Optimistic ZK-TLS Model
Deeproof utilizes a model we call Optimistic ZK-TLS to bridge data from HTTPS sessions to the blockchain.
What is ZK-TLS?
TLS (Transport Layer Security) is the protocol that secures HTTPS connections. ZK-TLS allows a user to prove to a third party what data they received over a secure TLS connection, without revealing the session keys or unrelated data.
our Approach: "Optimistic" Verification
Deeproof uses a pragmatic implementation of this concept using the Reclaim Protocol and browser-side interception.
Why Optimistic?
Full ZK-TLS proofs can be computationally heavy and slow to generate. To ensure a smooth user experience (UX), Deeproof uses an optimistic approach:
- Passive Interception: The Chrome Extension acts as a local witness. It observes the HTTPS traffic between the user and the provider (Binance).
- Local Proof Generation: The proof is generated locally on the user's machine.
- Trust Assumption: The model assumes the integrity of the browser environment and the extension's execution context for the data capture phase.
Trust Assumptions & Security
- Provider Integrity: We trust that the identity provider (e.g., Binance) accurately reports the user's KYC status.
- Client Integrity: The initial data capture happens in the user's browser. We use local ZK constraints to ensure that the output proof strictly corresponds to the captured data.
- Privacy: The system is designed so that even if the Deeproof servers were compromised, user data would remain safe because it never leaves the user's browser in raw form. Only the proof is transmitted.
Handling Disputes
While the current version focuses on optimistic onboarding, future iterations will include:
- Fishermen/Watchers: Automated actors that can challenge invalid proofs.
- Economic Staking: Provers may stake tokens that can be slashed if a fraudulent proof is detected.