My mission is to improve the freedom, security, and privacy of as many individuals as possible. I pursue this by contributing to decentralized technologies and open source software that addresses fundamental security challenges.
My work spans confidential computing, supply chain security, applied cryptography, and secure system design. I enjoy analyzing systems for weaknesses and designing “reasonably secure” systems from first principles.
Most of my energy is currently going into building out Caution, the first fully open source verifiable compute cloud hosting platform and Distrust, a security consultancy and open source R&D firm focusing on securing mission critical infrastructure. Below are projects which are in development, and you can see more on the Distrust software page
Projects
-
StageX: Hermetic, deterministic, reproducible, multi-signed OCI-based build toolchain
-
ReprOS: Create ephemeral build environments to eliminate peristent risks
-
AirgapOS: Minimal, immutable, offline-first swiss-army knife for secret management
-
Keyfork: Derive keys from a single entropy source to simplify their management
-
Icepick: Framework for offline cryptographic signing operations
-
EnclaveOS: Immutable operating system for powering secure enclaves
-
Trove: Documentation for managing secrets you can’t afford to lose
-
SrcId: Verify source code integrity with hash-based fingerprints
-
Bootproof: Prove what software booted on a system via remote attestation technologies
-
libfakerand: A
rustlib for overriding system calls which fetch entropy -
Milk Sad Disclosure: Cryptographic vulnerability in
libbitcoin