 1.42.25L21 4"/><path d="m21 3 1 11h-2"/><path d="M3 3 2 14l6.5 6.5a1 1 0 1 0 3-3"/><path d="M3 4h8"/></svg>
<p><b>Embedded collaborations</b></p>
<p>We act as true partners— our goal is to make our clients succeed and not depend on us.</p>
</div>
</div>
</section>
<section class="mid-tall-section">
<div style="max-width: 800px; margin: auto; text-align: center; margin-bottom: 60px;">
<h2 class="gradient-text">our services</h2>
<p>Distrust offers high-impact security consulting and open-source tooling for companies that can't afford to fail.
</div>
<div class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>retainer / fractional CISO</h3>
<p style="max-width: 540px">Get ongoing security leadership tailored precisely to your organization's needs. We embed with your team to provide strategic security direction and eliminate blind trust from your infrastructure—so you're prepared before threats emerge.</p>
<ul>
<li>Security program development</li>
<li>Incident response</li>
<li>Due diligence</li>
<li>Vetting security talent</li>
</ul>
<br>
<div class="button-container">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well">
<h3>security assessments</h3>
<p style="max-width: 540px">Our assessments go beyond vulnerability scans—we eliminate risks at their source. Using first-principles threat modelling, we identify single points of failure and deliver actionable recommendations to secure your systems against sophisticated threats.</p>
<ul>
<li>Secure architecture review</li>
<li>Security audits</li>
<li>Penetration testing</li>
<li>Secure code review</li>
</ul>
<br>
<div class="button-container">
<a href="/contact.html" class="mega button">Book an assessment</a>
</div>
</div>
</div>
</div>
</section>
<section class="flex-container">
<div class="video-background-container-philosophy">
<video autoplay muted loop playsinline class="video-background-philosophy">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay-philosophy"></div>
</div>
<section class="flex-container video-content-philosophy">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h2 class="gradient-text why-distrust">why Distrust?</h2>
<h2 class="gradient-text why-distrust">our philosophy</h2>
<p>
Why choose Distrust? Because security shouldn't be based on blind trust, it should be based on <b>dis</b>trust, and verifiability. Most organizations treat cybersecurity like people once treated hygiene—poorly.
Security shouldn't be based on blind trust, it should be based on <b>dis</b>trust, and verifiability. Most organizations treat cybersecurity like people once treated hygiene—poorly.
</p>
<p>At Distrust, we've identified fundamental methods to eliminate entire categories of risk at their source. Similarly to how handwashing revolutionized public health by preventing unseen threats like bacteria, our first-principles security methodology brings new levels of security to our clients by eliminating single points of failure, and providing verifiable, resilient protection for critical systems.
</p>
<ul class="narrow-list">
<li><b>First-principles security</b> 
<p>Attack surface area reduction through eliminating root causes.</p>
</li>
<li><b>Proven methodology</b>
<p>Methodology tested in high-stakes, mission-critical environments.</p>
</li>
<li><b>Seamless collaboration</b>
<p>Clear, actionable engagement steps—start immediately.</p>
</li>
</ul>
</div>
</section>
<section class="">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>

