Comment on page
How zkPass Works?
As centralized organizations in the Web2 world predominantly hold sensitive private data, zkPass has reconstructed the standard TLS protocol. Combining trusted private data in Web2 and Web3 using leading MPC and ZKP technologies, zkPass provides a highly available private data layer for constructing DeSoc. This integrated solution offers a solid foundation for privacy protection.
The reliability of the private data source is of utmost importance as it typically originates from centralized organizations such as government agencies, educational institutions, financial institutions, and other authorized entities that issue identification documents and records. These documents and records may include government-issued identification cards, diplomas, transcripts, bank account information, vehicle registration records, and more. To ensure the legitimacy of private data, zkPass verifies that it comes from trusted data sources that undergo a rigorous validation process.
Furthermore, zkPass provides customizable and flexible templates designed for different users and business scenarios. These templates incorporate an audit mechanism that helps prevent malicious behavior by phishing websites, which aim to steal private data and undermine the reliability of the data source.
Ensuring the authenticity of private data is crucial, and zkPass employs advanced privacy computing techniques to achieve this. It leverages high-performance algorithms such as Oblivious Transfer (OT) and Garbled Circuit (GC) to implement secure Multi-Party Computation (MPC). This approach effectively prevents fraudulent behavior by customers attempting to tamper with their private data locally.
During each round of identity verification, zkPass randomly assigns a group of zkPass Nodes, forming a client known as the zkPass Kit. The client accesses the trusted data source server using the standard Transport Layer Security (TLS) protocol, overseen by the zkPass Task Smart Contract. This ensures data security, as the zkPass Node only possesses the MacKey Share in the Session Key, which poses no threat to data security. In contrast, the zkPass Kit has the complete EncKey and the other half of the MacKey Share. This approach allows the zkPass Node to promptly detect and reject any fraudulent behavior if a client attempts to tamper with their private data locally.
By utilizing advanced privacy computing techniques, zkPass ensures the authenticity of private data, making it a highly effective solution for protecting against identity fraud.
Privacy protection for private data is a top priority for zkPass. After a client's private data is committed, zkPass enables them to generate Zero-Knowledge Proofs (ZKPs) locally. This ensures that zkPass does not expose any privacy-related information. However, this process can be resource-intensive and slow, especially when the client's hardware resources are limited. To address these challenges, zkPass utilizes VOLE-based linear commitment and high-performance IZK algorithms.
The interactive IZK algorithm eliminates the need for TrustSetup, allowing Provers and Verifiers to directly interact. It generates Vector Oblivious Linear Evaluation (VOLE) and commits to each gate using VOLE, resulting in improved processing efficiency. VOLE's linearity enables batch processing, allowing Provers and Verifiers to compute separately in their respective locations. The results can then be aggregated and verified, significantly enhancing computational efficiency.
The advanced algorithms employed by zkPass ensure the secure and private handling of clients' private data, even with limited hardware resources. As a result, zkPass provides an effective solution for safeguarding sensitive private information, making it a critical tool for preventing identity theft and fraud.
Verifiability is critical to identity data security, and zkPass offers a reliable solution. Once the customer's ZKP is generated, it can be uploaded to the blockchain, enabling anyone to verify their identity by simply calling the zkPass Verification Smartcontract.
It is worth noting that this process only exposes the verification conditions and does not reveal any private information about the customer, such as whether they meet the access requirement of being over 18 years old. This feature is crucial for customers who want to keep their personal information private. For instance, they may send the ZKP directly to a specific program, enabling them to access the service while keeping their identity private.
By providing this level of verifiability while maintaining customers' sensitive information private.
The zkPass protocol generates a zk-based Soul Bound Token (zkSBT) representing the client's unique data in a specific application scenario. The zkPass zkSBT adheres to the ERC-998 standard protocol, and other protocols do not require integration of this type. The SBT is structured as a Hash Tree, with leaves composed of various Claims originating from trusted data sources. zkPass validation occurs in two stages: the mClaim ZK proof verifies that the target field originates from a trusted data source and is within the mClaim Tree, while the qClaim ZK proof verifies that the target field is within the mClaim Tree and satisfies the logical assertion. Type representation includes tSBT
(Type, e.g., "I am a car owner")and dSBT
(Datasource, e.g., "Mercedes and BMW"). Through the tSBT, an auto alliance DAO can fully identify a car owner's identity and conduct subsequent derivative activities, demonstrating interoperability.
The zkPass protocol supports diverse private data sources, ensuring individuals can securely and efficiently prove their private data in various scenarios. Additionally, the zkPass zkSBT structure, which conforms to the ERC-998 standard protocol, enables interoperability with other systems, facilitating the integration of identity data into various applications. Overall, zkPass provides a comprehensive and secure solution for private data verification in today's digital landscape.