TLSNotary
Proof of data authenticity
Export data from any web application and prove facts about it without compromising on privacy.
What can TLSNotary do?
With TLSNotary, you can create cryptographic proofs of authenticity for any data on the web, even your private data. Using our protocol you can securely prove:
Is it secure?
One may assume that TLSNotary requires a “man-in-the-middle” setup where the Notary snoops on the connection with the webserver. Fortunately, this is not true! Data is kept private even from the Notary.
See below for more details on how it works.
What's the catch?
TLSNotary does require a trust assumption. A Verifier of a proof must trust that the Notary did not collude with the Prover to forge it. This trust can be minimized by requiring multiple proofs each signed by different Notaries.
In some applications the Verifier can act as the Notary themselves, which allows for fully trustless proofs!
How it works
TLSNotary leverages the ubiquitous TLS (Transport Layer Security) protocol to securely and privately prove a transcript of communications took place with a webserver.
At the core of the TLSNotary protocol is dividing TLS session keys between two parties (Client and Notary) and then using secure two-party computation (2PC) to encrypt and authenticate requests from the Client to a TLS-enabled webserver.
During the protocol neither the Client nor Notary are in posession of the full TLS session keys, they only know their shares of those keys. This preserves the security assumptions of TLS while at the same time allows the Client to prove to the Notary the authenticity of the transcript.
This is all achieved with full privacy. The Notary is never aware of which webserver is being queried, nor do they ever see the unencrypted communications.
Furthermore, our protocol is transparent to the webserver. In fact, the webserver is never aware that this process took place.
We're rebuilding the protocol from the ground up.
Below are some development goals on our roadmap:
