zk-SPARQL - Speaker Deck

Slide 1

Slide 1 text

zk-SPARQL: verifiable and anonymous personal datastore supporting SPARQL queries November 15, 2022 Internet Identity Workshop (IIW) 35 Dan Yamamoto (Internet Initiative Japan Inc.) Joint work with: Yuji Suga (Internet Initiative Japan Inc.) Kazue Sako (Waseda University) Photo: CC BY 2.0 - Kanko* / Flickr https://www.flickr.com/photos/kankan/33346213/

Slide 2

Slide 2 text

Datastore 1 Data Consumer Datastore Data Source query data result consume data Data Source ...

Slide 3

Slide 3 text

Verifiable Datastore 2 Data Consumer Datastore Data Source query signed data result + signatures verify & consume signed data Data Source ... authenticity

Slide 4

Slide 4 text

Verifiable Personal Datastore 3 Data Consumer Datastore Data Source query signed data result + signatures verify & consume signed data Data Source ... authenticity privacy (signed data containing the query results must be fully disclosed for verification)

Slide 5

Slide 5 text

Verifiable & Anonymous Personal Datastore 4 Data Consumer Datastore Data Source query signed data result + proofs with selective disclosure verify & consume signed data Data Source ... authenticity privacy

Slide 6

Slide 6 text

Verifiable & Anonymous Personal Datastore 5 Data Consumer Datastore Data Source query signed data result + proofs with selective disclosure verify & consume signed data Data Source ... Issuer Issuer VC VC VP Verifier Holder zk-SPARQL

Slide 7

Slide 7 text

Example 6 Data Consumer Datastore Data Source query signed data result + proofs with selective disclosure verify & consume signed data Data Source ... { "type": "VerifiableCredential", "credentialSubject": { "id": "did:example:John", "type": "Person", "name": "John Smith", "homeLocation": "http://example.org/cityA", "birthDate": "2000-01-01", }, "proof": ... } { "type": "VerifiableCredential", "credentialSubject": { "id": "http://example.org/cityA", "type": "Place", "name": "City A", "maximumAtendeeCapacity": 10000 }, "proof": ... } SELECT ?population WHERE { ?s a :Person . ?s :homeLocation ?place . ?place a :Place . ?place :maximumAttendeeCapacity ?population . } { "type": "VerifiablePresentation", "verifiableCredential": [ { "type": "VerifiableCredential", "credentialSubject": { "id": "anoni:eX2hjL", "type": "Person", "homeLocation": "anoni:38CqTd" }, { "type": "VerifiableCredential", "credentialSubject": { "id": "anoni:eX2hjL", "type": "Person", "maximumAtendeeCapacity": 10000 } ], "proof": ... } { "population": 10000 }

Slide 8

Slide 8 text

Veanpods 7 ◼ Verifiable & Anonymous Personal Datastore • stores signed RDF data (= JSON-LD VC) • can be queried using zk-SPARQL, an extension of SPARQL • responds minimal result with zero-knowledge proof • supports unlinkability • and predicate proofs (as future work) • repository: https://github.com/zkp-ld/veanpods (super experimental version) Photo: CC BY 2.0 - Kanko* / Flickr https://www.flickr.com/photos/kankan/33346213/

Slide 9

Slide 9 text

Structure 8 RDF store zk-SPARQL processor SPARQL UI for owner BBS+ signatures for RDF bulletproofs, zk-SNARKs, ... secure storage SPARQL UI for consumer store-binding consumer authorization = YASGUI use SPARQL.js use quadstore based on jsonld-signatures-bbs Data Consumer Data Source Veanpods owner

Slide 10

Slide 10 text

Future Work 9 ◼ create, update, delete function (CRUD) ◼ more than SELECT queries, i.e., ASK, CONSTRUCT, ... ◼ rich predicate proofs ⚫ require general-purpose zero-knowledge proofs, e.g., zk-SNARK, zk-STARK, bulletproofs ◼ zk-GraphQL, zk-GQL, zk-Cypher, ... ⚫ (maybe) possible by using existing translators (e.g., GraphQL-LD by Comunica) ◼ associate with Solid Pods (need to enhance my Solid knowledge) ◼ secure storage for signed data (VCs) and keys ◼ security & privacy formalization ◼ and more ⚫ revocation, PPID, issuer-hiding, mobile, ...