VerifyBlindVerifyBlindBeta
Chain of Trust

Open Source,
Fully Verifiable.

We're not asking you to "trust us". You can verify yourself that the mobile app you use and the server that processes your data are byte-for-byte identical to the code you see on GitHub.

1. Enclave Attestation

To prove the code running on our servers has not been altered, we use Remote Attestation technology.

Step: PCR Values

When the code on GitHub is built, it produces a unique fingerprint called "PCR0". If a single character changes in the code, this fingerprint becomes entirely different.

Step: Hardware Proof

AWS Nitro hardware scans the running code and signs an "Attestation Document" with its own digital signature underneath.

How can you check it yourself?

  1. 1Clone our GitHub repo and build your own image via the Dockerfile.
  2. 2Note the PCR0 value produced by the build.
  3. 3Download the live Attestation Document and compare its PCR0 value with yours. If they match, the code is identical.

Binding Proof: Public Key Binding

But what if someone showed you an old document belonging to a different Enclave? This is where Public Key Binding kicks in.

The Enclave generates a new key for every session and sends it to AWS Nitro to be "sealed inside the Attestation Document".

Your phone compares the key inside the document with the binding key sent to it. If the seal doesn't match, it cuts the connection instantly.

2. Mobile Code Transparency

VerifyBlind uses a Deterministic Build infrastructure. We prove that the code of the app on your phone is byte-for-byte identical to the code in the open-source repository.

Offline Cryptographic Seal

The Android package built on GitHub is sealed with a 3072-bit transparency signature in our isolated environment before being uploaded to Google Play. If the code is tampered with, the seal is broken instantly.

Byte-for-Byte Output Comparison

You can verify the chain of trust yourself by comparing the build hashes in GitHub Action reports against the hashes of the files on your phone.

# To verify the code on your phone:
$ java -jar bundletool.jar check-transparency --mode=connected_device --package-name=com.verifyblind.mobile
Code transparency verified: code related file contents match the code transparency file.
# VerifyBlind Transparency Key:
A9 89 BA D4 84 4E 36 AC D2 E4 76 8C 86 B4 59 A2 87 7D F7 90...

Our Open Source Code for Your Review

VerifyBlind Enclave Code

C#, Nitro Enclaves, Cryptography

VerifyBlind Mobile App

Kotlin, NFC, Jetpack Compose