{"id":17439349,"url":"https://github.com/cloudflare/plexi","last_synced_at":"2025-04-15T21:17:15.186Z","repository":{"id":258081222,"uuid":"830550101","full_name":"cloudflare/plexi","owner":"cloudflare","description":"Your Key Transparency auditor companion","archived":false,"fork":false,"pushed_at":"2025-04-04T20:48:53.000Z","size":732,"stargazers_count":23,"open_issues_count":3,"forks_count":5,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-04-15T21:17:09.613Z","etag":null,"topics":["auditor","cryptography","e2ee","key-transparency","transparency"],"latest_commit_sha":null,"homepage":"https://developers.cloudflare.com/key-transparency","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudflare.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-18T13:42:07.000Z","updated_at":"2025-04-08T11:02:41.000Z","dependencies_parsed_at":"2024-10-17T15:37:15.773Z","dependency_job_id":"8b939907-5252-443d-9983-f189acf90924","html_url":"https://github.com/cloudflare/plexi","commit_stats":null,"previous_names":["cloudflare/plexi"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fplexi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fplexi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fplexi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fplexi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudflare","download_url":"https://codeload.github.com/cloudflare/plexi/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249153953,"owners_count":21221330,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auditor","cryptography","e2ee","key-transparency","transparency"],"created_at":"2024-10-17T13:02:37.721Z","updated_at":"2025-04-15T21:17:15.153Z","avatar_url":"https://github.com/cloudflare.png","language":"Rust","funding_links":[],"categories":["Rust"],"sub_categories":[],"readme":"# Plexi\n\n![Plexi banner](./docs/assets/plexi_banner.png)\n\nPlexi is a flexible auditor for [Key Transparency systems](https://blog.cloudflare.com/key-transparency).\n\n## Tables of Content\n\n* [Features](#features)\n* [Installation](#installation)\n* [Usage](#usage)\n  * [Configure your auditor remote](#configure-your-auditor-remote)\n  * [List monitored Logs](#list-monitored-logs)\n  * [Audit a signature](#audit-a-signature)\n* [Conduct](#conduct)\n* [License](#license)\n\n## Features\n\n* Verify authenticity of a signature, to confirm it has been signed by a given public key\n* Verify the validity of [facebook/akd](https://github.com/facebook/akd) proofs\n* List Logs an Auditor monitors\n\n## Installation\n\n| Environment                                                   | CLI Command           |\n|:--------------------------------------------------------------|:----------------------|\n| [Cargo](https://www.rust-lang.org/tools/install) (Rust 1.81+) | `cargo install plexi` |\n\n## Usage\n\nUse the `--help` option for more details about the commands and their options.\n\n```shell\nplexi [OPTIONS] \u003cCOMMAND\u003e\n```\n\n### Configure your auditor remote\n\n`plexi` does not come with a default remote auditor, and you will need to choose your own. \n\nYou can do so either by passing `--remote-url=\u003cREMOTE\u003e` or setting the `PLEXI_REMOTE_URL` environment variable.\n\nA common remote is provided below:\n\n| Name       | Remote                                          |\n|:-----------|:------------------------------------------------|\n| Cloudflare | `https://plexi.key-transparency.cloudflare.com` |\n\nIf you have deployed your own auditor, you can add a remote by filing a [GitHub issue](https://github.com/cloudflare/plexi/issues).\n\n### List monitored Logs\n\nAn auditor monitors multiple Logs at once. To discover which Logs an auditor is monitoring, run the following:\n\n```shell\nplexi ls --remote-url 'https://plexi.key-transparency.cloudflare.com'\nwhatsapp.key-transparency.v1\n```\n\n### Audit a signature\n\nThe Key Transparency Auditor vouches for Log validity by ensuring epoch uniqueness. and verifying the associated proof\n\n`plexi audit` provides information about a given epoch and its validity. It can perform a local audit to confirm the auditor behaviour.\n\nFor instance, to verify WhatsApp Log auditted by Cloudflare Auditor, run the following:\n\n```shell\n\u003e plexi audit --remote-url 'https://plexi.key-transparency.cloudflare.com' --namespace 'whatsapp.key-transparency.v1' --long\nNamespace\n  Name                \t: whatsapp.key-transparency.v1\n  Ciphersuite         \t: ed25519(protobuf)\n\nSignature (2024-09-23T16:53:45Z)\n  Epoch height      \t: 489193\n  Epoch digest      \t: cbe5097ae832a3ae51ad866104ffd4aa1f7479e873fd18df9cb96a02fc91ebfe\n  Signature         \t: fe94973e19da826487b637c019d3ce52f0c08093ada00b4fe6563e2f8117b4345121342bc33aae249be47979dfe704478e2c18aed86e674df9f934b718949c08\n  Signature verification: success\n  Proof verification\t: success\n```\n\nIf you already know the auditor verifying key, you can pass it via `--verifying-key`. Plexi will verify that the key is advertised by the auditor, and that the signature is valid against it.\n\n```shell\nplexi audit \\\n  --remote-url 'https://plexi.key-transparency.cloudflare.com' \\\n  --namespace 'whatsapp.key-transparency.v1' \\\n  --verifying-key '2bbfbb39997fdb95feee40ef9f8827de0256732be06f64ed6408cc7e97c7f4d4'\n```\n\n## Conduct\n\nPlexi and Cloudflare OpenSource generally follows the [Contributor Covenant Code of Conduct](https://github.com/cloudflare/.github/blob/26b37ca2ba7ab3d91050ead9f2c0e30674d3b91e/CODE_OF_CONDUCT.md). Violating the CoC could result in a warning or a ban to Plexi or any and all repositories in the Cloudflare organization.\n\n## License\nThis project is Licensed under [Apache License, Version 2.0](./LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudflare%2Fplexi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudflare%2Fplexi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudflare%2Fplexi/lists"}