Intro to Trustless Computing Certification Body & CivicNet

Since 2013, the Trustless Computing Association has been building the Trustless Computing Certification Body, and an initial complaint computing base and service, together with its public and private partners.

 The Trustless Computing Certification Body aims to create a high-level standard-setting and certification body that is suitable to confidently certify end-to-end IT services that are able to sustain levels of integrity and confidentiality radically exceeding current state-of-the-art in their resistance against state-grade remote or local hacking. It should also be suitable for the responsible exercise of citizens’ privacy, assembly, communication and political rights, except for the most sensitive political and institutional voting.  

  Key paradigms will center on uniquely ultra-high levels of transparency, accountability, and oversight of all critically-involved technologies, procedures and people. These include ultra-high ethical, expert and public security-review in relation to complexity, advanced citizen-witness and citizen-jury-like oversight processes, online and in-person multi-jurisdictional secret-sharing techniques. Economic feasibility is granted by radical minimization of features and performance, effective compartmentation, and critical technical stacks that are time-proven and subject to open IP regimes.  

   Compliant providers – in order to prevent crimes, stave off its outlawing and cater to user need for safer key recovery – will be mandated to voluntarily (i.e. in excess of legal obligations) offer to national security agencies evaluation of their lawful access requests for adherence to law and international human rights, through an offline key or data escrow/recovery process. By applying the same safeguards used to ensure ultra-high security, and more, the inevitable added risk will be radically mitigated, resulting in compliant IT services that overall reduce the risk of abuse of end-users by anyone to levels that are radically (or at least substantially) lower than any of the other alternative secure IT systems – available today or knowingly in development – which do or do not offer such voluntary processing.

In parallel, our R&D and governance partners and spin-off startupTRUSTLESS.AI are building CIVICNET: a 1st compliant low-royalty open computing base, ecosystem and IT service. While initially targeted at the confidentiality, integrity and non-repudiability of the most critical civilian and governmental transactions and communications, TCCB will expand to other sub-domains, and to ultra-high availability use cases. It aims to be complementary, synergic and inspirational for existing and upcoming cybersecurity certifications. It will strongly promote downward compatibility in respect to EU Secret, eIDAS Qualified, Common Criteria EAL4, SOG-IS, and the inspire future certification schemes produced by the European Cybersecurity Certification Framework.

For more on its technical feasibility, read our Position Paper. For more on economic plans to build such body and an initial complaint computing base and ecosystem, see our Business Plan.