Guide how to create compatible ZKP systems.
Building interoperable ZKP credential systems
Verifiable credentials are a kind of signed, tamper-proof digital document that uses cryptography to strongly authenticate the information shared between participants. There are many design and behavioral considerations when building systems for digital information-sharing which affect the privacy and security guarantees between the parties which will exchange data. These include:
- Eliminating traceability vectors from data exchanged between participants.
- Enabling participants to share only subsets or minimized derivatives of the data a signed credential contains, at the same level of assurance as the whole credential.
- Ensuring that routine status checks or revocation mechanisms do not leak information about how often, where, or when credentials have been presented.
One way to limit excess information-sharing and preserve privacy throughout the lifecycle of that information’s usage is a set of cryptographic tools known as Zero-Knowledge Proofs (ZKPs). ZKPs allow participants to account for the issues listed above using cryptographic schemes that cut off tracking vectors, enable granular capabilities for minimizing the subset of data disclosed, and ensure that the usage of credentials does not leave data trails that third parties can monitor and leverage to compromise user privacy individually or en masse.
Alignment and Standardization
There are many ZKP schemes that have been developed over the years and that can already be used in decentralized identity systems, but few that have seen widespread adoption in production systems. There is still substantial work to be done to ensure that the identity community is equipped with all the tools required to address a wide array of use cases. This backlog includes the authorship of specifications for modular components and the auditing of published libraries that ensure interoperability among various ZKP solutions.
To that end, the DIF Claims & Credentials Working Group is starting a collaborative initiative to work on a range of ZKP solutions that can address the credential use cases of DIF members, with an eye to building a foundation for ZKP interoperability and cryptographic agility in the wider identity community. This includes:
- Work on ZKP cryptographic schemes and primitives
- Specifications that ensure interoperable presentation and verification for credentials generated using a variety of different schemes
- The libraries and tooling to generate and validate credentials generated with different schemes
- Approaches to utilizing ZKPs at scale in low-level DID and VC operations, informed by prior art, such as how ZK-Rollups are utilized to scale token transactions in Ethereum’s Layer 2.
A number of organizations with ZKP experience and skin in the game are coming together to participate in this initiative, which will produce specifications, code, documentation to advance interoperability across the community:
MATTR has been actively investing in the development of a performant multi-message digital signature scheme supporting selective disclosure via Zero Knowledge Proofs. Our team has built on and contributed to work originating from the Hyperledger Ursa project, extending it to provide a solution compatible with the W3C Verifiable Credentials data model. In the past month we have open sourced multiple repositories for the decentralized identity community to use and continue to develop, including bare crypto libraries and reference implementations in both Web Assembly and Node.JS.
As a part of its commitment to the privacy and safety of users and customers, Microsoft is planning to integrate ZKP-capable credentials within its decentralized identity offerings. To that end, members of Microsoft’s Decentralized Identity team and Microsoft Research have been working on a SNARK-based ZKP credential scheme that has now been published for open review, and will be providing further details in an upcoming blog post. Microsoft will begin development on an open source implementation of the scheme later this summer, which will be contributed to DIF. Microsoft is excited to work with other DIF members on specifications that will enable different ZKP-capable credential schemes to be seamlessly integrated into products and services, and used interoperably across the ecosystem.
Evernym contributed the text specifying zero-knowledge proof capabilities in the Verifiable Credentials Data Model 1.0 recommendation from the W3C. Evernym also implemented Camenisch-Lysyanskaya (CL) signatures in the Hyperledger Ursa project. They continue to participate in developing next-generation zero-knowledge capable signature schemes, such as BBS+ signatures, and to architect the credentials exchange protocols in Hyperledger Aries that can bring these schemes to the greatest number of legacy and future systems.
Trinsic (Formerly Streetcred ID)
Trinsic provides a ZKP-enabled verifiable credential platform based on Hyperledger Indy/Ursa/Aries and CL signatures. We’ve contributed to recent advancements in Hyperledger Ursa to enable BBS+ signatures, which provides a more performant and flexible ZKP implementation. We’ve been working on a reference implementation in .NET, and recently built a cross-platform (web/iOS/Android) universal library for creating and verifying BBS+ signatures for .NET. The project will be contributed to DIF to facilitate co-development with other DIF members.
We encourage others to contribute to this effort, whether it be as contributor of new content or just as peer reviewer and commentator on github issues. We need non-technical contributions like documentation and use cases as much as we need technical ones towards code review and hardening of specifications. It is critical that we equip the widest possible community with the tools to preserve privacy and the personal safety of users in the digital realm. With this initiative, we hope to make practical advances towards implementing that cause, and we invite you to join us in doing so.
You can start by following the links above and reading through the codebases and specifications as they stand today. To begin making IPR-protected contributions through the C&C working group and its work items, consider joining the DIF as well.