public
/
website
5
0
Fork 0
Code Issues 4 Pull Requests 4 Packages Projects Releases Wiki Activity

Compare commits

base: public:main
Branches Tags
public:main
public:feat/fixes
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci
..
compare: public:feat/website-upgrades
Branches Tags
public:feat/fixes
public:main
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci

1 Commits
main ... feat/websi

Author SHA1 Message Date
Anton Livaja dada5f5da9
add threat model draft 2025-03-20 14:02:35 -07:00
30 changed files with 1038 additions and 1097 deletions
Show Stats Expand all files Collapse all files

1
Gemfile
View File

@ -1,3 +1,2 @@
source "https://rubygems.org"
gem "jekyll-theme-console", path: "./_vendor/jekyll-theme-console"
gem 'jekyll-feed'

8
_config.yml
View File

@ -8,9 +8,8 @@ banner: "https://distrust.co/assets/base/distrust-thumbnail.png"
header_pages:
- index.md
- services.md
- software.md
- roadmap.md
- company.md
- blog.md
- contact.md
style: dark
@ -20,11 +19,6 @@ footer: '© 2025 Distrust LLC'
theme: jekyll-theme-console
permalink: blog/:title.html
plugins:
- jekyll-feed
# Exclude from processing.
# The following items will not be processed, by default.
# Any item listed under the `exclude:` key here will be automatically added to

32
_includes/companies-carousel.html
View File

@ -1,32 +0,0 @@
<section class="mid-tall-section">
{% unless include.hide_title == 'true' %}
<div class="flex-container-inner">
<div class="text-well center">
<h4 class="carousel-title" >trusted by industry leaders</h4>
</div>
</div>
{% endunless %}
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>

6
_includes/footer.html
View File

@ -5,13 +5,9 @@
</div>
<div>
<a class="footer-link" href="/services.html">Services</a>
<a class="footer-link" href="/software.html">Software</a>
<a class="footer-link" href="/roadmap.html">Roadmap</a>
<a class="footer-link" href="/company.html">Company</a>
<a class="footer-link" href="/contact.html">Contact</a>
<a class="footer-link" href="/feed.xml" style="vertical-align: middle;">
<img style="filter: grayscale(100%); width: 22px; vertical-align: sub" src="/assets/base/rss.png" />
</a>
</div>
</div>
<script type="text/javascript" src="/assets/js/main.js"></script>

7
_includes/head.html
View File

@ -103,17 +103,14 @@
<a href="/services.html">Services</a>
</div>
<div>
<a href="/software.html">Software</a>
<a href="/roadmap.html">Roadmap</a>
</div>
<div>
<a href="/company.html">Company</a>
</div>
<div>
<a href="/blog.html">Blog</a>
</div>
<div>
<a href="/contact.html">Contact</a>
</div>
</div>
</div>
</div>
</head>

35
_includes/header.html
View File

@ -3,7 +3,7 @@
<div class="menu">
<div class="left-menu">
<a id="home-link" href="/index.html">
<img class="menu-logo" src="/assets/base/distrust-text-white.svg"
<img class="menu-logo" src="assets/base/distrust-text-white.svg"
alt="Distrust broken chain logo with white text" />
</a>
</div>
@ -20,7 +20,6 @@
<li class="show">
<a href="/contact.html" class="mega-inverted button">Work with us</a>
</li>
</ul>
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">
<input id="menu-toggle" type="checkbox" />
@ -30,36 +29,4 @@
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function () {
let pathSegment = window.location.pathname.split('/')[1];
if (pathSegment.endsWith('.html')) {
pathSegment = pathSegment.replace('.html', '');
}
const navLinks = document.querySelectorAll('.header-page-links li a');
navLinks.forEach(link => {
let linkPath = link.getAttribute('href').replace('/', '').replace('.html', '');
if (linkPath === pathSegment) {
link.classList.add('active');
}
});
});
let prevScrollPos = window.scrollY;
const hamburgerMenu = document.querySelector('.menu-content');
window.addEventListener('scroll', () => {
const currentScrollPos = window.scrollY;
if (currentScrollPos > prevScrollPos) {
hamburgerMenu.style.display = 'none';
}
prevScrollPos = currentScrollPos;
});
</script>
</header>

46
_includes/powered-by.html
View File

@ -1,46 +0,0 @@
<section style="margin-bottom: 0px;" class="flex-container">
<div class="flex-container-inner">
<h2 class="hero-header gradient-text center">powered by distrust</h2>
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies across high-risk industries adopt our methodologies and tooling to secure their critical systems.<p>
</div>
</section>
<section style="margin-top: 40px;" class="flex-container powered-by">
<div class="flex-container-inner">
<div class="text-well card">
<div class="img-container">
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
</div>
<p>Distrust team helped build Turnkey, which leverages StageX, and AirgapOS to improve the security of their systems which help manage billions of dollars worth of value.</p>
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<div class="img-container">
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
</div>
<p>The creators of the SUI cryptocurrency partner with Distrust for advice and use StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
<a href="https://github.com/MystenLabs/sui/blob/main/docker/sui-node-deterministic/Dockerfile" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<div class="img-container">
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
</div>
<p>Sidero labs has relied on Distrust for consulting and is using StageX to build their widely used Talos Linux distribution which delivers best in-class kubernetes features.</p>
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>

8
_includes/primary-cta.html
View File

@ -1,8 +0,0 @@
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>

16
_includes/values.html
View File

@ -1,16 +0,0 @@
<section class="flex-container tall-section">
<div class="flex-container-inner">
<h2 class="gradient-text">our manifesto</h2>
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>
</section>

39
_layouts/blog.html
View File

@ -1,39 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main class="blog">
<div class="entry">
<div class="posts">
{% for post in site.posts %}
<div class="blog-details">
<div class="blog-details-date">{{ post.date | date: "%b %e, %Y" }}</div>
<div class="blog-details-read-time">{{ post.content | number_of_words | divided_by: 200 }} min read</div>
</div>
<a class="blog-link" href="{{ post.url | relative_url }}" title="{{ post.title }}">
<article>
<h1>{{ post.title }}</h1>
<p>{{ post.excerpt | strip_html | truncatewords: 25 }}</p>
</article>
<div class="arrow-link">
Read
<span class="arrow">&#x2192;</span>
</div>
</a>
{% endfor %}
</div>
</div>
<p>
{% for author in page.authors %}
— {{ author.name }}{% unless forloop.last %}, {% endunless %}
{% endfor %}
</p>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

41
_layouts/company.html
View File

@ -26,7 +26,7 @@
</p>
<p class="hero-p">We dont just advise on security. We build it. We open-source it. And we teach organizations how to think critically about risk—because security isnt about checking boxes.
</p>
<a rel=”noopener noreferrer href="/software.html" class="arrow-link">
<a href="/roadmap.html" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
@ -40,33 +40,28 @@
<h5>Lance Vick</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/6B61ECD76088748C70590D55E90A401336C8AAA9">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://lance.dev/">Website</a>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/6B61ECD76088748C70590D55E90A401336C8AAA9">PGP: 36C8AAA9</a>
</div>
<div class="flex-container-inner card">
<h5>Anton Livaja</h5>
<p>Co-Founder</p>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://antonlivaja.com">Website</a>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">PGP: 52E0BA4D</a>
</div>
</div>
<div class="team flex-container">
<div class="flex-container">
<div class="flex-container-inner card">
<h5>Ryan Heywood</h5>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/88823A75ECAA786B0FF38B148E401478A3FBEF72">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://ryansquared.pub">Website</a>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/88823A75ECAA786B0FF38B148E401478A3FBEF72">PGP: A3FBEF72</a></p>
</div>
<div class="flex-container-inner card">
<h5>Danny Grove</h5>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">Keyoxide</a>
<a rel=”noopener noreferrer target="_blank" href="https://dannygrove.com/">Website</a>
<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">PGP: 193F2DBD</a>
</div>
</div>
</div>
<div class="flex-container-inner who-we-are">
<h2 class="gradient-text">who we are</h2>
<p class="hero-p" style="max-width: 550px">Distrust is made up of engineers behind some of the most security-critical projects in the world—including BitGo, Turnkey, and Unit410.</p>
@ -77,9 +72,29 @@
</div>
</section>
{% include values.html %}
<section class="flex-container tall-section">
<div class="flex-container-inner">
<h2 class="gradient-text">our manifesto</h2>
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>
</section>
{% include primary-cta.html %}
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>

