Executive Summary
The collaboration between Hypersign and Chainlink marks a significant stride in the realm of decentralized identity and interoperability of credentials. This innovative solution introduces a secure and privacy-enhanced system for Cross-Chain KYC verification, leveraging Zero-Knowledge Proofs (ZKPs), Chainlink functions, and seamless interoperability between different blockchain networks.
Problem Statement
In a Cross-chain Zero-Knowledge Proof KYC (ZK-KYC) verification system where the Issuer and Verifier operate on separate blockchains, the challenge is to ensure that when a user submits their proof to the Verifier Smart Contract, the contract can validate the legitimacy of the proof and confirm its origin and issuer's attestation from another blockchain, essentially verifying that the user possesses valid credentials issued by the authorized entity.
Example Scenario:
Consider a user with credentials on the Hypersign ID chain (Hypersign ID is a Cosmos SDK-based AppChain designed specifically for identity management) attempting to verify their identity on a separate Ethereum Virtual Machine (EVM) chain. The challenge lies in efficiently confirming the validity of the user's Zero-Knowledge Proof (ZKP) and ensuring the associated credential is authorized by the issuer on the Hypersign chain.
Solution
Utilizing Chainlink Functions and Hypersign DID
The proposed solution leverages Chainlink Functions to bridge the gap between blockchains, enabling any EVM chain to verify the issuer's attestation on the Hypersign ID chain. The process involves several steps, including submitting Verifiable Presentations (VPs) by users and subsequent validation through a combination of Chainlink Functions and the Hypersign DID network.
Technical Implementation
The FunctionsConsumerExample Solidity contract interacts with Chainlink Functions, calling the Hypersign ID Network to confirm the legitimacy of submitted ZKPs. The verification process includes meticulously checking issuer attestations, ensuring the user's credentials are valid and authorized.
Smart Contract Functionality
The Groth16Verifier contract, based on the Groth16 zero-knowledge proof system, is crucial in validating proofs on the EVM chain. It checks the integrity of proofs, confirming that the provided information aligns with the expected parameters.
Deciphering the Diagram: Examining the visual representation provided above, let's delve into the high-level steps outlined in the diagram:
User Submission
The user submits their Zero-Knowledge Proof to the Business Smart Contract on the EVM chain as a Verifiable Presentation (VP).
Proof Attestation Check(Cross-chain
- The Business Contract on the EVM Chain utilizes Chainlink Functions to verify the Issuer's attestation from the Hypersign Chain for the submitted Verifiable Presentation.
- This verification is achieved by calling the Hypersign ID Network from the Business Contract to confirm that the ZK-Proof is associated with a valid credential issued by the authorized Issuer.
ZK-Proof Authenticity Check
- Following successfully verifying the Verifiable Presentation (VP) using Chainlink functions, the Business Contract proceeds to check the authenticity of the ZK-Proof.
- This involves validating the ZK-Proof by interacting with the Verifier Smart Contract on the EVM Chain.
Sequence Diagram
Note: If you want to run this project in the local environment, then reach out to the Hypersign Team for integration Discord
Hypersign API
To use Hypersign API, you can create an app in Hypersign Entity Studio by following the instructions below.
- Visit: https://entity.studio.hypersign.id/#/studio/login
- Create an App and keep the app's secret Key with you.
- To learn about the Hypersign API, visit the documentation here: https://docs.hypersign.id/entity-studio/api-doc
- You can also try API Playground swagger implementation here for Hypersign API. https://api.entity.hypersign.id/ssi
Chainlink Functions
- Learn about Chainlink Functions: https://docs.chain.link/chainlink-functions
- Open Remix IDE and create a file called FunctionsConsumerExample.sol and pate above Solidity Business Contract.
- Ensure you have installed Metamsk in the browser and connect it to Remix IDE.
- Deploy the contract with router address - 0xb83E47C2bC239B3bf370bc41e1459A34b41238D0 on Sepolia Network.
- You can learn about supported networks' router addresses here chainlink-supported.
- Copy the deployed Contract address and navigate to the chainlink subscription-manager to fund the deployed contract with chainlink tokens. Follow the instructions on this page
- Once the subscription is created and funded with chainlink tokens. Copy the Consumer Address and Subscription ID.
- No need to deploy the Zk Verifier contract as it is deployed already for Sepolia network
Clone
- Clone this repository https://github.com/hypersign-protocol/dodo-wallet.git
- Checkout to chainlink-zk-KYC Branch
- Do npm install (Required node version would be 14.21 or above)
- After installing the dependencies
- Do npm run dev. If you face an error regarding javascript heap memory out, then run the command: NODE_OPTIONS=--max_old_space_size=4096 npm run dev
- Open the browser and navigate to http://localhost:9002
- Install Metamask Wallet Extension to the browser if you don't have one: https://metamask.io/download/
- ReadME: https://github.com/Raj6939/onchain-zk-kyc/tree/main?tab=readme-ov-file
Conclusion
The collaboration between Hypersign and Chainlink represents a technical leap in decentralized identity verification. By combining the cryptographic prowess of ZKPs, the interoperability provided by Chainlink Functions, and the privacy-centric design of the Hypersign DID framework, this solution not only addresses the challenges of CrossChain KYC but also sets a precedent for secure and efficient decentralized identity management across blockchain ecosystems.
About Chainlink
Chainlink is a decentralized blockchain oracle network built on Ethereum. The network is intended to be used to facilitate the transfer of tamper-proof data from off-chain sources to on-chain smart contracts. It can be used to verify whether the parameters of a smart contract are met in a manner independent of any of the contract's stakeholders by connecting the contract directly to real-world data, events, payments, and other inputs.
About Hypersign
Hypersign is an innovative, permissionless blockchain network that manages digital identity and access rights. Rooted in the principles of Self-Sovereign Identity (SSI), Hypersign empowers individuals to take control of their data and access on the internet. It provides a scalable, interoperable, and secure verifiable data registry (VDR) that enables various use cases based on SSI. Built using the Cosmos-SDK, the Hypersign Identity Network is recognized by W3C (World Wide Web Consortium), promoting a seamless and secure identity management experience on the Internet.
Get in touch with us today to understand the nuances of the decentralized identifier and their real-world application at meet.hypersign@gmail.com