**Session Date/Time:** 26 Jul 2024 22:30

# keytrans

## Summary

The keytrans working group meeting focused primarily on discussing the new protocol draft for key transparency, presented by Brendan Moran and Felix Handte. The draft aims to build a protocol between a client and server (key-value database) that supports searching, updating, and monitoring keys with cryptographic guarantees. A significant portion of the meeting was dedicated to explaining the data structures used in the protocol (log tree, prefix tree, and combined tree) and how searching and monitoring are implemented. Additionally, Isha presented an alternative approach considering both client-monitoring and third-party auditing modes, leading to a discussion on the scope and potential expansion of the current protocol draft.

## Key Discussion Points

*   **Protocol Draft Explanation:** Detailed explanation of the log tree, prefix tree, and combined tree data structures, including how they are constructed and used for searching and monitoring.
*   **Search Algorithm:** In-depth discussion of the binary search algorithm used for finding specific key versions, including the "binary ladder" approach for identifying the most recent version of a key.
*   **Monitoring Mechanism:** Explanation of how monitoring works by leveraging the stability of search paths to efficiently detect unexpected changes to keys.
*   **Persistent State Requirement:** Debate about the need for clients to maintain persistent state, particularly in the context of third-party auditing and client monitoring modes. Isha argued for supporting stateless clients, allowing detection of malicious key updates even after device loss.
*   **Third-Party Auditor vs. Client Monitoring Modes:** Isha presented an alternative design that supports both third-party auditing and client monitoring, highlighting the trade-offs in terms of computational cost and state management. Discussion around if the current draft supports third-party auditing and how to best take advantage of it.
*   **Integration of Isha's Proposal:** Discussion among Brendan, Felix, and Isha (the authors) about how Isha's dual-mode approach could be incorporated into the existing protocol draft.
*   **Deployment Realities:** Current real-world deployments such as WhatsApp and Proton utilize third-party auditing.

## Decisions and Action Items

*   Brendan, Felix, and Isha agreed to discuss offline how to potentially incorporate Isha's dual-mode approach into the existing protocol draft.
*   Pratchi and Sivan will talk with Brendan, Felix and Isha to see what next steps will be.

## Next Steps

*   The authors (Brendan, Felix, and Isha) will continue discussions on the mailing list and offline to determine the best path forward for the protocol draft.
*   Pratchi and Sivan will talk with Brendan, Felix and Isha to see what next steps will be.
*   The working group will continue to provide feedback on the protocol draft and the potential inclusion of the dual-mode approach.