TBZ — TIBET-zip
Block-level authenticated compression for the Zero-Trust era.
Classic archive formats (.zip, .tar.gz) have no cryptographic binding between headers and data. CVE-2026-0866 (Zombie ZIP) proves this: flip one byte in a ZIP header, and 50 out of 51 antivirus engines see noise instead of malware.
TBZ redesigns compression from Zero-Trust first principles. Every block carries its own TIBET provenance envelope and Ed25519 signature. Invalid blocks are rejected before decompression touches memory.
Install
Features
- Ed25519 per block — every block is cryptographically signed. Header + envelope + payload bound together. Change one bit, signature fails.
- Streaming Fail-Fast — blocks validate on-the-fly. Tampered block? Stop immediately. Malware never reaches executable memory.
- TIBET Envelope — per-block provenance: ERIN (content hash), ERAAN (dependencies), EROMHEEN (context), ERACHTER (intent).
- JIS Sector Authorization — one archive, multiple views. Control who can decompress which blocks via bilateral identity claims.
- TIBET Airlock — quarantine buffer with 0x00 wipe on failure. eBPF kernel-level enforcement when available, userspace fallback otherwise.
- Transparency Mirror — distributed trust database for verifying package provenance across the supply chain.
- 100% Pure Rust — no C/C++ dependencies. Memory-safe, fast, portable.
Quick Start
# Initialize a repo with Ed25519 keypair + .jis.json
# Pack a directory into a TBZ archive
# Verify integrity (SHA-256 hashes + Ed25519 signatures)
# Extract through the TIBET Airlock
# Inspect the archive structure
Short aliases
Because life is too short for tar -xvf:
Smart mode
Just give it a path — TBZ figures out what you want:
Example Output
$ tbz verify release.tbz
TBZ verify: release.tbz
Signing key: Ed25519 77214ce9c262843e
[0] OK — hash + signature verified
[1] OK — hash + signature verified
[2] OK — hash + signature verified
Result: ALL 3 BLOCKS VERIFIED (hash + Ed25519) ✓
Tampered archive detection:
$ tbz verify tampered.tbz
[0] OK — hash + signature verified
[1] FAIL signature: block header tampered
[1] FAIL — hash mismatch
Result: 2 ERRORS in 2 blocks ✗
Airlock: buffer wiped (0x00)
Block Format
┌─────────────────────────────────────────────────┐
│ Magic: 0x54425A ("TBZ") │
│ Header (JSON): version, block_index, type, JIS │
│ TIBET Envelope (JSON): ERIN, ERAAN, EROMHEEN, │
│ ERACHTER — full provenance per block │
│ Payload: zstd-compressed data │
│ Signature: Ed25519 (64 bytes) over all above │
└─────────────────────────────────────────────────┘
Block 0 is always the Manifest — the signed index of the archive containing the Ed25519 public key, block metadata, and total sizes (zip-bomb protection).
Python
# Inspect (pure Python, no binary needed)
=
=
# Verify (uses Rust CLI if available, falls back to Python)
=
# TBZ VERIFIED: 3 blocks (hash + Ed25519), 0 errors
# Transparency Mirror (public, no auth)
=
=
=
Transparency Mirror
Public supply chain verification. The bootstrap node runs at brein.jaspervandemeent.nl.
- Lookup:
GET /api/tbz-mirror/lookup/{sha256:hash} - Search:
GET /api/tbz-mirror/search?verdict=safe - Stats:
GET /api/tbz-mirror/stats - Analytics:
GET /api/tbz-mirror/analytics
Workspace Structure
crates/
tbz-core/ Block format, TIBET envelope, zstd, Ed25519, streaming reader/writer
tbz-cli/ Command-line tool: pack, unpack, verify, inspect, init
tbz-airlock/ Quarantine buffer, eBPF detection, 0x00 wipe
tbz-mirror/ sled-backed trust database, attestations
tbz-jis/ .jis.json parser, sector mapping, JIS authorization
python/
tbz/ Python client: archive reader + Mirror client (pip install tbz)
Architecture
See ARCHITECTURE.md for the full design document including:
- Threat model and attack surface analysis
- IETF draft considerations
- eBPF Airlock kernel hook design
- JIS bilateral identity protocol
- Transparency Mirror DHT design
Author
Jasper van de Meent — Humotica
License
MIT / Apache-2.0