Software engineering

Software engineering, protocols, interoperability, cryptography, algorithms, proofs

This page contains a concise overview of projects funded by NLnet foundation that belong to Software engineering (see the thematic index). There is more information available on each of the projects listed on this page - all you need to do is click on the title or the link at the bottom of the section on each project to read more. If a description on this page is a bit technical and terse, don't despair — the dedicated page will have a more user-friendly description that should be intelligible for 'normal' people as well. If you cannot find a specific project you are looking for, please check the alphabetic index or just search for it (or search for a specific keyword).

0KNOW — Group Theoretic Zero-knowledge Proofs (0KNOW)

Zero-knowledge proof (ZKP) systems help principals verify the veracity of a piece of information without sharing the data. The overall goal of 0KNOW is to develop a lightweight group-theoretic zero-knowledge proof (GT-ZKP) system that can be employed as a cryptographic primitive in many security protocols such as identification, authentication, or credential ownership. They are widely used to preserve confidentiality and ownership of data. GT-ZKP can be seen as a reusable building block for making the future internet trustworthy and secure. In 0KNOW, we will focus on NP group-theoretic problems and design GT-ZKP by finding an appropriate platform group based on the selected difficult problem considering its applicability in the post-quantum era and we will develop an open-source implementation of GT-ZKP.

>> Read more about 0KNOW

Accessible security — Integration effort of independent security efforts like Qubes, Heads, coreboot, etc

The "Accessible security" project's initiative was sparked by the need for usable security made available to the average citizen. Several projects are contributing a part of this bigger puzzle: QubesOS, coreboot, Heads, me_cleaner, Whonix and others. Yet the average person does not have the sophistication to integrate these software projects. With some effort we can add some missing parts, help the effected projects usability, and facilitate access to cutting-edge developments, currently only usable by developers and more sophisticated users. Bringing these projects together will reduce the amount of expertise and effort required to benefit from these projects.

>> Read more about Accessible security

Aiohttp type checking — Improve typechecking for Aiohttp HTTP Client/Server framework

aiohttp is a widely used asynchronous HTTP Client/Server framework for async IO within the popular Python language ecosystem. The advantage of asynchronous frameworks is that they don't block the client while the server process HTTP requests. Instead, the user can do other operations client side. This grant will improve the coverage for type annotation of the Python test code of its dependencies, providing a more robust framework to downstream users and developers alike.

>> Read more about Aiohttp type checking

Alive2 — Translation validation for LLVM

Modern compilers, such as LLVM, perform advanced optimizations to improve performance and reduce binary size of programs. However, getting these optimizations correct is very challenging: there are many corner cases, tricky issues with undefined behavior, modular arithmetic, and so on. On the other hand, programs rely on compilers being correct. A single bug in the compiler may introduce security vulnerabilities in the compiled programs. Alive2 aims to solve this issue by verifying that LLVM is correct. It is an indispensable tool for compiler developers and for anyone that wishes to validate the compilation of their program.

>> Read more about Alive2

Ari — Purely functional programming language designed to "type" binary files

Ari is an early research project designed to make binary files more accessible. It's a purely functional programming language and library intended to act as foundation for building developer tools that can manipulate arbitrary binary files. It can be used as a basis for building a structural binary differ, or a tree-based editor for directly editing binary files.

It aims to reach this goal by tackling the biggest obstacle with binary data: the need for implicit format-specific knowledge to understand how binary files are structured. Over time, we'll build up a repository of file formats encoded in Ari (called "Ari types"), which can then be used to compile a "type radix tree" from any given set of Ari types. This "type radix tree" will be used as an efficient way to interpret a single file as multiple formats at once, while trimming out invalid interpretations along the way of parsing.

Ari fundamentally differs from existing approaches like Kaitai Struct, GNU poke, and even parser generator tools like Tree-sitter in that it's heavily based around the combination of algebraic type theory & set theory and sits in-between a data specification language that doesn't have support for functions, and a fully Turing complete language that has no guarantee of halting. The plan is to work together with these other projects as they each have their own unique approach that Ari isn't focused on, whereas Ari is more of a research project intended to explore what's possible.

>> Read more about Ari

Authenticated DNSSEC bootstrapping — Secure in-band announcements of DNSSEC parameters

Turning on DNSSEC for a domain involves (1) signing the domain's DNS zone content and (2) adding the signature public key to the chain of trust. The second step has long posed a problem, as it requires (often manual) transfer of information from the domain's operator to the parent (usually the top-level domain). It is largely due to this "DNSSEC bootstrapping problem" that only about 6% of the Top 1M domains are securely delegated (Tranco, 06/2022).

The project extends commonly used authoritative nameserver software with native support for authenticated DNSSEC bootstrapping (draft-ietf-dnsop-dnssec-bootstrapping, ). This protocol, meanwhile published as RFC 9615 by IETF, allows DNSSEC parameters to be communicated automatically and securely, enabling DNS operators and parent registries to turn on DNSSEC automatically. To measure the protocol's impact on real-world DNSSEC deployment, measurements of protocol adoption over time will be made available.

>> Read more about Authenticated DNSSEC bootstrapping

Autocrypt for Thunderbird — Make email encryption extremely simple

Autocrypt is a specification that provides guidance for e-mail clients on how to achieve a seamless user experience. It does so by transparently exchanging keys, almost entirely automating public key management. This reduces the UI to "single click for encryption". The project will create an extension for the Thunderbird e-mail client that brings this experience to its users. The goal is to provide a new extension with a streamlined user experience that requires as little user interaction as possible, without "poweruser" features and performing practical user testing to identify open pain points. The extension will be based on OpenPGP.js, since this can be packaged directly. This will simplify installation and maintenance a great deal.

>> Read more about Autocrypt for Thunderbird

Back to source: trust but verify all the packages — Analysis pipeline for mapping and cross-referencing binaries with source code

Sometimes, the released binaries of an open source package do not match its source code. Or the source code does not match the code in a version control repo. There are many reasons for this discrepancy, but in all cases, this is a potential serious issue as the binary cannot be trusted. Additional (or different) code in the binary could be malware or a vector for unknown software vulnerabilities, or create FOSS license compliance issues.

Back to source creates analysis pipelines to systematically map and cross-reference the binaries of a FOSS package to its source code and source repository and report discrepancies. We call this the deployment to development analysis (d2d) to map deployed code (binaries) to the development code (the sources) and plan to apply this "trust but verify" approach to all the binaries!

Bertie — Formally verified TLS 1.3 implementation

The security of the Web ecosystem relies crucially on Transport Layer Security (TLS) protocol, but despite years of study, cryptographic weaknesses and implementation bugs in TLS implementations continue to be found on a regular basis. Bertie is a high-assurance TLS 1.3 implementation written in a subset of Rust called hacspec. Bertie uses the formally verified HACL* cryptographic library and its protocol code can be verified using the F* framework. Hence, it offers strong guarantees from the crypto layer up to the protocol API. The funding from NLnet will be used to stabilise Bertie, add documentation and tests, improve its performance, maintain its proofs, and set it up as an open source project with best practices and long-term software support.

>> Read more about Bertie

Betrusted Storage — Plausably deniable encrypted storage

Betrusted aims to be a secure communications device that is suitable for everyday use by non-technical users of diverse backgrounds. We believe users shouldn’t have to be experts in supply chain or cryptography to gain access to our ultimate goal: privacy and security one can count on. Today’s “private key only” secure enclave chips are vulnerable to I/O manipulation. This means there is no essential correlation between what a user is told, and what is actually going on. Betrusted will build a full technology stack, including silicon, device, OS, and UX that is open for inspection and verification. We've passed the first hurdle of creating an FPGA-based device, which we have spun out into a development platform we call Precursor. We are now advancing deeper into the technology stack to improve FPGA, drivers, OS, and UX elements, all driving toward the common goal of making Betrusted a simple, secure, and strong device that aims to advance Internet freedom.

>> Read more about Betrusted Storage

BIDS: Binary Identification of Dependencies with Search — Identify known open source elements present in binaries

Embedded device firmware is assembled from many FOSS package dependencies. Knowing which dependencies have been used is essential for security and licence compliance. However this is a complex task for native ELF binaries built from languages such as C/C++ that do not have package managers for metadata and simpler conventions for bytecode like Java or Python. The BIDS (Binary Identification of Dependencies with Search) project will build a tool (in Python) to analyse ELF binaries and find dependencies contained and built in these binaries. The BIDS project will deliver tooling to analyse ELF binaries and extract key features and store these for indexing, tooling to index these binary features in a search engine using inverted indexing, and a query tool and library to process large binaries to query this inverted index. The latter will return results as lists of ranked FOSS packages and files found to be present in the analysed binary. The data and tools will also be packaged to allow for further integration and reuse by other FOSS tools and analysis pipelines.

Blink Qt Messaging — Add modern encryption to SIP softphone

Blink is a mature open source real-time communication application that can be used on different operating systems, based on the IETF SIP standard. It offers audio, video, instant messaging and desktop sharing. This project will extend its capability to support end-to-end asynchronous messaging and end-to-end encryption that works both online (OTR) and offline (OpenPGP). Additional features to be developed include end-to-end delivery and read notifications, and a searchable history database.

>> Read more about Blink Qt Messaging

BrowserAudit — Test common security standards and features in browsers

The web depends on security standards to safeguard your data as you navigate online. The effectiveness of your browser in protecting this data depends on how well it implements these standards. BrowserAudit is a free, open-source tool designed to assess your browser’s compliance with common security protocols. By running hundreds of tests, it generates a detailed report highlighting the strengths and weaknesses of your browser's security. This report can help you select a more secure browser, notify developers of potential issues, or, if you’re a developer, address these vulnerabilities directly.

>> Read more about BrowserAudit

Bubble-up — Declaritive schema migrations for sqlite databases

SQLite is widely regarded as the most-used database engine, with sqlite.org even suggesting that it surpasses all other engines combined. One of its main advantages is its simplicity—operating on a single file. However, while getting started with SQLite is straightforward, modifying the database schema can be more complex due to its limited support for ALTER commands compared to other databases.

Bubble-up is a command-line tool designed to ease this challenge. It enables seamless schema migrations for SQLite databases by comparing your desired schema (written in a simple SQL file with standard DDL statements) to the current database structure, and performing the necessary changes.

>> Read more about Bubble-up

Tracing and rebuilding packages — Improved metadata/provenance for build artifacts

For many end users the smallest unit of software is the "package": a collection of programs and configuration files bundled in a single file, typically shipped as a single archive. Examples are "util-linux", "glibc", "bash", "ffmpeg" and so on.

Open source distributions install packages using their package management systems. The package management system writes the contents of a package to disk when the package is installed or updated and removes the contents if the package is removed. The packages themselves contain metadata maintained by the distribution maintainers. This information includes the name of the package, project URL, description, dependency information and license information, etc.

This granularity can be too coarse. For example, the license information is aggregated at the package level. If there are separate files that are under different licenses, then this will not always be clear from the license information at the package level.

This project will make it more easy to understand by looking at what goes into each individual binary in a package, and assign metadata to the individual binaries instead of to a package. It will do so by tracing the build of a package and recording which files are actually used. By building packages in a minimal (container) environment, capturing the build trace, processing the build trace to see exactly what goes into which binary it becomes much easier to zoom in and answer specific questions such as "what license does this binary have" or "which binaries use vulnerable file X" and combining it with efforts like VulnerableCode and PurlDB.

>> Read more about Tracing and rebuilding packages

Cable — A new wire protocol for cabal (and beyond)

Distributed systems development is hard. Doubly so when you have adopted a complicated technological stack in order to achieve the goals of a peer-to-peer group chat like Cabal. Some problems inherent in an approach can only be seen in hindsight, and repaired with foresight. Enter Cable, a new lightweight binary communication protocol originally specified to be the upcoming backbone of the peer-to-peer group chat Cabal.

The Cable protocol is pull-based, with message authenticity through cryptographic hashes, where peers receive messages by sending queries into the network: "give me the most recent week of chat messages in channel main". Peer-to-peer query-forwarding is built into the design to enable message retrieval outside any given peer's direct connections. Its logless approach enables message deletion and allows the many devices owned by a single person to use the same cryptographic identity in communication. The binary specification combined with the pull-based design minimizes system resources in transport and storage alike. Cable's goals as a protocol: to be compact over the wire, easy to implement from scratch with libsodium bindings as the only dependency, to enable bridging across any network transport, and to be agnostic with regard to how data is stored. In addition to unlocking new capabilities in Cabal's future, we also hope to pave the way for a multitude of other protocols to be hosted on Cable's agnostic wire format.

>> Read more about Cable

Canaille — Zero-knowledge opinionated OpenID Connect (OIDC) server.

Canaille is a zero-knowledge opinionated identity server. Canaille aims to lower the barrier to entry for identity management, by providing a simple lightweight interoperable software focused on accessibility for end-users, administrators and contributors. It provides user and group management for small and medium sized organizations. It has authorization management and Single Sign-On features based on the OpenID Connect standard.

>> Read more about Canaille

Choreographic Programming: From Theory To Practice — Generating a standard library of core distributed algorithms with formal proofs

To safely leverage the next-generation internet for mission-critical apps, it is crucial to assure that communications among distributed processes are deadlock-free (i.e., processes never get stuck waiting for a message that will never be sent) and behaviourally-compliant (i.e., processes never send messages that violate the intended application-level protocols). Choreographic programming is a promising new method to build distributed systems that assures the absence of deadlock and compliant behaviour by construction (vs. testing, which is notoriously difficult in the presence of concurrency and distribution). The aim of this project is to take advantage of recent scientific progress in programming language theory for distributed systems, and develop a new choreographic programming language (Klor) as an embedded DSL in Clojure, including a standard library of core distributed algorithms.

Coko Docs — A modern, open source replacement for Google Docs and Drive

Coko Docs is an open source solution for storing and editing documents using Coko’s publishing technologies. It is the first part of an Open Suite, which will be integrated with professional Open Publishing products. Coko Docs will have a modern collaborative environment for creating, sharing and hosting files in various formats. We aim to build inclusive tools as powerful as Google Drive and Docs, our initial target audience ranges from individuals to small organisations. Our primary goal is an Open Source product with strong Privacy and Security protocols and elegant accessible design. We will utilize the NLnet funding for the first phase of development where we are adding collaborative editing to the integrated document editor, with offline support (for low-bandwidth scenario's).

>> Read more about Coko Docs

CryptoLyzer — Cryptographic settings analyzer library

CryptoLyzer is a cybersecurity tool that can analyze the cryptography-related settings of clients and servers in the case of several different protocols. The tool’s primary purpose is to support end users as well as system administrators, security engineers, auditors, etc., in their work by telling them the details of the currently applied setting and informing them about the potential weaknesses and vulnerabilities.

Unlike many other notable free software projects that focus on just one protocol family, CryptoLyzer wants to be as comprehensive as possible. On the one hand, users can analyze several cryptographic mechanisms (e.g., SSH, HTTP security headers, JA3 tag, and later OpenVPN), not just the most popular TLS protocol. On the other hand, it is possible to test both the standard and special or corner cases. Latter means the tool can test hardly supported, experimental, obsoleted, or even deprecated mechanisms or algorithms, which may carry significant risks. The project intends to learn from the existing projects and integrate their solutions to lower the barrier to good cryptographic settings making communication on private and public networks more secure.

>> Read more about CryptoLyzer

Reinstatement of crypto.signText() — Cryptographic signatures brought back to the browser

Since the 1990s Netscape and Firefox supported the ability to sign an arbitrary piece of text with a digital certificate, and have that signature returned to the webserver. The texts being signed have historically ranged from transaction records, financial declarations, and court documents. This project implements a set of Native Browser Web Extensions that bring the digital signing of text to all modern browsers that support the NMBE standard. The process of choosing the certificates and generating the signatures is performed outside of the browser, using APIs native to each operating system. Web pages communicate with the extensions using the Javascript crypto.signText() function, and the signed documents are returned packaged as a PKCS7 response. The project aims to make digital signing accessible, while being browser agnostic.

>> Read more about Reinstatement of crypto.signText()

GNU Guix - Cuirass — Continuous integration system for GNU Guix/Linux + Hurd

GNU Guix is a universal functional package manager and operating system which respects the freedom of computer users. The number of supported packages, almost 15.000 on 5 different architectures, is constantly increasing. With the recent efforts adding support for the GNU Hurd operating system, and the ongoing work to easily provide Guix System images for various boards, the need for a strong continuous integration system is critical.

This project aims to improve Cuirass, the GNU Guix continuous integration software to provide binary substitutes for every package or system image within the shortest time. This way, the user won't have to allocate important time and computation power resources into package building. The plan is to add to Cuirass an efficient offloading and work-balancing mechanism between build machines, an improved web interface allowing to monitor machine loads and other build related metrics. A user account section to setup customized monitoring dashboards and subscribe to build failures notifications will also be developed.

>> Read more about GNU Guix - Cuirass

Elliptic curve encryption speed-up using SIMD — Low-level instructin optimisation for curve25519-dalek & Arkworks

This project aims to enhance the speed and security of elliptic curve cryptography using the Rust programming language, with a particular focus on mobile and IoT devices. Leveraging SIMD instructions, specifically ARM NEON, we can speed up elliptic curve cryptography in existing libraries such as curve25519-dalek with the goal to optimise encryption processes in software such as Signal. Additionally, we implement double-odd curves in Arkworks to bolster zero-knowledge protocols, and aim to abstract our optimisations to work on any CPU architecture and elliptic curve. By implementing improvements in these libraries, this project seeks to address the growing demand for efficient and secure cryptographic solutions, especially in mobile and IoT environments.

DANCE4All — Implement DANCE specification in GnuTLS and MbedTLS

DANE (which stands for "DNS-Based Authentication of Named Entities") is a set of mechanisms and techniques standardised within the IETF that allow Internet applications to establish cryptographically secured communications by using information made available through the domain name system. By binding key information to a domain name and protecting that binding with DNSSEC, applications can easily discover authenticated keys for services.

The original DANE specification was built around server authentication. Recently a new initiative called DANCE (https://datatracker.ietf.org/wg/dance/about) emerged, extending DANE to include client authentication. The DANCE4All project's goal is to implement the DANCE specification in two major TLS libraries (GnuTLS and MbedTLS) such that client DANE will become widely available.

>> Read more about DANCE4All

DATALISP — Universal data interchange format using canonical S-expressions

As society moves digital the need for thorough fundamentals becomes more prominent. Datalisp is a laboratory for decentralized collaboration built on a few well understood ideas which imply a certain architecture. The central thesis of datalisp is: "If we agree to use a theoretically sound data interchange format then we will be able to efficiently express increasingly complicated coordination problems", but in order to move the web to a different encoding we will need incentives on our side. A substantial improvement in user experience is needed and we aim to provide it. Ultimately our goal is to give peers the tools they need to protect themselves, and others, by collaboratively measuring the legitimacy of information and locally; by assessing whether data can be trusted as code or whether it requires user attention. Datalisp is the convergence point for all these tools (none of which is named "datalisp") rather than a language, join us in figuring out how to reach it!

>> Read more about DATALISP

Structuring the System Layer with Dataspaces — Implementing a secure and scalable system layer on mobile

The system layer is an essential but often-ignored part of an operating system, mediating between user-facing programs and the kernel. Despite its importance, the concept has only been recently recognised and has not received a great deal of attention. The novel Dataspace Model of concurrency and communication combines a small number of concepts to yield succinct expression of ubiquitous system-layer features such as service naming, presence, discovery and activation; security mechanism and policy; subsystem isolation; and robust handling of partial failure. This project will evaluate the hypothesis that the Dataspace Model provides a suitable theoretical and practical foundation for system layers, since a well-founded system layer is a necessary part of any vision of secure, securable, resilient networked personal computing.

