A zkLicense is a record that the zkOfficer can inspect and verify is real, without seeing anything about that record.
Username rules:
- 1. Can be anything you want.
- 2. Has to be atleast 2 letters, and less than 30.
- 3. Try not to put anything too personal (this is the internet).
The zkOfficer is a public good that is hirable by any 3rd party (for free!), so that anyone can gate entry to their services based on whether or not they have a valid zkLicense.
This allows the service owners to validate their users are authentic, and allows users to not surrender any details they don't want to (we'll elaborate on that a bit further down).
If you've got a zkLicense, you can currently use it in a few different places below:
Generate a QR code that proves that you have a valid zkLicense, without revealing anything about you.
Claim a one time token airdrop as a verified zkLicense holder, while keeping your username anonymous.
In this example implementation site, a user starts with a username. This username is not currently uniquely enforced, meaning that there there could for example be multiple usernames registered as 'John' - for this example, it doesn't really matter.
What does matter though, is the random number that is generated when you submit your username. If you have created your zkLicense, you can view yours at the top of the page by clicking the 'My Account' button. If you haven't created one - what are you waiting for??
Anyway, this random number is something that only you can know. It's kind of like your password.
When you submit your username, you send it to a public registry, in the form:
my_public_record = hash(hash(user_secret), username)
The hash function here is like a magic blender that takes any kind of information, mixes it up, and (almost) always gives you a unique output.
An important property of hash functions is that they are one way. If you blend something up, you can't unblend it up - there's no way to see what was blended up to get your output (unless you know, unless you're the one who blended it..).
So what's all this 'zk' stuff?
The core premise of the zk0fficer is that only you know what user_secret can be hashed to re-create your public record, and using the Wizardry of Zero Knowledge proofs - you can prove that you know how to re-create this public record, without revealing how, or which public record.
Our zkLicense model on this demo site is very case specific and not all that useful, it just demonstrates that you can prove that you have a public record of something, without revealing any details about it. However, the zk0fficer model can scale to any kind of data input - passports, licenses, memberships, subscriptions, tickets, whatever you want. If it is a digital record, a zk0Officer is capable of checking it's validity - without publicly revealing anything about it.
In the modern world, whenever you currently need to verify your identity, chances are you're taking a photo of your passport or drivers license, and sending it off to a company whose data safety standards you have to trust. With tools like zk0fficer becoming more feasible and easier to build, you are closer to being able to prove your identity, without revealing any of your more personal data than you need to.
Built by Ben, Derya and Niklas as part of ETHBerlin04, where the theme was 'Identity Crisis'.
For our Zero Knowledge proving system, we used the PLONK based circuit system Noir, created by Aztec.
The source code is available in the Github here.