tlsnotary/docs-mdbook
1
0
Fork 0
mirror of https://github.com/tlsnotary/docs-mdbook.git synced 2026-01-07 20:03:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

update doc for alpha.7 release (#85)

Browse Source 
Update for alpha.7.

Co-authored-by: Hendrik Eeckhaut <hendrik@eeckhaut.org>
This commit is contained in:
yuroitaki
2024-10-04 22:10:17 +08:00
committed by GitHub
parent da5d10b734
commit 7e2974af16
5 changed files with 136 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
src/developers/notary_server.md
View File

@@ -1,21 +1,21 @@
# Run a Notary Server
This guide shows you how to run a [notary server](https://github.com/tlsnotary/tlsn/tree/main/notary/server) in an Ubuntu server instance.
This guide shows you how to run a [notary server](https://github.com/tlsnotary/tlsn/tree/main/crates/notary/server) in an Ubuntu server instance.
## Configure Server Setting
All the following settings can be configured in the [config file](https://github.com/tlsnotary/tlsn/blob/main/notary/server/config/config.yaml).
All the following settings can be configured in the [config file](https://github.com/tlsnotary/tlsn/blob/main/crates/notary/server/config/config.yaml).
1. Before running a notary server you need the following files. The default dummy fixtures are for testing only and should never be used in production.
1. Before running a notary server you need the following files. ⚠️ The default dummy fixtures are for testing only and should never be used in production.
| File | Purpose | File Type | Compulsory to change | Sample Command |
| ---------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------ | ---------------------------- | --------------------------------------------------------------------------------------------------------------------- |
| TLS private key | The private key used for the notary server's TLS certificate to establish TLS connections with provers | TLS private key in PEM format | Yes unless TLS is turned off | <Generated when creating CSR for your Certificate Authority, e.g. using [Certbot](https://certbot.eff.org/)> |
| TLS certificate | The notary server's TLS certificate to establish TLS connections with provers | TLS certificate in PEM format | Yes unless TLS is turned off | <Obtained from your Certificate Authority, e.g. [Let's Encrypt](https://letsencrypt.org/)> |
| Notary signature private key | The private key used for the notary server's signature on the generated transcript of the TLS sessions with provers | A K256 elliptic curve private key in PKCS#8 PEM format | Yes | `openssl genpkey -algorithm EC -out eckey.pem -pkeyopt ec_paramgen_curve:secp256k1 -pkeyopt ec_param_enc:named_curve` |
| Notary signature public key | The public key used for the notary server's signature on the generated transcript of the TLS sessions with provers | A matching public key in PEM format | Yes | `openssl ec -in eckey.pem -conv_form compressed -pubout -out eckey.pub` |
| File | Purpose | File Type | Compulsory to change | Sample Command |
----- | ------- | ------------------ | -------------------- | ------------- |
| TLS private key | The private key used for the notary server's TLS certificate to establish TLS connections with provers | TLS private key in PEM format | Yes unless TLS is turned off | <Generated when creating CSR for your Certificate Authority, e.g. using [Certbot](https://certbot.eff.org/)> |
| TLS certificate | The notary server's TLS certificate to establish TLS connections with provers | TLS certificate in PEM format | Yes unless TLS is turned off | <Obtained from your Certificate Authority, e.g. [Let's Encrypt](https://letsencrypt.org/)> |
| Notary signature private key | The private key used for the notary server's signature on the generated transcript of the TLS sessions with provers | A P256 elliptic curve private key in PKCS#8 PEM format | Yes | `openssl genpkey -algorithm EC -out eckey.pem -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve` |
| Notary signature public key | The public key used for the notary server's signature on the generated transcript of the TLS sessions with provers | A matching public key in PEM format | Yes | `openssl ec -in eckey.pem -pubout -out eckey.pub` |
