My mission is to improve the freedom, security, and privacy of as many individuals as possible. I pursue this by contributing to decentralized technologies and open source software that addresses fundamental security challenges.
My work spans confidential computing, supply chain security, applied cryptography, and secure system design. I enjoy analyzing systems for weaknesses and designing “reasonably secure” systems from first principles.
Companies
Distrust
Security consultancy and open source R&D firm focused on securing mission critical infrastructure.
Caution
The first fully open source verifiable compute cloud hosting platform.
Projects
StageX
Hermetic, deterministic, reproducible, multi-signed OCI-based build toolchain
ReprOS
Create ephemeral build environments to eliminate persistent risks
AirgapOS
Minimal, immutable, offline-first swiss-army knife for secret management
Keyfork
Derive keys from a single entropy source to simplify their management
Icepick
Framework for offline cryptographic signing operations
EnclaveOS
Immutable operating system for powering secure enclaves
Trove
Documentation for managing secrets you can't afford to lose
SrcId
Verify source code integrity with hash-based fingerprints
Bootproof
Prove what software booted on a system via remote attestation technologies
libfakerand
A Rust lib for overriding system calls which fetch entropy
Milk Sad Disclosure
Cryptographic vulnerability in libbitcoin
Publications
- Bitcoin Magazine — Access Denied: How Ledn Protected Client Data…
- arxiv — Mathematical Specification of the Statebox Language