Repository files navigation

Status: Very unstable, do not use

tr1pd is a tamper resistant audit log.

# setup your keyringtr1pctl init# start the tr1pd daemonsystemctl start tr1pd# start a sensor./sensor01 | tr1pctl write &# verify your logstr1pctl fsck# view the logs of your current sessiontr1pctl ls @..

Make sure you have the following dependencies installed:Debian/Ubuntu:libsodium-dev libseccomp-dev libzmq3-dev,Archlinux:libsodium libseccomp zeromq,Alpine:make libsodium-dev libseccomp-dev zeromq-dev,OpenBSD:libsodium zeromq.

cargo install tr1pd

If possible, use your package manager to setup the system (Archlinux AUR).After that you need to add the users that should have access to tr1pctl to thetr1pd group withusermod -aG tr1pd youruser.

If no package is available, you can also run a standalone setup (this is alsorecommended for development). Edit the paths as needed.

# standalone configuration (~/.config/tr1pd.toml)[daemon]socket = "ipc:///home/user/.tr1pd/tr1pd.sock"datadir = "/home/user/.tr1pd/"pub_key = "/home/user/.tr1pd/pub.key"sec_key = "/home/user/.tr1pd/sec.key"

Runtr1pctl init to setup the keyring in your homefolder andtr1pd in aseperate terminal. Verify everything is working correctly by executingtr1pctl ping.

Sensors can be written in any language using stdio.tr1pctl write is a simpleline based interface that writes each line into a block. You can also enablebinary mode withtr1pctl write -s 65535. To monitor your auth.log you cansimply write:

tail -f /var/log/auth.log | tr1pctl write

While this is not a common usecase, tr1pd is fast enough for Ultra HD video,according tonetflix. This means that you can write >= 25 Megabits persecond. Make sure you're compiling both tr1pctl and tr1pd with--release.

dd if=/dev/zero | pv | cargo run --release --bin tr1pctl -- write -s 65535

No. tr1pd uses merkle tree like constructs that areheavily inspired by bitcoin, but lacks some essential properties to qualify asa blockchain.

The initial draft for the protocol was designed in 2014 for perimeterintrustion detection to verify integrity of buildings. Multiple prototypes havebeen written in 2017 and the first deployment was on a server located at the34C3 to ensure integrity inside the congress colocation.

AGPLv3+