2. Expose the notary server port (specified in the config file) on your server networking setting
3. Optionally one can turn on [authorization](https://github.com/tlsnotary/tlsn/tree/main/notary/server#authorization), or turn off [TLS](https://github.com/tlsnotary/tlsn/tree/main/notary/server#optional-tls) if TLS is handled by an external setup, e.g. reverse proxy, cloud setup
3. Optionally one can turn on [authorization](https://github.com/tlsnotary/tlsn/tree/main/crates/notary/server#authorization), or turn off [TLS](https://github.com/tlsnotary/tlsn/tree/main/crates/notary/server#optional-tls) if TLS is handled by an external setup, e.g. reverse proxy, cloud setup
## Using Cargo
@@ -38,24 +38,24 @@ source ~/.cargo/env
```bash
git checkout tags/<version>
```
5. To configure the [server setting](#configure-server-setting), please refer to the `Using Cargo` section in the repo's [readme](https://github.com/tlsnotary/tlsn/blob/main/notary/server/README.md#using-cargo)
5. To configure the [server setting](#configure-server-setting), please refer to the `Using Cargo` section in the repo's [readme](https://github.com/tlsnotary/tlsn/blob/main/crates/notary/server/README.md#using-cargo)
6. Run the server
```bash
cd tlsn/notary/server
cd crates/notary/server
cargo run --release
```
## Using Docker
1. Install docker following your preferred method [here](https://docs.docker.com/engine/install/ubuntu/)
2. To configure the [server setting](#configure-server-setting), please refer to the `Using Docker` section in the repo's [readme](https://github.com/tlsnotary/tlsn/blob/main/notary/server/README.md#using-docker)
2. To configure the [server setting](#configure-server-setting), please refer to the `Using Docker` section in the repo's [readme](https://github.com/tlsnotary/tlsn/blob/main/crates/notary/server/README.md#using-docker)
3. Run the notary server docker image of your desired version (⚠️ only prover of the same version is supported for now)
```bash
docker run --init -p 127.0.0.1:7047:7047 ghcr.io/tlsnotary/tlsn/notary-server:<version>
```
## API Endpoints
Please refer to the list of all HTTP APIs [here](./notary_server_api.html), and WebSocket APIs [here](https://github.com/tlsnotary/tlsn/tree/main/notary/server#websocket-apis).
Please refer to the list of all HTTP APIs [here](./notary_server_api.html), and WebSocket APIs [here](https://github.com/tlsnotary/tlsn/tree/main/crates/notary/server#websocket-apis).
## PSE Development Notary Server
@@ -65,12 +65,12 @@ The TLSNotary team hosts a public notary server for development, experimentation
We host multiple versions of the notary server:
| Version | Notary URL | Info/Status | GitHub | Note |
|---------------|---------------------------------------|----------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------|-----------------------------------------------|
| v0.1.0-alpha.6 | https://notary.pse.dev/v0.1.0-alpha.6 | [info](https://notary.pse.dev/v0.1.0-alpha.6/info)/[health](https://notary.pse.dev/v0.1.0-alpha.6/healthcheck) | [v0.1.0-alpha.6](https://github.com/tlsnotary/tlsn/tree/v0.1.0-alpha.6/notary/server) | [Release notes](https://github.com/tlsnotary/tlsn/releases/tag/v0.1.0-alpha.6) |
| v0.1.0-alpha.5 | https://notary.pse.dev/v0.1.0-alpha.5 | [info](https://notary.pse.dev/v0.1.0-alpha.5/info)/[health](https://notary.pse.dev/v0.1.0-alpha.5/healthcheck) | [v0.1.0-alpha.5](https://github.com/tlsnotary/tlsn/tree/v0.1.0-alpha.5/notary-server) | [Release notes](https://github.com/tlsnotary/tlsn/releases/tag/v0.1.0-alpha.5) |
| v0.1.0-alpha.4 | https://notary.pse.dev/v0.1.0-alpha.4 | [info](https://notary.pse.dev/v0.1.0-alpha.4/info)/[health](https://notary.pse.dev/v0.1.0-alpha.4/healthcheck) | [v0.1.0-alpha.4](https://github.com/tlsnotary/tlsn/tree/v0.1.0-alpha.4/notary-server) | [Release notes](https://github.com/tlsnotary/tlsn/releases/tag/v0.1.0-alpha.4) |
| nightly | https://notary.pse.dev/nightly | [info](https://notary.pse.dev/nightly/info)/[health](https://notary.pse.dev/nightly/healthcheck) | [dev](https://github.com/tlsnotary/tlsn/tree/dev/notary/server) | |
| Version | Notary URL | Info/Status | GitHub | Note |