169
_layouts/software.html Normal file
View File

@ -0,0 +1,169 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
<div class="flex-container-inner" style="padding-top: 0px">
<div class="text-well center">
<div class="capsule-teal">software</div>
<br>
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
<br>
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. Were redesigning security for transparency from the ground up.</p>
<div class="button-container center">
<a href="#roadmap" class="mega-teal button">View software</a>
</div>
</div>
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<h3>creating the building blocks for provable security</h3>
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasnt been tampered with?</p>
<p class="hero-p">Weve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isnt just a claim—its provable. And as everything we do, all our software is open source.</p>
<a href="#roadmap" class="arrow-link">
See what we're building
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner"></div>
</section>
{% include powered-by.html %}
<div class="roadmap" id="roadmap">
<h2 class="center gradient-text">our software</h2>
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
</div>
<div id="kanban" class="flex-container">
<div class="flex-container-inner flex-container kanban-column column-backlog">
<h4 style="color: var(--light-grey)">backlog (fundraising)</h4>
<a target="_blank" rel=”noopener noreferrer class="flex-container-inner mini-card" href="https://git.distrust.co/public/bootproof">
<p><b>Bootproof</b></p>
<p>Prove what software booted on a system via remote attestation technologies.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" target="_blank" rel=”noopener noreferrer href="https://git.distrust.co/public/sourceid">
<p><b>SourceId</b></p>
<p>Verify source code inegrity with hash-based fingerprints.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" href="https://git.distrust.co/public/sigrev" class="arrow-link">
<p><b>SigRev</b></p>
<p>Crowdsource and discover signed manual code reviews.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
</div>
<div class="flex-container-inner flex-container kanban-column column-progress">
<h4 style="color: var(--light-teal)">in-progress</h4>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://qvs.distrust.co/">
<p><b>Trove</b></p>
<p>Documentation for managing secrets that you can't afford to lose.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://codeberg.org/stagex/repros">
<p><b>ReprOS</b></p>
<p>Create ephemeral build environments to eliminate persistent risks.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer href="https://git.distrust.co/public/enclaveos">
<p><b>EnclaveOS</b></p>
<p>Immutable operating system for powering secure enclaves.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
</div>
<div class="flex-container-inner flex-container kanban-column column-active">
<h4 style="color: var(--light-purple)">active</h4>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://codeberg.org/stagex/stagex">
<p><b>StageX</b></p>
<p>Hermetic, deterministic, reproducible, multi-signed OCI-based build toolchain.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://git.distrust.co/public/airgap">
<p><b>AirgapOS</b></p>
<p>Minimal, immutable, offline-first swiss-army knife for secret management.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://git.distrust.co/public/keyfork">
<p><b>Keyfork</b></p>
<p>Derive keys from a single entropy source to simplify their management.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://git.distrust.co/public/keyfork">
<p><b>Icepick</b></p>
<p>Framework for offline cryptographic signing operations.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
</div>
</div>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
<div class="button-container center">
<a href="/contact.html" class="mega-teal button">Get in touch</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

