The zkp.services protocol is an attempt to herald a future where safety, transparency, and decentralization are embedded into all facets of data management. In an era where data drives almost every aspect of our lives, the current methods of data management — often leading to fragmentation and compromise — demand an innovative overhaul. zkp.services is the answer to these challenges, offering a comprehensive and secure framework for data handling, exchange, and verification, while ensuring utmost privacy and security.
The goals we set out to achieve for this protocol were simple. With zkp.services, we want to bring the magic of zero-knowledge proofs to the world. We have condensed several complex mechanisms and flows and simplified them as an accessible solution in the form of our protocol which anyone can pick up and build with for their own use case. We have also made the protocol open-sourced for the purposes of transparency and allowing others to build on top of it easily.
What it does
The service offered by zkp.services is a comprehensive Zero-knowledge data security protocol that integrates zero-knowledge proofs with both Web2 (like Google Cloud and AWS) and Web3 platforms, ensuring the highest level of privacy and security for data. Its purpose is to allow users to access their private data, without ever exposing it, and do so at unprecedented speeds to leverage it for any Web2 and Web3 data needs such as for healthcare records, decentralized artificial intelligence, or smart city services.zkp.services is ubiquitous by design. It's lightning fast, and with parity with modern web2 solutions, the protocol can be leveraged in a plug-and-play fashion in new web2/web3 solutions. Our goal was to unlock the power of ZKPs in the context of data while making them easy to use and understand. In doing so, we’ve emphasized user experience and made the platform intuitive to use to simplify the complex nature of ZKPs and complex encryption.
- Fastest Zero-Knowledge Proof Hashing Algorithm: At its core, the protocol boasts one of the fastest zero-knowledge proof hashing algorithms. This allows users to access private data without exposing it, achieving this at remarkable speeds.
- Advanced Security Algorithms: The protocol incorporates robust security algorithms including RSA, AES, TLS, and innovative obfuscation techniques such as salted hashes. Additionally, it offers customizable multi-factor authentication, including our own custom, unique on-chain, trustless 2FA system that leverages ZKPs, as well as Chainlink VRFs and Chainlink Automation (on chains that support Chainink) together.
- Universal Compatibility: zkp.services seamlessly integrates with global data providers such as Google Cloud, AWS, and IPFS, and is compatible with EVM-compatible chains. This universality facilitates a broad range of applications.
- Merkle-Tree-Like Data Structures: The protocol uses these data structures for scalability without compromising on security or speed.
- Cross-Chain Compatibility: The protocol can be utilized on or across any EVM-compatible chains, with a simple migration mechanism available on Chainlink CCIP-compatible chains directly built into our dApp.
Practical Application Example:
An example of its application is in a pharmacy setting. A hospital patient needing prescription medication can prove the validity of their prescription to a pharmacist without revealing other sensitive details about themselves. The pharmacist verifies this proof, ensuring compliance and maintaining the patient's privacy.
Using the protocol is very simple. After onboarding, users would be able to do the following:
- Select a Database: Users start by selecting a database (Web2 or Web3) and provide their database endpoint URL (by default, it is set to our Amazon DynamoDB instance exposed through Amazon Lambda by default, which has encryption at rest and in transit for all user data).
- Interact with Data Securely: Users can request, send, transfer, or transform data, all secured by advanced cryptographic and security algorithms. Optional multi-factor authentication through zkp.services or third-party apps like Google Authenticator enhances security.
- Data Backup and Sync: Users can back up and sync data across various databases and blockchain networks, ensuring flexibility and security.
zkp.services also provides a user-friendly dashboard and extensive API documentation for developers, enabling them to build projects leveraging these zero-knowledge proof services.
In summary, zkp.services offers a highly secure, versatile, and user-friendly platform for data privacy and security, bridging Web2 and Web3 technologies through cutting-edge cryptographic methods.
How we built it
- The ZKP circuits were written in circom (w/circomlib) and the verifiers, witnesses, and proving functions were exposed with the help of snark.js and Go/WASM.
- The dApp mockups and protocol architecture prototyping was done with Figma and Canva.
- The dApp makes use of React, TailwindCSS and the TailwindUI component framework for responsive design. Web3.js and React Contexts + localStorage are used to interact with the smart contract.
- The 3D/art/assets that are part of the dApp were created with Blender, Photoshop, TailwindCSS/TailwindUI and three.js.
- The smart contract was written in Solidity and uses the Solidity verifiers for the ZKP circuits to verify user secrets and passwords.
- The API for the data source our dApp uses has been written in Python and is exposed with the help of Amazon Lambda and Amazon DynamoDB.
- Chainlink CCIP, VRF, and Automation functions were written in Solidity and implemented as part of the ZKPServicesCore.sol and ZKPServicesVRF2FA.sol smart contracts for EVM-compatible chains that support the Chainlink services.