| -------------- | ------------------------------------- | -------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------ |
| v0.1.0-alpha.7 | https://notary.pse.dev/v0.1.0-alpha.7 | [info](https://notary.pse.dev/v0.1.0-alpha.7/info)/[health](https://notary.pse.dev/v0.1.0-alpha.7/healthcheck) | [v0.1.0-alpha.7](https://github.com/tlsnotary/tlsn/tree/v0.1.0-alpha.7/crates/notary/server) | [Release notes](https://github.com/tlsnotary/tlsn/releases/tag/v0.1.0-alpha.7) |
| v0.1.0-alpha.6 | https://notary.pse.dev/v0.1.0-alpha.6 | [info](https://notary.pse.dev/v0.1.0-alpha.6/info)/[health](https://notary.pse.dev/v0.1.0-alpha.6/healthcheck) | [v0.1.0-alpha.6](https://github.com/tlsnotary/tlsn/tree/v0.1.0-alpha.6/notary/server) | [Release notes](https://github.com/tlsnotary/tlsn/releases/tag/v0.1.0-alpha.6) |
| v0.1.0-alpha.5 | https://notary.pse.dev/v0.1.0-alpha.5 | [info](https://notary.pse.dev/v0.1.0-alpha.5/info)/[health](https://notary.pse.dev/v0.1.0-alpha.5/healthcheck) | [v0.1.0-alpha.5](https://github.com/tlsnotary/tlsn/tree/v0.1.0-alpha.5/notary-server) | [Release notes](https://github.com/tlsnotary/tlsn/releases/tag/v0.1.0-alpha.5) |
| nightly | https://notary.pse.dev/nightly | [info](https://notary.pse.dev/nightly/info)/[health](https://notary.pse.dev/nightly/healthcheck) | [dev](https://github.com/tlsnotary/tlsn/tree/dev/crates/notary/server) | |
For more details on the deployment, refer to this [GitHub Action](https://github.com/tlsnotary/tlsn/blob/main/.github/workflows/cd-server.yml).
@@ -94,6 +94,10 @@ connect.garmin.com:443
uber.com:443
riders.uber.com:443
m.uber.com:443
wise.com:443
coinbase.com:443
accounts.coinbase.com:443
www.agoda.com:443
```
You can utilize this WebSocket proxy with the following syntax:
@@ -124,4 +128,4 @@ When running the Notary Server and WebSocket Proxy on Windows Subsystem for Linu
#### For Windows 11 22H2 and Later:
In newer versions of Windows (Windows 11 22H2 and above), networking has been simplified with the introduction of mirrored mode. This mode allows WSL instances to share the hosts network interface, eliminating the need for manual port forwarding configurations. You can enable mirrored mode as recommended by Microsoft [here](https://learn.microsoft.com/en-us/windows/wsl/networking#mirrored-mode-networking).
In newer versions of Windows (Windows 11 22H2 and above), networking has been simplified with the introduction of mirrored mode. This mode allows WSL instances to share the hosts network interface, eliminating the need for manual port forwarding configurations. You can enable mirrored mode as recommended by Microsoft [here](https://learn.microsoft.com/en-us/windows/wsl/networking#mirrored-mode-networking).

2
src/developers/notary_server_api.html
View File

@@ -15,7 +15,7 @@
<script>
window.onload = () => {
window.ui = SwaggerUIBundle({
url: 'https://raw.githubusercontent.com/tlsnotary/tlsn/main/notary/server/openapi.yaml#/',
url: 'https://raw.githubusercontent.com/tlsnotary/tlsn/main/crates/notary/server/openapi.yaml#/',
dom_id: '#swagger-ui',
});
};

18
src/quick_start/browser_extension.md
View File

@@ -10,7 +10,7 @@ The easiest way to install the TLSN browser extension is to use **[Chrome Web St
![](images/chromewebstore.png)
Alternatively, you can install it manually:
1. Download the browser extension from <https://github.com/tlsnotary/tlsn-extension/releases/download/0.1.0.5/tlsn-extension-0.1.0.5.zip>
1. Download the browser extension from <https://github.com/tlsnotary/tlsn-extension/releases/download/0.1.0.700/tlsn-extension-0.1.0.700.zip>
2. Unzip
⚠️ This is a flat zip file, so be careful if you unzip from the command line, this zip file contains many file at the top level
3. Open **Manage Extensions**: <chrome://extensions/>
@@ -36,9 +36,8 @@ To use the TLSnotary hosted proxy:
To run your own websockify proxy **locally**, run:
```sh
git clone https://github.com/novnc/websockify && cd websockify
./docker/build.sh
docker run -it --rm -p 55688:80 novnc/websockify 80 api.x.com:443
cargo install websocat./docker/build.sh
websocat --binary -v ws-l:0.0.0.0:55688 tcp:api.x.com:443
```
Note the `api.x.com:443` argument on the last line.