>> Read more about Structuring the System Layer with Dataspaces

Dat Private Network — Private storage in DAT

The dat private network is a self-hosted server that is easy to deploy on cloud or home infrastructure. Key features include a web-based control panel for administration by non-developers, as well as on-disk encryption. These no-knowledge storage services will ensure backup and high availability of distributed datasets, while also providing trust that unauthorized third-parties won’t have access to content.

By creating a turnkey backup solution, we’ll be able to address two of our users’ most pressing questions about dat: who serves my data when I’m offline, and how do I archive and secure important files? The idea for this module came from the community, and reflects a dire need in the storage space -- no-knowledge backup and sync across devices. A properly-designed backup service will provide solutions to both of these questions, and will do so in a privacy-preserving way.

This deliverable will put resources into bringing this work to a production-ready state, primarily through development towards updates that make use of the latest performance and security updates from the dat ecosystem, such as NOISE support. We plan to maintain the socio-technical infrastructure through an open working group that creates updates for the network as it matures.

>> Read more about Dat Private Network

DAVx⁵ WebDAV Push — Share Contacts, Calendars, Tasks, Notes & Journals

This project is about drafting an internet standard for push functionality in the WebDAV/CalDav/CardDAV protocols, and implementing it server-side (in NextCloud) and client-side (in DAVx⁵ and NextCloud Calendar). This standard should greatly benefit the already widely available WebDAV/CalDAV/CardDAV ecosystem in general.

DAVx⁵ is a two-way sync tool for Android that gives people the power of choice where to store their data, instead of being locked-in to big tech. Besides Google FCM we also want to use UnifiedPush as Push backend, so that this can be used without any Google services.

>> Read more about DAVx⁵ WebDAV Push

DCnets — Implementation of Dining Cryptographers Network

The aim of the proposed project is to design and implement an open source library that implements the so-called Dining Cryptographer's network or DCnet (first proposed by David Chaum in 1998). Existing implementations suffer from poor efficiency (e.g. high computation and/or communication cost) or limited security (e.g. when a malicious participant can disrupt the communication). The project will produce cryptographic primitives and protocols that help to bring untraceable communication (e.g. untraceable instant messaging, file transfer, IP telephony) closer to practice. We will implement the most recent advances in cryptographic research (e.g. zero-knowledge proofs) and engineering (e.g. highly optimized arithmetic on elliptic curves and finite fields) into account to maximize both security and efficiency.

>> Read more about DCnets

Delta Tauri — DeltaChat implemented in Tauri

The Delta Chat Desktop app is currently built with Electron and shipped to end-users on all platforms and many app stores. Delta Tauri will port it to instead use Tauri on all platforms, minimizing resource consumption and improving security. The download size is expected to decrease to around a fifth from the present situation, and the use of a system web view instead of the Electron-shipped full Chromium browser improves security because users benefit from operating-system managed security updates. Delta Tauri will also provide an important stepping stone towards a potential Delta Chat Web client, an often requested feature from users.

>> Read more about Delta Tauri

Securing Internet protocols with DIDs — Bridge Decentralized Identifiers with standardised authorisation mechanisms

Many Internet protocols require authentication, e.g. when we check our email account with a username and password, when we authenticate to SSH hosts with public keys, or when we log in to websites using OpenID Connect.

Decentralized Identifiers (DIDs) are a new type of identifier that have associated private keys and can be used for authentication purposes. DIDs are in practice mostly used for exchanging Verifiable Credentials (VCs) between Issuers, Holders, and Verifiers. However, on a more basic level, DIDs can also simply be used as a replacement for usernames/passwords or static public keys, to authenticate by proving control over one's DID. Unlike other identifiers such as usernames or domain names, DIDs do not require a central authority for creating and using them.

In this project, we will work on integrating DIDs with existing Internet protocols that require authentication by developing a new SASL mechanism. The idea is that for example you could log in to your SSH host, email account, IRC server, XMPP server, etc. using your DID, which can improve both usability and security.

>> Read more about Securing Internet protocols with DIDs

Diesel — Safe and performant query builder and ORM written in Rust

Diesel is a safe and performant query builder and ORM written in Rust. It aims to eliminate security issues like SQL injections by providing a type safe domain specific language to express your SQL query as Rust code. This enables checking the query at compile time to turn insecure or otherwise invalid SQL queries into compile time errors. As part of this project we want to extend Diesel to provide built-in support for `WINDOW` functions, to enable the usage of secure and type safe queries in more places.

>> Read more about Diesel

dream2nix — Automate reproducible packaging for various language ecosystems

Dream2nix is part of the overal effort to create more technical assurances, transparency and robustness within the software supply chain. Dream2nix as a framework allows more open source projects to achieve reproducible builds easier, and helps to create an auditable toolchain across different technical dependencies. The ability to reproduce software builds is of major importance when it comes to verifying if a given binary is the product of a given source code. Reproducibility also increases the maintainability and reliability of small and large software deployments. The nix build system allows for such reproducibility even for complex software systems. dream2nix integrates existing well known programming language specific package managers like npm, yarn or cargo with the nix build system, which will allow many open source projects to benefit from nix' unique properties.

>> Read more about dream2nix

Edalize ASIC backend — Create open hardware silicon with a fully free software toolchain

Affordable Open Source ASIC development and custom silicon has been a long-standing goal in the community. This will unlock innovation that has previously only been possible for the largest tech companies, allowing for the creation of deployable, trusted Open Source based hardware.

Step by step, this goal has come closer in the last few years as individuals, companies and academic institutions have filled in the missing pieces. Today we have a fully open source end-to-end flow for building open source ASIC - but the effort of on-boarding existing designs remains high. This project aims to provide an easy way to onboard existing gateware and full designs to an open source ASIC flow by creating a FuseSoC backend that targets this toolchain. This will enable a smoother transition from projects already running on FPGAs to also be targeting ASIC flows. It will also allow easier switching between different open source ASIC flows at the point when there are several alternatives to choose from.

In addition to the backend itself, a reference design containing SERV, the world’s smallest RISC-V CPU, will be run through the flow and committed to actual silicon. This will provide a way to guarantee a working flow and provide a simple but usable reference for everyone else looking to onboard their designs. Enabling and demonstrating this path will allow a fully trustworthy path for the fabrication of system-on-a-chip ICs, with no proprietary or closed tools as part of the flow and hence completely inspectable at all stages. This paves the road for other more complex FuseSoC-based open source silicon projects such as OpenTitan and SweRVolf.

>> Read more about Edalize ASIC backend

ELF tools in Rust — Porting patchelf and install_name_tool to a flexible Rust crate

The "ELF tools in Rust" project aims to develop a versatile command-line tool/library for manipulating ELF and Mach-O binaries, with a particular focus on enhancing patching functionalities. It will leverage the patchelf tool as a standard, alongside Rust's efficiency and safety features. Additionally, it aims to provide seamless integration with Python via bindings created with PyO3 for enhancing accessibility and usability for a wider range of developers and use cases.

>> Read more about ELF tools in Rust

Encoding for Robust Immutable Storage (ERIS) — Encrypted and content-addressable data blocks

The Encoding for Robust Immutable Storage (ERIS) is an encoding of content into a set of uniformly sized, encrypted and content-addressed blocks as well as a short identifier (a URN). The content can be reassembled from the encrypted blocks only with this identifier (the read capability). ERIS is a form of content-addressing. The identifier of some encoded content depends on the content itself and is independent of the physical location of where the content is stored (unlike content addressed by URLs). This enables content to be replicated and cached, making systems relying on the content more robust.

Unlike other forms of content-addressing (e.g. IPFS), ERIS encrypts content into uniformly sized blocks for storage and transport. This allows peers without access to the read capability to transport and cache content without being able to read the content. ERIS is defined independent of any specific protocol or application and decouples content from transport and storage layers.

The project will release version 1.0.0 after handling feedback from security audit, provide implementations in popular languages to facilitate wider usage (e.g. C library, JS library on NPM), perform a number of core integrations into various transport and storage layers (e.g. GNUNet, HTTP, CoAP, S3), and deliver Block Storage Management (quotas, garbage collection and synchronization for caching peers).

>> Read more about Encoding for Robust Immutable Storage (ERIS)

Friendly Forge Format (F3) — Proposed Standard for secure communication between software forges

The Friendly Forge Format (abbreviated F3) is an Open File Format for storing the information from a forge such as issues, pull/merge requests, milestones, release assets, etc. as well as the associated VCS (Git, Mercurial, etc.). F3 is designed to exchange the state of a software project between GitHub, GitLab, Gitea, etc. for backup, mirroring or federation. F3 is essential for a forge to provide key requirements. (i) Portability: the entire state of a software project can be dumped and restored at a later time, on a different development environment (ii) Versatility: when published and updated as a F3 archive, a software project effectively is Open Data on which an unlimited range of applications can rely, even outside of the forge domain (iii) Consistency: it provides a common language to use when talking about the forge related domains (iv) Trust: cryptographic signatures on each F3 dump guard against malicious or unintentional tampering that could compromise the integrity of a software project.

>> Read more about Friendly Forge Format (F3)

FastScan — Performance improvements for ScanCode Toolkit/ScanCode.io

The project summary for this project is not yet available. Please come back soon!

>> Read more about FastScan

LambdaNative F-Droid integration — Portable, Productive and Performant App Development with Scheme

LambdaNative is an free and open source framework that allows for creation of cross-platform applications, in particular on Android and general desktop operating systems such as Linux, BSD's, OS X or Windows. With LambdaNative, even someone with minimal programming background can create nice applications ranging from basic to advanced, using the Scheme programming language. This makes it very suitable for those that do not have a computer science background but still need to create a custom app - such as most researchers, educators and people working in the public sector.

The aim of the project is to add a LambdaNative pipeline to publish apps on the free and open source F-Droid app store. The second part of the project will create educational materials to teach people how to work with LambdaNative mobile application and how to publish their app.

>> Read more about LambdaNative F-Droid integration

Feather UI — Declarative cross-platform UI toolkit

Feather is a universal UI library that applies user inputs to application state, and maps application state to an interactive visualization using a custom graphics rendering language capable of compiling to arbitrary GPU code or vectorized CPU code. By building on top of a well-typed graphics abstraction, it is possible to make custom shaders "write once, run anywhere" with confidence and no overhead. This allows the creation of UI Fragments, which no longer need to be built on top of a library of UI widget elements, allowing the creation of arbitrarily complex UI elements that are no longer bound to traditional widget designs. This level of abstraction allows targeting anything from embedded devices to webpages, or even mixed-reality devices.

>> Read more about Feather UI

FederatedCode Next — UI and curation queue for VulnerableCode data enrichment

VulnerableCode is an open-source database that aggregates and enriches data concerning CVE with metadata to make it easier to track CVEs across packages and dependencies. VulnerableCode was designed from its inception to correlate and aggregate multiple data sources and not have a single point of failure. The FederatedCode Next project aims to create a UI and curation queue for VulnerableCode in order to take the next step towards an open, peer-to-peer federated database of code vulnerabilities.

This allows to to ensure cybersecurity professionals have the essential information they need to do their work when new vulnerabilities are unveiled - such as PURL and VERS version ranges for impacted and fixed package versions, Common Weakness Enumeration details to qualify the weakness exposed by a CVE, severity scoring, mitigation possibilities beside updating and patching, the actual commits/patches that introduce/fix a vulnerability for reachability analysis, related PoC for exploits, etcetera.

>> Read more about FederatedCode Next

Federated software forges with Forgejo — Add ActivityPub based federation to Forgejo

Forgejo is a self hosted software forge where developers can work together on software projects and users can report bugs or request features. As of Forgejo version 1.20, when a project is hosted on a Forgejo instance, every developer is expected to create an account on that instance in order to participate. Compared to email, it is as if it was necessary to create an account on gmail.com to send a message to someone with an @gmail.com email address and another on yahoo.fr to send a message to someone with an @yahoo.fr email address. But in 2022 there are two: the W3C ActivityPub protocol published in 2017 and forgefed, an emerging standard (since 2019) to describe activities happening on software forges. They can be used by Forgejo instances to communicate with each other and create a federation of forges continuously communicating with one another instead of a constellation of isolated silos. A federated Forgejo will enable software developers to work on the same project even when they use different Forgejo instances. There will be bridges between isolated Forgejo instances that software projects can use to synchronize in real time.

>> Read more about Federated software forges with Forgejo

Fediverse Test Framework — Test bench for ActivityPub implementations

The Fediverse consists of individual servers, possibly running different software, that talk to each other. One of the challenges in developing for the Fediverse is to stay interoperable with all the different deployed software. As the message format standard, ActivityStreams, is extensible through JSON-LD, judging how a message is parsed, can be a hard task.

By using ideas from automated testing, we provide an application that determines a baseline how messages are processed and rendered. The process being simply: run end to end tests and record their result. From the test results a webpage is generated that provides developers the information how a message is rendered in different applications. We aim to make the framework extensible so new applications can be included.

>> Read more about Fediverse Test Framework

Fediverse Test Suite — Interoperability effort for W3C ActivityPub

The Fediverse is a global, standards-based, decentralized social network accessible to all and not subject to algorithmic manipulation or platform surveillance. While best known for Mastodon, an open-source alternative to X/Twitter, it already successfully connects dozens of independently developed software applications running on tens of thousands of independently operated servers and implementing feature sets that go far beyond traditional social networking.

To enable even more innovative developers to successfully connect their applications to the Fediverse, and their users to successfully interoperate with users using different software, it needs to become much simpler and cost-effective for developers to 1) know that they have implemented the relevant standards (notably ActivityPub) correctly, that their implementation is not regressing and that 2) their software indeed delivers the experience users expect from interoperability with other software developed independently by other developers.

This project brings together a group of fediverse developers to set up an automated test framework and initial test cases in an open-source project that will systematically test standards conformance, ensure meeting user expectations for interoperability of Fediverse apps, and enable a new wave of innovation based on more trustworthy infrastructure.

>> Read more about Fediverse Test Suite

FemtoStar Project — Open Hardware Communications Satellite

The FemtoStar Project is developing a low-cost communications satellite, intended for use as part of a scalable, decentralized network enabling verifiably anonymous, geolocation-resistant communications on a global scale. While many anonymizer services are currently available to users of existing communications systems, these serve simply to separate knowledge of identity (which still lies with the communications service provider) from knowledge of activity (which lies at the exit of the anonymizer service). All current wide-area communications networks are fundamentally identifying (users and their hardware are, at minimum, pseudonymous to the network) and no two-way communications system offers any meaningful degree of resistance to geolocation of the user. The FemtoStar Project intends to use a constellation of FemtoStar satellites to provide global, space-based open communications infrastructure linking users to services (which can be operated by anyone, and require no special ground station installation beyond a regular FemtoStar user terminal) or directly to other users, and requiring no identification or geolocation of user terminals. We are seeking funding for the development of a prototype satellite and user terminal, implementation and testing of the FemtoStar protocol on this hardware, and, dependent on funding amount and regulatory approval, the licensing and launch of one FemtoStar satellite to low earth orbit for system testing and, possibly, for use in a limited open beta service. With prototype hardware and, ideally, with one production satellite in orbit, the FemtoStar Project will be able to validate the FemtoStar system and move towards our goal of operating a scalable constellation for global, verifiably-private communications service - a world-first in privacy technology.

>> Read more about FemtoStar Project

ForgeFlux — Software Forge independent federation with ActivityPub and F3

Federation accurately models the way free software dynamics work: people and organizations across the globe come together to work on a software project. However, current software forging tools do not reflect this model, which has resulted in centralization in a few software forge instances. This issue is further complicated since a limited amount of tooling creators is committed to implementing federation.

ForgeFlux is a project in the forge federation domain that is trying to make forges federate by building external adapters. We use the forge's native APIs and create a translation layer to talk to other nodes on the federating forge network. We aim to make Forgejo and GitHub federate for the first stable release.

We are also working on other supporting areas in the forge federation domain, name in search and discovery of software projects, and in developing testing and debugging tools.

>> Read more about ForgeFlux

Forgejo — An open source software forge with a focus on federation

In order to collaborate among global FOSS communities, free and open source software projects need to make their software repositories available somewhere online. Running such repositories on top of a third party proprietary service introduces significant liabilities, including stability and privacy risks. There are also geopolitical issues of depending on such pseudo-infrastructure, where the political situation in one country can have an impact on the availability of technology in other countries.

Forgejo is a new software forge designed to scale to millions of users and projects by combining ActivityPub based federated features developed for Gitea and optimizations developed for Codeberg.

Forgejo helps to decentralise by enabling many independent forges to emerge, and allow them to federae. Forgejo aims at lowering the technical barrier, facilitate moderation in a federated environment and provide the expected security updates.

>> Read more about Forgejo

FOSS Code Supply Chain Assurance — Mitigate attacks through software dependencies

It is of the utmost importance to ensure that FOSS packages from public repositories have not been tampered with by malicious actors. This type of compromise is described as an open source "supply chain attack" and these have been increasing significantly. This project is building a new system (which is FOSS itself) to help verify the integrity of deployed code packages and validate their origin with external data sources, with the potential to mitigate attacks on open source packages supply chains such as: detecting if a package in use is matching verified code by matching source and binaries exactly and approximately. Or detecting abnormal code changes that may be signs of malicious modifications and possible attacks on a package.

The key components of this open code and data solution are a Package and File Fingerprints Database, a Code Similarity and Changes Detection Engine, utilities to detect possibly malicious changes in upstream projects, and integration in build system(s). While existing approaches may require a tight control of the whole code supply chain, the approach of this project is designed for practical usage with limited changes to a build and CI/CD pipeline.

>> Read more about FOSS Code Supply Chain Assurance

FOSS Code Supply Chain Assurance II — Add approximate matching capabilities to software vulnerability discovery

This is the second phase of this ambitious project, the focus of which is to enable approximate matching between a database of FOSS packages resources and an actual FOSS package or other code. Moreover, various architectural improvements will be performed to support use at larger scale.

>> Read more about FOSS Code Supply Chain Assurance II

Gash — Port Gash to GNU Mes for auditable bootstrap

For several years, the GNU Guix project has been reducing the amount of unauditable binary blobs used in bootstrapping its operating system, through efforts such as GNU Mes. This is needed to avoid "reproducibly malicious" behaviour within the software toolchain.

Gash is a POSIX-compatible shell written in Guile Scheme. Gash provides both the traditional shell interface, as well as a Guile library for parsing shell scripts. Once this project is completed, Guix (and other operating systems) can be bootstrapped from legible source, without depending on already compiled compilers or C standard libraries. This will allow to move step by step from a minimal Scheme interpreter to full-blown modern scheme dialects to subsequently much more advanced features and optimisations required during the bootstrap.

>> Read more about Gash

GNU Mes — Help create an operating system we can trust

GNU Mes was created to address the security concerns that arise from bootstrapping an operating system using large, unauditable binary blobs, which is common practice for all software distributions. Mes is a Scheme interpreter written in a simple subset of C and a C compiler written in Scheme and comes with a small, bootstrappable C library. The Mes bootstrap has halved the size of opaque binaries that were needed to bootstrap GNU Guix, a functional GNU/Linux distribution that focusses on user freedom, reproducibility and security. That reduction was achieved by replacing GNU Binutils, GNU GCC and the GNU C Library with Mes. The final goal is to help create a full source bootstrap for any interested UNIX-like operating system. After three years of volunteer work this funding will enable us to take another big step forward and reach an important new milestone in creating more auditable secure software distributions.

