zkRegistry is a framework for facilitating the authentication of an Ethereum address in on-chain applications in an efficient ZK-friendly manner. It was initially introduced in our private voting prototype for the Nouns DAO Private Voting Research Sprint where we implemented a contract containing a correspondence between Ethereum addresses and Baby Jubjub public keys, the authentication of the address then consisting of a a ZK proof verifying an Ethereum storage proof resolving the address to a Baby Jubjub public key as well as a computation of this public key from the private key. This approach has motivated the following variations on the theme:

  • On-chain zkRegistry: This is a simple key-value store establishing a correspondence between Ethereum addresses and 256-bit unsigned integers. Such an integer, which may be thought of as an 'identity key', should be an appropriately-formed (ZK-friendly) hash of a secret known only to the user. In ZK applications, the user's address and their secret would be private inputs, and the proof would again leverage Ethereum storage proof verification to authenticate the given address.

  • Off-chain zkRegistry: While the on-chain zkRegistry is elegant, it relies on Ethereum storage proof verification, which is computationally heavy in a zero-knowledge context. Thus, as an alternative, we provide a 'rolled-up' solution in the form of an off-chain sparse Merkle tree (SMT) resolving Ethereum addresses to field elements encapsulating the same data as in the on-chain variant. This SMT is assumed to be distributed in a decentralised manner (e.g. via IPFS) and its root is stored in an Ethereum smart contract. This root may be then updated either one operation at a time or in batches by anyone who can submit a ZK proof of the validity of the proposed update(s).

This project is a work in progress and may be found here.