This repository contains example applications built on top of Trillian, showing that it's possible to apply transparency concepts to problems other than certificates. It also contains general-purpose components that can be used to strengthen the guarantees of a transparent ecosystem that already contains verifiable logs.
Currently the examples here are:
- binary_transparency/firmware: A demo showing how to apply transparency bring discoverability to device firmware updates, but the principles are also more generally applicable to all kinds of binaries/updates.
- helloworld: A simple example demonstrating the correct configuration of a Trillian log, personality, and client.
- sumdbaudit: Demonstration of an auditor for the GoLang SumDB module proxy, which clones a log and verifies the data in it.
The general-purpose components are:
- serverless: A suite of command-line tools for managing transparency logs whose state is entirely composed of on-disk files, along with examples of how to use GitHub/GitHub Actions to host & publicly serve the log.
- witness: A witness, which verifies the consistency of the evolving checkpoints issued by a verifiable log and produces co-signed checkpoints. This is an important role that enables the prevention or detection of certain types of log misbehavior (and in particular split-view attacks).
These examples and components are not supported per-se, but the Trillian team will likely try to help where possible. You can contact them via the channels listed under Support on the Trillian repo.