Following the discussion on how Zero-knowledge Proof (ZKP) can be used in the field of civic technologies (CivicTech) and specifically how it can be used by different NGOs to coordinate food distribution to the food insecured, I’ve embarked on creating a demo application to showcase how it can be done as part of my fellowship with RadicalXChange Foundation.
VeilOS is the result of a few weeks of work to achieve the following through a proof-of-concept implementation:
The application is currently incomplete and is a work-in-progress. Expect massive changes as research are being conducted.
Voucher is the first application being launched on VeilOS. Once users have been added to a known group, they can generate and publish a voucher for a given topic, along with an optional message.
The voucher will satisfy 3 constraints:
In this example, we simulate a situation where a government agency has added citizens who are identified as food insecured into a group. Citizens in that group can now generate a voucher every day to exchange for packed meals.
Organisations distributing these packed meals can launch the application by targeting the food insecured group, setting the topic as the program name appended with the date and adding the organisation name as the message.
Once the application has been launched, a QR code will be generated to be scanned by the beneficiary.
The beneficiary simply launches their application (initialized with the identity registered with the group) and scans the QR code to be taken to the voucher generation page.
Upon clicking on confirm, the voucher will be generated and submitted to VeilOS for verification. Once verification has been completed, the beneficiary will receive a confirmation that the voucher has been successfully claimed, along with an unique code to the voucher.
At the same time, the organisation distributing the packed food will also be able to see that there is a new voucher generated with the same unique code and can now proceed to distribute the packed food to the beneficiary.
In this example, the VeilOS application ensures:
While each beneficiary will register with the government agency with their identity card showing their public identity (in this case 5250887317885314878170299310585808682203354203924329162758682586025860956143) during registration, these identifiers are never published on the generated voucher.
Instead, ZKP is used to ensure that the constraints were enforced and the voucher is valid. Since the entire voucher is also publicly available, anyone may validate the validity of the voucher.
Since valid vouchers may only be generated by those in the group, the vouchers also serve as solid audit records for the distributing organisation who are accountable to donors and regulatory organisations.
Suppose that the beneficiary attempts to generate more than one voucher for a given topic (even with different message), the submission will easily be voided and an error message will be returned.
This is achieved by comparing the
nullifier value of the vouchers as the nullifier value is deterministically derived from the beneficiary’s identity and the topic.
Finally, should anyone else other than the beneficiaries attempt to generate a voucher, they will fail to generate a valid
proof for the voucher.
Identity Group: Foreign Workers Employed in Singapore Topic: Whistleblowing_2020Q1 Message: Unserviced equipments at site #1234
Since the application does not reveal the identity of the voucher generator other than the fact that he is a member of a group, it can be used for different whistleblowing schemes.
Discussed in a previous memo, this can be used for cases like:
Identity Group: Citizens of US Topic: US_PRESIDENTIAL_ELECTION_2020 Message: Joe Biden
Similarly, the message on the voucher can also be used to signal support for a candidate in an election or a proposal on a referendum.
Use cases that are similar:
Identity Group: Citibank PremierMiles Card Holders Topic: AIRPORT_LOUNGE_ACCESS_2020_P1 Message: SATS Premier Lounge
The vouchers can also be used to coordinate privileges of credit card (or any privilege card or membership card) holder. In the example above, credit card holders can generate vouchers in exchange for lounge access without sharing their identity with the lounge operators. In addition, credit card companies can easily enforce the limits on number of lounge access (and therefore their liabilities) across multiple lounge operators.
This can also give rise to more interesting product offerings by these companies. For instance the credit card company can allow their priority customers to claim one “expensive” birthday treat (think a dinner, or spa, or activities) across all the companies they partner with, without sharing information of these card holders with the partners.
Identity Group: Citizens of Singapore Topic: MASK_COLLECTION_ROUND_3 Message: Hougang CC
Finally, as the name voucher suggest, it can be used to exchange for goods & services that are rationed. Some potential use cases:
Other than conventional goods & services, the voucher can be used to exchange for the rights to use e-services to limit registration to a known group of people to prevent sybil attack and frauds.
For instance P2P selling platforms (such as Craigslist or Carousell) can allow users to exchange a voucher to register for an account on their platform:
Identity Group: Citizens of Singapore Topic: CAROUSELL_ACCOUNT Message: <username>
This will enforce that a user is a citizen of Singapore and that he may only possess at most one account without revealing more information such as name, age, personal ID, etc.
The application currently only runs on Firefox browser. Other browsers will throw an error
Maximum call stack size exceeded.
If you would like to try VeilOS out right now, you may assume the identity of any of the users in the identity group
One hundred identities are generated and inserted into that group. You may import any of the identities below to start playing with VeilOS:
*You will be able to create your own identity group, generate your own identity and add identities to your own group when more features are rolled out.
The current application is still undergoing development and here are some interesting feature that is in the pipeline:
If you have feedback on the application or would like to contribute to it’s development, feel free to contact me here.