Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
cyberax 2 hours ago

I've been looking at the field, and I can't really see how most of this is useful. ZKPs and FHE add a lot of complexity to a pretty simple task: verifying the age and/or identity.

These tasks are so simple that you can _almost_ use the existing TLS client certificates for that. Their only drawback is that they're trackable. A simple asymmetric challenge-response system with a nonce easily fixes this:

1. The service provider generates a 128-bit nonce and sends it to me.

2. I use a verification system provided by my government, and it returns a document saying: "The owner is more than 18 years old, the nonce for the request was ......, and this proof is valid for this service name hash". This document is signed by the trusted government certificate.

3. I send this signed document to the service provider.

No need for range proofs and other stuff. I think this flow can even be expressed using OIDC and JWTs!

What am I missing that requires full-blown ZKPs?

tripplyons an hour ago | parent | next [-]

To answer your question, ZKPs can enable the verification step to be done privately in your example. Another use case could be allowing cloud computing hosts to prove that they did not tamper with the results of a computation.

cyberax an hour ago | parent [-]

In this case, the government service doesn't get to know anything about the service (it only gets to see the salted hash of the service name)? And the service doesn't get to know anything about me, except for the "age certificate".

You can add more layers there, if needed for non-repudiation, all within the bounds of classic asymmetric crypto.

> Another use case could be allowing cloud computing hosts to prove that they did not tamper with the results of a computation.

What is the exact scenario here?

tripplyons 44 minutes ago | parent [-]

Got it.

The scenario I'm describing there is how a service like AWS has the ability to tamper with your code or its output. If instead, each response came with a ZK proof showing that the inputs you provided lead to the outputs it returned, you could efficiently verify that nothing was modified.

Ar-Curunir an hour ago | parent | prev [-]

ZKPs don’t require you to interact with a government service, and don’t need an internet connection at all.