Download
Key Transparency is a system for accountable public-key discovery that lets users and senders verify the keys associated with an account over time. It combines an append-only log with a verifiable map so changes to a user’s keys produce cryptographic proofs, enabling clients to detect malicious insertions or undetected key rotations. The architecture separates operators from verifiers: even if the service is compromised, independent clients can audit inclusion and consistency proofs to maintain trust. APIs and reference components demonstrate how account lookup, update, and auditing flows fit together for messaging or identity systems. By making key state globally visible and tamper-evident, the project reduces the need to blindly trust a single directory operator. It serves as a blueprint for building end-to-end encryption ecosystems that remain transparent and accountable at Internet scale.
Features
- Verifiable directory of user→public-key bindings using Merkle proofs
- Inclusion and consistency proofs so clients can audit server behavior
- Separation of operation and verification to reduce trust in operators
- APIs for lookup, updates, and history queries over account keys
- Support for monitoring and gossip to detect equivocation
- Reference components to bootstrap deployments and client libraries
Project Samples
