Cross-platform zero knowledge proofs.
Git issues and other communications are warmly welcomed. [email protected]
jvm
, node + npm
, clj
, shadow-cljs
{nuid/zk {:git/url "https://github.com/nuid/zk" :sha "..."}}
$ clj # or shadow-cljs node-repl
=> (require
#?@(:clj
['[clojure.spec-alpha2.gen :as gen]
'[clojure.spec-alpha2 :as s]]
:cljs
['[clojure.spec.gen.alpha :as gen]
'[clojure.test.check.generators]
'[clojure.spec.alpha :as s]])
'[nuid.cryptography :as crypt]
'[nuid.zk :as zk])
=> (def parameters (gen/generate (s/gen ::zk/parameters)))
=> (def secret "high entropy ✅")
=> (def pub (zk/pub (assoc parameters :secret secret)))
=> (def nonce (gen/generate (s/gen ::crypt/nonce)))
=> (def parameters (merge parameters {:pub pub :nonce nonce}))
=> (def good-proof (zk/proof (merge parameters {:secret secret})))
=> (def bad-proof (zk/proof (merge parameters {:secret "garbage 🚮"})))
=> (zk/verified? (merge parameters good-proof))
=> (zk/verified? (merge parameters bad-proof))
$ npm install -s @nuid/zk
$ node
> var Zk = require('@nuid/zk');
// client context, sign up
> var secret = "high entropy ✅"
> var verifiable = Zk.verifiableFromSecret(secret);
> var json = JSON.stringify(verifiable);
// server context, sign up
> var verifiable = JSON.parse(json);
> Zk.isVerified(verifiable)
> var credential = Zk.credentialFromVerifiable(verifiable); // persist credential (db, ledger, ...)
// server context, sign in
> var challenge = Zk.defaultChallengeFromCredential(credential); // retrieve credential (db, ledger, ...)
> var json = JSON.stringify(challenge);
// client context, sign in
> var challenge = JSON.parse(json);
> var proof = Zk.proofFromSecretAndChallenge(secret, challenge);
> var json = JSON.stringify(proof);
// server context, sign in
> var proof = JSON.parse(json);
> var verifiable = Zk.verifiableFromProofAndChallenge(proof, challenge)
> Zk.isVerified(verifiable) ? /* verified */ : /* unverified */ ;
The npm
package is browser-compatible in Webpack-like workflows.
To call nuid.zk
from Java or other JVM languages, use one of the recommended interop strategies (var/IFn or uberjar/aot). Doing so may require modifications or additions to the API for convenience.
The purpose of nuid.zk
and sibling nuid
libraries (e.g. nuid.bn
) is to abstract over platform-specific differences and provide a common interface to fundamental dependencies. This allows us to express dependent logic (e.g. nuid.zk
) once in pure Clojure(Script), and use it from each of the host platforms (Java, JavaScript, CLR). This is particularly useful for generating and verifying proofs across service boundaries.
Apache v2.0 or MIT
This library is property tested to help verify implementation, but has not yet been audited by an independent third party.