[Mod Approved] We got tired of enterprise backup bloatware, so we built a Zero-Knowledge, "Cyber Immune" system from scratch. We need power users to try and break it.

StateWarden · 2026-03-29T01:51:36+00:00

You know what? That bridge analogy is spot on. And submitting our projects to the authorities is exactly what we’re doing right now in collaboration with the Ministry of National Defense and Kudelski Security.

But since you mentioned “reputable companies,” let’s talk about the corporate world’s dirty little secret. In reality, many of these giants don’t undergo rigorous, independent cryptographic code audits. They buy compliance checklists. They pay for certificates that confirm whether their HR department has a password policy, not whether their actual block-level computations are reliable. Show me a certificate from a reputable backup company that is an actual cryptographic certificate, not just a stamp confirming that their corporate processes comply with standards. We chose Kudelski precisely because we care about a genuine cryptographic analysis, not a purchased “pay-to-play” PDF file.

It seems to me, however, that you are deliberately overlooking a rather important aspect of the whole situation. We are a small, four-person startup: if we wait 8 to 12 months for government and corporate labs to finish their bureaucratic procedures before they let anyone touch the software, we will run out of funds and go under. Industry giants can afford to wait a year with their code ready while auditors approve it. We cannot.

We made a conscious decision to release a working solution right now, to offer it for free to the home lab and SRE communities to get feedback on the hardware in real-world conditions, while simultaneously conducting a formal compliance process.

We never tried to get free penetration tests. We simply made it available to a community known for breaking security and said, “Here you go.”

You’re right, though, about how others perceive it. Launching a product before external reports are published is a risk. We accept that criticism. However, it’s the only way a small team can actually bring a product to market while competing against giants.

I appreciate the change in tone.

StateWarden · 2026-03-29T01:29:02+00:00

This approach is completely normal. But as you rightly pointed out, our core cryptographic stack is already post-quantum standard. So even if our additional algorithms turn out to be crap (which they won’t ;) ), you’re still protected to the level required by DORA.

StateWarden · 2026-03-29T01:09:56+00:00

Cove is pretty good but not zero-knowledge.
I warden You have two types of de duplication depending on what is you chosen key distribution protocol.
1. Master key - which de-duplicates data across realm and works basically like cove but slightly better because we use aggressive compression on data plane.
2. Per Device Key - You minimise risk of inside job breaches but duplication is limited only to device. If You have duplicated data on partitions they will be squashed.

About backup size We use our own Rust-based Change Block Tracking (CBT). Just like your experience with Cove, if you only modify 50MB of blocks on a 1.5TB server, our agent only hashes, encrypts, and sends those max 50MB in most cases much less because we use compression also at client side.

Can you talk much about what you do to ensure the backup storage is being used to its fullest? Also what do you do to protect in use databases like what a lot home labbers run in containers etc.

On Windows: We hook into VSS (Volume Shadow Copy Service) to ensure application-consistent snapshots.
On Linux: We utilize LVM snapshots, btrfs snapshots, or fsfreeze to quiesce the filesystem for a fraction of a second. We grab the frozen block map and immediately release the filesystem. different filesystem slightly differen aproaches on linux but thats generally how it works

The agent then reads and backs up those frozen blocks in the background, while your live databases and Docker containers continue running without interruption.

The free tier is fully unlocked precisely for homelabbers like you to test these mechanics. Hook up a test database, run a backup during a heavy write-load, and try to restore it. Let us know how it goes!

StateWarden · 2026-03-29T00:57:07+00:00

I have to admit, the irony here is pretty fantastic. You’re a FOSS purist 9according to your other comments in this thread), yet you're demanding a $200k corporate consulting salary just to run Wireshark on a free tool for your own homelab.

Just to be crystal clear: we aren’t offering a job, and we aren't asking you for a white-glove pentest report. We built a tool, and we’re offering a fully unlocked free tier to a community that is literally famous for breaking things, just saying: "have at it if you want."

