AtHeartEngineer/docs-mdbook
1
0
Fork 0
mirror of https://github.com/AtHeartEngineer/docs-mdbook.git synced 2026-01-08 00:43:49 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #26 from tlsnotary/dev

Browse Source 
Dev
This commit is contained in:
Hendrik Eeckhaut
2023-08-30 18:39:11 +02:00
committed by GitHub
parent f75dae7b08 d04abb2a1a
commit 3b6ad59cfc
48 changed files with 1096 additions and 372 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.github/workflows/gh-pages.yml vendored
View File

@@ -7,6 +7,7 @@ on:
env:
mdbook-version: '0.4.32'
katex-version: '0.5.5'
linkcheck-version: '0.7.7'
jobs:
deploy:
@@ -14,7 +15,7 @@ jobs:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- name: Fetch mdbook-katex
uses: dsaltares/fetch-gh-release-asset@master
@@ -27,6 +28,19 @@ jobs:
- name: Install mdbook-katex
run: tar -xvf mdbook-katex-v${{env.katex-version}}-x86_64-unknown-linux-gnu.tar.gz -C /usr/local/bin
- name: Fetch mdbook-linkcheck
uses: dsaltares/fetch-gh-release-asset@master
with:
repo: Michael-F-Bryan/mdbook-linkcheck
version: tags/v${{env.linkcheck-version}}
file: "mdbook-linkcheck.x86_64-unknown-linux-gnu.zip"
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install mdbook-linkcheck
run: |
unzip mdbook-linkcheck.x86_64-unknown-linux-gnu.zip -d /usr/local/bin
chmod +x /usr/local/bin/mdbook-linkcheck
- name: Setup mdBook
uses: peaceiris/actions-mdbook@v1
with:

1
README.md
View File

@@ -7,6 +7,7 @@ Install mdbook and mdbook-katex
```bash
cargo install mdbook --version 0.4.32
cargo install mdbook-katex --version 0.5.5
cargo install mdbook-linkcheck
```
Then build and serve

8
book.toml
View File

@@ -8,6 +8,14 @@ title = "tlsn-docs"
[output.html]
default-theme = "ayu"
additional-css = ["src/css/katex.css", "src/css/global.css"]
use-site-url-as-root = true
git-repository-url = "https://github.com/tlsnotary/docs-mdbook"
edit-url-template = "https://github.com/tlsnotary/docs-mdbook/edit/main/{path}"
[output.linkcheck]
# Ignore warnings because of the many false-postives in katex formulas
warning-policy = "ignore"
[preprocessor.katex]
after = ["links"]

258
diagrams/data_provenance.drawio
View File

@@ -1,21 +1,176 @@
<mxfile host="Electron" modified="2023-08-01T12:50:38.332Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="tLbQ2Tcs3b02EW_tnZjy" version="21.6.5" type="device">
<mxfile host="Electron" modified="2023-08-09T14:52:17.995Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="NqjasaSU2jIBY4YZtYy6" version="21.6.5" type="device">
<diagram name="Page-1" id="E1Tv2Iv79u1PMs5fWFh_">
<mxGraphModel dx="748" dy="686" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<mxGraphModel dx="1147" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="HxEEL8P-OPklS3m3PPNj-46" value="No Data Provenance" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="160" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-47" value="Status Quo&amp;nbsp;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="500" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-48" value="Ultimate solution" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="330" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-11" value="TLSNotary" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="770" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-19" value="" style="group" parent="1" vertex="1" connectable="0">
<mxGeometry x="70" y="360" width="440" height="113" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-37" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-19" vertex="1">
<mxGeometry width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-39" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-19" vertex="1">
<mxGeometry x="160" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-40" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-19" vertex="1">
<mxGeometry x="320" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-38" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-19" source="HxEEL8P-OPklS3m3PPNj-39" target="HxEEL8P-OPklS3m3PPNj-40" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-49" value="ZKP" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-38" vertex="1" connectable="0">
<mxGeometry x="-0.2352" y="1" relative="1" as="geometry">
<mxPoint x="12" y="-9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-41" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="0T9UpzUMcqbGcj6tkd16-19" source="HxEEL8P-OPklS3m3PPNj-37" target="HxEEL8P-OPklS3m3PPNj-39" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="340" y="170" as="sourcePoint" />
<mxPoint x="390" y="120" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-42" value="Improved TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-41" vertex="1" connectable="0">
<mxGeometry x="-0.1464" y="-1" relative="1" as="geometry">
<mxPoint x="7" y="-11" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-43" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="0T9UpzUMcqbGcj6tkd16-19" vertex="1">
<mxGeometry x="80" y="40" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-44" value="🔐redacted&lt;br&gt;signed&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="0T9UpzUMcqbGcj6tkd16-19" vertex="1">
<mxGeometry x="240" y="40" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-45" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Only required info&amp;nbsp;✅&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="0T9UpzUMcqbGcj6tkd16-19" vertex="1">
<mxGeometry x="276" y="53" width="164" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-21" value="" style="group" parent="1" vertex="1" connectable="0">
<mxGeometry x="70" y="800" width="440" height="182" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-1" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry y="59" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-4" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="160" y="59" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-5" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="320" y="59" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-2" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-4" target="0T9UpzUMcqbGcj6tkd16-5" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-3" value="ZKP" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="0T9UpzUMcqbGcj6tkd16-2" vertex="1" connectable="0">
<mxGeometry x="-0.2352" y="1" relative="1" as="geometry">
<mxPoint x="12" y="-9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-8" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="82.5" y="112" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-9" value="🔐redacted&lt;br&gt;signed&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="240" y="99" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-10" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Only required info&amp;nbsp;✅&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="276" y="112" width="164" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-12" value="Notary" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="80" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-16" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-14" target="0T9UpzUMcqbGcj6tkd16-4" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-14" value="Multi-party TLS" style="rounded=1;whiteSpace=wrap;html=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="77.5" y="74" width="65" height="30" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-15" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-1" target="0T9UpzUMcqbGcj6tkd16-14" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-17" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;startArrow=none;startFill=0;endArrow=none;endFill=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-12" target="0T9UpzUMcqbGcj6tkd16-14" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-18" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Too much info&amp;nbsp;&lt;/span&gt;⁉️&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="350" y="705" width="136" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-24" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="645" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-25" style="rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-24" target="HxEEL8P-OPklS3m3PPNj-28" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-26" value="TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-25" vertex="1" connectable="0">
<mxGeometry x="-0.1121" y="2" relative="1" as="geometry">
<mxPoint x="6" y="-8" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-27" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="535" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-28" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="645" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-29" value="" style="endArrow=none;html=1;rounded=0;startArrow=classic;startFill=1;endFill=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-27" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="110" y="575" as="sourcePoint" />
<mxPoint x="450" y="665" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-30" value="grant access&lt;br&gt;to User B" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-29" vertex="1" connectable="0">
<mxGeometry x="-0.0036" y="-1" relative="1" as="geometry">
<mxPoint y="-19" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-32" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;startArrow=classic;startFill=1;endArrow=none;endFill=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-24" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="2jyW2hphGHJ1HJf9qghL-2" value="delegate&lt;br&gt;access control" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=11;fontFamily=Helvetica;" parent="HxEEL8P-OPklS3m3PPNj-32" vertex="1" connectable="0">
<mxGeometry x="0.24" y="2" relative="1" as="geometry">
<mxPoint x="-4" y="-3" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-33" value="OAuth&lt;br&gt;Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="535" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-34" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;censoring possible&lt;/span&gt;&amp;nbsp;⁉️&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;sees all requests&lt;/span&gt;&amp;nbsp;⁉️&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="266" y="535" width="148" height="40" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-13" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="700" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="2jyW2hphGHJ1HJf9qghL-3" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0;entryY=0;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-28" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="310" y="645" as="sourcePoint" />
<mxPoint x="360" y="595" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="2jyW2hphGHJ1HJf9qghL-4" value="access token" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="2jyW2hphGHJ1HJf9qghL-3" vertex="1" connectable="0">
<mxGeometry x="0.2378" relative="1" as="geometry">
<mxPoint x="16" y="-23" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-1" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="190" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-5" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-2" target="HxEEL8P-OPklS3m3PPNj-3" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-2" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="190" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-3" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="190" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-5" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-2" target="HxEEL8P-OPklS3m3PPNj-3" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-4" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-1" target="HxEEL8P-OPklS3m3PPNj-2" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="410" y="360" as="sourcePoint" />
@@ -27,103 +182,14 @@
<mxPoint y="-11" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-7" value="data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="150" y="230" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-8" value="data&lt;br&gt;⁉️" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="230" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-9" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;Authenticity ⁉️&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity ⁉️&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Too much info&amp;nbsp;&lt;/span&gt;⁉️&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="346" y="250" width="136" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-18" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Too much info&amp;nbsp;&lt;/span&gt;⁉️&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="350" y="525" width="136" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-24" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="465" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-25" style="rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-24" target="HxEEL8P-OPklS3m3PPNj-28" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-26" value="TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-25" vertex="1" connectable="0">
<mxGeometry x="-0.1121" y="2" relative="1" as="geometry">
<mxPoint x="6" y="-8" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-27" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="355" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-28" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="465" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-29" value="" style="endArrow=none;html=1;rounded=0;startArrow=classic;startFill=1;endFill=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-27" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="110" y="395" as="sourcePoint" />
<mxPoint x="450" y="485" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-30" value="grant access" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-29" vertex="1" connectable="0">
<mxGeometry x="-0.0036" y="-1" relative="1" as="geometry">
<mxPoint y="-13" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-31" value="data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="505" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-32" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-24" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-33" value="OAuth&lt;br&gt;Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="355" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-34" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;censoring possible&lt;/span&gt;&amp;nbsp;⁉️&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;sees all requests&lt;/span&gt;&amp;nbsp;⁉️&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="272" y="365" width="148" height="40" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-37" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="620" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-38" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-39" target="HxEEL8P-OPklS3m3PPNj-40" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-49" value="ZKP" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-38" vertex="1" connectable="0">
<mxGeometry x="-0.2352" y="1" relative="1" as="geometry">
<mxPoint x="12" y="-9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-39" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="620" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-40" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="620" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-41" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-37" target="HxEEL8P-OPklS3m3PPNj-39" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="410" y="790" as="sourcePoint" />
<mxPoint x="460" y="740" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-42" value="TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-41" vertex="1" connectable="0">
<mxGeometry x="-0.1464" y="-1" relative="1" as="geometry">
<mxPoint y="-11" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-43" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="150" y="660" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-44" value="🔐redacted&lt;br&gt;signed&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="660" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-45" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Only required info&amp;nbsp;✅&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="346" y="673" width="164" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-46" value="No Data Provenance" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="160" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-47" value="Status Quo&amp;nbsp;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="325" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-48" value="Desired solution" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="590" width="120" height="20" as="geometry" />
<mxCell id="xLXuI-9Z-1ACPAXbHEKi-2" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" vertex="1" parent="1">
<mxGeometry x="150" y="230" width="60" height="70" as="geometry" />
</mxCell>
</root>
</mxGraphModel>

