With Zero-Knowledge Key-Statement Proof (ZKKSP) you can prove that you have access to a privateKey, without revealing itself. The proof can be used as authentication method for a payment from a key. With this proof we can make a trust-less digital subscription platform that connects the subscribers and subscription service providers.
What it does
Svscribe is a subscription authentication & authorization platform. When a customer pays for a subscription period for an app, they utilize ZKP to prove that they possess the privateKey without revealing the key itself. The client generates ZKKSP and submits to the verifier(Svscribe), to register their publicKey. Once the proof is verified, Svscribe returns an API token so that the customer can use to authenticate themselves within the subscription period. The API request with the token will be authorized during the period. Once the subscription period is over, the customer can reuse the same privateKey and token, or can generate another privateKey and a zk-proof to increase privacy. (sequence diagram)
How we built it
The ZKKSP part is built utilizing sCrypt's Zokrates fork. The sCrypt ZKKSP document provided all the knowledge necessary for the ZK part of the service.
Challenges we ran into
As generating and verifying the proof takes some time and resources, it's quite challenging to make a good usability with an instant response. However this can be improved for example by outsourcing proof generation.
Accomplishments that we're proud of
Built a Bitcoin payment/authentication/authorization platform that doesn't require any identity exchange - just a blockchain payment, and off-chain ZK-proof delivery.
What we learned
ZKP has huge potential as it enables us to build services trustlessly. The tools are already there on BSV, and potential is endless!
What's next for Svscribe
- Provide a onboarding console for service providers, so that they can easily onboard with various options.
- Provide more authentication mechanism so that service providers can easily monetize their services, for example provide a AWS Lambda authorizer.
- Provide a better client to improve the privacy by generating multiple keys & ZK-proofs
Log in or sign up for Devpost to join the conversation.