>> Read more about GNU Mes

Full-source GNU Mes on ARM and RISC-V — Expand full-source bootstrap to other CPU platforms

GNU Mes was created to address the security concerns that arise from bootstrapping an operating system using large binary blobs of several 100s of megabytes, which (incredibly so!) is common practice for the software supply chains in use today. While these days users can reproducibly build software with modern functional package managers like Guix and Nix, the presence of potentially toxic code in these unauditable blobs or the propagation into binaries cannot be excluded. Users have no technical assurance that the executable they use corresponds with the source code - or whether the tool chain which compiled the source code introduce weaknesses or undefined behaviour. By making the toolchain 'bootstrappable' (as per bootstrappable.org), users can verify themselves for every step what happens - in the case of GNU Mes from one tiny (and orders of magnitude more easily verifiable) 357-byte file upwards. The final goal is to help create a "full source" bootstrap for any interested UNIX-like operating system and any type of architectures. In this project the project will add ARM and RISC-V, with other architectures on the roadmap.

>> Read more about Full-source GNU Mes on ARM and RISC-V

GNU Mes: Full Source bootstrap —

GNU Mes was created to address the security concerns that arise from bootstrapping an operating system using large, unauditable binary blobs, which is common practice for all software distributions.

Mes is a Scheme interpreter written in a simple subset of C and a C compiler written in Scheme and comes with a small, bootstrappable C library.

The Mes bootstrap has greatly reduced the size of opaque binaries that were needed to bootstrap GNU Guix, a functional GNU/Linux distribution that focusses on user freedom, reproducibility and security.

That reduction (from ~250MB to ~60MB) was achieved by first replacing GNU Binutils, GNU GCC and the GNU C Library with Mes. The second step was funded by NLnet (https://nlnet.nl/project/GNUMes) and replaced GNU Awk, GNU Bash, the GNU Core Utilities, GNU Grep, GNU Gzip, GNU SED, and GNU Tar with a more mature Mes, Gash and Gash-Utils.

The final goal is to help create a full source bootstrap for any interested UNIX-like operating system and non-intel architectures (see https://nlnet.nl/project/GNUMes-arm) This funding will enable us to take another big step forward and reach an important new milestone in creating more auditable secure software distributions.

>> Read more about GNU Mes: Full Source bootstrap

GNU Mes RISC-V — Bringing the trustworthy bootstrap to RISC-V

GNU Mes was created to address the security concerns that arise from bootstrapping an operating system using large, unauditable binary blobs, which is common practice for all software distributions. Mes is a Scheme interpreter written in a simple subset of C and a C compiler written in Scheme that comes with a small, bootstrappable C library. The final goal is to help create a full source bootstrap for any interested UNIX-like operating system. This funding will enable GNU Mes to work on the RISC-V platform, an instruction set architecture (ISA) that is provided under open licenses. Combining GNU Mes with an open ISA will provide an extra level of security and trust by extending the auditability of the system from the software to also the hardware.

RISC-V is a relatively new architecture so this effort requires the backport of many tools that were already available for GNU Mes in other architectures. Also the modular nature of RISC-V makes it an specially complex bootstrap target, because it needs to support all the possible RISC-V implementations. This project aims to overcome the current limitations to prepare GNU Mes and all the associated projects for a full RISC-V port.

>> Read more about GNU Mes RISC-V

GNU Mes Tower — GNU Mes with alternative scheme implementations and WASM

GNU Mes was created to provide transparency and strong technical assurances when bootstrapping an operating system - instead of using large, unauditable binary blobs that bring the risk of "reproducibly malicious" behaviour within the software toolchain. GNU Mes provides a transparent alternative: starting from a Scheme implementation of a C compiler, and a minimal Scheme interpreter written in C, to bootstrap the full GNU toolchain capable of building the rest of all open-source software.

The GNU Mes Tower projects will add the option to stay on the "Scheme" path without having to resort to C, starting from either same minimal Scheme interpreter with a specializer as a Scheme compiler capable of generating native binaries. To achieve self-hosting, a series of bootstrapping steps will be implemented to add features to each interpretation level one-by-one, maintaining specialization to native code. The sequence of more and more capable Scheme compilers will allow operating systems like Guix to be bootstrapped without C, and move from a minimal Scheme interpreter to full-blown modern scheme dialects to allow much more advanced features and optimisations during the bootstrap.

>> Read more about GNU Mes Tower

Gorgon CI — Continuous integration testing for PRs against software dependencies

A longstanding challenge of open source development is that few users test development versions of software. This means that bugs make it into stable releases, annoying thousands of downstream users. In extreme but common cases, this results in downstream software getting stuck on outdated versions of dependencies because they missed the opportunity to participate in the upstream release cycle. This is despite the fact that many of those downstream users will have their own CI setups that might have caught the bug had they been run against the development version of the upstream library.

Gorgon is a CI system that will test PRs for your project, but it will run your project's tests against PRs for your dependencies as well. By leveraging Nix, Gorgon can make smart decisions about which PRs to test. Changes affecting few derivations will be prioritized over mass rebuilds, to test as many PRs as possible despite limited hardware.

This will let you identify which changes to your upstream dependencies you should care about. You'll be able to find and report bugs before they make it into a release, and know which upstream discussions to get involved in.

>> Read more about Gorgon CI

GPG Lacre project — Best effort encryption of mail flows with OpenPGP

This project is the continuation of the work on providing open source, GnuPG based email encryption for emails at rest. All incoming emails are automatically encrypted with user's public key before they are saved on the server. It is a server side encryption solution while the control of the encryption keys are fully at the hands of the end-user and private keys are never stored on the server.

The scope of the project is to improve on the already existing code, provide easy to use key upload system (standalone as well as Roundcube plugin) and key discoverability. Beside providing a solution that is easy to use we will also provide easy to digest material about encryption, how it works and how to make use of it in situations other the just mailbox encryption. Understanding how encryption works is the key to self-determination and is therefore an important part of the project.

GPG Mailgate will be battle tested on the email infrastructure of Disroot.org (an ethical non-profit service provider).

>> Read more about GPG Lacre project

GPGPU Playground — A virtual GPU to learn GPU programming

GPUs are an extremely effective and widely deployed vector co-processor, and yet those interested in adapting their capabilities are faced with a very high barrier to entry. Tools like OpenCL, CUDA, and WebGL all require a broad background to get started solving even simple problems, and mistakes in larger programs can be nearly impossible to identify without an even deeper level of experience. This project takes advantage of WebAssembly and Vulkan's SPIR-V format to deliver a safe, on-demand toolkit for exploring the potential of GPUs, focused on applications outside the bounds of traditional graphics acceleration.

>> Read more about GPGPU Playground

Real time graph database search engine — Live filtering on graph database streams

Based is the world's first open source pub/sub real time graph database. It allows for millions of concurrent connections to changes in data or relationships, and offers built-in features such as authentication, internationalisation, server-side scripts for automation, time-series data, and user management. This saves money, complexity, and maintenance. In this project we will work on a full text indexing engine, that will give developers and end users the ability to query text in real time – and get back any updates in text instantly. The search engine is geared toward working with our database, but is applicable to any database in which users are interested in text search that updates in real time and indexes dynamically.

>> Read more about Real time graph database search engine

Open Hardware Manuals — Automatically generate user-friendly documentation for open hardware elements

This project will create a tool that automatically generates Computer-Aided Design (CAD) models, assembly documentation, graphics, and user guides based on user provided configurations. These documents can be continuously updated, localized, and are shareable - akin to an always up-to-date Ikea-style assembly guide. The tools developed during this project will also be applicable to other open hardware projects, empowering designers to produce hardware that is more adapted to specific contexts, without creating fragile documentation that always goes out of date when a change is made to the design.

>> Read more about Open Hardware Manuals

Himalaya — End-to-end encryption capable scriptable email

Himalaya is a cross platform and open source toolsuite for managing emails. Its aim is to extract the email business logic into a safe and secure Rust library, so it can be consumed by any compatible client. This architecture makes the tool very flexible and versatile: move batch of emails from the command-line input, automatically sign or decrypt emails levering OpenPGP's web of trust, view HTML version of emails from the terminal, write emails with your favourite text editor, set up a new message notifier in a systemd daemon, view emails from a graphical user interface alla Thunderbird… possibilities are endless! The funding from NLnet will be used to release the first production-ready version of the library and to release few compatible clients like a CLI, a TUI, a GUI, a Vim plugin and an Emacs plugin. Himalaya also plans to extend the concept to other email-related domains, like contact management, events/calendar management, tasks management etc.

>> Read more about Himalaya

A proof of concept of identity-based encryption — Make encryption simpler

The project aims to extend the existing attribute-based identity platform IRMA with easy-to-use encryption. The kind of encryption is called Identity-Based. Its main advantage is that key management is simple, so that encryption becomes easy to use, via a plugin to an email client (only Thunderbird in this proof of concept project). The plugin computes the public key of the recipient of a message, from some uniquely identifying attribute of the recipient (typically an email address, but phone number, or citizen registration number could work as well). The receiver of the message will have to prove, via IRMA, possession of the uniquely identifying attribute to some Trusted Third Party (TTP), which will then provide the corresponding private key. Within this project a working set-up will be built. Turning it into a widely usable product will require more work, in follow-up projects.

Optimized Image Codecs — More efficient image handling for embedded systems

The Optimized Image Codecs project aims to bring portable, efficient image and video codecs to all platforms. It is primarily focused on enabling them on devices that previously were assumed to be incapable of using standard compressed images or video due to their limited memory and speed. The efficiency of the code also means that energy usage is reduced on systems large and small. This code represents state of the art efficiency combined with a careful design to minimize the memory requirements. This enables their use on the widest possible set of devices. This project started with the release of a JPEG decoder and now consists of mature JPEG, PNG, GIF and TIFF G4 codecs used by thousands of developers in projects large and small. Within the scope of this project, the aim is to release software MPEG-1 and H.263 video decoders which will run well on low cost microcontrollers. This should dramatically improve the efficiency of products which had to settle for MJPEG (Motion-JPEG) as a substitute for a true video codec.

>> Read more about Optimized Image Codecs

imap-codec library — Release version 1.0 of the imap-codec library

With an expected volume of 333 billion messages per day in 2022, email is one of today's most common methods to exchange information on the Internet. For better or worse, email is unlikely to go away soon, meaning that even the latest software needs to support it in a trustworthy and resilient way. imap-codec is a misuse-resistant IMAP parsing and serialization library focusing on correctness and security. It should pave the way for a new generation of email clients, servers, and utilities written in Rust and become a reusable building block for the Next Generation Internet. To archive that, it is essential to stabilize the API, improve testing, provide excellent documentation, and establish a welcoming and sustainable open-source environment for imap-codec.

>> Read more about imap-codec library

Inko — Programming language with deterministic automatic memory management

Inko is a statically typed programming language, aiming to make it easy to write concurrent, reliable, deterministic, and memory safe software. Memory is managed automatically, without the use of a garbage collector. Instead, Inko uses a form of single ownership and runtime reference counting, and memory management is deterministic. Inko's type system makes data race conditions impossible, without the need to use locks and similar synchronisation methods, and without the need to copy data structures when sharing them between threads.

As part of this project, we'll finish work on our upcoming native code compiler, overhaul and improve the compilation of generic types and functions, implement a type-safe C FFI, add support for cross-compilation, and expand the standard library with various networking protocols.

>> Read more about Inko

IotECC — Lightweight Elliptic Curve Cryptography for small chips

This project is building an open-source software library for modern Elliptic Curve Cryptography (ECC). To achieve this, the project aims for a unique trade-off between three different (and partly conflicting) goals that is currently not offered by any of the existing ECC libraries for small 8/16/32-bit microcontrollers. The first goal is efficiency, which includes not only fast execution times, but also small code size and low RAM usage. Equally important as efficiency is the second goal, namely security, and this includes not only the absence of subtle bugs that could leak secret information, but also robustness against timing-based side-channel attacks. The third goal is usability, which is achieved by a simple and intuitive API, an easily readable and well-commented source code, and a rich documentation with examples for common use cases.

IoTECC will come with highly-optimized Assembly functions for the low-level field-arithmetic for 8-bit AVR, 16-bit MSP430, as well as 32-bit ARM Cortex-M3 and RISC-V microcontrollers. The higher-level functions are written in C and shared among the different platforms to minimize the code base and reduce complexity.

>> Read more about IotECC

IPDL — Equational Proofs for Distributed Cryptographic Protocols

In cryptography, interactive, distributed cryptographic protocols are most often proved secure using the simulation paradigm, wherein the protocol of interest is proved (approximately) equivalent to an idealization. The simulation paradigm is extremely powerful, as it allows a wide range of security properties to be captured under one definition. On the other hand, while expressive, the simulation paradigm presents extra complications for formally verifying security proofs. Proving equivalences between distributed protocols in general requires heavyweight techniques based on manually constructing so-called bisimulations (suitable relational invariants), which creates a barrier to entry for formal methods. We lower this barrier to entry with IPDL, or Interactive Probabilistic Dependency Logic, a new process calculus for cryptographic protocols. IPDL includes an approximate equational logic that allows computationally sound reasoning about protocols in a manner both close to the simulation paradigm and amenable for formal verification. Using IPDL, we deliver short, simulation-based proofs of variety of cryptographic protocols. Our most complex and very general case study verifies the n-party GMW protocol for secure function evaluation.

>> Read more about IPDL

IPDL II — A new process logic aimed at formal proofs for cryptographic algorithm

Our project IPDL aims to increase the trustworthiness of large cryptographic systems by designing and implementing a natural and principled way of thinking about them. IPDL, short for Interactive Probabilistic Dependency Logic, is a process calculus and software implementation for formally verifying message-passing cryptographic protocols. Our goal is to use IPDL to develop cryptographic foundations that are both composable and concurrent. Concurrency means that our model of computation natively allows processes to run at the same time; composability allows us to prove the system secure by verifying the security of its subparts. In this setting, formal proofs closely resemble the thinking of a cryptographer.

>> Read more about IPDL II

iso14229 — Universal Diagnostic Services for automotive diagnostics

iso14229 is an open-source portable C implementation of Universal Diagnostic Services (ISO 14229-1:2020). UDS is a communications protocol used for diagnostics, tuning and firmware updates on embedded devices such as those in your car, tractor, robot, IoT device, or renewable energy system. Insecure UDS implementations expose software to security exploits. By providing an open source implementations including the security features of UDS, this project addresses an important gap. Within the scope of this grant, the team will work on the integration of static analysis, improve documentation and develop a number of security-focused examples.

>> Read more about iso14229

jaq — Implementation of jq in Rust with formal semantics

JSON is a data format that is frequently used to publish Open Data. jq is a widely used programming language that allows citizens to easily process JSON data. There are several tools to run jq programs, including jq, gojq, and jaq. Of these three tools, jaq is the fastest (judging from several benchmarks), despite having the smallest code base. This project centers on improving jaq and the wider jq ecosystem: First, we want to advance the development of jaq, in particular to support more features of jq. Next, we want to make jaq more accessible, by creating JavaScript bindings for jaq. This will allow developers to integrate jaq into websites. Furthermore, this will allow users to run jaq from a browser, respecting their privacy by processing data on their machines. Finally, we want to create formal semantics for jq, based on jaq's execution approach. This will allow users to better understand how jq programs behave.

>> Read more about jaq

Improving and extending Kaitai Struct — Rust parsing for binary analysis tool Kaitai Struct

Kaitai Struct (KS) is a tool for working with binary formats. It introduces a declarative domain-specific language for describing the structure of arbitrary binary formats. Based on any specification, KS can automatically generate a ready-to-use parsing module in one of 11 programming languages (C++/STL, C#, Go, Java, JavaScript, Lua, Nim, Perl, PHP, Python, Ruby). Serialization is supported in Java and Python.

This project aims to add Rust as a target language for parsing and to port the JavaScript runtime library to TypeScript, which will allow type checking and better IDE autocompletion in users' projects. Web IDE has a severe limitation that parsing errors prevent any results from being displayed. This is planned to be fixed, along with several other nuisances that limit user-friendliness. Compiler will be improved too. Support for multi-byte terminators (needed for null-terminated UTF-16 strings) will be added in all target languages, GraphViz generation failures will be resolved by updating to support newer KS features. The `valid` key will be extended by the capability to validate whether a value is part of an enum. The support for imports and unused types will be enhanced.

>> Read more about Improving and extending Kaitai Struct

Kami — Choreography programming language integrated with the Rust ecosystem

Kami is a new programming language, based on the Rust ecosystem, designed from the ground up for correct-by-construction distributed systems. In its core it is pure and functional, thus ideal for building complex concurrent systems. It takes cues from multiparty session types and choreographic programming language research: The behaviour of all roles in a distributed application can be implemented at once from a global point of view. This high-level description is compiled to rust code for all participating roles, with the guarantee that the system will be deadlock-free. Developers can seamlessly drop down to using rust, and all of its ecosystem, for writing local code, while using Kami for composing the local computations into a coherent distributed system. In this project we implement the type-checker, compiler and other developer tools for Kami, to provide for a similarly friendly developer experience as Rust.

>> Read more about Kami

Katzen Metadata Minimizing Messenger — Privacy preserving instant messaging using a modern mixnet

Katzen is a multi-platform messenger application that works with Katzenpost, a mix network framework for building anonymity-enhancing communication services. Katzen minimizes metadata that could potentially be used to reveal the identities, locations, and relationships of its users. Katzen currently supports one-to-one messages between paired users, while also not revealing who is speaking to whom.

This project aims to improve Katzen by adding group messaging, multimedia file transfers, and voice chat. These features require a new encrypted-at-rest database, additional UI for file transfers and push-to-talk voice messaging, and implementation of group messaging using the multiparty REUNION protocol, which allows group members to discover each other using a shared passphrase.

>> Read more about Katzen Metadata Minimizing Messenger

Katzenpost — Observation resistant secure messaging layer

Secure messaging is among the most fundamental privacy challenges of today. While there are meanwhile several widely used offerings that can encrypt instant messages you send to others, there are very few reliable options that are able to keep others from finding out who you were communicating with - and when. The most popular end-to-end messaging application do not adequately protect the identities of who-is-talking-to-who from the infrastructure operators. Katzenpost aims to offer a traffic analysis resistant messaging layer that allows all the participants in the network to have significantly more privacy than other mechanisms. It offers a decentralized mixnet architecture that works similarly to onion routing, where message routing information is encrypted, and differs in that each message is a fixed size, has random forwarding delays, and is accompanied by cover traffic messages to frustrate passive traffic analysis. The project aims to be a building block for other to build applications on, lowering the threshold for existing applications to benefit from increased privacy and confidentiality.

>> Read more about Katzenpost

Kazarma — Bridge ActivityPub and Matrix realms

Matrix-Appservice-CommonsPub is a bridge between two decentralized protocols: Matrix and ActivityPub. The development includes polishing CommonsPub, an Elixir generic ActivityPub implementation, and creating an Elixir library to build Matrix bridges. We will first focus on private messages between Matrix users and users of an ActivityPub-enabled platform, like PeerTube or Funkwhale, then explore the possibilities of synchronizing ActivityPub feeds (e.g. "toots" feeds) in Matrix. The bridge comes as an easy-to-deploy, secure and scalable solution.

>> Read more about Kazarma

KDE Connect — KDE Connect discovery and transport protocol improvements

KDE Connect allows devices on a local network to discover each other and, after an initial pairing process, exchange data over an encrypted connection. Leveraging this abstraction, the KDE Connect desktop and phone apps provide cross-device syncing features like sharing files, notifications, input devices, multimedia controls and more.

There are multiple independent implementations of the KDE Connect protocol written in C++, Java, Swift, Javascript, and more; as well as various applications using the protocol targeting different operating systems.

The aim of this project is to reimplement KDE Connect's discovery process and transport protocol, which were shaped by the limitations of the smartphones of 10 years ago, using multicast and modern TLS.

>> Read more about KDE Connect

Standardizing KEMTLS — Post-quantum TLS without handshake signatures

KEMTLS is a recent academic proposal for an alternative way of adding authentication to the Transport Layer Security (TLS) protocol. The project is motivated by the need to migrate public key cryptography to new algorithms that resist attacks by quantum computers. Compared to traditional cryptography, post-quantum signature schemes generally have larger public keys and/or signatures, and need more computational effort. KEMTLS, published at the ACM Computer and Communications Security Conference in 2020, replaces signature-based authentication for web servers with a post-quantum key exchange (called a KEM) in a way that saves communication and computation.

