Key Points

ZKP allows proof the party has knowledge of private facts or has control of a private resource - NOT direct proof of ownership
commonly used in SSI for selective presentation of credentials or verification of access to a digital asset

References

Reference_description_with_linked_URLs_______________________	Notes______________________________________________________________
m SSI / DID / VC - Self Sovereign Identity
m Hyperledger Aries - identity, data management tools
m TOIP Trust Over IP


How ZKP - Zero Knowledge Proofs work - video

Key Concepts

What is zero knowledge proof in Hyperledger fabric?

https://hyperledger-fabric.readthedocs.io/en/release-1.2/idemix.html#:~:text=These%20%E2%80%9Czero%2Dknowledge%20proofs%E2%80%9D,credential%20and%20cannot%20be%20forged.

These “zero-knowledge proofs”prove that the signature on some attributes is valid and the user is in possession of the corresponding credential secret key. Such proofs, like the X. 509 certificates, can be verified with the public key of the authority that originally signed the credential and cannot be forged.

Zero-Knowledge Proof: Verifying Blockchain Transactions with Less Risk

https://wiki.hyperledger.org/display/CP/Zero-Knowledge+Proof%3A+Verifying+Blockchain+Transactions+with+Less+Risk

How ZKP - Zero Knowledge Proofs work - video

trust goals

prove that the PII data has not changed since it was last recorded by a valid transaction ( data provenance )
protect PII data > don't share PII data with other parties ( data protection )
prove to a relying party ( verifier ) that the holder of PII data knows the data without sharing the data ( ZKP )

trust solution

data provenance
1. create a hash of the data > normal data hash
2. record the data hash and surrogate key on blockchain
3. when accessing the data verify the current data hash matches the data hash of the last recorded transaction on the blockchain
data protection
1. don't share the PII data directly with other parties ( several options including recording obfuscated data on the blockchain as a reference )
data knowledge

Example

using ZKP, prove that ( as holder of my age document ) I am over 21 to a bar tender ( relying party ) to drink at a bar without revealing my age

create an indirect proof that my age is over 21 using my birth date > today my DOB > 21 years old

for speed, the proof could be pre-calculated for a specific date and then the current date days since could be added to prove I ma over 21

relying party ( bar tender ) challenges me on my age > 21

holder presentation generates a current ZKP result for the challenge
relying party sees the ZKP result is true and allows the holder to purchase alcohol

Other examples

income is within a range
hash of salary is Y

create a hash of the data > normal data hash

define facts and answers that uniquely identify the data item > fact info set

hash the fact info set AND the data hash > fact info data hash

verifier credential challenge > ask client for the fact set answers

hash the answers with the issuer data and compare to the fact set hash to see if the client has proven the information correctly

A Gentle Introduction to ZKPs and Circom - Medium - 2023

ZKP - CIRCOM-medium.com-A Gentle Introduction to ZKPs and Circom.pdf. GD

ZKP - CIRCOM-medium.com-A Gentle Introduction to ZKPs and Circom.pdf. file

we will explore what zero-knowledge proofs are, how you can construct them using a domain-specific language like Circom, and how to use the artifacts generated by the Circom compiler.

What are Zero-Knowledge Proofs?

At a high-level, zero-knowledge proofs allow one party (namely, ”the prover”) to prove to another party (”the verifier”) the correctness of a statement ϕ without revealing any other information other than the fact that ϕ is valid. Recently, ZKPs have gained widespread adoption as a way of addressing privacy issues in smart contracts and for facilitating scalable layer-2 blockchain solutions known as “ZK-Rollups”.

ZKPs can come in several different forms, depending on the size of the proof, whether they are interactive or not, and the necessity of a trusted set-up. In the rest of this article, we will mainly focus on zkSNARKs (Zero Knowledge Succinct Non-interactive ARgument of Knowledge), which have become quite popular in the context of blockchain applications. As their name indicates, zkSNARKs are a family of non-interactive ZKPs that allow succinct proofs, and therefore, constant verification time. Because of the popularity of zkSNARKs, domain-specific languages like Circom and Halo2 have emerged as a way of facilitating the construction of ZKPs.

