Trustless Computing Consortium
The Trustless Computing Consortium is a global initiative, by world-class partners and advisors, to create and sustain (1) an extremely highly technically-proficient and citizen-accountable Trustless Computing Certification Body, (2) a minimal compliant complete open-licensed low-level general-purpose computing platform, and (3) a profitable ecosystem of independent certified providere, that jointly will radically exceed state-of-the-art in ICT confidentiality and integrity, while avoiding any significant risks of malevolent use and obstruction to constitutional and lawful cyber-investigations.
Uniquely, all and every software, hardware and processes that are critically involved in the ICT service provisioning or lifecycle – from CPU design to fabrication, to hosting room access – are subject to extreme verification relative to complexity, or to extremely resilient socio-technical oversight, based on offline citizen-witness or citizen-jury processes.
By “trustless” computing, we mean computing without the need or assumption of trust in anything or anyone, except in the intrinsic resistance of the organizational processes critically involved, as recognizable by moderately informed and educated citizens. By constitutionally-meaningful, we mean resistant to attacks of tens of millions of euros to the life-cycle or supply-chain, by actors with very low liability and high access to plausible deniability.
It will uniquely enable radically unprecedented assurance levels of confidentiality and integrity for IT services, civilian and dual-use applications, while avoiding significant risks of malevolent abuse and obstruction to legitimate cyber-investigations. By radically-unprecedented, we mean resistant to attacks of tens of millions of euros to the life-cycle or supply-chain, by actors with very low liability and high access to plausible deniability. It will cretae an open-licensed patent-unencumbered publicly-verifiable set of core critical technologies, and an highly resilient ecosystem, from standard setting body to fabrication oversight.
Initially aimed at mission-critical enteprise communications and financial transactions as the 1st ultra secure enterprise applications platform – as a go-to-market beach-head – it will soon aim to enable scaleup to tens of millions of mass-market consumer devices and critical autonomous systems; and then highly-regulated civilian and military critical offense and defense informational systems.
- Public R&D funding programs, Following previous 2 proposals, we submitted in April 2016 a 129-pages 4.8M€ proposal to the EU H2020 DS-01 RIA with an amazing set of partners, which describes in fine detail the technical work, societal impact and business planning of our proposed platform, ecosystem and certification body.
- TRUSTLESS.AI startup spin-off aimed at the dirsuption of secure communications and financial transactions in the enterprise sector, to then scale up in consumer electronics and autnomous systems. Created in April 2016, it has and relocated in Menlo Park, California, on Oct 22nd 2016, it is rasing 3.5M$ in seed funding.
- Free and Safe in Cyberspace. The event series promotes the establishment of a Trustless Computing Certification Body, with a wide consensus has catalized the discussion and definition, validation and consensus building to build new IT paradigms, standards and certification governance processes that could both deliver constitutionally-meaningful privacy (i.e. Free) and enable constitutional – no more no less – lawful access (i.e. Safe), through the definition of new international paradigms, standards and certification bodies for ultra-high assurance IT service and life-cycle. The 1st EU Edition was held in Brussels on Sept 2015 with amazing world-class speakers, then in Iguazu (Brazil), and next we’ll be in July 2016 in New York, and on Sept 22-23rd 2016 in Rome.
- Manifesto of Trustless Computing and the Proposal for Trustless Computing Certification Boady. As an outcome of the R&D proposals and the event series. some of the advisors and participants – including Bart Preneel, CapGemini Netherlands, Jovan Goilic, Tecnalia – have been working on of the processes a 50-pager draft Proposal for Trustless Computing Certification Body (gdoc) and a 6-pager Manifesto of Trustless Computing (gdoc).
OUR ACTIONABLE PATH TO DISRUPTION !!!