In this project we aim to prepare KEMTLS for standardization by the Internet Engineering Task Force (IETF). To that end we will implement KEMTLS in a few different open source TLS software libraries and demonstrate the viability and interoperability of these implementations. This software will assist later implementers of KEMTLS by allowing to validate their implementations against our reference. We will also investigate optimizations for using KEMTLS in specialized environments like IoT, and will investigate issues involving certification of KEM keys.

>> Read more about Standardizing KEMTLS

Private Key Operations for Keyoxide — Implement Private Key Store design in Keyoxide

Keyoxide is one of the open-source success stories when it comes to providing an alternative to the proprietary product (Keybase). The UI is straightforward so that the interaction with the site is available to all kinds of users. Unfortunately there is one critical part that differentiates Keyoxide from Keybase - no support for private key operations. Adding proofs requires a complex maze of command line invocations. This project will implement best of both worlds: simple, UI centric way of interaction without technical knowledge required and the strong security of Keyoxide.

>> Read more about Private Key Operations for Keyoxide

Keyoxide v2 — Add cryptographic signature based to Keyoxide

How do you discover which other online accounts across different services and service providers actually belong to the same person? Keyoxide is a secure, privacy-friendly and decentralized platform to manage online identities, uncompromisingly driven by what the user herself wants to share.

Keyoxide is a new type of service to allow proving linked account ownership on a variety of platforms. Keyoxide levers existing and battle-tested cryptographic primitives. The goal is to give users more control over their online presence, independent from dominant internet actors - without in fact having to depend on any centralised services or third parties. The project will build on top of the existing OpenPGP Identity Proofs to add other types of profiles based on various cryptographic signature mechanisms from a variety of new tools. To maintain linkable profiles, a new signature-hosting infrastructure needs to be designed and developed. Other improvements are aimed at safeguarding privacy and achieving plausible deniability.

>> Read more about Keyoxide v2

Kiwi IRC — Self-hosted web IRC environment

Kiwi IRC is an open messaging platform that any online organisation or community can use. We do not believe that any community should be locked into a single vendor for their communication tools as this restricts how the community grows and develops - the community itself should dictate how they develop over time. Working with other open source projects in the IRC world, we are expanding the generally available privacy tools and making them usable for mainstream use. This will see tools such as end-to-end encryption and mobile applications being brought to users taking advantage of open messaging, improving the privacy of millions of existing IRC users and pushing for open platforms.

>> Read more about Kiwi IRC

Improve Email Encryption in KMail — Adopt improvements in Email Encryption in KMail

The goal of this project is to make it more simple for inexperienced users to just use encrypted mails, at the click of a button. Autocrypt is a new method for email encryption, that needs nearly no user interaction. It performs the needed key exchange transparently in the background, and does key management automatically. Encrypted Headers is a protocol to send mail headers in the encrypted mail part. Traditional encryption methods leaked meta-data, which could be used for mass surveillance purposes. The result will be part of the KDEPIM codebase, so you don't have to install anything else than KMail to use these improvements.

>> Read more about Improve Email Encryption in KMail

ARPA2 LDAP Middleware — Privacy enhancing middleware

Some protocols are far better known than others. Everyone will recognise the HTTP protocol we use to transfer web pages. LDAP is not as well known, but it is also a key technology we use on a daily basis - in fact it shapes how most organisations are organised online. LDAP is a proven technology but can be cumbersome to work with, and as a result it has seen little innovation in recent years.

This project develops a number of innovatie middleware components from the ARPA2 project. This includes a privacy enhancing middleware for LDAP (LEAF), which allows to do attribute filtering and selectively transforming of LDAP; SteamWorks, which allows for responsive large scale configuration and trust delegation; and Lillydap, a library that can be used to easily add LDAP to any application. The project also delivers on (broad)er deployability of these building blocks, by providing tools for distropackaging the innovative solutions produced by the project.

>> Read more about ARPA2 LDAP Middleware

lib1305 — Microlibrary for Poly1305 hashing

In modern network protocols, every packet is authenticated using a message-authentication code (MAC). Any data modified by an attacker is immediately caught and rejected by the MAC. The most popular MAC algorithms are Poly1305, normally used with the ChaCha20 cipher as part of ChaCha20-Poly1305, and GMAC, normally used with the AES cipher as part of AES-GCM. Many applications, such as WireGuard, require specifically Poly1305. This project will develop and release a new software library, lib1305, for Poly1305. The library will provide comprehensive and well-optimized software exploiting the 64-bit assembly instructions of Intel CPUs to provide top speeds for those CPUs, while meeting the security constraint of not leaking secret information through timing.

>> Read more about lib1305

lib25519 for ARM — Add 64bit ARM optimisations to lib25519

Modern network protocols rely on elliptic-curve cryptography (ECC) to protect communication against espionage and sabotage. lib25519 is a new software library for the Curve25519 elliptic curve, including the X25519 encryption system and the Ed25519 signature system. Curve25519 is the fastest curve in TLS 1.3, and the only curve in Wireguard, Signal, and many other applications. So far lib25519 has exploited the features of Intel CPUs to provide top speeds for those CPUs, while meeting the security constraint of not leaking secret information through timing. This project will extend lib25519 to target 64-bit ARM CPUs, and in particular the Cortex-A53 CPU, which for instance powers the Raspberry Pi 3.

>> Read more about lib25519 for ARM

XMPP-ActivityPub gateway — XMPP, ActivityPub and E2EE Pubsub

XMPP (aka Jabber) is the vendor-netural internet standard for instant messaging. ActivityPub is a web standard for federated social networking, used in software like Mastodon, Pleroma, PeerTube, Pixelfed and Funkwhale. The project consists of two components: an ActivityPub-XMPP gateway, which will be a component bridging these protocols - enabling ActivityPub users to access XMPP blogs, comments and other features, and vice versa. And adding state of the art end-to-end encryption (E2EE) for PubSub and filesharing, which entails proposing a new XMPP standard which can provide a secure way to publish, retrieve and subscribe to all sorts of data over XMPP.

The project is built on Libervia (previously known as "Salut à Toi"), a communication ecosystem based on XMPP. Libervia offers several interfaces (web, desktop, mobile, command line, text UI) and explores the XMPP protocol beyond instant messaging. Libervia features chat, blogging, file sharing, photo albums, events, forums, etc. Libervia's goal is to develop an all-in-one, easy to use "familial and personal social network", i.e. a tool to communicate with the people close to you securely - and that lets your personal data stay within your control (as it should be).

>> Read more about XMPP-ActivityPub gateway

Librecast Live — Live streaming with multicast

The Librecast Live project contributes to decentralizing the Internet by enabling multicast. Multicast is a major network capability for a secure, decentralized and private by default Next Generation Internet. The original design goals of the Internet do not match today's privacy and security needs, and this is evident in the technologies in use today. There are many situations where multicast can already be deployed on the Internet, but also some that are not. This project will build transitional protocols and software to extend the reach of multicast and enable easy deployment by software developers. Amongst others it will produce a C library and POC code using a tunneling method to make multicast available to the entire Internet, regardless of upstream support. We will then use these multicast libraries, WebRTC and the W3C-approved ActivityPub protocol to build a live streaming video service similar to twitch.tv. This will be a complement to the existing decentralised Mastodon and Peertube projects, and will integrate with these services using ActivePub. By doing so we can bring live video streaming services to these existing decentralised userbases and demonstrate the power of multicast at the same time. Users will be able to chat and comment in realtime during streaming (similar to YouTube live streaming). This fills an important gap in the Open Source decentralised space. All video and chat messages will be transmitted over encrypted channels.

>> Read more about Librecast Live

The Libre-SOC Gigabit Router — Native Open Hardware chip implementation of crypto primitives

The Libre-SOC Project is developing a Libre System-on-a-Chip in a transparent fashion to engender end-user trust. Based on the OpenPOWER ISA, the next logical step is to extend and modernise OpenPOWER into the cryptographic and blockchain realm, and to do so in a practical way: design a Router ASIC. Whilst many commercial ASICs would do this using hard-coded non-transparent blocks or instructions, true transparency really only exists if the ISA has general-purpose primitives that can be Formally (mathematically) validated. The Libre-SOC Crypto-router Project therefore goes back to mathematical "first principles" to provide general-purpose Galois-Field, Matrix abstraction and more, on top of Simple-V Vectorisation. This provides flexibility for future cryptographic and blockchain algorithms on a firm transparent foundation.

>> Read more about The Libre-SOC Gigabit Router

Libre-SOC Formal Correctness Proofs — Mathematical unit tests for open hardware System-on-Chip

Hardware projects like the Libre-SOC Project involve writing an inordinate amount of comprehensive unit tests to make sure everything functions the way it should. This is a critical and expensive part of the overall design process. Formal Mathematical Proofs (already quite popular in secure software development) provide an interesting alternative for several reasons: they're mathematically inviolate, which we believe makes them more trustworthy. And they are simpler to read and much more comprehensive (100% coverage), saving hugely on development and maintenance. From a security and trust perspective, both aspects are extremely important. Security mistakes are often accidental due to complexity: a reduction in complexity helps avoid mistakes. Secondly: independent auditing of the processor is a matter of running the formal proofs. The project aims to provide proofs for every module of the Libre RISC-V SoC, and therefore contributes significantly with the larger goal of developing a privacy-respecting processor in a way that is independently verifiable.

>> Read more about Libre-SOC Formal Correctness Proofs

libspng — A fast and safe implementation of Portable Network Graphics

libspng is a platform-independent C library for handling IETF's Portable Network Graphics (PNG) images. The goal of this project is to provide a robust and fast library with an easy to use API. It is designed to be a modern alternative to the reference implementation, written from scratch using secure coding standards. It comes with an extensive test suite and is fuzz tested, it is also fastest decoder overall. The NGI Zero grant will be used to develop complete PNG write support, architecture-specific performance optimizations, including improvements to testing, decoding and documentation.

>> Read more about libspng

libspng APNG — Add Animated PNG (APNG) image read- and write support to libspng

libspng is a modern C library for reading and writing images in the Portable Network Graphics (PNG) file format. Created from the ground up with security and ease of use in mind, it provides an alternative to the reference implementation and a migration path to a simpler API, an extensive test suite ensures interoperability.

The goal of this project is to implement Animated PNG (APNG) support and make it a more viable alternative to the reference implementation.

>> Read more about libspng APNG

libvips — Add animated PNG and enhanced JPEG XL support to libvips

libvips is an image processing meta-library, whose development the European Commission funded back in the 1990s. Applications can outsource the heavy lifting of handling a variety of image types to this library. The library has meanwhile grown very popular with web developers around the world; the node binding, for example, is downloaded more than 5 million times a week at the time of writing.

In addition to scrutinizing the security of the library, this project will implement two key improvements to libvips: animated PNG support, and enhanced JXL support. The former capability (the addition of animated PNG support) can be gained from another NGI Zero project, libspng. libvips uses libspng for PNG read and write, so by extending libvips to use these new libspng features, they will become available to a large developer community very quickly.

Second, libvips has had preliminary support for the JXL format since libjxl v0.4. Since then, the libjxl API has evolved considerably and the libvips connector needs updating, especially in the areas of large image support and HDR, both increasingly important with the steady improvement of smartphone cameras.

>> Read more about libvips

Lizard — E2E Rendez-vous and discovery

The Lizard project aims to develop a common protocol for end-to-end encrypted social applications using Tor as underlying transport mechanism, with the addition of store-and-forward servers discovered through the Tor hidden service directory. The protocol takes care of confidentiality and anonymity concerns, and adds mechanisms for easily synchronising application-level state on top. All communications are done "off the grid" using Tor, but identities can be publicly attested to using existing social media profiles. Using a small marker in your social profiles, you can signal to other Lizard users that they can transparently message you over Lizard instead. By taking care of these common discovery and privacy concerns in one easy-to-use software suite, we hope that more applications will opt for end-to-end encryption by default without compromising on anonymity.

>> Read more about Lizard

lpnTPM — TPM 2.0 compliant open hardware Trusted Platform Module

lpnTPM is Open Source Software (OSS), and Open Source Hardware (OSHW) Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. What makes lpnTPM different from generally available solutions is openness. Software and hardware of lpnTPM can, without limits, be audited, fixed, and customized by communities and businesses. Open design address the lack of trustworthiness of proprietary closed source TPM products, which currently dominate the whole market. lpnTPM in production mode protects software by secure boot technology, and only the lpnTPM owner will update it. TPM modules enable measured boot and support verified boot, Dynamic Root of Trust for Measurement, and other security features. Another benefit of lpnTPM would be physical design, which solves the lack of standardization around pinout and connector. The ultimate goal of lpnTPM is to provide a trustworthy platform for future open evolution of Trusted Platform Module software and its application to various computing devices, resulting in better adoption of platform security.

>> Read more about lpnTPM

LumoSQL — Create more reliable, distributed embedded databases

The most widely-used database (SQLite) is not as reliable as it could be, and is missing essential features like encryption and safe usage in networked environments. Billions of people unknowingly depend on SQLite in their applications for critical tasks throughout the day, and this embedded database is used in many internet applications - including in some core internet and technology infrastructure. This project wants to create a viable alternative ('rip and replace'), using the battle tested LMDB produced by the LDAP community. This effort allow to address a number of other shortcomings, and make many applications more trustworthy and by means of adding cryptography also more private. Given the wide range of use cases and heavy operational demands of this class of embedded databases, a serious effort is needed to execute this plan in a way where users can massively switch. The project will extensively test, and will validate its efforts with a number of critical applications.

>> Read more about LumoSQL

LumoSQL at-rest data security — Modern embedded database with encryption and signed data

LumoSQL is an embedded database that combines various modern database technologies into a single powerful abstraction while remaining a drop-in replacement for the most-used database worldwide, SQLite. LumoSQL brings to embedded databases features including built-in encryption, per-row checksum verifiability of all data (without the overhead of e.g. a blockchain), and a choice of storage backends.

In this project the LumoSQL community works towards the 1.0 version which will add a slew of attractive features such as encrypted embedded data at-rest (which can be unlocked either through role based access control or even outside of unmodified apps with a hardware token like Nitrokey), signed data rows and data tables (so users can cryptographically verify the integrity of data), as well as improved documentation and cross-platform availability. In addition the project is producing valuable tools such as the not-forking project, which addresses the root cause of many real-world security issues as customisation without such a tool requires hard-to-maintain forking.

>> Read more about LumoSQL at-rest data security

machine-check — Tool for formal verification for machine-code

Common bug-finding approaches like software testing do not guarantee the absence of bugs. Formal verification can prove the absence of bugs, but the added description and proving complexity means it only tends to be used for critical systems. The current state-of-the-art tools are complex to use and hard to reason around when they fail. Machine-check aims to bring scalable yet intuitive formal verification to non-experts, leveraging the Rust ecosystem for description of digital machines including processors with machine-code programs loaded into memory. Ultimately, this should lead to increased reliability, safety, and security of programs and systems.

>> Read more about machine-check

MailBox renewal — Performance upgrade of MailBox mail modules

Email is still the workhorse of the internet, and behind the screens some of the heavy lifting is by applications like the Mailbox modules. Under the hood, this software is processing billions of emails every day at some of the largest players in the industry.

The project will deliver a major update of the code after two decades. This is not only long overdue, but actually offers interesting opportunities to take into account new email related RFCs, investigate new possibilities for code optimisation as well as tackling new threats like SMTP smuggling.

As a bonus, the project will work on a standalone tool to be able to once more properly forward emails in the SPF/DMARC era - a very welcome capability, the lack of which is currently causing a lot of headache and lost email for users.

>> Read more about MailBox renewal

Mailpile 2 (moggie) — Building a secure, modern e-mail client for self-hosting

Mailpile's mission is to empower users to be more autonomous and private in how they manage, store and communicate over e-mail, simplifying the use of relevant encryption technology (OpenPGP, Tor and encrypted local storage). Mailpile 2 will be an Open Source, secure web-mail application, usable and powerful enough to be a compelling alternative to both mainstream desktop e-mail clients and proprietary web-mail services. Mailpile 2 will offer both local and remote access to an elegant, mobile-friendly web interface, built on web-APIs exposed by Moggie. Moggie is the project's technical toolkit for searching and working with e-mail. This stage of the project is about developing Moggie to the point where it is useful as a stand-alone tool in its own right, and feature complete enough that work on the Mailpile 2 user-interface can commence.

>> Read more about Mailpile 2 (moggie)

Catalogs in MariaDB — Enable true multi-tenacy in the MariaDB database

MariaDB Server is the open source database powering most of the internet. Many deployments of MariaDB are done as part of a shared hosting solution, where the underlying hardware is shared by many different tenants. To achieve scalability, hosting providers typically start a single MariaDB Server instance and impose artificial limitations to tenants, such as disallowing any new user creation, modifications, passwords, access control changes etc. The alternative of starting up dedicated database servers incurs a significant resource overhead, limiting the number of total tenants and implies wasted energy and compute power.

Catalogs is a feature built for MariaDB Server to eliminate the need for artificial restrictions, all while maintaining high scalability and user density. Catalogs introduce an extra separation on the SQL layer, allowing a user experience that is almost 100% identical to running a dedicated MariaDB Server instance, without the overhead of starting up multiple servers. With catalogs, hosting providers will be able to optimize hardware usage while their users will be able to modify their own dedicated system tables, without impacting other tenants.

>> Read more about Catalogs in MariaDB

Mellium — Add OMEMO support to XMPP library

Mellium is an XMPP library that helps other projects safely interoperate using the most widely used, federated, real-time communication protocol in use today. Unfortunately, it does not currently provide a mechanism to enable projects using it to communicate in an end-to-end encrypted manner, meaning those projects must do the hard (and potentially dangerous) work of implementing encryption themselves. This project aims to create an easy to use implementation of the OMEMO encryption standard (XEP-0384: OMEMO Encryption) that is compatible with popular instant messaging clients. This will encourage projects depending on Mellium to implement strong privacy protections by lowering the barrier to entry for end-to-end encryption.

>> Read more about Mellium

Monal IM — Free Jabber/XMPP client for iOS and macOS

Monal is a open source XMPP instant messaging client for MacOS and iOS which strives to be the go-to client for these platforms just like the app Conversations is for Android. XMPP in general is an open and standardized protocol for real time communication. Anyone can host their own server and communicate freely with each other, just like with email and just like email the used addresses are of the form "user@domain.tld". In this project, Monal will among others add end-to-end encryption to its chat interface, in this case the OMEMO XEP which uses a so call double ratchet mechanism to provide strong protection of the confidentiality of messages.Within the project, the team will also implement various other XEPs such as audio and Video (A/V calls), adding modern functionality and improving interoperability with other clients.

>> Read more about Monal IM

Movim — Add OMEMO encryption to Movim XMPP client

Movim is a web platform that delivers social and IM features on top of the mature XMPP standard (aka Jabber). Unlike other chat apps, with XMPP you have a choice of both servers and clients - and the ability to add any features you want, and restrict your trust to those that deserve it. Movim is a user-friendly communication platform aimed at small and medium structures (up to a hundred simultaneous users), and sports a number of unique social features beyond instant messaging. And because it sits on XMPP, Movim users can explore the whole global instant messaging network from a single account.

In this project, Movim will add end-to-end encryption to its chat interface, in this case the OMEMO XEP. Since Movim is browser based, the implementation will be have to put the encryption layer client-side - or in other words, inside the browser. Because users can connect simultaneously on the same XMPP account using different browsers with Movim, each browsers will be seen as a different "device". Decrypted messages will be saved in a browser database, using IndexedDB. The web server will just take care of handling public keys to the XMPP network and store the encrypted messages, same as the user's XMPP server does when using archiving methods. The project will deal with both the one-to-one chat implementation and the Multi-User Chat part of Movim. This is part of a concerted effort to create reliable end-to-end encryption for XMPP based real time communications. At present growth of the wider network is hampered by lack of interoperability.

>> Read more about Movim

Mox — Modern full-featured open source secure mail server

Mox is a modern email server implementation that makes it easy for people and organizations to run their own mail server, allowing them to stay in control of their own email communication, and keeping email decentralized. While high-quality open source mail server software components exist, their code bases are growing old, and getting a working setup involves configuring at least half a dozen of them to work together. That complexity has turned people to a few (centralized) email providers. Mox gives users their power back! All important protocols/mechanisms needed for a modern email setup have been implemented in mox, including: IMAP4, SMTP, SPF, DKIM, DMARC, MTA-STS, TLSRPT, automatic TLS with ACME and Let's Encrypt, IP/domain/bayesian spam filtering, internationalized email, account autoconfiguration. Setting up mox takes just minutes with the quickstart, with no additional tools/dependencies required. The code base is lean, coherent, self-contained, well-tested, cross-referenced with specifications, liberally MIT-licensed, trivially reproducibly built and is defensively written in Go, a modern, safe programming language. Mox's integrated approach has allowed for novel functionality. Development continues on supporting more protocols and extensions, as well as quality improvements such as more automated tests. On the roadmap at the time of writing (but check the project site!): IMAP4 CONDSTORE, QRESYNC, THREAD extensions, DANE and DNSSEC, sending DMARC and TLS reports, OAUTH2, Sieve, JMAP, Webmail, Calendaring and more.

>> Read more about Mox

Mox management and automation — Automated email server management and administration

>> Read more about Mox management and automation

Distributed Trust for Web Servers — Establishing a Distributed Trust Authority

The M-Pin protocol, and its implementation in the Milagro project currently incubating at Apache, provides cryptographic security using a distributed trust model. In place of the single point of failure (and high-value target for social engineering attacks) of today's Certificate Authorities (CAs), cryptographic verification is assembled from two or more mutually independent authorities, all of which would need to be subverted at once to break security. This project helps bring distributed trust to the Web, by implementing M-Pin support via Milagro's libraries in leading Open Source web servers. This will pave the way both to a distributed trust alternative to monolithic CAs and browser trust lists, and to a distributed trust alternative to protocols such as OpenID for user identification.

>> Read more about Distributed Trust for Web Servers

SecSync — Efficiently combine end-to-end encryption with CRDTs

While popular CRDT implementations like Yjs or Automerge offer several designs and even implementations on how to asynchronously exchange data using servers, there is no plug & play implementation serving end-to-end encrypted systems. Focus of the first version of SecSync is to provide a protocol to efficiently exchange and resolve e2e encrypted CRDTs. It comes with a plug and play reference implementation on top of Yjs and should be well documented. By leveraging snapshots as well as operations logs referencing snapshots the load times should reduced while still offering real-time collaboration.

>> Read more about SecSync

NeoChat — Native Matrix encrypted instant messaging client

NeoChat is a client for Matrix, an open and decentralized chat protocol. NeoChat is using Qt and KDE technologies to run on many platforms: Linux, Windows, macOS, Plasma Mobile and Android. One of the biggest missing features for NeoChat is support for end-to-end encryption. Currently, all the messages are sent unencrypted and encrypted conversation can't be read in NeoChat. This is not a problem for public rooms since they are usually not encrypted, but it makes NeoChat unsuitable for usage in a private or professional context. The goal of this project is to enable support for encryption in NeoChat. Since NeoChat uses libQuotient, a client library for the matrix protocol, most of the work will take place in libQuotient. This means that the work done in the project will also help other Matrix clients and bots built with Quotient, in particular Spectral and Quaternion.

>> Read more about NeoChat

neuropil — Privacy by design P2P search including IoT

Neuropil is an open-source de-centralized messaging layer that focuses on security and privacy by design. Persons, machines, and applications first have to identify their respective partners and/or content before real information can be sent. The discovery is handled internally and is based on so called "intent messages" that are secured by cryptographic primitives. This project aims to create distributed search engine capabilities based on neuropil, that enable the discovery and sharing of information with significantly higher levels of trust and privacy and with more control over the search content for data owners than today's standard.

As of now large search engines have implemented "crawlers", that constantly visit webpages and categorize their content. The only way to somehow influence the information that is used by search engines is by using a file called „robots.txt“. Other algorithms are only known to the search engine provider. By using a highly standardized "intents" format that protects the real content of users, this model is reversed: data owners define the searchable public content. As an example we seek to implement the neuropil messaging layer with its extended search capabilities into a standard web server to become one actor and to handle and maintain the search index contents of participating data owners. By using the Neuropil messaging layer it is thus possible to build a distributed search engine database that is able to contain and reveal any kind of information in a distributed, concise and privacy preserving manner, without the need for any central search engine provider.

>> Read more about neuropil

NextGraph Framework — SDK's and API's for the NextGraph Framework

NextGraph is an open source ecosystem that provides solutions for end-users (a platform) and software developers (a framework), wishing to use or create decentralized apps featuring: real-time collaboration, peer to peer communication with end-to-end encryption, local-first, portable and interoperable data, total ownership of data and software, security and privacy. Centered on repositories containing semantic data (RDF), rich text, and structured data formats like JSON, synced between peers belonging to permissioned groups of users, it offers strong eventual consistency, thanks to the use of CRDTs. Documents can be linked together, signed, shared with others, queried using the SPARQL language and organized into sites and containers. Using our framework, SDK and APIs, developers will be able to create standalone or embedded apps that can make capability-based access requests on the user's data, define smart-contracts and implement any business logic within cross-document transactions. With NextGraph, users and apps can securely access and traverse their authenticated data graph (web of data) and social graph (social network), while enabling resilience and data integrity, and preserving privacy and decentralization.

>> Read more about NextGraph Framework

Nitrokey — Open hardware for encryption and authentication

Nitrokey is an open source hardware USB key for data encryption and two-factor authentication with FIDO. While FIDO is supported by web browsers, using Nitrokey as a secure key store for email and (arbitrary) data encryption requires a native software. Therefore email encryption in webmail isn’t possible with Nitrokey. At the same time strong end-to-end encryption in web applications all share the same challenge: To store users' private keys securely and conveniently. Therefore secure end-to-end encryption usually requires native software too (e.g. instant messenger app) or - less secure - store the user keys password-encrypted on servers. Nitrokey aims to solve these issues by developing a way to use Nitrokey with web applications. To avoid the necessity of device driver, browser add-on or separate software this project is going to utilize the FIDO (CTAP) protocol. As a result the solution will work with any modern browser (which all support WebAuthn), on any operating system even on Android. This will give any web application the option to store private keys on ones own Nitrokey devices.

>> Read more about Nitrokey

Nitrokey 3 — PIV/FIPS 201-3 and extended hardware support for Trussed/Nitrokey

Nitrokey 3 is an open source hardware USB/NFC key aiming for data encryption and two-factor authentication. Currently it supports FIDO2 authentication and WebCrypt. This project will allow it to extend its Rust firmware, developing additional functionality which makes it into a full-featured open hardware security key. By adding support for new so called 'secure elements' to Trussed, any device using Trussed can benefit from more hardware options. Within the project we will also develop PIV support for Nitrokey 3. PIV is a smart card standard which is used in enterprises and also popular among users of some operating systems like Microsoft Windows. PIV allows for data encryption, signing and authentication.

>> Read more about Nitrokey 3

Trussed — Open hardware for encryption and authentication

The project summary for this project is not yet available. Please come back soon!

>> Read more about Trussed

Debug Adapter with Nix — Implement the Debug Adaptor Protocol for Nix

The DAWN (Debug Adaptor with Nix) project intends to improve the Nix developer experience by making debugging Nix code easier. As with most programming languages, writing Nix code may be difficult and confusing for those both new to and experienced with Nix, so having a good debugger experience is essential. Today, debugging Nix may be performed either via the Nix debugger's repl or by print statements (builtins.trace). DAWN improves this debugging experience by implementing the adapter portion of Microsoft's Debug Adapter Protocol on top of the Nix debugger. DAWN will provide an ergonomic and first class debugging experience directly from all editors supporting the Debug Adaptor Protocol.

>> Read more about Debug Adapter with Nix

NixOS/Clevis — Unattented disk decryption with Clevis on NixOS

Whether they should or not, organisations are moving their data to third party servers (aka the "cloud"). While full disk encryption of servers should be an everywhere standard in order to protect the sensitive data that they inevitably hold, its adoption is still lagging. This isn't just lack of awareness, but also part of the tooling is missing. With full disk encryption comes a big pain point: restarting the server needs for the root file system to be unlocked before booting the OS.

While it is possible to remotely log into a server to unlock it remotely, this does create a dependency on a human operation in order to boot a server without compromising security. This is sometimes a non-acceptable drawback : it rules out unattended reboots, recovery from power loss, and it doesn’t scale well with the number of servers.

This project will make on disk encryption with remote unlocking part of NixOS - bringing together a number of innovative mechanisms such as system extensions images and stage1-networkd. While this does not make using the cloud safe and private in and by itself (this is impossible), it will contribute to make it somewhat more safe and more private.

Additionally the project will port the Proxmox Hypervisor on NixOS, in order to benefit from NixOS-style declarative host configuration and deployment (which is very valuable when managing a cluster of machines to avoid configuration rot). ProxMox is a hypervisor that can run little to middle sized VM clusters and is capable of handling multi-node clusters.

>> Read more about NixOS/Clevis

UEFI Secure Boot support for NixOS — Add a self-sovereign root of trust as part of supply chain security

This project combines the power of the reproducible package manager Nix with the cryptographic protections of UEFI Secure Boot to provide concrete assurances about the authenticity of the software being booted into. Supply chain security works upward from a root of trust, which has to be in place before the very first bytes of code are even executed by a host’s CPU. UEFI Secure Boot helps provide this root of trust. Using UEFI Secure Boot, the host’s firmware will only boot the operating system if it is signed by a key stored in the firmware. This key may be issued by Microsoft, or in this project’s case, be generated by the user. This can help resist attacks from malware or other attacks against the system’s integrity. Obviously, when people use a commodity operating system commercially available to everyone (like Microsoft Windows) the security protection is far less and the risks are far greater than when someone generates a custom operating system with a reproducible tool like Nix. The Host and signing service will use TPM-backed attestation keys to mutually attest the authenticity of the requests.

This tool will initially support systemd-boot and uboot, however the project will be specifically designed with the intention of supporting additional bootloaders.

>> Read more about UEFI Secure Boot support for NixOS

Type Inference for Nix — Adding static typing and type inference to Nix

Nix is a tool to configure systems and manage packages. It comes with a programming language, also called Nix, to describe packages and configurations. Typically, when a change is made to the configuration of a system, the new configuration is evaluated and then applied. However, configuration errors are only reported after the failure of the evaluation. So, users often have to edit the configuration, evaluate it, understand the evaluation errors, fix the errors and try again. This feedback loop is very inefficient and frustrating for users. Similarly, developing the abstractions to make the Nix package collection (nixpkgs) work can be challenging. Indeed, dynamically typed languages with reflection like Nix do not provide many safeguards.

This project aims to retrofit a static type system, with type inference, on the existing Nix language while being backwards compatible with existing code. Types provide timely feedback to developers to help them during development, thanks to localized error messages. Furthermore, a type system for Nix would supercharge language server protocols and provide immediate feedback to Nix programmers. In addition to acting as some form of documentation, static types enable new exiting possibilities like better optimizations for Tvix in order to get faster evaluation and more advanced type-based function search with Noogle.

>> Read more about Type Inference for Nix

Nyxt — A programmable browser with advanced search integration

Nyxt is a new type of web browser designed to empower users to find and filter information on the Internet. Web browsers today, largely compete on performance in rendering, all whilst maintaining similar UIs. The common UI they employ is easy to learn, though unfortunately it is not effective for traversing the internet due to its limited capabilities. This presents itself as a problem when a user is trying to navigate the large amounts of data on the Internet and in their open tabs. To deal with this problem, Nyxt offers a set of powerful tools to index and jump around one's open tabs, through search results and the wider Internet. For example, Nyxt offers the ability for the user to filter and process their open tabs by semantic content search. Because each workflow and discipline is unique, the real advantage of Nyxt is in its fully programmable and open API. The user is free to modify Nyxt in any way they wish, even whilst it is running.

>> Read more about Nyxt

OCaml direct style transition — Helping with the transition of OCaml programs from Lwt to Eio

OCaml traditionally uses monadic style for concurrent programming, offering advantages like reduced data races and efficiency but requiring all code to be written in this style and leading to frequent allocations. OCaml 5 is one of the first languages to implement algebraic effects, enabling direct-style concurrency with multiple stacks, addressing these drawbacks. However, the transition to effects-based concurrency can lead to incompatibility between libraries written in different styles, putting the whole OCaml ecosystem at risk. This project aims to mitigate these risks by developing tools to automatically rewrite code and identify potential issues during the transition from monadic to direct-style concurrency, specifically focusing on the complex case of the Ocsigen Web framework.

>> Read more about OCaml direct style transition

OCaml-QUIC — Implement QUIC/QUIC-TLS/QPACK and HTTP/3 in OCAML

HTTP/3 is the most recent version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web. Like the QUIC transport layer protocol it uses, it is standardized by the Internet Engineering Task Force (IETF). OCaml-QUIC is an implementation of QUIC (RFC9000), QPACK (RFC9204), HTTP/3 (RFC9114) and associated protocols in OCaml, an industrial, functional, memory safe programming language, used in sectors ranging from finance and research to social media and web application.

The project aims to provide an open, complete implementation of the aforementioned protocols to be used and deployed in embedded devices, POSIX/UNIX operating systems and unikernels (self-contained, library operating systems).

>> Read more about OCaml-QUIC

Improve Okular digital signature support — Improve open source tooling for digital signatures

Okular is a Free Software document viewer that supports multiple file formats such as PDF and OpenDocument Format, and besides viewing allows for annotation and digital signatures. It was initially created for desktop Linux and UNIX operating systems but meanwhile has grown into a universal, vendor-neutral document tool for all platforms - including an increasing amount of mobile operating systems such as Android, postmarketOS and pureOS. Digital signatures allow people to establish the source of documents, but can also be used to enter into legally binding agreements or contracts - so having a reliable and transparent solution is important. The aim of this project is to improve the support of PDF digital signatures in Okular both from the point of view of features and usability, making it easier for users to interact with this crucial privacy and security functionality.

>> Read more about Improve Okular digital signature support

Opaque Sphinx Server and Clients — Server and tools for modern authentication

Passwords are probably the most common way to remotely use private services, which makes them a major liability - humans on average find it very hard to memorize strong passwords. Luckily, passwords - or more particularly tools to work with passwords more safely - are evolving as well. SPHINX is a novel approach to password storage that is information theoretically secure. And unlike most online password managers, the user does not even have to trust the server. OPAQUE is a novel protocol that can be used to eliminate phishing as an attack vector when authenticating to servers. The combination of SPHINX and OPAQUE provides some very strong guarantees while still allowing users to only need to remember one or just a few passwords. This project will develop a SPHINX server in a safe, compiled language, with ample tests. It will also further develop and refine a protocol above SPHINX, handling creation, deletion, backup and changing of data. In addition it will add the OPAQUE protocol to various free software ecosystems such as PHP, java, nodejs, ruby, golang, erlang and rust, as well as to the two most used webservers: nginx and apache2.

>> Read more about Opaque Sphinx Server and Clients

OpenCryptoHW — CGRA- based reconfigurable open-source cryptographic IP cores

OpenCryptoHW aims to develop reconfigurable open-source cryptographic hardware IP cores for Next Generation Internet. With the Internet of Things (IoT) upon us, security and privacy are more important than ever. On the one hand, if the security and privacy features are exclusively implemented in software, the risk of breaches is high. On the other hand, if implemented solely in hardware, it is impossible to fix bugs or deploy critical updates, which is also a threat to security and privacy. Hence, we propose to use reconfigurable hardware, providing the flexibility of software and the trustworthiness of hardware. Hacking into it requires first hacking the device’s configuration infrastructure and then hacking the algorithm itself, which is way more complicated. There have been proposals to implement cryptographic IP cores using Field Programmable Gate Array (FPGAs). However, the FPGA configuration infrastructure is cumbersome and proprietary, increasing device cost and compromising safety. Therefore, we propose to use open-source Coarse-Grained Reconfigurable Arrays (CGRAs) instead of FPGAs. CGRAs have much lighter configuration circuits and are not controlled by any private entity. With OpenCryptoHW, hardware and system designers will be able to download CGRA-based cryptography IP cores for free and under a permissive license, ready to integrate into their silicon designs.

>> Read more about OpenCryptoHW

OpenCryptoLinux — Make Linux run on OpenCryptoHW

OpenCryptoLinux aims to develop an open, secure, and user-friendly SoC template capable of running the Linux operating system, with cryptography functions running on a RISC-V processor. The processor will control a low-cost Coarse-Grained Reconfigurable Arrays (CGRAS) for enhanced security, performance, and energy efficiency. Running Linux on this SoC allows non-hardware experts to use this platform, democratizing it. This project will help build an Internet of Things (IoT) that does not compromise security and privacy. The project will be fully open-source, which guarantees public scrutiny and quality. It will use other open-source solutions funded by the NLnet Foundation, such as the RISC-V processors from SpinalHDL and the OpenCryptoHW project.

>> Read more about OpenCryptoLinux

DRTM implementation for AMD processors — Unified framework for dynamic RTM

The Trenchboot project aims to create a unified framework for dynamic RTM (DRTM) implementation for all platforms. (D)RTM is used to verify if bugs or vulnerabilities have compromised a system, and as such is an important component to get to advanced stages of trustworthiness for our hardware.

>> Read more about DRTM implementation for AMD processors

Open MLS Infrastructure — End-to-end encrypted group messaging

The Open MLS infrastructure project aims at designing and implementing infrastructure components for the MLS (Messaging Layer Security) protocol currently under development by the IETF (https://datatracker.ietf.org/doc/draft-ietf-mls-protocol/). While it is theoretically possible to run MLS peer-to-peer, most use-cases will require central components that take care of ordering and queueing messages, as well as managing group state. Our goal is to create components that are secure, metadata-minimizing, modular, and that allow for federation. This lays a foundation for improving existing and future messaging applications, and will allow to validate a potential future application-layer specification.

>> Read more about Open MLS Infrastructure

Hardening OpenPGP CA deployments — HSM support for OpenPGP key infrastructure

OpenPGP CA is a tool for managing and certifying OpenPGP keys in organizations. Today, the private key material of OpenPGP CA instances is stored and used locally. This project will add support for two hardened modes of operation: 1) Using a hardware-token OpenPGP Card) based key for the CA, and 2) Split OpenPGP CA deployments, in which critical operations are performed on a highly protected machine (e.g. air-gapped), while regular operation can take place conveniently on an online CA instance.

In addition the project will build an OpenPGP CA based tool for version control signing workflows (e.g. git), with a focus on providing a smooth user experience for signing with OpenPGP card devices.

>> Read more about Hardening OpenPGP CA deployments

Interoperable Certificate Store for OpenPGP — Standardisation effort for shared OpenPGP certificate storage

This project will build a public cert store for OpenPGP keys, with well defined data structures and access mechanisms to facilitate interoperability between OpenPGP implementations. It builds on pgp-cert.d, which stores certs, and has an API to access them. Beyond the common format and API, the project will also add Sequoia-specific indices, where standardization doesn't make sense. sq, Sequoia's command line tool, will be adapted to use the cert store. In addition the project aims to develop a privacy-preserving way to update the certs from keyservers.