Interactive Oracle Proofs (IOPs) - Daniel Szego - Linkedin

Interactive Oracle Proofs-D-Szegp-2025.pdf. GD

Interactive Oracle Proofs-D-Szegp-2025.pdf. file

● (zk)SNARK ● Elements of building a SNARK ● Interactive Oracle Proof (IOP) ● Building blocks ● PLONK ● Computational trace ● Constructing polynomials ● Summary ● Literature and Links

BBS+ secure protocol for Zero Trust and other encrypted conversations

BBS+ Protocol Overview and Value Proposition

1. What is BBS+?
BBS+ (Boneh-Boyen-Shacham Plus) is an advanced cryptographic protocol building on the original BBS group signature scheme. It is a pairing-based cryptography system designed for privacy-preserving applications, such as anonymous credentials and selective disclosure proofs. Key features include:

Selective Disclosure: Users can cryptographically prove specific attributes (e.g., age ≥ 18) without revealing unnecessary information.
Zero-Knowledge Proofs: Enables verification of claims without exposing underlying data.
Multi-Message Signatures: Supports signing multiple messages in a single signature, enhancing efficiency.

2. Core Components

Pairing-Based Cryptography: Leverages elliptic curve pairings (bilinear maps) for advanced cryptographic operations.
Partial Proofs: Allows users to reveal subsets of signed attributes while keeping others hidden.
Blind Signatures: Enables issuers to sign credentials without viewing their contents, enhancing privacy.

3. Value Compared to Alternatives

Feature	BBS+	Alternatives (e.g., RSA, ECDSA, zk-SNARKs)
Privacy	✅ Supports selective disclosure and minimal data exposure.	❌ Most require full data revelation (e.g., ECDSA) or complex setups for privacy.
Proof Size	✅ Compact proofs (linear in disclosed attributes).	❌ zk-SNARKs have smaller proofs but require trusted setups.
Computational Efficiency	✅ Optimized for selective disclosure; moderate resource use.	❌ Pairing-heavy operations may lag behind ECDSA in raw speed.
Security Assumptions	✅ Relies on well-studied assumptions (q-SDH, DDH in bilinear groups).	❌ Some ZKP systems (e.g., zk-STARKs) use newer, less-tested assumptions.
Use Cases	✅ Ideal for decentralized identity, verifiable credentials, and SSI.	❌ Better suited for simple signatures or high-throughput transactions.

4. Key Advantages

Privacy-Preserving: Enables compliance with regulations like GDPR by minimizing data exposure.
Interoperability: Aligns with W3C standards (e.g., Verifiable Credentials Data Model v2.0).
Scalability: Smaller proof sizes reduce bandwidth/storage needs, critical for IoT or mobile devices.

5. Limitations

Complexity: Requires expertise in pairing-based cryptography for implementation.
Performance: Pairing operations can be slower than traditional ECDSA on low-power devices.

6. Real-World Applications

Decentralized Identity: Used in frameworks like Hyperledger Aries for self-sovereign identity (SSI).
Healthcare: Securely share patient data with selective disclosure (e.g., proving vaccination status without revealing other medical history).
Supply Chain: Verify product authenticity without exposing sensitive supplier details.

Conclusion
BBS+ excels in scenarios demanding privacy, selective disclosure, and regulatory compliance, making it a top choice for modern decentralized identity systems. While alternatives like ECDSA or zk-SNARKs may outperform in specific areas (e.g., speed or proof size), BBS+ strikes a unique balance between privacy, efficiency, and standardization.

Compare BBS+ and zk-Snarks

Provide a detail comparison between BBS+ and zk-Snarks
Create a summary comparison table with their key features, recommended use cases, advantages, limitations, reference links

Comparison of BBS+ and zk-SNARKs

Below is a detailed comparison of BBS+ (Boneh-Boyen-Shacham Plus) and zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge), two cryptographic protocols with distinct strengths and applications.

