/trillian-examples

A place to store some examples which use Trillian APIs to build things.

Primary LanguageGoApache License 2.0Apache-2.0

Trillian examples

Total alerts GoDoc Slack Status

This repository contains example applications built on top of Trillian, showing that it's possible to apply transparency concepts to problems other than certificates. It also contains general-purpose components that can be used to strengthen the guarantees of a transparent ecosystem that already contains verifiable logs.

Currently the examples here are:

  • binary_transparency/firmware: A demo showing how to apply transparency bring discoverability to device firmware updates, but the principles are also more generally applicable to all kinds of binaries/updates.
  • helloworld: A simple example demonstrating the correct configuration of a Trillian log, personality, and client.
  • sumdbaudit: Demonstration of an auditor for the GoLang SumDB module proxy, which clones a log and verifies the data in it.

The general-purpose components are:

  • serverless: A suite of command-line tools for managing transparency logs whose state is entirely composed of on-disk files, along with examples of how to use GitHub/GitHub Actions to host & publicly serve the log.
  • witness: A witness, which verifies the consistency of the evolving checkpoints issued by a verifiable log and produces co-signed checkpoints. This is an important role that enables the prevention or detection of certain types of log misbehavior (and in particular split-view attacks).

These examples and components are not supported per-se, but the Trillian team will likely try to help where possible. You can contact them via the channels listed under Support on the Trillian repo.