operator onboarding · pure C · air-gapped

Mint your sovereign root.

Every high-ranking Purcius builder holds their own root key — born on your device, in airplane mode, split so no single loss is fatal, never touching a network.

The key that anchors your FQDN. You generate it, you split it, you hold it. No shared box, no vendor, no trust in anyone else.

Android app

Airplane-mode guard → mint → export each share separately → publish your _key line.

Download APK

Built by CI from source. iOS follows.

Right now — Termux

The exact same pure-C ceremony, on your phone today. No app store.

Ceremony ↓

What it does

Mint on your phone tonight (Termux)

# online, once
pkg install git clang make
git clone https://github.com/kastil-systems/nous

# ✈️  AIRPLANE MODE ON — confirm all radios off
cd nous/purcius-genesis
make -C ../security && make
./genesis-cli selftest              # must print PASS

./genesis-cli mint 5 3  out
#   -> out/operator.pub   out/_key.txt   out/share-01..05.share

Scatter the 5 shares to 5 separate places. Publish _key.txt + operator.pub. Then reconnect. Recover anytime with any 3 shares:

./genesis-cli recover out/operator.key out/share-01.share out/share-03.share out/share-05.share

Under the hood

A thin shell over the nous crypto substrate: ed25519 keypair + shamir GF(256) split/combine, both pure C, both tested. The app adds a UI and an airplane-mode guard — nothing more. Auth & key material are substrate (kastil-systems, pure C) by rule, never a per-app concern.

Source: kastil-systems/nous · purcius-genesis