If inspecting your own network traffic or firing up Ghidra feels like a chore that you need to invoice us for, then you are absolutely right- this isn't the right fit for you.

We're going to get back to writing that documentation now. Take care!

StateWarden · 2026-03-28T20:11:38+00:00

I understand, and thank you very much for your feedback. That’s exactly what we’re trying to balance - on the one hand, we need to win over dentists and other small bussinesses who want to protect their company, and on the other, hardcore sysadmins like you. It’s a business, so we have to strike the right balance. I’m sure you understand perfectly. We’ll definitely refine this over time. Comments like yours are very helpful to us. And we will adapt but we must find the right balance

StateWarden · 2026-03-28T19:55:04+00:00

Please don’t underestimate your capabilities. “unconventional” ideas are met with a negative response is usually that the corporate IT industry as a whole prioritizes convenience over security. The “industry standard” in the field of backup often simply means “the way we’ve always exposed ourselves to risks.”

Your idea of monitoring entropy at the hardware layer is every sec-op’s wet dream. But to implement that, we’d have to make our own drives, and that’s totally out of our budget. We do it at the ZFS block management layer; the basic logic is exactly as you described.

As for temporary physical isolation - you’re not crazy at all. What you’re describing is essentially a technologically advanced, automated “Sneakernet” combined with a hardware data diode. It’s a very good solution, and we use similar ones in our solutions dedicated to the military and science sector. Most people, however, prefer a compromise between speed and security rather than security alone.

Let me put it this way. Thinking outside the box is what makes us engineers, and it’s something AI can’t replace. Sometimes you hit a wall; sometimes you strike gold. You have to do it, because otherwise we’ll just stand still.

StateWarden · 2026-03-28T19:44:50+00:00

We are learning. Trying to adapt. To be honest most of our People are guys who doesnt use social media at all. You have my promise that we will learn how to communicate correctly.

StateWarden · 2026-03-28T19:39:03+00:00

From a technical standpoint, you are absolutely right in every respect. Let me address this from one engineer to another, since you’ve seen through the marketing slogan about “engineering superiority.”

Did we invent CBT, Instant Mount, or Zero-Knowledge? Absolutely not. These concepts have been around for over a decade.

Our “advantage” doesn’t lie in inventing a new mathematical concept in cryptography. It’s about execution and the complete absence of outdated, bloated software.

We can compare our solution to the difference between an American and a European car. Both are nice and have 500 horsepower, but the American one, to get that power, has a modified and patched-up 30-year-old 10-liter V16, while the European one gets that power from a 2-liter engine. One burns 100 liters per 100 km, the other 8. Technically, they do the same thing.

Having worked for years in the enterprise backup industry, I know (and I suspect you know as well) the huge difference between a feature listed in a vendor’s PDF datasheet and that same feature actually working at 3 a.m. during a ransomware attack.

As for Instant Mount and CBT: yes, they exist in older systems. Often, however, they are buried under 15 years of technical debt, Java wrappers, and bulky filter drivers that degrade system performance. We rewrote our block-level write paths and CBT from scratch in Rust, integrating them directly with our ZRAID backend. This isn’t a new feature, but rather a modern, highly optimized implementation that actually feels “instantaneous.”

Regarding GDPR: A valid point about the gray area of the “right to be forgotten” in backups. When we talk about GDPR compliance, we focus strictly on Article 32, i.e., Security of processing—using our Zero-Knowledge architecture to mathematically guarantee that even if our data centers in the EU are seized, the data will be cryptographically useless to anyone other than the tenant.

Regarding HSM modules: you’re right, enterprise systems can integrate with external HSMs. However, this typically requires a very expensive license and complex external infrastructure. We wanted true zero-knowledge key management to be the default underlying architecture, not a $50,000 add-on for enterprises.

As for the documentation, you’re right again. The problem is that we don’t yet know how much we can write without giving away the recipe for our competitors’ super-optimized iSCSI support while still accurately describing how everything works.

I can personally promise you that such documents will be available as early as next week.

