Decentralised Futures Proposal : Establishing Proof of Personhood Infrastructure and Building zkLogin on Polkadot Using Reclaim Protocol

Proposal Context and Problem Overview

Currently, users are accustomed to logging into centralized login systems such as Google, Facebook, and Twitter to access these services, but they have no way to use this on-chain. These conventional login methods are incompatible with on-chain verifications, thus creating a disconnect between user identities on different centralized platforms and restricting their utility on-chain across Dapps.

Reclaim protocol will allow Dapps within the Polkadot ecosystem to provide zk login for its users. It will enable Dapp users to log into any website and generate a zkproof of their login that can be verified on chain. Reclaim Protocol makes https traffic verifiable using Zero-Knowledge Proofs, enabling users to generate verifiable credentials from any of their online user profiles. This unlocks unlimited possibilities as no APIs are required or no changes to be made to the websites to extract user private data, while guaranteeing data integrity. Web2 user data which was elusive to Web3 till now will be available to builders across the Polkadot ecosystem. This opens up opportunities for a new wave of applications that can support zklogin, proof of personhood and bot protection.

Through our research, we have identified zklogin and epassport to be an important use case for Dapp builders and users that can be implemented uniquely through Reclaim Protocol. Through Reclaim, users can not only validate their login credentials but also provide verifiable proofs of various personal attributes and activities. For instance, they can prove the number of rides taken on Uber, expenditures on Amazon, or their scores on Chess .com, thereby establishing a robust proof of personhood which is instrumental in combating fraudulent actors and bots. Such proof of personhood can now be made available onchain via Reclaim protocol within the Polkadot ecosystem.

Reclaim Protocol Technical Deep Dive

Reclaim empowers users to generate Zero-Knowledge Proofs for any online user profile. To generate a claim, users first need to log into the relevant website. This login process, involving an HTTPS request and its subsequent response, is channeled through an HTTPS Proxy Server known as an ‘attestor’. This attestor oversees the encrypted data exchange between the user and the website. Subsequently, users provide keys that disclose non-sensitive parts of the request to the attestor. With this, the attestor can view the request in its entirety, barring confidential details like authentication data, and can confirm its legitimacy.

The website’s encrypted response is then processed by a zk-circuit, which identifies a regex match within the encrypted data using a decryption key as a confidential input. The attestor further validates that the zk-circuit’s public input was indeed the encrypted data sourced from the website. With these attestations on both the request and the encrypted response, coupled with the zk-proof, any third-party application, whether on-chain or off-chain, can verify the existence of data that exists on the user’s profile.

Sequence Diagram2100×1224 131 KB

User credentials in Reclaim Protocol are generated and stored completely on the client side. Using Reclaim, users can generate Proofs(Groth16) in less than 10 secs even on a 2015 Android Device!

Reclaim Protocol Demo - Link

Adoption

Reclaim Protocol is live on production and is currently used by experienced Dapp developers to build novel use cases such as a whistleblower protocol, decentralised P2P exchange, which has already done ~$160,000 in volumes in just nine weeks after launch.

Benefits of zk Login and Proof of Personhood through Reclaim’s Integration with Polkadot:

• Familiar login on dapps Transitioning from Wallets to familiar logins such as Google Login will offer a streamlined onboarding experience for users. By establishing a gas tank, a dApp’s front end can enable users to engage on-chain without the necessity of a wallet. Subsequently, dApps can identify users on-chain through off-chain logins. This represents a substantial user experience enhancement compared to the current requirement of installing a wallet prior to interacting on-chain. zkLogin makes wallets a beneficial but non-essential component for dApp usage.
• Bot Protection - By leveraging data from off-chain real-world actions, a robust proof of personhood construct can be built. For instance, if a user has completed 50 Uber rides, spent $1000 on Amazon, and holds an 1100 rating on Chess .com, the likelihood of them being a bot is significantly reduced. Rather than relying on on-chain activity, which can be easily manipulated to ascertain whether a user is a bot, utilizing off-chain data to formulate a user’s humanness profile can effectively weed out bots that significantly hampers Web3 usability today.