27
_layouts/contact.html
View File

@ -10,7 +10,7 @@
<div class="capsule">contact</div>
</div>
<br>
<h2 class="gradient-text center hero-header">tell us about your biggest security challenges</h2>
<h2 class="gradient-text center contact-header">tell us about your biggest security challenges</h2>
</section>
<section class="flex-container" style="margin-top: 80px">
<div class="flex-container-inner">
@ -54,8 +54,29 @@
</div>
</div>
</section>
{% include companies-carousel.html hide_title='true' %}
<section style="margin-bottom: 0px">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
</main>
<br />
{%- include footer.html -%}

48
_layouts/landing.html
View File

@ -17,7 +17,7 @@
<div class="flex-container-inner">
<div class="text-well">
<h1 class="gradient-text hero-header landing-header">security without blind trust</h1>
<p class="hero-p" style="margin-top: 0px">Distrust secures mission critical infrastructure by applying a first principles approach. No guessing, no shortcuts, only verifiable security.</p>
<p class="hero-p" style="margin-top: 0px">Distrust applies a first principles approach to securing mission critical infrastructure. No guessing, no shortcuts, only verifiable security.</p>
<br />
<a href="/contact.html" class="mega button">Work with us</a>
<br />
@ -27,8 +27,35 @@
</div>
</section>
<section class="mid-tall-section">
<div class="flex-container-inner">
<div class="text-well center">
<h4 class="carousel-title" >trusted by industry leaders</h4>
</div>
</div>
{% include companies-carousel.html %}
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
<section>
<div class="center">
@ -49,13 +76,13 @@
</div>
</div>
</a>
<a href="/software.html" class="arrow-link">
<a href="/roadmap.html" class="arrow-link">
<div class="flex-container-inner card roadmap-card roadmap-card-teal" style="background: #00191E; border: 1px solid #01586A">
<div class="text-well">
<h4>software</h4>
<h4>roadmap</h4>
<p>Security is always evolving—so are we. Distrust is building the next generation of security infrastructure that eliminates reliance on any single computer, person, or system. Using full-source bootstrapping, determinism, and quorum-based security, we ensure verifiable, trustless protection at every layer.</p>
<br>
View software
View roadmap
<span class="arrow">&#x2192;</span>
</div>
</div>
@ -63,11 +90,14 @@
</div>
</section>
{% include powered-by.html %}
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">We help organizations that can't afford to fail. If security is mission-critical for your company, let's talk.</p>
<div class="button-container center">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</section>
{% include values.html %}
{% include primary-cta.html %}
</main>
{%- include footer.html -%}
</div>

30
_layouts/post.html
View File

@ -1,30 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main class="blog">
<article class="post">
<div class="blog-details">
<div class="blog-details-date">{{ page.date | date: "%b %e, %Y" }}</div>
<div class="blog-details-read-time">{{ page.content | number_of_words | divided_by: 200 }} min read</div>
</div>
<h1>{{page.title}}</h1>
<div class="entry">
{{ content }}
</div>
<p>
{% for author in page.authors %}
— {{ author.name }}{% unless forloop.last %}, {% endunless %}
{% endfor %}
</p>
</article>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

503
_layouts/roadmap.html Normal file
View File

@ -0,0 +1,503 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
<div class="flex-container-inner" style="padding-top: 0px">
<div class="text-well center">
<div class="capsule-teal">roadmap</div>
<br>
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
<br>
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. Were redesigning security for transparency from the ground up.</p>
<div class="button-container center">
<a href="#roadmap" class="mega-teal button">View roadmap</a>
</div>
</div>
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<h3>creating the building blocks for provable security</h3>
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasnt been tampered with?</p>
<p class="hero-p">Weve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isnt just a claim—its provable.</p>
<a href="#roadmap" class="arrow-link">
See what we're building
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner"></div>
</section>
<span class="roadmap" id="roadmap">
<h2 class="center gradient-text">our roadmap</h2>
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
<section id="sourceid" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SourceId</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">source code integrity</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SourceId ensures that source code integrity is verifiable. It prevents tampering of archives and other formats used for delivering source code by standardizing code and generating a hash-based fingerprint of the tree which includes all essential files.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sourceid" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="sigrev" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">SigRev</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">crowdsourced code review</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>SigRev is a crowdsourcing framework extending SourceID with signed code reviews. It enhances open-source security by making comprehensive manual reviews discoverable, overcoming the limitations of static analysis tools.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/sigrev" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="stagex" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">StageX</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic reproducibility</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>StageX is a hermetic, deterministic and reproducible toolchain providing multi-signed OCI images for popular software. This approach removes single points of failure in sofware builds.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/stagex" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="repros" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">ReprOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">ephemeral build environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>ReprOS is a bare-bones immutable OS designed for securely reproducing and signing software. Each build is executed in a one-time use environment, eliminating persistent risks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://codeberg.org/stagex/repros" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="keyfork" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Keyfork</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">deterministic key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Keyfork simplifies cryptographic material management by deriving any number or type of keys from a single entropy source. This greatly simplifies secret management complexity while maintaining security.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="icepick" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Icepick</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">cryptographic operations</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>Icepick provides a framework for offline verified cryptographic signing operations. Its modular design provides a unified interface for a wide range of cryptographic signing tasks.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="airgapos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">AirgapOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">air-gapped OS</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-green">active</div>
</div>
</div>
<p>AirgapOS is a minimal, immutable offline first environment for secret management. It ships with a swiss-army knife of tools and an extensibility framework to cover most secure administration needs.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/airgap" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="bootproof" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Bootproof</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">remote attestation</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-grey">fundraising</div>
</div>
</div>
<p>Bootproof provides a way to prove what software booted on a given system by leveraging platform hardware or firmware remote attestation technologies.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/bootproof" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="enclaveos" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">EnclaveOS</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">trusted execution environments</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>EnclaveOS is a minimal and immutable operating system for running security critical software with high accountability. It can be extended to support multi-party management of secrets such that no person can control them alone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://git.distrust.co/public/enclaveos" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section id="vault" class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<div class="roadmap-header">
<div class="roadmap-title-container">
<div class="roadmap-item-name">Vault</div>
<div class="roadmap-tagline-line">&nbsp;|&nbsp;</div>
<div class="roadmap-tagline">prescriptive key management</div>
</div>
<div class="roadmap-header-capsule">
<div class="capsule-yellow">in-progress</div>
</div>
</div>
<p>Detailed set of practices, ceremonies and documentation for generating, backing up and using secrets that you can't afford to lose. Combines the best of tactics of major custodians as an open framework available for everyone.</p>
<br>
<div class="component-section">
<div class="component-text">Components:</div>
<div class="component-links">
<a href="#sourceid">
<div class="capsule-transparent">SourceId</div>
</a>
<a href="#sigrev">
<div class="capsule-transparent">SigRev</div>
</a>
<a href="#stagex">
<div class="capsule-transparent">StageX</div>
</a>
<a href="#airgapos">
<div class="capsule-transparent">AirgapOS</div>
</a>
<a href="#keyfork">
<div class="capsule-transparent">Keyfork</div>
</a>
<a href="#icepick">
<div class="capsule-transparent">Icepick</div>
</a>
<a href="#bootproof">
<div class="capsule-transparent">Bootproof</div>
</a>
</div>
</div>
<a href="https://qvs.distrust.co/" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
</span>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
</div>
</section>
<section style="margin-bottom: 0px;" class="flex-container">
<div class="flex-container-inner">
<h2 class="powered-header gradient-text center">powered by distrust</h2>
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies are already choosing to adopt our methodologies and tooling to help secure their systems.<p>
</div>
</section>
<section style="margin-top: 40px;" class="flex-container powered-by">
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
<p>Using StageX and ReprOS to improve their supply chain security story.</p>
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
<p>The SUI cryptocurrency is leveraging StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
<a href="https://github.com/MystenLabs/sui/issues/13476" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well card">
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
<p>Using StageX to build their widely used Talos Linux distribution specialized in delivering kubernetes features.</p>
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer target="_blank" class="arrow-link">
Learn more
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
<div class="button-container center">
<a href="/contact.html" class="mega-teal button">Get in touch</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

