Diablo_Rain/synos-public-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: GRIMOIRE arsenal + cert arcs + blue/red/purple + MESH.md (e-waste philosophy)

Browse Source 
GRIMOIRE.md additions:
- The arsenal — three distrobox-based operator environments (Kali,
  BlackArch's 2,800+ packages, Parrot privacy stack), 600+ host-native
  tools via pacman/AUR, ~3,400 cross-distrobox total, with progressive
  unlock through certification arcs
- Boss contracts — raids vs nightmare tiers, contract.toml state
  machine semantics, branch-on-solution-approach, faction favor as
  earned reputation
- The XP engine — ~100K-line gamification crate, modified-logarithmic
  level curve with prestige boundaries, multiplicative multiplier stack
  (property-tested cap), signed-commit-attestation XP for upstream
  contributions (forge-resistant)
- Loot economy depth — tier-tied drop tables, prestige-locked gear,
  reputation multipliers
- Certification arcs — OffSec (OSCP/OSEP/OSWE/OSCE³), GIAC, ISC²,
  EC-Council, INE, Splunk/Sentinel/Elastic, AZ-500/SC-100/AWS Security
- Blue + red + purple split — full-spectrum positioning vs the
  curriculum-only competitors

MESH.md (NEW) — the e-waste reduction philosophy as a load-bearing
front-door doc. Three reinforcing pillars (environmental, economic,
sovereign) + how the mesh works at a high level + what it enables.
"The mesh is the product. Everything else is architecture in service
of this core." Old laptops and retired workstations pulled from the
e-waste stream back into a sovereign compute pool.

README.md updates:
- Mesh-on-salvaged-silicon as a first-class capability bullet
- Promise section now leads with "the mesh is the product"
- Cross-link to MESH.md

The pivot here is from "Syn_OS is a security distro with mesh capability"
to "Syn_OS is mesh-of-old-hardware running local AI; security distro is
how we got here." This matches the founder's stated load-bearing thesis.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
ShellDiablo33 2026-05-09 14:33:07 -04:00
parent 5bc7b5e1d8
commit c94de3aff8
No known key found for this signature in database
GPG Key ID: 8019DF7A5C73BB5A
3 changed files with 172 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
GRIMOIRE.md
View File

@ -61,6 +61,13 @@ Every lab is real. Every solution is verifiable. Every credit is earned.
Some scenarios are too big for a single lab. **Boss contracts** chain multiple labs into a single multi-stage arc — a piece of multi-week storytelling where you earn your way through stages, where partial progress matters, and where the final clear means something. Some scenarios are too big for a single lab. **Boss contracts** chain multiple labs into a single multi-stage arc — a piece of multi-week storytelling where you earn your way through stages, where partial progress matters, and where the final clear means something.
Boss contracts live in two tiers:
- **Raids** — multi-lab arcs designed for cohorts. The engine tracks party composition, role assignment, and shared progress.
- **Nightmare** — solo-tier endgame contracts. Brutal. Long. The kind of work that earns its own page on your operator résumé.
Each contract is described by a `contract.toml` declaring the ordered constituent labs, the narrative beats inserted between them, branch conditions (the engine reads what *kind* of solution you produced and routes you accordingly), and the final reward. The engine treats a boss contract as a **state machine**: progress is persisted to your save file, you can step away and return without losing place, and **branches don't just change which lab is next — they change which faction owes you a favor afterward.**
Boss contracts are the tests the system pulls out when it thinks you're ready. Boss contracts are the tests the system pulls out when it thinks you're ready.
### the economy ### the economy
@ -69,6 +76,39 @@ Earning is more than XP. GRIMOIRE has a **loot and crafting economy**. Solve lab
It's not pay-to-win. It's *earn-to-play.* It's not pay-to-win. It's *earn-to-play.*
Loot tables are tied to lab tiers — beginner labs drop common components, advanced labs drop rare ones, raids drop legendary blueprints. Crafted gear modifies your in-game stats: detection radius, lab attempt limits, hint-cost reductions, faction reputation multipliers. Some pieces unlock *only* at certain prestige levels — meaning the operator who's ground through a hundred labs has gear the new arrival can't even see in the catalog.
### the XP engine
The gamification crate is the largest single Rust crate in the platform — close to **a hundred thousand lines** of game systems code, with over a thousand tests holding the math in place. The level curve is a modified logarithmic ramp with prestige boundaries; XP doesn't merely pile up, it transforms.
XP sources the engine recognizes:
- **Lab completion** — base XP from each lab's manifest.
- **Speed runs** — beat a lab's timer threshold and a multiplier kicks in.
- **Achievements** — one-time grants from a static table; some require lateral thinking the engine notices on its own.
- **Daily and weekly challenges** — rotating objectives that ask you to do *something specific* with what you already know.
- **Upstream contributions** — XP grants keyed off **signed commit attestations**. You can't forge it by editing a local file. The signature is checked against the project's keyring.
- **Boss contract clears** — the prize pools that move you up tiers.
Multipliers stack **multiplicatively**, not additively, up to a hard cap (enforced by a property test — the math doesn't get to drift). Faction affinity, first-time completion, active event modifiers — the cap is real.
### the arsenal
GRIMOIRE doesn't ship "a list of tools." It ships a **multi-distro arsenal** stitched together with a curated catalog and faction-flavored access.
**Three distrobox-based operator environments** ride alongside the host system, each a fully isolated Linux distribution available at your fingertips:
| Container | What's in it | When to reach for it |
|---|---|---|
| **Kali** | The classic offensive-security toolkit — Burp, Metasploit, Nmap, sqlmap, Wireshark, Aircrack-ng, hashcat, John, the lot | Web app testing, network reconnaissance, password attacks, the standard pentest workflow |
| **BlackArch** | The largest offensive-security tool collection in any Linux ecosystem — well over 2,800 packages spanning every category from binary analysis to wireless | Niche tools, exotic protocols, specialist research, anything Kali doesn't ship |
| **Parrot** | Security + privacy + forensics, with Anonsurf and the privacy-tooling stack | OPSEC-conscious engagements, anonymization workflows, forensic recovery |
The host distribution layers in **600+ tools natively** through the Arch + AUR ecosystem, plus the project's own tooling (memory-safe replacements, ALFRED-aware integrations, custom ATT&CK-tagged utilities). Total cross-distrobox surface: **3,400+ tools** at your reach, without juggling separate VMs.
The arsenal isn't dumped on you at first boot. **Tools unlock progressively** through GRIMOIRE's certification arcs — beginning users see a curated starter set; the wider catalog opens as your skill bracket rises. This is not artificial difficulty: it's the difference between handing a novice every weapon in the armory and walking them through what each tool actually does, on a live target, in context.
### narrative quests ### narrative quests
Threading through everything is a **branching narrative**. Quests with multiple paths. Choices that close some doors and open others. NPCs whose names you'll remember. Cutscenes that hit. A world with its own history before you arrived. You're not the protagonist — you're a new player in a world already in motion. Threading through everything is a **branching narrative**. Quests with multiple paths. Choices that close some doors and open others. NPCs whose names you'll remember. Cutscenes that hit. A world with its own history before you arrived. You're not the protagonist — you're a new player in a world already in motion.
@ -81,6 +121,31 @@ Some of the best labs can only be solved as a group.
--- ---
### the certification arcs
GRIMOIRE doesn't replace certifications. It makes the practice that earns them feel like a story you're inside, not a syllabus you're slogging through. Lab progression is mapped against the major industry tracks:
- **Offensive Security** — OSCP, OSEP, OSWE, OSCE³
- **GIAC / SANS** — every active GIAC track with at least one mapped lab arc
- **(ISC)²** — CISSP, CCSP, CSSLP foundations
- **EC-Council** — CEH, CHFI, CCISO
- **INE** — eJPT, eCPPT, eWPTXv2
- **Defensive operations** — Splunk, Sentinel, Elastic certifications
- **Cloud security** — AZ-500, SC-100, AWS Security Specialty
Each cert track is materialized as a progression arc with labs mapped to actual exam objectives. You don't just *prepare* for the exam. You *live the curriculum*, in faction-colored scenarios, with real adversaries (some of them ALFRED-driven) and real loot to show for it.
### blue. red. purple. all of it.
GRIMOIRE refuses the false choice between offensive and defensive. The lab corpus spans:
- **Blue team** — SOC workflows, SIEM queries, incident response, log analysis, threat hunting, forensics, detection engineering, malware analysis
- **Red team** — reconnaissance, exploitation, privilege escalation, lateral movement, persistence, OPSEC, sandboxed adversary tradecraft
- **Purple team** — collaborative detect-validate loops, ATT&CK-driven assessments, detection-as-code authoring, shared telemetry analysis
- **War games** — live seasonal scenarios with rotating threats, ALFRED-driven adversary simulation, player-vs-player head-to-heads, team-vs-team campaigns, King-of-the-Hill persistence contests
Pick one lane. Pick all of them. The platform doesn't care. The platform *records* — and the leaderboards remember who turned up for which fights.
## the path ## the path
GRIMOIRE is structured around a long arc: from **novice** to **operator**. GRIMOIRE is structured around a long arc: from **novice** to **operator**.

