TrustWire Documentation

User Journey

1. User registers or logs in to the TrustWire platform
2. User connects their Web3 wallet
3. User creates a new Training Set
4. User uploads documents to the Training Set
5. User generates Zero-Knowledge Proofs for the documents
6. User mints the Training Set to the blockchain
7. User mints individual documents to the blockchain
8. User can view and share public links to Training Sets and Documents

Functions

Training Sets

• Create a new Training Set
• View all Training Sets
• View details of a specific Training Set
• Mint a Training Set to the blockchain
• Share public links to Training Sets

Documents

• Upload documents to a Training Set
• View document details
• Generate Zero-Knowledge Proof for a document
• Validate a document's Zero-Knowledge Proof
• Mint a document to the blockchain
• Share public links to documents

Blockchain Interactions

• Connect Web3 wallet
• Mint Training Sets and Documents as NFTs
• View minted assets on the blockchain explorer
• Verify proofs using the on-chain verifier contract

Account Management

• View account information
• Change password
• View owned Training Sets and document counts

API Endpoints

Authentication

            POST /api/auth/register
            POST /api/auth/login
            GET /api/auth/profile
            POST /api/auth/change-password
            

Training Sets

            GET /api/training-sets
            POST /api/training-sets
            GET /api/training-sets/:uuid
            GET /api/training-sets/public/:uuid
            POST /api/training-sets/:uuid/deploy
            

Documents

            POST /api/training-sets/:uuid/add-file
            GET /api/documents/:uuid
            GET /api/documents/public/:uuid
            POST /api/documents/:trainingSetUUID/documents/:documentUUID/mint
            

Proofs

            GET /api/proofs/generate/:fileUUID
            GET /api/proofs/verify/:fileUUID
            GET /api/proofs/:proofId
            GET /api/proofs/by-file/:fileId
            GET /api/proofs/by-zkhash/:zkHash
            

On-Chain Verifier Contract

The TrustWire verifier contract is deployed on Arbitrum at the following address:

0x539a2cd5fbf43ae693eC33d7eC85F4712Acf18Da

Retrieving Full Proof from On-Chain Token

To retrieve the full proof for a document that has been minted as an on-chain token:

1. Use the Document View API endpoint:

   GET /api/documents/:uuid

2. From the response, note the blockchain_token_id and training_set_address.
3. Call the getProof function on the TrustWire Training Set contract at training_set_address, passing the blockchain_token_id as an argument.
4. The returned data will contain the full proof information.

Formatting Transaction for On-Chain Prover

To verify a proof using the on-chain verifier contract:

1. Retrieve the full proof data as described above.
2. Format the proof data into the required structure for the verifyProof function:

   function verifyProof(
                   uint[2] calldata _pA,
                   uint[2][2] calldata _pB,
                   uint[2] calldata _pC,
                   uint[5] calldata _pubSignals
               ) public view returns (bool)

3. Prepare the transaction data:
   • To: 0x539a2cd5fbf43ae693eC33d7eC85F4712Acf18Da (Verifier contract address)
   • Data: Encoded function call to verifyProof with the formatted proof data
4. Send the transaction to the Arbitrum network.
5. The function will return true if the proof is valid, and false otherwise.

Example of formatting the proof data in JavaScript:

const proofData = {
              pA: [proof.pi_a[0], proof.pi_a[1]],
              pB: [[proof.pi_b[0][1], proof.pi_b[0][0]], [proof.pi_b[1][1], proof.pi_b[1][0]]],
              pC: [proof.pi_c[0], proof.pi_c[1]],
              pubSignals: proof.public_signals
            };
            
            const verifierContract = new ethers.Contract(verifierAddress, verifierABI, signer);
            const isValid = await verifierContract.verifyProof(
              proofData.pA,
              proofData.pB,
              proofData.pC,
              proofData.pubSignals
            );

Security Considerations

• All API endpoints are protected with JWT authentication
• Zero-Knowledge Proofs ensure document privacy while allowing verification
• Blockchain interactions require user's Web3 wallet signature
• Passwords are securely hashed before storage
• Public and private views are strictly separated to ensure data privacy

Best Practices

• Regularly update your password to maintain account security
• Always verify the blockchain address before minting Training Sets or Documents
• Use descriptive names and symbols for your Training Sets to easily identify them
• Generate Zero-Knowledge Proofs for all documents to ensure verifiability
• Carefully review all information before minting to the blockchain, as this action is irreversible
• When verifying proofs on-chain, ensure you're interacting with the correct verifier contract address

For more detailed information, please refer to the API documentation or contact support.