167
_layouts/services.html
View File

@ -5,22 +5,22 @@
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container" style="top: 350px">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<div class="video-background-container" style="top: 350px">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content">
<div class="flex-container-inner">
<div class="text-well center">
<div class="text-well" style="text-align: center; margin: auto">
<div class="capsule">services</div>
</div>
<br>
<h1 class="hero-title gradient-text hero-header">
<h1 class="services-header hero-title gradient-text hero-header">
hire Distrust to solve your hardest security challenges
</h1>
<br>
@ -32,102 +32,89 @@
</div>
</section>
{% include companies-carousel.html hide_title='true' %}
<section class="why-choose-distrust">
<div class="flex-container">
<div class="flex-container-inner">
<h2 class="gradient-text">why choose Distrust</h2>
<p>Benefit from our approach—a blend of proven methodologies and open source tooling we created, shaped by lessons from securing some of the world's highest-risk organizations.</p>
</div>
<div class="flex-container-inner">
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<div class="text-well">
<h3>security assessments</h3>
<p style="max-width: 540px">Our assessments go beyond identifying vulnerabilities—we strategically eliminate risks at their source. Using a first-principles methodology, we pinpoint single points of failure and deliver clear, actionable recommendations to secure your systems against sophisticated threats.</p>
<ul>
<li>Secure architecture review</li>
<li>Threat modeling</li>
<li>Penetration testing</li>
<li>Secure code review</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Schedule an assessment
<span class="arrow">&#x2192;</span>
</a>
</div>
</div>
<br>
<div class="flex-container properties">
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height=="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-layers-icon lucide-layers"><path d="M12.83 2.18a2 2 0 0 0-1.66 0L2.6 6.08a1 1 0 0 0 0 1.83l8.58 3.91a2 2 0 0 0 1.66 0l8.58-3.9a1 1 0 0 0 0-1.83z"/><path d="M2 12a1 1 0 0 0 .58.91l8.6 3.91a2 2 0 0 0 1.65 0l8.58-3.9A1 1 0 0 0 22 12"/><path d="M2 17a1 1 0 0 0 .58.91l8.6 3.91a2 2 0 0 0 1.65 0l8.58-3.9A1 1 0 0 0 22 17"/></svg>
<p><b>Eliminate root causes</b></p>
<p>We don't just scan for bugs—we eliminate entire categories of bugs at the source using a first-principles methodology.</p>
<div class="flex-container-inner">
<div class="text-well">
<h3>retainer or fractional CISO</h3>
<p style="max-width: 540px">Gain continuous, high-level security leadership tailored precisely to your organization's needs. We work closely with your teams, providing strategic security direction, eliminating blind trust, and protecting critical infrastructure from sophisticated threats.</p>
<ul>
<li>Security program development</li>
<li>Incident response</li>
<li>Due diligence</li>
<li>Vetting security talent</li>
</ul>
<br>
<a href="/contact.html" class="arrow-link">
Work with us
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-circle-check-big-icon lucide-circle-check-big"><path d="M21.801 10A10 10 0 1 1 17 3.335"/><path d="m9 11 3 3L22 4"/></svg>
<p><b>Verifiable</b></p>
<p>No guessing, no shortcuts. Every recommendation is backed by logic and rigor, not gut feel or just to check boxes.</p>
</div>
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-shield-alert-icon lucide-shield-alert"><path d="M20 13c0 5-3.5 7.5-7.66 8.95a1 1 0 0 1-.67-.01C7.5 20.5 4 18 4 13V6a1 1 0 0 1 1-1c2 0 4.5-1.2 6.24-2.72a1.17 1.17 0 0 1 1.52 0C14.51 3.81 17 5 19 5a1 1 0 0 1 1 1z"/><path d="M12 8v4"/><path d="M12 16h.01"/></svg>
<p><b>Proven track record</b></p>
<p>Our security engineers have secured some of the highest risk infrastructure in the world (BitGo, Turnkey, Unit 410).</p>
</div>
<div class="flex-container-inner">
<svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-handshake-icon lucide-handshake"><path d="m11 17 2 2a1 1 0 1 0 3-3"/><path d="m14 14 2.5 2.5a1 1 0 1 0 3-3l-3.88-3.88a3 3 0 0 0-4.24 0l-.88.88a1 1 0 1 1-3-3l2.81-2.81a5.79 5.79 0 0 1 7.06-.87l.47.28a2 2 0 0 0 1.42.25L21 4"/><path d="m21 3 1 11h-2"/><path d="M3 3 2 14l6.5 6.5a1 1 0 1 0 3-3"/><path d="M3 4h8"/></svg>
<p><b>Embedded collaborations</b></p>
<p>We act as true partners— our goal is to make our clients succeed and not depend on us.</p>
</div>
</div>
</section>
<section class="mid-tall-section">
<div style="max-width: 800px; margin: auto; text-align: center; margin-bottom: 60px;">
<h2 class="gradient-text">our services</h2>
<p>Distrust offers high-impact security consulting and open-source tooling for companies that can't afford to fail.
</div>
<div class="flex-container">
<div class="flex-container-inner">
<div class="text-well">
<h3>retainer / fractional CISO</h3>
<p style="max-width: 540px">Get ongoing security leadership tailored precisely to your organization's needs. We embed with your team to provide strategic security direction and eliminate blind trust from your infrastructure—so you're prepared before threats emerge.</p>
<ul>
<li>Security program development</li>
<li>Incident response</li>
<li>Due diligence</li>
<li>Vetting security talent</li>
</ul>
<br>
<div class="button-container">
<a href="/contact.html" class="mega button">Work with us</a>
</div>
</div>
</div>
<div class="flex-container-inner">
<div class="text-well">
<h3>security assessments</h3>
<p style="max-width: 540px">Our assessments go beyond vulnerability scans—we eliminate risks at their source. Using first-principles threat modelling, we identify single points of failure and deliver actionable recommendations to secure your systems against sophisticated threats.</p>
<ul>
<li>Secure architecture review</li>
<li>Security audits</li>
<li>Penetration testing</li>
<li>Secure code review</li>
</ul>
<br>
<div class="button-container">
<a href="/contact.html" class="mega button">Book an assessment</a>
</div>
</div>
</div>
</div>
</section>
<div class="video-background-container-philosophy">
<video autoplay muted loop playsinline class="video-background-philosophy">
<source src="assets/videos/swirly-lines.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/swirly-lines.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay-philosophy"></div>
</div>
<section class="flex-container video-content-philosophy">
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h2 class="gradient-text why-distrust">our philosophy</h2>
<h2 class="gradient-text why-distrust">why Distrust?</h2>
<p>
Security shouldn't be based on blind trust, it should be based on <b>dis</b>trust, and verifiability. Most organizations treat cybersecurity like people once treated hygiene—poorly.
Why choose Distrust? Because security shouldn't be based on blind trust, it should be based on <b>dis</b>trust, and verifiability. Most organizations treat cybersecurity like people once treated hygiene—poorly.
</p>
<p>At Distrust, we've identified fundamental methods to eliminate entire categories of risk at their source. Similarly to how handwashing revolutionized public health by preventing unseen threats like bacteria, our first-principles security methodology brings new levels of security to our clients by eliminating single points of failure, and providing verifiable, resilient protection for critical systems.
</p>
<ul class="narrow-list">
<li><b>First-principles security</b> 
<p>Attack surface area reduction through eliminating root causes.</p>
</li>
<li><b>Proven methodology</b>
<p>Methodology tested in high-stakes, mission-critical environments.</p>
</li>
<li><b>Seamless collaboration</b>
<p>Clear, actionable engagement steps—start immediately.</p>
</li>
</ul>
</div>
</section>
<section class="">
<div class="logo-section">
<div class="logo-slider" id="logoSlider">
<img src="assets/base/companies/coinbase-white.svg" alt="Coinbase">
<img src="assets/base/companies/bitgo-logo-white.svg" alt="BitGo">
<img style="filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(102%) contrast(102%);"
src="assets/base/companies/bishop-fox-dark.png" alt="Bishop Fox">
<img style="filter: invert(100)" src="assets/base/companies/turnkey-black.svg" alt="Turnkey">
<img style="height: 40px" src="assets/base/companies/falconx-white.svg" alt="FalconX">
<img src="assets/base/companies/exodus-white.svg" alt="Exodus">
<img src="assets/base/companies/sidero-labs-white.png" alt="Sidero Labs">
<img src="assets/base/companies/zoom-white.png" alt="Zoom">
<img src="assets/base/companies/mysten-labs-white.svg" alt="Mysten Labs">
<img style="height: 60px; filter: invert(100%) sepia(100%) saturate(0%) hue-rotate(288deg) brightness(200%) contrast(102%);"
src="assets/base/companies/ankr.png" alt="Ankr">
<img style="height: 60px" src="assets/base/companies/hashicorp-white.png" alt="HashiCorp">
<img style="filter: invert(100)" src="assets/base/companies/block-one-dark.svg" alt="Block One">
<img src="assets/base/companies/ledn-white.svg" alt="Ledn">
<img src="assets/base/companies/fitbit-white.png" alt="Fitbit">
<img src="assets/base/companies/dfns-color.png" alt="Dfns">
</div>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">ready to take your security to the next level?</h4>