105
MESH.md Normal file
View File

@ -0,0 +1,105 @@
# The Mesh
### *e-waste reduction through meshed intelligence.*
---
## the thesis
Syn_OS is not just a cybersecurity operating system. It is a **deliberate reduction in electronic waste**, a reclamation of the compute infrastructure already lying dormant in basements, landfills, and back rooms.
The mesh of old hardware running local AI is **the product**. Everything else — the kernel, the training platform, the distributed coordination layer — is architecture in service of this core.
This is not branding. It's the load-bearing thesis the project is built around.
---
## the problem
The global stockpile of "obsolete" hardware runs into hundreds of millions of devices. Most of it is perfectly functional silicon that was retired because single-machine performance didn't meet the latest benchmark.
A 2013 Intel i5 laptop. A 2011 Xeon workstation. An Ivy Bridge NUC. A decade-old gaming rig with a dead GPU. Each has 4-8 CPU cores, 8-16 GB of RAM, 500 GB of storage, and **nothing wrong with it except age**.
**Commercial AI infrastructure ignores this hardware** because the per-dollar performance favors new GPU clusters. The market answer to "I want to run AI" is "buy new silicon, rent cloud capacity, add a recurring bill to your operating expenses."
Syn_OS takes the inverse position: **the right mesh of old hardware running the right software can outperform expensive single-node inference** for a class of workloads that matters for sovereign, privacy-preserving, edge, and hobbyist use cases.
---
## the three reinforcing pillars
### 1. environmental
Every salvaged node is e-waste not going to landfill.
A Syn_OS mesh of eight old laptops has a carbon footprint of approximately **zero** — the hardware was already built, already shipped, already paid for by someone else's disposal. The energy cost of manufacturing new silicon dwarfs the operational cost of keeping old silicon useful.
Datacenters draw gigawatts. A reclaimed mesh draws what your wall socket draws. The math is brutal in our favor.
### 2. economic
A student can boot Syn_OS on a **fifty-dollar Goodwill laptop**, join a mesh with friends or classmates, and participate in AI research and purple-team training **with no hardware budget at all.**
The accessibility ceiling drops from "can afford a $2,000 GPU" to "can find a working laptop." For students, hobbyists, security researchers in regions where new hardware is genuinely out of reach, this is not a quality-of-life improvement. It is the *only* way they participate.
### 3. sovereign
Local AI on hardware you physically own, in a building you physically control, means **no data leaves your premises.**
For organizations in regulated industries — healthcare, legal, defense, finance — this is not a marketing feature. It is the product. The architecture *guarantees* what compliance frameworks merely require, by making cloud egress mechanically impossible for the inference path.
For the individual operator, the same architecture means: your AI companion knows what it knows because *you* taught it. It does not phone home. It does not appear in someone else's training set. It is yours.
---
## how the mesh works (in broad strokes)
Multiple machines, owned by you or by your trusted circle, coordinate through an encrypted backbone. Each node contributes what it can — a node with more memory hosts the larger model shards; a node with more cores handles the inference parallelism; a node with a quiet network link handles the long-running tasks. The coordination is **peer-to-peer** by design. There is no central server you depend on. There is no cloud account you need.
If a node goes offline — laptop closed, power cut, mesh partitioned — the rest of the mesh continues. When the node comes back, it rejoins. State is reconciled.
The mesh is the platform's natural state. A single laptop is just a mesh of one.
---
## what this enables
- **Hobbyist labs** running real AI workloads on hardware that was destined for a recycling depot.
- **Classrooms and security clubs** building a shared compute pool from whatever the participants brought.
- **Small consultancies** running their own AI stack on retired enterprise hardware, with full data sovereignty for client engagements.
- **Field operators** taking a laptop into a low-connectivity environment and still having an AI companion at hand.
- **Research collectives** federating compute across institutions without the data-sharing problem that traditional cloud collaboration creates.
---
## the philosophical line
We do not want to be the project that participated in the next wave of computing infrastructure waste.
The cybersecurity profession produces enormous volumes of "outdated" hardware as enterprises cycle through equipment refreshes. Most of it gets pulped or shipped overseas to be pulped less responsibly. Some of it is **plenty fast for what most operators actually do day-to-day** — terminal work, code review, network analysis, training labs, light AI inference.
The mesh is how that hardware gets back in the game.
The mesh is how a fifteen-year-old laptop becomes part of a research group's compute pool instead of a brick in a recycling bin.
The mesh is how sovereignty stops being a slogan and starts being the architecture.
---
## the long arc
We are not building a product that benefits from selling new hardware. We are building infrastructure that benefits from making old hardware useful again. The economics of the project align with the longevity of the platform.
Twenty-year-old workstations should still be running Syn_OS — or whatever Syn_OS becomes — twenty years from now, contributing to meshes that haven't been built yet.
That is the bet.
That is why the mesh is the product.
---
<div align="center">
*own your infrastructure. own your intelligence. own your future.*
</div>

