public
/
website
5
0
Fork 0
Code Issues 4 Pull Requests 4 Packages Projects Releases Wiki Activity

Compare commits

base: public:main
Branches Tags
public:main
public:new-footer
public:ksenia-fix
public:feat/fixes
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci
..
compare: public:ksenia-fix
Branches Tags
public:new-footer
public:main
public:ksenia-fix
public:feat/fixes
public:feat/mysten-blog
public:feat/website-upgrades
public:lrvick/oci

No commits in common. "main" and "ksenia-fix" have entirely different histories.
main ... ksenia-fix

17 changed files with 203 additions and 235 deletions
Show Stats Expand all files Collapse all files

10
_includes/blog-about-distrust.html
View File

@ -1,10 +0,0 @@
<h2>About Distrust</h2>
<p>The Distrust team has helped build and secure some of the highest-risk systems in the world. This includes vaulting infrastructure at BitGo, Unit410, and Turnkey, as well as security work with electrical grid operators, industrial control systems, and other mission-critical systems.</p>
<p>We've conducted deep security due diligence across most major custodians. Through our experience with organizations that operate under constant threat—where **every class of attack is viable**—we've developed a methodology and set of open source tools designed to defend against even the most sophisticated adversaries.</p>
<p>Today, we're taking the hard-earned lessons from that work and sharing them with the broader community. Our goal is to help others strengthen their security posture by making what we've learned—and the open source tools we've built—available to everyone.</p>
<p><b>Looking for help analyzing and mitigating security risks in your own organization? <a href="/contact.html">Talk to us.</a></b></p>

20
_includes/footer.html
View File

@ -1,15 +1,17 @@
<footer>
<div class="menu footer-container">
<div style="font-size: 1rem">
<div class="footer-container">
<div>
{{ site.footer }}
</div>
<div class="footer-link">
{% include nav-links.html %}
<div>
<a href="/feed.xml" style="vertical-align: middle;">
<img style="filter: grayscale(100%); width: 22px; vertical-align: sub" src="/assets/base/rss.png" />
</a>
</div>
<div>
<a class="footer-link" href="/services.html">Services</a>
<a class="footer-link" href="/software.html">Software</a>
<a class="footer-link" href="/company.html">Company</a>
<a class="footer-link" href="/contact.html">Contact</a>
<a class="footer-link" href="/feed.xml" style="vertical-align: middle;">
<img style="filter: grayscale(100%); width: 22px; vertical-align: sub" src="/assets/base/rss.png" />
</a>
</div>
</div>
<script type="text/javascript" src="/assets/js/main.js"></script>

