-
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: initialise mdbook for documentation
- Loading branch information
1 parent
d8e74ea
commit c8a8092
Showing
36 changed files
with
626 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| [book] | ||
| authors = ["distractedm1nd", "sebasti810"] | ||
| language = "en" | ||
| multilingual = false | ||
| src = "src" | ||
| title = "prism-doc" | ||
|
|
||
| [preprocessor.katex] | ||
| after = ["links"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| # Prism: A Publicly Verifiable Key-Transparency Solution | ||
|
|
||
|  | ||
|
|
||
| We're excited to announce Prism, the first truly-private messaging platform and an authentication layer for all digital communications. Prism doesn't only enable private chats, it gives users control over their digital identities, and increases security in everyday interactions on the internet. | ||
|
|
||
| Prism removes the need for trust in any server or app, giving users the certainty they're interacting with the right person, app, or website through transparent authentication. | ||
|
|
||
| ## The Encryption Myth | ||
|
|
||
| Despite being end-to-end encrypted (an essential security feature in every communication protocol), Signal, WhatsApp, iMessage, are not as secure as we've been led to believe. | ||
| At its core, E2EE allows gated access for the sender and receiver to read messages inside a conversation, while anyone else, including the app provider, is locked out (in principle, at least). | ||
|
|
||
| But E2EE isn't perfect. It hinges on the trust assumption you're communicating with the person you think is on the other side - a foundation for backdoors and hacks. | ||
|
|
||
| ## The 'Trust-Assumption' Virus | ||
|
|
||
| Each of these apps uses its own key directory, which typically relies on a single authority to establish channels and ensure the integrity of all communications inside the protocol. | ||
|
|
||
| Signal, an example hailed as the gold standard of private communication, can't read users' messages due to end-to-end encryption, but lacks cryptographic guarantees and verifiability through its key management method. This tradeoff creates a potential vulnerability as the integrity of the key exchange can be compromised (through a hack, or compliance with government intervention) without users' knowledge. | ||
|
|
||
| Specifically, it makes these systems vulnerable to a 'man-in-the-middle attack' (MITM) - in which an unverified 3rd party intercepts a conversation without either party being aware, by sending messages inside a chat and pretending to be the person on the other side. In case you wonder how close it is to reality - back in 2016, the UK government proposed [GHOST](https://theconversation.com/u-k-proposal-to-bcc-law-enforcement-on-messaging-apps-threatens-global-privacy-118142), a protocol designed to integrate with popular messaging apps, designed to achieve the same goal of a MITM attack. | ||
|
|
||
| In the physical world, you have control over your identity. You choose what to share, when to share it, and with whom. Online? Your identity is fragmented across dozens of services, each with its own agenda. You're not the user; you're the product. Your digital self is bought, sold, and manipulated without your knowledge or consent. Governments around the world are leveraging the digital revolution to create unprecedented systems of mass surveillance. From China's "Great Firewall" to the NSA's global data collection programs, our online activities are under constant scrutiny. The line between public and private has been blurred beyond recognition. | ||
|
|
||
| ## The achilles heel of E2EE | ||
|
|
||
| To escape criticism around key transparency, Signal and iMessage have introduced their own solutions to allow users to verify their contacts by scanning a QR code or comparing numbers from their screen in person or via a phone call. | ||
|
|
||
| While this sounds straightforward, in reality, only [14%](https://www.usenix.org/conference/soups2017/technical-sessions/presentation/vaziripour) of users manage to navigate this on their own. Even with guidance, it takes an average of over 7 minutes to complete, with most users still not fully grasping its purpose. | ||
|
|
||
| It's proven - self authentication is a broken user experience. | ||
|
|
||
| ## Introducing Prism: A New Era for Private Communication | ||
|
|
||
| Prism introduces a new standard in key transparency through open-source, verifiable computation. | ||
|
|
||
