From zkRollup to accessible identities for all

Posted by Sacha Saint-Leger on March 19, 2020

Our mission at iden3 is to create a decentralized, privacy-preserving, and censorship resistant identity system that is accessible to all.

This mission is in service of our vision: to give communities the freedom to self-organise, and every human the power to be themselves.

Recently, you may have noticed that we’ve been talking a great deal about zkRollup - an Ethereum scaling solution. And you may have (rightly) wondered why we care so much about zkRollup, given that our mission is to create a censorship resistant identity system.

This post is an attempt to explain the link between the two.

One of our fundamental goals is for iden3 identities to be universal and accessible for all.

Claims are a key piece of this puzzle. You can think of a claim as a statement: something an identity is saying.

Most of the time, these statements refer to other identities. In other words claims usually create relations between identities.

For example, when a university (identity) says that a student (identity) has a degree, this is a statement (claim) about the student. This statement creates a relation between the student and the university.

Claims can be public or private. And it turns out that almost anything we say or do can be thought of as a claim. Company invoices, Facebook likes, email messages, can all be thought of as claims.

With our technology, if an identity wants to create many claims, they can put them all in a database, construct a Merkle tree of that database, and then publish (with a transaction) the root of the Merkle tree on-chain (along with a publicly verifiable cryptographic proof that this root is correct).

If the identity wants to update the claims at later stage, they simply repeat the same process and publish the new root of the Merkle tree (along with a new cryptographic proof).

This method of making a claim is what we call a direct claim.

And while it works pretty well for governments and large corporations - by giving them the ability to add/modify millions of claims in a single transaction - it’s not so useful for the average user who may only need to make a few claims a week.

This is where the twin concepts of indirect claims and trustless relayers come in handy.

Instead of having to pay gas every time to update the Merkle root on-chain, indirect claims allow users to send claims off-chain to a relayer.

The idea is that with relayers 📢 , millions of users can create millions of claims on mainnet without spending any gas (since the relayer is responsible for batching the claims and publishing the transactions).

On top of this, using zero-knowledge proofs we can ensure that the relayer is trustless. In other words, we can make sure the relayer can’t lie about the claims we sent them. The worst they can do is not publish them (and if this happens we as the user always have the choice to change relayers).

Why are we mentioning all this?

There’s a symmetry between how trustless relayers batch claims (which are in fact just transactions), and how provers batch transactions in zkRollup.

In fact, our trustless relayer uses the same technology as zkRollup (you can find the very first implementation of our relayer circuit here).

Importantly, this also means that implementing zkRollup allows us to audit and test most of the circuits used for our identity technology.

In other words, making zkRollup a reality is a key step to ensuring universal and accessible identities for all.

P.S. If we’ve piqued your curiosity, our zkRollup is currently up and running on ethereum’s Göerli testnet. To check it out, see our tutorial at zkrollup.io. All feedback welcome :)