this post was submitted on 24 Sep 2023
11 points (86.7% liked)

Programming

17374 readers
379 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev



founded 1 year ago
MODERATORS
 

It uses MPC and ZK to prove some data from a server (that uses TLS) is authentic given some request.

One of the simple demos is proving you received a DM from someone on twitter, without sharing your session token or login credentials with the other party.

Another idea is proving you know some exploit (think sql injection) without revealing how you did it.

Or proving you purchased some item off a website so you can review it on a neutral platform (amazon reviews but without amazon being able to manipulate the votes)

you are viewing a single comment's thread
view the rest of the comments
[–] JackbyDev@programming.dev 1 points 1 year ago (1 children)

Wait, is this sort of like an SSH tunnel?

[–] AtHeartEngineer@lemmy.world 2 points 1 year ago (1 children)

Its a bit more complicated than that. There is a fair bit of cryptography that happens where you basically cooperate with another party to communicate with the server in a way where you cant cheat.

[–] JackbyDev@programming.dev 2 points 1 year ago (1 children)

Yeah, I'm not being reductive, just trying to understand the mechanics. The notary is making requests on behalf of the other, right?

[–] AtHeartEngineer@lemmy.world 1 points 1 year ago (1 children)

I will quote the devs directly: "This Verifier is not "a man in the middle". Instead, the Verifier participates in a secure multi-party computation (MPC) to jointly operate the TLS connection without seeing the data in plain text."

https://docs.tlsnotary.org/#%E2%91%A0-multi-party-tls-request

[–] JackbyDev@programming.dev 1 points 1 year ago

Yeah, I don't think SSH tunnel can snoop either, but maybe I misunderstand them.