Open scouten-adobe opened 3 months ago
@scouten-adobe could we change the name of this issue to Discussion of Zero Knowledge Identity Management?
ZKP can be used to validate identity (by having holder of identity sign with a private key) without revealing any information about that identity (name, location, biometric info, even key) for a credential holder.
What are the reasons for anonymous Identity for Holders of credential?
Journalists who want to add claims or make edits to photos, but may be in a place where if their identity is revealed, they are put at risk.
OSINT (OS investigators) who may want to report but again, if their location is revealed, it could put their safety at risk
Whistleblowers who want to report on governmental, institutional, or other wrongdoing but not put their jobs or safety at risk.
Anyone else who may want to make a claim and bind their identity to a claim, and not reveal their identity until a later date, such as during a court case, or if copyright is claimed. Risks
Digital Interception and revealing of information about media creator
Physical seizure of assets at border crossings
Unwanted leakage of information that reveal PII
Individuals or organizations claiming rights to work or creations they didn’t capture or create
Authenticity is called into question and needs to be proven (claims that some important and influential piece of media is fake when it is not, or an image in the news is a faked/ modified)
Considerations Who Issues identity? (who manages IAM or KYC?) Can we make these ^ decentralized/ as Anonymous Identifiers (AIDs)? What ZK Proofs have been used for this before? Have ZK Proofs been vetted for security or vulnerability? (e.g. a small amount of info is revealed, and opens a door for inference of other data through an attack) Where are these proofs run/ done (on a TEE/ ZKVM like Risc0)
@talltree @walkerlj0 and Patrick Boehler to reach out to AnonCreds / Hyperledger group
Just catching up on the CAWG April 1st meeting recording; a couple of comments on the ZKP discussion that derived from @walkerlj0's previous comment.
Firstly, we should lead with privacy scenarios, and then decide on appropriate technical solutions (considering things like maturity and deployability). ZK has become a catch-all term encompassing many technologies, but there exists a spectrum of privacy-protecting techniques providing various benefits. You might be interested in this blog post that covers many of them.
Secondly, I've been a long supporter of anoncreds (and its predecessor incarnations) but I wouldn't recommend taking a dependency on its specification. The same cryptographic building blocks providing selective disclosure and unlinkability (e.g., BBS signatures) will be available in more industry-friendly specifications, such as Verifiable Credentials. That, IMO, would be the way to provide such privacy protections.
Lastly but not least, the current C2PA architecture is highly incompatible with unlinkable identities. Even if we support privacy-protecting CAWG identity assertions, the X.509 based claim signature will unescapably produce trackable unique identifiers. There are some suboptimal strategies to go around that, but a proper technical solution for this scenario would require changes to the core C2PA spec.
FYI @talltree, @scouten-adobe
Follow up on Slack discussion by @walkerlj0:
Discuss in 1 April 2024 meeting.