Research Summary on Implementing TLS Notary's Redactions Feature in o1js

Introduction

As part of the our ongoing goal of replicating the functionality of the TLSNotary verifier, a tool written in Rust, into o1js, this document summarizes the research conducted on the redactions feature of TLS Notary. The primary goal was to explore the feasibility of adding this feature to our TypeScript implementation, enabling the notarization of data from websites while preserving the confidentiality of certain data elements.

Background

TLS Notary is a protocol that allows for the auditing of HTTPS sessions without revealing sensitive data to the auditor. A key component of this functionality is the ability to redact specific data, ensuring that only non-sensitive information is shared. This process is crucial for maintaining privacy and security during the notarization process.

Research Findings

The core of TLS Notary's redactions feature relies on the use of the ChaCha encryption algorithm. This algorithm plays a crucial role in how data is handled and protected during the notarization process. Our investigation revealed that the current Rust implementation leverages specific cryptographic techniques, including the use of ChaCha, to secure and manage data efficiently.

Upon further exploration, it became apparent that there is no direct or fully compatible implementation of the ChaCha algorithm available in TypeScript. The absence of this implementation poses a significant challenge for replicating the exact functionality of the Rust-based TLS Notary verifier in o1js. Additionally, the cryptographic operations performed by ChaCha are intricate and require precise handling to maintain security properties, which further complicates potential porting efforts.

Challenges

Lack of Implementation: The absence of a TypeScript-compatible ChaCha encryption algorithm is the primary barrier. Cryptographic algorithms are complex and need to be implemented with a high degree of accuracy to be secure.
Complexity of Cryptographic Operations: Even if a basic implementation of ChaCha were available, adapting it to match the operational intricacies used in TLS Notary's redactions feature would require extensive modifications and testing to ensure cryptographic standards are met.
Scope and Resources: The effort to implement and verify a custom version of ChaCha in TypeScript would exceed the current project scope and available resources. Such an undertaking would involve deep cryptographic expertise and significant development time.
Recent Developments and Future Prospects
The team behind TLS Notary is currently working on refactoring the tlsn-core subproject of TLS Notary, where they plan to introduce support for alternative cryptographic schemes, including Poseidon hashing. Notably, both Mina and o1js utilize Poseidon as their native cryptographic primitive. This forthcoming update could align TLS Notary more closely with the technologies used in our project, potentially eliminating the need to implement ChaCha in TypeScript once these changes are implemented.

Conclusion
Based on the research conducted, adding the redactions feature to the TypeScript-based TLS Notary verifier using the o1js library is currently infeasible due to the lack of a suitable ChaCha implementation and the complexities involved in cryptographic programming. However, the anticipated refactoring of TLS Notary to support Poseidon hashing opens up promising avenues for future integration that could leverage our existing framework more effectively. We will continue to monitor these developments closely and reassess our implementation strategy to align with these updates.