Fischietto is a secure platform for whistleblowing within organizations. Here's how it works briefly:
Fischietto supports identity verification through Google Workspace, or any other identity provider like Laser Romae. When signing in with Google, it returns a piece of data called JWT, which contains some information about your account, and a signature from Google.
This process can be easily adapted to another provider, such as Laser Romae, to return all the necessary payload information on which the proof is based.Here is an example of what the data in the JWT token looks like:
headers: {};
payload: {
name: "Gianni Maria",
hd: "ideacorp.aciceri.dev", // domain name of the company
email: "sa@ideacorp.aciceri.dev",
email_verified: true,
nonce: "a27702e8318d0eea0731caeaa7873507",
iss: "https://accounts.google.com",
iat: 1726663035,
exp: 1726666635,
...
}
signature: V7QYQ98PqoeoE89uwmueaKxEGh8Ed...
The signature portion at the end is a digital signature from Google attesting to the payload data. This signature can only be generated by Google's private key (or any other identity provider's key like Laser Romae).
Anyone with the above data and signature can verify the authenticity of the data using the provider's public key.
We can send a random value callednonce to the identity provider during the sign-in process, and they will include that in the signed JWT token payload.
This allows signing arbitrary information along with account details. In our case, we set the nonce as ahash of the whistleblower's report.
Now, anyone with your report and the JWT token can verify that the message was created by someone who owns the associated identity provider account.
Verifying authenticity of the account and message like above requires sharing the full JWT data (including name and email) with the verifier. Of course, this is not ideal for whistleblowers who seek to remain anonymous. To address this, we useZero Knowledge Proofs.
Using ZK circuits, you can prove that you have run a program correctly, without revealing the input to the program - or only revealing selective parts of the input. The ZK circuit itself is not private.
Anyone can verify the ZK proof along with the "public inputs" to convince themselves that the program was run correctly with valid inputs.
For Fischietto, we built a ZK circuit that verifies the digital signature of the JWT and only reveals the company domain (hd field in the JWT token) and the nonce (hash of the whistleblower's report).
Now, anyone with the report, the company domain, and the ZK proof can verify that the report was created by someone with an account from the specified identity provider.
When a report is submitted, the whistleblower is asked to sign in (using the report hash as a nonce), and a ZK proof is generated. This entire process happens in the browser, and no data leaves the browser.
Once the proof is generated, the report and the proof are sent to a server, which verifies the proof and stores the report in a database. The server never learns anything about the whistleblower.
The server cannot alter any message, as the ZK proof for that message would become invalid. However, the server can censor or delete certain messages.
To prevent censorship, messages are sent directly to a blockchain, the reports and proofs are stored on the Fhenix network, a secure and encrypted storage system. Any interactions such as upvotes or downvotes, tied to a report, are also stored on Fhenix and are done anonymously using similar encryption and privacy-preserving techniques.