This repository contains libraries and binaries for running witnesses. A witness verifies that logs are evolving in an append-only manner and counter-signs checkpoints that represent an append-only evolution from any previously witnessed checkpoints. These witnessed checkpoints can be consumed by clients that want protection against split-views.
Users wishing to run this should start with the OmniWitness.
The witness is an HTTP service that stores checkpoints it has seen from different verifiable logs in a sqlite database. This is a very lightweight way to help detect or even prevent split-view attacks.
The witness provides three API endpoints (as defined in api/http.go):
/witness/v0/logsreturns a list of all logs for which the witness is currently storing a checkpoint./witness/v0/logs/<logid>/updateacts to update the checkpoint stored forlogid./witness/v0/logs/<logid>/checkpointreturns the latest checkpoint forlogid, signed by the witness.
Most users wanting to run a witness will simply deploy the OmniWitness, which is preconfigured to witness all known logs using the checkpoint format.