Private Data Attestations using Merkle Trees

Discover the power of "Private Data Attestations" using Merkle Trees in our latest feature release. This guide will walk you through the core principles of Merkle Trees and unlock the potential of private data attestations for various real-world applications.

Mastering Merkle Trees 🌳

Merkle Trees play a vital role in situations where it's essential to maintain privacy while ensuring the accuracy and reliability of the information.

They are cryptographic data structures designed for secure and efficient data verification. Imagine a tree built from the ground up, with individual pieces of data called leaves at the base. Each leaf is put through a cryptographic process called hashing. Next, pairs of these hashed leaves are combined and hashed again, creating a new level of parent nodes in the tree. This process repeats itself until there's only one hash left at the top, known as the Merkle Root.

Example Merkle Tree Diagram
Example Merkle Tree Diagram

What makes Merkle Trees special is their ability to prove that specific data is part of the tree without disclosing the entire dataset. This is done using a Merkle proof, which includes a data element's hash and a series of related hashes. By checking the Merkle proof against the Merkle Root, anyone can confirm the authenticity and inclusion of that data element without accessing the complete dataset.

Merkle Trees are integral to privacy-focused technologies like zero-knowledge proofs and secure data sharing, striking a balance between data integrity and privacy.

The Art of Concealing and Revealing 🤫

Private Data Attestations take advantage of Merkle Trees' unique capabilities to selectively disclose specific data fields without compromising overall privacy. This innovative feature allows users to create attestations with a single "private data" field, which contains the hash of a Merkle tree root. As a result, users can securely store and share particular parts of their attested data while preserving their privacy.

Attestors can now selectively disclose parts of their attestations without revealing the entire attestation data. This allows for greater control over the information being shared, while still providing the necessary proof or verification for specific use cases. It is beneficial for use cases that require sensitive information to be withheld while still verifying crucial aspects of an individual's credentials or reputation.

A quick example of how it works:

  1. The user or entity submits data for selective disclosure.

  2. Data is encoded, generating a Merkle root hash.

  3. Creator's address attests to the Merkle root hash on or off-chain.

  4. The user produces proofs for specific data fields to disclose.

  5. Verifier checks proofs against the Merkle root.

Note: EAS utilizes OpenZeppelin's Merkle-tree library and ethers.js for Merkle Tree operations.

Alice’s Proof of Funds Example.

Alice is eager to make a cash offer on a new home, but first, she must prove that she has sufficient Proof of Funds to pay for it.

1. Bob's Regional Bank (0xeee...) initiates a private data attestation for Alice's known wallet address (0x1e3de...), including details such as her current cash balance, whether she has over $100k, and her credit score.

2. Bob’s Regional Bank then attests to the private data, which gets encoded and generates a Merkle tree root hash of all the fields.

The created attestation only contains the "Private Data" bytes32 value representing the Merkle tree root. This "Private Data" is accessible exclusively to the original attestor address or those who have received and verified any proof of the data.

Once the attestation is made, Bob’s Bank can provide Alice with the entire data from the tree which will allow her to generate proofs from it.

3. Alice can now selectively disclose specific parts of her encoded data by generating a proof/leaf for the desired data field.

In this case, Alice wants to share her legal name and confirm that her balance is over $100k. By clicking 'Generate Proof,' she obtains the 'Proof Result.'

4. The provided proof can be verified against the attested Merkle tree root hash, ensuring secure confirmation of the disclosed data without exposing the entire dataset.

See how this works! Grab the proof value below and go to this attestation on Sepolia.

{"leaves":[{"type":"string","name":"legalName","value":"Alice Jane","salt":"0x57fcfaba9f561d63633eea87b3b7ec966458ae8fc9d5eb97f7ac9720e0081ec7"},{"type":"bool","name":"over100k","value":true,"salt":"0x1e484bb1b34642c7ab9503a0f168c1a0a484b84d9d67125b43ab4bc6345d6f80"}],"proof":["0x5c748363cb92f90d75fb865d93d9fa4394f8bbc8af543f225de23ba791c21819","0xa29bc29fec293e03b8f4a933de34a71fbb0a6eec96ec13b3aff9fa397645ca06"],"proofFlags":[false,false,true]}

Key Benefits of Private Data Attestations with Merkle Tree Proofs:

  1. Enhanced Privacy: Preserve sensitive information by retaining only the Merkle tree root hash in the attestation, effectively restricting unauthorized access to the entire dataset.

  2. Selective Disclosure: Reveal specific data fields by generating a proof/leaf for the desired data, enabling a tailored approach to information sharing.

  3. Secure Verification: Validate the disclosed data against the attested Merkle tree root hash, guaranteeing data integrity and authenticity.

  4. Versatile Use Cases: Applicable to a wide range of scenarios where privacy and selective data disclosure are essential, such as identity verification, access control, academic records, healthcare records, and beyond.

Example Use Cases ✨

  1. Identity Verification: Leverage private data attestations for selective disclosure of identity attributes, ensuring privacy while maintaining necessary verification.

  2. Access Control: Apply attestations for managing access to restricted resources, enabling proof of eligibility without revealing personal information.

  3. Employment History & References: Share specific employment details and references while keeping sensitive information confidential.

  4. Academic Records & Certifications: Selectively disclose academic achievements to institutions or employers without revealing the entire background.

  5. Financial Transactions: Use attestations to prove necessary financial information without disclosing sensitive data or full transaction history.

  6. KYC & AML Compliance: Fulfill KYC and AML requirements by verifying specific information without revealing unnecessary personal data.

  7. Voting & Elections: Ensure a confidential and secure voting process by proving voter eligibility without disclosing personal information.

  8. Supply Chain Traceability: Verify product origin and authenticity without revealing sensitive supplier or proprietary process information.

  9. Intellectual Property Rights: Prove ownership of intellectual property without disclosing content or trade secrets.

  10. Medical & Healthcare Data: Selectively disclose medical records or patient data for privacy and secure sharing of sensitive health information.

Getting Started: Integration & Developer Resources

To begin integrating private data attestations into your projects, check out the available resources and guides. The best way to get started is to try generating sample private data attestations, generating proofs, and verifying them on Sepolia or the chain of your choice.

Official documentation for a comprehensive understanding of the feature and its implementation will be added to our docs shortly.

If you need any support or have questions, DM us on Twitter @eas_eth and we’ll set up a private chat group together.

Future Developments and Roadmap

Ethereum Attestation Service will continue improving and expanding privacy-focused features, including enhancing private data attestations, integrating zero-knowledge proofs, and further collaboration with the rest of the Ethereum community.

Keep an eye on project updates and announcements to stay informed about the latest advancements and opportunities for involvement.

Wrapping Up

Private data attestations bring a new level of privacy and selective disclosure to the Ethereum Attestation Service ecosystem. This feature empowers users to maintain control over their data while ensuring data integrity and secure verification. We encourage developers to explore and experiment with this innovative solution, unlocking the potential to create groundbreaking applications and services across various industries. Together, we can build a more secure and privacy-conscious future for the Ethereum ecosystem and beyond.

Stay In Touch

Subscribe to Ethereum Attestation Service
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
This entry has been permanently stored onchain and signed by its creator.