45
diagrams/data_provenance_none.drawio Normal file
View File

@@ -0,0 +1,45 @@
<mxfile host="Electron" modified="2023-08-09T14:49:28.598Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="BljyHpgYGZyHBjyEc3Ql" version="21.6.5" type="device">
<diagram name="Page-1" id="E1Tv2Iv79u1PMs5fWFh_">
<mxGraphModel dx="1147" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="HxEEL8P-OPklS3m3PPNj-46" value="No Data Provenance" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="160" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-1" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="190" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-2" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="190" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-3" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="190" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-5" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-2" target="HxEEL8P-OPklS3m3PPNj-3" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-4" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-1" target="HxEEL8P-OPklS3m3PPNj-2" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="410" y="360" as="sourcePoint" />
<mxPoint x="460" y="310" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-6" value="TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-4" vertex="1" connectable="0">
<mxGeometry x="-0.1464" y="-1" relative="1" as="geometry">
<mxPoint y="-11" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-8" value="&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;⁉️" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="230" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-9" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;Authenticity ⁉️&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity ⁉️&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Too much info&amp;nbsp;&lt;/span&gt;⁉️&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="346" y="250" width="136" height="60" as="geometry" />
</mxCell>
<mxCell id="wdAgGlkL8JTToDsr7vY7-1" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" vertex="1" parent="1">
<mxGeometry x="150" y="230" width="60" height="70" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

72
diagrams/data_provenance_oauth.drawio Normal file
View File

@@ -0,0 +1,72 @@
<mxfile host="Electron" modified="2023-08-09T14:50:21.243Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="8CA9WD2HNZcInVXD9QXr" version="21.6.5" type="device">
<diagram name="Page-1" id="E1Tv2Iv79u1PMs5fWFh_">
<mxGraphModel dx="1147" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="HxEEL8P-OPklS3m3PPNj-47" value="Status Quo&amp;nbsp;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="500" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-18" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;Too much info&amp;nbsp;&lt;/span&gt;⁉️&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="350" y="705" width="136" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-24" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="645" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-25" style="rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-24" target="HxEEL8P-OPklS3m3PPNj-28" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-26" value="TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-25" vertex="1" connectable="0">
<mxGeometry x="-0.1121" y="2" relative="1" as="geometry">
<mxPoint x="6" y="-8" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-27" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="535" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-28" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="645" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-29" value="" style="endArrow=none;html=1;rounded=0;startArrow=classic;startFill=1;endFill=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-27" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="110" y="575" as="sourcePoint" />
<mxPoint x="450" y="665" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-30" value="grant access&lt;br&gt;to User B" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-29" vertex="1" connectable="0">
<mxGeometry x="-0.0036" y="-1" relative="1" as="geometry">
<mxPoint y="-19" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-32" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;startArrow=classic;startFill=1;endArrow=none;endFill=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-24" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="2jyW2hphGHJ1HJf9qghL-2" value="delegate&lt;br&gt;access control" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=11;fontFamily=Helvetica;" parent="HxEEL8P-OPklS3m3PPNj-32" vertex="1" connectable="0">
<mxGeometry x="0.24" y="2" relative="1" as="geometry">
<mxPoint x="-4" y="-3" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-33" value="OAuth&lt;br&gt;Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="535" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-34" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;censoring possible&lt;/span&gt;&amp;nbsp;⁉️&lt;/li&gt;&lt;li&gt;&lt;span style=&quot;background-color: initial;&quot;&gt;sees all requests&lt;/span&gt;&amp;nbsp;⁉️&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="266" y="535" width="148" height="40" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-13" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="700" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="2jyW2hphGHJ1HJf9qghL-3" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0;entryY=0;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-33" target="HxEEL8P-OPklS3m3PPNj-28" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="310" y="645" as="sourcePoint" />
<mxPoint x="360" y="595" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="2jyW2hphGHJ1HJf9qghL-4" value="access token" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="2jyW2hphGHJ1HJf9qghL-3" vertex="1" connectable="0">
<mxGeometry x="0.2378" relative="1" as="geometry">
<mxPoint x="16" y="-23" as="offset" />
</mxGeometry>
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

57
diagrams/data_provenance_tlsn.drawio Normal file
View File

@@ -0,0 +1,57 @@
<mxfile host="Electron" modified="2023-08-09T14:52:31.961Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="Uajk46rHwX3sd1RRm5jE" version="21.6.5" type="device">
<diagram name="Page-1" id="E1Tv2Iv79u1PMs5fWFh_">
<mxGraphModel dx="1147" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="0T9UpzUMcqbGcj6tkd16-11" value="TLSNotary" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="770" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-21" value="" style="group" parent="1" vertex="1" connectable="0">
<mxGeometry x="70" y="800" width="440" height="182" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-1" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry y="59" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-4" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="160" y="59" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-5" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="320" y="59" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-2" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-4" target="0T9UpzUMcqbGcj6tkd16-5" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-3" value="ZKP" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="0T9UpzUMcqbGcj6tkd16-2" vertex="1" connectable="0">
<mxGeometry x="-0.2352" y="1" relative="1" as="geometry">
<mxPoint x="12" y="-9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-8" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="82.5" y="112" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-9" value="🔐redacted&lt;br&gt;signed&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="240" y="99" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-10" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Only required info&amp;nbsp;✅&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="276" y="112" width="164" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-12" value="Notary" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="80" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-16" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-14" target="0T9UpzUMcqbGcj6tkd16-4" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-14" value="Multi-party TLS" style="rounded=1;whiteSpace=wrap;html=1;" parent="0T9UpzUMcqbGcj6tkd16-21" vertex="1">
<mxGeometry x="77.5" y="74" width="65" height="30" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-15" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-1" target="0T9UpzUMcqbGcj6tkd16-14" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="0T9UpzUMcqbGcj6tkd16-17" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;startArrow=none;startFill=0;endArrow=none;endFill=0;" parent="0T9UpzUMcqbGcj6tkd16-21" source="0T9UpzUMcqbGcj6tkd16-12" target="0T9UpzUMcqbGcj6tkd16-14" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

50
diagrams/data_provenance_ultimate.drawio Normal file
View File

@@ -0,0 +1,50 @@
<mxfile host="Electron" modified="2023-08-09T14:49:57.054Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="rqZKAff3CXJAv7pPpWkT" version="21.6.5" type="device">
<diagram name="Page-1" id="E1Tv2Iv79u1PMs5fWFh_">
<mxGraphModel dx="1147" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="HxEEL8P-OPklS3m3PPNj-48" value="Ultimate solution" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="70" y="330" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-37" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="70" y="360" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-39" value="User A" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="230" y="360" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-40" value="User B" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="390" y="360" width="60" height="60" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-38" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-39" target="HxEEL8P-OPklS3m3PPNj-40" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-49" value="ZKP" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-38" vertex="1" connectable="0">
<mxGeometry x="-0.2352" y="1" relative="1" as="geometry">
<mxPoint x="12" y="-9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-41" value="" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="HxEEL8P-OPklS3m3PPNj-37" target="HxEEL8P-OPklS3m3PPNj-39" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="410" y="530" as="sourcePoint" />
<mxPoint x="460" y="480" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-42" value="Improved TLS" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="HxEEL8P-OPklS3m3PPNj-41" vertex="1" connectable="0">
<mxGeometry x="-0.1464" y="-1" relative="1" as="geometry">
<mxPoint x="7" y="-11" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-43" value="🔐&lt;br&gt;signed&lt;br&gt;data&lt;br&gt;" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="150" y="400" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-44" value="🔐redacted&lt;br&gt;signed&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;data" style="shape=note;whiteSpace=wrap;html=1;backgroundOutline=1;darkOpacity=0.05;size=17;" parent="1" vertex="1">
<mxGeometry x="310" y="400" width="60" height="70" as="geometry" />
</mxCell>
<mxCell id="HxEEL8P-OPklS3m3PPNj-45" value="&lt;ul style=&quot;font-size: 11px;&quot;&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Authenticity ✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Integrity&amp;nbsp;✅&lt;/li&gt;&lt;li style=&quot;border-color: var(--border-color);&quot;&gt;Only required info&amp;nbsp;✅&lt;br&gt;&lt;/li&gt;&lt;/ul&gt;" style="rounded=0;whiteSpace=wrap;html=1;align=left;fillColor=none;strokeColor=none;horizontal=1;" parent="1" vertex="1">
<mxGeometry x="346" y="413" width="164" height="60" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

