Delivering Reliable and Secure Data Proofs for Users
Vouch, a product by vlayer, enables users to verify facts about their identity or online activity while preserving privacy. Nomtek delivered a proof-of-concept to integrate TLSNotary protocol into mobile applications, creating the foundation for secure and efficient proof generation on iOS and Android.
vouch lets individuals prove specific facts without disclosing excess personal information, replacing slow, manual verification with cryptographic attestations. To extend this privacy-first approach to mobile, the company needed to validate whether TLSNotary — a protocol for verifiable data capture — could be embedded into iOS and Android applications. Success would mean users could complete proofs directly from their phones, including through lightweight App Clips on iOS and InstantApp on Android, with no compromise to security or user experience.
“We had a tight timeline and high expectations — Nomtek delivered. The app became a key part of our sales pitch and helped us open important conversations with partners and investors. What impressed me most was how quickly they understood our goals and adapted the design to match exactly what we needed for live demos.”
Mark Reimer, Co-Founder at Hamelin Tech
Scope of Work
Validate mobile proof generation with TLSNotary by embedding its Rust implementation into iOS and Android, define a request-capture flow that works with mobile WebViews, and assess App Clip viability under platform limits. In parallel, explore Rust cross-platform options for portability and document a contingency path if protocol constraints block deep networking hooks.
Prototype mobile SDK
Bridged the Rust core to Swift/Kotlin — iOS integration in App Clips was limited by low-level socket restrictions.
Minimal proof path
Sent and verified a single request outside the WebView, then drove a guided WebView flow with predefined steps.
App Clip assessment
Confirmed the Clip is viable for UI and flow, but its networking limits block direct TLSNotary sessions; documented alternatives.
Stability and upkeep
Kept pace with TLSNotary’s alpha releases, upgraded dependencies, and reported issues upstream.
Contingency design
Outlined a split where native code handles transport and TLSNotary handles cryptography; recorded risks and trade-offs.
Scope of Work
Validate mobile proof generation with TLSNotary by embedding its Rust implementation into iOS and Android, define a request-capture flow that works with mobile WebViews, and assess App Clip viability under platform limits. In parallel, explore Rust cross-platform options for portability and document a contingency path if protocol constraints block deep networking hooks.
Prototype mobile SDK
Bridged the Rust core to Swift/Kotlin — iOS integration in App Clips was limited by low-level socket restrictions.
Minimal proof path
Sent and verified a single request outside the WebView, then drove a guided WebView flow with predefined steps.
App Clip assessment
Confirmed the Clip is viable for UI and flow, but its networking limits block direct TLSNotary sessions; documented alternatives.
Stability and upkeep
Kept pace with TLSNotary’s alpha releases, upgraded dependencies, and reported issues upstream.
Contingency design
Outlined a split where native code handles transport and TLSNotary handles cryptography; recorded risks and trade-offs.
Solution
The team started with direct SDK integration, bridging TLSNotary’s Rust core into native iOS and Android. We first verified a single request outside the WebView to validate the network path, then added a guided WebView flow with predefined steps. App Clip trials surfaced iOS background and entitlement limits that required architectural adjustments. In parallel, we assessed Rust-based mobile frameworks (Tauri, Dioxus) for portability. As a contingency, we developed a high-risk fallback where native code handles transport and TLSNotary focuses on cryptography. Collaboration with Vouch’s backend continued throughout, including updates to fast-moving TLSNotary releases and upstream issue reporting.
Impact
The POC confirmed that TLSNotary could be adapted for mobile, opening the door for secure proof creation flows on iOS and Android. For Vouch, this extends their verification capabilities beyond browser extensions into mobile-first scenarios, enabling faster, safer, and more user-friendly proofs. With the groundwork laid, Vouch can now target industries where mobile identity and transaction verification is critical — from fintech and compliance to advertising and social platforms.
Team Composition
Close collaboration between Nomtek’s mobile engineers and Vouch’s backend specialists ensured rapid iteration and alignment on technical goals.
Developer
Rust Developer
.png)
%201.png)
