Preserving Confidentiality: Harnessing zk-SNARK on Blockchain for Secure Supply Chain Traceability
Supply chain traceability refers to the ability to track and document the movement of goods or components throughout the supply chain, from their origin to the end customer. It captures and documents relevant information such as the source, production, transportation, and distribution activities to gain valuable insights, ensure compliance, reduce risk, and increase transparency. It provides quick and accurate visibility of the production history. Traceability also plays an important role in addressing issues such as product recalls, counterfeit products, ethical sourcing, and sustainability.
Innovations in the field of Supply chain management and traceability are being introduced every day irrespective of the sector, with shorter time and more precision as the main objective. One such solution that can and is helping this field achieve shorter time targets, and higher precision with an additional promise of preserving the Privacy of data is zk-SNARK on Blockchain.
What are ZKPs: Zero-Knowledge Proofs?
Zero-knowledge proofs are cryptographic protocols that allow two parties - the prover and verifier to participate in an exchange of information where the prover proves the validity of the statement to the verifier without revealing any additional information apart from the statement's truth. In other words, zero-knowledge proofs demonstrate knowledge of a certain fact without divulging the actual knowledge itself.
Let's take a very simple example to understand how Zero-knowledge proofs work:
Imagine a colorblind person having two balls in his hands - One red, and one blue. Since the person is colorblind, he doesn't know the difference between both balls. He asks help from his friend to tell him which ball is of which color. The question is how can the colorblind person verify that his friend is telling the truth and indeed knows which ball is of which color? Here comes the use of the Zero-Knowledge Proof concept. Below are the steps that can help his friend "prove" that he indeed knows the color of the ball without the colorblind person knowing the color of the balls:
The colorblind person holds the two balls in his two hands and asks the friend to tell him where the red ball is.
The friend commits to an answer and submits the answer. Let's say the red ball is in the right hand.
The "verifier" (colorblind person) now takes his hands behind his back and switches the balls three times, making both balls switch the position they were initially in, and presents the balls again to the friend for the deduction.
The friend will know the answer - left hand, proving that he knows the color of the ball.
Doing it only once has a higher probability of the prover getting lucky. So colorblind person can repeat the steps 100 times to decrease that probability. If the friend can always tell the difference in the position of the balls, will mean that he indeed possesses the knowledge without the verifier having the proof or secret of it.
What are zk-SNARKs?
zk-SNARK stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge. It's a specific type of Zero Knowledge protocol where the prover can prove the possession of certain information, eg., a secret key, without revealing the particular information that too without any Interaction between the prover and the verifier.
In the first zero-knowledge protocols, the prover and verifier had to communicate back and forth for multiple rounds, but in “non-interactive” constructions, the proof consists of a single message sent from the prover to the verifier. The most efficient known way to produce zero-knowledge proofs that are non-interactive and short enough to publish to a blockchain was to have an initial setup phase that generates a common reference string shared between the prover and verifier, which is referred to as the public parameters of the system.
Each participant in the system contributes some random value to generate this common reference string. Hence, As long as one honest party destroys their portion of the entropy, the ZK-SNARK protocol retains computational soundness.
How zk-SNARKs can be leveraged to improve Privacy in Supply Chain Traceability?
By providing relevant features of preserving privacy and integrity of data, below is how zk-SNARKs on Blockchain can be used in supply chain management and traceability:
Product Verification:
A supplier 'A', wants to prove the authenticity and integrity of her products without revealing sensitive information such as manufacturing processes or proprietary formulas.
He will employ zk-SNARKs to generate proofs that attest to the product's authenticity and compliance with standards.
- Circuit Representation: The supply chain defines a circuit representation that captures the desired results and attributes to be proven in the process.
- Constraint System and R1CS: The circuit representation is transformed into a constraint system, typically referred to as a Rank-1 Constraint System (R1CS). This represents the relationships between inputs and outputs.
- Proving Key and Verification Key Generation: A trusted step process where proving key and verification keys are generated, the proving key containing the necessary components to generate proofs, and the latter containing the circuit structure for verifying the proofs
- Proofs generation: The supplier, acting as prover, utilizes the proving key, circuit representation, and specific product information to generate proofs. The generated proofs, in their succinct format, provide evidence or attestation of the validity of specific attributes without revealing sensitive details about the product or supply chain, by following the circuit representation and its constraints.
Circuit Representation:
The supply chain defines a circuit representation that captures the desired properties to be proven, such as product origin, quality checks, and compliance with regulations.
The circuit representation incorporates various checks and constraints to ensure the integrity of the product and data throughout the supply chain.
Proof Generation:
The supplier, as the prover, constructs a ZK-SNARK proof for each product using the circuit representation and the specific product information.
The proof verifies the product's authenticity, compliance, or other desired properties without disclosing sensitive information.
Verification:
B, as a verifier or a participant in the supply chain, receives Supplier's "A" proof and the public parameters.
B verifies the proof's validity using the public parameters and the verification key.
Verification ensures that the product meets the defined properties and has undergone the necessary checks without revealing sensitive details.
Immutable Record on the Blockchain:
Validated proofs and related product information can be recorded on a blockchain, ensuring an immutable and transparent record of the product's journey through the supply chain.
The blockchain provides an auditable trail without exposing sensitive information, enabling transparency and trust.
Conclusion
By incorporating ZK-SNARKs into supply chain management and traceability systems, privacy can be maintained, sensitive data can be protected, and the integrity of the product and associated data can be assured throughout the supply chain.
The proofs generated by the supplier according to the circuit representation and its constraints will provide assurances about the authenticity and integrity of the product without exposing sensitive data to unauthorized parties. It will also provide cryptographic assurances that the information presented in the proofs is valid and has not been tampered with.