293
diagrams/overview.drawio
View File

@@ -1,196 +1,201 @@
<mxfile host="Electron" modified="2023-08-01T13:32:38.607Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="J53KrDbPkxDRDJ4fZzPF" version="21.6.5" type="device">
<mxfile host="Electron" modified="2023-08-03T09:27:28.067Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="hTLg8wOhsqTRZDaZwdFx" version="21.6.5" type="device">
<diagram id="Ta_ITRcVz4Bdm_ywW9Xz" name="Page-1">
<mxGraphModel dx="1309" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="1700" pageHeight="1100" math="0" shadow="0">
<mxGraphModel dx="1392" dy="828" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="1700" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="lWufevYBVzTER42Q3oKB-60" value="" style="group" parent="1" vertex="1" connectable="0">
<mxGeometry x="540" y="120" width="460" height="470" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-35" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="lWufevYBVzTER42Q3oKB-60" vertex="1">
<mxGeometry width="460" height="470" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-36" value="Notarization Phase" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=21;" parent="lWufevYBVzTER42Q3oKB-60" vertex="1">
<mxGeometry x="130" y="10" width="200" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-55" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=12;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="lWufevYBVzTER42Q3oKB-60" source="lWufevYBVzTER42Q3oKB-38" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="160" y="234.75862068965512" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-38" value="&lt;b&gt;Notary&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="lWufevYBVzTER42Q3oKB-60" vertex="1">
<mxGeometry x="40" y="195" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-47" value="&lt;b&gt;User&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="lWufevYBVzTER42Q3oKB-60" vertex="1">
<mxGeometry x="340" y="195" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-53" value="" style="group" parent="lWufevYBVzTER42Q3oKB-60" vertex="1" connectable="0">
<mxGeometry x="160" y="90" width="150" height="290" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-49" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=21;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry width="140" height="290" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-50" value="Notarized Transcript" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;fontStyle=1" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="5" width="130" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-41" value="" style="rounded=0;whiteSpace=wrap;html=1;align=left;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="10" y="40" width="120" height="160" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-42" value="&lt;b&gt;Transcript&lt;/b&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="20" y="40" width="100" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-43" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="20" y="100" width="100" height="90" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-44" value="Encrypted Data" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="25" y="70" width="90" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-45" value="1010101010101&lt;br&gt;0101010101010&lt;br&gt;1010101110101&lt;br&gt;0101010010101&lt;br&gt;0010101010101&lt;br&gt;0101011001011" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;rounded=0;whiteSpace=wrap;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="40" y="100" width="60" height="90" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-51" value="&lt;b&gt;Signature&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="10" y="250" width="120" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-52" value="&lt;b&gt;Metadata&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="10" y="210" width="120" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-48" value="" style="sketch=0;html=1;aspect=fixed;strokeColor=none;shadow=0;align=center;verticalAlign=top;fillColor=#2D9C5E;shape=mxgraph.gcp2.check;fontSize=21;" parent="lWufevYBVzTER42Q3oKB-53" vertex="1">
<mxGeometry x="100" y="30" width="50" height="40" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-56" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="lWufevYBVzTER42Q3oKB-60" source="lWufevYBVzTER42Q3oKB-49" target="lWufevYBVzTER42Q3oKB-47" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-63" value="" style="shape=singleArrow;whiteSpace=wrap;html=1;fontSize=12;arrowWidth=0.45714285714285713;arrowSize=0.58;fillColor=#CCCCCC;" parent="1" vertex="1">
<mxGeometry x="480" y="320" width="50" height="70" as="geometry" />
<mxCell id="7FoGzQ1kGSNo0XInAhHn-1" value="" style="shape=singleArrow;whiteSpace=wrap;html=1;fontSize=12;arrowWidth=0.45714285714285713;arrowSize=0.58;fillColor=#CCCCCC;" parent="1" vertex="1">
<mxGeometry x="510" y="415" width="50" height="70" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-57" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="1070" y="120" width="600" height="470" as="geometry" />
<mxGeometry x="580" y="140" width="540" height="590" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-58" value="Selective Disclosure Phase" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=21;" parent="1" vertex="1">
<mxGeometry x="1229.9969565217389" y="130" width="327.8260869565217" height="30" as="geometry" />
<mxGeometry x="686.0869565217389" y="150" width="327.8260869565217" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-4" value="&lt;b&gt;Verifier&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="1569.9991304347825" y="310" width="80" height="80" as="geometry" />
<mxCell id="n7Sm2ovnSprmrU6ltvT2-32" value="" style="group" vertex="1" connectable="0" parent="1">
<mxGeometry x="600.0017391304348" y="335" width="499.99739130434773" height="230" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-111" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="1" source="lWufevYBVzTER42Q3oKB-87" target="lWufevYBVzTER42Q3oKB-90" edge="1">
<mxCell id="n7Sm2ovnSprmrU6ltvT2-27" value="&lt;b style=&quot;border-color: var(--border-color);&quot;&gt;ZK Proof&lt;/b&gt;" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="309.99826086956523" y="92.5" width="80" height="35" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-112" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;exitX=1;exitY=0.5;exitDx=0;exitDy=0;" parent="n7Sm2ovnSprmrU6ltvT2-32" source="n7Sm2ovnSprmrU6ltvT2-27" target="lWufevYBVzTER42Q3oKB-4" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-87" value="&lt;b&gt;User&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="1090.0017391304348" y="315" width="80" height="80" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-4" value="&lt;b&gt;Verifier&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="n7Sm2ovnSprmrU6ltvT2-32" vertex="1">
<mxGeometry x="419.99739130434773" y="70" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-112" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="1" source="lWufevYBVzTER42Q3oKB-100" target="lWufevYBVzTER42Q3oKB-4" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-90" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=21;" parent="1" vertex="1">
<mxGeometry x="1200" y="210" width="140" height="290" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-91" value="Notarized Transcript" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;fontStyle=1" parent="1" vertex="1">
<mxGeometry x="1205" y="210" width="130" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-92" value="" style="rounded=0;whiteSpace=wrap;html=1;align=left;" parent="1" vertex="1">
<mxGeometry x="1210" y="250" width="120" height="160" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-93" value="&lt;b&gt;Transcript&lt;/b&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
<mxGeometry x="1220" y="250" width="100" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-94" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1220" y="310" width="100" height="90" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-95" value="Encrypted Data" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
<mxGeometry x="1225" y="280" width="90" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-96" value="&lt;font color=&quot;#cccccc&quot;&gt;1010101010101&lt;br&gt;0101010101010&lt;br&gt;1010&lt;/font&gt;&lt;b&gt;1011101&lt;/b&gt;&lt;font color=&quot;#cccccc&quot;&gt;01&lt;br&gt;0101010010101&lt;br&gt;0010101010101&lt;br&gt;0101011001011&lt;/font&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;rounded=0;whiteSpace=wrap;" parent="1" vertex="1">
<mxGeometry x="1240" y="310" width="60" height="90" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-97" value="&lt;b&gt;Signature&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1210" y="460" width="120" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-106" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="1" source="lWufevYBVzTER42Q3oKB-98" edge="1">
<mxCell id="lWufevYBVzTER42Q3oKB-111" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="n7Sm2ovnSprmrU6ltvT2-32" source="lWufevYBVzTER42Q3oKB-87" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="1470" y="350" as="targetPoint" />
<Array as="points">
<mxPoint x="1370" y="435" />
<mxPoint x="1370" y="350" />
</Array>
<mxPoint x="109.99826086956523" y="115" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-98" value="&lt;b&gt;Metadata&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="1" vertex="1">
<mxGeometry x="1210" y="420" width="120" height="30" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-87" value="&lt;b&gt;User&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="n7Sm2ovnSprmrU6ltvT2-32" vertex="1">
<mxGeometry y="75" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-100" value="&lt;b&gt;ZK Proof&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;fillColor=default;" parent="1" vertex="1">
<mxGeometry x="1410" y="320" width="120" height="60" as="geometry" />
<mxCell id="n7Sm2ovnSprmrU6ltvT2-10" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=21;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="109.99826086956523" width="140" height="230" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-107" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="1" source="lWufevYBVzTER42Q3oKB-97" target="lWufevYBVzTER42Q3oKB-100" edge="1">
<mxCell id="n7Sm2ovnSprmrU6ltvT2-11" value="Notarized Transcript" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;fontStyle=1" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="114.99826086956523" width="130" height="28.965517241379313" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-12" value="" style="rounded=0;whiteSpace=wrap;html=1;align=left;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="119.99826086956523" y="38.620000000000005" width="120" height="121.38" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-13" value="&lt;b&gt;Transcript&lt;/b&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="129.99826086956523" y="38.62068965517244" width="100" height="28.965517241379313" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-14" value="&lt;font color=&quot;#cccccc&quot;&gt;1010101010101&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;0101&lt;/font&gt;&lt;font color=&quot;#080808&quot;&gt;&lt;b&gt;0101010&lt;/b&gt;&lt;/font&gt;&lt;font color=&quot;#cccccc&quot;&gt;10&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;1010101110101&lt;/font&gt;" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="129.99826086956523" y="96.54999999999995" width="100" height="53.45" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-15" value="Encrypted Data" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="134.99826086956523" y="67.58620689655174" width="90" height="28.965517241379313" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-16" value="&lt;b&gt;Signature&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="119.99826086956523" y="200" width="120" height="21.38" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-17" value="&lt;b&gt;Metadata&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="119.99826086956523" y="170" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-107" style="edgeStyle=elbowEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;" parent="n7Sm2ovnSprmrU6ltvT2-32" source="n7Sm2ovnSprmrU6ltvT2-16" target="n7Sm2ovnSprmrU6ltvT2-27" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1370" y="475" />
<mxPoint x="1370" y="350" />
<mxPoint x="279.99826086956523" y="155" />
</Array>
<mxPoint x="239.99826086956523" y="235" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-105" value="" style="endArrow=classic;html=1;rounded=0;fontSize=12;fontColor=#000000;fillColor=#000000;edgeStyle=orthogonalEdgeStyle;entryX=0;entryY=0.5;entryDx=0;entryDy=0;exitX=1;exitY=0.444;exitDx=0;exitDy=0;exitPerimeter=0;" parent="1" source="lWufevYBVzTER42Q3oKB-96" target="lWufevYBVzTER42Q3oKB-100" edge="1">
<mxCell id="lWufevYBVzTER42Q3oKB-106" style="edgeStyle=elbowEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;fontSize=12;fontColor=#000000;startArrow=none;startFill=0;endArrow=classic;endFill=1;fillColor=#000000;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="n7Sm2ovnSprmrU6ltvT2-32" source="n7Sm2ovnSprmrU6ltvT2-17" edge="1" target="n7Sm2ovnSprmrU6ltvT2-27">
<mxGeometry relative="1" as="geometry">
