diff options
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..998003e --- /dev/null +++ b/README.md @@ -0,0 +1,70 @@ +# sdbv + +Resources: + +* https://research.swtch.com/tlog +* https://sum.golang.org/ +* https://go.googlesource.com/proposal/+/master/design/25530-sumdb.md +* https://github.com/crtsh/ct_monitor/blob/master/ct_monitor.go +* https://tools.ietf.org/html/rfc6962#section-2.1 + +Go Checksum DB verifier, helps you prove that a checksum database is +trustworthy. + +Cryptographically prove that the current checksum database is a superset of a +previous database. This prevents a checksum database from silently modifying +checksums and simply recomputing its Merkle tree. + +To do this, we need to periodically check for the latest tree head and prove +that the previous tree head is contained within the new tree. + +GET $GOSUMDB/lookup/M@V returns the 1) record # of the module version, 2) its +go.sum lines, and 3) a tree head + +GET $GOSUMDB/tile/H/L/K[.p/W] +GET $GOSUMDB/tile/H/data/K[.p/W] returns record data +GET $GOSUMDB/latest returns the latest signed tree head for a log + + +$GOSUMDB/lookup/go.dog/breeds@v0.3.2 + +9 +go.dog/breeds v0.3.2 <hash> +go.dog/breeds v0.3.2/go.mod <hash> +<STH> + +$GOSUMDB/tile/8/0/005 +$GOSUMDB/tile/8/1/000.p/59 + +The Go checksum database will run at https://sum.golang.org/ and serve the +following endpoints: + + /latest will serve a signed tree size and hash for the latest log. + + /lookup/M@V will serve the log record number for the entry about module M +version V, followed by the data for the record (that is, the go.sum lines for +module M version V) and a signed tree hash for a tree that contains the record. +If the module version is not yet recorded in the log, the notary will try to +fetch it before replying. Note that the data should never be used without first +authenticating it against the signed tree hash and authenticating the signed +tree hash against the client's timeline of signed tree hashes. + + /tile/H/L/K[.p/W] will serve a log tile. The optional .p/W suffix indicates +a partial log tile with only W hashes. Clients must fall back to fetching the +full tile if a partial tile is not found. The record data for the leaf hashes in +/tile/H/0/K[.p/W] are served as /tile/H/data/K[.p/W] (with a literal data path +element). + +Clients are expected to use /lookup and /tile/H/L/... during normal operations, +while auditors will want to use /latest and /tile/H/data/.... A special go +command may also fetch /latest to force incorporation of that signed tree head +into the local timeline. + +A module proxy can also proxy requests to the checksum database. The general +proxy URL form is <proxyURL>/sumdb/<databaseURL>. If GOPROXY=https://proxy.site +then the latest signed tree would be fetched using +https://proxy.site/sumdb/sum.golang.org/latest. Including the full database URL +allows a transition to a new database log, such as sum.golang.org/v2. + +Known key: +sum.golang.org+033de0ae+Ac4zctda0e5eza+HJyk9SxEdh+s3Ux18htTTAD8OuAn8 |