| The Prism tech stack provides robust verifiable encryption through the best of web3. At its core, it leverages zkSNARKs as proofs for key certifications, allowing succinct and verifiable authentication. Prism proofs are posted directly on [Celestia](https://celestia.org)'s decentralized data availability layer, guaranteeing data accessibility and integrity. Light nodes play a crucial role in Prism by verifying proofs at scale, allowing for efficient verification across the network. | ||
|
|
||
| Prism is web2 friendly from day 1 with WASM compatibility, allowing existing messaging applications to upgrade their key transparency easily. | ||
|
|
||
| ## Why you should care | ||
|
|
||
| Beyond messaging apps, Prism opens doors to potential improvements in nascent technologies and challenges in today's web. We envision a system for transparent, seamless authentication, where every human, website, app or other digital property is verified on a blockchain. | ||
| Prism's verifiable encryption standard opens up possibilities for secure communication across various digital platforms, which can enable exciting use cases like: | ||
|
|
||
| 1. A user controlled global identity layer | ||
| 2. Keystore Rollups - allowing users to securely store and manage their cryptographic keys across multiple chains | ||
| 3. A sandbox environment for testing Trusted Execution Environment (TEE) trust assumptions, ensuring even the most advanced security features are bulletproof. | ||
| 4. A new trustless, decentralized model for web certificate authority and public key infrastructure (PKI) systems. | ||
|
|
||
| Welcome to a new era of digital privacy, where the only person listening is the one you're talking to. | ||
|
|
||
| ## Getting started | ||
|
|
||
| We will introduce some basic concepts of cryptography that are essential for understanding the content. For more information and deeper explanations, we will provide links to relevant literature and texts. If you encounter errors or have suggestions for improvement, please feel free to [contact us](/contact). | ||
|
|
||
| [See the bib](/paper) | ||
|
|
||
| [Quickstart](/quickstart) | ||
|
|
||
| [Architecture](/architecture) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| # Summary | ||
|
|
||
| * [Introduction](README.md) | ||
| * [Prism Quickstart](quickstart.md) | ||
| * [Development Status](state.md) | ||
| * [Architecture](architecture.md) | ||
| * [Account Sources](labels.md) | ||
| * [Datastructures](datastructures.md) | ||
| * [Insert and Updates](insert-update-proofs.md) | ||
| * [Introduction to Cryptography](./explainers/crypto-intro/intro.md) | ||
| * [Symmetric Encryption](./explainers/crypto-intro/symmetric.md) | ||
| * [Asymmetric Encryption](./explainers/crypto-intro/asymmetric.md) | ||
| * [Hybrid Encryption](./explainers/crypto-intro/hybrid.md) | ||
| * [Hash Functions](./explainers/crypto-intro/hash-functions.md) | ||
| * [Merkle Trees](./explainers/crypto-intro/merkle-trees.md) | ||
| * [Merkle Proofs](merkle-proofs.md) | ||
| * [Zero Knowledge Proofs (Informal)](informal-zkps.md) | ||
| * [Zero Knowledge Proofs (Basics)](zkp-basics.md) | ||
| * [Resources](resources.md) | ||
| * [Paper](papers.md) | ||
| * [Books](books.md) | ||
| * [Other Resources](other-resources.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Architecture | ||
|
|
||
| We operate as a based rollup on Celestia. The SNARKs are posted to one namespace, and the operations are posted to a secondary namespace, enabling full nodes. This architecture is designed to be trust-minimized and censorship-resistant. | ||
|
|
||
| The sequencer is a partially unprivileged sequencer: while anybody can post update operations to the base layer, account creations must be signed by the sequencer. This is a temporary measure discussed in [adr-002 (Account Sources)](https://github.com/deltadevsde/prism/blob/main/adr/adr-002-create-account-op.md). | ||
|
|
||
| Light nodes verify the state by downloading and verifying the SNARKs posted to Celestia. There is currently no P2P overlay for the Prism network. | ||
|
|
||
| 1. An epoch is defined by the valid operations posted to the namespace in the previous Celestia block. | ||
| 2. Services can replicate the state by running a full node, to serve their own stack and not rely on the liveness of the sequencer. | ||
| 3. Enables future prover decentralization (perhaps with a prover marketplace). | ||
| 4. Censorship resistance (updates can be posted directly to the DA layer). | ||
|  |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Books | ||
|
|
||