It will initially be marketed as an end-2-end mobile+desktop communications service for use case scenarios of the highest confidentiality and integrity requirements – albeit with very basic text/voice features – via a 2-2.5mm-thin touch-screen screen handheld device attached to the back of a user’s mobile phone, or embedded into the back shell of a partnering mobile device makers (see details of device below). In a short-to-long term actionable path, it is designed to be extensible to dual-use highest-availability scenarios; and to constitute low-level computing base and socio-technical certification standards and the most security- and privacy-sensitive targeted lawful access systems, and for the most safety-critical strong and narrow artificial intelligence applications.
The current world-class current Member of Trustless Computing Consortium include globally unique and rare open high assurance IT providers and R&D centers, leading cybersecurity industry associations, the largest AI R&D center in the Worls, the nations of Italy and Austria. World class advisors include world renowned TI security experts and governance experts (A binding and detailed Trustless Computing Consortium MoU Agreement (pdf) has been signed by core technical partners in advance of our 4.8M€ &D funding proposal to the H2020 DS-01 RIA.)
GENERAL TERMS & BENEFITS OF MEMBERSHIP
- Affirm, promote and evolve the Trustless Computing Paradigms.
- Jointly share the current and future IP rights over the 1.7-4.8M€ Trustless Computing Initiative R&D project, developed through EU R&D funds or through private funding from TRUSTLESS.AI startup spin off.
- Establish an independent new Trustless Computing Certification Body, Transfer all powers of the standardization and certification of TRUSTLESS-compliant technologies, after the initial R&D project, to an independent international and highly-competent, and user-accountable body, the Trustless Computing Certification Body.
- Commit to complete verifiability, as well as royalty-free free-open source licensing, or declare very clear and low royalties for all innovations they will integrate or develop in their work-package, own and third party dependencies.
- Be entitled to commercial advantages, to be negotiated per member:
- For Technology Members: special non-compete rights of certain sub-markets; a specified and minimum tech role and budget in all future TRUSTLESS-based R&D grant proposals.
- For End-User and Commercialization Members: option to be first to market in certain sub-markets; influence the technical nature of the consortium.
- Commit – for the first 12 months after initial R&D project completion – to offer TRUSTLESS-related service only jointly through the Trustless Computing Consortium. (This is intended to prevent unfair competition by large companies that may snatch away the open techs and one or a few core partner, and beat the Consortium in its first mover advantage).
- Membership Dues will vary according to entity type and revenue. No fee will be due until when TRUSTLESS will receive it’s funding through the EU funded and donate 60K€ as startup seed fund for the Consortium.
PREVENTION OF MALEVOLENT USE
Notwithstanding the unprecedented levels of assurance being targeted, and the public verifiability of the digital designs of all critical hardware and software components, we believe to have nearly eliminated the potential for malevolent use. We have devised highly innovative mitigation measures at the fabrication and service levels, that radically reduce the risks of hampering legitimate cyber-investigation, while providing unprecedented safeguards against end-user rights abuse. See Manifest and Proposal of Trustless Computing for details, though still draft, description of how.
Our base 3M€ R&D project proposal will realize a production-ready prototype, and dedicated certification body, that will realize the goals of the Trustless Computing Initiative. The main output will be a dedicated 1.8-2.2mm-thin touch-screen e-ink screen handheld device (or CivicPod) which is available either attached to the back of any user’s mobile phone via a dedicated external case, or (outside scope of this project) “inserted” inside the internal case of a custom-built smartphone’s (or CivicPhone), sharing its battery.
Each CivicPod user will also optionally receive, at cost, a paired cheap TV-connected device (or CivicDongle) with capability to act as secure Tor node for metadata privacy (and for later mass roll-out, play on-TV secureTRUSTLESS content, as well as ordinary mobile-formatted Web content). CivicPods are assembled, verified, flashed, and transferred to their users in dedicated custom-built street-facing lab (or CivicLab), that contains a server room, where all privacy-sensitive services, if offered, must be hosted in dedicated hosting room (or CivicRoom), whose access requires 5 randomly-selected user -witnesses and dedicated servers (or CivicServers). Fabrication and design of all critical hardware components will be subject to oversight processes (or CivicFab) that will substantially exceed in end-user-trustworthiness those of NSA Trusted Foundry Program, at substantially lower costs. After an initial exclusivity for a Post-R&D TRUSTLESS Consortium, TRUSTLESS services can be managed, distributed and commercialized by any willing service provider (or CivicProviders). CivicProvider service is regularly and continuously verified and certified by a to-be-established dedicated certification organization/committee (or TRUSTLESS Certification Body), made up mostly of world leading global digital civil rights organizations, also responsible for the updating of the certification specifications, the final formal Paradigms (or TRUSTLESS Paradigms) and derived certification requirements (or TRUSTLESS Specifications). The same base HW&SW base will run CivicDevices (Pod, Server, Dongle) and CivicRoom locks.
