ZK- RPC

ZK-RPC Hybrid protects Ethereum privacy. It combines encrypted local caching, Nym mixnet routing, and constant cover traffic to blind centralized RPC providers from your IP and habits.

Comment

ZK-RPC Hybrid: Reclaiming Privacy in a Centralized Web3💡 InspirationThe inspiration for ZK-RPC Hybrid came from a fundamental irony in the current state of blockchain: we use decentralized networks, but we access them through centralized gatekeepers.While the Ethereum network is censorship-resistant, the vast majority of users rely on RPC providers like Alchemy or Infura. These providers have full visibility into our IP addresses, usage patterns, and wallet clusters. I realized that unless you have the hardware to run a full node (requires 2TB+ storage), you are leaking metadata every time you open your wallet.I wanted to build a "Privacy Middleware"—a lightweight proxy that runs locally on a laptop, allowing everyday users to reclaim the privacy of a full node without the hardware cost.💻 How It Was BuiltI built this project using Python 3 and FastAPI to create a high-performance asynchronous proxy server. The architecture is designed as a three-stage privacy pipeline:1. The Encrypted Cache LayerThe biggest hurdle to privacy is latency. To solve this, I implemented a local AsyncEncryptedCache using AES-256-GCM (Galois/Counter Mode).Instead of storing plain JSON, every RPC response is encrypted in memory.The encryption key $K$ is derived using a SHA-256 hash of a user secret: $K = \text{SHA256}(S)$.For every cache entry, a unique Initialization Vector (IV) is generated: $IV \in {0,1}^{128}$.This ensures that even if the local memory is dumped, the user's financial data remains opaque.2. Traffic Analysis ResistanceHiding the content of a message isn't enough; we have to hide the timing. If a user only sends requests when they are about to trade, the timing reveals their intent.To counter this, I built a CoverTrafficGenerator. This background service runs an infinite loop that injects "dummy" eth_getBalance queries into the network stream.$$P(real) \approx P(dummy)$$To an outside observer, the traffic looks like constant background noise, making the user's actual transactions mathematically indistinguishable from the cover traffic.3. Mixnet IntegrationFinally, the system uses a MixnetClient to route traffic through a SOCKS5 proxy (designed for Nym). This severs the link between the user's IP address and the RPC provider.🚧 Challenges Faced1. The "Privacy vs. Latency" Trade-offRouting traffic through a mixnet introduces significant latency.Solution: I built a "Privacy Score" algorithm in the ZKVisualizer. It rewards users for cache hits (0ms latency). If the data is cached locally, we don't need to touch the slow network at all. This gamifies the experience, encouraging users to rely on the cache.2. Asynchronous ComplexityManaging real-time WebSockets for the UI while simultaneously handling blocking cryptographic operations and background traffic generation was difficult.Solution: I leveraged Python's asyncio and FastAPI's native support for concurrency. The AsyncEncryptedCache runs its cleanup tasks in a non-blocking background loop to prevent memory leaks without stalling the server.3. Simulating ZK on a Light ClientImplementing full ZK-SNARK circuits (like Circom) requires heavy compilation and setup that isn't feasible for a lightweight Python proxy.Solution: I created a PythonZKProver that simulates the flow of a Zero-Knowledge protocol using HMAC commitments. This demonstrates how the system architecture handles proof generation and verification, allowing the proxy to attach X-ZK-Proof headers to requests.🧠 What I LearnedBuilding ZK-RPC Hybrid taught me that metadata protection is just as critical as data encryption. Securing the payload is useless if the transport layer leaks your identity.I also gained deep experience with:System Architecture: Designing a modular system where the caching layer, network layer, and UI are loosely coupled via Pydantic models.Cryptography: Implementing AES-GCM and understanding the importance of IV uniqueness.User Experience in Privacy: Privacy tools are often hard to use. Building the zk_visualizer.py taught me that visualizing "invisible" processes (like encryption and routing) is essential for user trust.

Built With

  • 3
  • asyncio
  • cryptography
  • fastapi
  • httpx
  • mixnet
  • nym
  • pyca
  • pydantic
  • python
  • tkinter
  • uvicorn
  • websockets
Share this project:

Updates