mobile_proof_plugin 0.1.0 copy "mobile_proof_plugin: ^0.1.0" to clipboard
mobile_proof_plugin: ^0.1.0 copied to clipboard

Published 13 days agoverified publisherburnt.com• Latest: 0.2.0
[unknown platforms]

Metadata

Flutter plugin for TLSN-based mobile proofs with WebView capture and custom MPC provider flows.

More...

mobile_proof_plugin #

mobile_proof_plugin is a Flutter plugin for generating TLSN-backed mobile proofs from provider web sessions. It gives app developers a one-call API that:

  • launches a plugin-managed WebView login flow,
  • captures the provider request defined by your rules,
  • runs MPC/proof generation through the native core, and
  • returns a structured ProofArtifact.

Features #

  • One-call attestation with MobileProofClient.attestProvider(...)
  • Custom provider configuration via JSON registry
  • Built-in request matching and selective reveal policies
  • Progress stream for UX updates
  • Android + iOS platform channel bridges

Supported Platforms #

  • Android (min SDK 24)
  • iOS (13.0+)

Installation #

dependencies:
  mobile_proof_plugin: ^0.1.0

Then run:

flutter pub get

Quick Start #

import 'package:flutter/material.dart';
import 'package:mobile_proof_plugin/mobile_proof_plugin.dart';

Future<void> runAttestation(BuildContext context) async {
  final client = MobileProofClient(bridge: MethodChannelNativeBridge());
  final progress = client.subscribeProgress().listen((event) {
    debugPrint('[${event.phase.name}] ${event.message}');
  });

  try {
    final artifact = await client.attestProvider(
      context: context,
      providerId: 'my_provider.current_user.v1',
      providerRegistryAssetPath: 'assets/providers.json',
      transportConfig: TransportConfig(
        deploymentMode: DeploymentMode.hosted,
        verifierUrl: Uri.parse('https://your-verifier.example.com'),
        trustedNotaryKeys: const <String>[
          'BASE64_NOTARY_PUBLIC_KEY'
        ],
        enforceNativeCore: true,
      ),
    );

    debugPrint('Proof ID: ${artifact.proofId}');
    debugPrint(client.exportProof(ProofExportFormat.prettyJson, artifact: artifact));
  } finally {
    await progress.cancel();
    await client.dispose();
  }
}

Custom MPC Through WebView #

This plugin is designed to support custom providers through a registry file (JSON).
You define:

  • provider login URL and callback URL,
  • request match rules for selecting the captured exchange,
  • reveal rules and privacy policy (allowed headers/body paths), and
  • proof target constraints (method/url/max sizes).

Include the registry in your app assets and pass it via providerRegistryAssetPath.

Default registry shipped by this package: packages/mobile_proof_plugin/assets/providers.json.

Minimal Provider Entry #

{
  "schemaVersion": "1.0.0",
  "providers": [
    {
      "id": "my_provider.current_user.v1",
      "displayName": "My Provider",
      "webLogin": {
        "startUrl": "https://example.com/login",
        "callbackUrl": "https://example.com/callback",
        "oauthHosts": ["example.com"]
      },
      "proofTarget": {
        "method": "GET",
        "url": "https://api.example.com/current_user",
        "maxSentData": 4096,
        "maxRecvData": 16384
      },
      "requestMatchRules": [
        { "type": "methodEquals", "pattern": "GET" },
        { "type": "urlContains", "pattern": "/current_user" }
      ],
      "revealRules": [
        {
          "direction": "RECV",
          "part": "BODY",
          "action": "REVEAL",
          "params": { "type": "json", "path": "$.id" }
        }
      ],
      "privacyPolicy": {
        "allowedRequestHeaders": ["authorization"],
        "allowedResponseBodyJsonPaths": ["$.id"]
      }
    }
  ]
}

Security Notes #

  • Set enforceNativeCore: true in production.
  • Always set trustedNotaryKeys; the native core requires this for secure proof verification.
  • Keep reveal rules as narrow as possible to avoid over-disclosure.

Native Rust Core Packaging #

The plugin API depends on native Rust core binaries for real MPC/proof generation. Stub bridges may be used only for local development and integration testing.

For production releases:

  • publish Android .so libraries for all supported ABIs,
  • publish iOS .xcframework artifacts with exported Rust symbols,
  • wire these artifacts into the plugin (jniLibs / podspec vendored frameworks), and
  • validate with enforceNativeCore: true on real devices before release.

If binaries are not shipped, proof generation either fails or falls back to non-production stub behavior.

Example App #

See example/ in this package for a minimal runnable integration.

Additional Documentation #

License #

MIT (see LICENSE).

Metadata

0
likes
0
points
170
downloads

Documentation

Documentation

Publisher

verified publisherburnt.com

Weekly Downloads

Metadata

Flutter plugin for TLSN-based mobile proofs with WebView capture and custom MPC provider flows.

Homepage
Repository (GitHub)
View/report issues

Topics

#tlsn #mpc #webview #privacy #proof

License

unknown (license)

Dependencies

device_info_plus, flutter, webview_flutter, webview_flutter_wkwebview

More

Packages that depend on mobile_proof_plugin

Packages that implement mobile_proof_plugin

Back