Attestor docs

content/docs/attestor-decentralization/attestor-contracts.mdx

@@ -0,0 +1,81 @@
+---
+title: Attestor Contracts
+description: An overview of attestor contracts
+---
+
+import { Tab, Tabs } from "fumadocs-ui/components/tabs";
+
+# Reclaim Protocol: Decentralized Architecture and Incentives
+
+The Reclaim protocol's decentralized architecture relies on smart contracts and a network of Attestor nodes to ensure secure and trustless data verification.
+
+## Core Smart Contracts
+
+* **Task Contract:**
+    * Responsible for creating Claim Tasks and achieving Claim consensus.
+* **Governance Contract:**
+    * Manages Attestor nodes, providing staking, rewards, and penalty mechanisms.
+    * Optionally, collects staked $MOCA tokens from Attestors and distributes earnings based on staking ratios and service quality.
+
+## Attestor Registration & Staking
+
+* Attestors must stake a minimum number of $MOCA tokens in the Governance Contract.
+* Rewards are distributed based on the staking ratio.
+* Attestors must maintain online availability.
+
+## Decentralized Proof of Possession (PoP)
+
+1.  **Claim Task Request:**
+    * The user submits a "create claim task" request to the Task Contract via the Reclaim SDK.
+2.  **Attestor Selection:**
+    * The Task Contract randomly selects Attestors and returns them to the SDK.
+3.  **zkTLS Protocol Execution:**
+    * The Reclaim SDK establishes connections with the selected Attestors to execute the zkTLS protocol.
+4.  **Proof Submission:**
+    * Each Attestor returns a Proof to the SDK and submits it to the Task Contract.
+5.  **Proof Consensus:**
+    * The Task Contract achieves Proof consensus based on the 51% rule.
+6.  **Final Proof Packaging:**
+    * The SDK packages all Proofs and submits the final Proof to the Task Contract.
+7.  **Proof Verification and Storage:**
+    * The Task Contract verifies the Proof and stores the result upon successful validation.
+
+## Unstaking
+
+* Upon an unstaking request, the system initiates an undelegation process with a chain-defined unbonding period (e.g., 21 days).
+* After the unbonding period, the remaining $MOCA tokens are calculated and returned to the Attestor’s account, accounting for potential slashing risks.
+
+## Try It
+
+Contract can be found on [Github](https://github.com/reclaimprotocol/attestor-contracts).
+### Admin setup
+
+If you wish to try things beforehand, try the following upon cloning and installing packages.
+
+1.  **Populate your `.env`:**
+    * `PRIVATE_KEY=`
+
+2.  **Run the deploy script:**
+    * `npx hardhat deploy --network $YOUR_NETWORK`
+
+3.  **Create a task request:**
+    * `npx hardhat create-task-request --network $YOUR_NETWORK`
+
+4.  **Verify a mock proof for a specific task:**
+    * `npx hardhat verify --id $YOUR_ID --network $YOUR_NETWORK`
+
+### zkFetch Example
+
+Alternatively, you can try out an e2e [example](https://github.com/reclaimprotocol/attestor-contracts/tree/main/example) that showcases the complete proof lifecycle.
+
+1.  **Change directory into /example and install packages:**
+    * `npm install`
+
+2.  **Populate your `.env`, varibales are filled for you, you just need to add you private key:**
+    * `PRIVATE_KEY=`
+3. **Run the script:**
+    * `node index.js`
+
+### Register Attestor
+
+If you wish the join the quorum with your attestor, do [contact us](https://t.me/protocolreclaim).