175
_posts/2025-03-20-bitby-report.md Normal file
View File

@ -0,0 +1,175 @@
---
layout: post
title: The Safe{Wallet}/Bybit incident report: Root cause ananlysis and mitigation strategies
date: 2025-03-20
---
The Safe{Wallet}/Bybit incident is an example of a nation-state actor executing a series of sophisticated, multi-layered attacks on high-value targets. In cases where the potential gain is significant, it may be justified for attackers to invest in multiple 0-day vulnerabilities and chain them into elaborate exploit sequences. These campaigns often span multiple layers of tech stack, involve precision-targeted social engineering, insider compromise, or even physical infiltration.
As such, threat model required to defend against this level of aversary must be extreme. It demands defenders adopt a much more rigorous set of assumptions about attacher capabilities and invest time in implementing controls that typical organizations may not need. When protecting high value assets, the game changes.
### Threat model assumptions
At Distrust, we operate under the assumption that nation-state actors are persistent, highly resourced, and capable of compromising nearly any layer of the system. Accordingly, our threat model assumes:
* All screens are visible to the adversary
* All keyboard input is being logged by the adversary
* Any firmware or bootloader not verified on every boot is considered compromised
* Any host OS with network access is compromised
* Any guest OS used for non-production purposes is compromised
* At least one member of the Production Team is compromised
* At least one maintainer of third party code used in the system is compromised
* At least one member of third party system used in production is compromised
* Physical attacks are viable and likely
* Side-channel attacks are viable and likely
These assumptions drive the design strategies and tooling outlined in this report. The controls we've developed are built specifically to address this elevated thread model. Many of the tools are ready to use today, some are reference designs, while other tooling requires further development. If you care about these issues and want to help us push this work forward, [talk to us](https://distrust.co/contact.html).
### Summary
This report identifies critical single points of failure—cases where trust is placed in a single individual or computer—creating opportunities for compromise. In contrast, blockchains offer stronger security properties through cryptography and decentralized trust models.
Traditional infrustructure has historically lacked mechanisms to distribute trust, but this limitation can be addressed. By applying targeted design strategies, it's possible to distribute trust across systems and reduce the risks of a single compromised actor undermining the integrity of the entire system.
---
## Root aause analysis and mitigation strategies
In our opinion, the primary causes of this incident stem from two key issues identified in the [Sygnia report](https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/):
* > ... a developers Mac OS workstation was compromised, likely through social engineering.
* > ... the modification of JavaScript resources directly on the S3 bucket serving the domain app.safe[.]global.
These findings highlight both endpoint compromise and weak controls around cloud infrustructure. The following sections focus on how such risks could be mitigated through architectural decisions and more rigorous threat modeling.
## Introduction
The compromise occured due to several key factors, already documented in other reports. This report focuses on how the incident **could have been prevented** through a stronger, first-principles approach to infrustructure design.
While many security teams reach for quick wins—like access token rotation, stricter IAM policies, or improved monitoring—these are often reactive measures. They may help, but they're equivalent of "plugging holes on a sinking ship" rather than rebuilding the hull from stronger material.
For example, improving access control to the S3 bucket used to serve JavaScript resources, or adding better monitoring, are good steps. But they rely on trust placed in individuals or cloud platforms, which remain vulnerable to compromise.
> At the core of this breach lies a recurring theme: single points of failure.
To explore this from first principles, consider the deployment pipeline. In most companies, one individual—an admin or developer—often has the ability to modify critical infrustructure or code. That person becomes a single point of failure.
Even if the pipeline is hardened, the risk shifts, not disappears. They's always one super-admin who has full access. Most clould platforms encourage this pattern, and the industry has come to accept it.
But this isn't about distrusting your team—it's about designing systems where **trust is distributed**. In the blockchain space, this is already accepted practice. So the question becomes:
> *Does it make sense for a single individual to hold the integrity of an entire system in their hands?*
Those who've worked with decentralized systems would say: absolutely not.
#### Mitigation principles
To adequately defend against the risks outlined in the Distrust threat model, it is critical to distinguish between **cold** and **hot** wallets. The following princpiples are drawn from practical experience building secure systems at BitGo, Unit410, and Turnkey, as well as from diligence work conduced across leading custodial and vaulting solutions.
* A **cold cryptographic key management system** is one where all components can be built, operated, and verified offline. If any part of the system requires trusting a networked component, it becomes **hot** system by definition. For example, if a wallet relies on internet-connected components, it should be considered hot wallet—regardless of how it's marketed. While some systems make trade-offs for user experience, these often come at the cost of real security guarantees.
* Cold cryptographic key management systems that leverage truly random entropy sources are **not susceptible to remote attacks**, and are only exposed to localized threats such as physical access or side-channel attacks.
* A common misconception is that simply keeping a key offline makes a system cold and secure. But an attacker doesn't always need to steal the key—they just need to achieve the outcome where the key performs an an operation on the desired data on their behalf.
* **All software in the stack must be open source**, built deterministically (to support reproduction), and compiled using a fully bootstrapped toolchain. Otherwise, the system remains exposed to single points of failure, especially via supply chain compromise.
