MPC-TLS | Onboard Your Web2 Data with MPC-TLS on Sign Protocol

What is the MPC-TLS + zkProof system?

Before we explain what Multi-Party Computation Transport Layer Security is and how zero-knowledge proofs play a vital part in this setup, let’s talk about vanilla TLS. It is the mechanism behind all HTTPS websites and serves to encrypt network traffic so nobody aside from you or the server can decrypt everything being sent and received. MPC-TLS adds a third party verifier into the TLS handshake who can only verify the authenticity of data transmitted without having any knowledge of the data. Throughout the entire process, the server is entirely unaware of the MPC mechanism and does not need to accommodate this setup. After the conclusion of data retrieval and integrity verification, the user and verifier jointly produce a zero-knowledge proof used to convince the verifier of some fact about the encrypted data (remember, the verifier cannot actually see the data in plain text).

What does this mean for users?

The single most significant implication is the ability for any ordinary user to self-attest to the validity of any information loaded in their browser. In other words, as long as the user can see something in their browser, they can prove its validity. For example, users can self-attest their bank statement as a cryptographically secure proof-of-funds anytime anywhere with one click.

What Sign Protocol brings

Leveraging a standardized and structured attestation format as well as an affordable permanent storage solution, Sign Protocol makes it possible for our partners and users to:

  • Easily onboard MPC-TLS zero-knowledge proof validation results to any chain and bridge results to any other chain after the initial attestation.

  • Encrypt and permanently store the captured TLS session and zero-knowledge proof for archival purposes and future retrieval.

  • Enable any smart contract to access, correctly decode, and make use of your validation results.

Here is a sample schema from one of our partners:

{
  "name": "prototype",
  "data": [
    {
      "name": "ProofType",
      "type": "string"
    },
    {
      "name": "Source",
      "type": "string"
    },
    {
      "name": "Content",
      "type": "string"
    },
    {
      "name": "Condition",
      "type": "string"
    },
    {
      "name": "SourceUserIdHash",
      "type": "bytes32"
    },
    {
      "name": "Result",
      "type": "bool"
    },
    {
      "name": "Timestamp",
      "type": "uint64"
    },
    {
      "name": "UserIdHash",
      "type": "bytes32"
    }
  ]
}

Where can I experience this?

We are launching this initiative with PADO and zkPass.

PADO

PADO, powered by PADO Labs, is a decentralized zkAttestation and Computation Network designed to unlock and secure Internet data for Web3. It enables users to attest their off-chain data from various Internet sources in a secure and privacy-preserving manner. Users can generate attestations, or data proofs, from their private data and share them with third parties, such as dApps on blockchains, without revealing sensitive information. For instance, users can prove their gaming achievements or professional qualifications without exposing their account details. PADO Labs is developing essential components like the PADO extension for user data management, PADO developer toolkits for dApp creation, and node SDKs to maintain the network's integrity, including cryptographic nodes for data authentication and evaluation.

zkPass

zkPass is a private data protocol that enables privacy-preserving verification. It is built on the foundation of Multi-Party Computation (MPC), Zero-Knowledge Proofs (ZKP), and three-party Transport Layer Security (3P-TLS). zkPass provides TransGate, which enables users to selectively and privately validate their data on any HTTPS website to the web3 world. It can cover various data types such as legal identity, financial records, healthcare information, social interactions, work experience, education and skill certifications, etc. All these types of verifications can be done securely and privately without the need to disclose or upload any sensitive personal data to third parties.o

Last updated