504 lines
20 KiB
HTML
504 lines
20 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="{{ page.lang | default: site.lang | default: en }}">
|
||
|
||
{%- include head.html -%}
|
||
|
||
<body>
|
||
{%- include header.html -%}
|
||
|
||
<div class="container">
|
||
<main>
|
||
<div class="video-background-container">
|
||
<video autoplay muted loop playsinline class="video-background">
|
||
<source src="assets/videos/turq-blocks.mp4" type='video/mp4; codecs="avc1.42E01E, mp4a.40.2"' />
|
||
<source src="assets/videos/turq-blocks.webm" type='video/webm; codecs="vp8, vorbis"' />
|
||
</video>
|
||
<div class="gradient-overlay"></div>
|
||
</div>
|
||
|
||
<section class="flex-container capsule-header video-content" style="margin-top: 80px">
|
||
<div class="flex-container-inner" style="padding-top: 0px">
|
||
<div class="text-well center">
|
||
<div class="capsule-teal">software</div>
|
||
<br>
|
||
<h1 style="max-width: 1000px; margin: auto">verifiable security without single points of failure</h1>
|
||
<br>
|
||
<p class="hero-p center">Most systems still rely on single individuals or computers, unverifiable software, and opaque processes. We’re redesigning security for transparency from the ground up.</p>
|
||
<div class="button-container center">
|
||
<a href="#roadmap" class="mega-teal button">View software</a>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section class="flex-container mid-tall-section">
|
||
<div class="flex-container-inner">
|
||
<h3>creating the building blocks for provable security</h3>
|
||
<p class="hero-p">Modern software systems still rely on trust in individuals—maintainers, IT admins, or third-party providers. But what happens when they are compromised? How do you verify that the software running on your systems hasn’t been tampered with?</p>
|
||
<p class="hero-p">We’ve identified critical missing pieces needed to remove single points of failure at every level. Our approach covers the complete lifecycle of software from your toolchains and dependencies to how your code is built, signed, verified and deployed.</p>
|
||
<p class="hero-p">By combining multi-party trust, remote attestation, and bit-for-bit reproducibility, we are methodically eliminating trust assumptions, ensuring security isn’t just a claim—it’s provable.</p>
|
||
<a href="#roadmap" class="arrow-link">
|
||
See what we're building
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
<div class="flex-container-inner"></div>
|
||
</section>
|
||
|
||
<span class="roadmap" id="roadmap">
|
||
<h2 class="center gradient-text">our software</h2>
|
||
<p style="margin-top: 20px" class="hero-p center">We are actively working on a number of different projects, and looking to fund others. Here is what's on the way and what's coming next.</p>
|
||
<section id="sourceid" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">SourceId</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">source code integrity</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-grey">fundraising</div>
|
||
</div>
|
||
</div>
|
||
<p>SourceId ensures that source code integrity is verifiable. It prevents tampering of archives and other formats used for delivering source code by standardizing code and generating a hash-based fingerprint of the tree which includes all essential files.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/sourceid" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="sigrev" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">SigRev</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">crowdsourced code review</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-grey">fundraising</div>
|
||
</div>
|
||
</div>
|
||
<p>SigRev is a crowdsourcing framework extending SourceID with signed code reviews. It enhances open-source security by making comprehensive manual reviews discoverable, overcoming the limitations of static analysis tools.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/sigrev" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="stagex" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">StageX</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">deterministic reproducibility</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-green">active</div>
|
||
</div>
|
||
</div>
|
||
<p>StageX is a hermetic, deterministic and reproducible toolchain providing multi-signed OCI images for popular software. This approach removes single points of failure in sofware builds.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://codeberg.org/stagex/stagex" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="repros" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">ReprOS</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">ephemeral build environments</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-yellow">in-progress</div>
|
||
</div>
|
||
</div>
|
||
<p>ReprOS is a bare-bones immutable OS designed for securely reproducing and signing software. Each build is executed in a one-time use environment, eliminating persistent risks.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
<a href="#bootproof">
|
||
<div class="capsule-transparent">Bootproof</div>
|
||
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://codeberg.org/stagex/repros" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="keyfork" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">Keyfork</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">deterministic key management</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-green">active</div>
|
||
</div>
|
||
</div>
|
||
<p>Keyfork simplifies cryptographic material management by deriving any number or type of keys from a single entropy source. This greatly simplifies secret management complexity while maintaining security.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
|
||
<section id="icepick" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">Icepick</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">cryptographic operations</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-green">active</div>
|
||
</div>
|
||
</div>
|
||
<p>Icepick provides a framework for offline verified cryptographic signing operations. Its modular design provides a unified interface for a wide range of cryptographic signing tasks.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/keyfork" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="airgapos" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">AirgapOS</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">air-gapped OS</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-green">active</div>
