Zero-Knowledge Proofs and Self Sovereign Identity - Jordi Baylina, Iden3
Summary
TLDRJordan Malina präsentiert in seinem Vortrag die Entwicklung einer souveränen Identitätstechnologie, die auf Zero-Knowledge-Prinzipien basiert. Er führt in drei Abschnitten ein: Einführung in das Projekt, Roadmap der Entwicklung und Anwendungsmöglichkeiten von Zero-Knowledge-Technologie im Bereich der Identität. Er diskutiert Tools wie Circumcircle, eine DSL für Schaltkreise, und die Verwendung von Sparse Merkle-Bäumen für skalierbare Identitätsprüfungen. Zudem skizziert er den Einsatz von Zero-Knowledge-Beweisen für anonyme Authentifizierung und vertrauliche Behauptungen. Der Vortrag endet mit einem Fokus auf die Bedeutung von Standards und die Notwendigkeit einer offenen, kollaborativen Entwicklung.
Takeaways
- 🌟 Jordan Malina spricht über Identität und die Anwendung von Nullkenntnis in diesem Bereich.
- 🛠 Die Präsentation ist in drei Teile gegliedert: Einführung in das Projekt, Roadmap und Anwendung von Nullkenntnis in der Identität.
- 🔍 Ziel ist es, ein souveränes Identitätssystem zu schaffen, das in offener Form entwickelt wird.
- 🌐 Es wird ein offenes Protokoll und eine Referenzimplementierung erstellt, um Technologien zu fördern, die für souveräne Identitäten von Bedeutung sind.
- 🛡️ Die Technologie soll standardisiert werden, um ein besseres Verständnis und bessere Standards zu erreichen.
- 🔑 Die Diskussion um Nullkenntnis-Technologien und deren Schlüsselrolle in der Entwicklung von Identitäten wird betont.
- 💻 Es werden Tools wie Circumcircle, Circumlips und Large Gas vorgestellt, die für die Schreibweise von Zirkuits und die Generierung von Nullkenntnis-Beweisen wichtig sind.
- 🌐 Die Idee hinter souveränen Identitäten ist, dass jeder seine eigene Identität erstellen kann, die durch Behauptungen (Claims) definiert wird.
- 🌳 Merkle-Bäume werden verwendet, um die Identitätsbehauptungen zu organisieren und zu verifizieren.
- 🔒 Die Identität kann durch Signatur und Nullkenntnis-Beweis geschützt werden, um die Integrität und Authentizität zu gewährleisten.
- 🔄 Die Präsentation diskutiert Lösungen für skalierbare Identitätssysteme, einschließlich zentraler und dezentraler Ansätze.
- 🔗 Die Notwendigkeit einer dezentralen Identitätsermittlungsprotokolls wird hervorgehoben, um die Interoperabilität zwischen verschiedenen Identitätssystemen zu gewährleisten.
- 📝 Die Anwendung von Nullkenntnis in verschiedenen Identitätsbereichen, wie anonyme Abstimmungen, Logins, Reputationsnachweise und Cross-Identitäts-Nachweisen, wird dargestellt.
Q & A
Was ist das Hauptziel von Jordan Malinas Präsentation?
-Das Hauptziel ist es, in drei Teilen zu erklären: Einführung in das, was sie in 'item 3' tun, Diskussion über den Entwicklungsweg und die Hauptbausteine ihres Systems und schließlich Ideen, wie Zero-Knowledge-Technologie im Zusammenhang mit Identitäten eingesetzt werden kann.
Was versteht man unter einem 'sovereign identity system'?
-Ein 'sovereign identity system' ist ein System, bei dem jeder in der Lage sein sollte, seine eigene Identität zu erstellen und zu kontrollieren, ohne auf zentrale Autoritäten angewiesen zu sein.
Welche Technologien sind nach Ansicht von Jordan Malina für das 'sovereign identity'-System entscheidend?
-Zero-Knowledge-Technologien und offene Protokolle sind entscheidend, um ein dezentralisiertes Identitätssystem zu schaffen.
Was ist Circumcircle und warum ist es wichtig?
-Circumcircle ist eine DSL-Sprache zum Schreiben von Schaltkreisen, die für die spezifische Entwurfsarbeit gut geeignet ist und zeigt, dass Circum ein guter Ansatz für Schaltkreise ist.
Was ist das Konzept hinter einem Zero-Knowledge-Beweis in Bezug auf Identitäten?
-Ein Zero-Knowledge-Beweis ermöglicht es, eine Behauptung oder Identität zu bestätigen, ohne dabei die zugrunde liegenden Informationen preiszugeben.
Wie wird in der Präsentation ein Identity durch eine Merkle-Baumstruktur dargestellt?
-Die Identität wird als eine Sammlung von Selbstbehauptungen dargestellt, die als Schlüssel-Wert-Paare in einem Merkle-Baum organisiert sind, dessen Wurzel die Identifier der Identität ist.
Was ist das Konzept eines 'Trustless Operator' und wie funktioniert es?
-Ein 'Trustless Operator' ist ein zentraler Knoten, der ohne Vertrauen in seine Integrität funktioniert, indem er Zero-Knowledge-Beweise verwendet, um die Herkunft von Transaktionen zu verifizieren.
Welche Anwendungen von Zero-Knowledge-Technologien im Zusammenhang mit Identitäten wurden in der Präsentation genannt?
-Anwendungen umfassen anonymes Abstimmen, anonyme Anmeldungen, Reputationsnachweise, Cross-Identity-Nachweise und nicht wiederverwendbare Beweise.
Was ist das Konzept von 'non-reusable proofs' und wie wird es in der Praxis eingesetzt?
-Non-reusable proofs sind Beweise, die nur einmal verwendet werden können, um die Authentizität zu gewährleisten und das Weitergeben des Beweises zu verhindern.
Was ist die Rolle von Standards bei der Entwicklung des Identitätssystems?
-Standards sind wichtig, um die Interoperabilität zwischen verschiedenen Identitätssystemen zu gewährleisten, aber sie müssen零知识 bewusst sein und auf der Basis der entwickelten Technologien erstellt werden.
Wie plant Jordan Malina, die Interoperabilität zwischen verschiedenen Identitätssystemen zu erreichen?
-Durch die Entwicklung von offenen Protokollen und die Zusammenarbeit mit anderen Systemen, die auf ähnlichen Standards basieren, um eine Schnittstelle für die Datenaustausch zu schaffen.
Outlines
😀 Einführung in Zero-Knowledge-Identität
Jordan Malina präsentiert in diesem Abschnitt das Konzept der Zero-Knowledge-Identität. Er teilt mit, dass er in drei Schritten vortragen wird: Einführung in das, was sie in 'item 3' tun, Diskussion der Entwicklungsroadmap und der Hauptbausteine ihres Systems, und schließlich Ideen zur Anwendung von Zero-Knowledge-Technologie im Zusammenhang mit Identität. Sie betonen die Bedeutung von Open-Source-Entwicklung und Standardisierung in ihrem Ansatz.
🛠️ Technologische Grundlagen für dezentralisierte Identität
Dieser Absatz beschäftigt sich mit den technischen Grundlagen für eine dezentralisierte Identität. Jordan Malina erklärt, wie sie mit Open-Source-Protokollen und Referenzimplementierungen arbeiten, um eine dezentralisierte Identitätslösung zu schaffen. Er erwähnt verschiedene Tools wie Circumcircle, Circumlips und Large Gas, die für die Schreibweise von Schaltkreise und die Verifikation von Transaktionen verwendet werden. Zudem wird die Idee einer dezentralen Überprüfung von Identitätsansprüchen durchgeführt, um Skalierbarkeit zu erreichen.
🌐 Merkle-Bäume und dezentrale Identitätsansprüche
In diesem Absatz wird erläutert, wie Merkle-Bäume verwendet werden, um Identitätsansprüche zu organisieren und zu verifizieren. Die Wurzel des Merkle-Baums dient als Identifier der Identität und ermöglicht es, mit minimalen On-Chain-Aktivitäten skalierbare Identitätsansprüche zu verwalten. Es wird auch über die Idee eines zentralen Notars gesprochen, der später durch eine dezentrale Lösung ersetzt wird, um Vertrauen und Skalierbarkeit zu gewährleisten.
