Skip to content

Introducing Zero Knowledge Credentials (ZKCreds), the latest addition to cheqd

cheqd - Introducing ZKCreds

cheqd becomes one of the first Decentralised Identity networks to enable Zero Knowledge Credentials, ‘ZKCreds’, also known as AnonCreds. Leveraging the renowned and widely used AnonCreds Verifiable Credential format, cheqd, alongside Animo, has built ZKCreds into our tech stack, opening the door to a more privacy-preserving online experience for users.

Introduction

Zero Knowledge has fast become one of the hottest topics in Web3, with projects across protocols boasting bold and powerful new tooling to enable more private and autonomous online experiences for users.

Zero Knowledge or a zero-knowledge-proof (ZKP) is “a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true while the prover avoids conveying any additional information apart from the fact that the statement is indeed true” (ExpressVPNP).

Put simply, a user is able to share only information that is necessary to the outcome required, and not all information they could reveal, but don’t need to. Combined with Verifiable Credentials (VCs), ZKPs offer a unique blend of privacy, flexibility and trust.

At cheqd, we’ve been determined to build ZKPs into the stack we offer to our partners, and fortunately, we haven’t had to do this alone. Thanks to the excellent leadership from the Hyperledger Indy and Hyperledger Aries communities, alongside our partner Animo, we’re thrilled to announce the support for Zero Knowledge Credentials (ZKCreds) on cheqd, using the widely known ‘AnonCreds’ Verifiable Credentials format.

Summary of AnonCreds & Zero Knowledge Creds

Across the SSI landscape, there is, of course, a broad range of use cases, which necessitate varying levels of privacy. For some, revealing more data than necessarily required is not of massive concern, for example, when less personal data is contained within the credential. However, for others, being able to prove the validity of a credential without revealing the claims, attributes or data within the credential itself is vital. For example, “ I don’t need to give up my full name or home address to prove I’m over 18”. Within a Web 3 context, “ I don’t need to reveal my wallet address to prove I hold a certain amount of a token”.

AnonCreds, short for ‘Anonymous Credentials’ — are a flavour of Verifiable Credentials that do this and more. Initially part of Hyperledger Indy, now in the Hyperledger AnonCreds project, Anoncreds have been used since 2017 and are one of the most commonly used Verifiable Credential (VC) formats in the world. Crucially, they are regarded as the standard for ZKP-based verifiable credentials, offering varying levels of privacy to the holder, dependent on the data being embedded.

However, as a Hyperledger native format, they have, for the most part, been tightly wedded to the Hyperledger Indy blockchain and an associated Hyperledger Aries Software Development Kit. This made it difficult for developers that want to reap the ZKP benefits of AnonCreds to leverage other networks’ unique value propositions — for example, the payment rails being built by cheqd.

Now, thanks to the work of the Anoncreds community, and the outstanding leadership from Timo Glastra and the Animo team, developers can issue AnonCreds on other chains. What makes this particularly poignant is that cheqd is one of the very first to offer Anoncreds on a non-Indy chain in a standard-compliant, highly performant and accessible format, which has been an industry-wide initiative, as we’ll come to.

Given the key value proposition of AnonCreds is the capability of zero-knowledge-proofs, we’ve chosen to coin the term ‘ZKCreds’ for their implementation on cheqd, given their zero-knowledge strengths and the broader level of understanding when compared to “Anon” as the key term.

ZKCreds x AFJ: opening the door to cheqd for current and future partners

Early on in our cheqd journey, we realised the Aries frameworks and AnonCreds dominance, reported in our blog post in April 2022 and have been eager to find a solution.

At cheqd, of our 42 SSI Vendors, 20+ are primarily issuing AnonCreds, or intend to, which currently requires the use of an Aries-centred Software Development Kit, such as Aries Framework Javascript — AFJ or Aries-Cloud-Agent-Python — ACA-Py.

With the release of the afj/cheqd-sdk module, cheqd’s current and prospective partners now have the ability to migrate their stack from Hyperledger Indy to cheqd, issuing AnonCreds with Aries Framework Javascript initially, with ACA-Py to follow.

Launching ZKCreds on cheqd also has a direct impact on cheqd’s tokenomics. Earlier this year, we introduced a ‘burn’ to the network as part of Tokenomics Part 4, whereby “A proportion of the identity transaction charges will be burnt to establish equilibrium with the inflation on the network and target total supply returning to a total initial supply of one billion $CHEQ.”

With AnonCreds, the writing of resources (DID-Linked Resources) such as Cred Defs, Schemas and Revocation Registries to the ledger are required, each with an associated price. Currently, 50% of identity transaction fees are burnt, however, recent community discussion has meant a proposal to push this to a 99% burn rate is imminent.

Building ZKCreds into cheqd… how did we do it?

In September last 2022, we released and demoed our AnonCreds MVP, working alongside Animo. The crucial requirement for a ledger-agnostic AnonCreds was the ability to store the required AnonCreds resources on-ledger. These include, Credential Definitions (CredDefs), which create an immutable record of key credential information in one place, schemas used to list a set of attributes a credential contains, and the resources associated with revoking a credential.

Ultimately this was made possible through our pioneering implementation of an on-ledger resource module, offering the capability to store and retrieve resources, known as DID-Linked Resources, due to the way they’re stored from the cheqd ledger.

In tandem with our initial MVP, conversations started heating up around the topic of making ‘ledger-agnostic AnonCreds’, and over the past six months, a phenomenal amount of effort has been put in by organisations, including the IETF and the AnonCreds Specification Working Group amongst others, into making this possible. This culminated in the migration of AnonCreds to Hyperledger (hence why the new AnonCreds format is formally known as ‘Hyperledger AnonCreds’). More than 25 sponsors supported the adoption of AnonCreds by Hyperledger, including representatives of Indicio, Accenture, IBM Research Europe, several universities, BC Gov, and Canadian provincial governments, demonstrating the scale of their adoption and the vast pool of potential partners and end customers.

What's next?

Moving forward, we’ll now be guiding our partners through integrating with cheqd, specifically with Aries Framework Javascript. Stay tuned for tutorials on getting started with ZKCreds using AFJ, and check out the cheqd AnonCreds Method here.

For those whose applications are centred around ACA-Py, we’ll also be working with Animo and other partners to build the support for ZKCreds with ACA-Py on cheqd. If you’re involved in ACA-Py development, we’d love to hear from you — reach out to [email protected] to flag your interest.

Separately, if you’re an identity developer, not yet building on cheqd, let’s connect! Reach out to [email protected] to learn more about cheqd and how we may be able to help you.

We’ll also be hosting a series of webinars and workshops geared towards helping you to ‘Build ZKCreds on cheqd’. If you’re interested in being involved, please reach out to [email protected].

Share

Related articles

join the community

Become a cheqmate

Join our community to learn more about what we’re building. Get the latest news and insights in our groups below.