Once upon a time, maintaining personal identity was a relatively simple matter; necessary documents such as passports and birth certificates were kept safe and shared face-to-face when needed. However, as the digital realm becomes our new home, and as we enjoy the convenience of virtual identity verification, we are gradually discovering that the convenience and accessibility of centralized data systems are accompanied by complex problems and fragmentation, which brings users a tricky choice: should privacy and security be sacrificed for convenience and accessibility?
Initially, the idea of centralizing our data was intended to streamline processes, but it has inadvertently made us more vulnerable. Data is centrally stored in digital databases, becoming a magnet for hackers. This has led to a chaotic online environment, constant data breaches, and made it possible for third parties to control our personal information, which is often stolen, traded, and misused.
With advancements in the field of zero-knowledge technology, taking back control of digital identities has become feasible through the strategic implementation of the much-lauded solution of combining decentralized identifiers (DIDs) with zero-knowledge proofs (ZKPs).
Challenging conventions with ZKP
ZK is a concept in the field of cryptography that focuses on verifying the validity of information. It enables one party to prove to another that they possess certain private information without revealing it. This is achieved by providing evidence that the information meets certain conditions while protecting additional details.
In the context of establishing identity, the process of verification seems fairly straightforward. This occurs when we provide our identity to an external party to confirm certain specific information, such as the legal age requirement for purchasing alcoholic beverages in the United States being 21. However, the real complexity lies in ensuring that only the specific information we wish to reveal is shared, because every time someone checks our ID to confirm our age, they inadvertently obtain a wealth of additional personal data, including our date of birth, residential address, and other sensitive information. This situation requires us to rethink the way identity verification is performed to address this challenge.
ZK cryptography enables us to radically shift away from the traditional “trust and assume” model and move toward a “trust by verification” paradigm. In this new framework, trust is no longer taken for granted, but earned through verification of assertions. Individuals can now verify their own claims, such as age, nationality, or other identity-related proofs, without revealing sensitive information.
Absolute anonymity may not always align with the actual goal of effectively leveraging digital identities. This is where the concept of selective disclosure, enabled by ZK techniques, becomes critical. While the default configuration emphasizes comprehensive privacy, we must recognize that privacy operates on a continuum, and users should have the ability to disclose only relevant information as needed.
Who is building digital identity with ZK?
Polygon ID
Polygon ID represents a self-sovereign identity solution that incorporates ZKPs to establish privacy by default. By adopting the Circom ZK toolkit, it enables the creation of zero-knowledge cryptographic structures, specifically zkSNARKs circuits, which simplifies complexity and improves efficiency.
The core of Polygon ID consists of three key modules: identity holder, issuer and verifier, which Polygon collectively refers to as the "trust triangle".
Identity Holder: The entity responsible for securing the claims in its digital wallet. The Issuer issues a Verifiable Credential (VC) to the Identity Holder. The Identity Holder is then responsible for generating ZKPs for the VC it receives and submitting these proofs to the Verifier. The role of the Verifier is to verify the authenticity of the proof and check that it meets pre-set criteria.
Issuer: The entity (individual or organization) responsible for issuing VC to the identity holder. The issuer adds a cryptographic signature to the VC. It is worth noting that each VC is generated by a specific issuer.
Verifier: Responsible for verifying the proof submitted by the identity holder. The verifier initiates a request for the holder to provide proof based on the VC stored in their digital wallet. During the verification process, the verifier conducts a series of assessments, such as confirming that the VC is signed by the expected issuer and ensuring that the VC meets the specific standards set by the verifier.
By using zero-knowledge proofs to verify state transitions, Polygon ID achieves two key goals: maintaining the integrity of the identity state and preventing unauthorized modifications. This approach establishes a strong mechanism to ensure the privacy and security of identity state transitions.
Earthquake
Sismo is a platform that leverages zero-knowledge proofs and privacy-preserving technologies to give users greater control over their personal data. Sismo’s innovative solution centers around Sismo Connect, a privacy-centric alternative to traditional non-sovereign single sign-on (SSO) systems like “Sign in with Google” or limited options like “Sign in with Ethereum.”
Sismo Connect enables applications to request access to user data without having to directly touch sensitive personal information. By leveraging Sismo Connect, users can consolidate their identities in the Data Vault, a secure, encrypted repository for personal data collected from a variety of Web2 and Web3 sources, including various credentials and attestations.
In the Data Vault, users can securely store independent units of data, called Data Gems, that contain important aspects of their digital identity. These Data Gems can include records from registries, platform contributions, or specific demographic information. The Data Vault acts as a private and indestructible repository, ensuring users have full ownership and control over their integrated digital identity.
By leveraging Sismo's communication protocol, users can confirm their ownership of data gems by generating zero-knowledge proofs. These proof-based verification methods enable users to confirm their control over specific data without revealing sensitive information, ensuring a high level of privacy protection throughout the process. Applications tightly integrated with Sismo Connect are able to accept and verify these proofs, giving users the power to reveal their data gems in an unobtrusive manner while protecting the confidentiality of the associated data sources.
