Skip to content

rihkddd/ZeroRank

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
internal
internal
 
 
web
web
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

ZeroRank

A trustless, privacy-preserving web application for anonymous ranking. Built on Multi-Party Computation (MPC), ZeroRank ensures that your inputs never leave your browser unencrypted. The lightweight Go backend acts solely as an oblivious signaling relay.

✨ Highlights

  • Pure Browser Crypto: No heavy WebAssembly or npm bundlers. Implements minimal P-256 elliptic curve operations and utilizes the native Web Crypto API for maximum performance and zero dependencies.
  • Dual MPC Protocols: Automatically routes to Yao's Garbled Circuits + Oblivious Transfer for 2 participants, and Additive Secret Sharing for 3+ participants.
  • Honest-but-Curious Server Model: The Go backend handles WebSocket relaying but cannot decrypt any payloads. Everything is end-to-end encrypted.
  • Single Binary Deployment: The entire vanilla JS frontend is bundled into the Go executable via go:embed for a frictionless ~6MB deployment.

🚀 Getting Started

Prerequisites

  • Go 1.21 or higher (for building from source)

Build and Run

# Clone the repository
git clone https://github.com/rihkddd/ZeroRank.git
cd ZeroRank

# Build the single binary
go build -ldflags="-s -w" -o ZeroRank main.go

# Run the server
./ZeroRank -addr :8080

Open your browser and navigate to http://localhost:8080.

Development Mode

If you want to modify the frontend or backend and run the server without building a binary:

go run main.go

🔒 How It Works

ZeroRank uses advanced cryptographic protocols to ensure no one, not even the server, knows your actual input value.

  1. 2 Participants (N=2):

    • Uses Yao's Garbled Circuits combined with Chou-Orlandi (2015) Simplest Oblivious Transfer (OT).
    • The garbler creates an encrypted boolean comparison circuit, and the evaluator evaluates it without knowing the original inputs.
    • We implement Point-and-Permute optimization for fast, constant-time gate evaluation.

  2. 3+ Participants (N≥3):

    • Uses Additive Secret Sharing over a finite field $Z_p$ (where $p = 2^{61}-1$).
    • Each participant's value is split into random shares and distributed to peers via ECDH + AES-GCM end-to-end encrypted channels.
    • A rotating evaluator reconstructs the difference of shares to securely compare pairwise values.

🛠️ Tech Stack

  • Backend: Go (net/http, nhooyr.io/websocket)
  • Frontend: Vanilla JavaScript, HTML5, CSS3 (Glassmorphism & Dark Theme)
  • Cryptography: Web Crypto API (AES-GCM, ECDH, HKDF, SHA-256), BigInt (P-256 EC math)
  • i18n: Built-in support for English and Chinese

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

About

A trustless, privacy-preserving web application for anonymous ranking.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages