-
Notifications
You must be signed in to change notification settings - Fork 70
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #300 from tlsnotary/tlsn-server-examples
Tlsn twitter examples
- Loading branch information
Showing
9 changed files
with
572 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,4 +20,10 @@ Cargo.lock | |
.nvimrc | ||
|
||
# vscode project specific settings | ||
.vscode/ | ||
.vscode/ | ||
|
||
# transcript | ||
*.json | ||
|
||
# env var | ||
*.env |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
CONVERSATION_ID="20124652-973145016511139841" | ||
CLIENT_UUID="e6f00000-cccc-dddd-bbbb-eeeeeefaaa27" | ||
AUTH_TOKEN="670ccccccbe2bbbbbbbc1025aaaaaafa55555551" | ||
ACCESS_TOKEN="AAAAAAAAAAAAAAAAAAAAANRILgAA...4puTs%3D1Zv7...WjCpTnA" | ||
CSRF_TOKEN="77d8ef46bd57f722ea7e9f...f4235a713040bfcaac1cd6909" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
[package] | ||
name = "tlsn-examples" | ||
version = "0.0.0" | ||
edition = "2021" | ||
publish = false | ||
|
||
[dev-dependencies] | ||
tlsn-prover.workspace = true | ||
tlsn-notary.workspace = true | ||
tlsn-core.workspace = true | ||
|
||
futures.workspace = true | ||
tokio = { workspace = true, features = [ | ||
"rt", | ||
"rt-multi-thread", | ||
"macros", | ||
"net", | ||
"io-std", | ||
"fs", | ||
] } | ||
tokio-util.workspace = true | ||
|
||
tracing.workspace = true | ||
tracing-subscriber.workspace = true | ||
|
||
hyper = { version = "0.14", features = ["client", "http1"] } | ||
|
||
p256 = { workspace = true, features = ["ecdsa"] } | ||
webpki-roots.workspace = true | ||
|
||
async-tls = { version = "0.12", default-features = false, features = [ | ||
"client", | ||
] } | ||
|
||
serde = { version = "1.0.147", features = ["derive"] } | ||
serde_json = "1.0" | ||
eyre = "0.6.8" | ||
rustls = { version = "0.21" } | ||
rustls-pemfile = { version = "1.0.2" } | ||
tokio-rustls = { version = "0.24.1" } | ||
dotenv = "0.15.0" | ||
|
||
[[example]] | ||
name = "twitter_dm" | ||
path = "twitter_dm.rs" | ||
|
||
[[example]] | ||
name = "simple_notary" | ||
path = "simple_notary.rs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
-----BEGIN CERTIFICATE----- | ||
MIICzDCCAbQCCQDDGiT0U3jAszANBgkqhkiG9w0BAQsFADAoMRIwEAYDVQQKDAl0 | ||
bHNub3RhcnkxEjAQBgNVBAMMCXRsc25vdGFyeTAeFw0yMzA2MjYxMTE2MTZaFw0y | ||
ODA2MjQxMTE2MTZaMCgxEjAQBgNVBAoMCXRsc25vdGFyeTESMBAGA1UEAwwJdGxz | ||
bm90YXJ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Vf+O9l4WNXE | ||
Xh48MwjnvZ9wGN/Ls+jzzF1Q+J/QfXAYR/REQgJQmuk6sBgJyXUW7Dr5dKAY5tfL | ||
rjfSaLhdMSxBH/tMepf5HVfEo6jvgk1bdR43DIZw7Z0hfuGUo6qOue8LZry2Nl+9 | ||
VZpG64quRZ///4LdMBQyXcS2yeWKU10yVNBvstKW0i8krqQfbWOIG1nu5nDg5onB | ||
paKUvbyrLyuHLz8gzKDFezxADTugq2KRXYKIZmyRucK+kmnJnZ/k46GZ84Vju15v | ||
ktC0CvaR9IfvLfJMAo1Y0lUR4HjQkEAfjnDFYj5B18KFxXABraVD8UxjeMbAHTjf | ||
i1lV0yp+qQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQABxRni6FZIFeK0KCS1Nrks | ||
ONLVPfvDSNEKpImWFFoJbaSAAankTiQM1nKTY9SRIhqG2t+xJ6c8+qe905lFFvOy | ||
r85LMb3z2ZWs4ez6Uy6IdpSdkTULk+1huE/Y9ZqRJ5aQy7PqiHTe+mNDFmHXGdcS | ||
azHywd4hQeRQhCBXlAG7I18uZR9DPtGaJnvZlfbpD6Iq7x3ocfGhQiV9VJS1JaQ3 | ||
Z7CJs2pa4da5FXQMAbKI2f7V5kbn3bjMp57yeYFo5wJMhEeSFqkrojR0oZDzfxW9 | ||
b0W/PI4R4d2hUvX0fwrQyXbGo8HvYDFUhlMMSF60gUNcbpF6P93tXxR2FM/hnu+T | ||
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
/// This is a simple implementation of the notary server with minimal functionalities (without TLS, does not support WebSocket and configuration etc.) | ||
/// For a more functional notary server implementation, please use https://github.com/tlsnotary/notary-server | ||
use std::env; | ||
|
||
use tokio::net::TcpListener; | ||
use tokio_util::compat::TokioAsyncReadCompatExt; | ||
|
||
use tlsn_notary::{bind_notary, NotaryConfig}; | ||
|
||
#[tokio::main] | ||
async fn main() { | ||
tracing_subscriber::fmt::init(); | ||
|
||
// Allow passing an address to listen on as the first argument of this | ||
// program, but otherwise we'll just set up our TCP listener on | ||
// 127.0.0.1:8080 for connections. | ||
let addr = env::args() | ||
.nth(1) | ||
.unwrap_or_else(|| "127.0.0.1:8080".to_string()); | ||
|
||
// Next up we create a TCP listener which will listen for incoming | ||
// connections. This TCP listener is bound to the address we determined | ||
// above and must be associated with an event loop. | ||
let listener = TcpListener::bind(&addr).await.unwrap(); | ||
|
||
println!("Listening on: {}", addr); | ||
|
||
// Generate a signing key | ||
let signing_key = p256::ecdsa::SigningKey::from_bytes(&[1u8; 32].into()).unwrap(); | ||
|
||
loop { | ||
// Asynchronously wait for an inbound socket. | ||
let (socket, socket_addr) = listener.accept().await.unwrap(); | ||
|
||
println!("Accepted connection from: {}", socket_addr); | ||
|
||
{ | ||
let signing_key = signing_key.clone(); | ||
|
||
// Spawn notarization task to be run concurrently | ||
tokio::spawn(async move { | ||
// Setup default notary config. Normally a different ID would be generated | ||
// for each notarization. | ||
let config = NotaryConfig::builder().id("example").build().unwrap(); | ||
|
||
// Bind the notary to the socket | ||
let (notary, notary_fut) = bind_notary(config, socket.compat()).unwrap(); | ||
|
||
// Run the notary | ||
tokio::try_join!( | ||
notary_fut, | ||
notary.notarize::<p256::ecdsa::Signature>(&signing_key) | ||
) | ||
.unwrap(); | ||
}); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
# Notarize Twitter DMs | ||
|
||
The `twtter_dm.rs` example sets up a TLS connection with Twitter and notarizes the requested DMs. The full received transcript is notarized in one commitment, so nothing is redacted. The result is written to a local JSON file (`twitter_dm.json`) for easier inspection. | ||
|
||
This involves 3 steps: | ||
1. Configure the inputs | ||
2. Start the (local) notary server | ||
3. Notarize | ||
|
||
## Inputs | ||
|
||
In this tlsn/examples folder, create a `.env` file. | ||
Then in that `.env` file, set the values of the following constants by following the format shown in this [example env file](./.env.example). | ||
|
||
| Name | Example | Location in Request Headers Section (within Network Tab of Developer Tools) | | ||
| --------------- | ------------------------------------------------------- |---------------------------------------------------------------------------------- | | ||
| CONVERSATION_ID | `20124652-973145016511139841` | Look for `Referer`, then extract the `ID` in `https://twitter.com/messages/<ID>` | | ||
| CLIENT_UUID | `e6f00000-cccc-dddd-bbbb-eeeeeefaaa27` | Look for `X-Client-Uuid`, then copy the entire value | | ||
| AUTH_TOKEN | `670ccccccbe2bbbbbbbc1025aaaaaafa55555551` | Look for `Cookie`, then extract the `token` in `;auth_token=<token>;` | | ||
| ACCESS_TOKEN | `AAAAAAAAAAAAAAAAAAAAANRILgAA...4puTs%3D1Zv7...WjCpTnA` | Look for `Authorization`, then extract the `token` in `Bearer <token>` | | ||
| CSRF_TOKEN | `77d8ef46bd57f722ea7e9f...f4235a713040bfcaac1cd6909` | Look for `X-Csrf-Token`, then copy the entire value | | ||
|
||
You can obtain these parameters by opening [Twitter](https://twitter.com/messages/) in your browser and accessing the message history you want to notarize. Please note that notarizing only works for short transcripts at the moment, so choose a contact with a short history. | ||
|
||
Next, open the **Developer Tools**, go to the **Network** tab, and refresh the page. Then, click on **Search** and type `uuid` as shown in the screenshot below — all of these constants should be under the **Request Headers** section. Refer to the table above on where to find each of the constant value. | ||
|
||
![Screenshot](twitter_dm_browser.png) | ||
|
||
## Start the notary server | ||
|
||
``` | ||
git clone https://github.com/tlsnotary/notary-server | ||
cd notary-server | ||
cargo run --release | ||
``` | ||
|
||
The notary server will now be running in the background waiting for connections. | ||
|
||
For more information on how to configure the notary server, please refer to [this](https://github.com/tlsnotary/notary-server#running-the-server). | ||
|
||
## Notarize | ||
|
||