User authentication may optionally rely on an external dedicated non-RF and non-MCU smart-card CivicPod-embedded chip (or CivicID), and a RF-enabled “bank-card sized” smart-card (or CivicCard) that provides 2nd factor authentication while the card is in the user’s wallet. The same extremely minimized HW&SW computing base will run all CivicDevices (Pod, Server, Kiosk Dongle) and CivicRoom locks, to drastically reduce costs.
ULTRA-OPEN & RESILIENT ECOSYSTEM
It’s aim is to create a open-licensed patent-unencumbered publicly-verifiable set of core critical technologies, and a highly resilient ecosystem, from standard setting body to fabrication oversight. All R&D partners have also formally agreed to detailed binding consortium MoU (pdf) that guarantee, in the long-term and in fine details, the openness of the technologies and of the ecosystem, so as to render it resilient even against very strong economic pressures. The project has gathered over 2 years world-class advisory boards and core technical partners with globally unique or rare expertises in ultra-high assurance systems and processes – that are bindingly committed to low, clear and patent-encumbered IP terms, to guarantee its scalability to many millions in consumer markets, as well as its high attractiveness as open low-level target service architecture for the most critical use cases in most IT domains.
- (3/2017) Seek exceptional entities to join as addional members of the Consortium, in order, starting from our partners, stakeholders of EOS and DFKI, and our networks, to:
- To increase its market outreach, through additional prospective end-users; and increase its ecosystem resiliency, through additional ultra-high assurance IT technical partners.
- In this intial phase, we are mostly interested in small or large entities that are global leaders in specific high-assurance IT lifecycle components; best if compatible with our initial low-level architecture based on Sel4, Leon3/Sparc and 200mm fabrication. No fees are required until funding is secured.
- (5/2017) Formal incorporation of the Trustless Computing Consortium, an endowment of 60K€ (By TRUSTLESS or OMC), and membership dues will be due when and if funding in excess of 1.5M€ are secured.
- (5/2017) Facilitate the establishment of a Trustless Computing Certification Body, especially through the Free and Safe in Cyberspace event series
- (6/2017) Attract additional exceptional new members to the Consortium.
TRUSTLESS COMPUTING VS TRUSTED COMPUTING.
Our aims are similar to the stated goals of the renowned Trusted Computing Group, but it will be aimed at substantially-higher levels of actual and perceived trustworthiness for the end-user. This is due to the fact that it will not place unverified trust on any critical providers, components or processes. It will certify that even the “trusted computing base” comppnents and processes and all critical life-cycle processes to extreme verification relative to complexity.
Extreme minimization of hardware and software will allow extreme verification relative to complexity of ALL software, firmware, hardware and processes (including hardware design and manufacturing, and datacenter management processes) involved end-to-end in the Trustless Computing offering, which in turn will enable to achieve unprecedented assurance levels at a low per unit cost, and economic sustainability within an initial 4M€+ R&D Project budget. All its critical hardware components, will be manufactured in one or more partnering low-capacity 2-300mm semiconductor mini foundry which will reliably and sustainably allow complete oversight of any critical manufacturing processes (CivicFab); location in participating countries is preferred but not required. It will developed starting from the most minimal, verified and hardened free/open-source (or at least publicly verifiable) software and hardware components available. Most of all, it will develop highly-accountable constituent socio-technical organizational processes to manage all any critical processes potentially affecting the assurance of the computing experience.