<mxPoint x="319.99826086956523" y="110" as="targetPoint" />
<Array as="points">
<mxPoint x="279.99826086956523" y="145" />
</Array>
<mxPoint x="239.99826086956523" y="195.0344827586207" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-105" value="" style="endArrow=classic;html=1;rounded=0;fontSize=12;fontColor=#000000;fillColor=#000000;edgeStyle=elbowEdgeStyle;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="n7Sm2ovnSprmrU6ltvT2-32" source="n7Sm2ovnSprmrU6ltvT2-22" target="n7Sm2ovnSprmrU6ltvT2-27" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="920" y="370" as="sourcePoint" />
<mxPoint x="970" y="320" as="targetPoint" />
<mxPoint x="209.99826086956523" y="109.96000000000004" as="sourcePoint" />
<mxPoint x="319.99826086956523" y="175" as="targetPoint" />
<Array as="points">
<mxPoint x="279.99826086956523" y="115" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="7FoGzQ1kGSNo0XInAhHn-1" value="" style="shape=singleArrow;whiteSpace=wrap;html=1;fontSize=12;arrowWidth=0.45714285714285713;arrowSize=0.58;fillColor=#CCCCCC;" vertex="1" parent="1">
<mxGeometry x="1010" y="320" width="50" height="70" as="geometry" />
<mxCell id="n7Sm2ovnSprmrU6ltvT2-22" value="&lt;b style=&quot;border-color: var(--border-color); color: rgb(8, 8, 8); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; letter-spacing: normal; orphans: 2; text-align: center; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;&quot;&gt;0&lt;/b&gt;" style="text;whiteSpace=wrap;html=1;fillColor=none;textOpacity=0;" vertex="1" parent="n7Sm2ovnSprmrU6ltvT2-32">
<mxGeometry x="201.99826086956523" y="118.26999999999998" width="9" height="10" as="geometry" />
</mxCell>
<mxCell id="7FoGzQ1kGSNo0XInAhHn-2" value="" style="group" vertex="1" connectable="0" parent="1">
<mxGeometry x="30" y="120" width="440" height="470" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-31" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;container=0;" parent="1" vertex="1">
<mxGeometry x="20" y="140" width="470" height="590" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-31" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="7FoGzQ1kGSNo0XInAhHn-2" vertex="1">
<mxGeometry width="440" height="470" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-1" value="&lt;b&gt;Server&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="40" y="198" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-33" value="Request Phase" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=21;" parent="7FoGzQ1kGSNo0XInAhHn-2" vertex="1">
<mxGeometry x="120" y="10" width="200" height="30" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-2" value="&lt;b&gt;User&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="200" y="198" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-1" value="&lt;b&gt;Server&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="7FoGzQ1kGSNo0XInAhHn-2" vertex="1">
<mxGeometry x="20" y="80" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-2" value="&lt;b&gt;User&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="7FoGzQ1kGSNo0XInAhHn-2" vertex="1">
<mxGeometry x="180" y="80" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-23" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;startArrow=classic;startFill=1;endArrow=classic;endFill=1;" parent="7FoGzQ1kGSNo0XInAhHn-2" source="lWufevYBVzTER42Q3oKB-1" target="lWufevYBVzTER42Q3oKB-2" edge="1">
<mxCell id="lWufevYBVzTER42Q3oKB-23" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;startArrow=classic;startFill=1;endArrow=classic;endFill=1;" parent="1" source="lWufevYBVzTER42Q3oKB-1" target="lWufevYBVzTER42Q3oKB-2" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-29" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=1;entryY=0.5;entryDx=0;entryDy=0;startArrow=classic;startFill=1;endArrow=classic;endFill=1;" parent="7FoGzQ1kGSNo0XInAhHn-2" source="lWufevYBVzTER42Q3oKB-3" target="lWufevYBVzTER42Q3oKB-2" edge="1">
<mxCell id="lWufevYBVzTER42Q3oKB-29" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=1;entryY=0.5;entryDx=0;entryDy=0;startArrow=classic;startFill=1;endArrow=classic;endFill=1;" parent="1" source="lWufevYBVzTER42Q3oKB-3" target="lWufevYBVzTER42Q3oKB-2" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-3" value="&lt;b&gt;Notary&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="7FoGzQ1kGSNo0XInAhHn-2" vertex="1">
<mxGeometry x="340" y="80" width="80" height="80" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-3" value="&lt;b&gt;Notary&lt;/b&gt;" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;" parent="1" vertex="1">
<mxGeometry x="360" y="198" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-30" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;startArrow=classic;startFill=1;endArrow=none;endFill=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" parent="7FoGzQ1kGSNo0XInAhHn-2" source="lWufevYBVzTER42Q3oKB-11" edge="1">
<mxCell id="lWufevYBVzTER42Q3oKB-30" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;startArrow=classic;startFill=1;endArrow=none;endFill=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" parent="1" source="n7Sm2ovnSprmrU6ltvT2-34" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="300" y="120" as="targetPoint" />
<mxPoint x="320" y="238" as="targetPoint" />
<mxPoint x="240" y="343" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-24" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;startArrow=classic;startFill=1;endArrow=none;endFill=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" parent="7FoGzQ1kGSNo0XInAhHn-2" source="lWufevYBVzTER42Q3oKB-11" edge="1">
<mxCell id="lWufevYBVzTER42Q3oKB-24" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;startArrow=classic;startFill=1;endArrow=none;endFill=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" parent="1" source="n7Sm2ovnSprmrU6ltvT2-34" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="140" y="120" as="targetPoint" />
<mxPoint x="160" y="238" as="targetPoint" />
<mxPoint x="240" y="343" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-39" value="" style="group" parent="7FoGzQ1kGSNo0XInAhHn-2" vertex="1" connectable="0">
<mxGeometry x="160" y="230" width="120" height="160" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-32" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;startArrow=none;startFill=0;endArrow=none;endFill=0;" parent="1" source="lWufevYBVzTER42Q3oKB-2" target="n7Sm2ovnSprmrU6ltvT2-34" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-10" value="" style="rounded=0;whiteSpace=wrap;html=1;align=left;" parent="lWufevYBVzTER42Q3oKB-39" vertex="1">
<mxGeometry width="120" height="160" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-36" value="Notarization Phase" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1;fontSize=21;" parent="1" vertex="1">
<mxGeometry x="140" y="145.31914893617022" width="200" height="45.95744680851064" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-11" value="Transcript" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1" parent="lWufevYBVzTER42Q3oKB-39" vertex="1">
<mxCell id="n7Sm2ovnSprmrU6ltvT2-3" style="edgeStyle=elbowEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1" source="n7Sm2ovnSprmrU6ltvT2-34" target="lWufevYBVzTER42Q3oKB-10">
<mxGeometry relative="1" as="geometry">
<mxPoint x="340" y="388" as="targetPoint" />
<mxPoint x="270" y="358" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-8" value="" style="group" vertex="1" connectable="0" parent="1">
<mxGeometry x="330" y="485" width="140" height="230" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-49" value="" style="rounded=0;whiteSpace=wrap;html=1;fontSize=21;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry width="140" height="230" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-50" value="Notarized Transcript" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=12;fontStyle=1" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="5" width="130" height="28.965517241379313" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-41" value="" style="rounded=0;whiteSpace=wrap;html=1;align=left;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="10" y="38.620000000000005" width="120" height="121.38" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-42" value="&lt;b&gt;Transcript&lt;/b&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="20" y="38.62068965517244" width="100" height="28.965517241379313" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-43" value="1010101010101&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;0101010101010&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;1010101110101" style="rounded=0;whiteSpace=wrap;html=1;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="20" y="96.54999999999995" width="100" height="53.45" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-44" value="Encrypted Data" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="25" y="67.58620689655174" width="90" height="28.965517241379313" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-51" value="&lt;b&gt;Signature&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="10" y="200" width="120" height="21.38" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-52" value="&lt;b&gt;Metadata&lt;/b&gt;" style="rounded=0;whiteSpace=wrap;html=1;fontSize=12;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="10" y="170" width="120" height="20" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-48" value="" style="sketch=0;html=1;aspect=fixed;strokeColor=none;shadow=0;align=center;verticalAlign=top;fillColor=#2D9C5E;shape=mxgraph.gcp2.check;fontSize=21;" parent="n7Sm2ovnSprmrU6ltvT2-8" vertex="1">
<mxGeometry x="100" y="38.620000000000005" width="27.97" height="22.38" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-6" value="" style="group" vertex="1" connectable="0" parent="1">
<mxGeometry x="340" y="285" width="120" height="120" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-10" value="" style="rounded=0;whiteSpace=wrap;html=1;align=left;" parent="n7Sm2ovnSprmrU6ltvT2-6" vertex="1">
<mxGeometry width="120" height="120" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-11" value="Transcript" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontStyle=1" parent="n7Sm2ovnSprmrU6ltvT2-6" vertex="1">
<mxGeometry x="10" width="100" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-26" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="lWufevYBVzTER42Q3oKB-39" vertex="1">
<mxGeometry x="10" y="60" width="100" height="90" as="geometry" />
<mxCell id="lWufevYBVzTER42Q3oKB-26" value="1010101010101&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;0101010101010&lt;br style=&quot;border-color: var(--border-color);&quot;&gt;1010101110101" style="rounded=0;whiteSpace=wrap;html=1;" parent="n7Sm2ovnSprmrU6ltvT2-6" vertex="1">
<mxGeometry x="10" y="60" width="100" height="50" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-27" value="Encrypted Data" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="lWufevYBVzTER42Q3oKB-39" vertex="1">
<mxCell id="lWufevYBVzTER42Q3oKB-27" value="Encrypted Data" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="n7Sm2ovnSprmrU6ltvT2-6" vertex="1">
<mxGeometry x="15" y="30" width="90" height="30" as="geometry" />
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-28" value="1010101010101&lt;br&gt;0101010101010&lt;br&gt;1010101110101&lt;br&gt;0101010010101&lt;br&gt;0010101010101&lt;br&gt;0101011001011" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;rounded=0;whiteSpace=wrap;" parent="lWufevYBVzTER42Q3oKB-39" vertex="1">
<mxGeometry x="30" y="60" width="60" height="90" as="geometry" />
<mxCell id="n7Sm2ovnSprmrU6ltvT2-26" value="" style="endArrow=classic;html=1;rounded=0;" edge="1" parent="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="330" y="582.8" as="sourcePoint" />
<mxPoint x="250" y="583" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="lWufevYBVzTER42Q3oKB-32" style="edgeStyle=orthogonalEdgeStyle;curved=1;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;startArrow=none;startFill=0;endArrow=none;endFill=0;" parent="7FoGzQ1kGSNo0XInAhHn-2" source="lWufevYBVzTER42Q3oKB-2" target="lWufevYBVzTER42Q3oKB-11" edge="1">
<mxGeometry relative="1" as="geometry" />
<mxCell id="n7Sm2ovnSprmrU6ltvT2-33" value="&lt;b style=&quot;border-color: var(--border-color);&quot;&gt;Notarize&lt;/b&gt;" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="360" y="430" width="80" height="35" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-34" value="&lt;b style=&quot;border-color: var(--border-color);&quot;&gt;Multi-party request&lt;/b&gt;" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxGeometry x="200" y="327.5" width="80" height="35" as="geometry" />
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-35" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" edge="1" parent="1" source="lWufevYBVzTER42Q3oKB-10" target="n7Sm2ovnSprmrU6ltvT2-33">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="370" y="418" as="sourcePoint" />
<mxPoint x="420" y="368" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="n7Sm2ovnSprmrU6ltvT2-37" value="" style="endArrow=classic;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" edge="1" parent="1" source="n7Sm2ovnSprmrU6ltvT2-33" target="lWufevYBVzTER42Q3oKB-50">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="400" y="458" as="sourcePoint" />
<mxPoint x="420" y="438" as="targetPoint" />
</mxGeometry>
</mxCell>
</root>
</mxGraphModel>

