# App Attestations ### Verify Mobile Application Data with Cryptographic Proofs App Attestations are a **Truth Engine** module on the Verona network. They enable zero-knowledge verification of data from mobile applications—rideshare ratings, fitness metrics, delivery history, and more—without exposing underlying app credentials or full datasets. #### How App Attestations Work 1. **App Data Access.** The user's mobile device accesses the relevant data from a target application through authenticated API calls or secure enclave access. 2. **Attestation Generation.** The attestation framework creates a cryptographic proof of the specific data point the user wants to verify. This proof is generated in a secure execution environment on the device. 3. **Claim Extraction.** The proof extracts only the specific claim (e.g., "Strava weekly mileage above 20 miles") without including any other app data. 4. **On-Chain Verification.** The attestation is submitted on chain and verified. A valid attestation creates an on-chain record. #### What Can Be Verified **Rideshare & Delivery** * Driver/rider ratings on Uber, Lyft, DoorDash, etc. * Trip count and frequency * Account age and standing * Preferred destinations (category-level, not exact addresses) **Health & Fitness** * Step counts and activity levels from health apps * Workout frequency and type from Peloton, Strava, etc. * Sleep patterns and duration ranges * Calorie tracking adherence **Streaming & Entertainment** * Watch history patterns (genres, frequency) from Netflix, Spotify, etc. * Subscription tier and duration * Listening habits and preferences * Content creation metrics **Finance & Banking** * Banking app balance ranges * Transaction frequency patterns * Investment app usage and account type * Payment app transaction history **Social & Communication** * Messaging app activity levels * Social media engagement metrics * Community membership and participation * Account age and verification status #### Security Model * **Secure execution.** Proofs are generated within the device's secure enclave or trusted execution environment. * **App-authenticated data.** The attestation verifies data from authenticated API sessions, not user-provided screenshots or manually entered values. * **Minimal disclosure.** Only the specific claim is included in the proof. No app credentials, full data sets, or account identifiers are exposed. * **Device binding.** Attestations are bound to the user's device and Meta Account, preventing proof transfer or replay. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.burnt.com/verona/about-verona/verification-infrastructure/app-attestations.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.