In this tlsn/examples folder, run the following command: | ||
|
||
```sh | ||
RUST_LOG=debug,yamux=info cargo run --release --example twitter_dm | ||
``` | ||
|
||
If everything goes well, you should see output similar to the following: | ||
|
||
```log | ||
Compiling tlsn-examples v0.0.0 (/Users/heeckhau/tlsnotary/tlsn/tlsn/examples) | ||
Finished release [optimized] target(s) in 8.52s | ||
Running `/Users/heeckhau/tlsnotary/tlsn/tlsn/target/release/examples/twitter_dm` | ||
2023-08-15T12:49:38.532924Z DEBUG rustls::client::hs: No cached session for DnsName("tlsnotaryserver.io") | ||
2023-08-15T12:49:38.533384Z DEBUG rustls::client::hs: Not resuming any session | ||
2023-08-15T12:49:38.543493Z DEBUG rustls::client::hs: Using ciphersuite TLS13_AES_256_GCM_SHA384 | ||
2023-08-15T12:49:38.543632Z DEBUG rustls::client::tls13: Not resuming | ||
2023-08-15T12:49:38.543792Z DEBUG rustls::client::tls13: TLS1.3 encrypted extensions: [ServerNameAck] | ||
2023-08-15T12:49:38.543803Z DEBUG rustls::client::hs: ALPN protocol is None | ||
2023-08-15T12:49:38.544305Z DEBUG twitter_dm: Sending configuration request | ||
2023-08-15T12:49:38.544556Z DEBUG hyper::proto::h1::io: flushed 163 bytes | ||
2023-08-15T12:49:38.546069Z DEBUG hyper::proto::h1::io: parsed 3 headers | ||
2023-08-15T12:49:38.546078Z DEBUG hyper::proto::h1::conn: incoming body is content-length (52 bytes) | ||
2023-08-15T12:49:38.546168Z DEBUG hyper::proto::h1::conn: incoming body completed | ||
2023-08-15T12:49:38.546187Z DEBUG twitter_dm: Sent configuration request | ||
2023-08-15T12:49:38.546192Z DEBUG twitter_dm: Response OK | ||
2023-08-15T12:49:38.546224Z DEBUG twitter_dm: Notarization response: NotarizationSessionResponse { session_id: "2675e0f9-d06c-499b-8e9e-2b893a6d7356" } | ||
2023-08-15T12:49:38.546257Z DEBUG twitter_dm: Sending notarization request | ||
2023-08-15T12:49:38.546291Z DEBUG hyper::proto::h1::io: flushed 152 bytes | ||
2023-08-15T12:49:38.546743Z DEBUG hyper::proto::h1::io: parsed 3 headers | ||
2023-08-15T12:49:38.546748Z DEBUG hyper::proto::h1::conn: incoming body is empty | ||
2023-08-15T12:49:38.546766Z DEBUG twitter_dm: Sent notarization request | ||
2023-08-15T12:49:38.546772Z DEBUG twitter_dm: Switched protocol OK | ||
2023-08-15T12:49:40.088422Z DEBUG twitter_dm: Sending request | ||
2023-08-15T12:49:40.088464Z DEBUG hyper::proto::h1::io: flushed 950 bytes | ||
2023-08-15T12:49:40.143884Z DEBUG tls_client::client::hs: ALPN protocol is None | ||
2023-08-15T12:49:40.143893Z DEBUG tls_client::client::hs: Using ciphersuite Tls12(Tls12CipherSuite { suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, algorithm: AES_128_GCM }) | ||
2023-08-15T12:49:40.144666Z DEBUG tls_client::client::tls12: ECDHE curve is ECParameters { curve_type: NamedCurve, named_group: secp256r1 } | ||
2023-08-15T12:49:40.144687Z DEBUG tls_client::client::tls12: Server DNS name is DnsName(DnsName(DnsName("twitter.com"))) | ||
2023-08-15T12:51:01.336491Z DEBUG hyper::proto::h1::io: parsed 31 headers | ||
2023-08-15T12:51:01.336507Z DEBUG hyper::proto::h1::conn: incoming body is content-length (4330 bytes) | ||
2023-08-15T12:51:01.336516Z DEBUG hyper::proto::h1::conn: incoming body completed | ||
2023-08-15T12:51:01.336528Z DEBUG twitter_dm: Sent request | ||
2023-08-15T12:51:01.336537Z DEBUG twitter_dm: Request OK | ||
2023-08-15T12:51:01.336585Z DEBUG twitter_dm: { | ||
"conversation_timeline": { | ||
"entries": [ | ||
{ | ||
"message": { | ||
"conversation_id": "20124652-45653288", | ||
... | ||
"withheld_in_countries": [] | ||
} | ||
} | ||
} | ||
} | ||
2023-08-15T12:51:08.854818Z DEBUG twitter_dm: Notarization complete! | ||
``` | ||
|
||
If the transcript was too long, you may encounter the following error: | ||
|
||
``` | ||
thread 'tokio-runtime-worker' panicked at 'called `Result::unwrap()` on an `Err` value: IOError(Custom { kind: InvalidData, error: BackendError(DecryptionError("Other: KOSReceiverActor is not setup")) })', /Users/heeckhau/tlsnotary/tlsn/tlsn/tlsn-prover/src/lib.rs:173:50 | ||
``` |
Oops, something went wrong.