58
diagrams/overview3.drawio
View File

@@ -1,72 +1,86 @@
<mxfile host="Electron" modified="2023-07-31T13:54:50.992Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="ULuF8GtXYlD2jlOd8ATy" version="21.6.5" type="device">
<mxfile host="Electron" modified="2023-08-08T08:54:27.446Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="O6_GzdmjAoGOofJi7Om-" version="21.6.5" type="device">
<diagram id="kcIGn_kX_1L25iIxUXLg" name="Page-1">
<mxGraphModel dx="830" dy="486" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<mxGraphModel dx="2060" dy="1200" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="GdnXkJGOJiVmK7E47u4y-44" value="" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;dashed=1;dashPattern=8 8;" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-44" value="" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;dashed=1;dashPattern=8 8;" parent="1" vertex="1">
<mxGeometry x="170" y="220" width="140" height="285" as="geometry" />
</mxCell>
<mxCell id="EZAqd18MQriHtEKbU3QA-1" value="User" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;fontStyle=1" parent="1" vertex="1">
<mxGeometry x="200" y="260" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="EZAqd18MQriHtEKbU3QA-2" value="Server" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;fontStyle=1" parent="1" vertex="1">
<mxGeometry x="10" y="330" width="80" height="80" as="geometry" />
<mxGeometry x="30" y="262" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="EZAqd18MQriHtEKbU3QA-3" value="Notary" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;fontStyle=1" parent="1" vertex="1">
<mxGeometry x="200" y="410" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-40" value="signed&lt;br style=&quot;font-size: 11px;&quot;&gt;transcript" style="whiteSpace=wrap;html=1;shape=mxgraph.basic.document;fontSize=11;shadow=1;" vertex="1" parent="1">
<mxGeometry x="250" y="348" width="50" height="60" as="geometry" />
<mxCell id="GdnXkJGOJiVmK7E47u4y-40" value="blindly&lt;br&gt;signed&lt;br style=&quot;font-size: 11px;&quot;&gt;transcript" style="whiteSpace=wrap;html=1;shape=mxgraph.basic.document;fontSize=11;shadow=1;" parent="1" vertex="1">
<mxGeometry x="251" y="346" width="50" height="58" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-43" value="Verifier" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;fontStyle=1" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-43" value="Verifier" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;shadow=1;fontStyle=1" parent="1" vertex="1">
<mxGeometry x="410" y="260" width="80" height="80" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-45" value="" style="endArrow=classic;startArrow=classic;html=1;rounded=0;entryX=-0.008;entryY=0.515;entryDx=0;entryDy=0;entryPerimeter=0;exitX=1.028;exitY=0.462;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="EZAqd18MQriHtEKbU3QA-2" target="GdnXkJGOJiVmK7E47u4y-44">
<mxCell id="GdnXkJGOJiVmK7E47u4y-45" value="" style="endArrow=classic;startArrow=classic;html=1;rounded=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;exitX=1.028;exitY=0.462;exitDx=0;exitDy=0;exitPerimeter=0;" parent="1" source="EZAqd18MQriHtEKbU3QA-2" target="EZAqd18MQriHtEKbU3QA-1" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="350" y="490" as="sourcePoint" />
<mxPoint x="400" y="440" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-46" value="notarized request" style="whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;fontSize=11;" vertex="1" parent="1">
<mxGeometry x="100" y="336.5" width="60" height="60" as="geometry" />
<mxCell id="GdnXkJGOJiVmK7E47u4y-46" value="request" style="whiteSpace=wrap;html=1;fillColor=none;strokeColor=none;fontSize=11;" parent="1" vertex="1">
<mxGeometry x="118" y="284" width="60" height="10" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-47" value="" style="endArrow=classic;html=1;rounded=0;" edge="1" parent="1" source="EZAqd18MQriHtEKbU3QA-3" target="EZAqd18MQriHtEKbU3QA-1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-47" value="" style="endArrow=classic;html=1;rounded=0;" parent="1" source="EZAqd18MQriHtEKbU3QA-3" target="EZAqd18MQriHtEKbU3QA-1" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="350" y="490" as="sourcePoint" />
<mxPoint x="400" y="440" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-48" value="redacted signed&lt;br style=&quot;font-size: 11px;&quot;&gt;transcript" style="whiteSpace=wrap;html=1;shape=mxgraph.basic.document;fontSize=11;shadow=1;" vertex="1" parent="1">
<mxCell id="vS6lQRuDm8DtBRq3Yqvl-2" value="notarize" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="GdnXkJGOJiVmK7E47u4y-47" vertex="1" connectable="0">
<mxGeometry x="-0.0599" y="2" relative="1" as="geometry">
<mxPoint x="-21" y="1" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-48" value="redacted signed&lt;br style=&quot;font-size: 11px;&quot;&gt;transcript" style="whiteSpace=wrap;html=1;shape=mxgraph.basic.document;fontSize=11;shadow=1;" parent="1" vertex="1">
<mxGeometry x="330" y="310" width="50" height="60" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-49" value="" style="endArrow=classic;html=1;rounded=0;" edge="1" parent="1" source="EZAqd18MQriHtEKbU3QA-1" target="GdnXkJGOJiVmK7E47u4y-43">
<mxCell id="GdnXkJGOJiVmK7E47u4y-49" value="" style="endArrow=classic;html=1;rounded=0;" parent="1" source="EZAqd18MQriHtEKbU3QA-1" target="GdnXkJGOJiVmK7E47u4y-43" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="350" y="490" as="sourcePoint" />
<mxPoint x="400" y="440" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-50" value="&lt;span style=&quot;color: rgb(0, 0, 0); font-family: Helvetica; font-size: 11px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: center; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; float: none; display: inline !important;&quot;&gt;selective disclosure&lt;/span&gt;" style="text;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-50" value="&lt;span style=&quot;color: rgb(0, 0, 0); font-family: Helvetica; font-size: 11px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: center; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; float: none; display: inline !important;&quot;&gt;selective disclosure&lt;/span&gt;" style="text;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="330" y="262" width="50" height="40" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-53" value="&lt;span style=&quot;color: rgb(0, 0, 0); font-family: Helvetica; font-size: 11px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; float: none; display: inline !important;&quot;&gt;Multi party computation&lt;/span&gt;" style="text;whiteSpace=wrap;html=1;align=center;verticalAlign=middle;" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-53" value="&lt;span style=&quot;color: rgb(0, 0, 0); font-family: Helvetica; font-size: 11px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; float: none; display: inline !important;&quot;&gt;Multi party computation&lt;/span&gt;" style="text;whiteSpace=wrap;html=1;align=center;verticalAlign=middle;" parent="1" vertex="1">
<mxGeometry x="177" y="215" width="125" height="40" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-54" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" vertex="1" parent="1">
<mxGeometry x="122" y="341" width="13" height="13" as="geometry" />
<mxCell id="GdnXkJGOJiVmK7E47u4y-54" value="1" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="138.5" y="268" width="13" height="13" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-55" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" vertex="1" parent="1">
<mxGeometry x="220" y="371.5" width="13" height="13" as="geometry" />
<mxCell id="GdnXkJGOJiVmK7E47u4y-55" value="2" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="210" y="357" width="13" height="13" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-56" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-56" value="3" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="344.5" y="256" width="13" height="13" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-58" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-58" value="4" style="ellipse;whiteSpace=wrap;html=1;aspect=fixed;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="425" y="310" width="13" height="13" as="geometry" />
</mxCell>
<mxCell id="GdnXkJGOJiVmK7E47u4y-59" value="&lt;span style=&quot;color: rgb(0, 0, 0); font-family: Helvetica; font-size: 11px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: center; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; float: none; display: inline !important;&quot;&gt;verify&lt;/span&gt;" style="text;whiteSpace=wrap;html=1;" vertex="1" parent="1">
<mxCell id="GdnXkJGOJiVmK7E47u4y-59" value="&lt;span style=&quot;color: rgb(0, 0, 0); font-family: Helvetica; font-size: 11px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: center; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(251, 251, 251); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; float: none; display: inline !important;&quot;&gt;verify&lt;/span&gt;" style="text;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="438" y="302" width="40" height="20" as="geometry" />
</mxCell>
<mxCell id="_06KIDZZ9NYgVlEzEhfi-3" value="" style="endArrow=classic;html=1;rounded=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;edgeStyle=elbowEdgeStyle;elbow=vertical;exitX=0;exitY=0.5;exitDx=0;exitDy=0;" parent="1" source="EZAqd18MQriHtEKbU3QA-1" target="EZAqd18MQriHtEKbU3QA-3" edge="1">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="180" y="330" as="sourcePoint" />
<mxPoint x="110" y="354" as="targetPoint" />
<Array as="points">
<mxPoint x="180" y="370" />
</Array>
</mxGeometry>
</mxCell>
</root>
</mxGraphModel>
</diagram>

51
src/SUMMARY.md
View File

@@ -1,20 +1,37 @@
# Summary
[Introduction](./intro.md)
[Protocol](./protocol/README.md)
- [Overview](./overview.md)
- [Notarization](./protocol/notarization/README.md)
- [TLS Handshake]()
- [Key Exchange](./protocol/notarization/key_exchange.md)
- [Symmetric key derivation](./protocol/notarization/prf.md)
- [Encryption](./protocol/notarization/encryption.md)
- [Commitment](./protocol/notarization/commitment.md)
- [Commitment to public data](./protocol/notarization/public_data_commitment.md)
- [Selective Disclosure]()
- [Secure 2-Party Computation](./protocol/2pc/garbled_circuits.md)
- [Garbled Circuits]()
- [Dual Execution with Asymmetric Privacy](./protocol/2pc/deap.md)
- [Oblivious Transfer]()
- [Paillier]()
- [MAC](./protocol/2pc/mac.md)
- [Finite-Field Arithmetic](./protocol/2pc/ff-arithmetic.md)
[Motivation](./motivation.md)
[Quick Start](./developers/quick_start.md)
# Protocol
1. [Overview](./overview.md)
2. [Notarization](./protocol/notarization/README.md)
- [TLS Handshake](./protocol/notarization/handshake.md)
- [Encryption and Decryption](./protocol/notarization/encryption.md)
- [Commitment](./protocol/notarization/commitment.md)
- [Signing](./protocol/notarization/signing.md)
3. [Verification](./protocol/verification.md)
4. [Selective Disclosure]()
# MPC
- [Garbled Circuits](./mpc/garbled_circuits.md)
- [Dual Execution with Asymmetric Privacy](./mpc/deap.md)
- [Oblivious Transfer]()
- [MAC](./mpc/mac.md)
- [Finite-Field Arithmetic](./mpc/ff-arithmetic.md)
- [Encodings](./mpc/encodings.md)
- [Key Exchange](./mpc/key_exchange.md)
- [ECtF](./mpc/ectf.md)
- [Commitment scheme](./mpc/commitment_scheme.md)
- [Encryption](./mpc/encryption.md)
- [TLS handhsake](./mpc/tls_handshake.md)
- [Committed Oblivious Transfer]() <!-- (./mpc/committed_ot.md) -->
- [Oblivious Transfer]() <!-- (./mpc/oblivious_transfer.md) -->
# Developer resources
+[Glossary](./glossary.md)

66
src/developers/quick_start.md Normal file
View File

@@ -0,0 +1,66 @@
This guide will take you through the steps of:
- starting a `Notary` server
- running a `Prover` to notarize some web data
- running a `Verifier` to verify the notarized data
Note that the TLSNotary protocol assumes that the `Notary` is trusted by the `Verifier`. To minimize the trust, the `Verifier` itself can act as a `Notary`.
# Preliminaries
### Install rust
If you don't have `rust` installed yet, install it with [rustup](https://rustup.rs/):
```shell
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
```
# Guide
### Start a Notary server:
```shell
git clone https://github.com/tlsnotary/notary-server
cd notary-server
cargo run --release
```
The `Notary` server will now be running in the background waiting for connections from a `Prover`. You can switch to another console to run the `Prover`.
For more information on how to configure the `Notary` server, please refer to [this](https://github.com/tlsnotary/notary-server#running-the-server).
### Run a simple Prover:
```shell
git clone https://github.com/tlsnotary/tlsn
cd tlsn/tlsn/examples
cargo run --release --example simple_prover
```
The notarization session usually takes a few moments and the resulting proof will be written to the "proof.json" file. The proof can then be passed on to the `Verifier` for verification.
The `simple_prover` notarizes <https://example.com> and redacts the `USER_AGENT` HTTP header from the proof for the `Verifier`. You can change the code in `tlsn/tlsn/examples/simple_prover.rs` to meet your needs:
- change which server the `Prover` connects to
- add or remove HTTP request headers
- redact other strings in the request or the response
⚠️ Please note that by default the `Notary` server expects that the cumulative size of the request and the server response is not more than 16KB.
### Run a simple Verifier:
```shell
cargo run --release --example simple_verifier
```
This will verify the proof from the `simple_prover` (`proof.json`) and output the result to the console.
Note how the parts which the prover chose not to disclose will be shown as "X":
```plaintext
GET / HTTP/1.1
host: example.com
accept: */*
accept-encoding: identity
connection: close
user-agent: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
```

22
src/glossary.md Normal file
View File

@@ -0,0 +1,22 @@
# Glossary
| Term | Explanation |
| ----- | ----------------------------------------------- |
| AES | Advanced Encryption Standard |
| A2M | Addition-to-Multiplication |
| DEAP | Dual Execution with Asymmetric Privacy |
| ECDH | Elliptic-Curve Diffie-Hellman |
| ECB | Electronic codebook (encryption mode) |
| GC | Garbled Circuit |
| GCM | Galois/Counter Mode |
| GHASH | GCM hash |
| HMAC | Hash-based Message Authentication Code |
| MAC | Message Authentication Code |
| M2a | Multiplication-to-Addition |
| OT | oblivious transfer |
| RSA | RivestShamirAdleman (public-key cryptosystem) |
| PMS | Pre master secret (TLS) |
| PRF | Pseudo Random Function |
| PRG | pseudorandom generator |
| PSE | Privacy and Scaling Exploration |
| TLS | transport layer security |