content/docs/attestor-decentralization/index.mdx

@@ -0,0 +1,71 @@
+---
+title: Reclaim Protocol Attestors
+description: Expanding the Reclaim protocol with multi-attestor verification, economic incentives, and anonymity.
+---
+
+# Decentralizing Reclaim
+
+The foundational Reclaim protocol relies on trusted Attestors to sign and verify data Claims. However, this introduces a single point of trust vulnerability, as the Attestor's honesty is paramount. To mitigate this, we are expanding the protocol through decentralization, focusing on:
+
+## Multi-Attestor Verification Mechanism
+
+* **Problem:** Relying on a single Attestor creates a single point of failure and trust.
+* **Solution:** Implement a system where each Claim is verified by multiple independent Attestors.
+* **Benefit:** Significantly reduces the risk of fraudulent claims by requiring consensus among multiple parties.
+
+## Economic Incentives and Penalty Mechanisms
+
+* **Problem:** Ensuring Attestor honesty requires more than just trust.
+* **Solution:** Introduce economic incentives and penalty mechanisms through:
+    * **Token Staking:** Attestors stake tokens as collateral, which can be slashed for dishonest behavior.
+    * **Transaction Fees:** Attestors earn fees for verifying Claims, incentivizing participation.
+    * **Penalty Mechanisms:** Automated detection and punishment of anomalous behavior.
+* **Benefit:** Creates a self-regulating system that promotes honest participation and discourages malicious actions.
+
+## Ensuring Anonymity
+
+* **Problem:** Linking multiple credentials of a user can compromise their privacy.
+* **Solution:** Implement measures to guarantee that user credentials remain unlinked, preventing third parties from inferring identities through on-chain data.
+* **Benefit:** Protects user privacy and prevents unauthorized tracking of their activity.
+
+## Key Decentralization Goals
+
+* **Enhanced Security:** Multi-attestor verification strengthens the reliability of Claims.
+* **Increased Trust:** Economic incentives and penalties foster a trustworthy ecosystem.
+* **Improved Privacy:** Anonymity measures safeguard user data.
+
+By implementing these decentralization strategies, we are building a more robust, secure, and private Reclaim protocol, capable of scaling and serving a wider range of use cases.
+
+## The Reclaim Solution: Secure API Attestation
+
+The Reclaim protocol introduces a novel approach using "attestor" nodes to proxy API requests, enabling verifiable data claims.
+
+### How It Works
+
+1.  **Proxied API Request:**
+    * The user initiates an API request to a service like Gmail, routed through an attestor node.
+    * The attestor observes the traffic flow.
+2.  **Sensitive Data Protection:**
+    * The protocol allows users to conceal sensitive data, such as passwords or API secrets (e.g., `{secret-token}`), from the attestor.
+3.  **Response Verification:**
+    * The attestor verifies that the response from the service (e.g., Google's servers) matches the user's claimed response.
+4.  **Signed Claim:**
+    * Upon successful verification, the attestor signs a "claim" attesting to the user's access to the specified data (e.g., the email address).
+5.  **Trustless Proof:**
+    * This signed claim serves as verifiable proof of data access, without revealing the user's sensitive information.
+
+### Example: Proving Gmail Access
+
+Using Reclaim, you can prove access to your Gmail account without sharing your password or screenshots. The attestor verifies the communication with Google's servers, ensuring the validity of your claim.
+
+### Trust and Decentralization
+
+While the protocol requires trusting the attestor, this risk is mitigated through decentralization. By establishing a decentralized attestor network, the protocol reduces the potential for collusion and enhances overall security.
+
+## Key Benefits
+
+* **Privacy:** Sensitive information remains protected.
+* **Verifiability:** Claims are cryptographically signed and verifiable.
+* **Trustlessness:** Enables secure data utilization in trustless environments.
+* **Decentralization:** Mitigates risks associated with centralized attestors.
+

