Usually at this time of year we look back and summarize what has happened during the year. We will do the same this year and also start a new tradition by publishing a newsletter. The idea is to have more frequent updates on what is happening at Tillitis by writing a newsletter 3-4 times per year. The newsletter will be published on our blog and sent out on the mailing list, Tillitis announce.
Let’s start!
Where we went 2025
Some of the conferences we attended this year are (in chronological order): FOSDEM, a booth at Elektronikmässan, foss-north, SecurityFest and Transparency Dev Summit 2025.
It’s worth mentioning a bit more about Transparency Dev Summit. The summit is a conference about transparency logging and its different applications. We showed a prototype of a Tillitis Hardware Security Module (HSM) that can be used in transparency logging and witnessing. It’s early yet but stay tuned for more about this.
As preparation for Transparency Dev Summit 2025 we spent some time working on Glasklar teknik’s Sigsum transparency log. We now have a Sigsum witness in production. Let us know if you’d like our witness to cosign your log.
Development
Our main focus has been on developing the next generation of the TKey platform, codename Castor, and devloping a FIDO2 device app.
Castor platform and FIDO2
Castor is compatible with the Bellatrix hardware, so if you have a TKey Unlocked or buy one now you can try out Castor without buying a new TKey. We tagged an alpha version back in June, head over to Github and read the release note and how to use a TKey Unlocked for testing the alpha version.
The new Castor platform will feature the following updates:
- App on flash, with a FIDO2 app pre-loaded1.
- App storage per app, isolated per app and identity (CDI)2.
- System calls for e.g. reading from and writing to flash.
- Faster client communication.
- More USB endpoints: HID, CCID, separate debug output endpoint, as well as the old CDC.
- Hardware reset support.
- Firmware support for chaining apps and forwarding data between apps.
- Firmware support for verified boot.
We made a FIDO2 demo app which runs on the Castor alpha release. We showcased this at SecurityFest in June.
Current work is focused on finalizing the firmware, boot-verifier, tkey-mgt and FIDO2.
As ever, we welcome reviews, discussion and feedback.
Sigsum
Sigsum has been created by our friends at Glasklar teknik to be a very simple transparency log of signed checksums, meaning you can log digests of arbitrary data.
We took a break for a while on our Castor and FIDO2 work to focus on learning about and using the Sigsum transparency log before attending the transparency.dev summit 2025 in October.
The first we did was to try to setup a witness, and we documented the work in the form of a Guide.
As mentioned above, we then setup a production witness.
We will also use Sigsum ourselves going forward. One way we will use it is with Castor by adding Sigsum support to tkey-verification. tkey-verification contains our tools to verify that a TKey has the same identity when testing as it did when Tillitis provisioned it.
Trivia
Ending with some trivia.
During the year we closed 124 issues and 177 PR’s (134 were merged).
180 issues were opened during the year, 15 from external users. 171 PR’s where opened, 18 from external users.
Until next time…
-
pre-loaded means two things; 1) the app is programmed in flash at provisioning by Tillitis and 2) FIDO2 starts automatically with no need for supporting client app. With the reset feature, other apps will be able to reset TKey to load its desired device app. ↩︎
-
the same device app used with a different USS will create different identity and get its own storage area. ↩︎