90
src/intro.md
View File

@@ -1,35 +1,71 @@
# Introduction
TLSNotary is a protocol which allows users to export data from any website in a
credible way. This way they can verify the authenticity of parts of a
TLS-encrypted web session without compromising on privacy.
## Data Provenance without Compromising Privacy, That is Why!
It works by adding a third party, the Notary, to the usual TLS connection
between the User and a web server. The User forwards the encrypted TLS traffic
to the Notary which checks that it has not been tampered with and notarizes the
whole TLS session by signing a transcript of it.
The Internet currently lacks effective, privacy-preserving **Data Provenance**. [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security), also known as the "s" in "https" 🔐 to the general public, ensures that data can be securely communicated between a server and a user. But how can this user credibly share this data with another user or server without compromising security, privacy, and control?
The User can now use this transcript and disclose parts of it to another
party, which we call the Verifier. The Verifier only needs to trust the Notary
in order to accept proofs from many different users. This way, TLSNotary
can be used for a variety of purposes. For example you can use TLSNotary to
prove that
Enter TLSNotary: a protocol enabling users to export data securely from any website. Using Zero Knowledge Proof (ZKP) technology, this data can be selectively shared with others in a cryptographically verifiable manner.
- you have received a money transfer using your online banking account, without
revealing your login credentials or sensitive financial information.
- you have access to an account on a web platform.
- a website showed some specific content on a certain date.
TLSNotary makes data truly portable and allows users to share it with others as they see fit.
Overall, the TLSNotary protocol can be used in any scenario where you need to
prove to a third party facts about the content of a TLS connection.
## How Does the TLSNotary Protocol Work?
Some interesting aspects of TLSNotary are:
- The protocol is transparent to the web server, because it is not aware of the
notarization process. For the server it just looks like normal browsing.
- Data is kept private from the Notary. The Notary only sees the ciphertext and
never has access to the plaintext.
- No modifications to the TLS protocol are needed. You can use it without any
changes to web servers.
- The Notary and the Verifier can be the same entity. That means if you as a
Verifier do not want to trust some Notary server, you can run one yourself.
The TLSNotary protocol consists of 4 steps:
1. The `User` **requests** the data from the `Server` privately and securely.
2. The `Notary` **checks** for data tampering and **signs** the data.
3. The `User` **selectively discloses** the data to the `Verifier`.
4. The `Verifier` **verifies** the data.
![](./png-diagrams/overview3.png)
### ① Multi-party TLS Request
TLSNotary works by adding a third party, the `Notary`, to the usual TLS connection between the `User` and a `Server`. This `Notary` is **not "[a man in the middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)"**. Instead, the `Notary` participates in a **secure multi-party computation** (MPC) to jointly operate the TLS connection without ever seeing the data in plain text; the `Notary` only sees encrypted data. Given that the `Notary` only sees the temporary key of the `Server`, the `Notary` does not know which `Server` the `User` is communicating with. The TLSNotary protocol is transparent to the `Server`. From the `Server`'s perspective, the User's connection is a standard TLS connection.
<!-- - Transport Layer Security (TLS)
- Encryption: hides data from third parties
- Authentication: ensures that the parties exchanging information are who they claim to be
- Integrity: verifies that data has not been forged or tampered with -->
### ② Notarization
By participating in the **secure multi-party computation** (MPC) for TLS communication, the `Notary` can validate the authenticity and integrity of the communication with the `Server`. If the `User` has not cheated, the `Notary` **signs** the transcript of the entire TLS session. Since the `Notary` only checks encrypted data, this process is referred to as "blind signing".
### ③ Selective Disclosure
The TLSNotary protocol provides a means for the `User` to selectively prove the authenticity of arbitrary sections of the transcript to a `Verifier`. In this context, the `User` is often referred to as the `Prover`.
Due to the manner in which the `Notary` signs the transcript, the `User` can **redact sections**, thereby removing sensitive data. This capability can be paired with Zero-Knowledge Proofs to prove properties of the redacted data without revealing the data itself.
### ④ Verification
A `Verifier` validates the proof received from the `User`. By comparing the signature against the `Notary`'s public key, the `Verifier` ensures that the `User` did not tamper with the data.
The data's origin can be verified by inspecting the `Server` certificate through trusted certificate authorities (CAs).
### Trust Assumptions
TLSNotary requires a trust assumption. A `Verifier` of a proof must trust that the `Notary` did not collude with the `User` to forge it. This trust can be minimized by requiring multiple proofs, each signed by a different notary.
In certain applications, the `Verifier` might also function as the `Notary`, leading to **fully trustless proofs**.
## What Can TLSNotary Do?
TLSNotary can be used for various purposes. For example, you can use TLSNotary to prove that:
- you have access to an account on a web platform
- a website showed specific content on a certain date
- you have private information about yourself (address, birth date, health, etc.)
- you have received a money transfer using your online banking account without revealing your login credentials or sensitive financial information
- you received a private message from someone
- you were blocked from using an app
- you earned professional certificates
While TLSNotary can notarize publicly available data, it does not solve the "[oracle problem](https://ethereum.org/en/developers/docs/oracles/)". For this use case, existing oracle solutions are more suitable.
## Who is behind TLSNotary?
TLSNotary is developed by the Privacy and Scaling Exploration (PSE) research lab of the Ethereum Foundation. The PSE team is committed to conceptualizing and testing use cases for cryptographic primitives.
TLSNotary is not a new project; in fact, it has been around for [more than a decade](https://bitcointalk.org/index.php?topic=173220.0).
In 2022, TLSNotary was rebuilt from the ground up in [Rust](https://www.rust-lang.org/) incorporating state-of-the-art cryptographic protocols. This renewed version of the TLSNotary protocol offers enhanced security, privacy, and performance.
Older versions of TLSNotary, including PageSigner, have been archived due to a security vulnerability.

45
src/motivation.md Normal file
View File

@@ -0,0 +1,45 @@
# Motivation
The decentralized internet demands privacy-respecting data provenance!
Data provenance ensures internet data is authentic. It allows verification of the data's origin, ensuring it hasn't been fabricated or tampered with.
Data provenance will make data truly portable, empowering users to share it with others as they see fit.
## Non-repudiation: TLS is not enough
![](png-diagrams/data_provenance_none.png)
Transport Layer Security (TLS) plays a crucial role in digital security. TLS protects communication against eavesdropping and tampering. It ensures that the data received by the `User` from the `Server` indeed originates from the `Server` and was not changed. The `Server`'s identity is verified by the `User` through trusted Certificate Authorities (CAs). Data integrity is maintained by transmitting a cryptographic hash (called Message Authentication Code or MAC in TLS) alongside the data, which safeguards against deliberate alterations.
However, this hash does not provide **non-repudiation**, meaning it cannot serve as evidence for the **authenticity and integrity** of the data to third parties (e.g., a service or an app). Because it is a keyed hash and TLS requires that the key is known to the `User`, the `User` could modify the data and compute a corresponding hash after the TLS session is finished.
Achieving non-repudiation requires digital signatures implemented with asymmetric, public-key cryptography.
While the concept seems straightforward, enabling servers to sign data is not a part of the TLS protocol. Even if all data were securely signed, naively forwarding all data could expose too much information, compromising the `User`'s privacy. **Privacy** is a vital social good that must be protected.
## Status Quo: delegate access
![](png-diagrams/data_provenance_oauth.png)
Currently, when a `User` wants to share data from a server with another party, OAuth can be used to facilitate this if the application supports it. In this way, the other party receives the data directly from the server, ensuring authentic and unchanged data. However, applications often do not provide fine-grained control over which data to share, leading to the other party gaining access to more information than strictly necessary.
Another drawback of this solution is that the server is aware of the access delegation, enabling it to monitor and censor the other users requests.
It's worth noting that in many instances, OAuth is not even presented as an option. This is because a lot of servers lack the incentive to provide third-party access to the data.
## TLSNotary: data provenance and privacy with secure multi-party computation
![](png-diagrams/data_provenance_tlsn.png)
TLSNotary operates by introducing a third party, the `Notary`, into the usual TLS connection between the `User` and a `Server`. This `Notary` is **not an intermediary**. Instead, the `Notary` participates in a **secure multi-party computation** (MPC) to jointly manage the TLS connection without ever viewing the data in plain text; the `Notary` only has access to encrypted data. Furthermore, as the `Notary` only possesses the ephemeral keys of the `Server`, it remains unaware of which `Server` the `User` is communicating with.
The TLSNotary protocol is **transparent** to the `Server`. From the `Server`'s perspective, the TLS connection is indistinguishable from all other connections. As such, **no modifications to the TLS protocol are necessary**.
Due to the TLSNotary protocol's nature, it enables the `User` to selectively prove the authenticity of arbitrary portions of the data to a Verifier. Through the `Notary`'s signing of the data, the `User` can prove the data's authenticity to any third-party `Verifier`. The provided proof can be easily verified by the `Verifier`.
## Make your data portable with TLSNotary!
TLSNotary is a solution designed to prove the authenticity of data while preserving user privacy. It unlocks a variety of new use cases. So, if you're looking for a way to make your data portable without sacrificing its authenticity or compromising on privacy, TLSNotary is developed for you!
Dive into the protocol and integrate it into your applications. We eagerly await your feedback on [Discord](https://discord.com/invite/9XwESXtcN7).

0
src/protocol/2pc/2pc-mac-overview.png → src/mpc/2pc-mac-overview.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 99 KiB

After

Width:  |  Height:  |  Size: 99 KiB

0
src/protocol/2pc/README.md → src/mpc/README.md
View File

9
src/mpc/commitment_scheme.md Normal file
View File

@@ -0,0 +1,9 @@
# Commitment scheme
<!-- TODO will polish -->
BEFORE the `Notary` "opens his gabled circuit" in Step 17 of [DEAP](/mpc/deap.md), the `User` commits (e.g. computes a blake3 hash) to the encodings of the plaintext generated by the `Notary` (i.e. the encoded output [v]_B from Step 8 in DEAP).
"Opening the garbled circuit" simply means that the `Notary` reveals and signs the seed of randomness which (among other things) was used to generate the [encoding](/mpc/encodings.md) of the plaintext.
Having both the signed seed from the `Notary` and also the commitment to the plaintext encoding, the `User` can prove to any third-party Verifier the authenticity of the plaintext.

5
src/mpc/committed_ot.md Normal file
View File

@@ -0,0 +1,5 @@
# Committed OT
// TODO here we describe our flavor of committed KOS
// This page will be linked to from DEAP

7
src/protocol/2pc/deap.md → src/mpc/deap.md
View File

@@ -1,5 +1,12 @@
# Dual Execution with Asymmetric Privacy
TLSNotary uses the `DEAP` protocol described below to ensure malicious security during the Encryption and Decryption steps.
When using DEAP in TLSNotary, the `User` plays the role of Alice and has full privacy and the `Notary` plays the role of Bob and reveals all of his private inputs after the TLS session with the server is over. (The Notary's private inputs are his TLS session key shares).
The parties run the `Setup` and `Execution` steps of `DEAP` but they defer the `Equality Check`.
Since during the `Equality Check` all of the Notary's secrets are revealed to User, it must be deferred until after the TLS session with the server is over, otherwise the User would learn the full TLS session keys and be able to forge the TLS transcript.
## Introduction
Malicious secure 2-party computation with garbled circuits typically comes at the expense of dramatically lower efficiency compared to execution in the semi-honest model. One technique, called Dual Execution [\[MF06\]](https://www.iacr.org/archive/pkc2006/39580468/39580468.pdf) [\[HKE12\]](https://www.cs.umd.edu/~jkatz/papers/SP12.pdf), achieves malicious security with a minimal 2x overhead. However, it comes with the concession that a malicious adversary may learn $k$ bits of the other's input with probability $2^{-k}$.

0
src/protocol/2pc/dual_execution.md → src/mpc/dual_execution.md
View File

4
src/mpc/ectf.md Normal file
View File

@@ -0,0 +1,4 @@
# ECtF
This protocol enables the User and the Notary to convert their shares of an ECDH secret into shares of the pre-master secret (PMS).

