3. 1983: IT PROMISES
2013: IT REALITY
No matter what price a bank, enterprise or person
is willing to pay, no device is available today that
offers meaningful protection of confidentiality &
integrity, beyond mid-high level threats.
5. A desktop dock stand
which embeds:
1. a micro-USB port, for charging
2. a Wi-Fi hardware-secured
anonymization chip, for metadata
privacy.
3. an HDMI-switch, for long- form
text editing on the user’s desktop
LCD.
A 2mm-thin touch-screen device,
that provide basic features but with
radically unprecedented levels of
integrity and confidentiality:
1. Rich-text synchronous and
asynchronous messaging
2. Rich-text collaborative editing (i.e.
contracting, negotiations)
3. E-banking
4. Cryptocurrency client and wallet
5. Password management, multiple
persona
User’s
Smartphone
CivicCase (for top smartphones)
CivicPod
CivicPod CivicDock
The Solution
CivicKeyboard
Play our 2-minute
product video at:
www.TRUSTLESS.AI
6. 1. assumes that extremely-skilled attackers are willing to devote even tens of millions of Euros to
compromise the supply chain or lifecycle, through legal and illegal subversion of all kinds,
including economic pressures.
2. provides extremely user-accountable and technically-proficient oversight of all hardware,
software and organizational processes critically involved in the entire lifecycle and supply chains;
3. provides extreme levels of security review intensity relative to system complexity, for all critical
components; and includes only publicly verifiable components, and strongly minimizes use of
non-Free/Open-source software and firmware.
4. includes only open innovations with clear and low long-term royalties (<15% of end-user cost)
from patent and licensing fees, to prevent undue intellectual property right holders’ pressures,
lock-ins, patent vetoes and ensure low-costs affordable to ordinary citizens;
5. includes only highly-redundant hardware and/or software cryptosystems, whose protocols,
algorithms and implementations are open, long-standing, extensively-verified and endorsed, and
with significant and scalable post-quantum resistance levels.
6. is continuously certified by an extremely technically-proficient and user-accountable
independent standard/certification body.
Trustless Computing Paradigms
7. Rufo Guerreschi
CEO & Founder
The Team
12 years of single-minded pursuit of meaningful
enactment of civil rights in cyberspace. Lead open
source e-voting/e-democracy startup, that sold in 3
continents. Brought valuation of a planned EU 2nd
largest IT/media tech park from 3€ to 21M€
Lead EU sales of J2ME provisioning system till a 10M€+
2001 sale to Telefonica Aggregated unique global R&D
partners on the 4-15M€ Trustless Computing Initiative.
Artur Pylak
CFO
Experienced acting CFO in several startups.
Senior research analyst at SSR LLC, covering the
TMT space with expertise in cybersecurity &AI.
Co-authored leading valuations forecast of
stock-quoted firms in hot IT verticals, including
cybersecurity, self-driving cars, and digital
assistants.
Roberto Gallo
CTO
Designed and deployed since 2014 the World's 1st
CPU fully inspectable without NDA in its HW &
SW source designs, and the the first secure CPU
of the Southern Hemisphere.
Designed the security architecture of the 400.000
Brazilian voting machines; the ASI-HSM, the HSM
of the Brazilian PKI-root CA; and fighter-to-fighter
communication systems.
Director of Marketing. branding, positioning, art direction of website, slides, video,
Toby Scholtz. For 2 years, Germany country manager and marketing head of Apple-
owned Beats, the leader in hi-fi wireless headsets. Formerly marketing for mobile
operators. Location: Berlin/Rome. (linkedin)
Director of Supply Chain & Manufacturability: manufacturability, HW prototype.
Joonyoung Park. Has lead in the Valley the global R&D for a EU-based global leader
in IPTV, CAS and cybersecurity; Managing Director of a 200M$/yr 7-sigma
electronics manufacturing plant in South Korea. Location: Seoul. (Linkedin)
Director of Business Development - Baltic Region banks & enterprise, Military and
Government: pilot/product sales, tech consulting. Maris Kohen. CTO of Cybersecurity
at ATOS Baltics; former CSO of Telecom Luxembourg. Location: Luxembourg/Rome.
