diff --git a/README.md b/README.md index 13fa5ab..e7d0601 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ Let local agents use real tools without turning your shell into a generic creden > If you use local coding agents with real credentials, `latchkeyd` gives you a narrower, auditable trust gate between wrapper and tool. -![latchkeyd before and after](docs/assets/before-after.gif) +![latchkeyd before and after](docs/assets/before-after-anim.webp) ```bash LATCHKEYD_BIN="$PWD/.build/debug/latchkeyd" ./examples/bin/example-wrapper demo @@ -150,6 +150,8 @@ What `latchkeyd` does is narrow the blast radius once an agent is already allowe - broad inherited env state is replaced with explicit handoff - a tool name alone is not trusted; the real path and hash must match +![latchkeyd attack surface protection](docs/assets/attack-surface-anim.webp?v=2) + This is defense in depth for approved local workflows, not a blanket claim of secure agents. ## How It Works @@ -161,7 +163,7 @@ This is defense in depth for approved local workflows, not a blanket claim of se 5. `latchkeyd` resolves only the secret entries approved by policy. 6. `latchkeyd` injects only the approved environment variables and `exec`s the command. -![Architecture flow](docs/assets/architecture-flow.svg) +![Architecture flow](docs/assets/architecture-flow.png?v=2) **Tenets:** diff --git a/docs/assets/animation.html b/docs/assets/animation.html new file mode 100644 index 0000000..513e0a5 --- /dev/null +++ b/docs/assets/animation.html @@ -0,0 +1,60 @@ + + + + Latchkeyd Defense Animation + + + +
+ + Before + + After +
+ + + + diff --git a/docs/assets/architecture-flow.png b/docs/assets/architecture-flow.png new file mode 100644 index 0000000..fa25781 Binary files /dev/null and b/docs/assets/architecture-flow.png differ diff --git a/docs/assets/architecture-flow.svg b/docs/assets/architecture-flow.svg deleted file mode 100644 index 420198e..0000000 --- a/docs/assets/architecture-flow.svg +++ /dev/null @@ -1,52 +0,0 @@ - - - One approved handoff - Wrapper to trusted tool, with local trust checks in the middle. - - - - - - - - - - - Agent - Wrapper - small explicit surface - latchkeyd - verify wrapper path + hash - verify binary path + hash - inject approved env vars - Trusted tool - receives scoped env vars - - - - - - - - - - - - Trust Manifest - wrappers - binaries - exec policies - - Secret Backend - keychain - file for demo / CI - - Validation - verify trust state - exercise one denial path - - Denied path - drift - hijack - bypass - diff --git a/docs/assets/attack-surface-anim.webp b/docs/assets/attack-surface-anim.webp new file mode 100644 index 0000000..4c05a2d Binary files /dev/null and b/docs/assets/attack-surface-anim.webp differ diff --git a/docs/assets/before-after-anim.webp b/docs/assets/before-after-anim.webp new file mode 100644 index 0000000..60545e2 Binary files /dev/null and b/docs/assets/before-after-anim.webp differ diff --git a/docs/assets/before-after.gif b/docs/assets/before-after.gif deleted file mode 100644 index 979cc27..0000000 Binary files a/docs/assets/before-after.gif and /dev/null differ diff --git a/docs/assets/gxOAw.png b/docs/assets/gxOAw.png new file mode 100644 index 0000000..0d52a3f Binary files /dev/null and b/docs/assets/gxOAw.png differ diff --git a/docs/assets/oq0qv.png b/docs/assets/oq0qv.png new file mode 100644 index 0000000..76df351 Binary files /dev/null and b/docs/assets/oq0qv.png differ diff --git a/docs/assets/qr-code.png b/docs/assets/qr-code.png new file mode 100644 index 0000000..4a341cd Binary files /dev/null and b/docs/assets/qr-code.png differ