Yuting and Nico are the founders of ZKorum. Yuting earned her Bachelor's degree at NYU Abu Dhabi and her Master's at ESSEC Business School. Nico is a Software Engineer and previously worked on projects that utilized Filecoin.
Nico is passionate about self-sovereign identity, and when he and Yuting joined forces, they started building this vision of a social network that runs on verifiable and anonymous data.
They both recognized a big problem with social media today. It's incredibly invasive and full of bots, scams, and disinformation. We cannot trust anyone online, and we have no way to prove that we are who we say we are unless we trust a third party to verify our identities. For example, some apps require you to verify your identity by uploading your ID. But this is very invasive.
Furthermore, our personal information is being collected and sold online every day by data brokers. In fact, the global data broker market was valued at $319 billion in 2021. According to the Electronic Privacy Information Center, data brokers collect and aggregate numerous types of personal information, including names, addresses, telephone numbers, e-mail addresses, gender, age, marital status, children, education, profession, income, political preferences, cars, and real estate owned.
Is there a better solution? How can we verify ourselves without trusting the third-party verifier and keeping our personal information safe?
Zero-knowledge proofs! A zero-knowledge proof (ZKP) is a cryptographic method or protocol used to demonstrate the authenticity of a statement or the possession of certain knowledge without revealing the actual information or knowledge itself.
Currently, ZKorum uses zero-knowledge proofs by acting as both the issuer and the verifier of Verifiable Credentials. Most large organizations already own a domain name and distribute unique email addresses to their members. Using this infrastructure, ZKorum can issue the user corresponding Verifiable Credentials, such as "female employee of XYZ Company." In this way, the user can prove her eligibility without revealing any unique identifier. ZKorum's closed-source competitors also rely on email addresses to verify that users indeed belong to those companies, but by being 100% open-source, ZKorum minimizes the trust that users need to put in them. In other words, "Don't trust, verify." Even in the event of a security breach, data would already be anonymized and unlikable to user profiles.
ZKorum as a Social Site
Yuting and Nico wanted to build an online forum where communities and verified members could create and participate in anonymous polls, surveys, discussions, and votes - a progressive web app where anyone can browse the existing public surveys and view their results.
ZKorum strives to create a safe and inclusive space where everyone feels secure and comfortable sharing their experiences and exchanging opinions without fearing backlash. That is why privacy-preserving technology is so important!
How is ZKorum using Fission Tech?
ZKorum is using UCAN for passwordless authentication between the client and the server. Since ZKorum took a DID-centric authentication approach using a wallet, they needed cryptographic keys.
However, ZKorum innovated even further by taking the security and seamlessness of UCAN authentication and combining it with the ease of use of email address verification. A one-time code is used to register a new user and their device, and then every request is signed using the device’s DID. Currently, ZKorum is utilizing the WebCrypto API to store cryptographic secrets in the browser, but eventually, it will switch to passkeys. ZKorum opted to hide the UCAN authentication behind the email address login flow because users are used to it, and they did want to overwhelm folks with technical jargon or multiple steps. ZKorum's end users are not expected to be highly technical users. They might be, but there is no assumption there. The idea is that anyone who can answer surveys on a computer will be able to understand how to use the ZKorum web app.
Yuting and Nico see ZKorum as a powerful way to protect people's privacy by separating a user's profile from their actions, also known as unlinkability. They want to build an open-source library providing this core feature of unlinkability, making it available for other developers to use across different products of their own.
ZKorum also actively provides feedback to the EU regulators and builders working on the EU ID Wallet. ZKorum aims to be compatible with official Verifiable Credentials, such as the European Digital Identity.
Yuting and Nico are also working with the Master's Program at ESSEC Business School in France to issue Verifiable Credentials, which would be a novel way to engage the student body and gather their opinion.
If you want to learn more about Zkorum, please visit their website.