Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add local verification on plexi cli #15

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add local verification on plexi cli #15

wants to merge 1 commit into from

Conversation

thibmeu
Copy link
Collaborator

@thibmeu thibmeu commented Nov 28, 2024

This commit adds the ability to perform local validation of proof and signature with plexi.

You can run the following example

\# Set auditor validation key
PLEXI_VERIFYING_KEY="$(curl -sS https://plexi.key-transparency.cloudflare.com/info | jq -r '.keys[0].public_key')"

\# Download an akd proof
curl -sS https://d1tfr3x7n136ak.cloudfront.net/458298/5f02bf9c5526151669914c4b80a300870e583b6b32e2c537ee4fa4f589fe889d/3ae9497069cc722dc9e00f8251da87071646a57dae2fc7882f1d8214961d80bd > /tmp/proof

\# Retrieve epoch, and pass it to the local audit alongside the proof
curl -sS https://plexi.key-transparency.cloudflare.com/namespaces/whatsapp.key-transparency.v1/audits/458298 | cargo run -- local-audit --proof-path /tmp/proof --long

To do before merge

  • Add test with real data, possibly the above example. I need to find the right too in Rust to do this
  • Consider overloading plexi audit instead. If an input is present on stdin, or an input path is provided, it's local validation. This might be too complex
  • Consider printing the previous epoch infered from the provided consistency proof

Closes #12

cc @henrywang8atfbdotcom

@thibmeu thibmeu added the enhancement New feature or request label Nov 28, 2024
@thibmeu thibmeu self-assigned this Nov 28, 2024
@thibmeu
Add local verification on plexi cli
616aed7 
This commit adds the ability to perform local validation of proof and
signature with plexi.

You can run the following example
```
\# Set auditor validation key
PLEXI_VERIFYING_KEY="$(curl -sS https://plexi.key-transparency.cloudflare.com/info | jq -r '.keys[0].public_key')"

\# Download an akd proof
curl -sS https://d1tfr3x7n136ak.cloudfront.net/458298/5f02bf9c5526151669914c4b80a300870e583b6b32e2c537ee4fa4f589fe889d/3ae9497069cc722dc9e00f8251da87071646a57dae2fc7882f1d8214961d80bd > /tmp/proof

\# Retrieve epoch, and pass it to the local audit alongside the proof
curl -sS https://plexi.key-transparency.cloudflare.com/namespaces/whatsapp.key-transparency.v1/audits/458298 | cargo run -- local-audit --proof-path /tmp/proof --long
```

To do before merge
* Add test with real data, possibly the above example. I need to find
  the right too in Rust to do this
* Consider overloading `plexi audit` instead. If an input is present on
  stdin, or an input path is provided, it's local validation. This might
  be too complex
* Consider printing the previous epoch infered from the provided
  consistency proof

Closes cloudflare#12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mendess mendess mendess approved these changes

@fisherdarling fisherdarling Awaiting requested review from fisherdarling

@RageKnify RageKnify Awaiting requested review from RageKnify

Assignees

@thibmeu thibmeu

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Offline signature verification subcommand
2 participants
@thibmeu @mendess