Sweetmorn, the 38 day of Discord in the YOLD 3189
Tillitis TKey now available
The Tillitis TKey, which I first wrote about in September last year, is now available for sale at the the Tillitis webshop. Note that this is a locked down end-user version! It's not possible to update the FPGA bitstream (or read it, or the Unique Device Secret, out) on this one.
The TKey is a small bare-bones RISC-V computer in a USB stick form factor with no persistent storage that measures the app uploaded to it and derives a deterministic secret every time the same app is started. You can use it, for instance, as a security token to keep your private key and do signing operations. Everything is released under open licenses, including the hardware design, the CPU, the cores, the PCB, software, everything.
There's a very much work in progress Developer's Handbook:
The last few weeks before the launch were rather stressful, among other things because of chasing some bugs, some late changes, and setting up the in-house provisioning. I almost lived at the HQ in Gothenburg at the end, just going back to the hotel room to crash for a few hours, then back again.
I'm rather pleased how some hardware security features and the firmware turned out. Here's the firmware main source:
https://github.com/tillitis/tillitis-key1/blob/main/hw/application_fpga/fw/tk1/main.c
We lost a lot of history when making the initial public release back in September. In retrospect I think this was a mistake, but there you go.
The applications need some love, though. We spent so much time with the actual TKey stuff that we're a little behind on the apps. First up is preparing a slightly more polished SDK, splitting the Go packages and the device libraries out of the apps repo.
Our SSH agent is quite usable and I use it every day. It's packaged in Homebrew and we have .deb packages that work on Debian and Ubuntu but it's not yet part of any Linux distribution:
https://formulae.brew.sh/formula/tkey-ssh-agent
https://github.com/tillitis/tillitis-key1-apps/releases/tag/v0.0.6
I presented the TKey at the SamNet conference in Stockholm in February. Recording in Swedish here:
https://play.mittdata.se/w/s9V87wkphFe7r1g15zwfrU?start=3h9m18s
It's difficult to hear the questions at the end and I didn't realize that I perhaps should have repeated them, but there you go.
I later presented the TKey at the Netnod Meeting 2023. Recording in English here:
https://www.youtube.com/watch?v=X7IllDLFKRk
My slides:
https://www.netnod.se/sites/default/files/2023-03/Nr.4_MC%20Widerkrantz.pdf
I was incredibly nervous, especially doing the talk in English, and had to rely on my notes quite a bit, so I apologize for seeming a bit stiff. When the Q&A started I feel I had warmed up a bit, as you can probably tell.
It's very exciting times!