🔍 Identität und Ansprüche in der Kryptografie
Dieser Absatz konzentriert sich auf die Rolle von Identität und Ansprüchen innerhalb der Kryptografie. Jordan Malina erklärt, wie Identität durch Ansprüche dargestellt wird, die wie Schlüssel-Wert-Paare in einem Merkle-Baum organisiert sind. Er diskutiert auch die Idee der Verwendung von Zero-Knowledge-Beweisen, um diese Ansprüche zu verifizieren, ohne die Identität des Betroffenen preiszugeben.
📈 Roadmap und Anwendungsfälle für Zero-Knowledge-Identität
In diesem letzten Absatz präsentiert Jordan Malina die Roadmap für die Entwicklung ihrer Identitätstechnologie und skizziert verschiedene Anwendungsfälle für Zero-Knowledge-Beweise in der Identitätsverwaltung. Er erwähnt die Verwendung von Zero-Knowledge für anonyme Abstimmungen, anonyme Logins, Reputationsnachweise und Cross-Identity-Beweise. Zudem wird die Idee von nicht-wiederverwendbaren Beweisen vorgestellt, um die Privatsphäre der Benutzer zu schützen.
🤝 Diskussion und Zusammenfassung
Zum Abschluss der Präsentation findet eine Diskussion statt, in der die Interoperabilität zwischen verschiedenen Identitätssystemen und Standards thematisiert wird. Jordan Malina betont die Bedeutung der Zusammenarbeit und des Austauschs von Ideen, um die Technologie in den Mainstream zu bringen und Standards zu etablieren.
Mindmap
Keywords
💡Zero Knowledge
💡Sovereign Identity
💡Merkle Tree
💡Circumcircle
💡Zero-Knowledge Proof
💡Smart Contract
💡Decentralized Identity
💡Proof of Authority
💡ZK-SNARK
💡Identity Discovery Protocol
Highlights
Jordan Malina introduces the concept of zero-knowledge proofs in identity systems.
The presentation is divided into three parts: introduction to item 3, the development roadmap, and zero-knowledge applications in identity.
The goal is to create an open-source sovereign identity system.
Circumcircle, a DSL language for writing circuits, is highlighted as a key tool in the development.
Circumlips, a set of components for Circumcircle, is mentioned for its role in the design process.
The launch of a new zero-knowledge proof generator from the browser is announced.
Sovereign identity allows individuals to create and control their own identity claims.
Merkle trees are utilized to manage identity claims efficiently.
The identity system can scale with the use of decentralized relays and zero-knowledge proofs.
Zero-knowledge proofs can be used for anonymous and verifiable claims without revealing sensitive information.
The potential for non-reusable proofs to ensure privacy is discussed.
The importance of hash functions in zero-knowledge systems is emphasized.
The roadmap includes developing primitive cryptographic primitives and Merkle tree structures.
Interoperability between different identity systems through standards like W3C and DIDs is considered.
The need for a decentralized identity discovery protocol is highlighted.
Use cases for zero-knowledge proofs in identity include anonymous voting and login systems.
