An implementation of an auditable key directory (also known as a verifiable registry or authenticated dictionary).
Auditable key directories can be used to help provide key transparency for end-to-end encrypted messaging.
This implementation is based off of the protocols described in SEEMless, with ideas incorporated from Parakeet.
This library provides a stateless API for an auditable key directory, meaning that a consumer of this library must provide their own solution for the storage of the entries of the directory.
The API can be found here along with an example for usage. To learn more about the technical details behind how the directory is constructed, see here.
Add the following line to the dependencies of your Cargo.toml:
akd = "0.12.0-pre.3"
Rust 1.51 or higher.
| Subfolder | On crates.io? | Description |
|---|---|---|
akd |
✓ | Main implementation of AKD which a service provider that manages the underlying directory would need to run. A good starting point for diving into this implementation. |
akd_core |
✓ | Minimal library consisting of core operations in AKD. |
examples |
Contains various examples for using AKD, along with utilities such as locally verifying audit proofs that are produced by WhatsApp's key transparency deployment. More details are contained here. | |
xtask |
Used for running the code coverage pipeline. |
This library was audited by NCC Group in August of 2023. The audit was sponsored by Meta for its use in WhatsApp's key transparency deployment.
The audit found issues in release v0.9.0, and the fixes were subsequently incorporated into release v0.11.0. See the full audit report here.
The original authors of this code are Evan Au (@afterdusk), Alex Chernyak (@alexme22), Dillon George (@dillonrg), Sean Lawlor (@slawlor), Kevin Lewi (@kevinlewi), Jasleen Malvai (@jasleen1), and Ercan Ozturk (@eozturk1). To learn more about contributing to this project, see this document.
This project is dual-licensed under either the MIT license or the Apache License, Version 2.0. You may select, at your option, one of the above-listed licenses.