chore(scaffold): initial SilverMetal program scaffold

Cross-platform privacy-hardening program. Two-layer product: - SilverLABS Application Stack (cross-platform spine) - Platform Hardening Profiles (per-OS, tier-honest) Platforms: Linux (Debian/Kicksecure), Android (Pixel/Samsung/Moto/generic), Windows (LTSC IoT), macOS (profile), iOS (MDM profile). Each flavour has both a preflashed hardware SKU path and a self-apply "harden your existing device" path. Includes umbrella docs (README + threat-model, design-principles, platform-matrix, roadmap, trust-model), per-platform and per-stack- component README stubs, .gitignore, LICENSE. Linux v1 ships first; Stack v1 = Browser + VPN + Sync. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 03:11:48 +01:00
commit 7d5f9cc246
23 changed files with 1381 additions and 0 deletions
--- a/stack/README.md
+++ b/stack/README.md
@@ -0,0 +1,51 @@
+# SilverLABS Application Stack
+
+The cross-platform spine of SilverMetal. These apps replace the cloud services your device normally talks to. Same brand, same account, same data on every platform.
+
+## Components
+
+| Component | Status | Purpose |
+|---|---|---|
+| [`browser/`](browser/) — **SilverBrowser** | v1 (Linux MVP) | De-Googled, telemetry-free browser |
+| [`vpn/`](vpn/) — **SilverVPN** | v1 (Linux MVP) | Always-on, no-logs VPN with our infrastructure |
+| [`sync/`](sync/) — **SilverSync** | v1 (Linux MVP) | Private replacement for iCloud/Google/OneDrive |
+| [`chat/`](chat/) — **SilverChat** | v1.1 | E2EE messenger |
+| [`duress/`](duress/) — **SilverDuress** | v1.1 | Duress password / panic-wipe / anti-coercion |
+| [`keys/`](keys/) — **SilverKeys** | v1.1 | Zero-knowledge password + 2FA manager |
+| [`shared/`](shared/) — common code | ongoing | Account SDK, crypto primitives, branding |
+
+## Account model
+
+Users get a **SilverLABS account number** (Mullvad-style — random, no email, no name). One account → all Stack apps. Payment is processed separately (SilverDotPay / cryptocurrency option) with no link back to the account number.
+
+## Cross-platform build philosophy
+
+Each app is built natively per platform — no Electron sprawl where avoidable:
+
+- **Linux**: native `.deb` + Flatpak
+- **Android**: native APK / AAB
+- **Windows**: native MSI / EXE (signed)
+- **macOS**: universal binary `.pkg` (notarised)
+- **iOS**: App Store
+
+Where a single codebase (e.g., Tauri / Rust core) lets us hit multiple platforms with a thin native UI shell, we use it. We avoid Electron unless the cost of native is unjustifiable.
+
+## v1 ship order
+
+1. **SilverBrowser** — ungoogled-chromium-derived, our defaults, our update channel
+2. **SilverVPN** — WireGuard-based, our exit nodes, account-number signup
+3. **SilverSync** — Nextcloud-backed (server side), client-side encryption, native clients
+
+These three ship with SilverMetal Linux v1.
+
+v1.1 adds Chat, Duress, Keys.
+
+## Server side
+
+The Stack server components live in separate repositories under `SilverLABS/`:
+- `silver-vpn-infra` — WireGuard exit-node infrastructure (Terraform / Ansible)
+- `silver-sync-server` — Nextcloud + Radicale + Baïkal stack
+- `silver-chat-homeserver` — Matrix Synapse / Dendrite
+- `silver-account` — account-number issuance + auth gateway
+
+Self-hostable counterparts are documented for users who don't want to use SilverLABS infrastructure.