Transcripts
well hello I'm Jordan Malina and from
mine and free when I talk a little bit
about identity and how zero knowledge
can be used in identity my presentation
is gonna have three parts first I'm
going to do a short introduction of what
we do in item 3 then I'm gonna talk a
little bit of the roadmap of how what we
want to build what are the main blocks
that we see at least in this stage of
the development and finally I'm gonna
finally I'm gonna give some ideas of how
zero knowledge can be used in the
identity context okay so let's start a
19-3 what we want to build we want to
create a sovereign identity system they
there is we are working in a very low
layer apart so and while we will if we
are trying to define a kind of protocol
a kind of system that's working we want
we are doing that in an open-source
manner we want an open protocol and we
are trying to build a reference
implementation protocol we are also
building some of the some tools for you
know for bringing what this you don't
know much technology because we saw we
see this technology absolutely key in
the sovereign entity field and of course
we want to focus in the in the
standardization but as somebody said
before you know since we want to have
good standards so we first need to
understand how this technology works how
the system works and I tell you that
when we are working on this every day we
learn a lot of whole many things how
important is this technology about well
before starting with identity I just
want to say that we are developing some
of the biggest sukhasana rocks
tools want to mention here briefly first
circumcircle is a is a dsl language for
writing circuits we have sizing some
nice properties like it's aromatic
parametric templates and while it works
quite well for that specifically design
it we have circum lip which mainly is a
set of components or gadgets if you want
for circum here we have the from baby
jar PBS a would have some some hash
functions we also have all the sparse
marquetry very fires inserts deletes and
all that stuff implemented there so it
has been very good it has been a good
example of to prove that circum is a
good language for writing for writing
circuits and that we have as large a gas
which is an independent implementation
of ellipse narks protocol and today we
just launched it something that's
purchased with 20 today it's well it's a
Zika it's a Zika snark proof generator
but from the browser right up in web
assembly by hand and well it's quite
fast so bright now creating proofs from
the browser
well it's you can just as numbers more
or less 5k constraint silk which takes
last less than 10 seconds you know in a
browser but well it just really said
today so if anybody wants to test it
that's good okay so let's talk a little
bit about their entity very briefly I
think that here most of you have heared
about surfs or any entity what it means
the song identity means that everybody
should be able to create their own
identity that entity can be understood
as a if you wanna say an address or a
fact set of address to control that
identity okay
those identity is mainly what way they
do is they do claims you can an identity
is giving claims mean that it's like
state transitions you start with some
claims and you create more claims so you
mean that you are creating a new annual
state and a new state for that for that
claims and all that is because you want
to prove those claims a third party now
we know University is making a claim
about somebody is giving a title and
this person was to go to a company and
what sue proof that the university
already makes a claim because resist
rosiness relationship between the
company and the university you can prove
all that stuff and of course this proof
can be a normal proof but can be also it
makes a lot of interest to be a zero
knowledge a zero knowledge proof okay so
how we do that how we work we are
generating that who we
creating that from from ID and three
well there is that how do we create an
identity you get to start with a normal
key and that's that could represent an
identity but what we do is we just put
all the other data that defines an
identity we can say that a self claim
for example all the keys that can
controls that controls that identity you
can say for example what's the what's
the notary or the blockchain or the
smartphone track where all the claims
that you are doing is at that maybe we
can have some metadata so it's a set of
self claims okay all those claims can be
understood as a key value pairs and we
can put all those key value pairs in a
miracle tree okay and the root of this
Merkle tree is the identifier of the
identity that's where we are star if you
want is the first the Genesis a state of
the claims okay so this is the initial
and end video of course you don't need
to do anything on chain really nearly
nothing you just define that create that
and this definition uniquely will give
you this this this hash this root that
we we understand that as a claim okay so
when when we are doing more claims time
what we what we are we're changing is
mainly is we are changing this this this
root we are creating a new root because
we are adding more and more claims this
this model scales quite well imagine
that we put this claim in a smart
contract in a blockchain this for
example for a government was very good
they are having like thousands or
hundreds of claims every day so they can
aggregate all the changes all the new
claims that this government is doing and
maybe once per hour once per app per ten
minutes is doing a transaction and
putting this new root in the in the in
the blockchain
this is good but this if we want a
system where everybody can be a
certification authority if you want a
system where you can do 1020 claims
everybody should be that this does not
scale goods so the solution to that is
maybe we can have let's say
let's start with a central party if you
won at the beginning that's a trusted
person to stand notary and then what we
do is that the route we send this route
to the dress to the to the to the least
centralized relay and this row layer
makes a claim that the user is this one
here is good but you know the here the
