IPFSxYARA

Screenshots

Problem Statement

Problem statement:IPFS is used with rising frequency for serving malware to compromised machines during thedeployment.SourceSolution:Yara is a Security tool which scans bytes for malicious patterns defined inyara-rules. We propose an FEVM-based security layer, where a smart-contract validates the integrity of an IPFS CID through the zero-knowledge (ZK) proof verification of a successful Yara scan.

Solution

TechDocker container with Yara rules and scanner.Yara runs in a docker-container. The input is the IPFS cid and the set of rules to test for. The output is a standardized log with matches per rule.SNARK circuit which generates a proof of a successful scan for a CID.A SNARK circuit which takes 3 inputs: the cid, the hash of the ruleset and the hash of the log. This the verification circuit gets deployed on chain. With every scan a proof is generated and submitted for on-chain verification.Smart contract which verifies the proof.The smart-contract validates if the cid and proof match. Those are stored offchain and can be validated on demand.