Get the beta
Everything ships as source. On purpose.
Postern's integrity story is reproducibility: you build what you run, and the same inputs produce the same artifact. So the beta has no download-and-double-click installer yet — and we won't fake one. Here is exactly what you can run today, and how.
Honest status — read before anything else
- Everything here is pre-production. The Rust product cores are built and test-verified; the UIs, OS images, and cloud/enterprise editions are designs and reference prototypes — each is labelled built vs designed wherever it appears.
- The underlying protocol now runs a mainnet beta — a designation, not a security claim. The relaxed regime (k=4) currently applies — work is trivially forgeable. The k=8 security hardening of the Module-SIS gate was activated at block 213,000 but reverted: it multiplied mining difficulty ~4096x and the current solo / low hashrate could not find blocks, so the chain stalled. k=8 will re-activate together with a matched difficulty reduction (so block time stays ~30s); until then, no security is claimed. Security is cumulative SHAKE-256 hashcash work (the gate is a structural filter), and the network is nascent: very few nodes, low hashrate → 51%-attackable. It is unaudited — a third-party audit is contracted but not done yet, and the concrete-security analysis and IACR ePrint are still outstanding.
- The coin is not a security and not an asset. No token sale, no listing effort, no market-making, no price. Disclosed in full: a 17% founder premine (10-year cliff, 40-year vest), structurally passive.
- Do not use any of this to protect real secrets yet. It is a public beta for evaluation, feedback, and reproduction of our claims.
1 · The web apps
Self-contained HTML — open the file, that's the install.
Each app is one self-contained HTML file — open it live right here, or grab the file from the source tree under apps/ and open it locally (Chrome for the voice features). No build step, no server, no network dependency of its own. Where an AI concierge is offered you bring your own Claude key; every app carries an honest privacy panel.
| App | Open | What it is |
|---|---|---|
| Sotto | Open → | Privacy-first voice assistant |
| Vedetta | Open → | Voice markets lookout — holdings never leave the device |
| Tolmach | Open → | Private interpreter + meeting minutes |
| Postern Store | Open → | Say what you need; it parameterizes the search |
| Chiave | Open → | Sign in with your wallet — no email, no account |
| Sarto | Open → | Onboarding configurator + transparent controls |
| Consiglio | Open → | Enterprise admin console |
2 · Demo videos
What it looks like — labelled for what it is.
Three short videos, each labelled on its own frames. The two Postern OS videos are UI design previews — the OS image they depict is not built yet (same rule as everywhere on this page: no installer exists, and we won't fake one). The Sarto video is a walkthrough of the onboarding web app you can open today from apps/postern-onboard/index.html. Nothing shown here is finished, audited, or a security claim.
3 · The reproducible OS
Postern OS — builds from source on Nix hardware.
The os/ directory holds declarative NixOS profiles: a minimal image that boots into a running node as a hardened systemd service (dedicated user, ProtectSystem=strict, syscall filtering), plus desktop, mobile, browser, cloud, and attestation profiles. Because it's Nix, the same inputs produce the same image — that reproducibility is the product.
Honest status: images build from source on a Linux host with Nix and flakes. Prebuilt, signed images are coming; they do not exist yet, and we won't link a binary we haven't built and signed.
nix build .#iso / .#mobile-image), flashing, and booting on a compatible device. No prebuilt image exists — you build from source, and this process is not yet validated on hardware by us (first target: a PinePhone + a PC). Mainnet-beta, unaudited; not a security claim. Mobile works only on the listed Mobile-NixOS devices — not any Android.# On a Linux host with Nix + flakes, from the source tree:
# Bootable ISO -> ./result/iso/*.iso
nix build .#iso
# Just the node package
nix build .#bloch && ./result/bin/bloch --help
# Try it in a VM without flashing anything
nixos-rebuild build-vm --flake .#bloch-os && ./result/bin/run-*-vm
The desktop and mobile daily-driver editions are designs with foundation profiles — see their honest labels on the products page.
4 · The desktop app
Postern Desktop — Tauri, build from source.
A desktop app for the OS you already run (Linux first; cross-platform): start/stop and monitor a node, hold a wallet (mnemonic shown once, byte-identical addresses to the mobile core), watch the miner, stream the logs. Rust backend, dependency-free web UI.
It builds from source in desktop/ with the standard Rust + Tauri toolchain (cargo tauri build after the Tauri prerequisites for your platform). No prebuilt binaries yet — same rule as the OS.
5 · The source itself
Where the code lives.
The product suite (crates, apps, OS profiles, desktop, mobile) is the Postern Labs source tree — MIT / Apache-2.0 per crate. cargo build --workspace builds the product cores; the crates that need protocol crypto pull it as a pinned git dependency.
The protocol is not ours to host: Bloch-SIS-PoW lives in its own ownerless repository at gitlab.com/blochsispow-group/BlochSISPoW-project — rendered as text, not a link, because this site makes no external requests and the protocol has no official site. See Postern & Bloch — two different things.
Before you run anything
All of it is beta and unaudited. Evaluate it, break it, reproduce our builds, file findings — but do not put real secrets in the vault, real files through the courier, or treat the chain's coins as a store of value. The chain is a mainnet beta: unaudited, 51%-attackable, running the relaxed k=4 regime (trivially forgeable) — the k=8 hardening was reverted and will re-activate with a difficulty fix — and its coins carry no value claim. Not a security, not an asset; use at your own risk.