From Silence to Security: 102 Days of Building SigilDERG

For a little over three months, this blog has been quiet. Too quiet, some might say, but that doesn't mean the work has stopped. Quite the contrary; it means I decided to put up or shut up. SigilDERG doesn't reward half-measures, and quite frankly, neither do I.

Since June I’ve been neck-deep in a side-arm of the project: the rust-crate-pipeline (as it's named on PyPI). This is the dataset builder, the tool that will help me analyze over 550 Rust crates from the live Rust ecosystem, run them through extensive cargo checks looking for unsafe code patterns, security issues, reading documentation, and so on. The idea is to gather as much information as humanly possible. I fed it over three hundred in Google Cloud credits, a hundred in Azure, and every local cycle I could squeeze from my poor HP Omen. By July, the resources were gone and the project was close to stalling.

That was when the Lambda AI grant came through. One thousand dollars that turned near failure into momentum and carried both the rust-crate-pipeline and SigilDERG forward. With that secured, I doubled down.

In July and August my commits turned from scaffolding into steel. SigilDERG went from a fragile framework into something with teeth:

• Knowledge distillation loss landed: I figured out temperature scaling, KL divergence, alpha blending. Teacher inference is scaffolded, ONNX export hooks are in place, but the wiring is still ongoing.
• Extension registry tied to LOA (Level of Access), with registration and trust scopes enforced before anything touches canon. No stubs, no shortcuts, just the way Rule Zero requires.

Over the last couple of days I ran a comprehensive security audit. I tore out risky unwrap() calls from the critical paths, bolted in Ed25519 witness quorum checks, AES-GCM encrypted config, Argon2-derived master keys, CSRF protection with one-hour lifetimes, per-client rate limiting, TLS-enforced clients, and so on. Before, the project was a proof of concept with holes you could fly a 747 through without hitting its wings; now it's hardened better than I originally imagined it.

Eight weeks ago, I enrolled in Software Engineering at Southern New Hampshire University. This isn't a vanity degree; it's paperwork that backs the code I am already writing. SigilDERG will be my capstone project if I can get the staff to allow me to use it that way. If not, I will keep building anyway. I'm not chasing prestige, dear Reader, I'm building something that can survive. I'm still working solo, still plugging away as much as life will allow. I do not plan on giving up on this, not now, not ever.