zkPass
zkPass User's Guide
zkPass User's Guide
  • Getting Started
    • ๐Ÿ”ŠIntroduction
      • What is zkPass?
      • How does it work?
      • How zkPass can help you
      • What's Ahead
    • ๐ŸŒค๏ธService-based Proof System
      • Main Features
      • zkPass Workflows
      • Deployment Options
        • Public-Cloud Hosting
        • Private-Cloud Hosting
        • On-Premise Hosting
    • ๐Ÿ—๏ธKey Concepts
      • User Data
      • DVR
      • zkPass Proof
  • Core Components
    • ๐Ÿ›๏ธService Architecture
      • RESTful API Web Service
      • zkPass Query Host
    • ๐Ÿ‘ฅzkPass Client Roles
    • ๐ŸคTrust Models
      • Data Privacy Trust Model
      • Data Integrity Trust Model
      • Computation Integrity Trust Model
    • ๐Ÿ‘ฉโ€๐Ÿ’ปzkPass Module
  • Use Cases
    • ๐ŸฉธEmployee Onboarding
      • โ€œBlood Test Resultโ€ User Data
      • "Employee Onboarding" DVR
      • zkPass Integration
      • Call Sequence
    • ๐Ÿš˜Loan Application Screening
      • โ€œBCA Customer Profileโ€ User Data
      • Loan Screening DVR
      • zkPass Integration
      • Call Sequence
    • ๐Ÿ›’Sharing OIDC Users Securely
      • "ShopSphere ID Token" User Data
      • "ShopSphere Account Holder" DVR
      • zkPass Integration
        • Integration Guidelines for ShopSphere OIDC Provider
        • Integration Guidelines for Krisna Service
        • Integration Guideline for ShopSphere App
      • Call Sequence
  • FAQ
    • How is verifiable computing implemented by ZKP?
  • Glossary
    • Client-based Proof System
    • DVR
    • User Data
    • zkPass Proof
Powered by GitBook
On this page
  • Retrieving user data from ShopSphere OIDC Provider
  • Retrieving DVR from Krisna Service
  • Calling generate_zkpass_proof RESTful API
  • Calling Krisna service RESTful API to verify the zkPass proof
Export as PDF
  1. Use Cases
  2. Sharing OIDC Users Securely
  3. zkPass Integration

Integration Guideline for ShopSphere App

The "ShopSphere" application acts as the guardian of user-sensitive data and therefore takes the role of the Data Holder. It engages with both the ShopSphere OIDC Provider (Data Issuer) and Krisna service (Proof Verifier) within the scope of the zkPass infrastructure. The primary steps for the ShopSphere app to integrate with the zkPass are explained below.

Retrieving user data from ShopSphere OIDC Provider

In this workflow, the user data consists of the OIDC ID token, which Krisna OIDC Provider generates post-successful authentication. This interaction is strictly limited to the ShopSphere user and the ShopSphere OIDC Provider, ensuring the confidential data is only accessible to these specific parties.

Retrieving DVR from Krisna Service

The ShopSphere app receives the "ShopSphere Account Holder" Data Verification Request (DVR) token from the Krisna app. Note that the DVR is actually generated by Krisna's service during user authentication. To respond to the DVR query, the ShopSphere app avoids sending any sensitive information directly to Krisna. Instead, it dispatches a Zero-Knowledge Proof (ZKP) produced by the zkPass.generateProof method. This function submits both the user data token and the DVR token to zkPass, which then formulates a Zero-Knowledge Proof on behalf of the user. Once this ZKP is created, it is submitted to the Krisna service for verification. Krisna then evaluates the proof to determine if the user data meets the criteria specified in the DVR.

The entire interactive process is designed with a focus on privacy. No Personally Identifiable Information (PII) is ever shared with the Proof Verifier, emphasizing zkPass's dedication to maintaining user confidentiality while enabling secure data validation.

Calling generate_zkpass_proof RESTful API

After the app has successfully gathered both the user data and the DVR, the next step is to initiate a RESTful API call to the zkPass Service. This call is for the generation of the zkPass proof. To facilitate this, the zkpass-client library includes a handy function named generate_zkpass_proof, which is designed to make this process more straightforward and efficient.

Calling Krisna service RESTful API to verify the zkPass proof

The app's concluding task involves forwarding the zkPass proof, received from the zkPass service, to the Krisna service for the ultimate verification step. At this stage, the Krisna service can ascertain whether the user in question holds a ShopSphere account. Notably, this entire process is conducted without disclosing any confidential user information to the Krisna service, ensuring data privacy is maintained throughout.

PreviousIntegration Guidelines for Krisna ServiceNextCall Sequence

Last updated 1 year ago

๐Ÿ›’