Argus eye

[A]RGUS

Trustless JWKS Registry on Starknet.
Permissionless RSA key registration via zkTLS.

View RegistryDocs
scroll

Trustless · Permissionless · On-chain

How It Works

01

JWKS Endpoint

Google, Apple, and Firebase publish their RSA public keys at standard HTTPS endpoints. These rotate regularly.

02

zkTLS Proof via Reclaim

Reclaim Protocol generates a cryptographic proof that the HTTP response is authentic — without trusting any intermediary server.

03

On-chain RSA Verification

Argus verifies the proof on-chain using 2048-bit Montgomery arithmetic, then writes the key to the JWKS Registry. Anyone can submit.

Supported Providers

GoogleACTIVE

OAuth 2.0 / OIDC identity

https://www.googleapis.com/oauth2/v3/certs
AppleACTIVE

Sign in with Apple

https://appleid.apple.com/auth/keys
FirebaseACTIVE

Cavos Firebase auth

https://cavos.xyz/.well-known/jwks.json

Contract Addresses

NetworkContractAddress
SepoliaArgus0x065a77e8…27815b56
SepoliaJWKSRegistry0x0514157c…218f5bb4
MainnetArgus0x058b886f…c969d101
MainnetJWKSRegistry0x04dc4a75…04aa563e
Full addresses and ABIs →