(Linkedin)
Director of Business Development - Mission-critical NGOs: pilot/product sales, prj
management, operations. Alexander Elkin. Former Head of Strategy & Internet
Projects at Transparency International Russia (Linkedin)
Director of Business Development - DACH Region banks and enterprises.
pilot/product sales, fundraising. Matteo Butussi. Formerly director of business
development at Kudelski Cybersecurity. Location: Zurich. (Linkedin)
8. The Team: Trustless Computing Consortium
World’s largest Artificial Intelligence R&D center, a partner in our
CivicFab FOUNDRY OVERSIGHT process. (Germany)
Maker of World’s 1st general-purpose CPU with publicly reviewable
HW/SW designs. (Brazil)
Makers of the smallest high assurance OS with 3000 lines of source
code. One of two with formal proof of correctness. (Germany)
EU leading CRYPTO R&D center, lead by the most renowned EU
cryptologist and IT security expert, Bart Preneel (Belgium)
*A 200mm 110nm EU-based FOUNDRY, fully validated our CivicFab
oversight processes. (Italy)
*exploring alternative following 6/2016 non-EU acquisition.
Globally-unique suppliers that agreed to detailed IP/non-compete
to build our security-critical supply-chain and computing base
9. TRUSTLESS.AI is primarily the fruit of 15 years of single-
minded quest of our CEO Rufo Guerreschi to realize
the potential of ICT to radically improve individual civil
freedoms and democratic participation.
Since 1983, the realization of such potential was
promised by Richard Stallman‘s with the Free Software
Movement, on one side; and by Steve Jobs’ Apple,
with its famous “1984” Apple video ad, on the other.
Such promises have not only utterly failed, but the
freedom and security of citizens and businesses
have dramatically worsened.
Whatever the price a user is willing to pay, there are still
no devices in the market today that provide even
remotely comprehensive evidence about their level of
resistance against scalable, pervasive, undetectable
compromisation by large numbers of state and non-state
actors.
Thirty three years later, TRUSTLESS.AI has a rock solid
plan to fully and sustainably deliver on such promises,
initially to premium users, and then to most citizens,
through (1) a unique team and supply-chain consortium,
and (2) revolutionary and unprecedented IT security
paradigms centered on ensuring complete transparency,
and extreme oversight and security-review relative to
complexity, of all techs and processes critically involved in
the life-cycle.
Since 2013, TRUSTLESS.AI has been “incubated” in
the Trustless Computing Inititative by partners and
members of the Trustless Computing Consortium with
globally-rare or unique expertise in open high-assurance IT.
Since 2015, plans for a Trustless Computing Certification
Body have been discussed with the top world experts and EU
officials at events in Brussels, New York, Brazil, and next in
SF, through our Free and Safe in Cyberspace event series.
In July 2016, TRUSTLESS graduated from the Berlin-
based Hardware.co Pre-Acceleration Program, sponsored by
Siemens, Bosch and Deutsche Bahn. On Oct 22nd, we moved
to Menlo Park, CA, to consolidate the team, get investor
traction and advance our prototype.
Our Story
10. Unique Competitive Advantages
Our Trustless Computing Consortium aggregates globally-
unique high-assurance ICT suppliers with a binding MoU for
IP, non-compete and resilience;
Our Trustless Computing Paradigms and its proposed
Certification Body has been widely shared through our Free
and Safe in Cyberspace events in Brussels, New York, Brazil,
Brussels again, with the participation of unique speakers
Next in Berlin and again Brussels.
Key speakers, sponsors and advisors - including Bart Preneel,
CapGemini Netherlands, EIT Digital, and Tecnalia - have
started since early 2016 working on a 10-pager summary
Manifesto of Trustless Computing (PDF) and a full 50-pager
draft full Proposal.
ALL software, hardware and organization processes
critically involved in the lifecycle and supply chain will
uniquely be:
(A) Publicly inspectable in their source HW & SW
designs without NDA;
(B) Subject to extreme security-review relative to
complexity, by paid highly-proficient and “ethical” hackers;
(C) Subject to extremely resilient oversight, based on
offline citizen-witness or citizen-jury processes, in
addition to state-of-the-art IT security safeguards.
