Three ISOs

Syn_OS ships as a three-image family. All three share the same kernel, Rust userspace, and GRIMOIRE engine — but a build-time Curtain (ELF symbol scanner + feature audit + lab integrity manifests) and a runtime capability ceiling enforce strict separation. Public players cannot escalate to Master no matter how far they progress.

The lineup

Profile	Audience	Status	Distribution
GRIMOIRE Public	Students, hobbyists, CTF players, competitors	Beta — public release pending counsel review of EULA + ToS	Free download, Apache 2.0 + LicenseRef-Proprietary split
GoodLife	AI researchers, salvage operators, AI-curious	Beta — public release pending counsel review	Free download
Master	LumOs operators, commercial customers, federal contracts	Internal — gated by license & customer agreement	Commercial license, not for public distribution

What’s actually in each image

GRIMOIRE Public

• 6.19-synos-ai kernel with CONFIG_RUST=y and 17 loadable Rust modules
• ALFRED in GameMode (sandboxed for labs, AppArmor + seccomp restricted)
• 10-tool starter kit (nmap, wireshark, netcat, curl, tcpdump, strace, ltrace, hexdump, binwalk, strings) and 5 intro labs
• The full 100-lab catalogue is pre-bundled inside the ISO — unlocked progressively, no internet required
• Cinnamon DE with Rehoboam system monitor overlay
• synos-bevy desktop plugins (Cutscene, FactionHQ, SkillTree, Mindmap, RetroFilter, Cyberspace)
• C2 framework binaries (cobalt-strike, empire, covenant, sliver) scrubbed at build time
• Syscalls 470–474 (AI dispatch) return ENOSYS; Fragment Field IDS is userspace-only
• Tier-isolated LLM federation (GRIMOIRE nodes federate only with GRIMOIRE peers)

GoodLife

• Same kernel; ALFRED built with the research-mode cargo feature
• Loads ResearchModeSettings from ~/.config/alfred/research.toml
• Ollama pre-configured with qwen2.5:7b + llama3.2:3b (~6.5 GB pre-pulled in stage 12 — offline-capable on first boot)
• Jupyter, curated ML tooling, no offensive security tools
• No internet-facing services by default
• Wallpaper set: goodlife-abstract, goodlife-nebula, goodlife-space

Master

• Every capability enabled from first boot — full ALFRED, full ARCANUM, full Fragment Field IDS, full Curtain v3 admin tokens
• 600+ security tools (155 native + 250 Arsenal container + 2,800 BlackArch on-demand)
• RaaS engine + finding ranker + digest renderer + Stripe billing
• SOC2 / CMMC L2 / FedRAMP Moderate compliance posture
• Not for public distribution. Commercial license + customer agreement required.

Verification (when ISOs publish)

All public ISOs are signed and reproducible:

• Cosign + Sigstore Rekor transparency log entries (v48 Forge)
• SLSA-3 provenance generated by slsa-github-generator in release-publish.yml
• SOURCE_DATE_EPOCH propagation, deterministic squashfs, sorted tar/mksquashfs, pacman snapshot pin — bit-for-bit reproducible across oracle nodes
• SHA-256 checksums + CycloneDX SBOM published alongside each ISO
• GPG-signed release manifest

The cross-oracle verifier (synos-rebuild-verify.sh) lets you rebuild any release ISO on independent hardware and confirm the digest matches.

System requirements

Component	Minimum	Recommended
CPU	x86_64 (Haswell+), 2 cores	4+ cores, AVX2
RAM	4 GB	8+ GB (16 GB for AI workloads)
Storage	32 GB	64 GB SSD
Firmware	UEFI w/ SecureBoot optional	UEFI + TPM 2.0 (for Curtain v3 attest)
GPU	Optional (Vulkan for Bevy)	Discrete GPU for local LLM inference
Network	Optional	Tailscale-capable (ARCANUM mesh)

Stay updated

Star the GitHub repository to be notified when public ISOs cut. Join the Discord for build-day announcements.

Beta status

GRIMOIRE Public and GoodLife are code-complete on feat/operation-warp-speed as of v60. Public distribution is blocked on counsel review of the MIT vs LicenseRef-Proprietary split, EULA, ToS, and MSA bundle, plus a $1M / $3M Tech E&O cyber-liability binding. Engineering is ready; legal is in motion.