#### Mitigations and reference designs
We propose two high-level design strategies that can eliminate the types of vulnerabilities exploited in the Safe{Wallet}/Bybit attack. Both approaches offer similar levels of security assurance—but differ significantly in implementation complexity and effort.
In our view, **when billions of dollars are at stake**, it is worth investing in proven low-level mitigations, even if they are operationally harder to deploy. The accounting is simple: **invest in securing your system up front**, rather than gambling on assumptions you won't be targeted.
State funded actors are highly motivated—and when digital assets are involved, it's game theory at work. The cost of compromising a weak system is often far less than the potential gain.
We've seen this playbook used in previous incidents, including Axie Infinity, and we will see it again. Attackers are increasingly exploiting both human and technical single points of failure—while defenders often uner-invest in securing this surface area.
#### Strategy 1 - Run everything locally
This strategy can be implemented without major adjustments to the existing system. The goal is to move the component currently introducing risk—effectively making the wallet "hot"--—into an offline component, upgrading the system to a fully cold solution.
The idea centers on extracting the **signing** component from the application (which currently operates in the UI) and converting it into an offline application. A practical example of this approach would be using a tool like **Electrum**.
However, simply making a component offline does not eliminate all single points of failure. The security requires that the individual builds the application themselves from source, using a fully bootstrapped compiler and a **deterministic build process**.
We've developed open-source tooling for this under **[StageX](https://codeberg.org/stagex/stagex)**. To learn more about the importance of reproducible builds, check out [this video](https://antonlivaja.com/videos/2024-incyber-stagex-talk.mp4), where one of our co-founders explains how the SolarWinds incident unfolded—and how it could have been prevented.
##### Reference design
This reference design was developed for the Safe{Wallet} team, but it can be applied to any team seeking to build an offline component with minimal single points of failure.
1. **System administrators use dedicated offline laptops**
* All radio hardware (Bluetooth, Wi-Fi) is physically removed
* Machines are air-gapped and have never been connected to the internet
2. **Engineers provision and manage their own personal signing keys (PGP)**
* Smart cards like NitroKey or YubiKey are used
* Signing operations are performed exclusively on the engineer's offline system
* Distrust has developed open-source tooling to support secure key provisioning: **[Trove](https://trove.distrust.co/generated-documents/all-levels/pgp-key-provisioning.html)**
3. **Offline signing applications are deterministically compiled, verified, and signed by multiple engineers**
* Includes a full set of tools needed to secure offline key operations
* Distrust also created **[AirgapOS](https://git.distrust.co/public/airgap)**, a custom custom Linux distribution designed specifically for offline secret management.It has been independantly audited and is in production with several major digital asset organizations.
4. **All sensitive operations are fully verified offline before any cryptographic action is taken**
This deisng drastically reduces exposure to remote attacks and central points of trust, aligning closely with Distrust's first-principles security model.
#### Strategy 2 - Use remotely verified service
This strategy maintains a user experience nearly identical to the current system, while introducing verifiability at critical points in the architecture. It requires significantly moe engineering effort and operational discipline, and the tooling needed to support this model is still under active development.
##### Reference design
This design relies on **secure enclaves** to host servers that are immutable, deterministic, and capable of cryptographically attesting to the software they are running. While this brings us closer to a cold setup, some residual attack surface—such as browser exploits, host OS compromise, or 0-day attacks—will always remain.
The core implementation steps include:
1. **Rewrite the application to run entirely within a secure enclave**
* TLS termination occurs **inside** the enclave
* The web interface is served **from within" the enclave
* Nothing outside the enclave is trusted
2. **Create a deterministic OS image with remote attestation (e.g., TPM2, Nitro Enclave or similar)**
* The entire stack is built using fully bootstrapped compiler in a reproducible manner
3. **One engineer deploys a new enclave** with the updated application code
4. **A second engineer independantly verifies** that the deployed code matches the version in the source repository
5. **Clients are issued a service worker** on first load that pins attestation keys for all future remote verification
* Users can optionally verify and download the application locally for offline operations
* Users are also encouraged to self-build and match the published signed hash
## Implementation considerations
Implementing these strategies can be technically demanding. They represent two ends of the trust minimization spectrum: one favoring offline, air-gapped assurance; the other introducing verifiability within connected systems. Both approaches significantly reduce risk but vary in complexibity, tooling and requirements, and rollout timelines.
This high-level overview is meant to illustrate the kinds of problems we focus on at Distrust. Depending on the chosen strategy and organizational context, implementation can take anywhere from a few weeks to several years, especially as tooling continues to mature.
## About Distrust
The Distrust team has helped build and secure some of the highest-risk systems in the world. This includes vaulting infrastructure at BitGo, Unit410, and Turnkey, as well as security work with electrical frid operators, industrial control systems, and other mission-critical environments.
We've conducted deep security due diligence across most major custodians. Through our experience with organizations that operate under constant threat—where **every class of attack is viable**—we've developed a methadology and set of open-source tools designed to defend against even the most sophisticated adversaries.
Today, we're taking the hard-earned lessons from that work and sharing them with the broader community. Our goal is to help others strengthen their security posture by making what we've learned—and the tools we've built—available to everyone.
**Looking for help analyzing and mitigating security risks in your own organization? [Talk to us](https://distrust.co/contact.html)**.