@@ -51,7 +50,7 @@ To create a TLSNotary proof, the browser extension needs a TLSNotary notary serv
To use the TLSNotary team notary server:
1. Open the extension
2. Click **Options**
3. Update Notary API to: `https://notary.pse.dev/v0.1.0-alpha.5`
3. Update Notary API to: `https://notary.pse.dev/v0.1.0-alpha.7`
4. Click **Save**
5. Skip the next section and [continue with the notarization step](#notarize)
@@ -68,9 +67,9 @@ If you plan to run a local notary server:
1. Clone the TLSNotary repository (defaults to the `main` branch, which points to the latest release):
```shell
git clone --branch v0.1.0-alpha.5 https://github.com/tlsnotary/tlsn.git
git clone https://github.com/tlsnotary/tlsn.git
```
2. Edit the notary server config file (`notary-server/config/config.yaml`) to turn off TLS so that the browser extension can connect to the local notary server without requiring extra steps to accept self-signed certificates in the browser.
2. Edit the notary server config file (`crates/notary/server/config/config.yaml`) to turn off TLS so that the browser extension can connect to the local notary server without requiring extra steps to accept self-signed certificates in the browser (⚠️ this is only for local development purposes — TLS must be used in production).
```yaml
tls:
enabled: false
@@ -78,7 +77,7 @@ If you plan to run a local notary server:
```
3. Run the notary server:
```shell
cd notary-server
cd crates/notary/server
cargo run --release
```
@@ -111,7 +110,8 @@ If you use the hosted notary server, notarization will take multiple seconds. Yo
When the notarization is ready, you can click **View Proof**. If you did close the UI, you can find the proof by clicking **History** and **View Proof**.
<img width="477" src="images/extension_history.png">
You also have the option to download the proof. You can view this proof later by using the **Verify** button or via <https://explorer.tlsnotary.org/>. You can get the Notary public key by visiting the Notary API specified [above](#notary-server).
<!-- TODO -->
<!-- You also have the option to download the proof. You can view this proof later by using the **Verify** button or via <https://explorer.tlsnotary.org/>. You can get the Notary public key by visiting the Notary API specified [above](#notary-server). -->
## Troubleshooting

175
src/quick_start/rust.md
View File

@@ -11,7 +11,7 @@ Before we start, make sure you have cloned the `tlsn` repository and have a rece
Clone the `tlsn` repository (defaults to the `main` branch, which points to the latest release):
```shell
git clone https://github.com/tlsnotary/tlsn.git"
git clone https://github.com/tlsnotary/tlsn.git
```
Next open the `tlsn` folder in your favorite IDE.
@@ -31,19 +31,17 @@ source "$HOME/.cargo/env"
## Simple Example: Notarizing Public Data from example.com <a name="rust-simple"></a>
We will start with the simplest possible use case for TLSNotary:
1. Notarize: Fetch <https://example.com/> and create a proof of its content.
2. Verify the proof.
3. Redact the `USER_AGENT` and titles.
4. Verify the redacted proof.
This example demonstrates the simplest possible use case for TLSNotary:
1. Fetch <https://example.com/> and acquire an attestation of its content.
2. Create a verifiable presentation using the attestation, while redacting the value of a header.
3. Verify the presentation.
### 1. Notarize <https://example.com/>
Run a simple prover:
Run the `prove` binary:
```shell
cd tlsn/examples/simple
cargo run --release --example simple_prover
cd crates/examples/attestation
cargo run --release --example attestation_prove
```
If the notarization was successful, you should see this output in the console:
@@ -52,75 +50,79 @@ If the notarization was successful, you should see this output in the console:
Starting an MPC TLS connection with the server
Got a response from the server
Notarization completed successfully!
