zkTrace

Zero Knowledge supply chain protocol.

Comment

Inspiration

Supply chain solution has been difficult to manage over the couple of years, from small businesses down to the large corporations.

And within the last few years, so many companies, having gotten knee deep into the blockchain space, have been skeptical about introducing their businesses to the blockchain, as it risks leaking sensitive data and requires some high level management, on any of the public blockchains available.

Difficulties and hinderances like these are caused by:

• privacy

• a lot of bureaucracy and gas between levels in the system

• difficulty in tailoring out a supply chain management solution (joining a common network)

• requiring advanced setups

Alternative solutions have been provided like:

• Developing a custom solution for each party of exchange.

Con: This is rather expensive to develop and scale when new players join. Leading them to develop their own custom solution to join in.

• Using a centralized system to store records and agreements between companies since its easier.

Con: There exists one-sided control and access to data. Introducing a neutral party is expensive and still gives more systems access to sensitive data.

• Using enterprise blockchain networks. This helps in access restriction, decentralization and necessary integration.

Con: It lacks in security, privacy and performance standards.

Hence, this is why we built zkTrace, a blockchain supply chain management protocol that permits companies to provide private and safe business operations.

What it does

zkTrace is a solution that combines the power of blockchain for trustlessness, peer-to-peer messaging and zero knowledge for privacy together to provide safe and confidential business processes, correctly order events and increase work flow at no cost (gasless).

The protocol provides an implementation after a common frame of reference has been agreed between businesses, validating private collaborations between companies without leaking sensitive data.

It is built to ensure easy and trustless agreement between corporations and entities.

zkTrace allows you to customize and describe business processes, regardless of how complex they are, using smart contracts.

How we built it

Unlike other systems, zkTrace is built to have the frame of reference immutable and resistant to tamper once the state (handshake) has been established.

First, we make reference to the Buyer system and the Supplier system.

The Buyer requests for a quotation from a specific supplier, detailing the items needed, quantity, dates, etc).

The supplier receives and reviews the request. They then send back their proposed terms including prices, discounts, availabilities of products etc. (These details are used to create the Trace Agreement)

The Trace Agreement contains overall details of the transaction and the number of levels within a particular supply chain management.

The buyer then receives the proposal and either agrees or declines, requesting for adjustments.

This messaging is done using a solidity-based W2W messaging protocol enables private E2EE on-chain messaging, group chat, and organized community chat.

Agreement between the Buyer and the Supplier is called a "handshake", in literal representation of an agreement (state).

After the handshake, a cryptographic proof together with an Order, based on the state, that confirm the proper business logic and commercial data application, is generated and signed by the Buyer.

The Supplier reviews & validates the proof, then generates a Confirmation Order and cryptographic proof that proves acceptance of the state change.

The Supplier then updates the state of the transaction and sends the new proof to the Buyer.

Whenever the Buyer is ready to carry out said transaction, the updated proof from the Supplier is used to validate proof.

Once this is done, a smart contract is created, that creates verifier addresses used to verify each stage involved in the supply chain management.

Each stage, the movement and state of the transaction is seen on chain. The verifier addresses for each stage of the transaction have to sign consecutively, confirming the state of the transaction before going to the next.

The verifier addresses are used to create a merkle tree and the merkle root is saved on the smart contract.

Tools Used:

• Merkle tree: used to save the list of verifier addresses for easy verification

• IPFS: used to save the meta data of the Trace agreement the list of verifier addresses.

• zokrates: used to construct the zero knowledge circuit for the buyer and the seller.

• IPLD: used to create a content addressing system used to link the details of the transactions together.

• Relayer: for transactions to increase privacy, thereby making it gasless (introducing gasless transaction feature to EVMOS)

• Chainlink: price oracle for businesses.

Challenges we ran into

• Understanding how zero knowledge proof works and implementing it in the protocol.

• Lack of resources for building private E2EE on-chain messaging protocol or P2P messaging.

Accomplishments that we're proud of

• Understanding how to work with linked data.

• Knowing how to use complex data codec like dag-cbor, dag-JSON, dag-pb and raw data formats.

• Understanding how to build zero knowledge circuits.

• Understanding how zero knowledge works for privacy and how it can be used.

• Increasing privacy through the combination of zk proof and merkle tree.

• Building a supply chain protocol.

• Figuring out how to use merkle tree for privacy in smart contracts

What we learned

We learnt how to:

• create a privacy mechanism for supply chain management and agreement between corporation on a public blockchain (EVMOS).

• work with zero knowledge, zk SNARK and Merkle Tree.

• build zero-knowledge circuits

• program in zokrates

• work with Inter-Planetary Linked Data (IPLD)

What's next for zkTrace

• Further looking into building our own efficient private E2EE on-chain messaging protocol.

• properly integrating this into small business on EVMOS.

Built With

Share this project:

Updates