IPFS is used with rising frequency for serving malware to compromised machines during the
Yara is a Security tool which scans bytes for malicious patterns defined in
We propose an FEVM-based security layer, where a smart-contract validates the integrity of an IPFS CID through the zero-knowledge (ZK) proof verification of a successful Yara scan.
Yara runs in a docker-container. The input is the IPFS cid and the set of rules to test for. The output is a standardized log with matches per rule.
A SNARK circuit which takes 3 inputs: the cid, the hash of the ruleset and the hash of the log. This the verification circuit gets deployed on chain. With every scan a proof is generated and submitted for on-chain verification.
The smart-contract validates if the cid and proof match. Those are stored offchain and can be validated on demand.