zkTLS makes it possible to create Web proofs without sacrificing privacy.
Author: Mechanism Capital
Compiled by: Deep Tide TechFlow
Key Points Summary:
Why is this an opportunity? This is a significant improvement over existing oracle solutions, capable of expanding the protocol's coverage, reaching beyond the current user base to a globally diverse audience.
What is TLS? TLS (Transport Layer Security) is the "s" in "HTTPS," used to secure communication between servers and users.
zkTLS makes it possible to create Web proofs without sacrificing privacy. Web proofs are a type of zero-knowledge proof used to verify information from Web2 data sources.
The next evolution of oracles. Oracles have driven the development of decentralized finance (DeFi), and zkTLS will bring the world into DeFi. The limitation of oracles is that they can only receive data through APIs.
zkTLS is currently just a buzzword, as existing technological implementations do not use zkTLS at the information handshake level (when you open a website in your browser, a TLS handshake occurs).
Benefits: Protects user anonymity, security, and internet data privacy. Users can privately and verifiably share data, such as bank balances and average social media likes, without revealing personal information.
This will extend the coverage of encryption protocols beyond the current user base to a larger and more diverse audience. The assurance here is limited to the authenticity of the data and its source.
zkTLS was first introduced in 2016 and has only recently begun to gain attention. Currently, there are only a few use cases, such as exporting social media followers/following lists.
The opportunity to integrate Web2 data with Web3. This evolution will enable encryption protocols to solve real-world problems more quickly. The opportunity lies in the protocols supported by zkTLS, rather than its infrastructure.
The Reclaim protocol is leading in development and market appeal. Other market participants include TLS Notary, zkPass, and Pluto.
Issues
There is a lack of verifiability in the world. In decentralized and adversarial environments, many simple things in both the real and digital spaces are difficult to prove.
The verification capability of HTTPS is limited. You can only verify the authenticity of data when you access it yourself. If you try to show data to a third party, you lose verifiability because the third party cannot confirm that the content is a legitimate copy of what you see.
Web3 faces a "chicken and egg" problem, where all related internet activities are isolated. There are no bridges between Twitter and Instagram, between Instagram and Zora, or between Spotify and Sound.xyz. This may be acceptable for early users, but it poses a significant challenge for time-sensitive users.
zkTLS, or zero-knowledge transport layer security protocol, provides a way to address the data source issue without sacrificing privacy. It is a zero-knowledge proof built on the TLS protocol.
In practice, this is a method that allows users to securely export data from any website. There is no guarantee of data authenticity, only a guarantee of the data and its source.
Opportunity: Large-scale use of Web2 data in Web3 applications
This is the natural evolution of oracles. The problem with oracles is that their usage is limited to public data, and they are costly and difficult to scale to personally identifiable information and Web2 scenarios.
How does it work?
Three technological approaches to achieving HTTPS verifiability:
Raw TEE (Trusted Execution Environment) / SGX proof
TEE is a secure area within the device's main processor. It ensures that external processes or computations, even those with higher privileges, cannot access or alter the data within. They protect critical data and also authenticate and verify the data computations performed within.
Proofs allow remote parties to be confident that the expected software is securely running in an enclave on a fully patched, Intel SGX-enabled platform.
The TEE model does not use zero-knowledge proofs but relies on the security guarantees of TEE.
TEE is limited by the trust assumptions of hardware providers.
Requesting through intermediary third-party proxies
Using the proxy feature of the browser as an intermediary between the user and the website. Proxies can create zero-knowledge proofs.
This approach may be blocked due to bottlenecks at the proxy level.
The proxy model does use zero-knowledge proofs, but they are used after the TLS handshake is completed (when you open any website in your browser, the browser performs a TLS handshake).
Multiparty computation (MPC) based approach
Implementing MPC through a network of nodes, rather than having the browser hold its own keys. Thus, the keys are held neither by the browser nor by specific nodes.
MPC solutions are costly, so in practice, 2PC solutions are often used, which operate between a single node rather than multiple nodes.
This model provides good security assurances, but setting up MPC requires significant network communication, leading to higher overhead.
The MPC/2PC model does not use zero-knowledge proofs but performs handshakes through MPC.
MPC has inherent collusion risks that can be mitigated through various strategies.
MPC-based models are generally considered the best in terms of security. However, the proxy model is the only one that uses zero-knowledge proofs to ensure data integrity. But no model uses zero-knowledge proofs at the TLS handshake level to meet the zkTLS name. zkTLS is more of a buzzword and has not yet fully matured in practical applications.
Unique Selling Proposition (USP)
When accessing data through APIs, it is easy for the data to be shut down. If tech companies do not want applications to use their data to distribute tokens or engage in off-platform financial activities, they can easily shut down these APIs. However, with Web proofs, as long as users can access data on a website through an HTTPS connection, that data cannot be shut down.
This means that almost any Web2 data can be securely brought on-chain without the data source taking any action or being able to prevent this process.
zkTLS paves the way for a more open future internet where data will no longer be isolated. This means that the unique selling propositions of the Web2 business models we know will be disrupted. Users will be able to integrate and use various new types of interoperable frontends.
Use Cases
Zero-knowledge verification (zkKYC)
More expressive oracles, such as weather oracles, sports score oracles, and stock market pricing oracles
Web3 airdrops to Web2 users. Achieving interconnection between Web3 and Web2 users, as well as defending against vampire attacks.
Reflecting on our rapid construction of a new financial system, our industry has excelled in incentive mechanisms. Rather than spending huge amounts on advertising to attract users, blockchain has industrialized shaping user behavior and rewarding participation.
- Airdrops are one of the most effective user engagement strategies we've seen, requiring no upfront investment of millions of dollars, with the current main limitation being that Web3 protocols can only reach users with on-chain history.
