Introduction to Zero Knowledge Proofs
It’s no secret that zero-knowledge proofs are one of the biggest buzzwords in technology right now. With constant hacks and user data leaks, innovations that can enhance our privacy without hindering user experience are desirable.
The idea behind zero knowledge proofs is that you can prove a statement is true without revealing any of the underlying information. For example, you can prove a statement like “I am over 21” and without revealing your birth date. Currently, you have to share a full government-issued ID to prove that you can enter a bar. Should every bouncer get to look at your full name, address and date of birth? I think we can all agree that this isn’t safe, but it’s been the only method that’s considered “secure” given our paper-based identity technology.
Zero Knowledge Proofs in Digital Identity and Verifiable Credentials
Imagine a world where we have a mobile drivers license, insurance cards, and other sensitive information stored in digital wallets. One possible future is bad for privacy because all of your personal documents are easily shareable with different applications. The other possible future taps into the benefits of cryptography by storing your documents as verifiable credentials so that you can keep your information exchanges more secure.
So how could zero knowledge proofs enhance your privacy? Let’s consider an example of a digital insurance card. When utilizing verifiable credentials, you can employ zero knowledge proofs to make statements about different parts of the credential without revealing the entire credential. In the insurance card example, a relying party may need to simply know “do you have an active insurance plan?” This would require a proof just about the metadata of a credential, like if the plan is active, or whether or not it’s been revoked.
Utilizing Zero Knowledge Proofs with BBS Signatures in the Trinsic Platform
Trinsic’s platform utilizes BBS signatures to create proofs which allow for two critical properties: selective disclosure and unlink-able proofs. Since verifiable presentations are signed with a proof of knowledge of the underlying credential signature, a proof derived from the same credential could be presented multiple times without revealing any information about the original credential.
Our CTO, Tomislav Markovski, talks through selective disclosure with BBS signatures in our Platform Walkthrough video at this specific timestamp. You can experiment with the code and understand how proofs by visiting the did-hack repo on Github.
Proving Your Age in Zero Knowledge
The most commonly cited zero knowledge proof use case involves proving someone’s age is over a given threshold, like 18+, 21+, 26+, 55+, etc. In order to do this, you first need a trusted source of data for a user’s date of birth. Many providers right now will integrate an identity verification company who will perform a document scan on a government ID, then take the digitized result of the scan and store it in a verifiable credential. When setting up this integration, we recommend configuring your credential template to include these boolean attributes, then upon issuance of the credential, populate the attributes accordingly.
When it’s time to request a proof from a user about a given age cutoff, you can utilize selective disclosure to only request the attribute 21+, for example. The resulting proof will be a fully zero knowledge, non-correlate-able result that gives you a cryptographically verifiable true/false value. You can then use this value to make a decision about if a user can have access to a given resource.
Other Use Cases for Zero Knowledge Proofs
Proving your age is just one simple use case for zero knowledge proofs, and though it is commonly referenced, there is a world of other possibilities. Just proving that a user holds a given credential, and that it hasn’t expired or been revoked could allow you to build a zero knowledge membership program. You could prove that someone is currently employed, or has an active social media profile, or meets a given threshold for activity on a platform. These are just a few examples, and the possibilities for using zero knowledge proofs with digital identity are widespread.
Using Zero Knowledge Proofs in Your Products
Zero knowledge proofs are a powerful technology that will enhance user privacy. As more of our identity information becomes digital, it’s important to consider at the beginning which attributes and proofs are going to be most commonly required so that you can seamlessly enable future interactions. Verifiable credentials combined with BBS signatures in the Trinsic platform allow developers easy access to enabling data minimization in their applications without compromising security, usability or performance.
If you need support building out your identity product, Trinsic is happy to help guide you. Contact us to set up a call with our team of identity industry experts or a demo of our platform.