The proof has been written to `simple_proof.json`
The attestation has been written to `example.attestation.tlsn` and the corresponding secrets to `example.secrets.tlsn`.
```
If you want to see more details, you can run the prover with extra logging:
```shell
RUST_LOG=DEBUG,uid_mux=INFO,yamux=INFO cargo run --release --example simple_prover
RUST_LOG=DEBUG,uid_mux=INFO,yamux=INFO cargo run --release --example attestation_prove
```
### 2. Verify the Proof
⚠️ In this simple example the `Notary` server is automatically started in the background. Note that this is for demonstration purposes only. In a real world example, the notary should be run by a trusted party. Consult the [Notary Server Docs](https://docs.tlsnotary.org/developers/notary_server.html) for more details on how to run a notary server.
When you open `simple_proof.json` in an editor, you will see a JSON file with lots of non-human-readable byte arrays. (Note: The plaintext is included, in byte array form. ) You can verify this file and create a human-friendly output by running:
### 2. Build a verifiable presentation
This will build a verifiable presentation with the `User-Agent` header redacted from the request. This presentation can be shared with any verifier you wish to present the data to.
Run the `present` binary.
```shell
cargo run --release --example simple_verifier
cargo run --release --example attestation_present
```
This will output the TLS-transaction in clear text:
If successful, you should see this output in the console:
```log
Successfully verified that the bytes below came from a session with Dns("example.com") at 2023-11-03 08:48:20 UTC.
Note that the bytes which the Prover chose not to disclose are shown as X.
Presentation built successfully!
The presentation has been written to `example.presentation.tlsn`.
```
Bytes sent:
### 3. Verify the presentation
This will read the presentation from the previous step, verify it, and print the disclosed data to console.
Run the `verify` binary.
```shell
cargo run --release --example attestation_verify
```
If successful, you should see this output in the console:
```log
Verifying presentation with {key algorithm} key: { hex encoded key }
**Ask yourself, do you trust this key?**
-------------------------------------------------------------------
Successfully verified that the data below came from a session with example.com at 2024-10-03 03:01:40 UTC.
Note that the data which the Prover chose not to disclose are shown as X.
Data sent:
...
```
### 3. Redact Information
⚠️ Notice that the presentation comes with a "verifying key". This is the key the Notary used when issuing the attestation that the presentation was built from. If you trust the Notary, or more specifically the verifying key, then you can trust that the presented data is authentic.
Open `tlsn/examples/simple/simple_prover.rs` and locate the line with:
```rust
let redact = false;
```
and change it to:
```rust
let redact = true;
```
Next, if you run the `simple_prover` and `simple_verifier` again, you'll notice redacted `X`'s in the output:
```shell
cargo run --release --example simple_prover
cargo run --release --example simple_verifier
```
```log
<!doctype html>
<html>
<head>
<title>XXXXXXXXXXXXXX</title>
...
```
You can also use <https://explorer.tlsnotary.org/> to inspect your proofs. Open <https://explorer.tlsnotary.org/> and drag and drop `simple_proof.json` from your file explorer into the drop zone. [Notary public key](https://github.com/tlsnotary/tlsn/blob/main/notary/server/fixture/notary/notary.pub)
<!-- TODO: when explorer is updated -->
<!--
You can also use <https://explorer.tlsnotary.org/> to inspect your proofs. Open <https://explorer.tlsnotary.org/> and drag and drop `example.presentation.tlsn` from your file explorer into the drop zone. [Notary public key](https://github.com/tlsnotary/tlsn/blob/main/crates/notary/server/fixture/notary/notary.pub)
![Proof Visualization](images/explorer.png)
Redacted bytes are marked with `X` characters.
![Proof Redacted](images/explorer_redacted.png)
-->
### (Optional) Extra Experiments
<!-- TODO: interactive verifier (p2p) example -->
<!-- ### (Optional) Extra Experiments
Feel free to try these extra challenges:
- [ ] Modify the `server_name` (or any other data) in `simple_proof.json` and verify that the proof is no longer valid.
- [ ] Modify the `build_proof_with_redactions` function in `simple_prover.rs` to redact more or different data.
