In this guide we will set up a general-purpose TLS verifier ( a.k.a. the
Notary), so that a
Prover can notarize some TLS data and generate a proof which he then shows to a
Verifier for selective disclosure.
So this guide will take you through the steps of:
- starting a
- running a
Proverto notarize some web data
- running a
Verifierto verify the notarized data
If you don't have
rust installed yet, install it with rustup:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
git clone https://github.com/tlsnotary/notary-server cd notary-server cargo run --release
Notary server will now be running in the background waiting for connections from a
Prover. You can switch to another console to run the
For more information on how to configure the
Notary server, please refer to this.
git clone https://github.com/tlsnotary/tlsn cd tlsn/tlsn/examples cargo run --release --example simple_prover
The notarization session usually takes a few moments and the resulting proof will be written to the "proof.json" file. The proof can then be passed on to the
Verifier for verification.
simple_prover notarizes https://example.com and redacts the
USER_AGENT HTTP header from the proof for the
Verifier. You can change the code in
tlsn/tlsn/examples/simple_prover.rs to meet your needs:
- change which server the
- add or remove HTTP request headers
- redact other strings in the request or the response
⚠️ Please note that by default the
Notary server expects that the cumulative size of the request and the server response is not more than 16KB.
cargo run --release --example simple_verifier
This will verify the proof from the
proof.json) and output the result to the console.
Note how the parts which the prover chose not to disclose will be shown as "X":
GET / HTTP/1.1 host: example.com accept: */* accept-encoding: identity connection: close user-agent: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX