Skip to content

proofcarryingdata/zukyc

Repository files navigation

Zukyc

This is an example app using POD (Provable Object Data) & GPC (General Purpose Circuit).

POD & GPC allows developers to issue verifiable data, and make privacy-preserving (zero knowledge) proofs about that data. For details about POD & GPC, see this doc.

Example use case

This example app demonstrates an end to end use case for POD & GPC. The story goes, Gerry the giraffe would like to borrow some money, so he goes to ZooLender. ZooLender wants him to prove that he has a valid ID, and has annual income over $20,000 amount among other things. Gerry doesn't know ZooLender well. He doesn't feel comfortable to send him his ID and paystubs. So they decide to use ZooKyc (KYC stands for Know Your Customer).

ZooKyc manages the user's identity (e.g. Semaphore identity), PODs, and generate proofs upon requests.

To use ZooKyc, Gerry first goes to ZooGov (a govenment website), and ZooGov issues him a govenment ID POD signed by ZooGov. Gerry then goes to ZooDeel (a payroll service provider website), and ZooDeel issues him a paystub POD signed by ZooDeel. All the PODs have a owner field with Gerry's Semaphore public identity.

ZooLender provides Gerry a proof request which specifics what he wants Gerry to prove about the govenment ID POD and the paystub POD.

Gerry then goes to ZooKyc with his ID POD, Paystub POD, and the proof request from ZooLender. ZooKyc creates a zero knowledge proof that Gerry has a valid ID, and has annual income over $20,000 amount (among other things) without leaking other information. ZooKyc runs all the code locally in the browser, meaning it doesn't send Gerry's private data to any server. In fact, Gerry can take the code from ZooKyc and run it himself locally on his computer.

Now with the proof generated by ZooKyc, Gerry goes back to ZooLender. ZooLender verifies the proof, and lends Gerry the money.

You can walk through Gerry's experience using the deployed app links below. Note that in this example app, transferring data between different sites occurs via copy/paste, and there is no other communication between the sites.

Deployed app

  • ZooLender: a lending website. To apply for a loan, the user can use ZooKyc to generate a proof with the proof request ZooLender provides. ZooLender will verify the proof, and decide whether to lend the user the money.
  • ZooKyc: manages the user's identity, PODs, and generate proofs upon requests.
  • ZooGov: a govenment website. It can issue govenment ID POD.
  • ZooDeel: a payroll service provider website. It can issue paystub POD.
  • ZooAdmin: for debugging purposes. It allows you to generate govenment ID POD and paystub POD with the information you provide.

Example code

  • How to issue PODs: code
  • Proof request (what you want to prove, including proof configuration, and optionally membership lists, external nullifier and watermark): code
  • How to create GPC proofs (based on the proof request): code
  • How to verify GPC proofs: code

What's inside?

This Turborepo includes the following apps (inside the apps/ folder):

POD issuers (ZooGov, ZooDeel, ZooAdmin)

pod-issuer-client

pod-issuer-server

  • http://localhost:8080, deployed at https://zukyc-issuer-server.vercel.app.
  • This is the server for pod-issuer-client. It provides the server-side APIs to issues PODs to the user.
  • It includes:
    • routes/gov.ts: server-side APIs for ZooGov
    • routes/deel.ts: server-side APIs for ZooDeel
    • routes/debug.ts: server-side APIs for ZooAdmin
  • Similarly, in the real world, those would be three independent server-side applications issuing PODs independently.
  • A server is needed because in the real world, the server would have a user database; and the server would hold a signing key for issuing PODs.

ZooKyc

gpc-prover-client

ZooLender

gpc-verifier

  • http://localhost:3001, deployed at https://zukyc-gpc-verifier.vercel.app.
  • This is a frontend app which provides the proof request, and uses the GPC library to verify ZK proofs.
  • In this demo, the server side code is not included, because the proof verification code would be similar. But in the real world, the proof needs to be verified on the server side too so that users can't obtain loans by modifying the code in their client.

Local development

Running the project

In the root of this project, execute the following commands locally.

# installs dependencies for all apps and packages in this repository
yarn

# this will copy all the environment variable files .env.example into an adjacent file .env or .env.local
yarn localenv

# this will run a docker image for Vercel KV store (a durable Redis database) local development
# you need to install docker first and make sure it is running, see this: https://docs.docker.com/engine/install/
# the Vercel KV store is currently used by `pod-issuer-server` `gov` and `deel` routes, as well as
# `gpc-verifier` for storing nullifier hash.
yarn localdb

# starts all the applications contained in the `/apps` folder of the repository
yarn dev

Tips

If you are using @pcd/gpc in your own frontend app, you might encounter a fastfile build error.

../../node_modules/fastfile/src/fastfile.js
Can't import the named export 'O_CREAT' (imported as 'O_CREAT') from default-exporting module (only default export is available)

See here on how to address it: #3