Source Code & Cryptography

Overview

NetStacks is built on auditable security. The cryptography that protects your credentials and sessions — the part that matters most for trust — is fully open source and can be reviewed by anyone today. The full NetStacks application (the Terminal, Local Agent, and Controller) is being open-sourced very soon, the same way the cryptography library already is.

NetStacks Professional is free. Just download a signed installer from the download page — no account, no license key. As each application repository is published, it will appear in our GitHub organization; see Application Source below.

Open-Source Cryptography

The same cryptography is used in every NetStacks edition — Professional and the Enterprise Controller alike. It is published as a standalone, independently auditable library:

• github.com/netstacks/netstacks-crypto — the AES-256-GCM + Argon2id credential-vault and session-protection primitives. This is the authoritative, public implementation; the license that governs it is stated in that repository.

Nothing about the credential vault's confidentiality depends on code you cannot see: the encryption, key derivation, and envelope format are all in this repository.

Reviewing & Verifying the Crypto

You can clone the cryptography library, read it, and run its test and vector suite yourself:

# Rust toolchain
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

# Clone and test the open-source crypto
git clone https://github.com/netstacks/netstacks-crypto.git
cd netstacks-crypto
cargo test          # unit tests + known-answer vectors
cargo doc --open    # browse the API and envelope format

Contributing to the Crypto

Contributions and review of the open-source cryptography are welcome. See the repository's CONTRIBUTING.md. Briefly:

• All commits must be DCO sign-off-ed (git commit -s).
• PRs must include tests and pass CI.
• Security findings go privately to security@netstacks.net, not into a public issue. See the repo's SECURITY.md for the disclosure timeline.

Application Source (Open-Sourcing Soon)

The full NetStacks application source is being open-sourced very soon, just like the cryptography library already is. As each repository is published it will appear in our GitHub organization. This includes:

• NetStacks Professional — the Terminal desktop application and the Local Agent (SSH, the credential vault, session recordings, SFTP).
• NetStacks Controller — the server-side platform for teams (shared credential vaults, templates, stack deployments, RBAC, SSO, audit logging).
• The first-party plugins — alerts, incidents, and profiling-agents, which run inside the Controller.

Watch github.com/netstacks for the application repositories as they go public. For Controller licensing questions, contact us, and see the products page for the edition split.

Q&A

Q: Do I need an account or license key to download?

A: No. NetStacks Professional is free and the download is open — grab a signed installer from the download page and start using every feature.

Q: Is the application open source?

A: The cryptography that protects your credentials and sessions is open source and independently auditable today at github.com/netstacks/netstacks-crypto, and the full application (Terminal, Local Agent, and Controller) is being open-sourced very soon.

Q: When can I get the application source?

A: Soon. We're preparing the application repositories now; watch github.com/netstacks for them to go public.

Q: Can I run a Controller from source?

A: The Controller source is being open-sourced soon along with the rest of the application. For Controller licensing in the meantime, contact us.

Q: How do I report a bug?

A: For a cryptography bug, open an issue on the netstacks-crypto issue tracker with a minimal reproducer. For application bugs, use the contact form.