>> Read more about Interoperable Certificate Store for OpenPGP

Improving OpenSSH's Authentication and PKI — Improving SSH Authentication with OpenPGP transitive trust

It would not be a stretch to say that ssh secures the Internet - it is the protocol most relied on to log into servers of any type. Yet, its authentication model is inflexible, rarely used properly, and inadequate. OpenPGP's transitive trust (aka "web of trust") mechanisms and revocation certificates can help to provided additional automated assurances. By publishing and certifying OpenPGP keys for servers, an ssh client may be able to automatically check whether an encrypted connection is not only encrypted, but also authenticated. Similarly, server administrators can automatically find the right public key for users. And when a server key or user key is compromised, using OpenPGP, it is straightforward to ensure that it won't be trusted: just publish a revocation certificate. This project will add OpenPGP support to OpenSSH to improve and simplify these workflows.

>> Read more about Improving OpenSSH's Authentication and PKI

oqsprovider — Post-quantum/quantum-safe cryptographic algorithms for OpenSSL

Quantum computers will bring to an end integrity and confidentiality provided by "classic" public key cryptography such as RSA and implemented in security application frameworks such as OpenSSL. Therefore, a new class of "post-quantum" or quantum safe crypto algorithms (QSC) is being standardized by NIST. In order to bring QSC to easy deployment, these algorithms need to be added to existing security installations: oqs-provider is a standalone integration of QSC into the OpenSSL software framework. By simply inserting an oqs-provider binary, any OpenSSL installation as well as all applications built on top of OpenSSL permitting crypto-providers is (to be) automatically enabled to use any QSC algorithm supported by the liboqs open source framework. liboqs in turn provides the QSC algorithms that are either finalists or candidates of the NIST Post-Quantum Cryptography standardization competition. This way, users of oqs-provider-enabled OpenSSL installations can cease to be concerned about the risk that quantum computers create. The Open Source communities working on OpenSSL and OpenQuantumSafe can benefit in turn from mutual validation and re-use of their respective work efforts.

>> Read more about oqsprovider

Off-the-Record messaging version 4 — Advanced protocol for secure messaging

OTRv4 is the newest version of the Off-The-Record messaging protocol. It is a protocol where the newest academic research intertwines with real-world implementations. It's aim is to give end-to-end encryption, deniability, authentication, forward secrecy and post-compromise security for any kind of messaging (online or offline). The goal of this new version is to give the most secure privacy and security properties that have a real impact on the world. This new version aims to be available in different desktop clients (that use XMPP or other messaging protocol) and in mobile clients.

>> Read more about Off-the-Record messaging version 4

owi — Symbolic evaluator and fuzzing of WASM software

WebAssembly (Wasm) is a post-JavaScript code format for the web, enabling efficient computing, with built-in sandboxed execution. Its usage is expanding: it is now used in online services, in embedded systems and to create portable binaries.

Owi is a toolkit tailored for Wasm. In particular it can perform efficient symbolic program execution. That is to say, for a given program, it is able to find input values leading to a crash. Many languages are compiling to Wasm, e.g. C/C++/Rust. Owi can thus be used as a bug-finding tool working on any of these languages. We're currently improving the usability of the tool as a part of the testing workflow for developers, the first step of this work is to provide an interface making Owi a drop-in replacement for AFL.

>> Read more about owi

p2panda — p2p protocol and event-driven data store

p2panda is a peer-to-peer protocol and framework for building local-first applications that store and exchange user data in a distributed database. p2panda’s goal is to drastically extend the range of software projects that can be realized with a decentralised architecture by providing a wide range of features that alleviate common issues with this approach. A focus is set on data sovereignty, developer friendliness and supporting collaborative software.

This project will validate these claims by applying p2panda to a real-world use case and improve p2p networking by extending data replication capabilities.

>> Read more about p2panda

Passthrough Authentication — Authentication proxy using Kerberos and SPNEGO

Adding authentication to an application is an ungrateful part of development - users don't like to log in and there is a lot of duplication of effort. This project proposes an interesting alternative which benefits from the fact that browsers have retained built-in support for HTTP SPNEGO (with Kerberos included) for many years: by forwarding Kerberos tokens through a lightweight proxy to a "kerberized" authentication server that is part of the same Kerberos realm where the user logged in at the beginning of the day. The goal of this project is to make web modules, such as Apache, for the proxy and implement the authenticator using Diameter or another broker, and do the same for SASL using GSSAPI.

>> Read more about Passthrough Authentication

Adding Web-of-Trust Support to PGPainless — Web-of-Trust specification support for Java

Reliable authentication of public key certificates is a hard requirement for strong and effective end-to-end encryption. The "Web-of-Trust" (WoT) serves as an example of a decentralized authentication mechanism for OpenPGP. While there are some existing implementations of the WoT in applications such as GnuPG, their algorithms are often poorly documented. As a result, WoT support in client applications is often missing or inadequate.

PGPainless is an easy-to-use, secure-by-default OpenPGP library for Java and Android. This project will extend PGPainless with an implementation of a recently published, new Web of Trust specification. The goal is to make the Web of Trust more interoperable and accessible to client applications, overall increasing the usability and ergonomics of OpenPGP for the end-user.

>> Read more about Adding Web-of-Trust Support to PGPainless

Pijul ecosystem — A modern patch-based version control system

Pijul is a modern patch-based version control system that addresses many shortcomings found in existing tools. While its foundations are already mature and well-tested, it lacks many conveniences users expect from the ecosystems of popular tools such as Git. This project aims to significantly reduce Pijul's barrier to adoption by addressing common areas of user feedback - documentation, usability, robustness, and integration into other tools such as text editors or CLI prompts. We believe this will improve the workflow of existing users, and enable many more to adopt Pijul and its benefits without sacrificing other parts of their workflow.

>> Read more about Pijul ecosystem

Pijul Hybrid — Hybrid patch-based/snapshot-based system for distributed versioning

Pijul is a modern patch-based version control system that addresses many shortcomings found in existing tools, based on a mathematical theory of collaborative work. In order to ease the transition from existing tools, and increase utility in a wider set of use cases, this project will work on a better transition story from other tools like Git and Mercurial, and improve tooling around it. In particular, it will deliver a hosting platform called Nest which has features which will be quite different from other hosting services. Pijul is able to apply patches independently from each other, meaning that (reorderable) patches can be used in place of legacy pull/merge requests everywhere. This should makes most workflows vastly simpler, as well as result in cleaner code bases.

>> Read more about Pijul Hybrid

Pimalaya: email — Open source personal information management

Pimalaya aims to improve open-source tools related to Personal Information Management (PIM) which includes emails, contacts, calendars, tasks and more.

Its first goal is to provide Rust libraries dedicated to the PIM domain. They serve as a basis for all sorts of top-level applications, which prevents developers to reinvent the wheel. Its second goal is to provide quality house-made applications built on top of these libraries, gathered into projects. Among others this includes Neverest, a command-line synchronisation tool. This grant will help Pimalaya to cover the email domain: improve lib structure, improve synchronization, implement autoconfiguration, implement thread view and initialize a REPL.

>> Read more about Pimalaya: email

Pimalaya PIM — Memory-safe emails, contacts, calendars, tasks and more

Pimalaya aims to improve open-source tooling related to Personal Information Management (PIM). Pimalaya has two objectives: to provide solid Rust libraries dedicated to the PIM domain, which serve as a basis for all sorts of top-level applications (meaning their developers can focus on functionality) and to develop a number of quality applications on top of these libraries.

Within the scope of this project, Pimalaya will release additional production-grade libraries and tools, expanding its scope to contacts and calendars — through contact and calendar libraries, command line interfaces and plugins. At the end of this grant, the Pimalaya project covers not just email but also contacts, events, alarm and tasks.

>> Read more about Pimalaya PIM

Polyglot jaq — Data wrangling tool focusing on correctness, speed, and simplicity.

Data often needs to be processed going from one tool to another. Doing that is potentially a point of failure, as 'quick and dirty' solutions often fail to take into account edge cases. This project will build on top of Jaq, a Rust re-implementation of the widely popular jq syntax with rigorously defined semantics, and extend its approach to other data formats - from legible formats such as XML, YAML, TOML, CSV and Markdown to binary formats. For the latter, the project builds on the versatile parsing toolbox of Kaitai Struct.

>> Read more about Polyglot jaq

Post-Quantum Crypto in DNSSEC — Experimental platform for DNSSEC with post-quantum cryptography

PQ-DNSSEC is an open-source tool set for exploring DNSSEC based on post-quantum cryptography. It includes implementations of authoritative DNS servers and DNS resolvers that support various post-quantum signature schemes as well as tools to evaluate performance and the compatibility of these implementations with the existing DNS infrastructure in the global Internet. PQ-DNSSEC also provides a collection of example zones to the general public. This way, the project will help the DNS community to prepare for transitioning to post-quantum secure DNSSEC.

>> Read more about Post-Quantum Crypto in DNSSEC

Pre-Scheme — Compile Scheme directly to portable C

Pre-Scheme is a statically-typed dialect of the Scheme programming language which compiles to C, suitable for low-level systems programming. Pre-Scheme is implemented using a sophisticated general-purpose compiler, written in Scheme, with demonstrated applications to other programming languages and compilation targets. This project aims to port the compiler to R7RS, the latest Scheme standard, so that it can run on a variety of modern Scheme implementations. The Pre-Scheme language and tooling will also be updated to meet the expectations of a contemporary developer audience, and the compiler framework will be documented and exposed to support future innovations in programming language development and research.

>> Read more about Pre-Scheme

Prosody IM — Implement SASL authentication mechanism for XMPP

XMPP is the most widely deployed standard protocol for real-time messaging today, and is a very popular choice among individuals and organizations who wish to manage their own internet communications, instead of submitting to other (e.g. commercial/data-driven) communication platforms. For an XMPP user to log in to their account today, two things are required: a username and a password. This has remained unchanged for many years, while other technologies have been steadily advancing to support security-enhancing features such as multi-factor authentication or even self-sovereign identities.

XMPP uses an authentication umbrella standard known as SASL to authenticate all connections.The way XMPP integrates SASL is defined in RFC 6120 and assumes a very simple challenge-response flow, which has worked well in allowing us to upgrade the network from older SASL mechanisms such as DIGEST-MD5 and onto more modern mechanisms such as SCRAM-SHA-1 and SCRAM-SHA-256.

To gain new authentication features beyond simple password authentication, we need to evolve XMPP’s relationship with SASL. This project will deliver just that, and will be the first complete implementation of a proposed standard (XEP-0388: Extensible SASL Profile) into the popular Prosody XMPP server. It will also implement support for per-session access control throughout Prosody, and support for XEP-0386 (Bind 2.0).

>> Read more about Prosody IM

ProveThis — Prove statements about authenticated API resources

ProveThis allows users to prove statements from websites and APIs using TLS without revealing private information. Although efforts like TLSNotary can currently be used to prove the authenticity and origin of a full HTML page, we extend the capabilities of TLSNotary and allow users to make zk-SNARK based zero knowledge proofs about statements in complexity class NP. More concretely, this can allow users to prove statements about e.g. their banking data (how many transactions did you send in a certain period), social media data (how many friends are you away from knowing Barack Obama) or other data sources. Such proofs can generally be used to reduce fraud without compromising privacy and confidentiality.

>> Read more about ProveThis

Statime — Memory-safe high-precision clock synchronization

Of all severe software security bugs, a big chunk (50-70%) has one single source: memory corruption. The underlying cause is that, traditionally, systems software is implemented in languages that are not memory-safe. The way forward is to replace these pieces of software with memory-safe alternatives, one by one. Doing so will not just mitigate, but eliminate this category of bugs entirely. This project picks out one piece: the Precision Time Protocol (PTP). High-precision clock synchronization plays a crucial role in networking, with application areas such as high precision localization, finance, broadcasting, security protocols, smart grids, and cellular base station transmissions. Our proof-of-concept implementation will conform to the IEEE standard for PTP and will focus on the software implementation of a slave-only PTP ordinary clock. In the future, our work is expected to become part of a wider open-source roadmap for reliable and memory-safe keeping of network time, that will seek to expand the feature set of our implementation and work towards growing its adoption.

Statime is part of Project Pendulum.

>> Read more about Statime

PTT — Unikernel Mailing list server in OCAML

Email is still one of the main channel of communication.Setting up and maintaining something as simple as a reliable mailing list in-house is significantly more complex than it ought to be. Out of convenience, many organisations and communities outsource running their maiilng lists service to third-party agents. However, this not only creates an unnecessary dependency but also reduces confidentiality, which can be a critical aspect.

This project has the ambition to win back the means of communication, developing a new mailing list application service that is easier to maintain securely (through unikernels using MirageOS), and is efficient in terms of resource usage. The service should integrate into existing infrastructures seamlessly.

>> Read more about PTT

purl2all — Discover metadata for software packages

While we often simplify our mental model of the software supply chain by only looking at how source code is maintained and compiled with other source code into binaries which are distributed, in reality there are many more stakeholders that provide or curate information about software which is used by others as part of their decision process - and there are many supply chains concurrently, some of which are intertwined. The purl (package-url) initiative allows this information to be aggregated from all the different stakeholders in the software supply chains.

The purl2all project aims to build a real-time, on-demand, decentralized and distributed knowledge base for all kinds of software packages metadata that can be used by other services that need the metadata; such as ScanCode, VulnerableCode, or any system, application or library using package-url (purl) as a way to identify packages and versions to lookup this data.

The outcome will be a decentralized, on-demand software metadata collection system that will complement or replace centralized batch systems.

>> Read more about purl2all

purl2sym — FOSS code symbols indexing system

Identifying corresponding source code compiled in natively compiled binaries is complex and important – only by knowing the code origin can one know if the code is subject to known vulnerabilities or licensing issues. In IoT and embedded devices, most of the code is composed of natively compiled binaries, with a significant Android-based ecosystem using Java with specific constraints: multiple programming languages (Java and Kotlin) and bytecode-compiled binaries. Many devices also embed secondary code (typically for admin and UI), such as Lua, JavaScript, Python, or PHP.

To help with identification of binaries, it is important to aggregate collection of identifiers and symbols from FOSS code and index them to easily retrieve the data in efficient detection engines, based on automations and binary scanners. These symbols or identifiers are essential to software identification tools such as BANG that can match symbols in source and binaries and determine the corresponding source code for a given binary code input.

purl2sym is a new data collection and indexing system to collect code symbols from FOSS source packages (and binaries in the future) and store them for reuse in other software analysis processes.

>> Read more about purl2sym

Pythonic Slint — Add a full-blown Python API to Slint

Slint is a next generation declarative GUI toolkit that supports multiple programming languages such as Rust, C++, and JavaScript. Implemented in Rust, a language known for its memory safety and performance, Slint can run on platforms such as Windows, Linux, Mac, QNX, and microcontrollers. Next to JavaScript, Python is the most popular programming language. While Python developers already have a number of options when it comes to GUI frameworks, most of these are in the form of wrappers or bindings. We aim to make Python a first-class citizen with a dedicated and idiomatic API, to empower developers to create amazing user interfaces for their applications. Python developers will benefit from a modern open source GUI framework that is well-supported.

>> Read more about Pythonic Slint

RADIUSdesk Multi WAN — Add Multiwan to RADIUSdesk

RADIUSdesk is a complete, open source solution for the provision and management of Internet connectivity. The main component is a feature-rich RADIUS server that includes features such as vouchers, BYOD and permanent users. Permanent users have support for Private PSKs and versatile Fair Usage Policies (FUP). MESHdesk allows you to quickly roll out WLAN connectivity over a large area. APdesk can be deployed in enterprise environments and offers support for guest networks and dynamic VLAN assignment. Bandwidth and data usage can be managed via one of the following options: a captive portal, a PPPeE server or private PSKs with RADIUS. MESHdesk and APdesk can be managed via your phone or a desktop browser. The system has an intuitive API that eases integration with other systems.

In this project, Multiwan support will be added, together with private Pre-Shared Key (PPSK), Multi-Dwelling Units (MDUs) and Software-defined Wide Area Network capabilities which will allow to support more VPN technologies.

>> Read more about RADIUSdesk Multi WAN

rasn — Safe ASN.1 codec framework for Rust

ASN.1 is a suite of protocols and data formats first introduced nearly 40 years ago, and is used extensively throughout the industry, from SIM cards to satellites, from web certificates to 5G radios, all of these are using ASN.1 in their communication stack. However parsing ASN.1 remains a large source of security vulnerabilities due its complexity and needing to be written in traditionally memory unsafe languages for speed and portability.

Rasn is a codec framework for writing safe ASN.1 code in Rust, that encodes ASN.1's data model into Rust's type system, empowering developers to write Rust code that is as safe, portable, and as easy to write as the original ASN.1 module. Rasn supports BER, CER, and DER encoding rules, and can be extended to support custom data formats. Rasn also provides a number standards out of the box including LDAP, PKIX, and SNMP.

>> Read more about rasn

Renderling — Real-time rendering library on top of WebGPU

Renderling is an innovative, GPU-driven real-time renderer designed for efficient scene rendering with a focus on leveraging GPU capabilities for nearly all rendering operations. Utilizing Rust for shader development, it ensures memory safety and cross-platform compatibility, including web platforms. The project, currently in the alpha stage, aims for rapid loading of GLTF files and handling large, animated scenes with many lighting effects. Development emphasises performance, safety, observability, and the use of modern rendering techniques like forward+ rendering and physically based shading.

>> Read more about Renderling

Reowolf — Rip and replace for BSD socket insecurity

The Reowolf project aims to replace a decades-old application programming interface (BSD-style sockets) for communication on the Internet. In this project, a novel programming interface is implemented at the systems level that is interoperable with existing Internet applications. Currently, to increase quality of service (e.g. intrusion detection, latency and throughput) non-standard techniques are applied. Internet service providers resort to deep packet inspection to guess applications intent, and BSD-style socket programming is error-prone and tweaking is fragile. This project resolves these problems: it provides support to middleware to further improve quality of service without having to give up on privacy, and makes programming of Internet applications easier to do correctly and thus more reliable.

>> Read more about Reowolf

ReOxide — Improving Rust Decompilation

Modern compiled languages such as Rust and Go are notorious for producing binaries that are difficult to reverse engineer by default. As these languages grow in popularity, they are increasingly being used in proprietary products and are also attracting malware developers. In order to audit binary software and analyze malware, it is therefore necessary to improve reverse engineering tools with special support for specific languages. To fill this gap, we are developing the ReOxide framework, which targets the reverse engineering of Rust programs. In the presence of extensive compile-time code generation and strong memory optimizations, existing decompilers reach their limits when trying to recreate C-like languages. The design goal of ReOxide is therefore to build on top of the Ghidra decompiler and make it extensible for custom analysis passes. This will allow us to gather information that is readily available during decompilation itself, but not through Ghidra's public plugin API. We will use this information to address Rust specific language features, but also try to keep the extensions general enough for other languages.

>> Read more about ReOxide

Replicant on Guix — Reproducible build infrastructure for Replicant

The project summary for this project is not yet available. Please come back soon!

>> Read more about Replicant on Guix

Reproducible Builds — Make the build processes behind software distributions reproducible

Reproducible builds are a set of software development practices that create an independently-verifiable path from source to binary code.

>> Read more about Reproducible Builds

RETETRA3 — Security research into TETRA standard

Through prior research we have extracted the secret cryptographic functions underpinning TETRA security and made them available for public scrutiny. We were able to present the first public in-depth security analysis of TETRA, uncovering five vulnerabilities including a backdoor (https://midnightblue.nl/tetraburst). We contributed various improvements and bugfixes to the open-source osmocom-tetra stack, as well as adding support for cryptography to the suite.

In this new project there are two main components. One is a continued contribution to the open-source community - developing support for uplink demodulation/decoding and message parsing and implementing a stack able to monitor both downlink and uplink traffic simultaneously, as well as working towards FOSS TETRA base station functionality.