- [ ] Modify the `build_proof_with_redactions` function in `simple_prover.rs` to redact more or different data. -->
## Notarizing Private Information: Discord Message<a name="rust-discord"></a>
@@ -132,17 +134,17 @@ We will also use an explicit (locally hosted) notary server this time.
The notary server used in this example is more functional compared to the (implicit) simple notary service used in the example above. This notary server should actually be run by the Verifier or a neutral party. To make things simple, we run everything on the same machine.
1. Edit the notary server config file (`notary/server/config/config.yaml`) to turn off TLS so that self-signed certificates can be avoided.
1. Edit the notary server config file (`crates/notary/server/config/config.yaml`) to turn off TLS so that self-signed certificates can be avoided (⚠️ this is only for local development purposes — TLS must be used in production).
```yaml
tls:
enabled: false
...
```
2. Run the notary server:
```shell
cd notary/server
cargo run --release
```
```shell
cd crates/notary/server
cargo run --release
```
The notary server will now be running in the background waiting for connections.
@@ -174,52 +176,51 @@ You can find the `CHANNEL_ID` directly in the URL:
![Discord Authentication Token](./images/discord_authentication_token.png)
### 3. Create the proof
### 3. Notarize
In this tlsn/examples/discord folder, run the following command:
Next, run the `discord_dm` example to generate a proof:
```shell
cd tlsn/tlsn/examples/discord
RUST_LOG=debug,uid_mux=INFO,yamux=info cargo run --release --example discord_dm
```sh
RUST_LOG=DEBUG,uid_mux=INFO,yamux=INFO cargo run --release --example discord_dm
```
If everything goes well, you should see this output:
If everything goes well, you should see output similar to the following:
```log
...
2023-11-03T15:53:51.147732Z DEBUG discord_dm: Notarization complete!
2024-06-26T08:49:47.017439Z DEBUG connect:tls_connection: tls_client_async: handshake complete
2024-06-26T08:49:48.676459Z DEBUG connect:tls_connection: tls_client_async: server closed connection
2024-06-26T08:49:48.676481Z DEBUG connect:commit: tls_mpc::leader: committing to transcript
2024-06-26T08:49:48.676503Z DEBUG connect:tls_connection: tls_client_async: client shutdown
2024-06-26T08:49:48.676466Z DEBUG discord_dm: Sent request
2024-06-26T08:49:48.676550Z DEBUG discord_dm: Request OK
2024-06-26T08:49:48.676598Z DEBUG connect:close_connection: tls_mpc::leader: closing connection
2024-06-26T08:49:48.676613Z DEBUG connect: tls_mpc::leader: leader actor stopped
2024-06-26T08:49:48.676618Z DEBUG discord_dm: [
{
"attachments": [],
...
"channel_id": "1154750485639745567",
...
}
]
2024-06-26T08:49:48.678621Z DEBUG finalize: tlsn_prover::tls::notarize: starting finalization
2024-06-26T08:49:48.680839Z DEBUG finalize: tlsn_prover::tls::notarize: received OT secret
2024-06-26T08:49:50.004432Z INFO finalize:poll{role=Client}:handle_shutdown: uid_mux::yamux: mux connection closed
2024-06-26T08:49:50.004448Z INFO finalize:poll{role=Client}: uid_mux::yamux: connection complete
2024-06-26T08:49:50.004583Z DEBUG discord_dm: Notarization complete!
```
The Notary server should log:
```log
2023-11-03T15:53:46.540247Z DEBUG main ThreadId(01) run_server: notary_server::server: Received a prover's TCP connection prover_address=127.0.0.1:56631
...
2023-11-03T15:53:46.542261Z DEBUG tokio-runtime-worker ThreadId(10) notary_server::service: Starting notarization... session_id="006b3293-8fba-44ac-8692-41daa47e4a9a"
...
