zkLogin: Privacy-Preserving Blockchain Authentication with Existing Credentials
- URL: http://arxiv.org/abs/2401.11735v1
- Date: Mon, 22 Jan 2024 07:23:58 GMT
- Title: zkLogin: Privacy-Preserving Blockchain Authentication with Existing Credentials
- Authors: Foteini Baldimtsi, Konstantinos Kryptos Chalkias, Yan Ji, Jonas Lindstrøm, Deepak Maram, Ben Riva, Arnab Roy, Mahdi Sedaghat, Joy Wang,
- Abstract summary: We develop zkLogin, a novel technique that leverages identity tokens issued by popular platforms to authenticate transactions.
At the heart of zkLogin lies a signature scheme allowing the signer to textitsign using their existing OpenID accounts and nothing else.
We have implemented and deployed zkLogin on the Sui blockchain as an alternative to traditional digital signature-based addresses.
- Score: 2.8023129538522853
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: For many users, a private key based wallet serves as the primary entry point to blockchains. Commonly recommended wallet authentication methods, such as mnemonics or hardware wallets, can be cumbersome. This difficulty in user onboarding has significantly hindered the adoption of blockchain-based applications. We develop zkLogin, a novel technique that leverages identity tokens issued by popular platforms (any OpenID Connect enabled platform e.g. Google, Facebook, etc.) to authenticate transactions. At the heart of zkLogin lies a signature scheme allowing the signer to \textit{sign using their existing OpenID accounts} and nothing else. This improves the user experience significantly as users do not need to remember a new secret and can reuse their existing accounts. zkLogin provides strong security and privacy guarantees. By design, zkLogin builds on top of the underlying platform's authentication mechanisms, and derives its security from there. Unlike prior related works however, zkLogin avoids the use of additional trusted parties (e.g., trusted hardware or oracles) for its security guarantees. zkLogin leverages zero-knowledge proofs (ZKP) to ensure that the link between a user's off-chain and on-chain identities is hidden, even from the platform itself. We have implemented and deployed zkLogin on the Sui blockchain as an alternative to traditional digital signature-based addresses. Due to the ease of web3 on-boarding just with social login, without requiring mnemonics, many hundreds of thousands zkLogin accounts have already been generated in various industries such as gaming, DeFi, direct payments, NFT collections, ride sharing, sports racing and many more.
Related papers
- The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols.
Existing approaches for threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol.
We propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds.
arXiv Detail & Related papers (2024-07-16T20:53:04Z) - Private Blockchain-based Procurement and Asset Management System with QR Code [0.0]
The developed system aims to incorporate a private blockchain technology in the procurement process for the supply office.
The procurement process includes the canvassing, purchasing, delivery and inspection of items, inventory, and disposal.
The study recommends the use of private blockchain-based technology with the procurement and asset management system in the supply office.
arXiv Detail & Related papers (2024-07-12T15:27:36Z) - Towards Credential-based Device Registration in DApps for DePINs with ZKPs [46.08150780379237]
We propose a credential-based device registration (CDR) mechanism that verifies device credentials on the blockchain.
We present a general system model, and technically evaluate CDR using zkSNARKs with Groth16 and Marlin.
arXiv Detail & Related papers (2024-06-27T09:50:10Z) - Blockchains for Internet of Things: Fundamentals, Applications, and Challenges [38.29453164670072]
Not every blockchain system is suitable for specific IoT applications.
Public blockchains are not suitable for storing sensitive data.
We explore the blockchain's application in three pivotal IoT areas: edge AI, communications, and healthcare.
arXiv Detail & Related papers (2024-05-08T04:25:57Z) - VELLET: Verifiable Embedded Wallet for Securing Authenticity and Integrity [0.6144680854063939]
This paper proposes a new protocol to enhance the security of embedded wallets.
Our VELLET protocol introduces a wallet verifier that can match the audit trail of embedded wallets on smart contracts.
arXiv Detail & Related papers (2024-04-05T03:23:19Z) - Pisces: Private and Compliable Cryptocurrency Exchange [7.907585289497186]
We propose a cryptocurrency exchange that restores user anonymity for the first time.
Since the platform knows highly sensitive user private information such as passport number, bank information etc, linking all (on-chain) transactions raises a serious privacy concern.
We also ensure that the user cannot double spend, and the user has to properly report accumulated profit for tax purposes, even in the private setting.
arXiv Detail & Related papers (2023-09-04T15:33:46Z) - BlockChain I/O: Enabling Cross-Chain Commerce [2.391161450948918]
We present BlockChain I/O, a framework for cross-chain commerce.
We show how to use BlockChain I/O to implement a cross-chain marketplace.
We also discuss how its desirable properties continue to hold in the end-to-end system.
arXiv Detail & Related papers (2023-08-04T06:51:50Z) - PBL: System for Creating and Maintaining Personal Blockchain Ledgers [3.5897534810405403]
This work presents a novel architecture for creating and maintaining personal blockchain ledgers.
Our system utilizes independent modular services, enabling individuals to securely store their data in a personal blockchain ledger.
Using rigorous mathematical methods, we prove that our system produces append-only, immutable, tamper-evident, tamper-resistant ledgers.
arXiv Detail & Related papers (2023-05-08T14:17:27Z) - Secure access system using signature verification over tablet PC [62.21072852729544]
We describe a highly versatile and scalable prototype for Web-based secure access using signature verification.
The proposed architecture can be easily extended to work with different kinds of sensors and large-scale databases.
arXiv Detail & Related papers (2023-01-11T11:05:47Z) - Token Spammers, Rug Pulls, and SniperBots: An Analysis of the Ecosystem of Tokens in Ethereum and the Binance Smart Chain (BNB) [50.888293380932616]
We study the ecosystem of the tokens and liquidity pools, highlighting analogies and differences between the two blockchains.
We estimate the lifetime of the tokens, discovering that about 60% of them are active for less than one day.
We present an exit scam fraud and quantify its prevalence on both blockchains.
arXiv Detail & Related papers (2022-06-16T14:20:19Z) - Quantum-resistance in blockchain networks [46.63333997460008]
This paper describes the work carried out by the Inter-American Development Bank, the IDB Lab, LACChain, Quantum Computing (CQC), and Tecnologico de Monterrey to identify and eliminate quantum threats in blockchain networks.
The advent of quantum computing threatens internet protocols and blockchain networks because they utilize non-quantum resistant cryptographic algorithms.
arXiv Detail & Related papers (2021-06-11T23:39:25Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.