3
src/mpc/encodings.md Normal file
View File

@@ -0,0 +1,3 @@
# Encodings
// Explain here how each input/output/intermediate wire in GC can have value either 0 or 1 and a random 128-bit value encodes that wire value

74
src/mpc/encryption.md Normal file
View File

@@ -0,0 +1,74 @@
# Encryption
Here we will explain our protocol for 2PC encryption using a block cipher in counter-mode.
Our documentation on [Dual Execution with Asymmetric Privacy](/mpc/deap.md) is recommended prior reading for this section.
## Preliminary
### Ephemeral Keyshare
It is important to recognise that the Notary's keyshare is an _ephemeral secret_. It is only private for the duration of the User's TLS session, after which the User is free to learn it without affecting the security of the protocol.
It is this fact which allows us to achieve malicious security for relatively low cost. More details on this [here](/mpc/deap.md).
### Premature Leakage
A small amount of undetected premature keyshare leakage is quite tolerable. For example, if the Notary leaks 3 bits of their keyshare, it gives the User no meaningful advantage in any attack, as she could have simply guessed the bits correctly with $2^{-3} = 12.5\%$ probability and mounted the same attack. Assuming a sufficiently long cipher key is used, eg. 128 bits, this is not a concern.
The equality check at the end of our protocol ensures that premature leakage is detected with a probability of $1 - 2^{-k}$ where k is the number of leaked bits. The Notary is virtually guaranteed to detect significant leakage and can abort prior to notarization.
### Plaintext Leakage
Our protocol assures _no leakage_ of the plaintext to the Notary during both encryption and decryption. The Notary reveals their keyshare at the end of the protocol, which allows the Notary to open their garbled circuits and oblivious transfers completely to the User. The User can then perform a series of consistency checks to ensure that the Notary behaved honestly. Because these consistency checks do not depend on any inputs of the User, aborting does not reveal any sensitive information (in contrast to standard DualEx which does).
### Integrity
During the entirety of the TLS session the User performs the role of the garbled circuit generator, thus ensuring that a malicious Notary can not corrupt or otherwise compromise the integrity of messages sent to/from the Server.
### Notation
* $p$ is one block of plaintext
* $c$ is the corresponding block of ciphertext, ie $c = \mathsf{Enc}(k, ctr) \oplus p$
* $k$ is the cipher key
* $ctr$ is the counter block
* $k_U$ and $k_N$ denote the User and Notary cipher keyshares, respectively, where $k = k_U \oplus k_N$
* $z$ is a mask randomly selected by the User
* $ectr$ is the encrypted counter-block, ie $ectr = \mathsf{Enc}(k, ctr)$
* $\mathsf{Enc}$ denotes the block cipher used by the TLS session
* $\mathsf{com}_x$ denotes a binding commitment to the value $x$
* $[x]_A$ denotes a garbled encoding of $x$ chosen by party $A$
## Encryption Protocol
The encryption protocol uses [DEAP](/mpc/deap.md) without any special variations. The User and Notary directly compute the ciphertext for each block of a message the User wishes to send to the Server:
$$f(k_U, k_N, ctr, p) = \mathsf{Enc}(k_U \oplus k_N, ctr) \oplus p = c$$
The User creates a commitment to the plaintext active labels for the Notary's circuit $\mathsf{Com}([p]_N, r) = \mathsf{com}_{[p]_N}$ where $r$ is a random key known only to the User. The User sends this commitment to the Notary to be used in the authdecode protocol later. It's critical that the User commits to $[p]_N$ prior to the Notary revealing $\Delta$ in the final phase of DEAP. This ensures that if $\mathsf{com}_{[p]_N}$ is a commitment to valid labels, then it must be a valid commitment to the plaintext $p$. This is because learning the complementary wire label for any bit of $p$ prior to learning $\Delta$ is virtually impossible.
## Decryption Protocol
The protocol for decryption is very similar but has some key differences to encryption.
For decryption, [DEAP](/mpc/deap.md) is used for every block of the ciphertext to compute the _masked encrypted counter-block_:
$$f(k_U, k_N, ctr, z) = \mathsf{Enc}(k_U \oplus k_N, ctr) \oplus z = ectr_z$$
This mask $z$, chosen by the User, hides $ectr$ from the Notary and thus the plaintext too. Conversely, the User can simply remove this mask in order to compute the plaintext $p = c \oplus ectr_z \oplus z$.
Following this, the User can retrieve the wire labels $[p]_N$ from the Notary using OT.
Similarly to the procedure for encryption, the User creates a commitment $\mathsf{Com}([p]_N, r) = \mathsf{com}_{[p]_N}$ where $r$ is a random key known only to the User. The User sends this commitment to the Notary to be used in the authdecode protocol later.
### Proving the validity of $[p]_N$
In addition to computing the masked encrypted counter-block, the User must also prove that the labels $[p]_N$ they chose afterwards actually correspond to the ciphertext $c$ sent by the Server.
This is can be done efficiently in one execution using the zero-knowledge protocol described in [[JKO13]](https://eprint.iacr.org/2013/073.pdf) the same as we do in the final phase of DEAP.
The Notary garbles a circuit $G_N$ which computes:
$$p \oplus ectr = c$$
Notice that the User and Notary will already have computed $ectr$ when they computed $ectr_z$ earlier. Conveniently, the Notary can re-use the garbled labels $[ectr]_N$ as input labels for this circuit. For more details on the reuse of garbled labels see [[AMR17]](https://eprint.iacr.org/2017/062.pdf).

0
src/protocol/2pc/ff-arithmetic.md → src/mpc/ff-arithmetic.md
View File

0
src/protocol/2pc/garbled_circuits.md → src/mpc/garbled_circuits.md
View File

0
src/protocol/notarization/key_exchange.md → src/mpc/key_exchange.md
View File

0
src/protocol/2pc/mac.md → src/mpc/mac.md
View File

3
src/mpc/oblivious_transfer.md Normal file
View File

@@ -0,0 +1,3 @@
# Oblivious Transfer
TODO

16
src/mpc/tls_handshake.md Normal file
View File

@@ -0,0 +1,16 @@
# TLS handshake
During the TLS handshake the TLS Client and the TLS Server compute the session keys needed to perform the encryption and decryption of data.
In TLSNotary protocol `User` and `Notary` jointly play the role of the TLS Client. They use MPC to compute the session keys in such a way that neither party ever learns the full keys but each has their share of the keys.
First they compute their shares of the TLS Client's ECDH secret using [this protocol](./key_exchange.md). Since an ECDH secret is an EC point, the parties have their shares of that point.
Then they compute their shares of the pre-master secret (PMS) using an MPC protocol described [here](./ectf.md).
Then the parties input their PMS shares as private inputs to the [DEAP](/mpc/deap.md) protocol (along with some other public data). They perform the following in MPC:
- they derive their shares of the TLS session keys
- they encrypt the Client Finished message (and the `User` sends the CF to the server)
- (the `User` receives the Server Finished message from the server and) they decrypt the SF message and check its authenticity.

7
src/outdated/commitment.md Normal file
View File

@@ -0,0 +1,7 @@
At the end of the TLSNotary protocol, the User has the authenticated AES ciphertext which can be thought of as a commitment to the plaintext. This form of commitment is not amenable to use cases when the User wants to make part of the plaintext public while keeping another part private. Naively, the User's option is to prove the decryption of the ciphertext in zero-knowledge which is computationally expensive.
We describe two less computationally heavy approaches for converting the AES ciphertext commitments.
The first approach is useful for commitments to the data which the User intends to make public. It is based on decrypting the ciphertext with Garbled Circuits and producing a hash commitment to the wire labels.
The second approach is useful for commitments to the private data which the User later intends to prove statements about in zero-knowledge. This approach produces a Poseidon hash over the private data.

0
src/protocol/2pc/dual_execution_with_privacy_only_for_the_user.md → src/outdated/dual_execution_with_privacy_only_for_the_user.md
View File

0
src/protocol/notarization/prf.md → src/outdated/prf.md
View File

0
src/protocol/notarization/public_data_commitment.md → src/outdated/public_data_commitment.md
View File

BIN
src/png-diagrams/data_provenance.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 264 KiB

After

Width:  |  Height:  |  Size: 419 KiB

BIN
src/png-diagrams/data_provenance_none.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 76 KiB

BIN
src/png-diagrams/data_provenance_oauth.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 143 KiB

BIN
src/png-diagrams/data_provenance_tlsn.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 111 KiB

BIN
src/png-diagrams/data_provenance_ultimate.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 91 KiB

BIN
src/png-diagrams/overview.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 415 KiB

After

Width:  |  Height:  |  Size: 367 KiB

BIN
src/png-diagrams/overview3.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 155 KiB

After

Width:  |  Height:  |  Size: 148 KiB

1
src/protocol/README.md
View File

@@ -1 +0,0 @@
# Protocol

8
src/protocol/notarization/commitment.md
View File

@@ -1,9 +1,9 @@
# Commitment
At the end of the TLSNotary protocol, the User has the authenticated AES ciphertext which can be thought of as a commitment to the plaintext. This form of commitment is not amenable to use cases when the User wants to make part of the plaintext public while keeping another part private. Naively, the User's option is to prove the decryption of the ciphertext in zero-knowledge which is computationally expensive.
The TLSNotary protocol entirely conceals the plaintext transcript from the `Notary`. Simultaneously, the TLSNotary protocol offers a way to the `User` to selectively prove the authenticity of arbitrary portions of the plaintext to the `Verifier`.
We describe two less computationally heavy approaches for converting the AES ciphertext commitments.
A naive approach could extend the `Encryption and Decryption` steps to also compute a commitment (e.g. a blake3 hash) to the plaintext in MPC, with the `Notary` signing that commitment. The `User` could then open the commitment to the `Verifier`. Unfortunately, this approach would be resource-intensive, prompting us to provide a more lightweight commitment scheme.
The first approach is useful for commitments to the data which the User intends to make public. It is based on decrypting the ciphertext with Garbled Circuits and producing a hash commitment to the wire labels.
The high-level idea is that the `User` will reuse the encodings from the MPC protocol used for `Encryption and Decryption` to create commitments[^commitment_scheme]. Since those encodings are chosen by the `Notary` and are not known to the `User` at the time when she makes a commitment, they can be thought of as "authenticated plaintext".
The second approach is useful for commitments to the private data which the User later intends to prove statements about in zero-knowledge. This approach produces a Poseidon hash over the private data.
[^commitment_scheme] For technical details on the commitment scheme, see [Commitment scheme](/mpc/commitment_scheme.md)

