The State of Zero-Knowledge Applications in Ethereum Part 2: Privacy and Identity

This is the second part of a series of articles to analyze projects on the Zero-Knowledge Applications in Ethereum through a problem-lens.

In the last article we started this series to analyze the landscape of applications currently built using zero-knowledge proofs in Ethereum. Today we´ll dive deeper into Privacy and Identity.

What is Privacy?

Privacy can be defined as “being able to control who can see or use information about something.” Privacy is highly context-dependent, and each person's own attitude is formed from their own experiences and their vision of the future (see solarpunk vs lunarpunk).

Nevertheless, it is generally agreed that the public and transparent nature of Ethereum is great for many use cases, but makes it very hard to adopt for other use cases like payment, social, voting, etc. We don't want every bit of information onchain to be visible to everyone.

Therefore we can say there are many categories in the ZK space that also fall in the privacy umbrella. Today we´ll talk about private identity (zkID),

Privacy and Identity (zkID)

Privacy, in an identity context, is the process of selectively hiding or revealing information and relationships between entities, identities, and attributes/identifiers.

  • An entity is any independent being like a human, a corporation, or a DAO.

  • An identity is any indirect way to reference this entity. For example an Ethereum address.

  • An attribute, an identifier, or a credential is anything that can relate to an identity, for example reputation and transaction history.

Selectively disclosing the information in different contexts is how zkID returns power to the users and enables privacy, anonymity, and pseudo-anonymity. The action to disclose this information to others is through claims or attestations.

1 entity : 3 identities : N credentials, identifiers, and attributes
1 entity : 3 identities : N credentials, identifiers, and attributes

For example: I am Andy (entity), one of the ways I interact is through my Ethereum address:0x03EaB5c696Deaf3c44046254E7cb967a4dC173ea (identity) which holds the POAP for attending Devcon (credential) and has voted onchain (identifier)

When we are referring to the privacy spectrum we can simplify it to:

  • Public: actions, attributes, or identifiers can be traced back to an identity and an entity.

  • Pseudo-anonymity: actions, attributes, or identifiers can be traced back to an identity but not an entity. (this is default cause for Ethereum addresses)

  • Anonymity: when actions, attributes, or identifiers can not be traced back to an entity nor an identity.

Credential providers giving attestations
Credential providers giving attestations

The entities that provide credentials, reputation or badges identifier are called credential providers or attesters. Generally, credential providers is used for institutions and attesters for peer to peer but could also be interchangeably used. That means anyone can be an attester, including yourself!

By selectively disclosing one aspect of a credential or an attribute, an identity can make useful claims. A few examples to make claims with these anonymous credentials are:

  • Proof of:

    • residency, nationality, age, education, proficiency, attendance, reputation, usage, contribution, certificates, group membership, etc.
  • For example:

    • “I attest that I live in country X, but you can't know anything else about me”

    • “I attest I have contributed to X projects, but you can't know the rest of history.”

    • “I attest I hold valid credentials to be part of this group without revealing my id.”

Let us explore some important problem-spaces in zkID.

Disclaimers:

  1. Projects are organized in alphabetical order.

  2. I know I´m going to miss many great projects in the first pass. I did my best researching the ecosystem but if I missed you, please let me know so I can share your awesomeness to the world!

  3. Projects can fall into different categories and any categorization is subjective to a point. This is but one mental model of how I perceived them at time of writing. Likely this categorization will evolve with feedback and future versions of this report.

Attesters Platforms

This group of applications enables you to privately attest a fact known to the blockchain. For example: ownership of NFTs, badges, reputation (can be generalized to tokens), ownership of an Ethereum address and even historical facts of an address on Ethereum.

By making claims but leaving no traces back to the identity (breaking attribute<>identity link) this provides anonymity and it’s a way to prevent doxxing. Some example projects are:

  • Relic Protocol: use ZKPs to prove facts about arbitrary historical Ethereum state, allowing users to prove their reputation based on their historical on-chain activity.

  • Sealcred NFTs: build a pseudonymous identity with ZK badges. This means you can prove ownership of an NFT without it tracing back to you.

  • Sismo Badges build badges, non-transferable/soulbound tokens, derived from accounts (web2 or web3). Badges prove facts about a user’s digital identity.

  • zCloak zkID: is a platform for making and attesting credentials. Focuses on being user-friendly to interface with W3C DID and Verifiable Credential protocols.