The second part of the project involves further security research on TETRA. We plan to investigate the obscure TETRA End-to-End Encryption (E2EE), an optional proprietary solution on top of the TETRA standard that is used in the most sensitive of use cases for TETRA networks, and provide a security analysis as well as a FOSS implementation. This research should shed light on its suitability for mitigating the previously uncovered security issues.

Also, we will dig deeper into the security of TETRA as a whole, with a special focus on message injection vulnerabilities. We aim to provide definitive insight in to which extent adversaries are able to compromise confidentiality and integrity (particularly important when TETRA is used in critical infrastructure) of TETRA traffic, and which mitigations can be considered in order to be able to use TETRA securely and safely.

>> Read more about RETETRA3

Ripple — Safer and faster incremental software builds

As it stands, reproducible builds are not accessible to the average developer. Existing projects tackling this problem come with significant caveats: some rebuild packages from scratch, making them practically useless for interactive development, while discouraging users from hacking on the core parts of their system due to cascading rebuilds; others are drastically more efficient, but come with fewer correctness guarantees, and require build scripts to be re-implemented in custom DSLs, making them costly to adopt. This is further exacerbated by frustrating, flaky tooling, and the proliferation of compatibility issues arising from inherent constraints of these solutions. Ripple is a hermetic, incremental, meta build system. It provides stronger purity guarantees and improved efficiency over existing solutions, while being completely ecosystem-agnostic. In effect, Ripple can memoize arbitrary programs. This lets users migrate gradually, opting into ecosystem-specific optimizations and abstractions at their own pace, and opens up a huge number of creative possibilities. Ripple aims to make reproducible builds not only easy, but fun — encouraging mainstream adoption, so we might together put to rest the ghost of bygone builds.

>> Read more about Ripple

RNP Confium — Distributed trust store enabling threshold encryption

Confium is an open-source distributed trust store framework that enables usage of the new paradigm of threshold encryption, powering new modes such as cryptographic secure multi-factor authentication. It aims to provide a generalized API and an extensible architecture for the usage of trust stores and future cryptographic families, to support standardization efforts of threshold cryptography, and to bridge cryptographers with the practical usage of cryptography. The current project enables implementation of the Confium framework with a 2-out-of-3 threshold RSA signature scheme.

>> Read more about RNP Confium

Robotnix — Reproducible Builds of Android with NIX

Robotnix enables a user to easily build Android (AOSP) images using the Nix package manager. AOSP projects often contain long and complicated build instructions requiring a variety of tools for fetching source code and executing the build. This applies not only to Android itself, but also to projects which are to be included in the Android build, such as the Linux kernel, Chromium webview, and others. Robotnix orchestrates the diverse build tools across these multiple projects using Nix, inheriting its reliability and reproducibility benefits, and consequently making the build and signing process very simple for an end-user.

>> Read more about Robotnix

Rosenpass — Post Quantum Security Add-On for WireGuard

Rosenpass is a formally verified, post-quantum secure VPN that uses WireGuard to transport the actual data. The implementation does not create a VPN connection itself, instead it performs a key exchange and hands this key to WireGuard; i.e. it *enhances* WireGuard's security without replacing it. This reduces the complexity of implementing the protocol and ensures that all the performance-advantages of WireGuard are available with Rosenpass. There is some extra latency to make a connection, but after that, WireGuard and Rosenpass are as fast.

The protocol used by Rosenpass is based on the handshake designed by Hülsing, Ning, Schwabe, Weber and Zimmermann and improves upon the protocol by using cookies to provide resistance against state-disruption attacks. State-disruption attacks exist against the first version of the post-quantum WireGuard protocol and against classic WireGuard when NTP is used to synchronize the system-clock.

Internally, the protocol uses two post-quantum KEMs (key exchange methods) and no post-quantum signature schemes to provide ephemeral secrecy and deniability.

>> Read more about Rosenpass

Support for OpenPGP v6 in rPGP — Implement draft-ietf-openpgp-crypto-refresh in rPGP

rPGP is a high-quality implementation of OpenPGP in pure Rust (OpenPGP is a standard for encryption, digital signatures and key management). rPGP is used in production in different contexts, among them the popular "Delta Chat" decentralized and secure messenger that is used by hundreds of thousands of users, worldwide. The OpenPGP standard has recently been revised to reflect current best cryptographic practices. The revision of the standard defines "OpenPGP version 6" and is currently being finalized for publication as RFC 9580. This project will implement the new formats and features of OpenPGP v6 for rPGP. This will bring the new features of OpenPGP v6 to users of rPGP, and ensures future interoperability with all other modern OpenPGP implementations.

>> Read more about Support for OpenPGP v6 in rPGP

Fast RSA + PQ Blind Signatures — Fast multiprecision integers for blind RSA and Post-Quantum signatures

We observed significant performance differences between the different implementations of classic RSA signatures in various widely used Free Software cryptographic libraries. Each of the libraries takes a different approach to implementing modular exponentiation, the core operation when generating and verifying RSA signatures. Naturally, RSA signatures would also not be safe in presence of large-scale quantum computers.

In this project, we improve the performance of libgcrypt, mbedTLS, GNU nettle and libgmp to ensure that they are on par with the best secure implementations available today. Furthermore, we implement one of the academic post-quantum blind signature schemes, make it available as Free Software and integrate it with GNU Taler.

>> Read more about Fast RSA + PQ Blind Signatures

Rusted Platform Module (RPM) — Programming TPMs in pure Rust

The Rusted Platform Module (RPM) project strives to improve and advance Trusted Platform Module (TPM) v2 support and ease of use for the Rust programming language. This includes programming the TPM in pure Rust, without C-based libraries in the background, as well as (commandline) tools for common tasks, etc. This project strives to increase adoption of memory-safe languages for programming of security components like the TPM.

>> Read more about Rusted Platform Module (RPM)

Rust Threadpool — Improve privacy of Rust threading library

ThreadPool is a free and open-source library that provides a simple and intuitive interface for programmers to multi-threaded programming. ThreadPool aims to make parallel programming accessible to the general public. Running tasks in parallel is a vital building block for building efficient solutions on modern hardware. Combined with Rust's type-system this library allows programmers to parallelize their applications without introducing unsafe behaviour while managing the administrative tasks of interacting with the operating system.

>> Read more about Rust Threadpool

SASL XMSS — Make SASL work with XMSS protocol

Simple Authentication and Security Layer (SASL) is an authentication and data security framework. The framework defines a structured interface to which SASL mechanisms must comply. These mechanisms can then be used by application protocols in a uniform manner. XMSS provides cryptographic digital signatures without relying on the conjectured hardness of mathematical problems. Instead, it is proven that it only relies on the properties of cryptographic hash functions. XMSS provides strong security guarantees and is even secure when the collision resistance of the underlying hash function is broken. It is suitable for compact implementations, is relatively simple to implement, and naturally resists side-channel attacks. Unlike most other signature systems, hash-based signatures can so far withstand known attacks using quantum computers. The SASL XMSS project's goal is to implement the XMSS system as a SASL mechanism in one of the publicly available open source SASL libraries.

>> Read more about SASL XMSS

SpinalHDL, VexRiscv, SaxonSoc — Open Hardware System-on-Chip design framework based on SpinalHDL

The goal of SaxonSoc is to design a fully open source SoC, based on RISC-V, capable of running linux and optimized for FPGA to allow its efficient deployment on cheap and already purchasable chips and development boards. This would provide a very accessible platform for individuals and industrials to use directly or to extend with their own specific hardware/software requirements, while providing an answer to hardware trust.

Its hardware technology stack is based on 3 projects. SpinalHDL (which provides an advanced hardware description language), VexRiscv (providing the CPU design) and SaxonSoC (providing the facilities to assemble the SoC).

In this project, we will extend SpinalHDL, VexRiscv and SaxonSoc with USB, I2S audio, AES and Floating point hardware capabilities to extend the SoC applications to new horizons while keeping the hardware and software stack open.

>> Read more about SpinalHDL, VexRiscv, SaxonSoc

Secure Web Tokens for Linux — TPM 2.0 backed FIDO2/U2F tokens on Linux

This project aims to develop a systemd daemon that utilizes the TPM 2.0 security chip to provide FIDO2/U2F tokens for web browsers and operating system applications on Linux. Leveraging the ubiquitous presence of TPM2 in modern PCs, the daemon will enhance security and usability for Linux users. It will allow the integration of security chips as access tokens with web extensions, secure local passwords and HOTP/TOTP managers, and enable hardware-based lock screen authentication mechanisms.

The daemon will interface with the TPM2 chip to manage FIDO2 token generation. It includes support for the "uhid" kernel driver for button press emulation when no fingerprint reader is available for authentication. The project involves developing the daemon, ensuring seamless integration with systemd, and conducting extensive testing for functionality and security. Comprehensive documentation will be provided for setup and use, along with user guides for web extension integration. The outcome will be a robust, secure, and user-friendly solution for Linux users, elevating the baseline security and leveraging existing hardware capabilities to the fullest.

>> Read more about Secure Web Tokens for Linux

x86-64 VM Monitor for seL4 verified microkernel — Very restricted virtualized environment for higher security

The security of any software system depends on its underlying Operating System (OS). However, even OSes such as Qubes, which are "reasonably secure" depend on large trusted computing bases (e.g. hypervisors) with hundreds of thousands of lines of code. For example, the Qubes' Xen Security Advisory Tracker reports that 53/283 (18%) of Xen vulnerabilities over the last eight years affected Qubes. As a step towards facilitating the implementation of more secure, Qubes-like systems, we propose to retarget it to the seL4 microkernel. seL4 is an open-source, formally-verified microkernel that has matured and been maintained for over a decade. seL4's small size (10,000 Lines of Code) and formal verification make it an appealing Xen replacement for Qubes, however, its virtualization support is currently limited. As a first step to enabling Qubes on seL4 we will implement a hardened, open-source, x86 64-bit Virtual Machine Monitor (VMM) for the seL4 microkernel capable of hosting the core Qubes OS virtual machines.

Sequoia GPG Chameleon — Implement well-known API's for using OpenPGP

Sequoia's GnuPG Chameleon is a drop-in replacement for the widely-used encryption software GnuPG. It offers the same interface, while at the same time replacing the underlying OpenPGP implementation. This approach brings security benefits to everyone directly or indirectly using GnuPG before, while providing a smooth migration path that does not require changes to existing software.

>> Read more about Sequoia GPG Chameleon

Sequoia PGP — Improve interface of Sequoia PGP commandline

Sequoia PGP is a new OpenPGP implementation, which is written in Rust and focuses on ease of use. To date, the main product is a library. This project will focus on sq, Sequoia's command line tool. The project consists of three parts. First, useful functionality will be added to sq making sq comparable to gpg. Second, the human-readable interface will be augmented with a JSON interface. This will make it easier and robuster to use sq from scripts. Finally, this project will add an acceptance test suite to sq thereby strengthen the foundation for future changes.

>> Read more about Sequoia PGP

A Secret Key Store for Sequoia PGP — Standards-compliant private key store for OpenPGP

This project implements a private key store for Sequoia, a new OpenPGP implementation. Currently, Sequoia-using programs use private keys directly. A private key store mediates applications' access to private keys, and offers three major advantages relative to the status quo. First, a private key store is in a separate address space. This means that private keys that are in memory are in a different address space from the application. This was underlying cause of the Heartbleed vulnerability. Second, a private key store can provide a uniform interface for accessing keys stored on different backends, e.g., an in-memory key, a key on a smart card, or a key on a remote computer, which is accessed via ssh. This simplifies applications. Third, this architecture simplifies sharing private key material among multiple applications. Only the private key store needs to worry about managing the private key material, which improves security. And, when a user unlocks a key in one application, it is potentially unlocked in all applications, which improves usability.

>> Read more about A Secret Key Store for Sequoia PGP

Adding TPM Support to Sequoia PGP — Implement use of TPM 2.0 crypto hardware for OpenPGP

Protecting cryptographic keys is hard. If they are stored in a file, an attacker can exfiltrate them - even if the harddrive is encrypted at rest. A good practical solution is a hardware token like a Nitrokey, which stores keys and exposes a limited API to the host. For most end users, a token is a hassle: one needs to carry it around, it needs to be inserted, and it is not possible to work if it is left at home. And, it needs to be purchased. There is a better solution, which doesn't cost anything. A trusted computing module (TPM) is like an always-connected hardware token only more powerful (the keys can be bound to a particular OS installation, it can store nearly an unlimited number of keys, not just three) and TPMs are already present in most computers. This project will add support for TPMs to Sequoia PGP including comprehensive test suites and in-depth documentation for both software engineers: as an API and end-users as a way to use TPM bound keys through Sequoia's command-line interface (sq) for decryption and signing.

>> Read more about Adding TPM Support to Sequoia PGP

Σ-protocols — Formalise and implement zero-knowledge proof Σ-protocol

Σ-protocols are mature and widely-used cryptographic protocols used for digital signatures and for zero-knowledge proofs. This project is centered around their standardization and the development of a comprehensive specification and reference implementation.

The main goal is to create a detailed and accessible specification for Σ-protocols and the Fiat-Shamir heuristic, to be presented in formats like HTML or PDF, along with a reference implementation. This effort aims to make these technologies understandable and usable by a broad audience, including developers, practitioners, students, and engineers. The end goal is to make this technology more accessible for privacy-preserving applications and non-cryptographers.

>> Read more about Σ-protocols

Slint port for Android — Port the Rust-based Slint UI toolkit to Android

Slint is a next generation declarative GUI toolkit that supports multiple programming languages such as Rust, C++, and JavaScript. Implemented in Rust, a language known for its memory safety and performance, Slint can run on platforms such as Windows, Linux, Mac, QNX, and microcontrollers. The popularity of Android as a mobile phone operating system has influenced the standardisation of drivers on embedded systems to the extent that its possible to easily procure off-of-the-shelf embedded hardware that can run Android. Slint will be the first native (non-web based technology) Rust based toolkit for creating applications on Android and will allow designers and developers an alternative open source option to build the user interface for their applications.

>> Read more about Slint port for Android

Slips Immune I — Active IDP using ARP poisoning

The "Slips Immune I" proposal marks the initial step in building an "Immune System for the Internet," aimed at enhancing cybersecurity by fostering collaboration among computers using local and global decentralized P2P technology. The project focuses on improving the Slips Intrusion Detection System on local networks using Raspberry Pi devices, incorporating advanced detection ML models, isolation capabilities, and blocking techniques to mitigate cyberattacks. Key goals include implementing defense mechanisms, such as ARP poisoning for isolation and firewall-based protection, as well as training a Large Language Model (LLM) assistant to support security orchestration and decision-making. By leveraging machine learning and a collaborative architecture, Slips aims to evolve into a comprehensive, resilient Internet Immune System, where interconnected devices collectively detect, share information, and defend against cyber threats, enhancing protection through shared knowledge and adaptive responses.

>> Read more about Slips Immune I

Solid Wallet — Authorization reasoning, rule-based controls and fluid integration for Solid

Solid Apps display information collected by following linked data across the World Wide Web, writing changes to Solid Personal Online Data Stores (PODs). Following links can land an App on a protected resource somewhere on the Web, accessible only to a select group of actors specified in an associated Web Access Control Resource. Solid Wallet aims to build core libraries to reason over Solid Access Control Rules, limit access to what clients can request, publish keys and sign transactions. The same libraries will also be useable by servers to verify such claims. Finally, we will use these libraries to build a flexible prototype Wallet for Solid apps that run in the browser or server.

>> Read more about Solid Wallet

Dual-level Specification Inference — Make formal verification more practical with dual-level Specification Inference

While formal verification of smart contracts gains traction, writing formal specifications can be equally if not more costly than writing code. Spec^2 is a specification inference framework that aims to automatically deduce a high-quality set of specs based on the code only. The inferred specs include both per-transaction pre-post conditions (low-level specs) and invariants on the blockchain-backed storage (high-level specs). Furthermore, the inferred specs should be similar to what experts might develop manually and can be easily examined by people without formal verification training. The funding from NLnet and NGI Assure will be used to prototype Spec^2 against the Move language and infer specifications for Move-based smart contracts.

>> Read more about Dual-level Specification Inference

Secure User Interfaces (Spritely) — Usability of decentralised social media

Spritely is a project to advance the federated social network by adding richer communication and privacy/security features to the network. This particular sub-project aims to demonstrate how user interfaces can and should play an important role in user security. The core elements necessary for secure interaction are shown through a simple chat interface which integrates a contact list as an easy-to-use implementation of a "petname interface". Information from this contact list is integrated throughout the implementation in such a way that helps reduce phishing risk, aids discovery of meeting other users, and requires no centralized naming authority. As an additional benefit, this project will demonstrate some of the asynchronous network programming features of the Spritely development stack.

>> Read more about Secure User Interfaces (Spritely)

Spritely Oaken — Secure 3rd party extensibility with capability-based Scheme

The project summary for this project is not yet available. Please come back soon!

>> Read more about Spritely Oaken

Stalwart Mail Server — Robust full featured mail infrastructure in Rust

Self-hosting an e-mail server is notoriously difficult. While privacy is a top concern for many individuals and businesses, the complexities of self-hosting a mail server often outweigh the benefits, leading many to choose to sacrifice some privacy and pay a third-party provider to manage their email instead. One of the key challenges of self-hosting an email server is the outdated and complex nature of most available open-source mail server software.

Stalwart Mail Server is an open-source email server written in Rust that aims to help modernize, democratize, and promote decentralization of email. The server offers a robust and privacy-focused solution that is easy for individuals and businesses to set up and maintain on their own.

Stalwart Mail Server consists of three components: a JMAP server, an IMAP4 server with support for ManageSieve as well as many extensions, and an SMTP server with support for DMARC, DKIM, ARC, and SPF. The server does not require any external software or databases to run and can easily scale to multiple servers thanks to its native Raft support.

Furthermore, the use of Rust in Stalwart Mail Server allows it to offer improved performance, safety, and concurrency compared to other solutions, making it a versatile and robust choice for those looking to self-host their own email server.

>> Read more about Stalwart Mail Server

Standards Grammar Catalog/Toolchain — Open Standards Grammar Catalog/Toolchain

The Open Standards Grammar Catalog/Toolchain makes it easier to implement a format or protocol by translating its machine-readable definition, usually in a language such as ABNF, into forms readily compatible with popular programming languages, like regular expressions, YACC, ANTLR, and native code. By providing a toolchain for making these translations, assembling a catalog of commonly used formats & protocols, and publishing a developer-friendly website for browsing the grammars and generating translations, these tools will reduce the need to manually write a parser, ultimately reducing errors due to hand-written code, and enhancing interoperability.

>> Read more about Standards Grammar Catalog/Toolchain

Suhosin-NG — Harden PHP 7 and PHP 8 applications

The PHP programming language was invented by Danish programmer Rasmus Lerdorf in 1994. The language is actively used by millions of websites through popular tools such as WordPress, Owncloud and Wikimedia. Suhosin-NG (next generation) will significantly improve the security of web applications running with PHP 7, and help thwart popular web attack vectors aimed at PHP based websites. Already existing ideas from the Suhosin project for PHP 5 will be gathered in addition to implementing a number of new ideas to improve the overall security stature of PHP 7. This concerns harnessing new features of the language, mitigating security risks in the default configuration and improvements to the runtime behaviour. In practical terms the project will implement these by extending the PHP extension Snuffleupagus, that already provides a good basis for hardening PHP 7. The project's goal is to provide software and documentation for setting up a PHP 7 environment in the most secure way possible.

>> Read more about Suhosin-NG

Great Black Swamp — Decentralized cloud storage with provider-independent security

Tahoe-LAFS is a well-known open source distributed storage solution based on DHT, suited for sharing critical data in production. Currently, Tahoe-LAFS uses the Foolscap protocol for communication between client nodes and storage nodes. Foolscap has a small developer community, is only implemented in Python, and Tahoe-LAFS only uses a small subset of its features. This project will implement an HTTP-based storage node protocol for Tahoe-LAFS (Great Black Swamp, or GBS in short) which will help to eliminate unnecessary complexity, increase the pool of potential contributors, open the door to new implementations and improve runtime performance.