Security-critical Ecosystem
Security Paradigms
Form Factor
Thought Leadership
11. US Defense Science Board (2015): “Trust cannot be added to integrated circuits after fabrication”
Bruce Schneier (2014): “From what we’ve learned, we should assume all mainstream CPUs to be compromised”
Michael Sieber, Head of Information Superiority of the European Defence Agency stated at our 1st Free and Safe in
Cyberspace: “Among EU member states, it’s hilarious: they claim digital sovereignty but they rely mostly on Chinese hardware, on
US American software, and they need a famous Russian to reveal the vulnerabilities"
CivicFab (1): The Problem
12. Our CivicFab processes will deploy general concepts reportedly applied by NSA Trusted
Access/Foundry Program today in cases in which they require the highest-level chip
fabrication oversight assurance. They reportedly choose a foundry that fits the
equipment and general oversight process specifications – located, if not in the US, in a
country that overall provide more assurance than others – which will agree to:
● (1) Make sure that the requested hardware is all produced in one continuous
batch in a short time span (a few weeks), as is typical anyway;
● (2) Allow, for each batch, to setup and configure an extensive sensing and
monitoring IT infrastructure – often produces by specialized proprietary
companies – and allow about 3 (or more) competent, trained, redundant and
trusted technicians, per shift, to verify thoroughly the entire process, 24/7 and
on-site, from a monitoring room and inside the "cleanroom".
CivicFab (2): Matching state-of-the art
13. In excess of the NSA Trusted Foundry Program, described in previous slide, the CivicFab will:
A. Add at minimum number “citizen witnesses”, through mix of citizen jury and deliberative polling
methods made up of 5 (or more) randomly-sampled citizens and CivicPod users, in a role of active
oversight witnesses 24/7 in the critical phases. They would be well paid to take that time off, would be
extensively trained and “self trained” through open participatory processes;
B. Choose to produce all critical ICs at EU-based 200-300mm EAL5+ foundries with older technologies,
simpler processes, and less third-party IP obstacles than today’s’ Asian megafabs, such that they allow
the technicians and witnesses to publicly and completely document the process with videos, photos
and more.
C. Equipment and sensors, to be applied to the chosen foundries, should as much as possible not require
direct interventions or disruption of the foundry equipment and facilities, but just rely on setting up an
additional overlay of sensing equipment, and on getting copy of the existing quality control sensor
feeds. This would also increase the “portability” of the CivicSite processes to other foundries, and in
part the resiliency of the solution.
D. Sensing and oversight equipment would run Trustless transparent ultra-high assurance HW/SW will
as much as possible be air gapped, make use of high assurance verifiable systems, and as much as
possible based on TRUSTLESS SW & HW.
CivicFab (3): Radically exceeding state-of-the-art
14. At the service level.
TRUSTLESS.AI will provide key recovery service to all its
customers, in case of user death or loss of password, as well as
a way to comply to legal AND constitutional lawful access
requests. Although the architecture is pure P2P, partial
temporary encryption keys are mandatorily saved daily to a
redundant set of CivicRooms, whose physical access is under
the direct management, certification and oversight of an
international Trustless Computing Certification Body (TCCB).
The validity of civilian court orders AND absence of blatant
unconstitutionality will be evaluated on-site by trained
citizen-jury-like body assisted by legal counsels. Its radically
unprecedented technical and organizational safeguards will
guarantee both users' rights and the crucial needs of the
public security agencies.
At the fabrication level.
The public availability of all TRUSTLESS.AI critical SW & HW
source designs could enable criminal actors to produce their
own CivicDevices for malevolent use. Such threat will be
extremely and sufficiently reduced by a combination of: (A) IP
cores tied to specific, capital intensive fabrication processes,
naturally not available on mini scale prototyping fabrication
facilities and foundries; (B) current inability of malevolent
states or groups to fully and truly control a suitable
semiconductor foundry. (C) In the rare case in which terrorist
groups may attempt to enter in agreements with suitable
foundries, current Allied intelligence capabilities can make
sure to either forcefully prevent it or, better, insert
vulnerabilities in their fabrication processes to acquire in the
future extremely valuable intelligence.
But, how do we prevent grave abuse by criminals?!