For developers, integrating Sismo Connect into their applications will allow them to access a wide range of user data from Web2 and Web3 sources. By integrating Sismo Connect, applications can enhance their functionality to include features such as access management, reputation integration, and personalized user experience, while protecting user privacy through selective disclosure mechanisms.
ZPass by Aleo
zPass is Aleo’s recently launched privacy-centric credential protocol on October 25, built on the Aleo blockchain. The solution has been carefully designed to leverage ZK cryptography as a versatile tool to adapt to the evolving regulatory environment. The main goal of the system is to provide strong authentication while limiting data exposure, making it compliant with current and potential future regulatory standards.
With zPass, individuals and organizations can securely store identity documents on private devices and services without the need for an online connection. They can then share these anonymous “attestations” to verify underlying data with relevant institutions. This approach greatly simplifies the regulatory compliance and cybersecurity challenges typically associated with direct data storage.
Users have the autonomy to generate these proofs independently, without having to modify them or work with identity issuers. This gives users control over exactly what information they share and with whom, ensuring only the personal data necessary for verification is revealed.
For example, imagine a scenario where a user wants to use their passport to confirm their identity in order to access a specific online service. With zPass, the user can independently process and verify the passport data locally. The end result is a binary true/false result and a ZKP that confirms the accuracy of the result without exposing the actual document.
zPass makes it easy to embed established credentials, such as passports, into the Aleo blockchain as verifiable evidence. This is achieved through Aleo's ability to execute programs that generate proofs directly on the user's device, all by leveraging WebAssembly (WASM). This approach ensures that sensitive data is protected in a secure local environment.
zkSBT by Manta Network
Manta Network's zero-knowledge Soulbond Token (zkSBT) is at the forefront of privacy and security, outperforming traditional Soulbond Tokens (SBT), which are non-transferable digital identity tokens stored on the blockchain. zkSBT leverages zero-knowledge proofs to facilitate secure and confidential minting while protecting the privacy of ownership. These tokens can be adapted for use on a variety of blockchain networks, including Ethereum, Polygon, BNB Chain, and more, while maintaining their privacy capabilities within Manta Network's ecosystem. Verification is achieved through Proof Keys, without the need to disclose wallet details, making verification seamless.
zkSBTs are tightly linked to zkAddresses, which serve as reusable and transparent destinations for confidential assets within the Manta Network. Each zkSBT is associated with a specific zkAddress, allowing multiple zkSBTs to co-exist under a single zkAddress. zkSBTs contain metadata, including profile pictures, AI-generated images, and social relationship data, providing exceptional flexibility.
Manta Network introduces a key technology called Proof Key. It enables users to confirm their identity and zkSBT ownership on the blockchain without relying on wallet signatures. This innovation simplifies mobile app integration and opens the door to a variety of verification scenarios. These include protecting the privacy of profile pictures, conducting on-chain transactions without exposing address details, verifying ownership of game items, and securely accessing decentralized social graph information.
Worldcoin
In the Worldcoin ecosystem, World ID is the global identity protocol, which is driven by two key technologies. These technologies enable individuals to digitally confirm their individuality and humanity while protecting their privacy. The foundational components of this system include ZKP and Semaphore, a general open source privacy layer based on zk-SNARKs technology for Ethereum applications. The system relies on a strong Proof of Personhood (PoP) credential, which is verified through an advanced biometric imaging device called The Orb. This synergy enables individuals to digitally verify their unique identity and humanity.
Every time a user uses their World ID, ZKP comes into play to verify their unique human identity. This means that no third party has access to a user's World ID or wallet public keys, ensuring that cross-application tracking is impossible. Importantly, it guarantees that the use of World ID is completely independent of any form of biometric data or iris code. The underlying principle is that when you seek to establish your unique human identity, you should be able to do so without revealing any personal information about yourself, such as your name, email address, social profile, etc.
The following outlines the process for verifying World ID registration, which enables users to establish their unique human identity without revealing personal information.
The main goal of the project is to verify human uniqueness through encrypted on-chain iris scans to curb the proliferation of robots and artificial intelligence. When necessary, the system generates ZKP to verify identity. Nevertheless, Worldcoin has faced scrutiny from community members who are concerned about the privacy, ethical considerations, and security risks associated with storing biometric data. Despite the project's criticism, as of October 2023, there are more than 2.3 million World ID registrations covering more than 100 countries.
Summarize
In the evolving digital landscape, ZKPs are becoming increasingly important. ZKPs pave the way for future identity verification, ensuring that user privacy is respected. The main obstacle facing decentralized identity verification solutions using ZK technology is the fragmentation of data across blockchain networks. There is currently no universally interoperable solution that enables users to seamlessly use their identities across networks, which limits the use of DIDs within each blockchain.
However, DID technology leveraging ZK is gaining traction and attracting the attention of industry leaders. As the Web3 space continues to expand, we find ourselves on the brink of a potential industry breakthrough. Companies like Sismo are working to bridge the gap between Web2 and Web3. PolygonID appears to have the necessary technology and broad market access to become a catalyst for the realization of DID.
As the technology continues to develop and our understanding of ZKPs deepens, we can foresee that digital identity verification based on ZK technology will be more widely used, thereby enhancing the security and privacy of our online interactions and laying a solid foundation for a safer and more confidential digital future.