IPFSxYARA
Zk on-chain verification of YARA scans for IPFS cids. Yara scans bytes for malicious patterns.
Project Description
Problem statement:
IPFS is used with rising frequency for serving malware to compromised machines during the deployment.
Solution:
Yara is a Security tool which scans bytes for malicious patterns defined in yara-rules.
We propose an FEVM-based security layer, where a smart-contract validates the integrity of an IPFS CID through the zero-knowledge (ZK) proof verification of a successful Yara scan.
How it's Made
Tech
- Docker container with Yara rules and scanner.
Yara runs in a docker-container. The input is the IPFS cid and the set of rules to test for. The output is a standardized log with matches per rule.
- SNARK circuit which generates a proof of a successful scan for a CID.
A SNARK circuit which takes 3 inputs: the cid, the hash of the ruleset and the hash of the log. This the verification circuit gets deployed on chain. With every scan a proof is generated and submitted for on-chain verification.
- Smart contract which verifies the proof.
The smart-contract validates if the cid and proof match. Those are stored offchain and can be validated on demand.