Current on-chain users represent only a small fraction of the ideal target audience for these applications.
The target audience for airdrops has expanded from a few million existing crypto users to the majority of the global population. They need a wallet to receive airdrops, but this process can be simplified through account or chain abstraction.
Combining Web3 with real-world loyalty programs
Breakthrough moments in zero-knowledge peer-to-peer payments
A channel supporting fiat currency conversion, allowing peer-to-peer transactions. One party can use a Venmo-like service to send fiat currency, while the other party sends cryptocurrency, and upon payment completion, it is automatically released through Web proofs. This requires smart contracts or centralized solutions as custodial providers.
Anonymous information and insight sharing
Tokenization of domain names. Turning domain names into a liquid asset class with verified ownership. Ownership proof can be used as collateral in decentralized finance (DeFi). This will allow Web2 assets to be tokenized on Web3, similar to ENS, but targeting website domain names.
Ride-sharing platforms: Importing user ride counts from Uber to establish a competitive ride-sharing platform.
E-commerce personalization: Importing user purchase preferences from Amazon to provide targeted discounts.
Blockchain economics: Utilizing users' off-chain activity data to implement economic functions on the blockchain.
Use Cases include:
Proving your bank balance and that the data comes from a specific bank
Proving you are over 21 without revealing your birthday
Proving that ESPN.com reported the results of a sports event
Proving that a user purchased concert tickets
Proving that an Uber driver has completed 1,000 rides and maintains a 5.00 rating.
Related Projects
Reclaim Protocol - https://www.reclaimprotocol.org/
The zkTLS infrastructure of the Reclaim Protocol enables Web2 and Web3 users to generate verified credentials through zero-knowledge proofs, securely verifying online data without revealing sensitive information. Unlike other solutions, it does not require the installation of any applications or browser extensions, allowing users to seamlessly share selected data with third-party applications.
Reclaim Protocol is one of the most advanced protocols in the field, open-source and featuring over 40 verified patterns and 240 community patterns. They currently use HTTPS proxies to forward user responses and plan to decentralize nodes soon. We should reach out to them to explore investment opportunities and synergies to understand the protocols built on their infrastructure.
Pluto - https://x.com/plutolabs_ - https://pluto.xyz/
Pluto allows you to add verifiable data from any internet source. They have already demonstrated a demo integrated with Venmo and Reddit, which is a zero-knowledge implementation of TLSNotary.
Current prototype use cases include developers integrating Web proofs into their applications. Pluto explores multiple directions in the field of applied cryptography, including the development of tools for zero-knowledge proofs (ZKP), multiparty computation (MPC), fully homomorphic encryption (FHE), and witness encryption (WE).
Pluto is built by a small engineering and operations team from Stripe, Aztec, Y Combinator, Hubspot, and Uber. You can find more information about the team on their website.
TLSNotary - https://tlsnotary.org/ - https://x.com/tlsnotary
TLSNotary is an open-source protocol designed to verify the authenticity of TLS data while protecting user privacy. It employs a multiparty computation (MPC) solution. Its name is inspired by a 2013 Bitcointalk post, aiming to enable Bitcoin buyers to prove to third-party arbitrators that they have successfully completed a fund transfer to sellers.
Opacity Network - https://www.opacity.network/
Opacity's zero-knowledge proof protocol can connect provers and verifiers in minutes, enabling trustless sharing and verification of information.
DECO (Chainlink) - https://www.deco.works/
This is the first zkTLS protocol and research project led by Chainlink.
PADO Labs - https://padolabs.org/
PADO uses standard TLS protocols combined with multiparty computation to collaboratively process data. They claim to be building the world's first zkFHE decentralized computing network. In 2023, they raised $3 million from Arweave, Hash Global, and Berkeley Blockchain Xcelerator.
zkPass - https://zkpass.org/
zkPass has received $2.5 million in investments from companies like Sequoia and Binance to develop TransGate. This platform allows users to selectively and privately verify data on any HTTPS website and connect it to the web3 world. Currently, zkPass is in the pre-alpha testnet phase and already has over 50 verified patterns covering websites like Uber, Instagram, and Coursera.
They claim to have generated over 315,000 zero-knowledge proofs and use zkSBT for authentication. Additionally, users can create their own custom patterns through a Chrome extension, which is a significant advantage.
Conclusion
As cryptocurrency evolves into a critical moment, Web proofs become a powerful tool to connect early users with the mainstream. By generating verifiable on-chain data from any Web2 source, Web proofs extend the incentive range of cryptocurrency beyond the current user base, attracting a larger and more diverse audience.
zkTLS technology will gradually lead the world towards on-chain solutions. Combining optimized incentive mechanisms of cryptocurrency with real-world Web2 applications is a pathway to success. I believe this is a significant breakthrough in cryptocurrency use cases.
Open Questions
How to design economic incentive mechanisms to ensure the honest behavior of third-party provers?
How will the system respond when a website updates its data structure? How to ensure that systems relying on third parties continue to function properly?
How to prove the existence of something over long or different time scales?
Currently, zkTLS focuses on "proof"—i.e., completing an operation at a certain time. However, for protocols, data changes may be more valuable, such as updating credit risk or airdrop statistics based on Web3 behavior.
How do end users connect with their websites? Currently, most projects rely on Chrome extensions or Appclips.
Additional Resources
Non-technical, Beginner
What is zkTLS
Semi-technical, Intermediate
Basic Guide to zkTLS
MPC TLS
Technical, Advanced
White Papers
Research Papers
Open Source Projects
Through these resources, readers can choose suitable materials to delve deeper into the relevant technologies and applications based on their technical level.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
