Welcome

Stronghold is an open-source software library that was originally built to protect IOTA Seeds, but can be used to protect any digital secret.

Stronghold is a secure database for working with cryptography, which ensures that secrets (like private keys) are never revealed, but can be used according to best practices.

Stronghold provides its own peer-to-peer communication layer, so that different apps can securely communicate using an implementation of the Noise Protocol over libp2p.

3rd Party Independent Security Audit

In April 2021, F-Secure performed a security assessment of the core crates of IOTA Stronghold and found nothing of concern. This is not an explicit declaration of fitness or freedom of error, but it is an indicator of the high quality of the code. You may review in our GitHub repository.

In May 2022 Stronghold was also audited by WithSecure. You can find the full audit report in our GitHub repository .

Joining the discussion

If you want to get involved in discussions about this library, or you're looking for support, go to the #stronghold-discussion channel on Discord.

Software Bill of Materials

We maintain a bill of materials for the upstream libraries that Stronghold consumes.