106
_includes/head.html
View File

@ -1,44 +1,44 @@
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="icon" type="image/png" sizes="32x32" href="/assets/favicons/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="/assets/favicons/favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="/assets/favicons/favicon-16x16.png">
<title>{{ page.title }}</title>
<meta content="{{ site.title }}" property="og:site_name" />
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="icon" type="image/png" sizes="32x32" href="/assets/favicons/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="/assets/favicons/favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="/assets/favicons/favicon-16x16.png">
<title>{{ page.title }}</title>
<meta content="{{ site.title }}" property="og:site_name" />
{% if page.noindex %}
{% if page.noindex %}
<meta name="robots" content="noindex" />
{% endif %}
{% endif %}
{% if page.title %}
<meta content="{{ page.tagline }}" property="og:title" />
<meta content="article" property="og:type" />
{% else %}
{% else %}
<meta content="website" property="og:type" />
{% endif %}
{% endif %}
{% if page.summary %}
<meta content="{{ page.summary }}" property="og:description" />
{% else %}
{% else %}
<meta content="{{ site.description }}" property="og:description" />
{% endif %}
{% endif %}
{% if page.url %}
<meta content="{{ site.url }}{{ page.url }}" property="og:url" />
{% endif %}
{% endif %}
{% if page.date %}
<meta
content="{{ page.date | date_to_xmlschema }}"
property="article:published_time"
/>
/>
<meta content="{{ site.url }}/about/" property="article:author" />
{% endif %}
{% endif %}
{% if page.thumbnail %}
<meta content="{{ site.url }}{{ page.thumbnail }}" property="og:image" />
<meta content="{{ site.url }}{{ page.thumbnail }}" property="og:image" />
{% else %}
<meta content="{{ site.banner }}" property="og:image" />
{% endif %}
@ -55,45 +55,65 @@
{% endfor %}
{% endif %}
<!-- Twitter Cards -->
<meta name="twitter:card" content="summary" />
<!--<meta name="twitter:site" content="@{{ site.share.twitter_username }}" />-->
<!--<meta name="twitter:creator" content="@{{ site.share.twitter_username }}" />-->
<!-- Twitter Cards -->
<meta name="twitter:card" content="summary" />
<!--<meta name="twitter:site" content="@{{ site.share.twitter_username }}" />-->
<!--<meta name="twitter:creator" content="@{{ site.share.twitter_username }}" />-->
{% if page.title %}
{% if page.title %}
<meta name="twitter:title" content="{{ page.title }}" />
{% else %}
{% else %}
<meta name="twitter:title" content="{{ site.title }}" />
{% endif %}
{% endif %}
{% if page.url %}
{% if page.url %}
<meta name="twitter:url" content="{{ site.url }}{{ page.url }}" />
{% endif %}
{% endif %}
{% if page.summary %}
<meta name="twitter:description" content="{{ page.summary }}" />
{% else %}
{% else %}
<meta name="twitter:description" content="{{ site.description }}" />
{% endif %}
{% endif %}
{% if page.header-img %}
<meta
name="twitter:image:src"
content="{{ site.url }}{{ page.thumbnail }}"
/>
{% endif %}
name="twitter:image:src"
content="{{ site.url }}{{ page.thumbnail }}"
/>
{% endif %}
{% if page.robots %}
{% if page.robots %}
<meta name="robots" content="{{page.robots}}" />
{% endif %}
{% endif %}
<link rel="stylesheet" type="text/css" href="{{ "/assets/main.css" | relative_url }}">
<link rel="stylesheet" type="text/css" href="{{ "/assets/main-dark.css" | relative_url }}">
<link rel="stylesheet" type="text/css" href="{{ "/assets/main.css" | relative_url }}">
<link rel="stylesheet" type="text/css" href="{{ "/assets/main-dark.css" | relative_url }}">
<!-- "Really, there is nothing interesting to see here. It is a static website. -->
<!-- Here is the terraform code that deployed it, and here is the site source repo. -->
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
<!-- https://git.distrust.co/public/stack -->
<!-- https://git.distrust.co/public/website -->
<!-- mobile menu content -->
<!-- "Really, there is nothing interesting to see here. It is a static website. -->
<!-- Here is the terraform code that deployed it, and here is the site source repo. -->
<!-- If you find anything interesting or want to talk to us, reach out via our /contact page!" -->
<!-- https://git.distrust.co/public/stack -->
<!-- https://git.distrust.co/public/website -->
<!-- mobile menu content -->
<div class="menu-content" style="display: none">
<div class="inner-menu-content">
<div>
<a href="/services.html">Services</a>
</div>
<div>
<a href="/software.html">Software</a>
</div>
<div>
<a href="/company.html">Company</a>
</div>
<div>
<a href="/blog.html">Blog</a>
</div>
<div>
<a href="/contact.html">Contact</a>
</div>
</div>
</div>
</head>

22
_includes/header.html
View File

@ -22,19 +22,12 @@
</li>
</ul>
<input type="checkbox" id="menu-toggle" />
<label for="menu-toggle" class="hamburger-menu">
<span></span>
<span></span>
<span></span>
</label>
<div class="menu-content">
<div class="inner-menu-content">
{% include nav-links.html %}
</div>
</div>
<div id="hamburger-menu" class="hide menu-button-container" for="menu-toggle">
<input id="menu-toggle" type="checkbox" />
<label style="display: inline-block">
<div class='menu-button'></div>
</label>
</div>
</div>
</div>
<script>
@ -63,11 +56,10 @@
const currentScrollPos = window.scrollY;
if (currentScrollPos > prevScrollPos) {
document.getElementById('menu-toggle').checked = false;
hamburgerMenu.style.display = 'none';
}
prevScrollPos = currentScrollPos;
});
</script>
</header>