75
src/protocol/notarization/encryption.md
View File

@@ -1,74 +1,29 @@
# Encryption
# Encryption, Decryption, and MAC Computation
Here we will explain our protocol for 2PC encryption using a block cipher in counter-mode.
This section explains how the `User` and `Notary` use MPC to encrypt data for the server, decrypt data received from the server, and compute the MAC for the ciphertext in MPC.
Our documentation on [Dual Execution with Asymmetric Privacy](../2pc/deap.md) is recommended prior reading for this section.
## Encryption
## Preliminary
To encrypt the plaintext, both parties input their key shares as private inputs to the [MPC](/mpc/deap.md) protocol, along with some other public data. Additionally, the `User` inputs her plaintext as a private input.
### Ephemeral Keyshare
Both parties see the resulting ciphertext and execute the [2PC MAC](../../mpc/mac.md) protocol to compute the MAC for the ciphertext.
It is important to recognise that the Notary's keyshare is an _ephemeral secret_. It is only private for the duration of the User's TLS session, after which the User is free to learn it without affecting the security of the protocol.
The `User` then dispatches the ciphertext and the MAC to the server.
It is this fact which allows us to achieve malicious security for relatively low cost. More details on this [here](../2pc/deap.md).
As explained in the [Commitment section](commitment.md), the `User` creates a commitment to the plaintext (her private input to DEAP).
### Premature Leakage
## Decryption
A small amount of undetected premature keyshare leakage is quite tolerable. For example, if the Notary leaks 3 bits of their keyshare, it gives the User no meaningful advantage in any attack, as she could have simply guessed the bits correctly with $2^{-3} = 12.5\%$ probability and mounted the same attack. Assuming a sufficiently long cipher key is used, eg. 128 bits, this is not a concern.
Once the `User` receives the ciphertext and its associated MAC from the server, the parties first authenticate the ciphertext by validating the MAC. They do this by running the [MPC] (/mpc/mac.md) protocol to compute the authentic MAC for the ciphertext. They then verify if the authentic MAC matches the MAC received from the server.
The equality check at the end of our protocol ensures that premature leakage is detected with a probability of $1 - 2^{-k}$ where k is the number of leaked bits. The Notary is virtually guaranteed to detect significant leakage and can abort prior to notarization.
Next, the parties decrypt the ciphertext by providing their key shares as private inputs to the [MPC](/mpc/deap.md) protocol, along with the ciphertext and some other public data.
### Plaintext Leakage
The resulting plaintext is revealed ONLY to the `User`.
Our protocol assures _no leakage_ of the plaintext to the Notary during both encryption and decryption. The Notary reveals their keyshare at the end of the protocol, which allows the Notary to open their garbled circuits and oblivious transfers completely to the User. The User can then perform a series of consistency checks to ensure that the Notary behaved honestly. Because these consistency checks do not depend on any inputs of the User, aborting does not reveal any sensitive information (in contrast to standard DualEx which does).
As discussed in the [Commitment section](/protocol/notarization/commitment.md), the `User` establishes a commitment to the plaintext.
### Integrity
Please note, the actual low-level implementation details of `Decryption` are more nuanced than what we have described here. For more information, please consult [Low-level Decryption details](/mpc/encryption.md).
During the entirety of the TLS session the User performs the role of the garbled circuit generator, thus ensuring that a malicious Notary can not corrupt or otherwise compromise the integrity of messages sent to/from the Server.
## Summary
### Notation
* $p$ is one block of plaintext
* $c$ is the corresponding block of ciphertext, ie $c = \mathsf{Enc}(k, ctr) \oplus p$
* $k$ is the cipher key
* $ctr$ is the counter block
* $k_U$ and $k_N$ denote the User and Notary cipher keyshares, respectively, where $k = k_U \oplus k_N$
* $z$ is a mask randomly selected by the User
* $ectr$ is the encrypted counter-block, ie $ectr = \mathsf{Enc}(k, ctr)$
* $\mathsf{Enc}$ denotes the block cipher used by the TLS session
* $\mathsf{com}_x$ denotes a binding commitment to the value $x$
* $[x]_A$ denotes a garbled encoding of $x$ chosen by party $A$
## Encryption Protocol
The encryption protocol uses [DEAP](../2pc/deap.md) without any special variations. The User and Notary directly compute the ciphertext for each block of a message the User wishes to send to the Server:
$$f(k_U, k_N, ctr, p) = \mathsf{Enc}(k_U \oplus k_N, ctr) \oplus p = c$$
The User creates a commitment to the plaintext active labels for the Notary's circuit $\mathsf{Com}([p]_N, r) = \mathsf{com}_{[p]_N}$ where $r$ is a random key known only to the User. The User sends this commitment to the Notary to be used in the authdecode protocol later. It's critical that the User commits to $[p]_N$ prior to the Notary revealing $\Delta$ in the final phase of DEAP. This ensures that if $\mathsf{com}_{[p]_N}$ is a commitment to valid labels, then it must be a valid commitment to the plaintext $p$. This is because learning the complementary wire label for any bit of $p$ prior to learning $\Delta$ is virtually impossible.
## Decryption Protocol
The protocol for decryption is very similar but has some key differences to encryption.
For decryption, [DEAP](../2pc/deap.md) is used for every block of the ciphertext to compute the _masked encrypted counter-block_:
$$f(k_U, k_N, ctr, z) = \mathsf{Enc}(k_U \oplus k_N, ctr) \oplus z = ectr_z$$
This mask $z$, chosen by the User, hides $ectr$ from the Notary and thus the plaintext too. Conversely, the User can simply remove this mask in order to compute the plaintext $p = c \oplus ectr_z \oplus z$.
Following this, the User can retrieve the wire labels $[p]_N$ from the Notary using OT.
Similarly to the procedure for encryption, the User creates a commitment $\mathsf{Com}([p]_N, r) = \mathsf{com}_{[p]_N}$ where $r$ is a random key known only to the User. The User sends this commitment to the Notary to be used in the authdecode protocol later.
### Proving the validity of $[p]_N$
In addition to computing the masked encrypted counter-block, the User must also prove that the labels $[p]_N$ they chose afterwards actually correspond to the ciphertext $c$ sent by the Server.
This is can be done efficiently in one execution using the zero-knowledge protocol described in [[JKO13]](https://eprint.iacr.org/2013/073.pdf) the same as we do in the final phase of DEAP.
The Notary garbles a circuit $G_N$ which computes:
$$p \oplus ectr = c$$
Notice that the User and Notary will already have computed $ectr$ when they computed $ectr_z$ earlier. Conveniently, the Notary can re-use the garbled labels $[ectr]_N$ as input labels for this circuit. For more details on the reuse of garbled labels see [[AMR17]](https://eprint.iacr.org/2017/062.pdf).
This chapter illustrated how the `Notary` and `User` collaborate to encrypt and decrypt data. The `Notary` performs these tasks "blindly," without acquiring knowledge of the plaintext. In fact, the `Notary` even remains unaware of the `Server` with which the `User` is communicating. Additionally, the `User` creates commitments to the plaintext and can use these later to prove the authenticity of the plaintext to a third party `Verifier`.

13
src/protocol/notarization/handshake.md Normal file
View File

@@ -0,0 +1,13 @@
# TLS Handshake
During the TLS handshake, the TLS Client and the TLS Server compute the session keys needed for the encryption and decryption of data.
In TLSNotary protocol `User` and `Notary` jointly play the role of the TLS Client. The User is the one who physically communicates with the server but all cryptographic TLS operations are performed in MPC.
The parties use MPC to compute the session keys in such a way that neither party ever learns the full keys but each has their share of the keys.
They then use their shares of the keys to finish the TLS handshake.
To a third party observing the `User`'s connection to the server, the connection appears like a regular TLS connection. The `User` maintains all the security guarantees of a standard TLS connection against a third-party bad actor.
However, the `User`'s TLS connection does not maintain the normal TLS security against the `Notary`. Instead, the `User` relies on the security which the underlying MPC protocols provide.
With the shares of the session keys computed, the parties now proceed to the next MPC protocol where they use their session key shares to jointly encrypt requests to and decrypt responses from the server while keeping the plaintext of the request/response private from the Notary.

11
src/protocol/notarization/signing.md Normal file
View File

@@ -0,0 +1,11 @@
# Signing the Session Header
At the end of the TLSNotary protocol, the `Notary` signs an artifact known as a `Session Header`, thereby attesting to the authenticity of the plaintext from a TLS session. A `Session Header` contains a `User`'s commitment to the plaintext and a `User`'s commitment to TLS-specific data which uniquely identifies the server.
The `User` can later use the signed `Session Header` to prove data provenance to a third-party `Verifier`.
It's important to highlight that throughout the entire TLSNotary protocol, including this signing stage, the `Notary` does not gain knowledge of either the plaintext or the identity of the server with which the `User` communicated.

31
src/protocol/verification.md Normal file
View File

@@ -0,0 +1,31 @@
# Verification
A `Verifier`` receives the following from the `User`:
<!-- TODO will explain each -->
- domain name (e.g. "tlsnotary.org")
- signed `Session Header`
- openings to the commitments (the plaintext which the User committed to)
- handshake_data which consists of:
- server certificate
- key exchange details
- client and server random
and performs the following steps to verify the commitments:
// you can see these steps in tlsn/tlsn-core/tests/api.rs
- verify that `Session Header` was signed by the Notary
- verify handshake_data against handshake_commitment
- verify validity of `server certificate` for the `domian name`
- verify that `key exchange details` were signed by `server certificate`
- use encoder_seed to re-generate encodings and re-create a commitment for the opening plaintext
(maybe this step needs to be spelled out in more detail)
- use `merkle_root` to check that this re-created commitment is in the Merkle tree
To summarize: the `Verifier` will only learn those portions of the TLS session transcript which the `User` chose to reveal. The portions which were not revealed (`User`'s private data) will appear to the `Verifier` as redacted. Here is an example of what the `Verifier` output may look like:
// paste here a picture of an HTTP request with redacted fields

69
src/spec/notarized_session.md Normal file
View File

@@ -0,0 +1,69 @@
# Notarized session
The `Notary` signs the following artifacts known as a `Session Header`, thereby attesting to the authenticity of the plaintext from a TLS session. The `User` can then use the signed `Session Header` to prove data provenance to a third-party `Verifier`.
It's important to highlight that throughout the entire TLSNotary protocol, including this signing stage, the `Notary` does not gain knowledge of either the plaintext or the server with which the `User` communicated.
## Session Header
A `Session Header` consists of the following components:
### Server Ephemeral Public Key
In TLS, session keys are derived from a one-time per-TLS-session ephemeral public key. The server signs this key with its certificate and transmits both the key and the signature to the `User`.
Since the `Notary` remains unaware of the signature or the certificate, the server's identity is concealed. However, the `User` can disclose the server's identity to a `Verifier` by revealing the signature and the certificate.
### Plaintext Encodings
These are the [encodings](/mpc/encodings.md) employed by the Notary to encode the plaintext.
Again, note that the `Notary` does not gain knowledge of the actual plaintext. The `Notary` transmits these encodings to the `User` using [Oblivious Transfer](/mpc/oblivious_transfer.md).
For efficiency, the `Notary` employs a small PRG seed to generate random plaintext encodings.
### Root of the Merkle Tree of Commitments
The root of the Merkle tree, where each leaf represents the `User`'s commitment to plaintext encodings.
### Commitment to the TLS Handshake Data
This represents the `User`'s commitment to various public data from the TLS handshake:
- Server certificate chain
- Signature over the `Server Ephemeral Public Key`, created using the `Server Certificate Chain`
- Client random
- Server random
### Time
Indicates the time when the Notary signed the `Session Header`.
### Total Bytes Sent and Received
The total amount of application data bytes that the `User` sent to and received from the server.
## Session Data
// (can be seen in tlsn-core/src/session/data.rs)
- `handshake_data_decommitment` contains `HandshakeData` which the `User` committed to (with salt)
`HandshakeData` contains various TLS-specific details:
- `server_cert_details` (server certificate chain)
- `server_kx_details` (data used in ECDH key exchange)
- `client_random` (client random from the `Client Hello` TLS message)
- `server_random` (server random from the `Server Hello` TLS message)
- `tx_transcript` and `rx_transcript` contain all application level plaintext bytes which were transmitted to/received from the server
- `merkle_tree` is a Merkle tree the leaves of which are the `User`'s commitments to plaintext. The `User` may commit to multiple slices of plaintext and then selectively disclose to the `Verifier` only those slices which he wants to make public
- `commitments` contains the `User`'s commitments to plaintext, where each commitment structure is:
- `merkle_tree_index` is the index in the `merkle_tree`
- `commitment` is the actual commitment value e.g. a blake3 hash
- `ranges` are byte ranges within `tx/rx_transcript` where the bytes committed to are located
- `direction` is used to identify whether it is a commitment to tx or rx data
- `salt` is a salt for the `commitment`