419
_sass/base.scss
View File

@ -99,7 +99,7 @@ a {
a:hover {
text-decoration: none;
color: var(--background-color);
background-color: var(--base-color);
background: var(--base-color);
transition: background-color 0.3s ease-in-out, color 0.3s ease-in-out;
}
@ -130,7 +130,7 @@ a:hover {
}
.hero-header {
height: 320px;
padding-bottom: 20px;
}
.capsule-header {
@ -138,10 +138,6 @@ a:hover {
margin-bottom: 30px;
}
.contact-header {
height: 180px;
}
.card {
transition: border 0.3s ease-in-out;
background: var(--dark-grey);
@ -157,7 +153,6 @@ a:hover {
border: 1px solid var(--light-purple);
}
@mixin capsule {
font-weight: 400;
font-size: 16px;
@ -224,6 +219,83 @@ a:hover {
justify-content: left;
}
/* software page */
.kanban-column {
border:1px solid #282D38;
padding: 20px 20px !important;
flex-direction: column;
justify-content: flex-start !important;
min-height: 860px;
}
.kanban-column a {
width: 100%;
}
.mini-card {
border: 1px solid #232730;
margin-bottom: 20px;
padding: 20px 30px;
min-height: 150px;
display: flex;
justify-content: space-between;
flex-direction: column;
filter: brightness(60%);
transition: filter 0.3s ease;
}
.mini-card:hover {
filter: brightness(100%);
}
.mini-card p {
margin: 0px;
font-size: 1rem;
color: var(--light-grey);
}
.mini-card {
font-size: 1rem;
}
.mini-card b {
font-size: 1.3rem;
color: white;
}
.mini-card a {
font-size: 1rem;
}
#kanban h4 {
margin-bottom: 40px;
font-weight: 600;
}
.floating-card {
position: relative;
}
.column-backlog .mini-card:hover {
border: 1px solid white;
}
.column-progress .mini-card:hover {
border: 1px solid var(--light-teal);
}
.column-active .mini-card:hover {
border: 1px solid var(--light-purple);
}
.kanban-column a:hover {
background: none;
}
#roadmap {
margin-bottom: 60px;
}
.roadmap a:hover {
background: transparent;
}
@ -295,6 +367,9 @@ a:hover {
border-radius: 4px;
margin-left: 0px;
padding-left: 0px;
/* TODO: for some reason, removing this makes it white. */
/* Firefox shows no computed reason for it to be white. */
background-color: var(--background-color);
}
.arrow {
@ -303,6 +378,13 @@ a:hover {
transition: transform 0.3s ease;
}
.blog-link:hover .arrow {
transform: translateX(5px);
background: none !important;
background-color: var(--base-color);
color: white !important;
}
.arrow-link:hover .arrow {
transform: translateX(5px);
background: none !important;
@ -310,6 +392,10 @@ a:hover {
color: white !important;
}
.mini-card:hover .arrow {
transform: translateX(5px);
}
.arrow-link:hover {
background: none !important;
background-color: var(--base-color);
@ -352,19 +438,35 @@ a:hover {
margin-bottom: 50px;
}
.powered-by .card {
border: 1px solid var(--light-teal);
min-height: 360px;
display: flex;
flex-direction: column;
border: 1px solid var(--mid-grey);
min-height: 405px;
padding: 35px;
background: var(--void-teal);
background: none;
}
.powered-by img {
width: 150px;
width: 100%;
max-width: 200px;
}
.powered-by .img-container {
display: flex;
justify-content: flex-start;
align-items: center;
height: 60px;
}
.powered-by a {
margin-top: auto;
}
.video-background {
left: 85%;
left: 85%;
width: 200px !important;
}
@ -409,8 +511,59 @@ a:hover {
padding: 2rem;
}
.powered-header {
height: 100px;
.video-background-philosophy {
left: 85%;
width: 200px !important;
}
.video-background-container-philosophy {
position: absolute;
width: 100%;
height: 800px;
overflow: hidden;
top: 3150px;
left: 0;
z-index: -1;
}
.gradient-overlay-philosophy {
background: linear-gradient(to bottom, #0f0f0f 0%, rgba(15, 15, 15, 0) 25%, rgba(15, 15, 15, 0) 75%, #0f0f0f 100%), linear-gradient(to left, rgb(15, 15, 15) 0%, rgba(15, 15, 15, 0) 100%);
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: -1;
pointer-events: none;
}
.video-background-philosophy {
position: absolute;
top: 50%;
left: 50%;
min-width: 100%;
min-height: 100%;
width: auto;
height: auto;
transform: translate(-50%, -50%);
z-index: -1;
object-fit: cover;
}
.video-content-philosophy {
position: relative;
z-index: 1;
color: #fff;
padding: 2rem;
}
.why-choose-distrust .properties .flex-container-inner {
border-top: 1px solid var(--light-purple);
margin-right: 40px;
}
.why-choose-distrust svg {
margin-top: 20px;
}
@media only screen and (max-device-width: 500px) {
@ -453,11 +606,9 @@ footer {
display: inline-block;
text-decoration: none;
margin-left: 20px;
transition: transform 0.5s ease !important;
}
.footer-link:hover {
transform: translateY(-2px);
background: transparent;
color: white;
}
@ -510,11 +661,13 @@ hr {
margin: 0px 4px;
font-size: 1.1rem;
text-decoration: none;
transition: transform 0.5s ease;
}
.header-page-links a.active {
color: white;
}
.header-page-links a:hover {
transform: translateY(-2px);
background-color: transparent;
color: white;
}
@ -607,16 +760,21 @@ hr {
margin-top: 50px;
}
.inner-menu-content a:hover {
background: unset;
color: white;
}
.menu-content div {
margin: 30px;
}
/**
* Services Page
*/
* Services Page
*/
.why-distrust {
height: 95px;
text-align: left;
padding-bottom: 15px;
}
/**
@ -625,7 +783,7 @@ hr {
.about-special h2 {
font-weight: 600 !important;
margin: 0px;
height: 340px;
padding-bottom: 20px;
}
.about-special {
@ -662,6 +820,11 @@ hr {
color: var(--light-grey);
}
.team a:hover {
background: unset;
color: white;
}
.team img {
height: 130px;
border: 1px solid teal;
@ -672,7 +835,6 @@ hr {
}
.team h5 {
font-size: 20px !important;
text-transform: lowercase;
}
.team .flex-container-inner {
@ -1021,6 +1183,11 @@ section {
margin: 250px 0px;
}
.extra-spacing {
margin-top: 70px;
margin-bottom: 70px;
}
.companies {
display: flex;
justify-content: space-between;
@ -1416,10 +1583,6 @@ pre {
transition: opacity 0.3s;
}
.logo-slider img:hover {
opacity: 1;
}
/**
* Carousel
*/
@ -1489,6 +1652,18 @@ pre {
/**
* Blog
*/
.blog {
margin: auto;
max-width: 700px;
margin-top: 80px;
}
.post {
max-width: 700px;
margin: 100px 0px;
}
.post img {
max-width: 100%;
}
@ -1497,6 +1672,90 @@ pre {
max-width: 100%;
}
#lp-post-img {
max-width: 100%;
}
.entry {
font-size: 1.2rem;
}
