The ongoing definition of the Trustless Computing Paradigms will constitute, in its final version, the main binding document for the Trustless Computing Certification Body, whose establishment is the main goal of this Association.
- (a) On the short and medium term, Trustless Computing aims to develop open systems and standards to achieve actual and perceived levels of trustworthiness that are today overwhelmingly deemed inconceivable or – when rarely deemed conceivable – universally believed to be uneconomical or irreconcilable with the needs of state security.
- (b) On the longer term, Trustless Computing aims to validate novel governance and engineering paradigms that could prove foundational to sufficiently increase the trustworthiness and accountability of advanced AI systems in critical societal scenarios, to substantially contribute to the realization of AI most positive potentials and avoidance of its greatest risks.
Summary of Paradigms
Trustless Computing Paradigms are detailed in the latest version of the 10-pager Summary Whitepaper: A Case for Trustless Computing (pdf) and the a longer 50+ pages Whitepaper: A Case for Trustless Computing (late draft pdf). Follows below a simple summary:
“All software, hardware and organization processes critically-involved in the lifecycle and supply chain – including CPU, hosting room management, fabrication, and standard setting – will uniquely be subject to:
- (a) complete public inspectability in their source HW & SW designs, without NDA;
- (b) extreme security-review relative to complexity by highly proficient and ethical hackers;
- (c) includes only Free and Open Source software, from the operating system upwards. Strongly minimizes the inclusion of non-Free and Open Source Software, including updatable and non-updatable firmware. Makes extensive reuse of existing Free/Open Source Software components – through extreme stripping down, hardening and re-writing. It strongly aims at realising the computing device with the least amount of non-free software and firmware in security-critical hardware components;
- (d) extremely resilient oversight of human processes – based on offline in-person citizen-witness or citizen-jury processes – to enable key recovery services, extreme protection against insider attacks, and legitimate lawful access procedures with safeguards against privacy abuse that exceed the current state-of-the-art solutions;
- (E) extremely citizen-accountable and technically-proficient standard setting and certification processes.”
- (a) Uniquely, all and every software, hardware and processes that are critically involved in the IT service provisioning or lifecycle – from CPU design to fabrication, to hosting room access to standard setting – are subject to extreme verification relative to complexity, or to extremely resilient socio-technical oversight, based on offline citizen-witness or citizen-jury processes.
- (b) IT Security is not a product – nor a process or service – but the by-product of the intrinsic resilience, accountability and proficiency of all organizational processes that are critically-involved in the entire life-cycle and supply-chain.
- (c) The current state-of-the-art high-assurance IT paradigms epitomized by Trusted Computing would be replaced by the model of Trustless Computing, where zero trust is assumed in any person, organization or technology involved in the offering of a given IT service (or system), except in self-guaranteeing transparent and accountable organizational processes that underlie its operation, lifecycle and certification governance, whose quality can be assessed by moderately educated and informed citizens.
- (d) The trustworthiness of critical computing systems can be reduced to that of the accountability and competency of any and all organizational processes critically involved in its entire lifecycle and operation; and, in turn, that
- (e) Key to assessing and improving the effectiveness of critical societal organizations is to rely on the trustworthiness in the computing systems used in its governance and operations, and their reframing in essence as permanently-constituent socio-technical (or cyber-social) organizational processes.
By “trustless computing”, we mean computing without the need or assumption of unverified trust in anything or anyone, except in the intrinsic resistance of the organizational processes critically involved, as recognizable by moderately informed and educated citizens. By “radically-unprecedented” IT security, we mean resistant to sustained attacks of tens of millions of euros to the life-cycle or supply-chain, subvertive and economic, by actors with very low liability and high plausible deniability.