Zaest Protocol

ZAEST is a project that integrates zkSNARKs and blockchain security to create a ubiquitous Web3 solution for data storage and smart city services onboarding.

Comment

Inspiration

Recognition of the need to reconcile both privacy and compliance of data and smart services into one protocol that can be leveraged as an abstraction layer for a modern smart city. A protocol that is ubiquitous and accessible anywhere and that can be leveraged to store any type of data and to onboard any kind of digital service necessary. Imagine if everything you ever needed from the modern world's digital services such as banking, insurance, medical services, police and identity records, and the like, were universally accessible through just one protocol by all devices that can access the internet and stored all the data relevant to you on the blockchain in an encrypted form such that it is only accessible to you or to verifiers that are legally allowed to view said data only in a limited time window. That would make all relevant actors' lives easier - citizens of a smart city, public and private service providers, government parties, etc., would have assurance of complete compliance and validity of onboarded data due to rigorous zkSNARKs' data validation and verification while protocol users have complete assurance of privacy as they only allow relevant data to be revealed to authorized parties at an ephemeral instance.

The above has immense environmental, cost, ease-of-use, security and other benefits in addition to the outlined goal of achieving ultimate privacy and compliance in a modern society. It costs a fraction of one hundredth of a cent to utilize the protocol 100 times in a day for a user and would immensely abstract away or reduce costs and complexities for verifiers.

What it does

Zaest [ ZAEST - zkSNARK and AES source of truth; lemon for lemon zest :) ] is a Web3 project that allows parties to act as users onboarding encrypted data into a smart contract and/or a decentralized storage medium such as IPFS or as verifiers that are able to request proof of ownership of certain data from users while abiding by the principle of least privilege. Using the smart contract that leverages zk-SNARK verifiers, users are able to verify that requesting verifiers have valid permissions to request certain types of data while verifiers are able to ascertain that a response to their requests for data originated from the user without breaching the integrity of the relevant data that was onboarded to the smart contract. Additionally, zk-SNARK verifiers enforce the condition that onboarded data by users into the smart contract or the decentralized storage medium is valid and correctly encrypted. Onboarded data is updated through validated requests from either the user or some verifier.

The applications of the above are that the smart contract can therefore act as the fabric for ubiquitous, privacy-preserving but law-abiding (or some other form of condition-abiding) computations through smart devices. The solution can therefore be leveraged for utilities such as transportation, identity verification, police records, banking and finance, pharmaceutical and medical needs, encrypted data storage, etc. Any device that can utilize the internet can essentially integrate the relevant Web3 functionality of the smart contract - such as a smart phone or smart ring. This device can then be used akin to a swiss army knife for smart city needs - such as tapping the ring at a transportation gate, pharmacy terminal, or verifying a request to prove one's driving license is not expired to a police officer through the phone.

Zaest utilizes IPFS. By leveraging IPFS, Zaest can be extended to function as a multi-chain utility while also having an additional reliable censorless data storage layer. Hosting the Web3 portal through IPFS will also make it more resistant to downtime and far more secure. Another advantage of IPFS is that utilizing it as the primary storage medium for encrypted information allows for infinite scaling with regards to how much data can be stored (although the protocol as is already theoretically infinitely scalable for both services and data it would render it more efficient). Requests and responses can also be non-persisting on IPFS, unlike blockchains, and as a consequence requests and responses can be ephemeral albeit the data requests and responses are already ephemeral in the sense that they are only valid within some time limit.

Of course, some of the proposed use-cases of this protocol are highly contingent upon stronger enforced security measures (for example: biometric scans at airports to prove identity potentially). This is where a technology such as Chainlink's External Adapters can come to aid. Chainlink's External Adapters functionality allow for integrating 2FA/3FA/etc. into the protocol's smart contract by leveraging extensible APIs that can generate one-time 2FA keys, validate fingerprint scans at a particular moment in time through trusted hardware, etc.

Chainlink's prospective advantages to the protocol also include the possibility to simplify and scale the ZKP portions of the protocol more easily (although as mentioned the protocol outlined as is is infinitely scalable both for data storage and validations without extensions, Chainlink can further allow for a number of optimizations through off-chain computations).

How we built it

-The verifier circuits relevant to data validation and integrity were constructed using ZoKrates and compounded using Solidity due to their complexity as building blocks. These were then leveraged in the overarching smart contract. -The smart contract was written in Solidity where the verifier circuits were used to validate that newly onboarded encrypted data to the protocol is both legitimate and legitimately requested for onboarding or that proof of data ownership that is posted to some authorized verifier is encrypted but contains data from the requested fields without breaching integrity or being spoofed. Data revealed to verifiers via a proof of ownership is encrypted in transit as well through RSA. -The frontend Web3 dApp was built with Vue3.js making use of web3.js for smart contract calls. -The AES encryption component was written in ZoKrates for onchain validation and Python for off-chain validation. RSA was also leveraged off-chain with python. -The server is hosted with Node.js and Express.js. -The smart contract is deployed on the mumbai testnet. -(Validated) newly onboarded data or proofs of ownership are stored both in the smart contract and in IPFS. In the case of IPFS, the smart contract contains pointers to the IPFS address where the relevant onboarded data or proof of ownership is stored with provided hashes and ephemeral symmetric keys encrypted with RSA to guarantee both privacy and integrity of data so that it is not spoofed at a later time or challenged. A zkSNARKs verifier circuit is present for the sole purpose of ensuring that a relevant IPFS CID address has a legitimate hash present associated with it for data integrity.

Challenges we ran into

Accomplishments that we're proud of

What we learned

What's next for Zaest Protocol

-Implementing multifactor authentication through biometric scans by leveraging Chainlink's external data providers for sensitive smart city service functionality such as utilizing Zaest protocol at the airport to verify identity. -Eliminating potential side-channel inference possibilities from the protocol through negotiated shared secrets between two entities or by leveraging Chainlink external data providers once again. -Enabling cross-chain data validation for service providers and/or users on various different Web3 protocols by leveraging public smart contract calls and IPFS. -R&D for compressing verifier circuits and abstracting several verification components off-chain and leveraging much more packed ZKP verifiers on-chain to speed up the protocol further. -Integrating the protocol into various smart devices such as smartphones with NFC chips or smart rings to conduct feasibility experiments. -Creating a smart services abstraction platform that can utilize the smart contract through a plug-and-play library leveraging Zaest as a secure encrypted database for data storage, retrieval, and validation.

Share this project:

Updates