We apply a transparency log to a centralized keyserver step-by-step, in less than 500 lines, with privacy protections, anti-poisoning, and witness cosigning.

Filippo's resource offers insights, tutorials, and resources for software developers and technology enthusiasts. Readers can learn about web development, programming languages, and software engineering best practices. With articles, tutorials, and code samples, Filippo provides  guidance and expertise for building software applications and exploring new technologies.

Filippo Valsorda

A step-by-step guide to building a transparent keyserver for age public keys using transparency log technology. The implementation adds cryptographic accountability to a centralized service through Tessera and Torchwood libraries, incorporating VRFs for privacy protection, anti-poisoning measures through hashing, and witness cosigning for split-view prevention. The complete solution requires less than 500 lines of code while maintaining unchanged UX and enabling users to monitor all public keys associated with their email addresses.

Building a Transparent Keyserver

Transparency logs and accountability for centralized services

Future work: efficient monitoring and revocation