Challenges we ran into
One of the major challenges we ran into was estimating work and project scope. We believed we were being conservative with our estimations initially when we had our sprint planning sessions, but in retrospect, we were in some instances, off the mark. We found ourselves spending many more hours on the project and working together to build what was envisioned properly, and at some points, we spent too long on design choices that probably didn’t bring as much value as other things could have.Another issue was discovered through usability testing. At some point when the non-technical team members began testing, we realized that user experience wasn’t factored in completely. Thankfully the major issues relating to usability could be simply resolved by implementing notifications and progression indicators at certain points throughout the user experience, going through onboarding and in some instances whilst making smart contract calls.
Accomplishments that we're proud of
- Our main achievement lies in simplifying a highly complex mechanism and condensing it into a single protocol - which anyone can pick up and build for their use case.
- We have managed to create incredibly fast ZKP proof generation functions with the help of WASM/Go/snark.js/circom circuits that allow users to compute ZKPs required for smart contract verifications. We have had to figure out what the current most efficient hash function for our ZKPs would be and implemented the Poseidon Hash function for our circuits.
- The Poseidon Hash function, however, was incredibly difficult to expose via the front-end for our serverless, entirely static-content based dApp. This is because it is not easily available or exposed by libraries. As a consequence, we have implemented a WASM wrapper over the function implementation in Go so dApp users can use the fastest ZKP technology possible for their data exchanges.
- We have built a model to encode, send, receive, and decode Chainlink CCIP messages for the various structs and data types that are involved in our smart contract.
- We have created an architecture to integrate custom MFA into each operation involved with the protocol and have implemented our own entirely trustless chainlink VRF+Automation and ZKP based MFA contract.
- We have created a serverless, trustless, and completely customizable architecture, including specifying/documenting a robust API that our (serverless) dApp leverages to handle data and that anybody else could use for their own custom data source or application to interact with our protocol.
- We have created an easily extensible framework for our smart contract/contracts with the help of our interfaces.
- While this has not been implemented fully due to time constraints, we have developed a Merkle Tree-inspired hashing method for dictionaries. This allows efficient proof of a single key-value pair's membership in a dictionary. This approach scales well, enabling users to swiftly prove ownership of a small dictionary within a dataset of multiple terabytes or more.
- Responsive web design with the help of TailwindCSS utility classes and the TailwindUI component framework.
- Beyond the platform, we are extremely proud of how our team has worked together over the last month to build this protocol as it was envisioned.
What we learned
Every single person on our team learned new tools, frameworks, and technologies. Many have gained first-time experience with many new tools - nobody on the team knew how to use the following before the hackathon: React, three.js, snark.js, next.js, Amazon Lambda, Amazon DynamoDB, Chainlink VRF/Automation/CCIP, circom, circomlib, Go, and WASM. The team had strong foundations in the backend aspects. Our skills were honed in designing a usable platform by using many tools, such as Figma, Photoshop, Blender, to create the best user experience for our website that we could in the time period. Through the many iterations of our website and the hundreds of assets created, we brought our website’s centerpiece and other visuals to life. We have also taken great care to make the web design intuitive, visually appealing and responsive. Most importantly, we learned to work together as a team. Complete transparency and constant communication were keys to our success, and everyone thrived because of these two guiding principles. The team could focus on building the product how it was envisioned, even when it meant starting things over completely. Ultimately we all respected the vision and each other when providing feedback, and this was another key to us building zkp.services.
What's next for zkp.services
Our aim is to take on the vision of the industry-standard bridge between ZKPs and the world. At a high level, our goals are simple – we want to bring the magic of ZKPs to many industries and make this technically complicated, extremely useful technology more accessible to more and more people. In its current iteration, zkp.services is foundational to everything that is yet to come. Our next venture, in particular for example, involves decentralizing artificial intelligence. But for now, we want to focus on user experience, onboard developers and ensure our foundations are strong before moving into the next phase of our protocol. From a technical lens, the current implementation uses a Merkle Tree-like data structure for scalability as mentioned before for hashing data, but the protocol is exploring other methods, such as Cryptographic Accumulators, for future enhancements when it comes to scalability. Support for more data types and an SDK are also potentially planned. To ensure adaptability with technological advances, plans are in place to allow users to select their preferred ZKP algorithms, moving away from the default Poseidon hash function and Groth16 verifier that are currently part of the prototype. The latter would make the protocol almost entirely akin to a swiss-army knife solution as nearly every single facet of the protocol would be customizable, and as a result, future-proof.
On the user-interface side of zkp.services, we are looking to focus on creating a more intuitive user experience. We understand the current disadvantages to the current implementation and are looking to create both a website and mobile app that operates in ways that are more akin to other non-technical applications, so that no matter the level of technical aptitude of our users, they can quickly and intuitively utilize our protocol.
Evidence of Chainlink state changes:
https://github.com/zkpservices/zkpservices/blob/master/contracts/2FA/ZKPServicesVRF2FA.sol#L68 - chainlink Automation (which uses chainlink VRF)