3
README.md
View File

@ -34,7 +34,7 @@ The platform that ships as Syn_OS today is the result of a sustained, multi-year
- **ALFRED v5** — the AI daemon. 11-region neuroanatomically-modeled brain. Local inference via Ollama and ONNX. No cloud in the critical path. - **ALFRED v5** — the AI daemon. 11-region neuroanatomically-modeled brain. Local inference via Ollama and ONNX. No cloud in the critical path.
- **GRIMOIRE** — the gamified cybersecurity training platform. **100 hand-authored labs across 13 categories.** Faction system. XP economy. Boss contracts. Branching narrative quests. Maps to **11 professional certification paths.** Read more in [GRIMOIRE.md](./GRIMOIRE.md). - **GRIMOIRE** — the gamified cybersecurity training platform. **100 hand-authored labs across 13 categories.** Faction system. XP economy. Boss contracts. Branching narrative quests. Maps to **11 professional certification paths.** Read more in [GRIMOIRE.md](./GRIMOIRE.md).
- **synos-bevy** — Bevy 0.14 game engine, 8 plugins, ~7,000+ lines of immersive desktop experience. - **synos-bevy** — Bevy 0.14 game engine, 8 plugins, ~7,000+ lines of immersive desktop experience.
- **Arcanum Hive**8-node Tailscale mesh + Kubernetes operator. Sovereign coordination across distributed hardware. - **Arcanum Hive**peer-to-peer encrypted mesh + Kubernetes operator. Sovereign coordination across distributed hardware. **The mesh is built for salvaged silicon** — old laptops and retired workstations pulled out of e-waste and back into the compute pool ([the philosophy →](./MESH.md)).
- **Post-quantum cryptography** — ML-KEM, ML-DSA, and SLH-DSA built into the trust toolkit. - **Post-quantum cryptography** — ML-KEM, ML-DSA, and SLH-DSA built into the trust toolkit.
- **41-stage self-healing build pipeline** producing three signed ISOs from a single source tree. - **41-stage self-healing build pipeline** producing three signed ISOs from a single source tree.
- **1,600+ tests, 100% pass rate**, 35% tarpaulin coverage floor. - **1,600+ tests, 100% pass rate**, 35% tarpaulin coverage floor.
@ -76,6 +76,7 @@ The boundaries between images are mechanically enforced — not honor-system. Wh
## what we promise ## what we promise
- **The mesh is the product.** Local AI on hardware you physically own. Old silicon reclaimed from landfills, not new GPUs auto-billed monthly. ([the e-waste philosophy →](./MESH.md))
- **No cloud in the critical path.** ALFRED runs on your machine. Inference happens locally. The system does not require a network connection to be useful. - **No cloud in the critical path.** ALFRED runs on your machine. Inference happens locally. The system does not require a network connection to be useful.
- **No telemetry without consent.** The default state is silent. Anything that crosses the boundary of the box, you approve. - **No telemetry without consent.** The default state is silent. Anything that crosses the boundary of the box, you approve.
- **Memory-safe by default.** The Rust ratchet (v56) is a one-way commitment — kernel hot paths and userspace foundations move toward Rust, never away. - **Memory-safe by default.** The Rust ratchet (v56) is a one-way commitment — kernel hot paths and userspace foundations move toward Rust, never away.