169
_layouts/software.html
View File

@ -1,169 +0,0 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<div class="video-background-container">
<video autoplay muted loop playsinline class="video-background">
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
</video>
<div class="gradient-overlay"></div>
</div>
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
<div class="flex-container-inner" style="padding-top: 0px">
<div class="text-well center">
<div class="capsule-teal">software</div>
<br>
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
<br>
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. Were redesigning security for transparency from the ground up.</p>
<div class="button-container center">
<a href="#roadmap" class="mega-teal button">View software</a>
</div>
</div>
</div>
</section>
<section class="flex-container mid-tall-section">
<div class="flex-container-inner">
<h3>creating the building blocks for provable security</h3>
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasnt been tampered with?</p>
<p class="hero-p">Weve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isnt just a claim—its provable. And as everything we do, all our software is open source.</p>
<a href="#roadmap" class="arrow-link">
See what we're building
<span class="arrow">&#x2192;</span>
</a>
</div>
<div class="flex-container-inner"></div>
</section>
{% include powered-by.html %}
<div class="roadmap" id="roadmap">
<h2 class="center gradient-text">our software</h2>
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
</div>
<div id="kanban" class="flex-container">
<div class="flex-container-inner flex-container kanban-column column-backlog">
<h4 style="color: var(--light-grey)">backlog (fundraising)</h4>
<a target="_blank" rel=”noopener noreferrer class="flex-container-inner mini-card" href="https://git.distrust.co/public/bootproof">
<p><b>Bootproof</b></p>
<p>Prove what software booted on a system via remote attestation technologies.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" target="_blank" rel=”noopener noreferrer href="https://git.distrust.co/public/sourceid">
<p><b>SourceId</b></p>
<p>Verify source code inegrity with hash-based fingerprints.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" href="https://git.distrust.co/public/sigrev" class="arrow-link">
<p><b>SigRev</b></p>
<p>Crowdsource and discover signed manual code reviews.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
</div>
<div class="flex-container-inner flex-container kanban-column column-progress">
<h4 style="color: var(--light-teal)">in-progress</h4>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://qvs.distrust.co/">
<p><b>Trove</b></p>
<p>Documentation for managing secrets that you can't afford to lose.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://codeberg.org/stagex/repros">
<p><b>ReprOS</b></p>
<p>Create ephemeral build environments to eliminate persistent risks.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer href="https://git.distrust.co/public/enclaveos">
<p><b>EnclaveOS</b></p>
<p>Immutable operating system for powering secure enclaves.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
</div>
<div class="flex-container-inner flex-container kanban-column column-active">
<h4 style="color: var(--light-purple)">active</h4>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://codeberg.org/stagex/stagex">
<p><b>StageX</b></p>
<p>Hermetic, deterministic, reproducible, multi-signed OCI-based build toolchain.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://git.distrust.co/public/airgap">
<p><b>AirgapOS</b></p>
<p>Minimal, immutable, offline-first swiss-army knife for secret management.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://git.distrust.co/public/keyfork">
<p><b>Keyfork</b></p>
<p>Derive keys from a single entropy source to simplify their management.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
<a class="flex-container-inner mini-card" rel=”noopener noreferrer target="_blank" href="https://git.distrust.co/public/keyfork">
<p><b>Icepick</b></p>
<p>Framework for offline cryptographic signing operations.</p>
<div class="arrow-link">
View git repository
<span class="arrow">&#x2192;</span>
</div>
</a>
</div>
</div>
<section class="flex-container">
<div class="flex-container-inner"></div>
<div class="flex-container-inner">
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
</div>
</section>
<section>
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
<div class="button-container center">
<a href="/contact.html" class="mega-teal button">Get in touch</a>
</div>
</section>
</main>
{%- include footer.html -%}
</div>
</body>
</html>

194
_layouts/threatmodel.html Normal file
View File

@ -0,0 +1,194 @@
<!DOCTYPE html>
<html lang="{{ page.lang | default: site.lang | default: en }}">
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
<main>
<!-- Executive Summary and Scope -->
<section class="flex-container">
<div class="flex-container-inner">
<h2>Distrust Threat Model</h2>
<br>
<h3>Executive Summary</h3>
<p>This document outlines a high-assurance threat model for mission-critical systems. We assume that adversaries are highly sophisticated, well funded, and patient, with access to an extensive arsenal of attack techniques—from zero-day vulnerabilities (often combined into complex exploit chains) to physical breaches, supply chain compromises, and advanced side-channel attacks. Real-world incidents, such as the <a href="https://www.cisa.gov/solarwinds" target="_blank">SolarWinds attack</a> and tactics reminiscent of the <a href="https://en.wikipedia.org/wiki/Stuxnet" target="_blank">Stuxnet</a> incident, illustrate the threat environment we plan for.</p>
<p>This model is designed to guide organizations in implementing layered defenses that align with their specific risk profiles. It is structured into four levels, ranging from basic protections to defenses capable of withstanding state-level adversaries.</p>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3>Scope and Context</h3>
<p><strong>Scope:</strong> This threat model applies to systems handling sensitive operations and critical infrastructure, covering both digital and physical attack vectors.</p>
<p><strong>Assets Protected:</strong> Sensitive data, cryptographic keys, operational control systems, and key hardware/firmware components.</p>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3>General Threat Model Assumptions</h3>
<ul>
<li>All screens and displays are assumed to be observable by adversaries.</li>
<li>Input devices, such as keyboards, are assumed to be monitored or logged by potential attackers.</li>
<li>Any system components (firmware or bootloaders) not verified on every boot are considered at risk.</li>
<li>Network-connected systems and administrative endpoints are potential compromise points.</li>
<li>Insider threats are assumed; some personnel or third-party maintainers may be compromised.</li>
<li>Physical attacks are viable and likely, given the history of supply chain and infrastructure breaches.</li>
<li>Side-channel attacks (similar to those observed with Spectre/Meltdown) represent realistic threats.</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3>Threat Model Levels</h3>
<p>The threat model is structured into four levels, each corresponding to increasingly sophisticated adversary capabilities and controls. Organizations can choose the appropriate level based on their risk tolerance and operational needs.</p>
<ul>
<li><a href="#level-1">Level 1</a></li>
<li><a href="#level-2">Level 2</a></li>
<li><a href="#level-3">Level 3</a></li>
<li><a href="#level-4">Level 4</a></li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3 id="level-1">Level 1</h3>
<h5>Adversary</h5>
<p>A low-skilled individual targeting many organizations. This adversary relies on broad, unsophisticated tactics—such as phishing—to steal credentials or sensitive data.</p>
<h5>Attacks</h5>
<ul>
<li>Phishing campaigns to steal credentials or sensitive data.</li>
<li>Injecting malware into systems via remote attacks.</li>
</ul>
<h5>Requirements</h5>
<ul>
<li><strong>MUST</strong> enforce hardware-anchored authentication for critical actions.</li>
<li><strong>MUST</strong> require hardware-anchored authorization for sensitive operations.</li>
<li><strong>MUST</strong> validate operations using a threshold-based policy to prevent single-point compromises.</li>
</ul>
<h5>Reference Design</h5>
<ul>
<li>Ensure that all users performing critical operations use robust, hardware-based authentication methods (e.g., FIDO2, smart cards).</li>
<li>Implement backend systems that require cryptographic signatures from known, secure devices before approving sensitive actions.</li>
<li>Store audit logs and critical keys in tamper-evident, append-only databases.</li>
<li>Employ cryptographic challenges (e.g., hashing operation requests) that must be signed by hardware tokens.</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3 id="level-2">Level 2</h3>
<h5>Adversary</h5>
<p>A skilled and resourceful individual targeting a single organization. This adversary employs focused social engineering, vulnerability exploitation, and man-in-the-middle attacks—similar to tactics observed during the <a href="https://en.wikipedia.org/wiki/WannaCry_ransomware_attack" target="_blank">WannaCry outbreak</a>.</p>
<h5>Attacks</h5>
<ul>
<li>Compromising a team member with privileged access.</li>
<li>Injecting malicious code into software components.</li>
<li>Exploiting vulnerabilities shortly after public disclosure.</li>
</ul>
<h5>Requirements</h5>
<ul>
<li>
<strong>Production Access:</strong>
<ul>
<li><strong>MUST NOT</strong> be possible by any single individual—use multi-factor, multi-party authorization.</li>
<li><strong>MUST</strong> be conducted via dedicated, tamper-evident workstations.</li>
<li><strong>MUST</strong> utilize hardware security modules (HSMs) for critical key management.</li>
</ul>
</li>
<li>
<strong>Software Integrity:</strong>
<ul>
<li><strong>MUST</strong> be built deterministically with reproducible builds.</li>
<li><strong>MUST</strong> undergo extensive security review and be signed by trusted keys.</li>
<li><strong>MUST</strong> be kept up-to-date with all known security patches.</li>
</ul>
</li>
</ul>
<h5>Reference Design &amp; Key Management</h5>
<ul>
<li>Create offline certificate authority (CA) keys and store them securely.</li>
<li>Use air-gapped systems to generate keys and transfer them to hardware tokens.</li>
<li>Implement immutable, attested environments (e.g., TPM-based, cloud enclaves) to manage critical keys.</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3 id="level-3">Level 3</h3>
<h5>Adversary</h5>
<p>An organized group with significant funding and diverse expertise. Such adversaries can coordinate multi-faceted attacks and may have already compromised parts of the environment, representing coordinated internal and external threats.</p>
<h5>Attacks</h5>
<ul>
<li>Coercing or compromising internal personnel to tamper with systems.</li>
<li>Exploiting sophisticated zero-day vulnerabilities against internet-connected components.</li>
</ul>
<h5>Requirements</h5>
<ul>
<li><strong>MUST</strong> require multi-key signatures stored in geographically separate locations.</li>
<li><strong>MUST</strong> enforce independent validations at each signing location.</li>
<li><strong>MUST</strong> maintain strict segregation of duties among different teams.</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3 id="level-4">Level 4</h3>
<h5>Adversary</h5>
<p>A state actor or similarly well-resourced entity capable of executing advanced attacks—including supply chain subversion, side-channel exploitation, and insider manipulation. Techniques seen in operations by groups like the <a href="https://en.wikipedia.org/wiki/Equation_Group" target="_blank">Equation Group</a> underscore the sophistication at this level.</p>
<h5>Attacks</h5>
<ul>
<li>Compromising the supply chain of any hardware or firmware component.</li>
<li>Relocating devices for rapid, covert attacks followed by restoration to the original environment.</li>
<li>Utilizing advanced side-channel attacks (e.g., Differential Fault Analysis) and non-deterministic operations.</li>
<li>Data remanence attacks that extract sensitive information even after deletion.</li>
</ul>
<h5>Requirements</h5>
<ul>
<li>
<strong>All Signing Systems:</strong>
<ul>
<li><strong>MUST</strong> have dual implementations of all policy and signing logic.</li>
<li><strong>MUST</strong> use multiple, unrelated hardware supply chains for cryptographic material.</li>
<li><strong>MUST</strong> produce deterministic outputs verified independently.</li>
<li><strong>MUST</strong> store keys in facilities with high physical and environmental security (e.g., Class III vaults, per NSA TEMPEST guidelines).</li>
<li><strong>MUST</strong> continuously monitor environmental conditions and enforce destruction protocols upon significant deviations.</li>
<li><strong>MUST</strong> employ robust, multi-factor physical access controls.</li>
</ul>
</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3>Mitigation Principles</h3>
<ul>
<li><strong>Elimination of Single Points of Failure:</strong> The design ensures that no single component or individual can compromise the system. Multiple layers of control span software, firmware, hardware, and operational processes.</li>
<li><strong>Transparency and Verification:</strong> Fully open source software and firmware enable thorough security reviews.</li>
<li><strong>Minimized Supply Chain Dependencies:</strong> Custom, purpose-specific tooling reduces reliance on external components, thereby mitigating supply chain risks.</li>
<li><strong>Deterministic Builds:</strong> We strive for fully reproducible builds to ensure consistency and detect unauthorized modifications. Projects like <a href="https://codeberg.org/stagex/stagex" target="_blank">StageX</a> exemplify this approach.</li>
<li><strong>Secure Hardware &amp; Physical Controls:</strong> Hardware is selected for its ability to disable network access or for lacking wireless interfaces, and robust tamper-evident measures are implemented.</li>
<li><strong>Environmental and Side-Channel Mitigations:</strong> Techniques such as TEMPEST (refer to <a href="https://www.nsa.gov/" target="_blank">NSA TEMPEST</a>) and soundproofing help block unauthorized emanations and physical attacks.</li>
</ul>
</div>
</section>
<section class="flex-container">
<div class="flex-container-inner">
<h3>Summary</h3>
<p>This threat model is designed to ensure the resilience and integrity of mission-critical systems by preparing for a wide range of potential attacks—from common remote threats to highly sophisticated state-level adversaries. It is especially important for organizations handling sensitive operations, managing critical infrastructure, or storing highly confidential information.</p>
<p>Importantly, the models four-tier structure allows organizations to select the appropriate level of defense based on their risk profile. For many, the robust controls of Level 1 or Level 2 may be sufficient, while only those facing exceptionally high risks need to implement the extensive measures of Level 3 or Level 4.</p>
<p><em>References: NIST SP 800-30, ISO 27005, and OWASP Threat Modeling Framework</em></p>
</div>
</section>
</main>
</div>
</body>
</html>

