Consider a new applicant for a credit card who needs to convince the credit company that they have maintained sufficient average balance in their bank account over the last three months. The traditional way of doing this is for the applicant to share the bank statements over that period. But, this reveals much more personal information than is necessary to the company. It not only reveals exact balance, but also the transaction details. Ideally, the applicant would like to convince the credit company that her private data satisfies the balance requirement without revealing either the exact balance or the transaction details.
Zero knowledge proofs (ZKPs) is a technique by which an entity, or prover, with private data provides a verifiable proof to a verifier that certain property holds true for that data without revealing any additional information other than the truth of verified property. In our example, the credit applicant is the prover with the private data corresponding to the bank transactions and the verifier is the credit company which needs to verify only the monthly balance property.
Frameworks for computing succinct zero knowledge proofs without revealing private information are already available. But, most practical frameworks suffer from the limitation that, for every new property that the prover and verifier need to establish, they need to go through a costly and time-consuming trusted proof set-up process. Certain frameworks that do not require such a complex proof set-up have severe performance bottlenecks in terms of proof generation and/or verification time. These bottlenecks are big barriers for the adoption of ZKPs in near real-time supply chain and logistic collaboration. The collaborating entities do not know a priori the set of all properties that need to be proved and further, some of these requirements arise dynamically.
Our team at IBM has developed a scalable framework for proving properties of private documents in zero knowledge, in other words, in a privacy preserving way. It allows participants in a collaboration network to be able to prove a large class of properties about their private documents with just a one-time proof setup. Further, this framework is combined with an innovative protocol that allows all the entities on a blockchain network to participate in the computation of network-level statistics without revealing any private data. Such powerful privacy preserving network-wide insight generation can help foster more collaboration and generate significant value for all the participants
Game changer for blockchain collaboration
The use of our framework will be a game changer in the space of blockchain. ZKPs are already used by Zcash to enable privacy in peer-to-peer (P2P) digital payments. Our framework enables new use cases of secure, verifiable private information, fosters network-wide insight generation, and provides a means for blockchain interoperability.
General business-to-business collaboration has much broader requirements than private P2P payments. Participating entities usually have to prove a much larger set of properties than a proof for simple ledger transfers as in the case of Zcash. We have designed our framework to precisely to handle this challenge. For example, the owner of an invoice can prove that the invoice satisfies tax compliance requirements such as correct tax code and computation without revealing the exact values of any of the fields of the invoice, that is otherwise unnecessary for the transaction.
Industry platforms like TradeLens and IBM Food Trust™, which have broad participation from industry participants, contain a treasure of insights on common industry pain points. For example, delay patterns in a logistics network, food spoilage patterns in the food supply chain and many others. Most of these use cases require access to sensitive and private data of the participants. In many cases, the participants might not want to reveal such private data even to the network operator for anonymized computation of such network level insights.
With the framework we have developed, such network insights can be provided in a trusted and verifiable manner without revealing the private information. For example, delay patterns on a particular trade lane across the industry can be computed in a completely privacy-preserving manner and without requiring to share the data with the network operator.
Blockchain interoperability has emerged as a holy grail in this logistical space that can help realize the value of individual networks flow across seamlessly. This technology can be a key enabler for certain blockchain interoperability scenarios. For instance, it can allow a network to prove to a second network that a particular property is true about its ledger data without revealing the ledger content.
Secure and verifiable transactions
Document sharing by TradeLens is a fundamental requirement to implementing key compliance checks and business rules. Often, some of these checks and rules need to be implemented on private data that the clients are not willing to share even with the platform. This limits the type of compliance checks and business rules that can be implemented. Our scalable framework can help resolve this problem. Clients can generate a predefined set of rules — or zk proofs — on the properties that make up their private data in a very efficient manner. These proofs can be verified by any other participant in the ecosystem. Then, based on our framework, TradeLens can help participants ascertain a much larger set of compliance checks and business rules much quicker — all without revealing sensitive data.
Consider scenarios where participants on TradeLens need to share different documents with different parties. Often, there could be a common field(s) that link two documents shared with two different entities. For example, Company A shares two separate documents with Company B and Company C respectively. Let’s say there is a common field that links both documents together. Company A would like to convince Company B that the value of the common field in the two documents is the same. The challenge for Company A is that, due to privacy considerations, the document shared with Company C cannot be shared with Company B. Again, our framework comes to the rescue by allowing Company A to prove such consistency properties while adhering to the privacy requirements of both Company B and Company C.
Our overall mission
The examples and use cases we’ve talked about here show that enabling privacy preserving collaboration on blockchain platforms can unleash significant value for the participants. It will enable compelling network-wide collaboration use cases that benefit the entire ecosystem. This technology will mitigate privacy concerns of data owners and we believe lead to a wider acceptance of blockchain platforms.
The goal of our team at IBM is to build privacy preserving technologies for blockchain collaboration. The scalable, one-time set up zero knowledge proof framework we’ve developed is the first step in this direction. We are on a path, and are looking forward to creating, a comprehensive set of privacy-preserving techniques geared for an even wider spectrum of blockchain collaboration. Stay tuned for a technical announcement of this framework, and its planned applications in IBM Blockchain Platform.