problem is that this trusted this relay
must be trusted and this relay can make
make me say things that are not good
okay so here what we can do is that what
happened if this trusted the layer is
maybe it's a smart contract and in order
to publish that you need this relay
needs to verify that the change comes
from me for example my new route I need
to sign that route and what I do is I
send this route and maybe this relay
aggregates many other transactions
they've verified with the zero knowledge
proof and then it's very fun it's just
publishing the route of the routes you
know the route of this twisted relay and
you know for sure that this new route
follows the rules that you know that
they need this signature of the neutral
layer and so on so that means that this
is what we call it a truce less operator
and this is very much if you have here's
about for example about plasma snart's
or things like that it's a is exactly
the same it's a kind of a scaling it's
we are verifying a lot of transactions
with a single with a single with a
single zero knowledge okay and with a
addition that here we don't have the
data availability problem in that but
that's the idea of this of this of this
solution here if you prove something you
you are sure that this proof is good but
if the only thing here is that maybe the
operator just stopped working but in
this case you will not be able to prove
you will not prove the opposite so if
you can generate the proof you can be
sure that the proof is valid okay of
course
this is a good application for zero
knowledge the other application is the
obvious one is for just for proving
anonymously typical example of proving
that you are 18 years old without
revealing who you are things like that
this is a good application for that an
example of claims just this is just a
single example but you know the system
or a system of claims you know
everything can be understand as a claim
and one thing is for example who we
named identities well a name I read it
is the this case would be the owner of a
domain name or the owner of a name this
case the owner of island 3 could make a
claim saying that Jordy at iron 3 dot IO
belongs to this identity so you can
understand even a full maining system as
a as a you know a sort of claims the
domain names have owners the owners are
identities and the identities make
claims on that owner so we can this is a
good example but you can extend that do
everything that's a claim okay and you
can use the same systems just for making
the proofs and all that stuff ok so here
is a little bit the roadmap that we are
working on ok of course in the lower
layer we have all the zero knowledge
technology that's not even clear what's
gonna be the one that's gonna be that
will work maybe there are going to be
many ok on top of that of course we have
this let's say primitive cryptographic
primitive here I want to say the
importance of the of the hind of the
hash functions inside the inside the
inside the snarks or inside the zero
knowledge system this is really
important on top of that we'll have this
Mirko trysts partner Catrice we are
working in a sparse miracle tree sparse
market trees if you want is our key
values where the keys are put at some
some place they used put it in the same
place and well they work very good
because you can prove inclusion and you
can also prove exclusion of those as far
as Merkle trees they are big because
they they have many steps and this is
not very good for a 404 snarks but you
can do some tricks because the
definition can
be without I don't know maybe with 200
levels but you can have different
secrets maybe one with ten levels
another with twenty another with thirty
all of them are valid for the for the
structure because the structure does not
change but you can have different
circuits for validating different levels
so this have this advantage on that okay
and when we have this Merkle tree then
of course the result the claim format if
you want the generic claim formats and
then all the specific claim formats and
then of course we need to standardize
also what are the circuits for verifying
those claims there are some of those
that are abuse may be for example that
some what it holds some somebody makes a
claim that's no abuse maybe this one
that we talk about the edge with some
rich range checking on that that could
be another example but you can have more
circuits on thaton
and that's another another place an
important place okay and more in the
higher level in their entity and this is
very much how we see the system to works
is that we think very much and their
entities very related to form feeling ok
when you are for filling in general
would you you who you have some fields
general text fields or in much fields if
you want or you know multiple choice or
whatever infer that information but
there are two fields two kind of fields
that are like for us very important one
is the signature I think in the normal
real paper you see it easily that there
is always a field where you can add a
signature so I think it would be good to
have a you know a standard for defining
a field where you can put a signature
and the other is a proof maybe you are
you have a forms means that you are
asking for a proof and then you are
filling with a proof that that proof
what the form is asking you to asking
you to proof so this is you can
generalize that very much but if you
think in there entity you will see
that's that very much a it works
you always can think in this I send you
a form you fill the form I receive the
form if you think in that way this works
very good for the standardization
fortunately for for generalizing the
communication between that when we are
talking about communication between our
entities here and I want which I will
jump here have a identity discovery
protocol this is not that zero knowledge
related but we need to find a way
right now we have DNS for DNS is quite
centralized but we have need to find a
way a decentralized way to find
foreigner entity when I want to know
something about an identity I need to
half of way a decentralized way to find
for heredity so here we have an identity
discovery protocol or something like