>> Read more about Great Black Swamp

Interledger interoperability inquiry — Investigate synergy between Interledger and GNU Taler

The Interledger Protocol and Open Payments API specification are the payment protocols used for an online tipping specification being proposed in the W3C Web Platform Incubator Community Group called Web Monetization. The Web Monetization specification allows for automatic streaming micropayments and low-friction on-demand tipping to online creators who specify an Open Payments wallet address in their HTML or respective metadata of the online experience (e.g. JSON-LD in Activity Streams/ActivityPub, XML attribute in podcast RSS).

This project proposal will investigate the technical feasibility of using Taler as a payment method on the Interledger payment network to support Web Monetization. The outcome will be a an overview of potential approaches for integrating Taler using the Interledger Protocol or as a payment method in Interledger’s Open Payments API reference implementation (Rafiki).

>> Read more about Interledger interoperability inquiry

Tauri Apps — A safer run-time for web technology based apps

Tauri is a toolkit that helps developers make more trustworthy applications for the major desktop platforms - using virtually any frontend framework in existence. A popular use case is to create a desktop or mobile version of a web app, rather than wasting effort on creating native clients for each platform. Unlike other solutions (e.g. Microsoft's Electron), it is built in the type-safe language Rust - and the team has a focus on strong isolation, shielding the user from malicious or untrusted code downloaded "live" from the internet. After all, once breached, such an app can for instance siphon off cryptocurrencies or bootstrap other more persistent malware.

In this project, the team works among others on a particularly innovative feature, to prevent JS injection for all application types. In this approach Rust Code Injection is used alongside dependency-free EcmaScript, Object.freeze(), and a filtering iFrame that is the only subsystem permitted to communicate with the API. This will help to create more secure applications,

>> Read more about Tauri Apps

Timing-Driven Place-and-Route (TDPR) — Open hardware tool to synthesize digital silicon circuits

The lack of an open-source timing-driven place-and-route tool is one of the major barriers to creating technically fully transparent digital integrated circuits such as microprocessors. The most popular open-source place-and-route tools available today are not timing-driven, hence the generated layouts are generally not guaranteed to satisfy the timing constraints. This requires tedious and time-consuming manual interventions. This project will combine published algorithms with existing open-source projects to fill this gap. The tool will be released with the free/libre AGPLv3 licence together with extensive documentation and tutorials.

>> Read more about Timing-Driven Place-and-Route (TDPR)

RETETRA — Security Analysis of Proprietary Cryptography in Terrestrial Trunked Radio

Terrestrial Trunked Radio (TETRA) is a European standard for trunked radio used globally by government agencies, emergency services and critical infrastructure. Apart from most European police agencies (such as BOSNET in Germany or RAKEL in Sweden), military operators and emergency services, TETRA is also widely used for SCADA telecontrol of oil rigs, pipelines, transportation and electric and water utilities. TETRA authentication and encryption are handled by secret, proprietary cryptographic cipher-suites known as TAA1 and TEA which are only available to select parties under strict NDAs which runs counter to both the spirit of open technologies and Kerckhoffs's principle. The latter's potential consequences are illustrated by the fate of A5/1, A5/2 and their GMR variants in cellular and satellite communications, allowing ciphers that can be broken in practice to fester in public and critical infrastructure for far too long. This project aims to reverse-engineer and subsequently perform cryptanalysis on these cipher-suites and finally formulate a hardening roadmap in order to provide a research-oriented FOSS implementation of the cipher-suites and aid affected parties in moving away from unexamined, proprietary security mechanisms towards open standards.

>> Read more about RETETRA

Threshold OPRFs — Bringing the power of Threshold OPRFs to the people

"Bringing the power of Threshold OPRFs to the people" is a project trying to jump the gap between academic research and robust free software implementations. Oblivious Pseudo-random Functions (OPRFs) and Threshold constructions bring some very interesting and strong security properties that go beyond the state-of-the-art. Besides low-level implementations, reusable libraries, servers, and command-line clients, also concrete applications will be delivered, such as password and secret storages, encrypted data-at-rest, authentication, and secure channel setup.

>> Read more about Threshold OPRFs

TLS-KDH mbed — Implement TLS-KDH into mbed

TLS-KDH (http://tls-kdh.arpa2.net/) is a mechanism that adds Kerberos authentication to the Transport Layer Security (TLS) network protocol. TLS-KDH is developed under the flag of ARPA2 (www.arpa2.net) and is formalized in the form of a draft Internet specification. Furthermore, a successful prototype implementation has been built and integrated into GnuTLS. Making this prototype code production ready is well underway and in its final stage.

In order for TLS-KDH to become an Internet Standard the IETF requires at least two working implementations. To provide the IETF with two TLS-KDH implementations and to address the embedded world with a TLS-KDH capable TLS library we chose MbedTLS as our second library. The TLS-KDH mbed project's goal is to implement the TLS-KDH functionality in the MbedTLS library.

But why do we want to implement Kerberos authentication in the first place? Well first of all, the Kerberos protocol is quantum computer proof. That means that we can use this mechanism in the (future) presence of quantum computers. Since TLS is one of the most widely used security protocols on the present Internet having such mechanism would be a welcome addition. Secondly, Kerberos employs a centralized architecture as opposed to X.509 which is distributed. Adding TLS-KDH gives the user a choice which architecture (and implied pros and cons) to use. For a more extensive overview of advantages of TLS-KDH we refer to the project's homepage (http://tls-kdh.arpa2.net/).

>> Read more about TLS-KDH mbed

TrustING — Ultrafast AS-level Public-Key Infrastructure

TrustING is a human-transparent and agile Trust Infrastructure for a Next-Generation Internet. This infrastructure enables any two entities to establish secret keys that can be used to encrypt and authenticate data. The foundation of TrustING is the AS-level Public-Key Infrastructure (PKI) of the SCION Internet Architecture that provides sovereignty (ensuring absence of global kill switches), trust transparency, and algorithm agility, among others.

The TrustING service establishes symmetric keys with other domains in advance, and then relies on those keys to derive keys for local hosts. The core novelty of this approach is the ability to derive keys purely locally on both sides of the communication, without even requiring key transport. By making TrustING a control-plane mechanism offered by the network infrastructure, higher-level applications can make use of it without having to worry about complexities such as exchanging key material or establishing trust.

To show the viability of TrustING, we will implement TLS trust bootstrapping using TrustING and additionally demonstrate the efficiency of TrustING by using it to authenticate SCMP (SCION's equivalent of ICMP) messages.

>> Read more about TrustING

Trustix — Make build logs available as publicly verifiable, tamper-proof Merkle trees

Software build infrastructure is vastly underestimated in terms of its potential security impact. When we install a computer program, we usually trust downloaded software binaries. But even in the case of open source software: how do we know that we aren't installing something malicious which is different from the source code we are looking at - for instance to put us in a botnet or siphon away cryptocurrencies? Typically, we have confidence in the binaries we install because we get them from a trusted provider. But once the provider itself is compromised, the binaries can be anything. This makes depending on individual providers a single point of failure in a software supply chain. Trustix is a tool that compares build outputs across a group of providers - it decentralizes trust. Multiple providers independently build the software, each in their own isolated environment, and then can vouch for the content of binaries that are the outcome of reproducible builds - while non-reproducible builds can be automatically detected.

In this project the team will work on further enabling trust delegation, by offloading log verification to trusted third parties - heavily inspired by the Delegated Proof of Stake consensus algorithm. It will bring Trustix into the Nix and the Guix ecosystems that are most amenable to Trustix' approach. The ultimate goal is for Trustix to integrate seamlessly into the entirely decentralized software supply chain so we can securely distribute software without any central corruptible entity.

>> Read more about Trustix

UnifiedPush — Decentralized and open-source push notification protocol

Push notifications are essential to the modern mobile experience, as they enable applications to communicate with users in real time, even when not in active use. Major mobile operating systems provide a centralized service that they control, but depending on a centralized push notification system controlled by one company raises issues of privacy and independence. UnifiedPush is a decentralized and open-source push notification protocol. It is a set of specifications and libraries that allow the user to choose how push notifications are delivered. It is compatible with WebPush, the standard for web applications.

>> Read more about UnifiedPush

vdirsyncer — Synchronise calendars and contacts

In this digital age, we all have digital address books with the phones and addresses of our loved ones, friends, and those with whom we work. We keep calendars with meetings we need to attend and places we are expected to be. And we need to keep this information synchronised across devices, shared with others, but only with those whom we choose to collaborate. Vdirsyncer synchronises address books and calendars between webcal, caldav, and local vdir collections. This empowers users to manage their own data, synchronise with servers of their choice, as well as interact with their data offline in their own devices. Vdirsyncer has proven itself a useful tool, but suffers from some early design issues which are impossible to fix without rewriting it. Within this project, the rewrite will become a reality. Additionally, the codebase will be structured to be easily usable by other projects and developers.

>> Read more about vdirsyncer

Verified Reowolf — Formal protocol verification with Reowolf

Using formal methods, we rigorously validate and verify functionality and security properties of essential Internet protocols. In this project, we unambiguously specify Internet protocols using Reowolf's Protocol Description Language (PDL). We research and develop validation tools for certifying the compliance of software/hardware implementations of essential Internet protocols with respect to PDL specifications; and, we research and develop a mathematical formalism, using the state-of-the-art theorem prover Coq, for the verification of properties of protocols specified in PDL that identify precisely under what conditions important properties, such as network integrity and service availability, remain to hold or when they break. The results are important for long-term stability of the Internet, and will be published open access & open source.

>> Read more about Verified Reowolf

Noise Explorer-VerifPal — Automated proofs and code generation for secure protocols

Noise Explorer is an online engine for reasoning about Noise Protocol Framework (revision 34) Handshake Patterns. Noise Explorer allows you to design Noise Handshake Patterns, and immediately obtain validity checks that verify if your design conforms to the specification. For visually oriented people, it provides a convenient visualisation in your browser. Noise Explorer can also generate Formal Verification Models and Software Implementations. This allows to instantly generate full symbolic models in the applied pi calculus for any Noise Handshake Pattern that you enter. Using ProVerif, these models can be analyzed against passive and active attackers with malicious principals. The model's top-level process and sophisticated queries are specifically generated to be relevant to your Noise Handshake Pattern, including tests for strong vs. weak forward secrecy and resistance to key compromise impersonation Noise Explorer also automatically generates a secure implementation of your chosen Noise Handshake Pattern design, written in Go. In addition the users can explore a Compendium of Formal Verification Results. Since formal verification for complex Noise Handshake Patterns can take time and require fast CPU hardware, Noise Explorer comes with a compendium detailing the full results of all Noise Handshake Patterns described in the original specification. These results are presented with a security model that is even more comprehensive than the original specification, since it includes the participation of a malicious principal.

>> Read more about Noise Explorer-VerifPal

Verifpal — Prove soundness of verification in Verifpal

Verifpal is new software for verifying the security of cryptographic protocols. Building upon contemporary research in symbolic formal verification, Verifpal’s main aim is to appeal more to real-world practitioners, students and engineers without sacrificing comprehensive formal verification features.

In order to achieve this, Verifpal introduces a new, intuitive language for modeling protocols that is much easier to write and understand than the languages employed by existing tools. At the same time, Verifpal is able to model protocols under an active attacker with unbounded sessions and fresh values, and supports queries for advanced security properties such as forward secrecy or key compromise impersonation.

Verifpal has already been used to verify security properties for Signal, Scuttlebutt, TLS 1.3, Telegram and other protocols. It is a community-focused project, and available under a GPLv3 license.

>> Read more about Verifpal

Virtualizing device firmware — Creating digital twins for auditing and testing appliances

Recent targets of attacks on infrastructure did not come from powerful computers, but instead from consumer electronics devices. The most widely known example of this is the Mirai botnet, where consumer grade IP cameras were infected, added to a botnet and then used in wide scale attacks in a rather devious way: the original functionality of the device was left untouched, meaning that users either didn’t notice that their device had been taken over, or weren’t bothered by it. This projects aims to provide a way to virtualise such an IoT device and integrate it with an existing honeypot framework to see how the malware is inserted and how botnets operate. The goal is to extract a firmware from an existing device and use that as the base for the virtualisation. The same setup can also be used to systematically check for undocumented behaviour of firmware.

>> Read more about Virtualizing device firmware

vm-builder — Virtual Machine Build, Life Cycle and Integration in monolithic and microkernel platforms

As each piece of software is built using other software, it is difficult to ensure that a program is not accidentally infected through malicious code interfering anywhere in this process. An important defence is reducing the amount of code one relies upon and strictly isolating the build from any other processes that could influence it, typically by using a virtual machine.

However, the are currently no minimal, portable and final virtual machine build systems which enable effective bootstrapping of operating systems. Delegating this task to container build systems is insufficient, since they are primarily available to the Linux kernel and provide weak isolation properties. Delivering those with a high portability and even (or especially) on low TCB microkernels is key to secure bootstrapping of operating systems and applications on (to be) trusted infrastructure.

The current prototype has proven successfully applicable to nowadays general purpose OSs, templating/inheritance and reproducible builds are to be implemented. An implementation in a more robust programming language like Rust is still lacking and will be completed in the course of this project. The long term goal is to easily build and provide legacy platforms and software especially on microkernels — allowing for a migration path towards operating systems with effectively manageable complexity.

>> Read more about vm-builder

Enhancing vula with IPv6 and REUNION rendezvous — IPv6, hybrid post-quantum improvements & REUNION support for Vula

With zero configuration, Vula automatically encrypts IP (v4) communication between hosts on a local area network (LAN) in a forward-secret and transitionally post-quantum manner to protect against passive eavesdropping. When the local gateway to the internet is a Vula peer, internet-destined traffic will also be encrypted on the LAN. With simple verification using QR codes or other peer verification methods, Vula is also able to disrupt active surveillance adversaries. Vula combines WireGuard for forward-secret point-to-point tunnels with cryptographically enhanced mDNS and DNS-SD for local peer discovery. Vula enhances the confidentiality of WireGuard tunnels by using CSIDH as provided by highctidh, a post-quantum non-interactive key exchange primitive, to generate a peer-wise pre-shared key for each tunnel configuration. Vula avoids the need for any Single Point of Failure (SPOF) such as a trusted third party. Vula is equally functional on otherwise air-gapped networks.

webxdc PUSH — Towards an usable, interoperable and trustworthy web app ecosystem

Webxdc PUSH advances a new paradigm for writing and distributing web apps, majorly improving interoperability, usability, reliability, trustworthiness and and interactivity of chat-shared web apps (webxdc) across messengers and platforms.

PUSH enables webxdc app developers to use new P2P real-time messaging facilities, new notification, deeplinking and context APIs, majorly leveling up the cross-messenger webxdc effort and specifications.

>> Read more about webxdc PUSH

WebXDC XMPP — Standardisation effort for WebXDC integration in XMPP

WebXDC is a fresh and still evolving effort to explore "private apps", essentially 'portable' web apps through which users can interact in any number of ways outside of the traditional client-server paradigm, e.g. over E2EE chat. Originally developed for Delta Chat over SMTP, we will bring the latest version of this experience to the XMPP ecosystem, including a standardized interchange format for other XMPP clients to use, and a gateway for communication with existing Delta Chat WebXDC users.

>> Read more about WebXDC XMPP

Whippet — A new local maximum in safe, managed memory

Whippet is a new automatic memory manager (garbage collector) which is designed to be incorporated into the Guile Scheme programming language implementation. Switching to Whippet should improve the speed and scalability of Guix and other Guile-based software while also lowering total system memory usage. This project aims to push Whippet over the finish line, filling in missing functionality and doing the last-mile work to incorporate Whippet into Guile. The anticipated results should also give confidence to other language run-times looking for a state-of-the-art, embeddable, minimal, no-dependency garbage collector.

>> Read more about Whippet

XWiki — Bring wiki capabilities into the Fediverse

XWiki is a modern and extensible open source wiki platform. Up until now, XWiki had been focusing on providing the best collaboration experience and features to its users. We're now taking this to the next level by having XWiki be part of the larger federation of collaboration and social software (a.k.a. fediverse), thus allowing users to collaborate externally. XWiki is embracing the W3C ActivityPub specification. Specifically we're implementing the server part of the specification, to be able to both view activity and content happening in external services inside XWiki itself and to make XWiki's activity and content available from these other services too. A specific but crucial use case, is to allow content collaboration between different XWiki servers, sharing content and activity.

>> Read more about XWiki

XMPP Interoperability and Protocol Standard Conformance Testing — Development of an XMPP Test Suite

XMPP is the Extensible Messaging and Presence Protocol. XMPP offers an open, extensible, standardised and mature set of open technologies designed for decentralised communication. With its flexible design and rich history, its utilisation is widespread.

To advance interoperability in its diverse ecosystem of developers and implementations of server software, this project will create an implementation-agnostic test suite for XMPP servers, testing for conformance with the XMPP protocol standards.

The suite will be designed to be integrated with various third-party CI components to minimise the complexity of including the suite in development processes of the various and varied parties that are developing XMPP server implementations.

xqerl — Performant (Erlang) implementation of W3C XQuery and XML database

The xqerl project is an open-source XQuery 3.1 implementation. It attempts to combine the simplicity of the W3C XQuery 3.1 language for querying and building XML and JSON, with the powers of the Erlang language for building massively concurrent, fault-tolerant, distributed applications. Many optional language features have already been added to xqerl, including the RESTXQ specification for building REST endpoints directly from code annotations. To further enhance user experience and the feature-set of xqerl, the "Schema Aware" and "Typed Data Features" will be added. These features will allow for XML Schema documents to be directly referenced from queries and the query statically analyzed at compile time using the schema to either build better query plans or return errors back to the user before running time consuming queries.

>> Read more about xqerl

Zero-allocation web servers in roc — Web server framework with constant memory usage

Memory consumption in web servers is hard to predict and control. Our zero-allocation web server guarantees constant memory usage and per-request memory caps. These guarantees and capabilities make web infrastructure more reliable, because it is actually possible to calculate how much server capacity is required for a certain amount of traffic.

The vast majority of webservers are written in a language with automatic memory management. They cannot provide the guarantees that our webserver can, and often have other downsides like poor general performance and GC pauses.

The core of our webserver is written in rust, and while it works in a rust-only context, is meant to be used in combination with the roc programming language, a fast, friendly, functional language with automatic memory management, but without GC pauses. Users will be able to write web applications using roc, without having to consider how memory is allocated. At the same time, we manage the memory as efficiently as possible under the hood.

>> Read more about Zero-allocation web servers in roc

Zilch — Tools for efficient granular builds and introspection

Zilch is an experimental test bed for alternative approaches to building programs, services, and full Linux distributions. Being built on top of Nix, it is entirely compatible with NixOS. The goal of this project is to research and develop a set of tools that allow a developer to write programs and patch existing upstream projects, while keeping the reproducibility and sandboxing afforded to them by Nix.

>> Read more about Zilch

Zip linting and bzip2 in Rust — More secure handling of popular archive formats

Zip is a widely used format for distributing files. It is a rather permissive file format, opening the door to various attacks such as zip bombs. The `bzip2` compression format is still used in many legacy settings. Consequently, it is part of the supply chain of many projects. To mitigate these risks, this project will deliver a) a zip linter checking for suspicious file contents in zip files and b) a memory-safe implementation of bzip2 through drop-in replacements of the libraries and a safe Rust `bzip2` binary.

>> Read more about Zip linting and bzip2 in Rust

Search

Navigate projects

By theme

Want to help?

Help us by protecting open source and its users with 5 minutes of your time.

Donate today

Your donation can help grow the future!