47 releases
new 0.12.0-pre.11 | Nov 21, 2024 |
---|---|
0.12.0-pre.9 | Aug 29, 2024 |
0.12.0-pre.7 | Jul 23, 2024 |
0.12.0-pre.2 | Mar 27, 2024 |
0.2.0 | Nov 5, 2021 |
#100 in Cryptography
911 downloads per month
Used in 4 crates
610KB
12K
SLoC
akd
An implementation of an auditable key directory (also known as a verifiable registry or authenticated dictionary).
Auditable key directories can be used to help provide key transparency for end-to-end encrypted messaging.
This implementation is based off of the protocols described in SEEMless, with ideas incorporated from Parakeet.
This library provides a stateless API for an auditable key directory, meaning that a consumer of this library must provide their own solution for the storage of the entries of the directory.
Documentation
The API can be found here along with an example for usage. To learn more about the technical details behind how the directory is constructed, see here.
Installation
Add the following line to the dependencies of your Cargo.toml
:
akd = "0.12.0-pre.11"
Minimum Supported Rust Version
Rust 1.51 or higher.
Top-Level Directory Organization
Subfolder | On crates.io? | Description |
---|---|---|
akd |
✓ | Main implementation of AKD which a service provider that manages the underlying directory would need to run. A good starting point for diving into this implementation. |
akd_core |
✓ | Minimal library consisting of core operations in AKD. |
examples |
Contains various examples for using AKD, along with utilities such as locally verifying audit proofs that are produced by WhatsApp's key transparency deployment. More details are contained here. | |
xtask |
Used for running the code coverage pipeline. |
Audit
This library was audited by NCC Group in August of 2023. The audit was sponsored by Meta for its use in WhatsApp's key transparency deployment.
The audit found issues in release v0.9.0
, and the fixes were subsequently incorporated into release v0.11.0
. See the full audit report here.
Contributors
The original authors of this code are Evan Au (@afterdusk), Alex Chernyak (@alexme22), Dillon George (@dillonrg), Sean Lawlor (@slawlor), Kevin Lewi (@kevinlewi), Jasleen Malvai (@jasleen1), and Ercan Ozturk (@eozturk1). To learn more about contributing to this project, see this document.
License
This project is dual-licensed under either the MIT license or the Apache License, Version 2.0. You may select, at your option, one of the above-listed licenses.
Dependencies
~7–20MB
~239K SLoC