Diablo_Rain/synos-public-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c94de3aff8
synos-public-docs/README.md
ShellDiablo33 c94de3aff8
docs: GRIMOIRE arsenal + cert arcs + blue/red/purple + MESH.md (e-waste philosophy) 
GRIMOIRE.md additions:
- The arsenal — three distrobox-based operator environments (Kali,
  BlackArch's 2,800+ packages, Parrot privacy stack), 600+ host-native
  tools via pacman/AUR, ~3,400 cross-distrobox total, with progressive
  unlock through certification arcs
- Boss contracts — raids vs nightmare tiers, contract.toml state
  machine semantics, branch-on-solution-approach, faction favor as
  earned reputation
- The XP engine — ~100K-line gamification crate, modified-logarithmic
  level curve with prestige boundaries, multiplicative multiplier stack
  (property-tested cap), signed-commit-attestation XP for upstream
  contributions (forge-resistant)
- Loot economy depth — tier-tied drop tables, prestige-locked gear,
  reputation multipliers
- Certification arcs — OffSec (OSCP/OSEP/OSWE/OSCE³), GIAC, ISC²,
  EC-Council, INE, Splunk/Sentinel/Elastic, AZ-500/SC-100/AWS Security
- Blue + red + purple split — full-spectrum positioning vs the
  curriculum-only competitors

MESH.md (NEW) — the e-waste reduction philosophy as a load-bearing
front-door doc. Three reinforcing pillars (environmental, economic,
sovereign) + how the mesh works at a high level + what it enables.
"The mesh is the product. Everything else is architecture in service
of this core." Old laptops and retired workstations pulled from the
e-waste stream back into a sovereign compute pool.

README.md updates:
- Mesh-on-salvaged-silicon as a first-class capability bullet
- Promise section now leads with "the mesh is the product"
- Cross-link to MESH.md

The pivot here is from "Syn_OS is a security distro with mesh capability"
to "Syn_OS is mesh-of-old-hardware running local AI; security distro is
how we got here." This matches the founder's stated load-bearing thesis.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-09 14:33:22 -04:00

