SEASON 3 MODULE 7
zkID (Anonymous Credentials), w/ Ying Tong
In this module, Nicolas Mohnblatt and Ying Tong explain the critical need for privacy-preserving digital ID systems using zk-SNARKs. She first covers existing systems, but shows how the methods used are flawed. These existing systems may inadvertently expose linkability and observability, allowing issuers and verifiers to track users across different presentations. The proposed solution, zkID, is a zk-SNARK architecture, which acts as a privacy layer over existing credentials. This method conceals the static signature and data, enabling private, unlinkable presentations to be verified without requiring issuers to change the cryptography underlying their systems. The discussion also covers advanced topics like credential revocation, deniable presentation, the out-of-protocol risks of de-anonymization, and the technical trade-offs between different ZK proof systems and the importance of standardization in the road to wide-scale adoption.
What you’ll learn:
- 00:00 Introduction and Session Outline
- 05:44 Current Digital ID Designs: LA Wallet example
- 12:02 Formally Stating the Privacy Invariant: The Unlinkability Problem
- 17:13 Adding Privacy Without Modifying Issuer Behavior: The zkID Solution
- 19:34 zkSNARK of a Signature System
- 27:31 Generalizing the ZKID Architecture
- 33:29 Credential Revocation Methods
- 42:02 Deniable Presentation / Plausible Deniability / Repudiation
- 50:29 The Risk of De-anonymization Through Data Correlation
- 53:24 Choosing a ZK Proof System: Trade-offs in Google’s vs. Microsoft’s design
- 1:03:01 The Importance of Standardization
- 1:07:33 Summary and Conclusion
Below is an accompanying reading list:
- EUDI high-level requirements: https://eu-digital-identity-wallet.github.io/eudi-doc-architecture-and-reference-framework/latest/annexes/annex-2/annex-2-high-level-requirements/
- EUDI discussion on ZKPs: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/discussions/408
- Cryptographers’ Feedback on EUDI ARF: https://files.dyne.org/eudi/cryptographers-feedback-june2024.pdf
- Google’s solution – Anonymous Credentials from ECDSA: https://eprint.iacr.org/2024/2010
- Google’s libzk IETF draft: https://www.ietf.org/id/draft-google-cfrg-libzk-00.html
- Microsoft’s Crescent Credentials (paper): https://eprint.iacr.org/2024/2013
- Microsoft’s Crescent Credentials (Github repo): https://github.com/microsoft/crescent-credentials
- “No Phone Home” petition: https://nophonehome.com/
- “No Phone Home” discussion on W3C mailing list: https://lists.w3.org/Archives/Public/public-credentials/2025May/0003.html
- Bringing ZK to Google Wallet with Abhi and Matteo: https://zeroknowledge.fm/podcast/363/
ZK Whiteboard Sessions is an educational series on all things zero knowledge. Presented by ZK Hack.
Get notified on latest module upload by signing up below.