Proof of a desktop computer

[bajtos]

We are currently using IPv4 /24 subnets as a scarce resource. This has many issues, from the fact that IPv4 addresses are not that difficult to obtain to the problem of supporting IPv6 clients.

Let's research (and implement?) an alternative based on Secure Enclave/TPM component present in most modern computers.

Related resources:

• https://developer.apple.com/videos/play/wwdc2022/10143/
• https://support.apple.com/en-gb/guide/deployment/dep28afbde6a/web
• https://developer.apple.com/documentation/devicecheck

[bajtos]

We must verify that we can obtain hardware proofs on all desktop platforms (Windows, Linux, macOS).

I vaguely remember that cheaper and/or older PCs don’t have a TPM component.

Can we estimate how many users won’t be able to run Station Desktop because they don’t have TPM? Is it acceptable for us?

https://support.microsoft.com/en-us/topic/what-is-tpm-705f241d-025d-4470-80c5-4feeb24fa1ee

TPM has been around for over 20 years, and has been part of PCs since around 2005. In 2016 TPM version 2.0 - the current version as of this writing - became standard in new PCs.
[…]
The odds are that your PC does already have TPM, and if it’s less than 5 years old you should have TPM 2.0.

But more importantly - users may need to enable TPM via BIOS.

Tip: If you don’t see the Security processor section it may be that your device has TPM but that the TPM is turned off. To learn how to turn it on see Enable TPM 2.0 on your PC.

[bajtos]

https://developer.apple.com/documentation/devicecheck

Using the DCDevice class in your app, you can get a token that you use on your server to set and query two binary digits of data per device, while maintaining user privacy. For example, you might use this data to identify devices that have already taken advantage of a promotional offer that you provide, or to flag a device that you’ve determined to be fraudulent. The server-to-server APIs also let you verify that the token you receive comes from your app on an Apple device.
Someone who modifies your app and distributes it outside the App Store can add unauthorized features like game cheats, ad removal, or access to premium content. The App Attest service gives your app a way to assert its validity so that your server can more confidently provide access to sensitive resources. You use the DCAppAttestService class to generate a special cryptographic key on the device, and have Apple attest to the validity of that key. You then use that key to assert the validity of your app whenever you request sensitive data from your server.

[bajtos]

TPM module for Raspberry Pi:

• https://thepihut.com/products/letstrust-tpm-for-raspberry-pi
• https://github.com/Infineon/optiga-tpm-explorer

Windows TPM docs:

• https://learn.microsoft.com/en-us/windows/win32/tbs/tbs-functions
• https://azure.microsoft.com/en-us/blog/device-provisioning-identity-attestation-with-tpm/

TPM docs:

• https://trustedcomputinggroup.org/wp-content/uploads/TPM-2p0-Keys-for-Device-Identity-and-Attestation_v1_r12_pub10082021.pdf
• https://security.stackexchange.com/questions/130658/how-to-use-tpm-to-identify-a-computer-for-licensing-purposes

[bajtos]

Cloud providers provide virtual TPMs 😢

https://duckduckgo.com/?q=vtpm&t=osx&ia=web

https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6F811A7A-D58B-47B4-84B4-73391D55C268.html

A virtual Trusted Platform Module (vTPM) is a software-based representation of a physical Trusted Platform Module 2.0 chip. A vTPM acts as any other virtual device.
(...)
A vTPM does not require a physical Trusted Platform Module (TPM) 2.0 chip to be present on the ESXi host. However, if you want to perform host attestation, an external entity, such as a TPM 2.0 physical chip, is required. See Securing ESXi Hosts with Trusted Platform Module.

https://learn.microsoft.com/en-us/azure/virtual-machines/trusted-launch

Azure offers trusted launch as a seamless way to improve the security of generation 2 VMs. Trusted launch protects against advanced and persistent attack techniques. Trusted launch is composed of several, coordinated infrastructure technologies that can be enabled independently. Each technology provides another layer of defense against sophisticated threats.
(...)
Trusted launch also introduces vTPM for Azure VMs. vTPM is a virtualized version of a hardware Trusted Platform Module, compliant with the TPM2.0 spec. It serves as a dedicated secure vault for keys and measurements. Trusted launch provides your VM with its own dedicated TPM instance, running in a secure environment outside the reach of any VM. The vTPM enables attestation by measuring the entire boot chain of your VM (UEFI, OS, system, and drivers).
Trusted launch uses the vTPM to perform remote attestation through the cloud. Attestations enable platform health checks and for making trust-based decisions. As a health check, trusted launch can cryptographically certify that your VM booted correctly. If the process fails, possibly because your VM is running an unauthorized component, Microsoft Defender for Cloud issues integrity alerts. The alerts include details on which components failed to pass integrity checks.

[bajtos]

Rust example - how to work with TPM2:

• https://github.com/parallaxsecond/rust-tss-esapi/blob/29b72787f8caa848727b05a9df3161ef2bf5918f/tss-esapi/examples/hmac.rs#L81

[bajtos]

Loosely related in case we decide to go in the direction of Proof of Humanity:

https://github.com/zk-passport/proof-of-passport

Proof of Passport lets users scan the NFC chip in their government-issued passport and prove the correctness of the signature in a zk-SNARK. This unlocks two interesting use cases:

• For sybil-resistance, proof of passport can provide a source of unique identity.
• For identity and privacy, proof of passport allows selective disclosure of private data. For instance, users can disclose their nationality or their date of birth without revealing any other private information.

[bajtos]

https://docs.rarimo.com/products/passport-derived-profiles/

What it is:
RariMe is a self-custody identity wallet. Built by the Rarimo protocol community, it lets you use your passport to generate zero-knowledge proofs verifying your age, citizenship, and humanity without revealing your identity or any other personal data.

Why it's a big deal:
Before RariMe, there was no way that dApps or protocols could verify the age or citizenship of users without encroaching on their privacy.

By allowing users to prove new characteristics about themselves while remaining anonymous, RariMe unlocks a series of previously impossible use cases. The first new use case to go live will be a series of programmable airdrops, including a humanitarian aid-drop for Ukrainian citizens. RMO token will also be distributed exclusively through RariMe, and any protocol can use it for anti-sybil measures.

Big Picture:
Rarimo is ZK social protocol. It allows users to make their digital identity data private but verifiable. Prior to RariMe, the Rarimo community launched Freedom Tool, an anti-surveillance voting solution whereby citizens use passport ZK proofs to prove their eligibility to vote without revealing their identity. The solution was used by Russian Opposition to challenge the legitimacy of Vladimir Putin’s electoral victory, and by Iranian NGOs to help Iranian dissidents safely protest the presidential elections.