tlsnotary/notary-server
1
0
Fork 0
mirror of https://github.com/tlsnotary/notary-server.git synced 2026-01-09 12:37:56 -05:00
Code Issues Packages Projects Releases 1 Wiki Activity
31 Commits 8 Branches 2 Tags
NS-2_http_websocket_experiment
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Christopher Chong a1fb418ef5 Refactor and fix documentations.
2023-08-11 19:14:35 +08:00
.github/workflows
Fix span logging, github actions.
2023-07-05 16:47:11 +08:00
src
Refactor and fix documentations.
2023-08-11 19:14:35 +08:00
tests
Refactor and fix documentations.
2023-08-11 19:14:35 +08:00
.gitignore
Setup repo.
2023-06-27 00:59:19 +08:00
Cargo.toml
Finish websocket handler and test.
2023-08-03 18:29:35 +08:00
config.yaml
Fix PR based on comments.
2023-08-09 23:46:31 +08:00
openapi.yaml
Refactor and fix documentations.
2023-08-11 19:14:35 +08:00
README.md
Refactor and fix documentations.
2023-08-11 19:14:35 +08:00

README.md

CI

notary-server

An implementation of the notary server in Rust.

⚠️ Notice

This project is currently under active development and should not be used in production. Expect bugs and regular major breaking changes.

Running the server

  1. Configure the server setting in this file — refer here for more information on the definition of the setting parameters.
  2. Start the server by running following in a terminal at the top level of this project.
cargo run
  1. To use a config file from a different location, run the following command to override the default config file location.
cargo run -- --config-file <path-to-new-config-file>

API

All APIs are TLS-protected, hence please use https:// or wss://.

HTTP APIs

Defined in the OpenAPI specification.

WebSocket APIs

/notarize

Description

To perform notarization using the session id (unique id returned upon calling the /session endpoint successfully) submitted as a custom header.

Custom Header

X-Session-Id

Custom Header Type

String

Architecture

Objective

The main objective of a notary server is to perform notarization together with a prover. In this case, the prover can either be

  1. TCP client — which has access and control over the transport layer, i.e. TCP
  2. WebSocket client — which has no access over TCP and instead uses WebSocket for notarization

Design Choices

Web Framework

Axum is chosen as the framework to serve HTTP and WebSocket requests from the prover clients due to its rich and well supported features, e.g. native integration with Tokio/Hyper/Tower, customizable middleware, ability to support lower level integration of TLS (example). To simplify the notary server setup, a single Axum router is used to support both HTTP and WebSocket connections, i.e. all requests can be made to the same port of the notary server.

Notarization Configuration

To perform notarization, some parameters need to be configured by the prover and notary server (more details in the OpenAPI specification), i.e.

  • maximum transcript size
  • unique session id

To streamline this process, a single HTTP endpoint (/session) is used by both TCP and WebSocket clients.

WebSocket

Axum's internal implementation of WebSocket uses tokio_tungstenite, which provides a WebSocket struct that doesn't implement AsyncRead and AsyncWrite. Both these traits are required by TLSN core libraries for prover and notary. To overcome this, a slight modification of Axum's implementation of WebSocket is used, where async_tungstenite is used instead so that ws_stream_tungstenite can be used to wrap on top of the WebSocket struct to get AsyncRead and AsyncWrite implemented.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 251 KiB
Languages
Rust 97.1%
Dockerfile 2.9%