Summary Table

Feature	BBS+	zk-SNARKs
Primary Use Case	Selective disclosure of attributes (e.g., verifiable credentials).	Privacy-preserving computation (e.g., anonymous transactions, private smart contracts).
Cryptographic Basis	Pairing-based cryptography (bilinear groups).	Zero-knowledge proofs based on Quadratic Arithmetic Programs (QAPs).
Proof Size	Linear in the number of disclosed attributes.	Constant size (succinct), regardless of computation complexity.
Trusted Setup	Not required.	Required (toxic waste must be securely discarded).
Privacy Level	Selective disclosure (reveal only chosen attributes).	Full zero-knowledge (no information leakage beyond proof validity).
Computational Overhead	Moderate (pairing operations can be resource-intensive).	High (proof generation is computationally heavy; verification is fast).
Interoperability	Aligns with W3C Verifiable Credentials standards.	Used in blockchain ecosystems (e.g., Zcash, Ethereum).
Security Assumptions	q-SDH (Strong Diffie-Hellman) and DDH (Decisional Diffie-Hellman).	Knowledge of Exponent (KEA), CRH (Collision-Resistant Hash), and others.
Adoption	Emerging in decentralized identity frameworks (e.g., Hyperledger Aries).	Widely adopted in privacy-focused blockchains and Layer 2 solutions.

Key Features and Use Cases

BBS+

Key Features:
- Enables selective disclosure of signed attributes.
- Supports multi-message signatures (signing multiple attributes in one signature).
- No trusted setup required.
Recommended Use Cases:
- Verifiable credentials (e.g., proving age without revealing a birthdate).
- Decentralized identity (SSI) systems.
- Compliance with GDPR/CCPA by minimizing data exposure.
Advantages:
- No trusted setup phase.
- Efficient for attribute-based proofs.
- Compatible with privacy regulations.
Limitations:
- Proof size grows with the number of disclosed attributes.
- Pairing operations can be slow on low-resource devices.

zk-SNARKs

Key Features:
- Zero-knowledge: Proves validity of a statement without revealing inputs.
- Succinct proofs: Fixed size regardless of computation complexity.
- Non-interactive verification.
Recommended Use Cases:
- Anonymous cryptocurrency transactions (e.g., Zcash).
- Private smart contracts (e.g., Aztec Network).
- Auditable but confidential computations (e.g., voting systems).
Advantages:
- Extremely small proof sizes.
- Strong privacy guarantees.
- Battle-tested in blockchain environments.
Limitations:
- Requires a trusted setup (risks if compromised).
- High computational cost for proof generation.
- Complex implementation and reliance on newer cryptographic assumptions.

When to Use Which Protocol?

Scenario	BBS+	zk-SNARKs
Selective Disclosure Needs	✅ Best choice (e.g., proving specific credentials).	❌ Overkill unless full zero-knowledge is required.
Complex Computations	❌ Limited to attribute-based proofs.	✅ Ideal (e.g., proving validity of a transaction without revealing details).
Regulatory Compliance	✅ Aligns with GDPR/CCPA via minimal data exposure.	❌ May require additional layers for compliance.
Resource-Constrained Environments	❌ Pairing operations may strain low-power devices.	✅ Verification is fast, but proof generation requires significant resources.
Blockchain Integration	❌ Emerging adoption in identity systems.	✅ Mature adoption in privacy coins and Layer 2 solutions.

Reference Links

Conclusion

Choose BBS+ for use cases requiring selective disclosure and interoperability with identity standards (e.g., healthcare credentials, KYC processes).
Choose zk-SNARKs for complex private computations where succinct proofs and full zero-knowledge are critical (e.g., anonymous transactions, confidential smart contracts).

Both protocols address privacy but cater to different needs: BBS+ excels in attribute-based privacy, while zk-SNARKs dominate in computational privacy.

Potential Value Opportunities

Potential Challenges

Candidate Solutions

Step-by-step guide for Example

sample code block

sample code block

Recommended Next Steps

Related articles

Browser not supported