Proposal - zkAccess: Zero-knowledge access layer on top of Ceramic / ComposeDB

[ Update 01/27 - v0.0.2 - zkAccess + CompositeDB ]

Here’s the second update for zkAccess grant.

Overview

Description

As described in the past update, the second step was to store the users’ public keys in our ComposeDB. It wasn’t evident to me the difference between traditional “streams” and ComposeDB until I managed to take a deeper dive into the technology. After I managed to implement did-session into the demo, I then proceeded to interact with my local Ceramic node trying to understand their roles. I created a thread in Discord to discuss these.

In the meantime, I started to put together the idea of the first “implementation” of zkAccess:

In short, the goal would be to have a website where I’ll allow users to manage a DID via their Ethereum account and generate a webauthn credential to store it in ComposeDB. Then, they can request to create a zk-proof against a specific NFT collection (e.g. BAYC). A server would filter the public keys (mapped against an address) for only the owners of this NFT collection, and then the owner could create the proof.

Next steps

I’ve managed to verify 1 and 3 from the original post (i.e., write in Ceramic from an Ethereum account a zero-knowledge attestation data, and query these from ComposeDB). However, I struggled to integrate everything within the existing app. Thus, as a next step I’ll create the “actual” app using Create Ceramic App and import my zk libraries there. I’m hoping to have a fully functional demo by next update.

Blockers

  • Time. I struggled to wrap my head around the new libraries and concepts, so I ended up putting together this thread for future developers - FAQ for common errors in ComposeDB + DIDs (Jan 23). I’ll have to speed up the demo since I’ll start from scratch with the Create Ceramic App template.
  • Production Deployment - I’ve yet to see how I’ll deploy to production ComposeDB, so that’s another concern (I mean, I can always ssh to a VM and just run the commands, but yeah, something more automatic would be great).