*Other POC projects worth mentioning in this space are SpartanLabs zkZBT and @backaes/@shreyjaineth ZK SBT. *

Custom Attestation Creation

  • Sismo Factory: Sismo is a modular protocol issuing ZK Badges (SBTs) for reputation portability and aggregation respecting users privacy and sovereignty. Sismo Factory allows anyone to create a custom ZK Badge.

Notable non-ZK projects in this field are Ethereum Attestation Service and Optimisim Attestation Station.

Identity Interoperability (Web2->Web3)

This sub-category also falls in the Interoperability umbrella, however because of their relationship with identity we´ll emphasize this angle for now.

Most credentials and interactions are still happening in the Web2 world. Bridging credentials, attributes or attestations (identity), from Web 2 to Web 3 in a decentralized and anonymous way is key to onboard the next billion.

Some examples relevant to our space are porting over Twitter and GitHub credibility to web3 (as seen above) but also includes banking information, organization belonging, etc.

  • TLSNotary provides proof of data authenticity. Enables export data from any web application and proves facts about it without compromising on privacy. With TLSNotary, you can create cryptographic proofs of authenticity for any data on the web.

  • Sealcred Email enables you to build a proof that you own an email from a particular domain (i.e. @google.com). By submitting emails, a token is created out of the domain. This means you can prove ownership of an email domain without it tracing back to you.

  • ZK Email: anonymously verify email signatures yet mask whatever data you would like. Each email can either be verified to be to/from specific domains or subsets of domains, or have some specific text in the body. This unlocks the possibility of complex application logics built on top of arbitrary email proofs.

  • zCloak valid3.id: it connects real-world information of an entity such as its website, Twitter handle, email etc to its W3C DID and public keys.

Proof of Personhood / Proof of Existence

Proof of Personhood is self explanatory. However, it is also worth mentioning that it is increasingly being used as an anti-sybil mechanism.

  • Interep anti-sybil as a service. Users can anonymously export reputation from platforms such as Twitter and Github allowing services to verify that users belong to a certain group or meet certain reputation criteria without revealing their identities.

  • Worldcoin built WorldID, a Privacy-Preserving Proof-of Personhood Protocol (digital identity) that proves you are a real and unique person while fully protecting your privacy.

Note: other projects worth mentioning in this category that don't leverage ZK technology yet (to my knowledge) are BrightID, Gitcoin Passport and Proof of Humanity, however zkPoH does bring a privacy layer to Proof of Humanity.

Compliance (KYC, AML, KYB)

zkCompliance covers applications focused on preserving privacy while still meeting regulatory compliance standards for specific jurisdictions. For example, in this way, I can prove I have provided my KYC requirements to a security provider, without disclosing my information to everyone. This process is key as data and security breaches have exposed millions of information, we’re limiting the exposure risk.

  • Notebook Labs: anonymous KYC and‍ soul-bound credentials, use zero-knowledge proofs to build anonymous and accountable identities for Web3.

  • Noxx a payroll and compliance tool that enables companies to hire pseudonymous talent, without compromising legal obligations.

  • Polygon ID identity system with programmable privacy that empowers people and enables the creation of trusted interactions with web3 services.

  • KeyRing.Network access TradFi-backed trading pools with privacy-preserving KYC.

  • zkPass a privacy-preserving decentralized KYC solution based on multi-party computation & zero-knowledge proof.

Identity Management & Aggregation - zkPassport, zkWallet, DIaaS

Aggregate and manage different identities, and make claims of one or many of them without disclosing the relationship between each of them.

This category encompasses many different angles, where the context becomes the key factor to subdivide them. A key goal in this category is to minimize information leakage where the anonymity or pseudonymity can be compromised after repeated interactions.

  • Crypt-Keeper is a browser extension which enables zero-knowledge identity management and proof generation.

  • Holonym is a ZK passport to manage on-chain identity.

  • Nuggets verified self-sovereign decentralized identity & payment platform that serves as a reusable, interoperable ID, with a merit based reputation.

  • Sismo Vault: stores cryptographic signatures used for private identity verification on web3. The Sismo Vault allows users to prove claims about their imported accounts to third parties in a frictionless and privacy-preserving manner.

  • Zuzalu passport: allows Zuzalu residents to store personal data relating to Zuzalu identity, reputation, activity, and more, and to share any part of this data.

Note: another project worth mentioning in this category that doesn't leverage ZK technology (to my knowledge) is Signata Project.

