Skip to main content



Stronghold is an open-source software library that was originally built to protect IOTA Seeds, but can be used to protect any digital secret.

It is a secure database for working with cryptography, which ensures that secrets (like private keys) are never revealed - but can be used according to best practices.

It provides its own peer-to-peer communication layer, so that different apps can securely communicate using the state-of-the-art Noise Protocol over libp2p.

status Audit Test docs coverage dependency status FOSSA Status

3rd Party Independent Security Audit

In April of 2021, F-Secure performed a security assessment of the core crates of IOTA Stronghold and found nothing of concern. This is not an explicit declaration of fitness or freedom of error, but it is an indicator of the high quality of the code. You may review the audit here.

Joining the discussion

If you want to get involved in discussions about this library, or you're looking for support, go to the #stronghold-discussion channel on Discord.

What you will find here

This documentation has six sections.

  1. Overview: detailed overview of the project
  2. Structure: explains the layout of the individual crates and systems
  3. The Specification: detailed explanation of requirements and functionality
  4. Retrospective: a look at the evolution of this project
  5. Contribute: how you can participate in the Stronghold software development
  6. Get in touch: join the community and become part of the X-Team

Software Bill of Materials

We maintain a bill of materials for the upstream libraries that Stronghold consumes. You can download the latest version with the following link:

Tutorials (Coming Soon)

We will be adding video and textual tutorials for introducing the concepts behind Stronghold.

How To's (Coming Soon)

We will be adding a number of specific How To examples that will cover common use cases, like integrations, backups etc.