Quick Start
In this guide we will set up a general-purpose TLS verifier ( a.k.a. the Notary), so that a Prover can notarize some TLS data and generate a proof which he then shows to a Verifier for selective disclosure.
So this guide will take you through the steps of:
- starting a
Notaryserver - running a
Proverto notarize some web data - running a
Verifierto verify the notarized data
Preliminaries
Install rust
If you don't have rust installed yet, install it with rustup:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
Guide
Start a Notary server:
git clone https://github.com/tlsnotary/notary-server
cd notary-server
cargo run --release
The Notary server will now be running in the background waiting for connections from a Prover. You can switch to another console to run the Prover.
For more information on how to configure the Notary server, please refer to this.
Run a simple Prover:
git clone https://github.com/tlsnotary/tlsn
cd tlsn/tlsn/examples
cargo run --release --example simple_prover
The notarization session usually takes a few moments and the resulting proof will be written to the "proof.json" file. The proof can then be passed on to the Verifier for verification.
The simple_prover notarizes https://example.com and redacts the USER_AGENT HTTP header from the proof for the Verifier. You can change the code in tlsn/tlsn/examples/simple_prover.rs to meet your needs:
- change which server the
Proverconnects to - add or remove HTTP request headers
- redact other strings in the request or the response
⚠️ Please note that by default the Notary server expects that the cumulative size of the request and the server response is not more than 16KB.
Run a simple Verifier:
cargo run --release --example simple_verifier
This will verify the proof from the simple_prover (proof.json) and output the result to the console.
Note how the parts which the prover chose not to disclose will be shown as "X":
GET / HTTP/1.1
host: example.com
accept: */*
accept-encoding: identity
connection: close
user-agent: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX