filippodb
/
covidpass-greenpass-su-iphone-ios-android-wallet
mirror of https://github.com/covidpass-org/covidpass.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

updates to include verification step

This commit is contained in:
Billy Lo 2021-09-01 14:15:52 -04:00 committed by GitHub
parent fac45c616b
commit d3fc0613a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -1,6 +1,6 @@
# Grassroots
This web-based tool allows you to add your Ontario Vaccination Receipt as a pass into your Apple Wallet on iOS in a privacy-respecting way. It achieves this without sending your data to a server and instead only uses a hashed representation for the signing step.
This web-based tool allows you to add your Ontario Vaccination Receipt as a pass into your Apple Wallet on iOS in a privacy-respecting way. It achieves this without sending your data to a server and instead uses a hashed representation for the signing step.
Here is a [demo](https://www.youtube.com/watch?v=AIrG5Qbjptg)
@ -29,7 +29,7 @@ docker run -t -i -p 3000:3000 covidpass
#### I do not want to trust a third party with my vaccination data, does this tool respect my privacy?
Processing of your data happens entirely in your mobile browser and only a hashed representation is sent to the server for the signing step.
Processing of your data happens entirely in your browser and only a hashed representation is sent to the server for the signing step.
#### How do I make sure that nobody can access my vaccination pass from the lock screen (iOS)?
@ -60,13 +60,14 @@ To connect the web app to your local server, you have to set the `API_BASE_URL`
# Explanation of the process
The whole process of generating the pass file happens locally in your browser. For the signing step, only a hashed representation of your data is sent to the server.
The whole process of generating the pass file happens locally in your browser. For the signing step, a hashed representation of your data is sent to the server.
First, the following steps happen locally in your browser:
* Validating the digital signature on the receipt from Ontario Health to ensure it's authentic
* Decoding your vaccination event data from the PDF file (e.g. date, type of vaccine, dose #, organization who administered it
* Assembling a pkpass file out of your data
* Sending the serial number and vaccination event data for verification when the QR code is scanned.
* Generating a file containing hashes of the data stored in the pass file
* Sending only the file containing the hashes to the server