Roadmap

2022: Staex v0

This release is the legacy that we inherited from DT. Produced by 80+ engineers using industry's best practices this piece of software was massive and heavily inspired by blockchains. Over time we cut all the rough corners and eventually figured out that we need drastically different routing algorithm for IoT. Nevertheless, we still have most of the features of the original product except routing.

2023: Staex v1

This release introduced the new routing algorithm that reduced idle data usage by an order of magnitude. Another change is full rewrite in Rust that brought high performance and low memory usage even on the smallest IoT devices.

Low data usage, low memory usage and high performance are the flagship features of this release. This is the foundation that we build upon to create the most secure VPN for IoT devices.

2024: Staex v2

The major feature of this version would be the introduction of tunnels. Each end of the tunnel has its own private and public key, and each tunnel has a protocol and a port. Staex will prohibit all the traffic outside tunnels. The tunnels is a lightweight replacement for VLANs, IP access/deny lists, user authentication, and network-based isolation in general.

The tunnel does not specify the node on which the application runs, this is determined dynamically. Decoupling applications and network nodes severely limits lateral movement within the network, and enables us to make another step towards ultimate zero trust architecture.

2025: Staex v3

In this release we plan to introduce distributed public key infrastructure (DPKI). This infrastructure would enable other companies or even individuals to issue network certificates. This would tremendously reduce potential attack surface compared to the current centralized PKI.

2026: Staex v4

This release will introduce Staex OS โ€” an operating system for routers and IoT devices. The distinguishing feature will be high-level interface for router configuration: no subnetworks, no VLANs, no obscure forwarding rules. Every security-related configuration involves cryptographic certificates: application, network, node certificates and others.

In this release we also plan to introduce eBPF-based high-level language to write firewall rules in. This language will make firewall configuration more intuitive for the end user and replace the legacy iptables modules with a single one.