175
_posts/2025-04-02-bybit-safe-report.md
View File

@ -1,175 +0,0 @@
---
layout: post
title: The Safe{Wallet}/Bybit incident report and mitigation strategies
date: 2025-04-02
---
The Safe{Wallet}/Bybit incident is an example of a nation-state actor executing a series of sophisticated, multi-layered attacks on high-value targets. In cases where the potential gain is significant, all attacks are on the table. It may be justified for attackers to invest in multiple 0-day vulnerabilities and chain them into elaborate exploit sequences. These campaigns often span multiple layers of tech stack, involve precision-targeted social engineering, insider compromise, or even physical infiltration.
As such, defending against this level of adversary requires a threat model that accounts for their full range of capabilities—and guides the design of equally rigorous mitigations. It demands defenders adopt a much more rigorous set of assumptions about attacker's capabilities and invest time in implementing controls that typical organizations may not need. When protecting high value assets, the game changes.
### Threat model assumptions
At Distrust, we operate under the assumption that nation-state actors are persistent, highly resourced, and capable of compromising nearly any layer of the system. Accordingly, our threat model assumes:
* All screens are visible to the adversary
* All keyboard input is being logged by the adversary
* Any firmware or bootloader not verified on every boot is considered compromised
* Any host OS with network access is compromised
* Any guest OS used for non-production purposes is compromised
* At least one member of the Production Team is compromised
* At least one maintainer of third party code used in the system is compromised
* At least one member of third party system used in production is compromised
* Physical attacks are viable and likely
* Side-channel attacks are viable and likely
These assumptions drive everything at Distrust, including the strategies and tooling outlined in this report. The strategies we've developed are built specifically to address this elevated threat model. Many of our open source tools are ready to use today, some are reference designs, while other tooling requires further development.
### Summary
This report identifies critical single points of failure—cases where trust is placed in a single individual or computer—creating opportunities for compromise. In contrast, blockchains offer stronger security properties through cryptography and decentralized trust models.
Traditional infrastructure has historically lacked mechanisms to distribute trust, but this limitation can be addressed. By applying targeted design strategies, it's possible to distribute trust (**dis**trust, get it?) across systems and reduce the risk of a single compromised actor undermining the integrity of the entire system.
---
## Root cause analysis and mitigation strategies
In our opinion, the primary causes of this incident stem from two key issues identified in the [Sygnia report](https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/):
* > ... a developers Mac OS workstation was compromised, likely through social engineering.
* > ... the modification of JavaScript resources directly on the S3 bucket serving the domain app.safe[.]global.
These findings highlight both endpoint compromise and weak controls around cloud infrastructure. The following sections focus on how such risks could be mitigated through architectural decisions and more rigorous threat modeling.
## Introduction
The compromise occurred due to several key factors, already documented in other reports. This report focuses on how the incident **could have been prevented** through a stronger, first-principles approach to infrastructure design.
While many security teams reach for quick wins—like access token rotation, stricter IAM policies, or improved monitoring—these are often reactive measures. They may help, but they're equivalent of "plugging holes on a sinking ship" rather than rebuilding the hull from stronger material.
For example, improving access control to the S3 bucket used to serve JavaScript resources, or adding better monitoring, are good steps. However, they don't address the root cause.
> At the core of this breach lies a recurring theme: single points of failure.
To explore this from first principles, consider the deployment pipeline. In most companies, one individual—an admin or developer—often has the ability to modify critical infrastructure or code. That person becomes a single point of failure.
Even if the pipeline is hardened, the risk will shift, rather than disappear. There is almost always one super-admin who has the "keys to the kingdom". Most cloud platforms encourage this pattern, and the industry has come to accept it.
But this isn't about doubting your team and their intentions—it's about designing systems where **trust is distributed**. In the blockchain space, this is already accepted practice. So the question becomes:
> *Does it make sense for a single individual to hold the integrity of an entire system in their hands?*
Those who've worked with decentralized systems would say: absolutely not.
#### Mitigation principles
To adequately defend against the risks outlined in the Distrust threat model, it is critical to distinguish between **cold** and **hot** wallets. The following principles are drawn from practical experience building secure systems at BitGo, Unit410, and Turnkey, as well as from diligence work conduced across leading custodial and vaulting solutions.
* A **cold cryptographic key management system** is one where all components can be built, operated, and verified offline. If any part of the system requires trusting a networked component, it becomes a **hot** system by definition. For example, if a wallet relies on internet-connected components, it should be considered a hot wallet—regardless of how it's marketed. While some systems make trade-offs for user experience, these often come at the cost of security guarantees.
* Cold cryptographic key management systems that leverage truly random entropy sources are **not susceptible to remote attacks**, and are only exposed to localized threats such as physical access or side-channel attacks.
* A common misconception is that simply keeping a key offline makes a system cold and secure. But an attacker doesn't always need to steal the key—they just need to achieve the outcome where the key performs an operation on the desired data on their behalf.
* **All software in the stack must be open source**, built deterministically (to support reproduction), and compiled using a fully bootstrapped toolchain. Otherwise, the system remains exposed to single points of failure, especially via supply chain compromise.
#### Mitigations and reference designs
We propose two high-level design strategies that can eliminate the types of vulnerabilities exploited in the Safe{Wallet}/Bybit attack. Both approaches offer similar levels of security assurance—but differ significantly in implementation complexity and effort.
In our view, **when billions of dollars are at stake**, it is worth investing in proven low-level mitigations, even if they are operationally harder to deploy. The accounting is simple: **invest in securing your system up front**, rather than gambling on assumptions you won't be targeted.
State funded actors are highly motivated—and when digital assets are involved, it's game theory at work. The cost of compromising a weak system is often far less than the potential gain.
We've seen this playbook used in previous incidents, a major example being Axie Infinity, and we will see it again. Attackers are increasingly exploiting supply chains and single points of failure—while defenders often under-invest in securing this surface area.
#### Strategy 1 - Run everything locally
This strategy can be implemented without major adjustments to the existing system. The goal is to move the component currently introducing risk—effectively making the wallet "hot"—into an offline component, upgrading the system to a fully cold solution.
The idea centers on extracting the **signing** component from the application (which currently operates in the UI) and converting it into an offline application.
However, simply making a component offline does not eliminate all single points of failure. To close off supply chain threats stemming from compiler, dependency or environment compromise requires that the application is reproduced on multiple diverse systems (using different chipsets and operating systems), using a fully bootstrapped compiler—a fully hermetic, deterministic and reproducible process.
We've developed open source tooling for this under **[StageX](https://codeberg.org/stagex/stagex)**. To learn more about the importance of reproducible builds, check out [this video](https://antonlivaja.com/videos/2024-incyber-stagex-talk.mp4), where one of our co-founders explains how the SolarWinds incident unfolded—and how it could have been prevented.
##### Reference design
This reference design was developed for the Safe{Wallet} team, but it can be applied to any system seeking to distribute trust.
1. **System administrators use dedicated offline laptops**
* All radio hardware (Bluetooth, Wi-Fi) is physically removed
* Machines are air-gapped and have never been connected to the internet
2. **Engineers provision and manage their own personal signing keys (PGP)**
* Smart cards like NitroKey or YubiKey are used
* Signing operations are performed exclusively on the engineer's offline system
* Distrust has developed open source tooling to drastically simplify PGP key provisioning: **[Trove](https://trove.distrust.co/generated-documents/all-levels/pgp-key-provisioning.html)**
3. **Offline signing applications are deterministically compiled, verified, and signed by multiple engineers**
* Includes a full set of tools needed for secure offline key operations
* Distrust also created **[AirgapOS](https://git.distrust.co/public/airgap)**, a custom Linux distribution designed specifically for offline secret management. It has been independently audited and is used in production by several major digitial asset organizations.
4. **All sensitive operations are fully verified offline before any cryptographic action is taken**
This design drastically reduces exposure to remote attacks and central points of trust, aligning closely with Distrust's first-principles security model.
#### Strategy 2 - Use remotely verified service
This strategy maintains a user experience nearly identical to the current system, while introducing verifiability at critical points in the architecture. It requires significantly more engineering effort and operational discipline, and the tooling needed to support this model is still under active development.
##### Reference design
This design relies on **secure enclaves** to host servers that are immutable, deterministic, and capable of cryptographically attesting to the software they are running. While this brings us closer to a cold setup, some residual attack surface—such as browser exploits, host OS compromise, or 0-day attacks—will always remain.
The core implementation steps are:
1. **Rewrite the application to run entirely within a secure enclave**
* TLS termination occurs **inside** the enclave
* The web interface is served **from within** the enclave
* Nothing outside the enclave is trusted
2. **Create a deterministic OS image with remote attestation (e.g., TPM2, Nitro Enclave or similar)**
* The entire stack is built using full source bootstrapped compiler in a bit-for-bit reproducible manner
3. **One engineer deploys a new enclave** with the updated application code
4. **A second engineer independently verifies** that the deployed code matches the version in the source repository
5. **Clients are issued a service worker** on first load that pins attestation keys for all future remote verification
* Users can optionally verify and download the application locally for offline operations
* Users are also encouraged to self-build and match the published signed hash
## Implementation considerations
Implementing these strategies can be technically demanding. They represent two ends of the trust minimization spectrum: one favoring offline, air-gapped assurance; the other introducing verifiability within connected systems. Both approaches significantly reduce risk but vary in complexity, tooling and requirements, and rollout timelines.
This high-level overview is meant to illustrate the kinds of problems we focus on at Distrust. Depending on the chosen strategy and organizational context, implementation can take anywhere from a few weeks to several years, especially as tooling continues to mature.
---
## About Distrust
The Distrust team has helped build and secure some of the highest-risk systems in the world. This includes vaulting infrastructure at BitGo, Unit410, and Turnkey, as well as security work with electrical grid operators, industrial control systems, and other mission-critical systems.
We've conducted deep security due diligence across most major custodians. Through our experience with organizations that operate under constant threat—where **every class of attack is viable**—we've developed a methodology and set of open source tools designed to defend against even the most sophisticated adversaries.
Today, we're taking the hard-earned lessons from that work and sharing them with the broader community. Our goal is to help others strengthen their security posture by making what we've learned—and the open source tools we've built—available to everyone.
**Looking for help analyzing and mitigating security risks in your own organization? [Talk to us](https://distrust.co/contact.html)**.