|
||
</div>
|
||
</div>
|
||
<p>AirgapOS is a minimal, immutable offline first environment for secret management. It ships with a swiss-army knife of tools and an extensibility framework to cover most secure administration needs.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
<a href="#keyfork">
|
||
<div class="capsule-transparent">Keyfork</div>
|
||
</a>
|
||
<a href="#icepick">
|
||
<div class="capsule-transparent">Icepick</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/airgap" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="bootproof" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">Bootproof</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">remote attestation</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-grey">fundraising</div>
|
||
</div>
|
||
</div>
|
||
<p>Bootproof provides a way to prove what software booted on a given system by leveraging platform hardware or firmware remote attestation technologies.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/bootproof" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="enclaveos" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">EnclaveOS</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">trusted execution environments</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-yellow">in-progress</div>
|
||
</div>
|
||
</div>
|
||
<p>EnclaveOS is a minimal and immutable operating system for running security critical software with high accountability. It can be extended to support multi-party management of secrets such that no person can control them alone.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
<a href="#keyfork">
|
||
<div class="capsule-transparent">Keyfork</div>
|
||
</a>
|
||
<a href="#bootproof">
|
||
<div class="capsule-transparent">Bootproof</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://git.distrust.co/public/enclaveos" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section id="vault" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well">
|
||
<div class="roadmap-header">
|
||
<div class="roadmap-title-container">
|
||
<div class="roadmap-item-name">Vault</div>
|
||
<div class="roadmap-tagline-line"> | </div>
|
||
<div class="roadmap-tagline">prescriptive key management</div>
|
||
</div>
|
||
<div class="roadmap-header-capsule">
|
||
<div class="capsule-yellow">in-progress</div>
|
||
</div>
|
||
</div>
|
||
<p>Detailed set of practices, ceremonies and documentation for generating, backing up and using secrets that you can't afford to lose. Combines the best of tactics of major custodians as an open framework available for everyone.</p>
|
||
<br>
|
||
<div class="component-section">
|
||
<div class="component-text">Components:</div>
|
||
<div class="component-links">
|
||
<a href="#sourceid">
|
||
<div class="capsule-transparent">SourceId</div>
|
||
</a>
|
||
<a href="#sigrev">
|
||
<div class="capsule-transparent">SigRev</div>
|
||
</a>
|
||
<a href="#stagex">
|
||
<div class="capsule-transparent">StageX</div>
|
||
</a>
|
||
<a href="#airgapos">
|
||
<div class="capsule-transparent">AirgapOS</div>
|
||
</a>
|
||
<a href="#keyfork">
|
||
<div class="capsule-transparent">Keyfork</div>
|
||
</a>
|
||
<a href="#icepick">
|
||
<div class="capsule-transparent">Icepick</div>
|
||
</a>
|
||
<a href="#bootproof">
|
||
<div class="capsule-transparent">Bootproof</div>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<a href="https://qvs.distrust.co/" class="arrow-link">
|
||
View git repository
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
</span>
|
||
|
||
<section class="flex-container">
|
||
<div class="flex-container-inner"></div>
|
||
<div class="flex-container-inner">
|
||
<h4 class="quote" style="filter: brightness(50%)">❝Our mission is to use our knowledge to improve the security, privacy, and freedom of as many individuals as possible. We believe having verifiable foundations on which technologies can be built is a fundamental step toward improving the wellbeing of our species and solving the coordination problem.❝ — Distrust team</h4>
|
||
</div>
|
||
</section>
|
||
|
||
<section style="margin-bottom: 0px;" class="flex-container">
|
||
<div class="flex-container-inner">
|
||
<h2 class="powered-header gradient-text center">powered by distrust</h2>
|
||
<p class="hero-p center" style="margin-top: 20px; max-width: 700px">Companies are already choosing to adopt our methodologies and tooling to help secure their systems.<p>
|
||
</div>
|
||
</section>
|
||
|
||
<section style="margin-top: 40px;" class="flex-container powered-by">
|
||
<div class="flex-container-inner">
|
||
<div class="text-well card">
|
||
<img src="assets/base/companies/turnkey-black.svg" style="filter: invert(100)">
|
||
<p>Using StageX and ReprOS to improve their supply chain security story.</p>
|
||
<a href="https://whitepaper.turnkey.com/foundations#abstract" rel=”noopener noreferrer” target="_blank" class="arrow-link">
|
||
Learn more
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<div class="flex-container-inner">
|
||
<div class="text-well card">
|
||
<img src="assets/base/companies/mysten-labs-white.svg" style="width: 250px">
|
||
<p>The SUI cryptocurrency is leveraging StageX to build their nodes in a deterministic manner in order to eliminate single points of failure.</p>
|
||
<a href="https://github.com/MystenLabs/sui/issues/13476" rel=”noopener noreferrer” target="_blank" class="arrow-link">
|
||
Learn more
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
<div class="flex-container-inner">
|
||
<div class="text-well card">
|
||
<img src="assets/base/companies/sidero-labs-white.png" style="filter: grayscale(); width: 150px">
|
||
<p>Using StageX to build their widely used Talos Linux distribution specialized in delivering kubernetes features.</p>
|
||
<a href="https://github.com/siderolabs/talos/releases/tag/v1.10.0-alpha.2" rel=”noopener noreferrer” target="_blank" class="arrow-link">
|
||
Learn more
|
||
<span class="arrow">→</span>
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
<section>
|
||
<h4 class="gradient-text center" style="line-height: 50px; max-width: 600px; margin: auto;">want to help with our vision?</h4>
|
||
<p class="hero-p center" style="max-width: 600px; margin-top: 10px">If you would like to help us, please sponsor our work or get involved as a contributor.</p>
|
||
<div class="button-container center">
|
||
<a href="/contact.html" class="mega-teal button">Get in touch</a>
|
||
</div>
|
||
</section>
|
||
|
||
</main>
|
||
|
||
{%- include footer.html -%}
|
||
|
||
</div>
|
||
</body>
|
||
|
||
</html>
|