.date h4 {
font-size: 1rem !important;
}
#blog-header {
margin: 80px 0px;
}
.blog-header-title {
display: inline-block;
font-size: 3.2rem;
text-align: center;
width: 100%;
margin-top: 80px;
}
.blog-header-subtitle {
text-align: center;
font-size: 1.5rem;
color: var(--light-grey);
}
.blog h1 {
font-size: 2.2rem !important;
font-weight: 600 !important;
line-height: 2.2rem !important;
}
.blog h2 {
font-size: 1.8rem !important;
}
.blog h3 {
font-size: 1.6rem !important;
}
.blog h4 {
font-size: 1.4rem !important;
}
.blog h5 {
font-size: 1.2rem !important;
}
.blog hr {
margin: 80px 0px;
}
.post a {
color: var(--light-teal);
}
.post a:hover {
text-decoration: underline;
}
.blog-details {
display: flex;
flex-direction: left;
font-size: 0.9rem;
margin-bottom: 10px;
}
.blog-details-date {
background: var(--light-grey);
color: var(--background-color);
border-radius: 5px;
padding: 2px 10px;
}
.blog-details-read-time {
padding: 2px 10px;
margin-left: 15px;
color: white;
}
/** end blog */
*,
@ -1538,16 +1797,7 @@ pre {
}
}
@media (max-width: 1090px) {
.contact-header {
height: 260px;
}
}
@media (max-width: 1150px) {
.landing-header {
height: 400px;
}
.roadmap-title-container {
flex-direction: column;
}
@ -1562,12 +1812,6 @@ pre {
}
}
@media (max-width: 1117px) {
.services-header {
height: 420px;
}
}
@media (max-width: 1020px) {
.flex-container-inner {
width: 100% !important;
@ -1575,9 +1819,6 @@ pre {
margin-bottom: 50px;
}
.flex-container {
}
.hide {
display: inline-block;
}
@ -1590,10 +1831,6 @@ pre {
flex-direction: column-reverse;
}
.services-header {
height: 250px;
}
.team .flex-container-inner {
margin-bottom: 30px;
}
@ -1608,13 +1845,39 @@ pre {
}
}
@media (max-width: 742px) {
.contact-header {
height: 340px;
}
}
@media (max-width: 600px) {
.mini-card {
padding: 20px 20px !important;
filter: brightness(100%) !important;
}
.kanban-column {
border: none !important;
padding: 0px !important;
}
#kanban {
flex-direction: column-reverse;
}
#kanban h4 {
width: 100%;
text-align: center;
margin-bottom: 20px;
}
.column-backlog .mini-card {
border: 1px solid white;
}
.column-progress .mini-card {
border: 1px solid var(--light-teal);
}
.column-active .mini-card {
border: 1px solid var(--light-purple);
}
.flex-container {
flex-direction: column;
}
@ -1647,23 +1910,6 @@ pre {
padding-left: 10px;
}
.hero-header {
height: 190px;
}
.landing-header {
height: 90px !important;
}
.contact-header {
margin-top: 0px;
height: 130px;
}
.capsule-header {
height: unset;
}
.footer-link {
margin-bottom: 20px;
min-width: 200px;
@ -1682,7 +1928,7 @@ pre {
}
p {
font-size: 1.1rem !important;
font-size: 1.1rem !important;
}
h1 {
@ -1746,29 +1992,26 @@ pre {
margin-bottom: 10px;
}
.powered-header {
height: 50px;
}
.quote {
font-size: 1.5rem;
line-height: 1.5rem;
}
/**
* Services Page
*/
/**
* Services Page
*/
.why-distrust {
height: 45px;
}
/**
* End Services Page
*/
/**
* End Services Page
*/
/**
* Roadmap Page
*/
/**
* End Roadmap Page
*/
/**
* Roadmap Page
*/
/**
* End Roadmap Page
*/
}

