This document explains how data is transported from the untrusted logger (U) to the trusted server (T) in the private-verifiable scheme.
Per Section 4 of A New Approach to Secure Logging, the logger must coordinate three protocol phases with the trusted server:
- Log Initialization – Deliver the initial commitment
(A₀, B₀), along with an opening message capturing the first entry and tags. - Log Closure – Notify T when the log closes, providing the final aggregate tags.
- Final Verification – Supply the full log so T can validate the T-chain aggregates against its stored metadata.
Our implementation splits the initialization into two messages:
InitCommitment: commits to key seeds and update policy.OpenMessage: confirms theLOG_OPENEDentry, its index, and both aggregate tags.
┌─────────────┐ ┌─────────────┐
│ Logger U │ │ Server T │
│ (untrusted) │ │ (trusted) │
└─────────────┘ └─────────────┘
│ │
│ 1a. InitCommitment (A₀, B₀, meta) │
│────────────────────────────────────────>│
│ 1b. OpenMessage (LOG_OPENED tags) │
│────────────────────────────────────────>│
│ │
│ (U appends log entries…) │
│ │
│ 2. CloseMessage (μ_V,f, μ_T,f) │
│────────────────────────────────────────>│
│ │
│ 3. Log file (records) │
│────────────────────────────────────────>│
│ │
│ 4. Verification result │
│<────────────────────────────────────────│
Stores metadata alongside logs on disk.
/shared/securelog/
commitments/
app-log-001.gob # InitCommitment
opens/
app-log-001.gob # OpenMessage
closures/
app-log-001.gob # CloseMessage
logs/
app-log-001/
logs.dat # Entries
anchors.idx # Anchors
tail.dat # Tail state (μ_V, μ_T)
Logger usage
transport, _ := securelog.NewFolderTransport("/shared/securelog")
logDir := "/shared/securelog/logs/app-log-001"
store, _ := securelog.OpenFileStore(logDir)
logger, _ := securelog.NewRemoteLogger(
securelog.Config{AnchorEvery: 100},
store,
transport,
"app-log-001",
)NewRemoteLogger automatically:
- Calls
InitProtocol, which appendsLOG_OPENEDand returns(InitCommitment, OpenMessage). - Sends both to T via
SendCommitmentandSendOpen.
Closing the logger sends the CloseMessage; FolderTransport.VerifyLog loads all three messages and checks the T-chain.
Endpoints expected by Server:
POST /api/v1/logs/register–InitCommitmentPOST /api/v1/logs/open–OpenMessagePOST /api/v1/logs/close–CloseMessagePOST /api/v1/logs/{id}/verify– records for final verification
Example logger setup:
store, _ := securelog.OpenFileStore("/var/log/myapp")
transport := securelog.NewHTTPTransport("https://trust.example.com")
logger, err := securelog.NewRemoteLogger(cfg, store, transport, "myapp-log-001")For integration tests where U and T run in the same process:
trusted := securelog.NewTrustedServer()
transport := securelog.NewLocalTransport(trusted, store)
logger, _ := securelog.NewRemoteLogger(cfg, store, transport, "test-log")SendCommitment, SendOpen, and SendClosure map directly to TrustedServer methods.
Implement the interface:
type Transport interface {
SendCommitment(InitCommitment) error
SendOpen(OpenMessage) error
SendClosure(CloseMessage) error
SendLogFile(logID string, records []Record) (bool, error)
}- TLS with mutual auth: ensure commitment/open/close messages are protected.
- Key protection:
(A₀, B₀)andOpenMessagemust be transmitted securely. - Delay-detection:
OpenMessageallows T to detect total deletion and verify the first entry’s tags. - Tail state: the store writes only current aggregates (
tail.dat,tailtable); verifiers recompute fromLOG_OPENEDonward.
Ensure any new transport preserves the three-phase protocol: commitment, open, close, plus final verification.