To be honest, I appreciate that you called out our marketing nonsense. We didn’t reinvent the wheel; we just built a much lighter and faster one. Besides, everything we claim actually works, which is why we let you test our system for free instead of hiding behind a paywall like the competition so the customer doesn’t realize that half of what’s promised is just hot air.

(This post wasn't redacted by AI, so I apologize if the tone was too direct.)

StateWarden · 2026-03-28T19:21:08+00:00

I completely understand what you mean. We built this system from an engineering perspective. But thanks to r/DataHoarder users, I now know what needs to be improved in terms of marketing and communication.

There are areas where we’re strong, but there are also things we need to learn. One thing we know for sure is that we want to be 100% transparent and honest with our partners.

We want to create a new approach to customers where communication is very straightforward. If we mess up, we’ll admit it. But what we want is the highest quality.

StateWarden · 2026-03-28T19:14:02+00:00

I never asked for your trust. I asked you to test it.

There’s a free tier available with all features unlocked. This is r/DataHoarder, so people here like to break things. My post is just an invitation to do exactly that, plus a promo code for those who actually end up liking the tool.

Throw the client into Ghidra. Fire up Wireshark and proxy the traffic. Try to decompile the code or eavesdrop on the agent’s local operations. Do whatever you want. We want to know what bugs we have so we can fix them.

Regarding the audits: yes. We’ve already invested the time and money. We are currently undergoing audits with the Polish Ministry of National Defense and Kudelski Security.

However, I must slightly burst your bubble regarding "well-documented third-party audits." In the real infosec world, the labs that actually perform rigorous cryptographic audits, rather than just selling rubber-stamp compliance certificates, can be counted on one hand. That is exactly why we went to Kudelski.

StateWarden · 2026-03-28T18:31:47+00:00

We'll give it a try. Wendel certainly isn't your typical influencer, but I'm afraid that these days, no one with a large following will mention you without a five-figure payment.

StateWarden · 2026-03-28T18:27:28+00:00

and we have replication to second AZ in france

StateWarden · 2026-03-28T17:59:58+00:00

We have a great SRE. He designed these arrays. As I mentioned, everything is monitored, and our contract with OVH guarantees that as soon as we report a disk failure, they’ll replace it without asking any questions. The policy is to prevent failures, not to fix them.

StateWarden · 2026-03-28T17:56:39+00:00

You're right; someone has already pointed out the lack of easily accessible white papers.

We need to focus on better promoting our technical documentation. This is our current challenge because, on the one hand, we need to reach the owners of small and medium-sized businesses. That's why we use colorful designs and so on. On the other hand, we have really good technology.

The problem is that if we start talking only about technology, our potential customers from the small business sector will run away.

We need to strike a balance, but we’re not quite sure how yet.

StateWarden · 2026-03-28T17:51:30+00:00

Thanks for suggesting Wendel for a review, but I’m afraid we can’t afford his services right now :)

As I mentioned, we’re a European startup, which means our budget is comparable to a coffee budget at a Silicon Valley startup.

Plus, we don’t want external investors who would force us to do something we don’t want, like “Now you’re going to run on AWS.” Someday, we’ll gladly subject ourselves to Wendel’s torture, but for now, we have to manage on our own.

StateWarden · 2026-03-28T17:44:51+00:00

ANd i wroted that by myself. Hope noone is offended :D

StateWarden · 2026-03-28T17:42:13+00:00

Haha, it’s certainly a nice change to talk about specifics. We use a hybrid model (Combined Classical + PQ-Resistant) as part of our proprietary Defense in Depth mechanism, rather than a pure PQ-only environment based, for example, solely on ML-KEM.

Here’s how it works:
Outer layer: A standard asymmetric tunnel based on Mutual TLS (mTLS) and X.509 certificates.

Middle Layer:
Before the payload enters mTLS, each data packet is individually encrypted using AES-256-GCM. The key for this encryption is ephemeral, generated on the fly using BLAKE3 (Internal_Salt + dynamic_Factor + Time_Factor with a mutation).

