Stronghold is an open-source software library that was originally built to protect IOTA Seeds, but can be used to protect any digital secret.
It is a secure database for working with cryptography, which ensures that secrets (like private keys) are never revealed - but can be used according to best practices.
It provides its own peer-to-peer communication layer, so that different apps can securely communicate using the state-of-the-art Noise Protocol over libp2p.
In April of 2021, F-Secure performed a security assessment of the core crates of IOTA Stronghold and found nothing of concern. This is not an explicit declaration of fitness or freedom of error, but it is an indicator of the high quality of the code. You may review the audit here.
If you want to get involved in discussions about this library, or you're looking for support, go to the #stronghold-discussion channel on Discord.
This documentation has six sections.
- The Overview: detailed overview of the project
- Structure: explains the layout of the individual crates and systems
- The Specification: detailed explanation of requirements and functionality
- Retrospective: a look at the evolution of this project
- Contribute: how you can participate in the Stronghold software development
- Get in touch: join the community and become part of the X-Team
We maintain a bill of materials for the upstream libraries that Stronghold consumes. You can download the latest version of that here:
We will be adding video and textual tutorials for introducing the concepts behind Stronghold.
We will be adding a number of specific How To examples that will cover common use cases, like integrations, backups etc.