SHIPPING NOW

v0.8.3 — April 2026 — Secure Boot Release

✓Memory-safe UEFI bootloader in Rust (x86_64 + aarch64)
✓Production signing pipeline with session-cached key unlock
✓Shim 15.8 + MOK integration via SecurityOverride (Path F)
✓Trust-evidence log v1 (JSON lines, truncate-per-boot)
✓Four Secure Boot configurations documented (off, firmware DB, shim + MOK, Proxmox zero-touch)
✓Proxmox host-side monitoring (lamboot-monitor.py)
✓BLS Type 1 + UKI + kernel-install plugin + Debian/Ubuntu kernel hooks
✓Full GUI with mouse, serial console fallback

NEAR-TERM

v0.9.x — Q2 / Q3 2026

Stop relying on firmware-ambiguous LoadImage; inspect and verify PE ourselves. Closes the shim asymmetric-SBAT gap and several documented bypasses.

Per-image SHA-256, crypto-signed entries, TPM event correlation, append-mode across boots.

Show the trust decisions live in the boot UI.

policy.toml.sig + policy.toml.cert so policy tampering fails closed.

Community-contributed, if a champion steps forward.

Dual-sign with Dilithium alongside RSA for forward-compatibility.

MEDIUM-TERM

•Shim-review submission. Distro-chained trust for Fedora / Ubuntu / Debian / Arch. Existing distro shim chain-trusts LamBoot without per-user MOK enrollment.
•Documented SBAT generation bump policy. When revocation happens, how we communicate and what gets bumped.
•First commercial-support conversation (if there’s interest).

LONG-TERM

•Network boot. UEFI TCP/HTTP stack, signed artefacts.
•VM lifecycle integration with the broader Lamco RDP / Proxmox stack.
•Audit-tool ecosystem — tools that consume the trust-evidence log to produce fleet-wide boot-health reports.

NOT ON THE ROADMAP

Worth naming explicitly so expectations stay accurate.

—BIOS legacy mode. UEFI only.
—Built-in rescue shell. Menu only — diagnostic modules are chainloaded EFI applications, not a command prompt.
—GRUB-style config language. Policy is TOML; boot entries are BLS.