Attesting to data on decentralized storage network using zk-SNARK

Let’s say you want to prove the credibility of your data residing on decentralized storage, without revealing who you are. (In practice the data will be something that is public, like a tweet or a forum post, that you published for everyone to see.)

In this post, I will propose a method to accomplish this using zk-SNARK.

First, the prover will publish their data on a decentralized storage, with a hash of the secret s and the data identifier id :

h = hash(s, id)

The data identifier would be a random value attached to the data. (For example, when using Arweave as the storage, the identifier could be set as a tag of an Arweave transaction.)

The secret s should be a key that can derive the prover’s identity. This could be a private key of an Ethereum address. But it is not possible for a dapp to directly use the user’s private key to generate a proof, so a slight modulation is needed for practical use. More on this below.

Next, the prover will create a proof that proves the following two: their reputation and their ownership of the data.

The circuit will be as follows:

Private input

• secret key: s

Public inputs

• data identifier: id
• hash attached to data: h

Checks

• h=hash(s, id)
• deriveIdentity(s) is a leaf of the Merkel root of e.g. the Proof of Humanity set

Reputation can be proved in several ways, such as zk proof of inclusion using a Merkle tree, or zk negative reputation.

Proving ownership of the data uploaded on the decentralized storage is accomplished by proving the knowledge of the pre-image of the hash that is attached to the data.

Because only the owner of the identity can construct a hash such that h = hash(s, id), impersonation is infeasible.

Signature as the secret

Using a signature signed by an Ethereum wallet as the secret, the scheme could become more practical. Using a wallet’s private key as a secret is not feasible since today’s standards define that dapps should not be able to directly access the wallet’s private key.

This entails a set that consists of secret signature hashes.

Before creating a proof, the prover needs to join the set by submitting their hash of the secret signature.

My ongoing work

I’m currently working on a zk survey app based on the scheme I explained in this post.

There exists a need for a survey tool akin to Typeform or Google form, but one that is native to web3. I think a survey tool with a decentralized architecture and integration to other web3 services would satisfy a lot of people’s (especially DAOs’) needs. Moreover, such tool with a zk component, I believe would yield insights regarding zk apps, that will be valuable for the space.

Other app ideas that could inherit the property “anonymous but credible” include forums, social networks, or a whistle-blowing platform, just to name a few.

Remarks

This post is intended to seek feedback, so please feel free to reply with related work, criticism, expansion on the idea, etc.

New to trading? Try crypto trading bots or copy trading