SilverLABS/SilverMetal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(scaffold): initial SilverMetal program scaffold

Browse Source 
Cross-platform privacy-hardening program. Two-layer product:
- SilverLABS Application Stack (cross-platform spine)
- Platform Hardening Profiles (per-OS, tier-honest)

Platforms: Linux (Debian/Kicksecure), Android (Pixel/Samsung/Moto/generic),
Windows (LTSC IoT), macOS (profile), iOS (MDM profile). Each flavour has
both a preflashed hardware SKU path and a self-apply "harden your existing
device" path.

Includes umbrella docs (README + threat-model, design-principles,
platform-matrix, roadmap, trust-model), per-platform and per-stack-
component README stubs, .gitignore, LICENSE.

Linux v1 ships first; Stack v1 = Browser + VPN + Sync.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
SysAdmin
2026-04-25 03:11:48 +01:00
commit 7d5f9cc246
23 changed files with 1381 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
shared/branding/README.md Normal file
View File

@@ -0,0 +1,14 @@
# Branding
Logos, colour tokens, design system. To be populated when the brand identity is finalised.
## Naming convention
- Family brand: **SilverMetal**
- Per-platform: `SilverMetal Linux`, `SilverMetal Droid`, `SilverMetal Windows`, `SilverMetal macOS`, `SilverMetal iOS`
- Stack apps: `SilverBrowser`, `SilverVPN`, `SilverSync`, `SilverChat`, `SilverDuress`, `SilverKeys`
- Per-Android-tier suffix: `SilverMetal Droid Flagship` (Pixel), `Galaxy` (Samsung), `Moto` (Motorola), `Profile` (generic)
## Visual identity
To be defined. Consistent with the broader SilverLABS visual language (dark professional, cyan accent — see SilverLABS frontend prompt) but with its own distinguishable mark.

23
shared/signing/README.md Normal file
View File

@@ -0,0 +1,23 @@
# Signing
Real signing keys never live in this repository. This directory holds:
- **`KEYS.md`** (to be created) — public key fingerprints, key purposes, key ceremony summaries
- **Public keys** — `.asc` / `.pem` exports of public halves
- **Verification documentation** — how a third party reproduces our build and verifies our signatures
## Key inventory
See [`../../docs/trust-model.md`](../../docs/trust-model.md) for the complete trust model.
| Key | Purpose |
|---|---|
| SilverMetal Release | Signs ISO/ROM/installer artefacts |
| SilverMetal Update Channel | Signs OTA / apt updates |
| SilverMetal MOK (Linux Secure Boot) | Our Machine Owner Key |
| SilverMetal AVB (Android verified boot) | Android verified-boot key |
| SilverMetal Code Signing — per-platform | OS-specific code-signing certs |
## First key ceremony
To occur at milestone 1.9 (update server + signing ceremony) per the roadmap. Procedure documented in advance and reviewed by SilverLABS leadership before execution.