Skip to content

Libraries and binaries for running witnesses for verifiable logs

License

Notifications You must be signed in to change notification settings

transparency-dev/witness

Repository files navigation

Witness

Go Reference Go Report Card OpenSSF Scorecard Slack Status

Overview

This repository contains libraries and binaries for running witnesses. A witness verifies that logs are evolving in an append-only manner and counter-signs checkpoints that represent an append-only evolution from any previously witnessed checkpoints. These witnessed checkpoints can be consumed by clients that want protection against split-views.

Users wishing to run this should start with the OmniWitness.

API

The witness is an HTTP service that stores checkpoints it has seen from different verifiable logs in a sqlite database. This is a very lightweight way to help detect or even prevent split-view attacks.

The witness provides three API endpoints (as defined in api/http.go):

  • /witness/v0/logs returns a list of all logs for which the witness is currently storing a checkpoint.
  • /witness/v0/logs/<logid>/update acts to update the checkpoint stored for logid.
  • /witness/v0/logs/<logid>/checkpoint returns the latest checkpoint for logid, signed by the witness.

Running the witness

Most users wanting to run a witness will simply deploy the OmniWitness, which is preconfigured to witness all known logs using the checkpoint format.

Support

About

Libraries and binaries for running witnesses for verifiable logs

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published