10
_includes/nav-links.html
View File

@ -1,10 +0,0 @@
{%- for path in page_paths -%}
{%- assign my_page = site.pages | where: "path", path | first -%}
{%- if my_page.title -%}
{%- if my_page.title != 'Home' -%}
<div>
<a href="{{ my_page.url | relative_url }}">{{ my_page.title | escape }}</a>
</div>
{%- endif -%}
{%- endif -%}
{%- endfor -%}

4
_includes/values.html
View File

@ -4,11 +4,11 @@
<p class="hero-p">Every day, we apply these guiding principles to how we think, build, and secure systems.</p>
</div>
<div class="flex-container-inner">
<ol class="values-container">
<ol dir="rtl" style="font-size: 30px; text-align: right">
<li>eliminate centralized trust</li>
<li>open source everything</li>
<li>security beyond compliance</li>
<li>move thoughtfully &#38; improve things</li>
<li>move thoughtfully and improve things</li>
<li>impact over profit</li>
</ol>
</div>

2
_layouts/blog.html
View File

@ -32,8 +32,8 @@
{% endfor %}
</p>
</main>
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
</html>

6
_layouts/company.html
View File

@ -41,7 +41,6 @@
<p>Co-Founder</p>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/6B61ECD76088748C70590D55E90A401336C8AAA9">Keyoxide</a>
<span>|</span>
<a rel=”noopener noreferrer target="_blank" href="https://lance.dev/">Website</a>
</div>
<div class="flex-container-inner card">
@ -49,7 +48,6 @@
<p>Co-Founder</p>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D">Keyoxide</a>
<span>|</span>
<a rel=”noopener noreferrer target="_blank" href="https://antonlivaja.com">Website</a>
</div>
</div>
@ -58,14 +56,12 @@
<h5>Ryan Heywood</h5>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/88823A75ECAA786B0FF38B148E401478A3FBEF72">Keyoxide</a>
<span>|</span>
<a rel=”noopener noreferrer target="_blank" href="https://ryansquared.pub">Website</a>
</div>
<div class="flex-container-inner card">
<h5>Danny Grove</h5>
<p>Security Engineer</p>
<a rel=”noopener noreferrer target="_blank" href="https://keyoxide.org/C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD">Keyoxide</a>
<span>|</span>
<a rel=”noopener noreferrer target="_blank" href="https://dannygrove.com/">Website</a>
</div>
</div>
@ -85,7 +81,7 @@
{% include primary-cta.html %}
</main>
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
</html>

2
_layouts/contact.html
View File

@ -58,8 +58,8 @@
{% include companies-carousel.html hide_title='true' %}
</main>
<br />
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
<script>

6
_layouts/default.html
View File

@ -4,15 +4,17 @@
{%- include head.html -%}
<body>
{%- include header.html -%}
<div class="container">
{%- include header.html -%}
<main>
{{ content }}
</main>
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
</html>

2
_layouts/landing.html
View File

@ -69,7 +69,7 @@
{% include primary-cta.html %}
</main>
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
</html>

7
_layouts/post.html
View File

@ -10,12 +10,11 @@
<div class="blog-details-date">{{ page.date | date: "%b %e, %Y" }}</div>
<div class="blog-details-read-time">{{ page.content | number_of_words | divided_by: 200 }} min read</div>
</div>
<h1 style="margin-bottom: 40px">{{page.title}}</h1>
<h1>{{page.title}}</h1>
<div class="entry">
{{ content }}
</div>
<hr>
{% include blog-about-distrust.html %}
<p>
{% for author in page.authors %}
@ -24,8 +23,8 @@
</p>
</article>
</main>
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
</html>