Governance

This group of zkdApps focus on anonymity, pseudonymity or collusion resistance in governance contexts. This prevents backlash when voting, signaling or messaging governance proposals.

  • AnonyZKVote is a voting platform for growing communities. It leverages Discord as an authentication mechanism and protects the privacy of voters using zero-knowledge.

  • Blind-OVOTE is a L2 voting solution which provides off-chain anonymous voting with on-chain binding execution on Ethereum by combining validity rollup ideas with blind signatures over elliptic curves inside zkSNARK.

  • zkPIN is a new coordination mechanism called commitment pools, which enables to sign or endorse an idea in a trust minimized way. The problem is simple: you want to sign or endorse some idea, but you're only comfortable doing it publicly if enough other people also do so.

  • HeyAnoun allows noun-holders to give feedback on proposals while maintaining their privacy using zero-knowledge proofs.

  • Isokratia is a trust-minimized governance platform for off-chain voting by leveraging recursive SNARKS.

  • Open Vote Network is a 2-round decentralized voting protocol with all public communication, self-tallying, voter’s privacy and dispute free.

  • MACI (Minimum Anti-Collusion Infrastructure) is a base layer for bribery-resistant, secure, and private digital voting. MACI uses ZKPs for collusion resistance in blockchain voting by making it impossible for anyone other than the vote coordinator to verify how a specific user voted.

  • Semaphore is a protocol, designed to be a simple and generic privacy layer for Ethereum DApps. Using zero knowledge, Ethereum users can prove their membership of a group and send signals such as votes or endorsements without revealing their original identity.

  • Vocdoni is an open-source blockchain voting protocol that is scalable, auditable, censorship-resistant & anonymous. The Vocdoni API and SDK enables flexible, easy and seamless access to the voting infrastructure.

Other projects worth mentioning are: Coeo (discussion forum), Ethereum Social Contract (decentralized justice), Emergence (DAO health & engagement), Om (private data storage layer) Sacred is an anonymous forum to foster horizontal, inclusive and effective communities. Zero Voting (anon quadratic voting), , zkVoice (anti-plutarchy voting).

Authentication

ZKPs can be used to authenticate users without exchanging secret information such as passwords.

  • Sismo Connect— single sign-on for applications—whether on web2 or web3. Once integrated, applications can request private, granular data from users, while users can authenticate and selectively reveal their data.

  • Heyauthn - tries to bring a cross-device wallet for ZK identities. It uses on-device biometric authentication to provide security and convenience.

Social Networks (DeSoc)

Interact anonymously or pseudo-anonymously in social networks.

  • HeyAnon is a way for people who are in cool groups or did cool stuff on Ethereum to broadcast messages anonymously on Twitter. Anyone whose participation in a group or historical moment can be verified and then post to the feed.

  • SealCaster is an anonymous messaging on Farcaster powered by ZK

  • UnirepSocial is a social network system built on top of Unirep Protocol where anonymous members of a group can give, receive, and prove reputation without revealing their identity.

  • SealCred Echo enables you to tweet anonymously using your ZK badges.

  • Zkitter is an anonymous social network powered by ZK.

  • ZK3 is a Lens Protocol + Semaphore Integration that allows users of the Lens protocol to govern post interactions (who can comment, mirror, etc) through ZKPs and group membership

A social experiment worth mentioning is ETHdos. It leverages recursive SNARKs and allows you to measure your degrees of separation from someone, in this case Vitalik. Another is Truth, a photo based social media where pictures need to be taken inside the app (proven using ZKPs).

Anonymous Chat & Spam Protection

New tools are needed to manage anonymous messaging environments.

  • RLN is a construct based on zero-knowledge proofs that enables spam prevention mechanisms for decentralized, anonymous environments. RLN for Waku is implemented

  • Zk-chat Anonymous and private chat environments, using Interep for a privacy preserving registry and sybil resistance and RLN for spam protection

What is next?

In the next article we will explore the Private Computation (zkComp) space, or more Private Identity, or zkDefi. There’s so much to explore!

Also if you´ve noticed, this list will only continue to grow with time! It’s already out of date 😅 As a ZK space, it´ll be good to share example zkdApps and communicate categories and levels of maturity of projects. If you´re interested to build something like a “Project / Tech Radar” similar to CNCF Radar reach me out!

Subscribe to andyguzman.eth
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.