Skip to content

Releases: summitto/ProveThis

v0.1.0

16 Aug 09:33
@rockhouse rockhouse
v0.1.0
b07908e
Compare
Choose a tag to compare
v0.1.0 Pre-release
Pre-release

ProveThis is desktop client, which requires a backend. It can be found at https://github.com/summitto/tlsnotaryserver.

For convenience of demonstration, the prebuilt release was configured to use our the backend on our server. See README.md for building this client from scratch and configuring the backend. See the backend URL for building and using the server.

Please be aware that you need to install the Python libraries on macOS with the Apple provided python3 implementation not the one from a package manager e.g. homebrew. You also need to install the ecdsa python package (pip3 install ecdsa in the Terminal/console)

When launched, the app will check that your environment is configured correctly. It will check that you have Circom 2.1.5 (you can follow their guide) and Python 3 installed. You will see a screen for configuring paths to these tools.

Required tools configuration screen

Python is used to prepare some input files and perform AES tag verification. Circom is a Circom circuit compiler used to create R1CS for zero-knowledge proofs.

Once the tools are configured, you'll see the main screen with bank selection.

Bank selection screen

You'll see the selected bank's login page. After you log in with your credentials, you'll see a screen with account selection.

After you select an account, you'll see a list of transactions on that account that ProveThis could find. Note that it's possible you will not see all of the transaction you can see in your bank's app.

Not all of the transactions can be proven in ProveThis. If a transaction doesn't have a counterparty account number in the API, it cannot be proven. Some examples of such transactions are Apple Pay and iDEAL transactions. It also depends on the merchant's payment processor. For example, in the case of ABN Amro, payment terminal transactions don't have counterparty account numbers so they cannot be proven. In the case of BUNQ, only finalised transactions will be visible.

Transaction selection

Proving

First, ProveThis will notarize an HTTP request, which returns the transaction you selected.

Based on the notarized transaction, ProveThis generates Circom circuits for ZK proofs and compiles them. Depending on the size of the text for proving, this can take a couple of minutes.

Compiling circuits

Then it computes zero-knowledge witness and downloads keys of needed size from the server. Depending on your network connection and the size of the text for proving, this can take a while.

Downloading keys

Then it performs a network-heavy multi-party computation to prepare for AES tag verification. This will take a couple of minutes and >1 GB of network traffic.

Preparing tag verification

Then it creates a zero-knowledge proof of the transaction. The proof includes the cleartext part of the HTTP response, which contains the transaction in whatever format the bank sends it. This step should take less than a minute and can vary depending on the size of the proven text.

Proving transaction

This is the last step. ProveThis will open system dialog to select the directory for the output.

Proof output

The last screen contains these things:

  • location of the proof artefacts
  • AES tag verification signature, which can be verified using the content of ciphertext.bin as data, and backend's signing key at http://51.89.97.117:10011/signing-key.pem using prime256v1 SHA-256 ECDSA.
  • proven cleartext
Assets 4