ZK-DID

You need to login in order to like this zkApp. Click Here

ZK-DID

You need to login in order to like this zkApp. Click Here

Data-centric, Privacy-preserving ZK-DID The ZK-DID (Zero-Knowledge Decentralized Identifier) is an innovative DID Protocol that empowers users to reclaim control over their data rights. With ZK-DID, users can store their data locally, ensuring true ownership while maintaining flexibility in data control for apps and data correctness. Problem Statement In the current digital landscape, users’ data is often exploited without their knowledge or consent. Companies and governments collect and utilize this data, leaving users without true ownership or control. Additionally, privacy and data protection are compromised by trackers and similar tools, further eroding user privacy. Lack of Data Ownership Internet data ownership presents a complex challenge. Users should have ownership over their data since it represents their value, but many are unaware of their rights or the regulations surrounding data ownership. Consequently, users often lack control over their personal information, leading to feelings of powerlessness. Third-Party Data Collection Another concern is the collection and use of personal data by third-party companies. Users often unknowingly share their data without understanding how it will be utilized or who will access it. This raises privacy concerns and undermines trust in technology. Centralized Data Storage and Cybersecurity Risks The current centralized model of data storage and management is susceptible to cyber attacks, compromising user privacy and data security. This highlights the need for a new approach to data ownership and management that prioritizes privacy and security while giving users greater control over their personal information. Trackers and Privacy Threats Trackers, small pieces of code embedded in websites and applications, track users’ behavior and collect their data without consent. These trackers pose risks to user privacy, enabling malicious activities and the potential sale of sensitive data. The dangers associated with trackers include discrimination, phishing, identity theft, and public concerns. Raising awareness of these risks and implementing measures to protect privacy and data is crucial. Solution The ZK-DID solution incorporates two main components: DataPod and ZK-OAuth. ZK-DID: A W3C-DID compatible protocol that serves as a bridge between apps and users. It enables users to store their data locally on their devices while delegating access to apps, maintaining privacy and control over their data. DataPod: A user-owned data storage system that prioritizes local-first storage. Users can store their data on their devices and manage access through ZK-OAuth. Data is represented in chunks, facilitating on-demand retrieval, maximizing flexibility, and ensuring data correctness. DataPod offers a secure and private means for users to store and own their data. ZK-OAuth: An OAuth-like Data Delegation Protocol that enables apps to interact with DataPod. It allows apps to define data delegation logic and safeguards app data against malicious operations. ZK-OAuth ensures that apps access user data accurately by providing sufficient proof of operations. Architecture The ZK-DID architecture comprises the following components and relationships:

  1. User registers a DID on the Registry Contract.
  2. User creates their DataPod Contract for local data storage.
  3. Apps request DataPod access from the user.
  4. Apps read from and write to DataPod using ZK-OAuth.
  5. Third-party apps retrieve data from Apps through ZK-OAuth.

Mina serves as the trusted layer and verifier for the entire stack, verifying the correctness of function calls and preventing data tampering from malicious actions or unexpected operations. SnarkyJS, a toolkit for interacting with ZK-DID through contracts, is utilized. SnarkyJS contracts can be executed off-chain, significantly enhancing user privacy. Overall, the ZK-DID solution aims to empower users with true ownership and control over their data while addressing privacy concerns and promoting data correctness in a decentralized and secure manner. This project was funded by the Mina Foundation’s, zkIgnite program cohort 1. Team members Jerry Wong (Discord) yukin#7050 Chong0001 (Discord) Chong#0001