[NCR#1 Proposal] zkEmail Implementation Nethermind's Application

[Fantoni0]

Title: Zk-Email Implementation Proposal

Summary

This is a proposal to develop in Noir a version of [zkemail.xyz](http://zkemail.xyz) application. zk-email allows users to verifiably prove ownership of a particular email address. On a high level, this is done as follows. First, the user requests a trusted vendor to email them containing the user’s email address. This could be, for example, a password reset request sent by Twitter. Such an email contains Twitter’s signature on the hash of the email content. The content is parsed by a regular expression that exports a predefined field and shows its correctness in a zero-knowledge manner. Importantly, no other fields of the email are revealed. (In principle, this mechanism could be used to show predicates of the extracted field without publishing it.)

It’s worth noticing that zk-email can be used to prove more sophisticated predicates than email address possession. Namely, the app functionality will allow the user to prove the provenance of arbitrary fields of email messages, such as bank account balance, credit history, social media username, etc.

Methodology

The application will be developed in Noir version 0.33.0 (the latest at the time of writing this application) using the default proving backend. Unless required otherwise by the application.

For the Zk-Email protocol, we propose building a scaffolding for Zk-Email applications using Noir. The protocol will work for X/Twitter, but with some relatively minor modifications, it should work for other service providers, like Venmo. We’ll base our approach on the string search methods already available to Noir.

Similar to the proof-of-concept described at zkemail.xyz, we propose the following protocol.

1. The user requests a password change link from X/Twitter.
2. Twitter sends an email to the user. Importantly, the email contains a DKIM field with the service’s RSA signature on, among others, the user’s email address.
3. The user makes a zero-knowledge proof for:
4. Public input:
   1. Sender’s domain. This is needed, so the verifier can take the sender’s public key to verify the signature.
   2. RSA signature parameters
   3. user’s email address
   4. hashed message body
5. Private input:
   1. Message body
   2. Length of the message body
   3. DKIM signature of the email
6. The user submits the generated proof and public instance to the zk-email application, where the proof is verified.
7. If the proof is verified correctly, the information about the user’s verified account is processed.

Additionally, we propose building a minimal web application to allow non-technical end users to interact and generate proofs with the zk-email application. Such a web application will consist of a single-page site built with standard web technologies such as HTML, CSS, and JavaScript. For this deliverable, any static website hosting should suffice to store and serve the application, but we’re not including such selection in our estimations.

Timeline and Deliverables.

Deliverable 1. ZK-Email Application

• 6 weeks to implement a functional Noir program.
• The deliverable will include the Noir codebase and the required dependencies to build a valid and correct proof for an X/Twitter e-mail. The proof generation will be carried out from the command-line.

Deliverable 2. Frontend PoC

• 2 weeks to implement a single-page site that allows for interaction with the zk-email application.
• This deliverable includes a local webpage that will provide functionality similar to https://twitter.prove.email/. The proof will be generated in the user’s browser.

Team

The team will consist of the following members, each with experience in developing Zk-Email protocols.

Antonio Larriba Flor: Ph.D. in Cryptography, specifically focusing on electronic voting and anonymous identification. With over eight years of experience in academic research and five years of professional engagement in the blockchain environment (including Ethereum, Polkadot, and Cosmos). Antonio has worked on trustless bridging between ecosystems and privacy-focused projects based on zero knowledge. For further details, you can check his CV at: https://github.com/Fantoni0/Fantoni0.github.io/blob/master/doc/cv.pdf.

Nikolaos Dimitriou: MSc in Information Security at UCL with a Cryptography and Blockchain
technology direction, specifically his thesis was focused on solving
identity problems and anonymous credentials on Web3. Nikolaos has worked
on a variety of engineering problems raging from a mobile application
development, to blockchain application using zk DSLs and zk EVMs (Mina,
Noir, Circom, Risc-0, etc.), along with research problems such as
designing and developing new credentials systems. For further details,
you can check his CV here: https://github.com/NiDimi/doc/blob/main/Nick_Dimitriou.pdf

Michael Belegris: MSc in Information Security with a focus in
cryptography and blockchain applications. Michael has worked on
engineering research by implementing newly published zk-friendly hash
functions for use on-chain, off-chain and in circuits as well as
implementing attacks on mix-networks proving their insecurity.
Additionally, Michael has helped in the teaching of block ciphers by
building a learning tool for the AES and DES ciphers. This can all be
seen on his GitHub at https://github.com/Mbelegris.

Start Date

• Starting date: 06/09/2024.

Questions

• We are interested in researching regex compatibility for Noir. But we consider 2 months might not be enough. Would you be interested in a longer collaboration after this one?

[Divide-By-0]

Since zk email in Noir already exists: https://github.com/Mach-34/zkemail.nr/ i suspect you can take less than 6 weeks for that, and regex should for sure be doable in 2 months with 3 people if you just piggyback off of the existing min-dfa compiler in the zk-regex repo, and you can convert that transition table to Noir lookups.

[Savio-Sou]

Selected proposals for NCR#1 are announced: https://github.com/orgs/noir-lang/discussions/5932

Thank you for your support on the initiative. NCR is just one of the many ways to start your explorations with Noir, check the announcement for more potential ways to collaborate.

Let's bring the world ZK!