144 lines
7.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<div align="center">
<img src="./assets/phoenix.png" alt="Syn_OS — the synaptic operating system" width="280" />
# Syn_OS
### v60.0.0 — "Sun & Salt"
*An AI-native cybersecurity operating system, built almost entirely in Rust, designed for those who treat security as craft.*
[![Status](https://img.shields.io/badge/status-pre--release-ff6b35)]()
[![Codename](https://img.shields.io/badge/codename-Sun_&_Salt-c9302c)]()
[![Built with](https://img.shields.io/badge/built_with-Rust-000000?logo=rust)]()
[![License (this repo)](https://img.shields.io/badge/docs-CC--BY--SA_4.0-blue)](LICENSE)
</div>
---
## the gap
Syn_OS — the **Synaptic Operating System** — takes its name from the *synaptic gap*: the space between neurons where electrical signal becomes meaning. The underscore is deliberate. It points at the moment translation happens — between hardware and intent, between tool and operator, between threat and response.
Syn_OS is built on a different premise than the security-distro lineage that came before: **the operating system itself can carry intelligence.** Not as a chatbot bolted onto the desktop. As a substrate. A kernel that reasons. A daemon that learns the shape of your work. A training environment where every challenge teaches the muscle for the next one.
---
## what's in v60
The platform that ships as Syn_OS today is the result of a sustained, multi-year build.
- **Custom Linux 6.19 kernel** with `CONFIG_RUST=y` and **17 custom system calls** (numbered 469485) that expose consciousness state, quantum memory entanglement, eBPF instrumentation, kernel observability, and process attestation directly to userspace.
- **160-crate Rust workspace.** Zero compile errors. Memory safety where memory safety matters.
- **ALFRED v5** — the AI daemon. 11-region neuroanatomically-modeled brain. Local inference via Ollama and ONNX. No cloud in the critical path.
- **GRIMOIRE** — the gamified cybersecurity training platform. **100 hand-authored labs across 13 categories.** Faction system. XP economy. Boss contracts. Branching narrative quests. Maps to **11 professional certification paths.** Read more in [GRIMOIRE.md](./GRIMOIRE.md).
- **synos-bevy** — Bevy 0.14 game engine, 8 plugins, ~7,000+ lines of immersive desktop experience.
- **Arcanum Hive** — peer-to-peer encrypted mesh + Kubernetes operator. Sovereign coordination across distributed hardware. **The mesh is built for salvaged silicon** — old laptops and retired workstations pulled out of e-waste and back into the compute pool ([the philosophy →](./MESH.md)).
- **Post-quantum cryptography** — ML-KEM, ML-DSA, and SLH-DSA built into the trust toolkit.
- **41-stage self-healing build pipeline** producing three signed ISOs from a single source tree.
- **1,600+ tests, 100% pass rate**, 35% tarpaulin coverage floor.
- **MkDocs Material documentation** site, version-aware, checked against the source.
---
## the v44 → v60 codesprint, in one breath
Sixteen versions of compounding work shipped between v44 and v60:
| Codename | Theme |
|---|---|
| **v44 Crucible** | Fuzz harness + observability kernel + rebuild-verify CI |
| **v45 Glasswalker** | Kernel observability syscalls (480485) — eBPF, perf, attestation |
| **v46 Beachhead** | Process attestation HMAC ledger + LSM hooks |
| **v51 Storm Glass** | TwinPlugin (8th synos-bevy plugin) + kernel snapshot |
| **v55 Stoneglass** | Hive Ansible deploy (8-node GA playbook) |
| **v56 (Rust Ratchet)** | Kernel hot-path Rust at 83.54% |
| **v60 Sun & Salt** | SBOM drift detector + IPO readiness self-test + external blocker playbook |
The first ISO carrying the full codesprint ships as v60.
---
## the three-image strategy
Syn_OS is built once and ships in three signed ISOs.
| Image | Audience | What it carries |
|---|---|---|
| **Operator (Master)** | The team that builds Syn_OS. Internal. | The full surface. Not distributed publicly. |
| **GRIMOIRE Public** | Students, cohorts, self-taught practitioners. | The 100-lab training platform, gated tooling, mixed Apache 2.0 + GRIMOIRE-Public license. |
| **Goodlife** | AI researchers, post-quantum experimenters, civilian work. | Jupyter + 10-package research stack, ALFRED `research-mode`, LUKS-encrypted research data. |
The boundaries between images are mechanically enforced — not honor-system. What ships, ships clean.
---
## what we promise
- **The mesh is the product.** Local AI on hardware you physically own. Old silicon reclaimed from landfills, not new GPUs auto-billed monthly. ([the e-waste philosophy →](./MESH.md))
- **No cloud in the critical path.** ALFRED runs on your machine. Inference happens locally. The system does not require a network connection to be useful.
- **No telemetry without consent.** The default state is silent. Anything that crosses the boundary of the box, you approve.
- **Memory-safe by default.** The Rust ratchet (v56) is a one-way commitment — kernel hot paths and userspace foundations move toward Rust, never away.
- **Post-quantum-ready.** Cryptography in the system is being built for the cryptographic transition that's underway, not the one that ended.
- **Reproducible builds.** SLSA-3 reproducible build pipeline. SBOM (CycloneDX) per ISO. Dual-witness signature support across mesh nodes.
- **Sigstore-signed releases.** Cosign-signed ISOs with Rekor transparency log entries. Verifiable provenance from build oracle to your USB stick.
- **Sovereignty as a design property.** You own your infrastructure, your intelligence, your future. Mechanically. Cryptographically. Architecturally.
- **No backdoors. Ever.** The codebase is the codebase.
---
## what's coming
Public release plans (the ISOs that aren't yet distributed publicly):
- **GRIMOIRE Public ISO** — the gamified training platform, signed, downloadable, with first-boot wizard, faction selection, lab progression. Target: imminent.
- **Goodlife ISO** — the AI research variant. Target: imminent.
- **Cohort programs** — multi-tenant GRIMOIRE deployments for classes, clubs, security teams.
- **Public Sigstore + Rekor** — signed releases verifiable against the public transparency log.
- **Hive expansion** — public Ansible playbook for self-hosting the 8-node Arcanum Hive.
The Operator image remains internal. That isn't a deferral. That's the design.
---
## why "Syn_OS"
Three readings, all true:
1. **The synaptic gap.** Where signal becomes meaning. Where the operating system *is* the cleft between hardware and consciousness.
2. **Synthesis.** Hardware + AI + game + mesh, fused into one platform.
3. **Sin / sanity.** A name with weight. A platform with stakes.
> *"Own your infrastructure. Own your intelligence. Own your future."*
---
## who's behind it
Built by a small team out of **LumOs Solutions**, lead by Ty Limoges in pursuit of one question:
**What if security wasn't a checklist — what if it was a way of seeing?**
The work has been sustained over multiple years, across more than sixty named version releases, with a quality bar held high enough that the project's own quality gates (cargo deny clean, 100% test pass, supply-chain provenance, binary boundary enforcement) refuse the build when they aren't met.
---
## stay close
The project is moving fast. The public ISOs are close. Watch this repository — when the chapters change, the documents change with them.
The doors open as the work matures.
---
<div align="center">
<img src="./assets/phoenix-white.png" alt="" width="120" />
### *the gap is where the meaning lives.*
— LumOs Solutions —
</div>
Reference in New Issue View Git Blame Copy Permalink