GithubHelp home page GithubHelp logo

hartl3y94 / stronghold.rs Goto Github PK

View Code? Open in Web Editor NEW

This project forked from iotaledger/stronghold.rs

0.0 0.0 0.0 14.88 MB

Stronghold is a secret management engine written in rust.

License: Apache License 2.0

Shell 0.37% HTML 25.50% Rust 71.83% Dockerfile 0.27% C 0.02% Makefile 0.01% Coq 2.01%

stronghold.rs's Introduction

banner

status Audit Test docs coverage dependency status FOSSA Status

Introduction

IOTA Stronghold is a secure software implementation with the sole purpose of isolating digital secrets from exposure to hackers and accidental leaks. It uses encrypted snapshots that can be easily backed up and securely shared between devices. Written in stable rust, it has strong guarantees of memory safety and process integrity.

There are four main components of Stronghold:

  1. Client: The high-level interface to Stronghold (prefers Riker, functional integration also available)
  2. Engine: Combines a persistence store (Snapshot) with an in-memory state interface (Vault), a read/write key:value system (Store) and memory protection services (Runtime).
  3. Communication: Enables Strongholds in different processes or on different devices to communicate with each other securely.

WARNING

These libraries have been reviewed internally and are being prepared for a full external security audit in mid 2021, so they are not yet verifiably safe. Until this warning is removed, the IOTA Foundation makes no guarantees to the fitness of these libraries for use by third parties.

Nevertheless, we are very interested in feedback about the design and implementation, and encourage you to reach out with any concerns or suggestions you may have.

Roadmap

Here are some of the features and tasks that we are working on.

Components

  • Engine
  • Client (with dual interfaces)
  • peer-to-peer communications
  • Secure runtime zone
  • Integration with crypto.rs

Documentation and Specification

  • User Handbooks
  • Specification Documentation
  • Tutorials

Performance and Testing

  • Unit Tests
  • Lowlevel Library Fuzzing
  • Realworld tests
  • Multiplatform benchmarks
  • Continuous Fuzzing

Applications

  • CLI binary
  • Standalone Desktop Application
  • Portable Daemon (for nodes, etc)
  • Dynamic high-performance store
  • C FFI bindings

Hardware Integrations

  • Works with USB Armory Mk II
  • Works with Yubikey
  • Works with Ledger Nano X
  • Use Secure Element to generate private keys for decryption
  • Move entirely to FPGA

API Reference

RUSTDOCS

Do it yourself

cargo doc --workspace --no-deps --open

Running Tests

cargo test --all --all-features

Joining the discussion

If you want to get involved in discussions about this technology, or you're looking for support, go to the #stronghold-discussion channel on Discord.

If you wish to join the Stronghold X-Team, please fill out this form.

License

FOSSA Status

stronghold.rs's People

Contributors

dependabot[bot] avatar elenaf9 avatar fossabot avatar github-actions[bot] avatar huhn511 avatar jbolda avatar l1h3r avatar lucasfernog avatar nothingismagick avatar rajivshah3 avatar rootmos avatar tensor-programming avatar unalkalkan avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.