A Project Briefing

Go to file

ShellDiablo33 c94de3aff8 docs: GRIMOIRE arsenal + cert arcs + blue/red/purple + MESH.md (e-waste philosophy) GRIMOIRE.md additions: - The arsenal — three distrobox-based operator environments (Kali, BlackArch's 2,800+ packages, Parrot privacy stack), 600+ host-native tools via pacman/AUR, ~3,400 cross-distrobox total, with progressive unlock through certification arcs - Boss contracts — raids vs nightmare tiers, contract.toml state machine semantics, branch-on-solution-approach, faction favor as earned reputation - The XP engine — ~100K-line gamification crate, modified-logarithmic level curve with prestige boundaries, multiplicative multiplier stack (property-tested cap), signed-commit-attestation XP for upstream contributions (forge-resistant) - Loot economy depth — tier-tied drop tables, prestige-locked gear, reputation multipliers - Certification arcs — OffSec (OSCP/OSEP/OSWE/OSCE³), GIAC, ISC², EC-Council, INE, Splunk/Sentinel/Elastic, AZ-500/SC-100/AWS Security - Blue + red + purple split — full-spectrum positioning vs the curriculum-only competitors MESH.md (NEW) — the e-waste reduction philosophy as a load-bearing front-door doc. Three reinforcing pillars (environmental, economic, sovereign) + how the mesh works at a high level + what it enables. "The mesh is the product. Everything else is architecture in service of this core." Old laptops and retired workstations pulled from the e-waste stream back into a sovereign compute pool. README.md updates: - Mesh-on-salvaged-silicon as a first-class capability bullet - Promise section now leads with "the mesh is the product" - Cross-link to MESH.md The pivot here is from "Syn_OS is a security distro with mesh capability" to "Syn_OS is mesh-of-old-hardware running local AI; security distro is how we got here." This matches the founder's stated load-bearing thesis. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-05-09 14:33:22 -04:00
assets	docs: hero phoenix + footer phoenix-white + status badges	2026-05-09 13:53:31 -04:00
.gitignore	Initial commit: SynOS public documentation	2025-12-16 21:34:14 -05:00
ARCHITECTURE.md	docs: hybrid pivot — vague the issue-bait surfaces, keep specifics on product	2026-05-09 13:48:52 -04:00
CONTRIBUTING.md	docs: hybrid pivot — vague the issue-bait surfaces, keep specifics on product	2026-05-09 13:48:52 -04:00
FEATURES.md	docs: refresh for v60.0.0 "Sun & Salt" — public release run-up	2026-05-09 13:45:41 -04:00
FOR_RECRUITERS.md	docs: refresh for v60.0.0 "Sun & Salt" — public release run-up	2026-05-09 13:45:41 -04:00
GRIMOIRE.md	docs: GRIMOIRE arsenal + cert arcs + blue/red/purple + MESH.md (e-waste philosophy)	2026-05-09 14:33:22 -04:00
MESH.md	docs: GRIMOIRE arsenal + cert arcs + blue/red/purple + MESH.md (e-waste philosophy)	2026-05-09 14:33:22 -04:00
README.md	docs: GRIMOIRE arsenal + cert arcs + blue/red/purple + MESH.md (e-waste philosophy)	2026-05-09 14:33:22 -04:00
ROADMAP.md	docs: hybrid pivot — vague the issue-bait surfaces, keep specifics on product	2026-05-09 13:48:52 -04:00

README.md

Syn_OS

v60.0.0 — "Sun & Salt"

An AI-native cybersecurity operating system, built almost entirely in Rust, designed for those who treat security as craft.

the gap

Syn_OS — the Synaptic Operating System — takes its name from the synaptic gap: the space between neurons where electrical signal becomes meaning. The underscore is deliberate. It points at the moment translation happens — between hardware and intent, between tool and operator, between threat and response.

Syn_OS is built on a different premise than the security-distro lineage that came before: the operating system itself can carry intelligence. Not as a chatbot bolted onto the desktop. As a substrate. A kernel that reasons. A daemon that learns the shape of your work. A training environment where every challenge teaches the muscle for the next one.

what's in v60

The platform that ships as Syn_OS today is the result of a sustained, multi-year build.

Custom Linux 6.19 kernel with CONFIG_RUST=y and 17 custom system calls (numbered 469–485) that expose consciousness state, quantum memory entanglement, eBPF instrumentation, kernel observability, and process attestation directly to userspace.
160-crate Rust workspace. Zero compile errors. Memory safety where memory safety matters.
ALFRED v5 — the AI daemon. 11-region neuroanatomically-modeled brain. Local inference via Ollama and ONNX. No cloud in the critical path.
GRIMOIRE — the gamified cybersecurity training platform. 100 hand-authored labs across 13 categories. Faction system. XP economy. Boss contracts. Branching narrative quests. Maps to 11 professional certification paths. Read more in GRIMOIRE.md.
synos-bevy — Bevy 0.14 game engine, 8 plugins, ~7,000+ lines of immersive desktop experience.
Arcanum Hive — peer-to-peer encrypted mesh + Kubernetes operator. Sovereign coordination across distributed hardware. The mesh is built for salvaged silicon — old laptops and retired workstations pulled out of e-waste and back into the compute pool (the philosophy →).
Post-quantum cryptography — ML-KEM, ML-DSA, and SLH-DSA built into the trust toolkit.
41-stage self-healing build pipeline producing three signed ISOs from a single source tree.
1,600+ tests, 100% pass rate, 35% tarpaulin coverage floor.
MkDocs Material documentation site, version-aware, checked against the source.

the v44 → v60 codesprint, in one breath

Sixteen versions of compounding work shipped between v44 and v60:

Codename	Theme
v44 Crucible	Fuzz harness + observability kernel + rebuild-verify CI
v45 Glasswalker	Kernel observability syscalls (480–485) — eBPF, perf, attestation
v46 Beachhead	Process attestation HMAC ledger + LSM hooks
v51 Storm Glass	TwinPlugin (8th synos-bevy plugin) + kernel snapshot
v55 Stoneglass	Hive Ansible deploy (8-node GA playbook)
v56 (Rust Ratchet)	Kernel hot-path Rust at 83.54%
v60 Sun & Salt	SBOM drift detector + IPO readiness self-test + external blocker playbook

The first ISO carrying the full codesprint ships as v60.

the three-image strategy

Syn_OS is built once and ships in three signed ISOs.

Image	Audience	What it carries
Operator (Master)	The team that builds Syn_OS. Internal.	The full surface. Not distributed publicly.
GRIMOIRE Public	Students, cohorts, self-taught practitioners.	The 100-lab training platform, gated tooling, mixed Apache 2.0 + GRIMOIRE-Public license.
Goodlife	AI researchers, post-quantum experimenters, civilian work.	Jupyter + 10-package research stack, ALFRED `research-mode`, LUKS-encrypted research data.

The boundaries between images are mechanically enforced — not honor-system. What ships, ships clean.

what we promise

The mesh is the product. Local AI on hardware you physically own. Old silicon reclaimed from landfills, not new GPUs auto-billed monthly. (the e-waste philosophy →)
No cloud in the critical path. ALFRED runs on your machine. Inference happens locally. The system does not require a network connection to be useful.
No telemetry without consent. The default state is silent. Anything that crosses the boundary of the box, you approve.
Memory-safe by default. The Rust ratchet (v56) is a one-way commitment — kernel hot paths and userspace foundations move toward Rust, never away.
Post-quantum-ready. Cryptography in the system is being built for the cryptographic transition that's underway, not the one that ended.
Reproducible builds. SLSA-3 reproducible build pipeline. SBOM (CycloneDX) per ISO. Dual-witness signature support across mesh nodes.
Sigstore-signed releases. Cosign-signed ISOs with Rekor transparency log entries. Verifiable provenance from build oracle to your USB stick.
Sovereignty as a design property. You own your infrastructure, your intelligence, your future. Mechanically. Cryptographically. Architecturally.
No backdoors. Ever. The codebase is the codebase.

what's coming

Public release plans (the ISOs that aren't yet distributed publicly):

GRIMOIRE Public ISO — the gamified training platform, signed, downloadable, with first-boot wizard, faction selection, lab progression. Target: imminent.
Goodlife ISO — the AI research variant. Target: imminent.
Cohort programs — multi-tenant GRIMOIRE deployments for classes, clubs, security teams.
Public Sigstore + Rekor — signed releases verifiable against the public transparency log.
Hive expansion — public Ansible playbook for self-hosting the 8-node Arcanum Hive.

The Operator image remains internal. That isn't a deferral. That's the design.

why "Syn_OS"

Three readings, all true:

The synaptic gap. Where signal becomes meaning. Where the operating system is the cleft between hardware and consciousness.
Synthesis. Hardware + AI + game + mesh, fused into one platform.
Sin / sanity. A name with weight. A platform with stakes.

"Own your infrastructure. Own your intelligence. Own your future."

who's behind it

Built by a small team out of LumOs Solutions, lead by Ty Limoges in pursuit of one question:

What if security wasn't a checklist — what if it was a way of seeing?

The work has been sustained over multiple years, across more than sixty named version releases, with a quality bar held high enough that the project's own quality gates (cargo deny clean, 100% test pass, supply-chain provenance, binary boundary enforcement) refuse the build when they aren't met.

stay close

The project is moving fast. The public ISOs are close. Watch this repository — when the chapters change, the documents change with them.

The doors open as the work matures.

the gap is where the meaning lives.

— LumOs Solutions —

README.md Unescape Escape