Attending a Zero Knowledge Ceremony

Attending a Zero Knowledge Ceremony

Integrating Zero Knowledge Proofs With Common User Credentials

Don’t you just love attending the launch ceremony of a new building or a boat? But, sometimes, we can create a ceremony to prove the trustworthiness of the creation of something. Often that can involve having the creators of something in the same room and in getting them to sign their names to a contract. But we can’t really trust that, so we can then get observers involved. But what proof do we have that it actually happened? For this, we can then have signing witnesses, and who sign off on the whole process, and to say they have observed all of the parts of the ceremony. But, signing something in the ceremony with a wet signature is just so 20th Century, so how do we create a ceremony in a truly trustworthy way?

Now imagine you have to build a car factory and have a new design for a car, but you cannot ever reveal its creation, but where you want to manufacture cars from it. With this, you might have a ceremony where trusted people attended and watched as the design was converted into a manufacturing process. Each contributes some form of randomness to make sure that no one can reveal the methods used to convert the design of the car to the manufacturing process.

At the end of this, the original design is deleted while others observe it, and each can prove that they say that this happened, and then a public proof can be shown to anyone who observes the factory that we have a verified design. Within trusted infrastructures, this is the kind of process that is required to show that there is nothing underhand being created that would allow things to be revealed in the future.

And, so, it is always nice to be invited to a ceremony, and today, I contributed to the zkLogin ceremony:

The zkLogin method aims to remove the need for digital wallet creation and in storing private keys and create the authorization of on-chain transactions using commonly used user credentials, such as Live, Google, and Facebook) — but where it uses zero-knowledge proofs to perform the operations (and thus not reveal sensitive information). In the first part of the ceremony, you select whether you want to run with JavaScript in the browser or with a Docker container:

Next, those involved in the ceremony can select randomization from mouse movements or from a long random string of text. I selected text input, and then happily just typed lots of random characters — making sure I jumped across the keyboard and just didn’t do … “asdasdasdasdasdasf”.

This randomization will then be used to generate a Common Reference String (CRS), and which can be used by any application on Sui. In order for this to be created, we need to perform a sampling operation and also make sure that the random numbers created in the ceremony are deleted. At the end of the ceremony, we should have a security and privacy guarantee.

For ZKPs, a user does not have to reveal private information, but where the proof is able to verify their identity. For this, a JWT token is issued by the OAuth provider, and which contains the user’s credentials — but as a private witness in a Zero Knowledge Proof circuit. These prove both the RSA signature from the identity provider and the user’s information. If you are interested, the ceremony involves a Groth16 zkSNARK system and which only has to be run once. If you want to understand the process, try here:

https://asecuritysite.com/zero/zksnark03

After the ceremony, the CRS will be published, along with the verification script. After it is finalised, this will be used as a proving key and a verifying key.

As a contributer I received a hash of my contribution and a signature by email. When the ceremony is over, all of these will then be published in a public space, so that the trustworthiness of the ceremony can be proven, and which will eventually be shown here:

If you want to know more about Zero Knowledge Proofs, try here:

https://asecuritysite.com/zero