Bootstrapping Trust across Web2 and Web3 Domains Using Publicly Verifiable Web Data
Yuan Lu¹, Qiang Tang²
DOI : 10.65701/t0z4p7m2j8
Corresponding authors:
luyuan@iscas.ac.cn • qiang.tang@sydney.edu.au
Abstract
Through public key infrastructure (PKI) and the TLS protocol, users can securely connect to trusted web services such as banks, e-commerce platforms, and government portals. If such data could be made publicly verifiable, it could serve as a natural trust anchor for decentralized Web3 systems. Prior efforts, such as DECO (Zhang et al., CCS’20), introduced TLS web oracles that allow a prover to convince a designated verifier that specific data was obtained from a TLS server. However, these designs rely on the verifier’s cooperation and allow strategic aborts that prevent the prover from demonstrating the authenticity of already-transmitted TLS data.
We present a new TLS oracle protocol that achieves public verifiability and a novel form of fairness using an “encrypt-TLS-keys-to-future” paradigm. The prover and verifier jointly emulate a TLS client via secure two-party computation (2PC), obtaining additive shares of the session key. They also set up a trapdoor verifiable delay function (tVDF), allowing them to encrypt the full TLS session key under a future-unlockable value, while the TLS ciphertext is recorded on-chain. After a sufficiently long delay, the prover can reconstruct the session key and use zero-knowledge proofs to selectively disclose committed TLS data.
As an application, we present the first decentralized protocol that enables fair exchange between blockchain-backed Web3 assets and TLS-protected Web2 assets, bridging the gap between the two domains by supporting asset swaps without relying on any trusted third-party mediators.