Target Audience

Our proposal primarily aims to benefit builders to seamlessly leverage Reclaim protocol into their Dapps and get access to Web2 user data gated by Web2 servers to build innovative use cases. Moreover, these builders can leverage zkLogin, Proof of Personhood, bot protection primitives built by our team to significantly enhance new user onboarding and user experience.

Additionally, all end users will significantly benefit from the primitives such as zklogin, proof of personhood, thereby experiencing a significant user experience enhance across Dapps within the Polkadot ecosystem.

Why build on Polkadot Ecosystem?

We are a small team with finite resources, and want to collaborate with ecosystems that demonstrate a genuine commitment to enable use cases that are likely to scale to a billion users. Specifically, we want to build on ecosystems that exhibit a strong desire to leverage Web2 sources to provide seamless user onboarding and bot protection. To our knowledge, there hasn’t been any other ecosystem that has declared its dedication to streamlining user onboarding and experience and bot protection.

Moreover, our research into the Polkadot ecosystem and community regarding the necessity and use cases surrounding user experience and onboarding gave us a clear understanding of Polkadot’s ecosystem’s priorities which strongly aligns with our approach to to enhance user experience through zk login and bot protection.

Team and our Competitive Edge

Reclaim Protocol is built by the team at CreatorOS Inc. We are a 20+ member engineering and web3 product development & research team including ZKP researchers and with previous affiliations to Stanford, Microsoft, Meta and Google. We have also built - Questbook.app, an industry-leading on-chain grants management tool that is used by some of the major L1/L2s including Polygon, Solana, Compound, Arbitrum, and TON, among others. CreatorOS is a YC W21 company.

We welcome the community members to share their feedback, comments and questions.

this is an interesting proposal and I just linked your post to our initiative for a bounty dedicated to sybil-resilience. Let us know if you’re open to joining forces for a pro-plurality bounty.

the concept with an attestor proxy that only observes encrypted content and verifies sounds interesting and it seems to solve the confidentiality challenge. Curious to learn more about it.

But what about integrity of attestors? Reclaim proposes a attestor selection protocol which is based on slashing collateral which attestors need to lock AFAIU. This will limit the security guarantees in the range of that collateral, right? We have a similar problem like collateralized oracles. If attestors are required to lock a lot of collateral , they may be forced to charge relatively high fees for their opportunity cost and risk which will not be very inclusive for low-income users.

I’d just like to mention a potential for collaboration with Integritee’s TEEracle: non-repudiation collateral-free oracles based on TEEs

Hi @brenzi, thank you for sharing your kind words and insightful comments.

Let us know if you’re open to joining forces for a pro-plurality bounty.

Sure, we would love to connect with you and discuss ways we can collaborate in detail. Could you share your PM details over Discourse DM? Otherwise, I can be reached at @roohchill on Twitter.

But what about the integrity of attestors? Reclaim proposes a attestor selection protocol which is based on slashing collateral which attestors need to lock AFAIU. This will limit the security guarantees in the range of that collateral, right? We have a similar problem like collateralized oracles. If attestors are required to lock a lot of collateral, they may be forced to charge relatively high fees for their opportunity cost and risk which will not be very inclusive for low-income users.

While it’s true that the attestors will incur an opportunity cost from having to lock in collateral, we believe that this cost should end up being manageably low. Doing a quick back-of-the-envelope calculation, Ethereum stakers right now are receiving less than 5% APY, so let’s assume the opportunity cost is 5% of the staked funds per year.

Suppose that on average an attestor verifies three proofs per day (in reality it could be much higher). That will amount to 1095 proofs per year. Dividing the 5% APY opportunity cost by 1095 transactions gives a cost of about 0.005% of the attestor’s stake per transaction. The size of the attestor stake needed will depend on the security desired for their proofs, we discuss this in detail in our whitepaper, but using a reasonable value of $1000 worth of stake gives a cost per proof of 5 cents. The other costs to the attestors would be any risk of losing their collateral, electricity costs, and opportunity cost of computational power. But if the attestor is behaving honestly we believe the risks will be very low, and the other two costs should be low as well. Happy to discuss this in detail when we connect.

Establishing personhood and creating a user friendly and trackable login solutions are key to the success of the space.

Great proposal, super useful functionality from marketing and reporting perspectives.

Excited to this idea develop further.