The zkPass Service employs different trust models with regard to data privacy, data integrity, and computation integrity.
zkPass primarily uses a Trusted Execution Environment (TEE) to protect the input's privacy and integrity. (Although TEE can also be used to protect the execution of proof computation, zkPass relies on the trustless ZKP technology for execution integrity, as explained in the next point.). The zkPass server has two main components that process the user’s data input:
Digital signature verification on the user’s data
ZK proof calculation, which takes the user’s data as the input.
Because the data must be unencrypted during processing, both components must be running under TEE to ensure that the user’s data privacy is always protected throughout the entire process. Homomorphic Encryption (HE) cannot be applied here as HE has minimal capabilities in terms of what computation it can perform, while both DSA and ZKVM involve very complex computations. Therefore, the data privacy protection in zkPass is based on a Trusted Model, in which the user basically must trust that the zkPass server is implemented correctly and holistically to protect the privacy of the user’s data.
The zkPass service takes two inputs: the signed credential and the signed DVR. Both inputs need to be DSA-verified by the zkPass service to make sure they are not tampered with. The DSA verification can occur either inside or outside the ZKP proof function. Therefore, there can be two different approaches to the data integrity model:
Trusted Data Integrity The digital signature verification on the credential and DVR is performed in TEE but outside of the ZKP proof function.
Trustless Data Integrity The digital signature verification on the credential and DVR is performed inside the ZKP proof function running in the TEE.
While the trustless data integrity model is the preferred one, the DSA verification computation is quite heavy to run inside the ZKVM engine. Currently, there are some limitations on how much processing you can perform on a ZKVM. Due to this constraint, the current proposal is to choose the Trusted Model for data integrity as it is practically feasible to implement and reasonably secure. However, it is very possible that we can use the trustless model in the near future if the underlying ZKVM engine has improved its processing capabilities.
zkPass uses a ZKVM engine (Zero Knowledge Virtual Machine) to ensure the proof function is executed in a verifiable computation environment. In this regard, the proof generation feature is based on the Trustless Model, in which the Verifier can confidently confirm if the generated proof and output are valid without the need to trust the zkPass server or any other third-party entity.
The following table summarizes the zkPass trust models:
Trust Model
Data Privacy
Trusted (via TEE)
Data Integrity
Trusted (via TEE)
Computation Integrity
Trustless (via ZKVM)
The trusted model for data privacy, which is less desirable, is the result of the trade-off of moving the ZKP computation from the user’s private space into an external server managed by a third-party entity. Nevertheless, as described in the zkPass Service design, we believe that the proposed trust models are sufficiently secure enough and provide an effective and practical solution for the proof system needed for the didPass ecosystem.