Skip to content

w8mej/ProofOfCoffee

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
README.md
README.md
 
 

Repository files navigation

Proof of Coffee: The Archive

Note: This repository serves as a historical index. The Proof of Concepts listed below have graduated to their own dedicated repositories.

☕ The Collection

Proof of Coffee is a curated portfolio of advanced security automation experiments, exploring the boundaries of what is possible with modern infrastructure and cryptographic primitives.

Each project represents a specific "what if" scenario—from hardware-backed multi-party computation to zero-trust CI/CD pipelines—demonstrating that security can be both rigorous and creative.

📂 Graduated Projects

The following projects have moved to their own homes to facilitate focused development and community contribution.

Project Name Description Status
Righty Tighty Cross-cloud OCI/AWS federation using YubiKey OIDC and Vault. MOVED
Short Term Memory Dynamic AWS credentials via YubiKey PIV login. MOVED
Touch and Go FIDO2/Vault OIDC auth for Terraform-provisioned apps. MOVED
Ouija Board MPC ephemeral signing with TEE attestation on OCI. MOVED
Dizzy Keys Automated multi-cloud credential rotation for AWS & OCI. MOVED
HR Token Zero Effort Self-service onboarding via YubiKey and Vault Identity. MOVED
Knock Knock SSH Vault-signed YubiKey OTP for passwordless SSH. MOVED
Hard to Get API Access Hardware-secured API gateway using Terraform and Vault. MOVED
Dynamic Rainbow Road Dynamic SSH certificates via Vault for Terraform nodes. MOVED
Secure DB Bootstrapper YubiKey OTP-based Vault AppRole login for DB creds. MOVED
Hardware Rooted Terraform State Guard YubiKey-protected Vault keys for Terraform state rotation. MOVED
Zero Trust Given Zero-trust API key minting with YubiKey MPC. MOVED
Immutable Plan Enforcer Zero-trust OCI Functions with YubiKey-signed plans. MOVED

👨‍💻 About the Architect

John Menerick is a distinguished security engineer and researcher known for breaking things to build them better. With a deep focus on detection engineering, infrastructure security, and cryptographic orchestration, John crafts solutions that challenge the status quo of security automation.

This collection stands as a testament to the philosophy that security should be an enabler, not a blocker—and that the most robust systems are often born from the most creative experiments.

📜 License

These projects are open for learning and inspiration. Use at your own risk—great for knowledge, bad for uptime if deployed without care.

About

A dangerously functional collection of experiments. This repository exists at the intersection of “I wonder if this works” and “oh no, it worked”. Expect questionable Terraform, overly caffeinated Bash scripts, and Python that may or may not summon cryptographic demons. Perfect for educational purposes and reminding PoC can mean Proof of Coffee.

Topics

proof-of-concept vault terraform yubikey pki oci hashicorp hsm multi-cloud security-automation devsecops zero-trust

Resources

Readme
Activity

Stars

5 stars

Watchers

0 watching

Forks

0 forks
Report repository

Contributors