ZKid is a credential/identity management system developed by Entrada to demonstrate the power of “Zero-knowledge proof (ZKP)“. This cutting-edge technology is also known as the zero-knowledge protocol or ZK-protocol. In this protocol, a prover convinces a verifier about the knowledge of a particular piece of information without revealing the information itself. In other words, the verifier is convinced about the truth of the claim, without gaining any other extra knowledge. (Thus it is called zero knowledge) In ZKid project this concept is used to prove/verify the authenticity of a person’s credentials without revealing the real credentials.
Example
- Ability to prove to the tax authority that the correct amount of taxes has been paid without actually revealing other financial data.
- A company can prove its solvency without revealing its financial details.
- a student can prove his student status without revealing any other detail.
Working of ZKID system
- To get alcohol or tobacco user needs to present an ID that he/she is above 21. (age verification)
- For an employee to enter an employer corporate building user needs to provide a company ID (employment verification)
- The user needs to provide a valid voter ID card for voting.(address verification)
Before any of the service requests, a setup needs to be done to verify the claim during the service request.
For age verification - The user needs to obtain a driver's license which shows the user's date of birth.
For voter ID - The user needs to show the local jurisdiction address.
A similar but more privacy-centric setup should be done for ZKID credentials. This process is explained below.
For the address claim,
key and credentials are part of the claim
The user submits the above data in a one-way hashed value in the blockchain. This data in the blockchain is attested by the issuer of the claim.
Pre-service required setup
A user claims his address, the address claim is issued to him by a property tax document.
The user submits the hashed credentials to the blockchain along with the key, the user sends the attestation request with hashed credentials to the issuer.
Issuer after receiving the attestation request extracts the address related to the key and computes the hash of the address. The issuer interacts with the blockchain and reads the submitted hashed credentials with computed hashed credentials. If there is a match, the attestation is written into the blockchain.
Service delivery
When a user requires a service, a request is sent to the service provider.
As a pre-requisite user has submitted his credentials to the blockchain. This credential is attested and stored in the blockchain as per "zero-knowledge proof system".
In ZKID the service request is the modified version of a traditional service request, in traditional service requests, credentials are exchanged between the seeker and provider of service, but not in ZKID. In ZKID the request is accompanied by a claim and proof for that claim.
The proof is a piece of information that the user (prover) can use to prove to another party i.e verifier, that a claimed statement is true. In the ZKID system, the verifier verifies the claim in interaction with the blockchain. In this ZKP ( zero-knowledge proof) system, no actual credential is exchanged but possession or knowledge of credentials is proved with 100% probability without actually revealing credentials.
In a nutshell, the ZKID system allows a user to prove his right to access the service without revealing actual credentials, yet convincing a provider about the access rights, with 100% probability.