427
_sass/base.scss
View File

@ -99,7 +99,7 @@ a {
a:hover {
text-decoration: none;
color: var(--background-color);
background: var(--base-color);
background-color: var(--base-color);
transition: background-color 0.3s ease-in-out, color 0.3s ease-in-out;
}
@ -130,7 +130,7 @@ a:hover {
}
.hero-header {
padding-bottom: 20px;
height: 320px;
}
.capsule-header {
@ -138,6 +138,10 @@ a:hover {
margin-bottom: 30px;
}
.contact-header {
height: 180px;
}
.card {
transition: border 0.3s ease-in-out;
background: var(--dark-grey);
@ -153,6 +157,7 @@ a:hover {
border: 1px solid var(--light-purple);
}
@mixin capsule {
font-weight: 400;
font-size: 16px;
@ -219,83 +224,6 @@ a:hover {
justify-content: left;
}
/* software page */
.kanban-column {
border:1px solid #282D38;
padding: 20px 20px !important;
flex-direction: column;
justify-content: flex-start !important;
min-height: 860px;
}
.kanban-column a {
width: 100%;
}
.mini-card {
border: 1px solid #232730;
margin-bottom: 20px;
padding: 20px 30px;
min-height: 150px;
display: flex;
justify-content: space-between;
flex-direction: column;
filter: brightness(60%);
transition: filter 0.3s ease;
}
.mini-card:hover {
filter: brightness(100%);
}
.mini-card p {
margin: 0px;
font-size: 1rem;
color: var(--light-grey);
}
.mini-card {
font-size: 1rem;
}
.mini-card b {
font-size: 1.3rem;
color: white;
}
.mini-card a {
font-size: 1rem;
}
#kanban h4 {
margin-bottom: 40px;
font-weight: 600;
}
.floating-card {
position: relative;
}
.column-backlog .mini-card:hover {
border: 1px solid white;
}
.column-progress .mini-card:hover {
border: 1px solid var(--light-teal);
}
.column-active .mini-card:hover {
border: 1px solid var(--light-purple);
}
.kanban-column a:hover {
background: none;
}
#roadmap {
margin-bottom: 60px;
}
.roadmap a:hover {
background: transparent;
}
@ -367,9 +295,6 @@ a:hover {
border-radius: 4px;
margin-left: 0px;
padding-left: 0px;
/* TODO: for some reason, removing this makes it white. */
/* Firefox shows no computed reason for it to be white. */
background-color: var(--background-color);
}
.arrow {
@ -378,17 +303,6 @@ a:hover {
transition: transform 0.3s ease;
}
.blog-link:hover .arrow {
transform: translateX(5px);
background: none !important;
background-color: var(--base-color);
color: white !important;
}
.blog a:hover {
background: unset;
}
.arrow-link:hover .arrow {
transform: translateX(5px);
background: none !important;
@ -396,10 +310,6 @@ a:hover {
color: white !important;
}
.mini-card:hover .arrow {
transform: translateX(5px);
}
.arrow-link:hover {
background: none !important;
background-color: var(--base-color);
@ -442,35 +352,19 @@ a:hover {
margin-bottom: 50px;
}
.powered-by .card {
display: flex;
flex-direction: column;
border: 1px solid var(--mid-grey);
min-height: 405px;
border: 1px solid var(--light-teal);
min-height: 360px;
padding: 35px;
background: none;
background: var(--void-teal);
}
.powered-by img {
width: 100%;
max-width: 200px;
}
.powered-by .img-container {
display: flex;
justify-content: flex-start;
align-items: center;
height: 60px;
}
.powered-by a {
margin-top: auto;
width: 150px;
}
.video-background {
left: 85%;
left: 85%;
width: 200px !important;
}
@ -515,59 +409,8 @@ a:hover {
padding: 2rem;
}
.video-background-philosophy {
left: 85%;
width: 200px !important;
}
.video-background-container-philosophy {
position: absolute;
width: 100%;
height: 800px;
overflow: hidden;
top: 3150px;
left: 0;
z-index: -1;
}
.gradient-overlay-philosophy {
background: linear-gradient(to bottom, #0f0f0f 0%, rgba(15, 15, 15, 0) 25%, rgba(15, 15, 15, 0) 75%, #0f0f0f 100%), linear-gradient(to left, rgb(15, 15, 15) 0%, rgba(15, 15, 15, 0) 100%);
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: -1;
pointer-events: none;
}
.video-background-philosophy {
position: absolute;
top: 50%;
left: 50%;
min-width: 100%;
min-height: 100%;
width: auto;
height: auto;
transform: translate(-50%, -50%);
z-index: -1;
object-fit: cover;
}
.video-content-philosophy {
position: relative;
z-index: 1;
color: #fff;
padding: 2rem;
}
.why-choose-distrust .properties .flex-container-inner {
border-top: 1px solid var(--light-purple);
margin-right: 40px;
}
.why-choose-distrust svg {
margin-top: 20px;
.powered-header {
height: 100px;
}
@media only screen and (max-device-width: 500px) {
@ -610,9 +453,11 @@ footer {
display: inline-block;
text-decoration: none;
margin-left: 20px;
transition: transform 0.5s ease !important;
}
.footer-link:hover {
transform: translateY(-2px);
background: transparent;
color: white;
}
@ -665,13 +510,11 @@ hr {
margin: 0px 4px;
font-size: 1.1rem;
text-decoration: none;
}
.header-page-links a.active {
color: white;
transition: transform 0.5s ease;
}
.header-page-links a:hover {
transform: translateY(-2px);
background-color: transparent;
color: white;
}
@ -764,21 +607,16 @@ hr {
margin-top: 50px;
}
.inner-menu-content a:hover {
background: unset;
color: white;
}
.menu-content div {
margin: 30px;
}
/**
* Services Page
*/
* Services Page
*/
.why-distrust {
height: 95px;
text-align: left;
padding-bottom: 15px;
}
/**
@ -787,7 +625,7 @@ hr {
.about-special h2 {
font-weight: 600 !important;
margin: 0px;
padding-bottom: 20px;
height: 340px;
}
.about-special {
@ -824,11 +662,6 @@ hr {
color: var(--light-grey);
}
.team a:hover {
background: unset;
color: white;
}
.team img {
height: 130px;
border: 1px solid teal;
@ -839,6 +672,7 @@ hr {
}
.team h5 {
font-size: 20px !important;
text-transform: lowercase;
}
.team .flex-container-inner {
@ -1187,11 +1021,6 @@ section {
margin: 250px 0px;
}
.extra-spacing {
margin-top: 70px;
margin-bottom: 70px;
}
.companies {
display: flex;
justify-content: space-between;
@ -1587,6 +1416,10 @@ pre {
transition: opacity 0.3s;
}
.logo-slider img:hover {
opacity: 1;
}
/**
* Carousel
*/
@ -1656,18 +1489,6 @@ pre {
/**
* Blog
*/
.blog {
margin: auto;
max-width: 700px;
margin-top: 80px;
}
.post {
max-width: 700px;
margin: 100px 0px;
}
.post img {
max-width: 100%;
}
@ -1676,94 +1497,6 @@ pre {
max-width: 100%;
}
#lp-post-img {
max-width: 100%;
}
.entry {
font-size: 1.2rem;
}
.date h4 {
font-size: 1rem !important;
}
#blog-header {
margin: 80px 0px;
}
.blog-header-title {
display: inline-block;
font-size: 3.2rem;
text-align: center;
width: 100%;
margin-top: 80px;
}
.blog-header-subtitle {
text-align: center;
font-size: 1.5rem;
color: var(--light-grey);
}
.blog h1 {
font-size: 2.5rem !important;
line-height: 2.2rem !important;
font-weight: 600 !important;
}
.blog h2 {
font-size: 1.8rem !important;
font-weight: 600 !important;
}
.blog h3 {
font-size: 1.6rem !important;
font-weight: 600 !important;
}
.blog h4 {
font-size: 1.4rem !important;
font-weight: 600 !important;
}
.blog h5 {
font-size: 1.2rem !important;
font-weight: 600 !important;
}
.blog hr {
margin: 80px 0px;
}
.post a {
color: var(--light-teal);
}
.post a:hover {
text-decoration: underline;
}
.blog-details {
display: flex;
flex-direction: left;
font-size: 0.9rem;
margin-bottom: 10px;
}
.blog-details-date {
background: var(--light-grey);
color: var(--background-color);
border-radius: 5px;
padding: 2px 10px;
}
.blog-details-read-time {
padding: 2px 10px;
margin-left: 15px;
color: white;
}
/** end blog */
*,
@ -1805,7 +1538,16 @@ pre {
}
}
@media (max-width: 1090px) {
.contact-header {
height: 260px;
}
}
@media (max-width: 1150px) {
.landing-header {
height: 400px;
}
.roadmap-title-container {
flex-direction: column;
}
@ -1820,6 +1562,12 @@ pre {
}
}
@media (max-width: 1117px) {
.services-header {
height: 420px;
}
}
@media (max-width: 1020px) {
.flex-container-inner {
width: 100% !important;
@ -1827,6 +1575,9 @@ pre {
margin-bottom: 50px;
}
.flex-container {
}
.hide {
display: inline-block;
}
@ -1839,6 +1590,10 @@ pre {
flex-direction: column-reverse;
}
.services-header {
height: 250px;
}
.team .flex-container-inner {
margin-bottom: 30px;
}
@ -1853,39 +1608,13 @@ pre {
}
}
@media (max-width: 742px) {
.contact-header {
height: 340px;
}
}
@media (max-width: 600px) {
.mini-card {
padding: 20px 20px !important;
filter: brightness(100%) !important;
}
.kanban-column {
border: none !important;
padding: 0px !important;
}
#kanban {
flex-direction: column-reverse;
}
#kanban h4 {
width: 100%;
text-align: center;
margin-bottom: 20px;
}
.column-backlog .mini-card {
border: 1px solid white;
}
.column-progress .mini-card {
border: 1px solid var(--light-teal);
}
.column-active .mini-card {
border: 1px solid var(--light-purple);
}
.flex-container {
flex-direction: column;
}
@ -1918,6 +1647,23 @@ pre {
padding-left: 10px;
}
.hero-header {
height: 190px;
}
.landing-header {
height: 90px !important;
}
.contact-header {
margin-top: 0px;
height: 130px;
}
.capsule-header {
height: unset;
}
.footer-link {
margin-bottom: 20px;
min-width: 200px;
@ -1936,7 +1682,7 @@ pre {
}
p {
font-size: 1.1rem !important;
font-size: 1.1rem !important;
}
h1 {
@ -2000,26 +1746,29 @@ pre {
margin-bottom: 10px;
}
.powered-header {
height: 50px;
}
.quote {
font-size: 1.5rem;
line-height: 1.5rem;
}
/**
* Services Page
*/
/**
* Services Page
*/
.why-distrust {
height: 45px;
}
/**
* End Services Page
*/
/**
* End Services Page
*/
/**
* Roadmap Page
*/
/**
* End Roadmap Page
*/
/**
* Roadmap Page
*/
/**
* End Roadmap Page
*/
}