| Here is a list of books for further reading. We will update the list continuously and are grateful for new suggestions. | ||
|
|
||
| ### Free Books | ||
|
|
||
| - [Barak - An intensive introduction to cryptography](https://files.boazbarak.org/crypto/lnotes_book.pdf) | ||
| - [Boneh, Shoup - A Graduate Course in Applied Cryptography](http://toc.cryptobook.us/) | ||
| - [Rosulek - The Joy of Cryptography](https://joyofcryptography.com/) | ||
| - [Thaler - Proofs, Arguments and Zero-Knowledge](https://people.cs.georgetown.edu/jthaler/ProofsArgsAndZK.pdf) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| # Chapter 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # Asymmetric encryption | ||
|
|
||
| Asymmetric encryption, also known as public-key encryption, is a method of encrypting data that uses two different keys for the encryption and decryption process. These keys are known as the public key and the private key. The public key is shared openly and can be used by anyone to encrypt data, while the private key is kept secret and is used to decrypt the data. | ||
|
|
||
| In a typical scenario, when someone wants to send a secure message to another person, they would use the recipient's public key to encrypt the message. Once the message is encrypted, it can only be decrypted by someone who has the corresponding private key, which should be the intended recipient. | ||
|
|
||
| This encryption method provides several advantages over symmetric encryption, such as enhanced security due to the separation of encryption and decryption keys, and easier key distribution since only the public key needs to be shared. However, asymmetric encryption is generally slower than symmetric encryption due to the complexity of the algorithms involved. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Hash functions | ||
|
|
||
| A hash function can be conceptualized as a black box with an input and an output. This black box transforms an input, of arbitrary length, into a fixed-size string. One of the most widely recognized hash functions is the SHA256 hash function, which maps an input to a 256-bit string output. Hash functions must satisfy certain critical requirements: | ||
|
|
||
| - Hash functions should be **collision resistant**. That is, for each input there should be a unique output. This is theoretically impossible, as there are infinitely many potential inputs and, regardless of the number of bits used in the output, it is impossible to represent an infinite number of inputs. However, it is possible to ensure that it is computationally infeasible to create collisions in practice. For instance, if we hash the strings "Andrea" and "Andreas," the resulting outputs are as follows: | ||
| H(Andrea) = **253387e...ba0dc32** | ||
| H(Andreas) = **9eea624...27051c8** | ||
| Changing even one letter in the input results in an unpredictable change in the entire hash value. | ||
| - Hash functions are **one-way functions**. That is, the calculation works in only one direction. If we want to calculate the hash of "Andrea," we can compute H(Andrea) and obtain the result 253387e...ba0dc32. However, we cannot perform the reverse calculation, so we cannot determine the input that resulted in the output value 253387e...ba0dc32. So its impossible to calculate H^-1(253387e...ba0dc32) = Andrea. | ||
| - Hash functions are **deterministic**. That is, for a given input, the same hash value is produced consistently across all calculations. Therefore, the output hash value remains constant for the same input. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # Hybrid encryption | ||
|
|
||
| Hybrid encryption attempts to balance the "weaknesses" of the individual encryption methods (symmetric and asymmetric) and benefit from both advantages. | ||
|
|
||
| As previously stated, there are two main advantages and disadvantages there: while symmetric encryption works faster and more efficiently, asymmetric encryption is considered more secure in certain use cases, as the key exchange between two participants of symmetric encryption can be considered problematic. | ||
|
|
||
| Hybrid encryption tries to benefit from the advantages of both worlds by encrypting files or secret messages symmetrically. We now encrypt the key we used to encrypt the data with the public key of the second party to whom we want to send the encrypted data. We then send both the encrypted secret message and the encrypted key to decrypt that message. Thanks to the public-key encryption, the communication partner is now able to use its private key to decrypt the symmetric key and thus efficiently decrypt the secret message. In this way, we can provide the security of asymmetric encryption and not have to worry too much about the inefficiency of the process, since no potentially large secret documents need to be encrypted, only a key of usually fixed size. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| # Quick Crypto | ||