that be a peer-to-peer protocol for that
and once we discover an identity mainly
what we are asking for is if you want
service-related identity may be an email
I wonder how can I send you an email or
how can I send your message or maybe
watch your link 18 or watch your
curriculum page or you can define here
as many identity services or on top of
that hey so this is for picture earlier
in our summarized picture of the work
that the of the vision of the work that
we are doing and just to finish the
presentation I just want to just mention
some use cases some random use cases of
the zero knowledge apply it to identity
one of course is one one is anonymous
voting so in the presentation but of
course it's an important important one
none other is an animal's login would be
cool for example to log in to run out to
a web page of this Congress but without
revealing who you are the only condition
that you should need is that for example
that you have buy a ticket or that that
could be for example a good example of
anonymous logging of course you have our
reputation proof sometimes you have a
score or you have a some kind of
reputation but you don't want to reveal
the you don't want to reveal the what
the reputation comes from so the claims
that gives you that reputation of course
here is an important thing that you can
do on on I read it is another is this is
this is a little tricky but this is
interesting I can this week I'll cross
identity of cross identity proofs so
here like there is that I can have two
identities one name is of my real
identity and the other is my fake
identity and I don't want them to be
related one to the other but I can it's
possible so me here maybe there is some
service that okay you don't need to you
don't need you can use a fake identity
but you need to prove that at least you
have one real identity
so here without linking without knowing
which is your real identity you can even
you know that you have a figure-eight
that is fake identity have a real
identity and only one and here is the
concept of the nullifier and things like
that so that you you can only create one
specific fake identity that it's not
related you can nobody can relate it but
but you can only create one so this all
fall out or for example for civil attack
protocols that this is one of the a lot
of this is one of the things that one of
the one of the excuses to ask for
identity in a lot of their in lots of
applications and the last thing that I
want to mention is just a nice freak
that used to know what in is
non-reusable proofs I don't know if you
heard about but this is a cool idea
today is that when you are keeping a
proof machine that I want to prove that
I'm I'm I'm from a specific religion or
I'm from a specific political party and
I want to prove some a specific person
about that that the church is saying
that I'm from that religion but what I
don't want is that this person just take
that proof and publish to everybody so
everybody knows that I'm from that
specific religion of course the
information I already tell them the
information but it's not the same so if
if this proof is not the same that he
says something that he proves something
so how the system works here here
instead of proving to somebody else that
I'm from a specific religion what I'm
saying is I'm proving that I'm from that
specific religion or I hold your your
private key which is obvious that I
don't her your private key so because I
don't hold your private key is sure that
I'm
that religion but what happened when you
just take this proof and you just
publish to everybody you are probably
you are proving to everybody that you
are that I am from that religion or that
I that I'm holding the private key which
is obvious that that the person holds
the private key so you are not proving
anything and one thing to warranty that
is for example taking the proof and
encrypting it with a public key of the
person that you want to send it to the
the simple fact of opening of the
decrypting this proof automatically
makes this proof unusable so that's a I
think it's a very cool things here I
want to give some credits to batalik on
that but that's that's a cool idea and
that's very much my presentation just to
take away to some summary just we are
building this as so many identity we're
creating this open source we are you
know you are we're a non-profit profit
nonprofit Association we are building
all these zero knowledge and trying to
grief to bring this zero knowledge
technology in the mainstream and of
course we are we want to push on those
all those standards and that's it thank
you very much
[Applause]
any any questions yes please hi this is
a Hitachi so as far as claims is
concerned are you using any of the
standards like w3 standards for the
standard claim definition or DIDS
is that part of your implementation it
could be used for but the main
difficulty of the of this kind of
standards is that they are very much
JSON based and you know the you know the
coding as a shown inside the snark is
not something very useful on that and
here we are talking about data
definition a lot of data definition that
should be zero knowledge aware and as
far as I read these kind of standards is
not very much prepared of course you can
define a D ID that came that goes in
that direction we we are planning to do
that you can maybe use some parts of the
protocols for that but we are here we
are talking and defining so sobering
data structures circuits and structure
that's different that's another story
that they are wielding okay they can be
linked all right because I work with
Hippolyta Indy and and it uses those
standards so maybe you know if we have
those standards adopted then there is a
interoperability that is possible
between identity systems yeah they have
some sort of compatibility so we have to
work on but you know work or or or work
is more in this low level zero knowledge
before going to the standard we need to
make the work and we need to prove it
somebody said that before and I like it
a lot right thanks great okay so it
looks like we're done with the session
so thank you very much again let's think
speak to one more time
you
5.0 / 5 (0 votes)