We are still not out of the dark days of web3. Far from it.
From Binance’s CFTC’s lawsuit, to LUNA’s Do Kwon(finally) getting arrested and threats of USDT going poof after Signature Bank links were uncovered, the space is filled with controversy.
One big source of problems for the space, particularly for Binance’s case, is the lack of sufficient KYC/AML protocols. Caught between a rock and a hard place, companies have to balance the values of permissionless acting and anonymity, held as a foundational principle by many, and the sheer unavoidable fact that you need to generate trust to run a resilient business. Both from the supply and demand end.
So how can we do this?
One possible solution is to use zero-knowledge proofs (ZKPs), a cryptographic technology that allows users to prove something without revealing any information. ZKPs can enable on-chain KYC without compromising users’ privacy and data security, and one project that is leading the way in this field is Polygon ID.
Wait, What are ZKPs Again?
Zero-knowledge proofs (ZKPs) are a cutting-edge cryptographic technique that allows one party to prove the authenticity of a statement to another party without revealing any additional information. This concept offers significant potential in web3, particularly for identity verification and privacy preservation.
ZKPs have many applications in web3, especially for identity and privacy. With ZKPs, users can prove their identity or attributes without disclosing any personal information or compromising their privacy.
We have discussed zk protocols extensively in the past, so if you are rusty on the concept please check out our in-depth article here.
Or, if you are a real nerd and want to dive into the maths, indulge here.
Refreshed? Awesome, back to Polygon ID.
How does Polygon ID Utilise ZkProofs for KYC?
Polygon ID harnesses ZKPs to enable users to generate proofs from their verifiable credentials (VCs) and verify them on-chain.
The platform also utilises a ZK-Query language, allowing users to create complex queries from their VCs, leading to more expressive and composable proofs that cater to a variety of use cases.
The protocol has four main features:
- Blockchain-based ID: Users can create their own DIDs on the Polygon network, which are globally unique and self-sovereign identifiers that can be used to interact with other web3 services.
- Zero-knowledge native protocols: Users can store their VCs in their personal wallets, which are digital documents that contain claims or attestations about their identity or attributes. Users can also use ZKPs to selectively disclose or prove their VCs without revealing any personal information or compromising their privacy.
- Scalable and private on-chain verification: Users can use ZKPs to verify their VCs on-chain, which means they can interact with smart contracts or other DIDs based on their credentials. This enables trustless and efficient verification without relying on third parties or exposing sensitive data.
- Open to existing standards and ecosystem development: Polygon ID is compatible with existing identity standards and frameworks, such as Iden3, Circom, EIP-712, ERC-1056 and ERC-1484. Polygon ID also supports various types of credentials, such as KYC, reputation, social media, education, etc.
Why is Polygon ID revolutionary for KYC on the web3 space?
KYC (know your customer) is a process of verifying the identity of customers or users of a service. KYC is often required by regulators or service providers to prevent fraud, money laundering, terrorism financing or other illicit activities.
However, KYC also poses many challenges for web3 users, such as:
- Lack of privacy: Users have to disclose their personal information to third parties, which exposes them to data breaches, identity theft or surveillance
- Lack of control: Users have no control over how their data is used, shared or stored by third parties, which violates their self-sovereignty and consent.
- Lack of interoperability: Users have to repeat the KYC process for each service they sign up for, which creates friction and inefficiency.
Polygon ID solves these challenges by using ZKPs to enable privacy-preserving and self-sovereign KYC on the web3 space. With Polygon ID, users can:
- Preserve their privacy: Users can prove their KYC credentials without disclosing any personal information or compromising their privacy. They can use ZKPs to selectively disclose or prove their credentials on-chain, which means they only reveal the minimum information necessary for verification.
- Control their data: Users have full control over their data and identity. They can store their credentials in their personal wallets, and decide who to share them with and for what purpose. They can also revoke or update their credentials at any time.
- Reuse their credentials: Users can reuse their credentials across multiple web3 services, which reduces friction and inefficiency. They can also leverage existing standards and frameworks, such as Iden3, Circom, EIP-712, ERC-1056 and ERC-1484, to increase interoperability and compatibility.
Polygon ID is not only useful for KYC, but also for many other use cases that require identity and trust on the web3 space. Some of these use cases are:
- Decentralised governance: Polygon ID can enable different models of decentralised governance, such as sybil-resistant liquid democracies, quadratic voting schemas, and reputation-based governance. Users can use ZKPs to prove their identity or attributes without revealing their personal information or compromising their privacy.
- Decentralised finance: Polygon ID can boost decentralised finance (DeFi) applications by enabling scalable and private on-chain verification of credentials. With ZKPs, protocols can check healthy credit history and income levels to ensure a higher level of quality in their ecosystem.
- Social media: To Elon Musks’ delight, Polygon ID poses the perfect solution to bot deterrence, as a human identity check can be performed on-chain, without prying on the privacy of users. This boosts confidence and standing in the online media sphere, promoting more meaningful user engagements.
The Challenges of ZKPs, Why they Aren’t Already Mainstream:
Though ZKPs hold potential for KYC in the blockchain realm, they come with their own set of obstacles. Some of these challenges include:
- Technological Complexity: ZKPs are sophisticated and novel as a solution, necessitating a deep understanding of maths and cryptography to develop and deploy. They also involve balancing efficiency, security, and expressiveness, calling for meticulous planning and fine-tuning.This poses an initial adoption resistance that still hasn’t been surpassed.
- Standardisation: ZKPs are still an evolving technology that lacks widely accepted standards and best practices. There are different types of ZKPs (such as SNARKs, STARKs, Bulletproofs, etc.) that have different properties and applications. There are also different protocols and languages for generating and verifying ZKPs (such as zk-SNARKs, zk-STARKs, zk-Rollups, etc.) that have different advantages and disadvantages.
- Regulation: ZKPs are a disruptive technology that challenges the existing regulatory frameworks and paradigms. ZKPs enable users to prove their identity or attributes without revealing any information or compromising their privacy, which may conflict with some regulatory requirements or expectations. ZKPs also raise new legal and ethical questions about the ownership, control, and accountability of data and identity.
These challenges are not insurmountable, but they require more research, development, education, and collaboration among various stakeholders in the web3 space. ZKPs are a powerful tool that can help us create a better world, but they also require careful and responsible use.
The web3 space is at a crossroads: it needs to find a way to comply with the growing regulatory demands without sacrificing the core principles of privacy and decentralisation.
The recent troubles of Binance, the largest and growingly controversial exchange in the space , show how difficult and urgent this task is. Binances CFDC lawsuit investigation is centred around alleged violations of anti-money laundering laws, securities laws, information reporting requirements, and other financial regulations.
These allegations have put Binance’s reputation and future at risk, and have raised serious concerns about the trustworthiness and legitimacy of the web3 space.
ZKPs can help the web3 space to overcome the challenges and trade-offs between privacy, security, and compliance, and to create a more transparent and accountable ecosystem. ZKPs can also help the web3 space to gain institutional trust and acceptance, and to foster innovation and growth.
Perhaps it is time the industry starts working together, alongside increased regulation, to standardise the handling of identity, and finally create an ecosystem that is worthy of trust.
[Editor’s Note: This article does not represent financial advice. Please do your research before investing.]
Featured Image Credit: Chain Debrief
This article was written by Harry Velios and edited by Yusoff Kim