Trussed - an open source framework for modern cryptographic applications

Today’s the day: We’re very proud to announce Trussed®, an open source framework for modern cryptographic applications, which powers the FIDO and PIV authenticators of the Bee firmware on the new Solo V2 security key by SoloKeys.

It’s written in Rust.

Summary

This announcement will give a high-level overview of the motivation for and design of Trussed. It will be followed soon by a “tutorial” of sorts, walking through an implementation of TOTP (time-based one-time password, a commonly used second factor authentication method) in minimal form on PC.

We’re not just announcing, we’re also releasing the source code, dual-licensed under the Apache and MIT licenses, on GitHub: GitHub - trussed-dev/trussed: Modern Cryptographic Firmware. This code is still very much a work in progress, and does not yet come with stable functionality or API promises. However, we think the time has come to continue further work in public, so we may learn from the open source community.

“We” here are not just SoloKeys, but also Nitrokey, our competitor-slash-collaborator from Germany that has always used SoloKeys firmware in their web authentication products, and will continue to do so. Nitrokey will have their own announcement on this topic and their further plans for security keys here.

Together, we loosely build the current “Trussed Alliance” of Trussed implementers, users, and evangelists. We are reachable by several means, for instance via email at alliance@trussed.dev, by Matrix chat in #trussed:matrix.org, or async at github.com/trussed-dev/trussed/discussions. We are very interested in and open to additional allies. Particularly, at this stage, those with strong (correct) opinions, and the drive to contribute to the implementation :slight_smile:

This thread was posted by one of our members via one of our news source trackers.

Corresponding tweet for this thread:

Share link for this tweet.