|
|
||
| This section deals with basic concepts of cryptography and explains them from a high level. This has no profound explanations, but tries to provide a superficial, simplified basis to give the reader a general idea for the advanced concepts of prism. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| # Merkle Trees | ||
|
|
||
| Now that we know the basic ideas of various forms of encryption as well as hash functions, we have already understood the essentials of Merkle trees. Merkle trees are frequently used in modern cryptography and often form the basis of data structures used in the areas of cryptocurrencies, blockchain and key transparency. | ||
|
|
||
| Merkle trees take advantage of the properties of hash functions discussed above and can perform many functions in this way. There are many different variants of Merkle trees, in this case we first look at simple Merkle trees built on a binary search tree. | ||
|
|
||
| The leaves of the tree store data that has been hashed using a hash function. Subsequently, the resulting hash values of each of two leaf nodes are also hashed again and the resulting hash forms the parent node of these two leaf nodes. The process of producing parent nodes by taking hash values from two child nodes is performed recursively until we have only one hash value, often referred to as a Merkle root or root hash. | ||
|
|
||
| Since for the same input in hash functions always the same output comes out, therefore the hash value of the parent node depends directly on the hash values of the children. So, accordingly, the root depends on all the hash values in the tree and thus all the data (hashed as leaves) in the Merkle tree. Moreover, we know that in practice it should not be possible for two different inputs to produce the same output. In this way, the integrity of the data can be checked: we can thus quickly determine whether data within a tree has changed based only on the root, since we can be sure that the original root could only have come about through the input of that very data. | ||
|
|
||
| But why the tree? One can come up with the idea of simply putting all the data strung together into a hash function and even then the ouput would be unique to the input. The biggest advantage lies in the fact that in this way an efficient verifiability of individual contained data is made possible. No matter how many leaves there are in the tree, all that is needed to prove a single data point is the hash value of the data point itself, plus any sibling nodes on the way to the root. The depth of the tree is always logarithmic to the number of data in the binary Merkle tree, which can be considered efficient. Here is a pictorial illustration. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Symmetric encryption | ||
|
|
||
| Symmetric encryption is a method of encrypting data where the same key is used for both encryption and decryption processes. This means that both the sender and the receiver need to own / know the same secret key to securely communicate with each other. | ||
|
|
||
| The process works as follows: | ||
|
|
||
| 1. The sender uses the secret key to encrypt the plaintext (original message) into ciphertext (encrypted message). | ||
| 2. The ciphertext is then sent to the receiver over a communication channel (eventually untrusted / public). | ||
| 3. The receiver, who knows the same secret key, uses it to decrypt the ciphertext back into the plaintext. | ||
|
|
||
| Some popular symmetric encryption algorithms include Advanced Encryption Standard (AES) and Data Encryption Standard (DES). These algorithms are efficient and suitable for encrypting large amounts of data (which isn't the case for asymmetric encryption). | ||
|
|
||
| However, there are some drawbacks to symmetric encryption. The most significant challenge is securely distributing the secret key to all involved parties. If the secret key is intercepted by an unauthorized party, the security of the encrypted data is compromised. To overcome this issue, asymmetric encryption (public-key encryption) can be used in conjunction with symmetric encryption (which is called hybrid encryption and is used in some of our examples) to securely exchange secret keys. |
Oops, something went wrong.