With the rapid development of blockchain technology, data privacy and security have become a core issue. As an emerging technology, zero-knowledge machine learning (ZKML) effectively combines the security of zero-knowledge proof (ZKP) and the intelligence of machine learning (ML), bringing unprecedented opportunities to the Web3 world.

Currently, ZKML technology is widely used in the blockchain field, mainly including the following aspects:

  • Hardware acceleration: Due to the computational complexity of ZK proofs, some projects such as Cysic, Ulvetanna, etc. use hardware acceleration to improve the efficiency of on-chain computing.

  • On-chain data processing: Projects such as Axiom, Herodotus, etc. focus on converting on-chain data into a format suitable for ML training and ensuring that ML output results can be easily accessed from the chain.

  • Computational circuitization: In order to enable ML calculations to be processed by the blockchain's ZK, some projects such as Modulus Labs, Jason Morton, etc., convert ML computing models into circuit form.

  • ZK Proof of Results: To address the trust issues of ML models, projects such as RISC Zero, Axiom, etc. use ZK-SNARKs-based proofs to verify the authenticity of the models.

ZKML is currently developing rapidly and can help build Web3 decentralized identity DID in the application field. Previously, identity management modes such as private keys and mnemonics made the Web3 user experience poor. The real DID construction can be completed through ZKML to identify the biometric information of Web3 subjects. At the same time, ZKML can ensure the security of the privacy of user biometric information. Worldcoin is using ZKML to implement zero-knowledge DID verification based on iris scanning.

This article will start from the two cases of Worldcoin and Vanna, deeply explore the development and challenges of ZKML technology, and promote the widespread application and prosperity of this technology in the blockchain field.

1. Worldcoin case study: Application of ZKML in identity authentication and privacy protection

  • DApps Connect to Worldcoin

Worldcoin ID can be used for identity authentication. Worldcoin provides an IDKit SDK for identity authentication using the World App. The specific process is as follows:

After the above process, the user’s biometric information is used as the login credential, and finally a proof of identity is generated in the Worldcoin App.

ZKML Applications in Worldcoin

  • Application of ML in Worldcoin

The protocol is made public permissionless by running the IrisCode model on self-hosted biometric data (user terminal), verifying that the user has created a valid and unique WorldID locally, and calling the _addMember(uint256 groupId, uint256 identityCommitment) function on the WorldID Semaphore identity group with a valid identity commitment.

  • Application of ZK in Worldcoin

registration process

During the Worldcoin registration process, users generate a WorldID through an iris scan and call the _addMember function on a Semaphore identity group with a valid identity commitment, enabling public permissionless access to the protocol.

Signup Sequencer: The Signup Sequencer sorts the batches of data (identities) submitted to the Ethereum smart contract.

Semaphore MTB: SMTB is a service for batching Merkle tree updates. It accepts Merkle tree updates and batches them into a single update. This is useful for reducing the number of transactions that need to be submitted to the blockchain. The correctness of batched Merkle tree updates is ensured by generating SNARKs.

Tx Sitter: Signs the transaction and sends it to the blockchain

The proof input is an external nullifier (public 32-byte value that scopes the uniqueness of verifications) and a secret identity nullifier. Based on these two, the nullifier hash is calculated for user identification.

Login Process

During the login process, the identity nullifier submitted by the user will be converted into proof, a process similar to zkrollup. After the user submits the identity nullifier, multiple Merkle state updates are aggregated and published to the blockchain.

Summarize

The technical implementation of Worldcoin involves multiple levels, including local operation of the IrisCode model, generation of External-nullifier, batch processing of Semaphore MTB, and transaction processing of Tx Sitter. Because the process of running the IrisCode model to convert irises into World IDs occurs on the user terminal, this part is not run by external nodes to protect user privacy. The combination of these technologies enables Worldcoin to achieve efficient and secure identity authentication while protecting user privacy.

The Worldcoin case demonstrates the potential and effectiveness of ZKML technology in practical applications. By combining zero-knowledge proof and machine learning, Worldcoin not only improves the security of identity authentication, but also provides strong support for user privacy protection.

This case provides valuable reference and inspiration for other blockchain projects.

2. Vanna Network and ZKML: Intelligent Reasoning and Verification in Blockchain

Vanna Network Overview

Vanna Network is an innovative blockchain platform that focuses on providing efficient zero-knowledge proof generation and verification services. It combines the transparency and immutability of blockchain with the privacy protection characteristics of zero-knowledge proof, providing users with a safe and reliable data processing environment.

Vanna Network Features

  • Query Data: Access Oracle feed data or on-chain state by making inter-chain queries to smart contracts.

  • Preprocessing: Use Vanna’s built-in precompiler to preprocess the raw data of the query in preparation for inference.

  • Inference execution: Run inference seamlessly and scalably at whatever cryptographic security level is appropriate for your use case

  • Inference Verification: All cryptographic proofs securing the inference are verified on the Vanna network by validator nodes.

  • Publishing and traceability: The inference results can be delivered to contracts on any chain via cross-chain messages and published to the data availability layer.

Vanna Network Features

  • Parallel Inference Pre-Execution

There are three phases:

Phase 1: Simulation

Vanna runs each transaction through a simulator to find out which inference requests the transaction will make. It is not executed here.

Phase 2: Inference Memory Pool

The transaction and its inference request are added to the inference memory pool, which sends the request to the Vanna inference node. Here the inference and proof need to be performed.

Phase 3: EVM Execution

The inference result is injected into the EVM so that the transaction can read it directly, just like any other variable. The transaction is then executed and submitted to the blockchain.

  • Verify calculation separation

Vanna Network uses two types of nodes, namely verification nodes and inference nodes, and forks network verification and inference calculations to the two types of nodes respectively.

Validation Nodes: Rollup nodes independently validate transactions and verify the state of the Vanna network. Rollup nodes on the Vanna network also participate in validating cryptographic proofs generated by inference nodes.

Inference Nodes: Inference nodes do not verify transactions and blocks on the network, but are only focused on computing AI/ML inferences and generating cryptographic proofs for inferences.

  • Staking and Penalties

The Vanna network provides cryptoeconomic security in the form of an application-layer staking contract. When reasoning nodes come online to participate in securing the network, they must post Vanna tokens as collateral in the staking contract. The staking contract enforces the behavior of reasoning nodes, with slashing conditions including but not limited to:

  • zkML - Generates invalid and cryptographically unverifiable proofs

  • opML - Challenge success for reasoning about node generation

  • zkFP - A challenge to the inference generated by the node succeeds, or a ZK SNARK proving the inference cannot be generated

Summarize

The Vanna network demonstrates the potential of ZKML in blockchain through its unique design and functionality, including parallel reasoning pre-execution, verification calculation separation, and staking and penalty mechanisms.

3. ZKML Development Sword EZKL: Simplifying the Generation and Verification of Zero-Knowledge Proofs

EZKL Overview

EZKL takes a high-level description of a program and sets up a zero-knowledge prover and verifier. The focus is on programs represented as pytorchAI/ML models and other computational graphs. Once set up, the prover can prove statements like:

  • “I ran this public neural network on some private data and it produced this output”

  • “I ran my private neural network on some public data and it produced this output”

  • “I correctly ran this publicly available neural network on some public data and it produced this output”

EZKL Workflow

The EZKL workflow diagram is as follows:

  • Define a neural network model: Define a simple neural network

  • Model training: Generate input data and get output through the model

  • Model export: export the model to ONNX format

  • Generate zero-knowledge proof settings: Generate settings file

  • Compile circuit: compile the model to generate circuit files

  • Generate zero-knowledge proof: Generate SRS, witness file, proof key and verification key

  • Verify zero-knowledge proof: Generate a zero-knowledge proof and verify it locally or create Solidity code and ABI files for an EVM validator, deploy the contract, and verify the proof on-chain

4. ZKML Challenges and Prospects

As blockchain technology continues to evolve, zero-knowledge machine learning (ZKML) is gradually becoming a key force in improving application privacy and security. It not only heralds the emergence of innovative applications such as smart contract privacy protection and decentralized finance (DeFi) security enhancement, but is also expected to become an indispensable component of blockchain technology, providing a solid technical foundation for building a safer and more privacy-focused digital world.

challenge

Although ZKML has great potential, it also faces some challenges in its application:

  • Technical complexity: The implementation of ZKML requires deep knowledge of mathematics and cryptography, which undoubtedly increases the difficulty of development and maintenance and requires developers to have higher professional skills.

  • Performance bottleneck: The generation and verification process of zero-knowledge proofs is computationally intensive, which may affect the response time and processing power of the system. To address this problem, some projects such as Lumoz provide modular computing layers to improve performance.

  • User acceptance: Although ZKML provides strong privacy protection features, users may be reserved due to their lack of understanding of its complexity and security.

  • Regulatory challenges: The development of privacy-preserving technologies requires regulators to update relevant regulations to adapt to the changes and challenges brought about by new technologies.

Outlook

Despite the challenges, the deep integration of ZKML technology and the future development of blockchain is promising:

  • Technological progress: As research deepens and technology matures, ZKML implementations will become more efficient and user-friendly.

  • User education: Through education and popularization, users can improve their understanding of the complexity and security of ZKML technology and increase its acceptance.

  • Regulatory adaptation: Adaptation and innovation by regulatory agencies will provide legal and policy support for the development of ZKML technology.

  • Application innovation: The continuous advancement of ZKML technology will inspire the emergence of more innovative applications and promote the application of blockchain technology in a wider range of fields.

5 Conclusion

The development of ZKML technology is a big step forward for the blockchain industry, heralding a new era of data privacy and security. In the face of technical complexity, performance bottlenecks and regulatory challenges, we should remain optimistic and believe that with the advancement of technology and the improvement of user acceptance, ZKML will play a more important role in the blockchain industry and promote wider applications and innovations.

References

  • Worldcoin Docs

  • Intro to zero-knowledge proofs, Semaphore and their application in World ID

  • In-depth interpretation of ZKML: technical principles, application scenarios, advantages and challenges

  • Scanning irises to achieve proof of personality, is Worldcoin on the right track?

  • A Gentle Introduction to zkM

  • a16z Crypto Investor: Zero-Knowledge (ZK) Technology is Seriously Underestimated