Minimal TCB
Removes large boot firmware from the trusted computing base.
Guarantees
Trust that starts where it matters
Measured Dynamic Launch
Protects dynamic launch measurements for later attestation.
Controlled Handoff
Mediates transitions into trusted run-time firmware and security monitors.
The Problem
Root of trust is often too broad.
Static boot chains pull complex firmware, initialization logic, drivers, and platform code into the trusted computing base. A single privileged bug can compromise confidentiality, integrity, or the control path before the system ever reaches trusted run-time software.
Our Approach
Flashpoint enables resetting trust dynamically.
Flashpoint adds a lightweight RISC-V mechanism and immutable FP-anchor that isolate privileged software, reset the chain of trust at launch, and make the trusted path small enough to reason about and verify.