The following call sequence diagram provides a visual representation of the programmatic workflow interactions among the zkPass client stakeholders and the zkPass Service.
Jane Doe has accepted a job offer from Namaste Tech. As part of the drug screening process required by the company, she has to take a blood test.
The blood test is necessary as Namaste Tech has a strict hiring policy prohibiting people with a history of Cocaine and Amphetamine use from entering its workforce. QualityHealth Labs clinic administers the blood test and issues the blood test result.
For successful completion of the onboarding process, prospective employees are required to satisfy the following conditions during the initial screening stage:
Cocaine levels must be below 10 ng/ml
Amphetamine levels must be zero
Meeting these criteria is crucial for securing employment.
Namaste Tech aims to build a system that can onboard the employees with the following objectives:
Privacy Protection for the Employees of Namaste Tech To ensure the privacy of customer data, QualityHealth Lab Clinic will not directly transfer any sensitive information to Namaste Tech. Instead, a proof-of-eligibility token, confirming that the applicant meets the predefined criteria, will be sent to Namaste Tech. This strategy minimizes the risk of data exposure while preserving the integrity of the onboarding process.
Verifiable Drug Use Assessment Maintaining transparency in the employee onboarding workflow is essential. The assessment outcome must be based solely on a quantitative analysis of the applicant's blood test results. Namaste Tech mandates that its query executes without modification, maintaining its original logic. Furthermore, the query must be applied to the correct blood test results, and the test result must belong to the applicant being evaluated.
The purpose of this case study is to present an all-encompassing plan for seamlessly integrating all stakeholders with the zkPass Service in order to build an employee onboarding system that respects the employees' confidential information and enforces a transparent onboarding process. The following sections will delve into the details of the system's technical framework, the nuances of data movement, and the specific integration plans tailored for each participating entity.
Fortunately, Namaste Tech is very committed to protecting the privacy of its employees. It has developed the “My Namaste” App based on the zkPass Proof-as-a-Service architecture, which allows third-party entities to examine users’ information without compromising confidential information.
Taking the Proof Verifier role, Namaste Tech needs to create a DVR to query the blood test results of the incoming new employee.
Namaste Tech defines the “Employee Onboarding” DVR Query for user Jane Doe as follows:
Do all of the following conditions hold true?
Is the lab's ID exactly "QH801874"?
Is the test ID exactly "SCREEN-7083-12345"?
Does the subject's first name match "jane" (case insensitive) ?
Does the subject's last name match "doe" (case insensitive) ?
Is the subject's date of birth exactly "1985-12-12"?
Is the level of amphetamines measured in panels (in Ng/mL) exactly zero?
Is the level of cocaine measured in panels (in Ng/mL) equal to or less than 10?
QualityHealth Labs, which takes the client role of the Data Issuer, defines and issues the Blood Test Result user data, which is shown here in two different formats.
Test ID: SCREEN-7083-12345
Test Name: QualityHealth Comprehensive Screen
Test Date: August 27, 2023, at 14:00 UTC
Lab Name: QualityHealth Labs
Lab ID: QH801874
Lab Address: 1234 Elm St, Oakland, USA
Name: Jane Doe
Date of Birth: December 12, 1985
Blood Type: A+
Email: jane.doe@gmail.com
Phone: 650-555-1234
Street: 789 Oak Street
City: San Jose
State: CA
ZIP Code: 95134
APOE: E3, E3
BRCA1: Normal
MTHFR: C677T, A1298C
Paternal: R1b1
Maternal: H1a1
Amphetamines: 0
Cocaine: 8
Opiates: 102
Benzodiazepines: 0
As indicated above, the blood test result actually contains several sensitive information on the patient, such as the blood type, DNA information, home address, and contact information.
However, Namaste Tech only wants to know if the user has no history of Amphetamine and Cocaine use. Sending the entire blood test to Namaste Tech is not only unnecessary but also reveals sensitive information about the user, which over time can leak out of Namaste Tech’s database, thus compromising the privacy of the user.
For seamless integration with the zkPass framework, every key stakeholder should follow the SDK integration guidelines. Within the scope of the employee onboarding scenario, there are three main parties engaged, as elaborated below.
QualityHealth Labs (Data Issuer) The lab takes the Data Issuer role as defined in the zkPass SDK. The lab defines user data as the blood test result with the above JSON content. The zkPass SDK supports any format of the user data. Therefore, the above definition of the “Blood Test Result” user data can work with the zkPass Service.
My Namaste App (Data Holder) This is the mobile app used by the new employee of Namaste Tech required to take a blood test. The mobile app takes the role of the Data Holder on behalf of the user. The app securely retrieves the blood test result from the clinic and the "Employee Onboarding" DVR from Namaste Tech. It then talks to the zkPass Service to create the zkPass proof.
Namaste Tech (Proof Verifier) This is the Proof Verifier role defined in the zkPass SDK. Namaste Tech defines the “Drug Screening DVR”, which contains the query to be executed on the blood test data. Namaste Tech is interested in receiving the zkPass proof to determine if the user has passed the drug screening test.
The following diagrams illustrate interactions among the three zkPass clients.
The following section outlines the six key steps involved in the interaction between zkPass clients. Each step corresponds to the numbered arrow in the diagram and is elaborated here for clarity:
Step 1: Collecting the "Employee Onboarding" token
Jane Doe starts the "My Namaste" application to retrieve the "Employee Onboarding" token from Namaste Tech. This token is essentially a Data Verification Request (DVR) for "Employee Onboarding," which has been cryptographically signed by Namaste Tech into a JSON Web Signature (JWS) token.
Step 2: Acquiring the "Blood Test Result" token
The "My Namaste" application further fetches a "Blood Test Result" token from QualityHealth Lab. Similar to the previous step, this token represents the "Blood Test Result" user data and is signed into a JWS token by QualityHealth Lab.
Step 3: Calling the zkPass Service REST API
The "My Namaste" application invokes the generate_zkpass_proof
REST API provided by zkPass Service with the retrieved "Employee Onboarding" token and the "Blood Test Result" token as the input parameters. This API call is made to generate a zkPass proof based on the query specified in the "Employee Onboarding" DVR, which is executed against the "Blood Test Result" data.
Upon receiving the API request, the zkPass Service processes the call, generates the zkPass proof, and returns it to the "My Namaste" application. The zkPass proof contains:
The cryptographic proof that the query has been executed properly as-is without any code modifications
The output or result of the query
Step 4: Returning the zkPass Proof to the Data Holder
After completing the processing of the zkPass Proof, zkPass Service returns the proof to the My Namaste app.
Step 5: Calling the Verifier to verify the proof
The "My Namaste" application calls the Verifier (Namaste Tech) site, passing the received zkPass Proof for verification.
Step 6: Verifying the zkPass Proof and getting the query result
The Verifier (Namaste Tech) validates the zkPass proof and extracts the query result, which could either be true or false. At this point, Namaste Tech determines whether Jane Doe has passed the drug screening test, and it can return the result of the query to the Data Holder (My Namaste app), which completes the entire zkPass data flow.
It's crucial to emphasize that Namaste Tech never gains access to Jane Doe's actual blood test results, which contain sensitive and confidential information irrelevant to drug screening. Instead, what Namaste Tech receives is merely the zkPass proof, encompassing the cryptographic proof of query execution and its output, devoid of any confidential information about Jane Doe.