3
_layouts/services.html
View File

@ -138,7 +138,6 @@
</section>
</main>
</div>
{%- include footer.html -%}
{%- include footer.html -%}
</body>
</html>

4
_layouts/software.html
View File

@ -160,8 +160,10 @@
</section>
</main>
{%- include footer.html -%}
</div>
{%- include footer.html -%}
</body>
</html>

19
_posts/2025-04-02-bybit-safe-report.md
View File

@ -35,7 +35,7 @@ Traditional infrastructure has historically lacked mechanisms to distribute trus
## Root cause analysis and mitigation strategies
In our opinion, the primary causes of this incident stem from two key issues identified in the <a href="http://web.archive.org/web/20250328121908/https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/" rel="noopener noreferrer" target="_blank">Sygnia report</a>.
In our opinion, the primary causes of this incident stem from two key issues identified in the [Sygnia report](https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/):
* > ... a developers Mac OS workstation was compromised, likely through social engineering.
@ -93,7 +93,7 @@ The idea centers on extracting the **signing** component from the application (w
However, simply making a component offline does not eliminate all single points of failure. To close off supply chain threats stemming from compiler, dependency or environment compromise requires that the application is reproduced on multiple diverse systems (using different chipsets and operating systems), using a fully bootstrapped compiler—a fully hermetic, deterministic and reproducible process.
We've developed open source tooling for this under <a href="https://codeberg.org/stagex/stagex" target="_blank" rel="noopener noreferrer">StageX</a>. To learn more about the importance of reproducible builds, check out <a href="https://antonlivaja.com/videos/2024-incyber-stagex-talk.mp4" target="_blank" rel="noopener noreferrer">this video</a>, where one of our co-founders explains how the SolarWinds incident unfolded—and how it could have been prevented.
We've developed open source tooling for this under **[StageX](https://codeberg.org/stagex/stagex)**. To learn more about the importance of reproducible builds, check out [this video](https://antonlivaja.com/videos/2024-incyber-stagex-talk.mp4), where one of our co-founders explains how the SolarWinds incident unfolded—and how it could have been prevented.
##### Reference design
@ -111,13 +111,13 @@ This reference design was developed for the Safe{Wallet} team, but it can be app
* Signing operations are performed exclusively on the engineer's offline system
* Distrust has developed open source tooling to drastically simplify PGP key provisioning: <a href="https://trove.distrust.co/generated-documents/all-levels/pgp-key-provisioning.html" target="_blank" rel="noopener noreferrer">Trove</a>
* Distrust has developed open source tooling to drastically simplify PGP key provisioning: **[Trove](https://trove.distrust.co/generated-documents/all-levels/pgp-key-provisioning.html)**
3. **Offline signing applications are deterministically compiled, verified, and signed by multiple engineers**
* Includes a full set of tools needed for secure offline key operations
* Distrust also created <a href="https://git.distrust.co/public/airgap" target="_blank" rel="noopener noreferrer">AirgapOS</a>, a custom Linux distribution designed specifically for offline secret management. It has been independently audited and is used in production by several major digitial asset organizations.
* Distrust also created **[AirgapOS](https://git.distrust.co/public/airgap)**, a custom Linux distribution designed specifically for offline secret management. It has been independently audited and is used in production by several major digitial asset organizations.
4. **All sensitive operations are fully verified offline before any cryptographic action is taken**
@ -162,3 +162,14 @@ Implementing these strategies can be technically demanding. They represent two e
This high-level overview is meant to illustrate the kinds of problems we focus on at Distrust. Depending on the chosen strategy and organizational context, implementation can take anywhere from a few weeks to several years, especially as tooling continues to mature.
---
## About Distrust
The Distrust team has helped build and secure some of the highest-risk systems in the world. This includes vaulting infrastructure at BitGo, Unit410, and Turnkey, as well as security work with electrical grid operators, industrial control systems, and other mission-critical systems.
We've conducted deep security due diligence across most major custodians. Through our experience with organizations that operate under constant threat—where **every class of attack is viable**—we've developed a methodology and set of open source tools designed to defend against even the most sophisticated adversaries.
Today, we're taking the hard-earned lessons from that work and sharing them with the broader community. Our goal is to help others strengthen their security posture by making what we've learned—and the open source tools we've built—available to everyone.
**Looking for help analyzing and mitigating security risks in your own organization? [Talk to us](https://distrust.co/contact.html)**.

209
_sass/base.scss
View File

@ -21,7 +21,6 @@ $container-max-width: 1280px !default;
html {
scroll-behavior: smooth;
}
body {
width: 100%;
background-color: var(--background-color);
@ -32,13 +31,6 @@ body {
color: var(--text-color);
text-align: left;
line-height: $base-line-height !important;
display: flex;
flex-direction: column;
min-height: 100vh;
}
body > div.container {
flex: 1;
}
h1 {
@ -107,6 +99,7 @@ a {
a:hover {
text-decoration: none;
color: var(--background-color);
background: var(--base-color);
transition: background-color 0.3s ease-in-out, color 0.3s ease-in-out;
}
@ -303,6 +296,10 @@ a:hover {
margin-bottom: 60px;
}
.roadmap a:hover {
background: transparent;
}
.roadmap .text-well {
margin: auto;
}
@ -370,6 +367,9 @@ a:hover {
border-radius: 4px;
margin-left: 0px;
padding-left: 0px;
/* TODO: for some reason, removing this makes it white. */
/* Firefox shows no computed reason for it to be white. */
background-color: var(--background-color);
}
.arrow {
@ -385,6 +385,10 @@ a:hover {
color: white !important;
}
.blog a:hover {
background: unset;
}
.arrow-link:hover .arrow {
transform: translateX(5px);
background: none !important;
@ -594,8 +598,7 @@ margin-bottom: 16px;
footer {
color: var(--light-grey);
background-color: color-mix(in srgb, var(--background-color), white 1.5%);
border-top: 1px solid rgba(255, 255, 255, 0.13);
border-top: 1px solid var(--light-grey);
padding: 40px 0px;
text-align: right;
margin-top: 80px;
@ -603,21 +606,14 @@ footer {
}
.footer-link {
display: flex;
flex-direction: row;
}
.footer-link div {
display: flex;
color: var(--light-grey);
display: inline-block;
text-decoration: none;
margin-left: 20px;
}
.footer-link div a {
text-decoration: none;
color: var(--light-grey);
}
.footer-link div a:hover {
.footer-link:hover {
background: transparent;
color: white;
}
@ -631,7 +627,6 @@ header {
padding: 24px;
margin-bottom: 24px;
border-bottom: 1px solid rgba(255, 255, 255, 0.13);
background-color: color-mix(in srgb, var(--background-color), white 1.5%);
}
header p {
@ -704,82 +699,78 @@ hr {
align-items: center;
}
.menu-button-container {
display: none;
width: 50px;
height: 50px;
cursor: pointer;
flex-direction: column;
justify-content: center;
align-items: center;
}
#menu-toggle {
display: none;
}
.hamburger-wrapper {
position: relative;
z-index: 100;
width: 50px;
height: 50px;
}
.hamburger-menu {
display: none;
cursor: pointer;
position: relative;
width: 30px;
height: 22px;
z-index: 2;
}
.hamburger-menu span {
display: block;
position: absolute;
height: 4px;
width: 100%;
background-color: #fff;
border-radius: 2px;
left: 0;
transition: transform 0.4s, top 0.4s, opacity 0.4s;
}
.hamburger-menu span:nth-child(1) { top: 0; }
.hamburger-menu span:nth-child(2) { top: 9px; }
.hamburger-menu span:nth-child(3) { top: 18px; }
#menu-toggle:checked + .hamburger-menu span:nth-child(1) {
transform: rotate(45deg);
top: 9px;
}
#menu-toggle:checked + .hamburger-menu span:nth-child(2) {
opacity: 0;
}
#menu-toggle:checked + .hamburger-menu span:nth-child(3) {
transform: rotate(-45deg);
top: 9px;
}
.menu-content {
border-bottom: 1px solid var(--light-grey);
position: absolute;
top: 100px;
left: 0;
width: 100%;
background: var(--background-color, #222);
z-index: 50;
padding: 20px 0;
display: none;
}
#menu-toggle:checked ~ .menu-content {
.menu-button,
.menu-button::before,
.menu-button::after {
display: block;
background-color: #fff;
position: absolute;
height: 4px;
width: 30px;
transition: transform 400ms cubic-bezier(0.23, 1, 0.32, 1);
border-radius: 2px;
}
.menu-button::before {
content: '';
margin-top: -8px;
}
.menu-button::after {
content: '';
margin-top: 8px;
}
#menu-toggle:checked+.menu-button-container .menu-button::before {
margin-top: 0px;
transform: rotate(405deg);
}
#menu-toggle:checked+.menu-button-container .menu-button {
background: rgba(255, 255, 255, 0);
}
#menu-toggle:checked+.menu-button-container .menu-button::after {
margin-top: 0px;
transform: rotate(-405deg);
}
.menu-content {
position: absolute;
display: none;
background: var(--background-color);
text-align: right;
margin-top: 100px;
width: 100%;
z-index: 2;
}
.inner-menu-content {
margin: 20px 30px;
}
.inner-menu-content a {
color: white;
text-decoration: none;
display: block;
padding: 10px 0;
border-bottom: 1px solid white;
margin-top: 50px;
}
.inner-menu-content a:hover {
color: #ccc;
background: unset;
color: white;
}
.menu-content div {
margin: 30px;
}
/**
@ -818,8 +809,8 @@ hr {
0px 10px 30px rgba(0, 0, 0, 0.3);
}
.team span {
font-size: 0.8rem;
.team .card:hover {
border: 1px solid var(--mid-grey);
}
.team .title {
@ -833,12 +824,9 @@ hr {
color: var(--light-grey);
}
.team a {
color: var(--light-purple);
}
.team a:hover {
text-decoration: underline;
background: unset;
color: white;
}
.team img {
@ -1233,12 +1221,6 @@ section {
text-decoration: none;
}
.values-container {
font-size: 30px;
text-align: right;
direction: rtl;
}
.text-well {
max-width: 100%;
}
@ -1725,8 +1707,8 @@ pre {
}
.blog h1 {
font-size: 2rem !important;
line-height: 2rem !important;
font-size: 2.5rem !important;
line-height: 2.2rem !important;
font-weight: 600 !important;
}
@ -1845,10 +1827,6 @@ pre {
margin-bottom: 50px;
}
.hamburger-menu {
display: inline-block;
}
.hide {
display: inline-block;
}
@ -1941,13 +1919,8 @@ pre {
}
.footer-link {
flex-direction: column !important;
}
.footer-link div {
margin-bottom: 20px;
min-width: 200px;
display: inline;
}
.tall-section {
@ -2022,12 +1995,9 @@ pre {
flex-direction: column-reverse;
}
.footer-link div {
margin-bottom: 20px;
}
.footer-link div a {
.footer-link {
font-size: 1rem !important;
margin-bottom: 10px;
}
.quote {
@ -2035,11 +2005,6 @@ pre {
line-height: 1.5rem;
}
.values-container {
text-align: left;
direction: ltr;
}
/**
* Services Page
*/

2
assets/js/main.js
View File

@ -1,5 +1,5 @@
document.addEventListener('DOMContentLoaded', function () {
const collapsibleButton = document.querySelector(".hamburger-menu");
const collapsibleButton = document.querySelector("#hamburger-menu");
const menuContent = document.querySelector(".menu-content");
collapsibleButton.addEventListener("click", function () {
menuContent.classList.toggle("active");