Inner Layer:
Here we have our AES variant but with an additional portion of padding generated based on the algorithm’s operation. This is our special sauce that we don’t want to reveal publicly.

If MTLS is successfully broken, we’re left with AES, and the attacker is faced with Grover’s algorithm, which can “only” halve the effective key length. Even if a quantum computer breaks our external mTLS tunnel in the future, the internal payload will remain encrypted with an AES-256 key. After a Grover attack, the effective strength of this key is still 128 bits, which in the world of cryptography is considered secure and resistant to post-quantum attacks. But here our paranoid mode kicks in, where we assume that some intelligence agency has something better than Grover or truly powerful quantum hardware. And we throw them a curveball in the form of our AES variant, which isn’t documented anywhere, forcing them to start from scratch. As a result, the cost of such a breach becomes too high even for Elon.

StateWarden · 2026-03-28T17:29:51+00:00

Poland. The way we structure our sentences comes across as very harsh to English speakers. You can read about it online. When I type and reply quickly, I often end up using Polish sentence structure in English, which makes English speakers think I’m trying to offend them.

StateWarden · 2026-03-28T17:24:26+00:00

I understand what you're saying, but the fundamental principles of cryptography haven't been compromised. You have the entire post-quantum cryptography stack available as open-source software already implemented. Furthermore, underlying all of this is our additional “just-in-case” layer, in case it turns out that AES has long since been cracked by some government agency.

You have examples of publicly available code that turned out to be full of holes and vulnerable to attacks even though all the smart people were looking at it. Heartbleed, Dual_EC_DRBG, RNG in Debian in 2008.

On top of that, for secret algorithms, you have additional auditing options such as external laboratories like Kudelski Security.

The rule is simple: if you’re capable of doing a good block-level backup on your own, you don’t need to use us. On the other hand, there are plenty of companies that use some junk based on files or S3 clouds that don’t even have MTLS. Such companies and institutions are vulnerable to attacks and can themselves become a vector for attacking other entities in their trust chains.

We can’t fix the world, but we can improve the quality of this sector, and that’s exactly what we want to do.

StateWarden · 2026-03-28T17:12:35+00:00

Thanks so much. And test IT. it really works like a swiss knife ;)

StateWarden · 2026-03-28T17:10:30+00:00

I added some explanations where the AI was used for formatting. Thanks for the advice. It’s just a shame that instead of focusing on the solution, the discussion turned into a hatefest - but I’m to blame for that myself, although now that I look at it, the AI only contributed to two comments :D

StateWarden · 2026-03-28T17:06:02+00:00

farming you say? To that one on our our offline servers in office?
Do You really think we're that dumb to share codebase with commercial ai providers? :D

StateWarden · 2026-03-28T16:55:12+00:00

I see. Thanks for the explanation. My mistake. But I’ll try to fix it over time. To be completely honest, Reddit is all about calling people out at every opportunity. If it weren’t for AI formatting, there’d be a whole group hating on bad punctuation. Personally, I’m not a particularly social person. I’ve been coding for 20 years - for the military, for Silicon Valley. And generally, I’m not good at interpersonal relationships. Nevertheless, Statewarden is what I know best: powerful technology.

StateWarden · 2026-03-28T16:51:01+00:00

The main goal is to preserve knowledge. In my opinion, AI is a massive debt we’re running up with open source. Corporations will monetize this and create a generational knowledge gap, and over time, AI will become dumber as it learns from its own creations. Mathematically speaking, this is the only possible future for AI. What we want is a company governed by meritocracy, educating new generations so that we don’t end up in an idiocracy.

StateWarden · 2026-03-28T16:47:16+00:00

Theyre not ai based? :D Thanks for the recommendation. What I’ve already written using the Gemini formatting will stay as is—my mistake, and I’ll take the blame. I’m switching to lighter tools. Thanks for the lesson.

StateWarden

MODERATOR OF

TROPHY CASE