Autark is a DevSecOps framework for more secure, self-sovereign frontend deployments, combining Safe multisig governance, ENS versioning, and IPFS storage into a verifiable release flow.
Project Summary: SUMMARY.md
Demo | Quickstart | User Flow | Git Hooks | Technical Architecture | Architecture (Short) | Docs Index
Modern deployment pipelines are fast, centralized, and often trusted too blindly.
A single compromised developer machine, CI token, or deployment credential can push malicious frontend code to production in minutes. For onchain applications, that means the frontend becomes the weakest link, even when the smart contracts are sound.
Autark exists to slow that attack path down and make every release auditable.
It introduces:
- multi-party approval before a deployment goes live
- immutable, versioned ENS releases instead of mutable overwrite-in-place deploys
- content-addressed IPFS storage that can be independently verified
Nothing goes live without consensus, and every approved version remains available as an immutable artifact.
Autark adds a governance layer to frontend deployment.
A release is built, uploaded to IPFS, mapped to a versioned ENS subdomain, and gated by Safe multisig approval before execution. In the recommended mode, subdomain creation and contenthash assignment are bundled into a single Safe transaction so the release is atomic.
-
Enforce Better
Every deployment passes through explicit review and cryptographic sealing. -
Reject Single Points of Failure
No single developer, machine, or CI token should be able to ship production frontend code alone. -
Version, Don’t Overwrite
Each release becomes a permanentvN.parent.ethrecord instead of mutating one live address invisibly. -
Keep Governance Close to the App
Frontend deployment is part of application security, not a separate convenience layer.
Autark replaces implicit trust with a verifiable release flow:
- Build static frontend output
- Upload the build to IPFS via Storacha
- Detect the next versioned ENS subdomain
- Create a Safe proposal
- Review and approve with threshold signers
- Execute the transaction and publish the immutable release
In the Safe-owned-parent mode, Autark batches:
setSubnodeRecordon ENS NameWrappersetContenthashon the Public Resolver
That means the version is created and pointed to the IPFS CID atomically.
Explore the detailed flow in User Flow and the system design in Technical Architecture.
npm install -g autark
autark init
autark deploy distFor the full setup path, including Storacha auth, ENS configuration, channels, and auto-deploy hooks, see Quickstart.
Autark now ships with an active docs set on main:
Older long-form hackathon docs remain available in docs/_legacy.
| Component | Technology | Purpose |
|---|---|---|
| Governance | Safe Multisig | Threshold approval and release governance |
| Immutability | ENS NameWrapper | Fuse-burned, versioned subdomains |
| Storage | IPFS + Storacha | Content-addressed decentralized hosting |
| Automation | Git Hooks / CLI | Deployment workflow automation |
| Language | Node.js / TypeScript | CLI and release tooling |
This hackathon pass updated the original project into the current 0.1.2 implementation.
- added
promotefor moving mutable channels to immutable versions - added
rollbackas an explicit alias for channel rollback flows - added
channelsto inspect channel state and create missing channel subdomains via Safe proposals - improved
setupso git hooks can run a custom build command before deploy
- standardized on
autarkconfig naming while keeping backward compatibility for legacy config names - improved Storacha CLI integration and error handling for login and space-selection failures
- removed the unused native Storacha provider path to keep one clear upload implementation
- removed the vulnerable Safe starter kit dependency and moved runtime Safe handling to
protocol-kit+api-kit - fixed the published CLI entrypoint so the globally installed
autarkbinary works correctly
Autark is now published at version 0.1.2.
Built for the PL Genesis hackathon.