ING says it has solved the privacy versus security trade-offs on R3's Corda network through the application of a 'zero knowledge proof notary'.

Like a notary whose job is to witness the signing of documents to validate them, the zero knowledge proof notary evaluates whether a blockchain transaction is valid or not, but without seeing its contents.



Corda’s current notary services provide two options: a validating and a non-validating notary.



“In the case of the validating one, the notary sees the contents of a transaction before it determines if the information is correct, which means participants lose privacy,” explains Mariana Gomez de la Villa, programme director of ING’s blockchain team.



“A non-validating notary doesn’t see a transaction’s content, which creates a security risk where the notary could sign off the wrong transaction if a malicious participant builds an invalid transaction. However it protects participants against double-spends, an attack where someone could spend the same asset twice, as does the validating notary.”



The proof of concept is the fourth in a series of zero knowledge solutions from the Dutch bank. Launched in 2017, zero knowledge range proof (ZKRP) allows a blockchain network to validate that a secret number is within known limits without disclosing it. For example, a mortgage applicant could prove that their salary sits within a certain range without revealing the exact figure.



A year later, ING took the idea a step further and introduced zero knowledge set memberships (ZKSM), going beyond numerical data to include other types of information, like locations and names, enabling banks to validate that a new client lives in a country that belongs to the European Union, without revealing the country.



The third release, Bulletproofs, is faster than previous zero knowledge proofs and doesn’t require a trusted setup.