Proof server
Midnight uses zero-knowledge (ZK) cryptography to enable shielded transactions and data protection. An essential element of this architecture is ZK functionality provided by a Midnight proof server, which generates proofs locally that will be verified on-chain. The information that a DApp sends to the proof server includes private data, such as details of token ownership or a DApp's private state. To protect your data, you should access only a local proof server, or perhaps one on a remote machine that you control, over an encrypted channel.
In this section of the tutorial, you will install and run a Midnight proof server on your system in a Docker container. The Midnight Lace Chrome extension (including the wallet) communicates with the proof server to invoke ZK functionality and generate ZK proofs for your transactions.
Install the proof server
In the prerequisites for this part of the tutorial, you installed Docker and verified your access to the Midnight devnet docker repo.
docker search midnightnetwork
To download the Docker image for the Midnight proof server, run the following command:
docker pull midnightnetwork/proof-server:latest
By the way, you may not have noticed, but if you hover your mouse pointer over any of the shell commands or code example boxes in this tutorial, a copy icon (it looks like two overlapping sheets of paper) appears at the right-hand side of the box. Click that to copy the contents of the box.
You can verify the download's success by checking that the following command lists a proof server image:
docker images | grep proof-server
Start the proof server
Run the proof server with the following command:
docker run -p 6300:6300 midnightnetwork/proof-server -- 'midnight-proof-server --network devnet'
You should see some output indicating that the server has started.
Stop the proof server
To stop the proof server, simply exit the process you launched with
docker run. For example, on most systems, you can type Ctrl-C to
stop the process.
For the next step in this tutorial, the proof server must be running, so if you have stopped it, start it again now.
Your privacy
The proof server exists to protect your privacy. It does not open any network connections; it simply listens on its assigned port for requests from your Chrome extension. One of the lines of output you may see from the proof server includes this text:
Targeting network: DevNet
This indicates that the instance you are running is configured appropriately to generate proofs that are valid on the Midnight devnet. It does not indicate a network connection from the proof server to the devnet.
Please let the DevRel support team know if you have any privacy concerns regarding the proof server.
Optionally for Linux users: Setup proof-server as a systemd service
For added convenience, you may consider running the proof-server as an automatic background process anytime you boot your machine.
- Create a new file for your systemd service, typically in the
/etc/systemd/system/directory. For example:
sudo nano /etc/systemd/system/midnight-proof-server.service
- Add the following contents.
[Unit]
Description=Midnight Network Proof Server
After=docker.service
Requires=docker.service
[Service]
ExecStart=/usr/bin/docker run -p 6300:6300 midnightnetwork/proof-server midnight-proof-server --network devnet
Restart=always
RestartSec=5
[Install]
WantedBy=default.target
Adjust the Description, ExecStart, and other parameters as needed.
- Reload systemd manager to apply changes.
sudo systemctl daemon-reload
- Start service.
sudo systemctl start midnight-proof-server # start service
- How to stop and get status of service.
sudo systemctl enable midnight-proof-server # stop service
sudo systemctl status midnight-proof-server # get status of service