Stronghold

Stronghold is an encrypted database that provides safety guarantees for the storage and usage of high value secrets, like private keys or IOTA seeds.

Last Update
07 October 2021
Next release

Full Audit

Defined
Full horizontal audit of the entire system.
Upcoming goals

Remote Borrowing

Defined
The ability for two or more users to grant a reference to a secret that gives permission to use secrets in the confines of the holder’s vault without compromising those secrets.

no-std Engine Feature

In research
Enable support for embedded devices by providing feature flags for the engine to enable compilation on such architectures.

Define Policies

In research
Policies help to define Stronghold’s interaction with the system.

Synchronization of Strongholds

In development
Diffing procedure that allows users to synchronize strongholds locally, remote or partially remote.

Desktop App

In development
A testing tool for verification of remote procedures using the inter-stronghold communication subsystem.

Stable Release

In development
The stable 1.0 release. What more can we say.

Fuzzing

In development
Verification of system integrity through classical fuzzing approaches.

DSL (Domain Specific Language)

In development
An abstraction layer over top of the Proc API to allow users to define cryptographic algorithms and chain algorithms together. Involves using a dynamic actor so that the operations will require only a single request and response in the system.
Completed goals

P2P Beta Release

Complete
Completed Q3 2021
A system to enable strongholds in different processes or on different machines to communicate with each other.

Refactor to use Actix Actor Model

Complete
Completed Q3 2021
The Riker actor model is being removed in order to use the more mature and maintained Actix system.

Remote Procedure

Complete
Completed Q2 2021
When permitted, allow a remote Stronghold to use a local secret stored in the Vault, without revealing that secret to the remote Stronghold.

Vault Revision

Complete
Completed Q2 2021
Removal of diffing procedure as unnecessary, breaking change in snapshot format and internal processes.

Audit

Complete
Completed Q2 2021
External security audit completed with no relevant findings.

Beta Release

Complete
Completed Q2 2021
First “safe-to-use” release, shipped with Firefly. Released to crates.io.

Runtime Revision

Complete
Completed Q1 2021
Complete rewrite of the runtime using libsodium-sys for memory protection across platforms.

Client Revision

Complete
Completed Q1 2021
Modification of the client crate to make it the only interface that is needed for connecting to the lower level libraries.

Alpha Release

Complete
Completed Q4 2020
First release of the working system.