Detailed report, hopefully they will address this.
My concerns about the PeerAuth extension
1. Telemetry should be opt-in - Currently it's not even opt-out. PostHog tracks wallet addresses and proof activity.
2. The extension must be free and open source - I won't run a closed-source extension that handles my bank data. It needs to be auditable. The analysis below was done on minified JS bundles.
3. This is NOT zero knowledge! The name "zkp2p" is misleading. You temporarily leak a TLS session key to a third party (the attestor), they decrypt your FULL bank API response (balance, transactions, personal info), then sign an attestation. You trust them not to log it. That's attestation, not ZK.
4. The prover design leaks too much to the attestor. A better approach: wrap TLSNotary proof in a ZK proof that verifies TLS certificate signatures up to root CA, verifies regexp of public parameters, and outputs only: recipient, amount, date, status. Everything else stays private - attestor never sees it. I believe this is now technically feasible. Oskarth will maybe correct me, see his talk on exactly this: https://www.youtube.com/watch?v=HmOw73tYzKI
5. Attestation server should be verifiable - Probably not open source either. Even with this non open source design, what would be nice: run a reproducible build in TEE with attestation. If it was end-to-end encrypted into the TEE and we could verify it's not logging anything, I'd like it much more.
6. Global page injection is actually useful - My report flags `https://*/*` permissions, but I think this enables building on/off-ramp services everywhere. The issue isn't broad permissions - it's the trust issues above.
Is the code and contracts open source? The monorepo on GitHub seems quite old (7 months). I'd like to independently verify it.
---
But not to complain too much, I'm writing this out of ❤️ - I've been waiting for a product like this. This brings cryptoanarchy tools closer to the present. Overall good job, the product experience has been great.
We could do many cool things with this - imagine a "Pay with Revolut" button for merchants not yet in crypto. Buy anonymous services, cashu tokens, whatever - pay with Revolut/Venmo/..., merchant gets stablecoins (hopefully privacy-preserving ones in the future) and never touches bank fiat.
The critique comes from wanting this to succeed. Hope for a better, more private, more trustless version. 🙏
Forward!
Report by my intern: https://cypherpunk.today/static/zkp2p-peerauth-report.pdf
@nevent1qvz...
My concerns about the PeerAuth extension
1. Telemetry should be opt-in - Currently it's not even opt-out. PostHog tracks wallet addresses and proof activity.
2. The extension must be free and open source - I won't run a closed-source extension that handles my bank data. It needs to be auditable. The analysis below was done on minified JS bundles.
3. This is NOT zero knowledge! The name "zkp2p" is misleading. You temporarily leak a TLS session key to a third party (the attestor), they decrypt your FULL bank API response (balance, transactions, personal info), then sign an attestation. You trust them not to log it. That's attestation, not ZK.
4. The prover design leaks too much to the attestor. A better approach: wrap TLSNotary proof in a ZK proof that verifies TLS certificate signatures up to root CA, verifies regexp of public parameters, and outputs only: recipient, amount, date, status. Everything else stays private - attestor never sees it. I believe this is now technically feasible. Oskarth will maybe correct me, see his talk on exactly this: https://www.youtube.com/watch?v=HmOw73tYzKI
5. Attestation server should be verifiable - Probably not open source either. Even with this non open source design, what would be nice: run a reproducible build in TEE with attestation. If it was end-to-end encrypted into the TEE and we could verify it's not logging anything, I'd like it much more.
6. Global page injection is actually useful - My report flags `https://*/*` permissions, but I think this enables building on/off-ramp services everywhere. The issue isn't broad permissions - it's the trust issues above.
Is the code and contracts open source? The monorepo on GitHub seems quite old (7 months). I'd like to independently verify it.
---
But not to complain too much, I'm writing this out of ❤️ - I've been waiting for a product like this. This brings cryptoanarchy tools closer to the present. Overall good job, the product experience has been great.
We could do many cool things with this - imagine a "Pay with Revolut" button for merchants not yet in crypto. Buy anonymous services, cashu tokens, whatever - pay with Revolut/Venmo/..., merchant gets stablecoins (hopefully privacy-preserving ones in the future) and never touches bank fiat.
The critique comes from wanting this to succeed. Hope for a better, more private, more trustless version. 🙏
Forward!
Report by my intern: https://cypherpunk.today/static/zkp2p-peerauth-report.pdf
@nevent1qvz...