2023-11-03T15:53:51.147074Z INFO tokio-runtime-worker ThreadId(10) notary_server::service::tcp: Successful notarization using tcp! session_id="006b3293-8fba-44ac-8692-41daa47e4a9a"
```
If the transcript was too long, you may encounter the following error. This occurs because there is a default limit of notarization size to 20KB:
```log
thread 'tokio-runtime-worker' panicked at 'called `Result::unwrap()` on an `Err` value: IOError(Custom { kind: InvalidData, error: BackendError(DecryptionError("Other: KOSReceiverActor is not setup")) })', /Users/heeckhau/tlsnotary/tlsn/tlsn/tlsn-prover/src/lib.rs:173:50
```
The Discord example code redacts the `auth_token`, but feel free to change the redacted regions.
The proof is written to `discord_dm_proof.json`.
### Verify
<!-- TODO: update explorer -->
<!-- ### Verify
Verify the proof by dropping the JSON file into <https://explorer.tlsnotary.org/> or by running:
```shell
cargo run --release --example discord_dm_verifier
```
``` -->
🍾 Great job! You have successfully used TLSNotary in Rust.
<!--
### (Optional) Notarize More Private Data
If the examples above were too easy for you, try to notarize data from other websites such as:
@@ -230,4 +231,4 @@ If the examples above were too easy for you, try to notarize data from other web
- [ ] Steam accomplishment
- [ ] Garmin Connect achievement
- [ ] AirBnB score
- [ ] Tesla ownership
- [ ] Tesla ownership -->

22
src/quick_start/tlsn-js.md
View File

@@ -22,13 +22,13 @@ In this demo, we will request JSON data from the Star Wars API at <https://swapi
```
3. Checkout the version of this Quick Start:
```sh
git checkout 1415792f9ea3
git checkout v0.1.0-alpha.7
```
4. If you want to use a local TLSNotary server: [Run a local notary server and websocket proxy](#local), otherwise:
1. Open `app.tsx` in your favorite editor.
2. Replace `notaryUrl: 'http://localhost:7047',` with:
```ts
notaryUrl: 'https://notary.pse.dev/v0.1.0-alpha.5',
notaryUrl: 'https://notary.pse.dev/v0.1.0-alpha.7',
```
This makes this webpage use the [PSE](https://pse.dev) notary server to notarize the API request. Feel free to use different or [local notary](#local); a local server will be faster because it removes the bandwidth constraints between the user and the notary.
3. Replace `websocketProxyUrl: 'ws://localhost:55688',` with:
@@ -38,7 +38,7 @@ In this demo, we will request JSON data from the Star Wars API at <https://swapi
Because a web browser doesn't have the ability to make TCP connection, we need to use a websocket proxy server. This uses a proxy hosted by [PSE](https://pse.dev). Feel free to use different or [local notary](#local) proxy.
4. In `package.json`: check the version number:
```json
"tlsn-js": "v0.1.0-alpha.5.0"
"tlsn-js": "v0.1.0-alpha.7"
```
5. Install dependencies
```sh
@@ -61,11 +61,13 @@ The instructions above, use the [PSE](https://pse.dev) hosted notary server and
Since a web browser doesn't have the ability to make TCP connection, we need to use a websocket proxy server.
Run your own websockify proxy **locally**:
1. Install [websocat](https://github.com/vi/websocat):
```shell
cargo install websocat
```
2. Run a websocket proxy for `https://swapi.dev`:
```sh
git clone https://github.com/novnc/websockify && cd websockify
./docker/build.sh
docker run -it --rm -p 55688:80 novnc/websockify 80 swapi.dev:443
websocat --binary -v ws-l:0.0.0.0:55688 tcp:swapi.dev:443
```
Note the `swapi.dev:443` argument on the last line, this is the server we will use in this quick start.
@@ -76,16 +78,16 @@ For this demo, we also need to run a local notary server.
1. Clone the TLSNotary repository (defaults to the `main` branch, which points to the latest release):
```sh
git clone --branch v0.1.0-alpha.5 https://github.com/tlsnotary/tlsn.git
git clone https://github.com/tlsnotary/tlsn.git
```
2. Edit the notary server config file (`notary-server/config/config.yaml`) to turn off TLS so that self-signed certificates can be avoided.
2. Edit the notary server config file (`crates/notary/server/config/config.yaml`) to turn off TLS so that self-signed certificates can be avoided (⚠️ this is only for local development purposes — TLS must be used in production).
```yaml
tls:
enabled: false
```
3. Run the notary server:
```sh
cd notary-server
cd crates/notary/server
cargo run --release
```