5a3a844527
* Add plugin permission control system - Add RequestPermission interface to plugin-sdk types - Extend PluginConfig with requests[] and urls[] permission arrays - Create permissionValidator.ts with validation functions: - validateProvePermission() for prove() calls - validateOpenWindowPermission() for openWindow() calls - deriveProxyUrl() for automatic proxy URL derivation - matchesPathnamePattern() using URLPattern API - Update SessionManager to validate permissions before execution - Update ConfirmationManager to pass permissions to popup - Update ConfirmPopup UI to display network and URL permissions - Add URLPattern type declaration to global.d.ts - Update demo plugins (twitter.js, swissbank.js) with permissions - Add comprehensive tests for permission validation - Add Chrome Web Store listing documentation * Fix lint --------- Co-authored-by: Hendrik Eeckhaut <hendrik@eeckhaut.org>
This folder contains a basic demo for running TLSNotary plugins.
The demo needs the TLSNotary extension to run the plugins in your browser.
In this demo, the plugins prove data from a server (e.g. Twitter). Of course you will also need the verifier counterpart. In this demo we will use the verifier server from the packages/verifier folder.
Prerequisites:
- Chromium browser
- internet connection
To run this demo:
- Install the browser extension
- Launch the verification server
- A web socket proxy
- Launch the demo
1. Install the browser extension
Install from the Google Web Store
TODO
Build from source
- In this repository's main folder, run:
This builds the extension in the
npm ci npm run buildpackages/extension/build/folder. - Next load the extension in Chrome:
- Navigate to
chrome://extensions/ - Enable Developer mode toggle (top right)
- Click Load unpacked
- Select the
packages/extension/build/folder The extension is now installed
- Navigate to
2. Launch the verifier server
Launch the verifier server
cd packages/verifier
cargo run --release
3. Websocket proxy
In the TLSNotary protocol the prover connects directly to the server serving the data. The prover sets up a TCP connection and to the server this looks like any other connection. Unfortunately, browsers do not offer the functionally to let browser extensions setup TCP connections. A workaround is to connect to a websocket proxy that sets up the TCP connection instead.
You can use the websocketproxy hosted by the TLSNotary team, or run your own proxy:
- TLSNotary proxy:
wss://notary.pse.dev/proxy?token=host, - Run a local proxy:
- Install wstcp:
cargo install wstcp- Run a websocket proxy for
https://<host>:
wstcp --bind-addr 127.0.0.1:55688 <host>:443
4. Launch the demo
Run the demo with npm run demo from the repository root, or run it with docker using npm run docker:up.
Manual Setup
If you want to run the scripts manually:
cd packages/demo
./generate.sh && ./start.sh
The demo uses two scripts:
generate.sh- Generates plugin files with configured verifier URLsstart.sh- Starts Docker Compose services
Environment Variables
Configure for different environments:
# Local development (default)
./generate.sh && ./start.sh
# Production with SSL
VERIFIER_HOST=verifier.tlsnotary.org SSL=true ./generate.sh
./start.sh
You can now open the demo by opening http://localhost:8080 in your browser with the TLSNotary extension