0
assets/base/software-thumbnail.png → assets/base/roadmap-thumbnail.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 453 KiB

After

Width:  |  Height:  |  Size: 453 KiB

BIN
assets/base/rss.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.3 KiB

BIN
assets/images/whale_shark.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.0 MiB

126
assets/js/main.js
View File

@ -1,90 +1,90 @@
const collapsibleButton = document.querySelector("#hamburger-menu");
const menuContent = document.querySelector(".menu-content");
collapsibleButton.addEventListener("click", function () {
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
menuContent.classList.toggle("active");
if (menuContent.style.display === "block") {
menuContent.style.display = "none";
} else {
menuContent.style.display = "block";
}
});
document.addEventListener('DOMContentLoaded', function () {
initializeCompaniesCarousel();
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
createCarouselItems(data);
initializeCarousel();
})
.catch(error => console.error('Error loading JSON:', error));
initializeCompaniesCarousel();
fetch('../assets/js/carousel-items.json')
.then(response => response.json())
.then(data => {
createCarouselItems(data);
initializeCarousel();
})
.catch(error => console.error('Error loading JSON:', error));
});
function createCarouselItems(items) {
const carousel = document.querySelector('#carousel');
items.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'carousel-item'
const carousel = document.querySelector('#carousel');
items.forEach(item => {
const itemDiv = document.createElement('div');
itemDiv.className = 'carousel-item'
const link = document.createElement('a');
link.className = 'carousel-link';
link.href = item.link;
link.target = '_blank';
link.rel = 'noopener noreferrer';
const linkText = document.createTextNode(item.description);
const link = document.createElement('a');
link.className = 'carousel-link';
link.href = item.link;
link.target = '_blank';
link.rel = 'noopener noreferrer';
const linkText = document.createTextNode(item.description);
link.appendChild(linkText);
itemDiv.appendChild(link);
carousel.appendChild(itemDiv);
});
link.appendChild(linkText);
itemDiv.appendChild(link);
carousel.appendChild(itemDiv);
});
}
function initializeCarousel() {
const carousel = document.querySelector('#carousel');
const items = Array.from(carousel.children);
const totalItems = items.length;
const middleIndex = Math.floor(totalItems / 2);
let currentIndex = -middleIndex;
const carousel = document.querySelector('#carousel');
const items = Array.from(carousel.children);
const totalItems = items.length;
const middleIndex = Math.floor(totalItems / 2);
let currentIndex = -middleIndex;
function cycleItems() {
currentIndex = (currentIndex - 1 + totalItems) % totalItems;
updateCarouselItems();
}
function cycleItems() {
currentIndex = (currentIndex - 1 + totalItems) % totalItems;
updateCarouselItems();
}
function updateCarouselItems() {
items.forEach((item, index) => {
let positionIndex = (currentIndex + index + totalItems) % totalItems;
let offset = positionIndex - middleIndex;
item.style.transform = `translateY(${offset * 100}%)`;
item.classList.toggle('active', positionIndex === middleIndex);
item.style.visibility = 'visible';
});
}
function updateCarouselItems() {
items.forEach((item, index) => {
let positionIndex = (currentIndex + index + totalItems) % totalItems;
let offset = positionIndex - middleIndex;
item.style.transform = `translateY(${offset * 100}%)`;
item.classList.toggle('active', positionIndex === middleIndex);
item.style.visibility = 'visible';
});
}
updateCarouselItems();
setInterval(cycleItems, 7000);
updateCarouselItems();
setInterval(cycleItems, 7000);
}
function initializeCompaniesCarousel() {
const slider = document.getElementById('logoSlider');
const slider = document.getElementById('logoSlider');
// Duplicate the existing logos by appending the same HTML again:
slider.innerHTML += slider.innerHTML;
// Duplicate the existing logos by appending the same HTML again:
slider.innerHTML += slider.innerHTML;
let offset = 0;
const speed = 0.5;
let offset = 0;
const speed = 0.5;
function animate() {
offset -= speed;
slider.style.transform = `translateX(${offset}px)`;
function animate() {
offset -= speed;
slider.style.transform = `translateX(${offset}px)`;
// After half of the total (2 sets) is scrolled, reset
if (Math.abs(offset) >= slider.scrollWidth / 2) {
offset = 0;
}
requestAnimationFrame(animate);
}
// After half of the total (2 sets) is scrolled, reset
if (Math.abs(offset) >= slider.scrollWidth / 2) {
offset = 0;
}
requestAnimationFrame(animate);
}
requestAnimationFrame(animate);
requestAnimationFrame(animate);
}

BIN
assets/videos/cool-line-2.mp4
View File

Binary file not shown.

BIN
assets/videos/cool-line-2.webm
View File

Binary file not shown.

5
blog.md
View File

@ -1,5 +0,0 @@
---
layout: blog
title: Blog
permalink: /blog.html
---

8
roadmap.md Normal file
View File

@ -0,0 +1,8 @@
---
title: Roadmap
tagline: Distrust | Roadmap
summary: Open source tools for verifiable security
layout: roadmap
permalink: /roadmap.html
thumbnail: /assets/base/roadmap-thumbnail.png
---

8
software.md
View File

@ -1,8 +0,0 @@
---
title: Software
tagline: Distrust | Software
summary: Open source tools for verifiable security
layout: software
permalink: /software.html
thumbnail: /assets/base/software-thumbnail.png
---

9
threatmodel.md Normal file
View File

@ -0,0 +1,9 @@
---
title: Threat Model
tagline: Distrust | Threat Model
summary: The type of threat we seek to mitigate
layout: threatmodel
permalink: /threatmodel.html
thumbnail: /assets/base/threatmodel-thumbnail.png
---