content/docs/attestor-decentralization/local-development.mdx

@@ -0,0 +1,123 @@
+---
+title: Local Development
+description: Run an attestor locally
+---
+
+import { Tab, Tabs } from "fumadocs-ui/components/tabs";
+
+Reclaim's attestor is a stateless machine, you can start generating proofs with your local setup, all you need is a private key for your attestor.
+
+## Overview
+
+Following this doc, you will be able to run an attestor locally and start generating Reclaim proofs.
+
+## Flows
+
+### Running the attestor
+
+The workflow is as follows:
+
+1. **Clone the `attestor-core` repository:**
+    - The user calls zkFetch, providing options such as URL, method, and headers.
+2. **Install packages:** 
+    - `npm i`
+3. **Create an `.env.producation` with at least the `PRIVATE_KEY` variable populated**
+    - `PRIVATE_KEY=0x...`
+4. **Start the server:**
+    - `NODE_ENV=production npm run start --env-file=.env.production -- src/scripts/start-server`
+
+Running the last command will print a WebSocket url for you, you will need this in the next step.
+
+### Generating a proof
+
+Now that your attestor is running in the background, you can connect to it and start generating proofs:
+
+1.  **Create a node.js environment:**
+    - `npm init --yes`
+2.  **Install `attestor-core`:**
+    - `npm i https://github.com/reclaimprotocol/attestor-core`
+3.  **Download ZK files:**
+
+    - `node node_modules/@reclaimprotocol/zk-symmetric-crypto/lib/scripts/download-files`
+
+4.  **Create a .js file with the following script and plug in your attestor's metadata:**
+
+<Tabs items={['JavaScript']}>
+<Tab value="JavaScript">
+   ```javascript
+const { createClaimOnAttestor } = require("@reclaimprotocol/attestor-core");
+
+const claimObj = 
+  {
+// change the claim obj (with the provider data)
+    method: "GET",
+    url: "https://api.coingecko.com/api/v3/simple/price?ids=ethereum&vs_currencies=usd",
+    responseMatches: [
+    {
+      type: "regex",
+      value: '{"ethereum":{"usd":(?<usd>.*?)}}',
+    },
+    ],
+    responseRedactions: [
+    {
+      regex: '{"ethereum":{"usd":(?<usd>.*?)}}',
+    },
+    ],
+    geoLocation: "",
+    body: "",
+    paramValues: {},
+    headers: {},
+  };
+
+const createClaim = async () => 
+{
+  try {
+    const claim = await createClaimOnAttestor({
+    name: "http",
+    params: 
+    {
+      method: claimObj.method,
+      url: claimObj.url,
+      responseMatches: claimObj.responseMatches,
+      responseRedactions: claimObj.responseRedactions,
+      geoLocation: claimObj.geoLocation,
+      body: claimObj.body,
+      paramValues: claimObj.paramValues,
+      additionalClientOptions: {},
+    },
+    secretParams:
+    {
+      headers: claimObj.headers,
+      cookieStr: "",
+      authorisationHeader: "",
+    },
+    ownerPrivateKey: "", // Replace with you attestor's private key
+    client:
+    {
+      url: "", // Replace with your attestor's host url
+    },
+});
+
+console.log(claim);
+
+} catch (error) {
+console.log(error);
+}
+};
+
+createClaim();
+
+```
+
+  </Tab>
+  </Tabs>
+
+### Deploying Your Own Reclaim Server
+
+Deploying a Reclaim server is straightforward using the [docker-compose](https://github.com/reclaimprotocol/attestor-core/blob/main/prod.docker-compose.yaml). The server is stateless, allowing for easy horizontal scaling. Follow these steps after running `docker compose up`:
+
+1.  **Set up a proxy:** Use a reverse proxy, such as Nginx, to make the Reclaim HTTP server accessible over the internet.
+2.  **Configure HTTPS:** Implement HTTPS on your reverse proxy.
+3.  **Configure WebSocket:** Configure your reverse proxy to handle WebSocket connections, which are essential for Reclaim's functionality.
+
+You should then have an RPC URL in the format `wss://<your-domain>/ws`. To confirm your server is working correctly on mobile devices through a browser-based RPC, navigate to `https://<your-domain>/browser-rpc`. If the server is correctly configured, you will see the message "Attestor Core RPC".

content/docs/attestor-decentralization/meta.json

@@ -0,0 +1,4 @@
+{
+    "title": "Attestor Decentralization",
+    "pages": ["local-development", "attestor-contracts"]
+}

content/docs/meta.json

@@ -1,4 +1,4 @@
 {
     "root": true,
-    "pages": ["index","js", "fullstack", "backend", "zkfetch", "flutter", "react-native", "inapp-sdks", "sdk", "advance-options", "hackathon"]
+    "pages": ["index","js", "fullstack", "backend", "zkfetch", "flutter", "react-native", "inapp-sdks", "sdk", "attestor-decentralization", "advance-options", "hackathon"]
 }