Verify the app from source
The Privatemode web app is open source and can be reproducibly built. This allows you to verify that the hosted or self-hosted version matches the published source code.
Prerequisites
- Linux operating system (x86-64)
- Nix (we recommend the Determinate Systems Nix installer)
Clone the public, auditable source code of the web app:
# Replace vX.Y.Z with the actual version you want to build or verify, e.g., v1.37.0
git clone --branch vX.Y.Z https://github.com/edgelesssys/privatemode-public
Then, enter the Nix development shell:
nix develop
Building from source
Build the app with the appropriate flag:
-
For verifying the online version at chat.privatemode.ai:
./scripts/build-web-app.sh --release -
For building or verifying a self-hosted version:
./scripts/build-web-app.sh --local
Both commands place the static HTML, JS, and CSS in the ./result/share directory.
Verifying a deployed instance
After building the app, verify a deployed instance:
uv run ./scripts/verify-webapp-intgrity.py \
--reference-dir ./result/share \
--url <URL>
Replace <URL> with the URL of the instance you want to verify, e.g., https://chat.privatemode.ai or http://localhost:8080.
This command verifies that:
- Each of the locally-built HTML documents are present on the remote and match the locally-built versions byte-by-byte.
- Each of the HTML documents includes an import map with
integritytags for all locally-built JavaScript sources, extending the trust established in the locally-built reproducible sources to the dynamic JavaScript code used in the app.
When verifying the online version, the TCB is extended to both Edgeless Systems and Cloudflare, the service the web app is hosted on. Either of those could potentially alter the content served at https://chat.privatemode.ai at any time, so a verification of the public instance needs to be repeated upon every page reload. For an immutable experience closer to the Privatemode proxy, technical users can use the self-hosted version of the Privatemode web app.