New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extending Existing Json Web Algorithms to Support Some ZKPs #28
Comments
I really like this approach, I'd love to help develop it further as well! There's very high level similarities to the "Single Use" JPA that is starting to get documented in the latest draft. Would you want to contribute this as PR for a new section in the JPA draft, or develop it on its own further? |
Sounds good! I'll start documenting this approach in the JPA draft. |
Hi @boumba100, just bumping this thread as we now have two JPAs documented and curious if you think this can be developed into a third? |
The following link points to the draft I've been working on: Please feel free to make any suggestions. Thanks, |
You may also like: https://vitalik.ca/general/2021/06/18/verkle.html |
@boumba100 Impressive! IMO what you've written up so far is easily substantial enough to be its own standalone work. Would you be interested in creating it as a draft in your own name? It can still be a PR to this repo, would just separate the work into an algorithm specific draft. Would you be free 30 minutes before the upcoming JWP sync call next Tuesday to walk me (and anyone else interested) through it all? Also just to be sure I'm processing this correctly so far, this algorithm will support selective disclosure and predicate proofs but it will not support unlinkability since the |
Hi @quartzjer, That proposition interests me. Count me in for a chat before the next call. Regarding proof linkability, you are correct. A commitment that is signed using a traditional ECDSA algorithm is linkable because the value of |
FWIW, @OR13 's verkle reference is on a server which does not appear to currently be running, see instead https://web.archive.org/web/20231115115627/https://vitalik.ca/general/2021/06/18/verkle.html |
This is a bit of a call-out to see if there is still interest in this family of algorithms. |
As we already know, the existing set of Json Web Algorithms (JWA) only really support proof of authenticity (I.e., that a message was signed by a certain key, and that it was not modified). I propose extending some of the existing JWAs, enabling them to support more extensive proof types such as selective-disclosure, compound proofs, and predicate proofs.
I believe this could be achieved with the following approach.
Generating a digital signature.
Generating a proof.
Verifying a proof.
The homomorphic encryption property of a Pedersen Commitment would enable a prover to create a larger set of proof types on hidden messages. In fact, this is how the Ursa BBS+ and PS signatures implementations support it.
Some Pros and Cons of this approach
Pros:
Cons:
Jpa Identifier
A JPA identifier for ES256 plus the described approach could be
ES256+C
, whereC
stands for commitment.Pedersen Commitment Building Block
Another aspect to take into consideration is that the Pedersen Commitment is a building block for many of the ZKP proof algorithms. With this into consideration, I am wondering if we should create a section in the JPA draft spec to document the different proof algorithms that could be applied to Pedersen Commitments. JPAs can then refer to those algorithms.
Useful Links
Noah
The text was updated successfully, but these errors were encountered: