TamaGo allows not only build reproducibility but also *execution reproducibility*.
Our bare metal Go runtime API allows for deterministic interaction with VMs.
With support for tiny RISCV64 targets this allows full deterministic execution of Go zero-knowledge proof (ZKP) apps.
This is the way.
We implemented a few JS UIs using WebUSB to talk HID to the USB armory for C&C and OTA.
Worked like a charm, no driver needed, no tools, user friendly.
I feel WebUSB is vastly undervalued.
I released TamaGo 1.26.2, this is our biggest release so far!
New support for aifoundry.org ET-SoC-1, Erbium as well as Microchip LAN969x.
Interrupt API for RISC-V and support for low memory targets.
github.com/usbarmory/ta...
Once in a while we get at stab at schematics and PCB routing again.
We are squeezing a TROPIC01 on the USB armory π
I added a UEFI target to kanzashi, which uses TamaGo to bridge LLM libraries with bare metal execution for security vulnerability exploration.
As TamaGo unikernel run pretty much anywhere, it makes it for a quite interesting "smart" fuzzer.
Next up: AMD SEV-SNP target.
github.com/abarisani/ka...
There are now 10 toilets in Space
International Space Station: 4
Crew Dragon Docked at ISS: 1
Soyuz Docked at ISS: 1
Tiangong Space Station: 2
Shenzhou Docked at TSS: 1
Artemis II on way around Moon: 1
This will be the first time a toilet has left low earth orbit!
I'm officially looking around, if anybody needs a Go software engineer with a very strong background in web security lmk.
I also know a fair share of frontend dev and was a SWE/SE for Google and Microsoft.
I'm looking for security-sensitive dev projects and security reviews.
Last year, I thought we still had time to design PQ auth systems.
Now, based on the pace of progress and on statements like Google's, I believe
1. we need to finish rolling out PQ kex yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or system
This has nothing to do with the USB armory and you donβt need one to try out TamaGo! π
We ported TamaGo to the Microchip LAN969x SoC.
A collaboration with Novarq to support the Tactical 1000 network switch.
Having bare metal Go on a network switch is an exciting context which opens up many development opportunities!
Check their blog post:
novarq.com/blogs/insigh...
I want to go back in a world where documentation is like this.
I am happy to announce that I'll be speaking at @gopherconeu.bsky.social this June.
I will showcase the latest TamaGo developments and its security benefits from embedded to cloud!
www.gophercon.eu#/speakers
This is an absolutely beautiful, glorious description of the products in our lives. The things that once were simple tools that met needs, now demand relationships, have opinions, and occupy cycles of our lives.
Do yourself a favor, scroll down and read this page
www.terrygodier.com/the-last-qui...
TamaGo was created to prove that layers often assumed far away can coexist seamlessly.
The kanzashi project runs Claude/Gemini SDKs on bare metal and performs, without any OS interference, agentic investigation of the architectural attack surface.
github.com/abarisani/ka...
TamaGo is now ported to aifoundry.org Erbium processor!
The erbium_emu demo is live at:
github.com/usbarmory/ko...
I so look forward to expand support for this platform with a meaningful workload API, taking advantage of bare metal Go!
I called this project kanzashi and I will publish it next week, stay tuned.
I hacked TamaGo exception handler to report invalid register Read/Writes without crashing the VM.
I used this to extend bare metal Go LLM-fuzzing all x86_64 I/O controllers.
60 seconds.
"Let me try writing to redirection entries with malicious values".
Hypervisor coredumps.
I just published kotama, an experimental GOOS=tamago compiler branch that allows execution of a rich example in barely 6MB of RAM, running on an rv64imfc CPU (yes, no d or a extension).
This paves the way for supporting aifoundry.org Minion cores!
github.com/usbarmory/ko...
A very effective way to find all deviations from specs.
It is literally a semantic bridge between the VirtIO specifications and low level implementation.
And I can instantly target any other low level specification, even the CPU ISA itself with more creative wiring.
Next up: UEFI (as I can simply import this in go-boot).
I politely asked it not to nuke its own VirtIO network device.
It was trivial to hook Claude in a bare metal environment using TamaGo.
I wired it up to arbitrary memory read/writes for Virtio MMIO space exploration and it is now trying to escape my QEMU.
All of this in ~200 LOC of crappy code (because Antrophic Go SDK...)