BIN
assets/base/rss.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.3 KiB

0
assets/base/roadmap-thumbnail.png → assets/base/software-thumbnail.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 453 KiB

After

Width:  |  Height:  |  Size: 453 KiB

BIN
assets/images/whale_shark.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 MiB

126
assets/js/main.js
View File

@ -1,90 +1,90 @@
const collapsibleButton = document.querySelector("#hamburger-menu");
const menuContent = document.querySelector(".menu-content");
collapsibleButton.addEventListener("click", function () {
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
});
document.addEventListener('DOMContentLoaded', function () {
initializeCompaniesCarousel();
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
createCarouselItems(data);
initializeCarousel();
})
.catch(error => console.error('Error loading JSON:', error));
initializeCompaniesCarousel();
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
createCarouselItems(data);
initializeCarousel();
})
.catch(error => console.error('Error loading JSON:', error));
});
function createCarouselItems(items) {
const carousel = document.querySelector('#carousel');
items.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'carousel-item'
const carousel = document.querySelector('#carousel');
items.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'carousel-item'
const link = document.createElement('a');
link.className = 'carousel-link';
link.href = item.link;
link.target = '_blank';
link.rel = 'noopener noreferrer';
const linkText = document.createTextNode(item.description);
const link = document.createElement('a');
link.className = 'carousel-link';
link.href = item.link;
link.target = '_blank';
link.rel = 'noopener noreferrer';
const linkText = document.createTextNode(item.description);
link.appendChild(linkText);
itemDiv.appendChild(link);
carousel.appendChild(itemDiv);
});
link.appendChild(linkText);
itemDiv.appendChild(link);
carousel.appendChild(itemDiv);
});
}
function initializeCarousel() {
const carousel = document.querySelector('#carousel');
const items = Array.from(carousel.children);
const totalItems = items.length;
const middleIndex = Math.floor(totalItems / 2);
let currentIndex = -middleIndex;
const carousel = document.querySelector('#carousel');
const items = Array.from(carousel.children);
const totalItems = items.length;
const middleIndex = Math.floor(totalItems / 2);
let currentIndex = -middleIndex;
function cycleItems() {
currentIndex = (currentIndex - 1 + totalItems) % totalItems;
updateCarouselItems();
}
function cycleItems() {
currentIndex = (currentIndex - 1 + totalItems) % totalItems;
updateCarouselItems();
}
function updateCarouselItems() {
items.forEach((item, index) => {
let positionIndex = (currentIndex + index + totalItems) % totalItems;
let offset = positionIndex - middleIndex;
item.style.transform = `translateY(${offset * 100}%)`;
item.classList.toggle('active', positionIndex === middleIndex);
item.style.visibility = 'visible';
});
}
function updateCarouselItems() {
items.forEach((item, index) => {
let positionIndex = (currentIndex + index + totalItems) % totalItems;
let offset = positionIndex - middleIndex;
item.style.transform = `translateY(${offset * 100}%)`;
item.classList.toggle('active', positionIndex === middleIndex);
item.style.visibility = 'visible';
});
}
updateCarouselItems();
setInterval(cycleItems, 7000);
updateCarouselItems();
setInterval(cycleItems, 7000);
}
function initializeCompaniesCarousel() {
const slider = document.getElementById('logoSlider');
const slider = document.getElementById('logoSlider');
// Duplicate the existing logos by appending the same HTML again:
slider.innerHTML += slider.innerHTML;
// Duplicate the existing logos by appending the same HTML again:
slider.innerHTML += slider.innerHTML;
let offset = 0;
const speed = 0.5;
let offset = 0;
const speed = 0.5;
function animate() {
offset -= speed;
slider.style.transform = `translateX(${offset}px)`;
function animate() {
offset -= speed;
slider.style.transform = `translateX(${offset}px)`;
// After half of the total (2 sets) is scrolled, reset
if (Math.abs(offset) >= slider.scrollWidth / 2) {
offset = 0;
}
requestAnimationFrame(animate);
}
// After half of the total (2 sets) is scrolled, reset
if (Math.abs(offset) >= slider.scrollWidth / 2) {
offset = 0;
}
requestAnimationFrame(animate);
}
requestAnimationFrame(animate);
requestAnimationFrame(animate);
}

BIN
assets/videos/cool-line-2.mp4 Normal file
View File

Binary file not shown.

BIN
assets/videos/cool-line-2.webm Normal file
View File

Binary file not shown.

5
blog.md Normal file
View File

@ -0,0 +1,5 @@
---
layout: blog
title: Blog
permalink: /blog.html
---

8
roadmap.md
View File

@ -1,8 +0,0 @@
---
title: Roadmap
tagline: Distrust | Roadmap
summary: Open source tools for verifiable security
layout: roadmap
permalink: /roadmap.html
thumbnail: /assets/base/roadmap-thumbnail.png
---

8
software.md Normal file
View File

@ -0,0 +1,8 @@
---
title: Software
tagline: Distrust | Software
summary: Open source tools for verifiable security
layout: software
permalink: /software.html
thumbnail: /assets/base/software-thumbnail.png
---