 All right, let's get this show on the road First Just a welcome to everybody. I'm glad to be able to talk to you. This is kind of a strange way to do it as far as I'm concerned much more used to Talking to groups of people live and having some interaction Which will be fairly limited in this context As far as the tools that we have here for our interaction I'm going to be setting my display so that I will be looking in the Q&A Rather than in the chat. So if you have questions, please post them there And you can gossip about me all you want in the chat and I probably won't see it I'm Mike Bailey I'm a blockchain architect for paramount software solutions. I'm also an assistant professor at Utah State University So I just have to mention GoJazz just you know because that's where I'm from, right and And and for those of you who are really not sports fans, they're they're in the NBA playoffs right now. I'm doing very well All right, so today What I'm going to be talking about are predicate proofs and And I kind of consider them almost a superpower when we talk about zero-knowledge proofs what people here in the community in particular tend to think about is is control disclosure Where if I have a credential That has lots of different fields in it. Maybe I just I'm going to share one field with you Predicates takes it to a whole new level beyond that So so I'm gonna Introduce for those of you who aren't already familiar with what predicate proofs are I will introduce them and Give you some tips on how to use them But I'll actually just mention towards the end I'm going to be throwing a monkey wrench into the whole thing That I think everybody needs to be aware of as far as predicate proofs and and their use All right, so we get to the right screen Okay so what I will be covering today is Well, first of all, what are predicate proofs? I'll give you a more detailed answer to that than what I just gave that a quick introduction and And and I'll discuss Where they're at as far as you know what technologies are using them challenges and applying them and Now how they're used and and then finally I'm going to be talking about the future of predicate proofs Which which is very much in flux Okay, so To begin with Zero knowledge proofs are to be able to convey data But only the absolute minimum required. So this is one of the key Tools that we are that we use when we're trying to preserve privacy Typically almost everybody who gives a presentation talking about this type of thing They give the driver's license example and show all the driver's license data and and how if you're just trying to buy a drink in a bar When you hand somebody your driver's license, you're given them far too much information that could be Compromising your privacy. I I've decided I'm going to do this a little different. I'm going to show you a a graduation a transcript site type of Example where you want to be able to prove that you graduated Okay, so if I have my transcript, that's what everybody when you apply for a job a lot of places They'll say okay, give me your transcript so that I can see that you graduated and whatnot And what you're handing them is a lot of information a lot of which your employer probably neither wants nor needs and Maybe some of it might even be embarrassing What if all your employer wants to know is did this person graduate so that I can hire him and Be able to brag about having a car car wash employee who is a college graduate? all right Well, you hand them the transcript and as your graduation date grades for all the courses taken which Might be embarrassing and not required if you went off and Decided to trace around the world and Got stuck in some third world country jail for a while or something like that There might be unexplained periods of absence that are in your transcript That you aren't required if all you're trying to do is show that you graduated Your GPA your major, you know, what if you're Maybe not real comfortable with the the fact that you were desperate to graduate And so you dropped out of civil engineering and went into basket weaving instead to graduate. Well telling people your your major is not required and maybe your scholarships and Pell grants and things like that Right beyond they're not required all you really need perhaps is if we're doing control disclosure type of zero an entrepreneur Perhaps I could give them just the graduation date field from my transcript. I would show that I actually did graduate But what if you're old like me? maybe you don't even want to show the graduation date because Everybody will deny it But we all know especially if you're in the tech world that That there is a little bit of age discrimination that goes on out there maybe you don't want to show that you graduated in In 1990 or something like that you'd rather be assumed to be a little bit younger So you don't even want to give them the graduation date So the basic zero-knowledge proof that will just selectively disclose just one field will get you part of the way there But this is why I am saying that the predicate proofs are The the superpower because they will not even disclose the graduation date All they're going to say is that you graduated and it's verified now So this is a bullion What we're generally anticipating as a result of a predicate proof is Just the bullion a yes or no question comes into your Your your digital wallet says did this person graduate and the only thing comes back is yes or no and and it's verified what I mean by this is that the The transcript came from the university it was issued by the university it was signed by the university and We know that we could give them back We could demonstrate to somebody that we have this transcript that is digitally signed by the university But isn't it much better if I just give them a bullion yes or no, but be able to trace back The the bullion value as being Derived from something that was digitally signed by the university and not just me saying it Okay, so this is what Predicates give you they're the superpower. They're the advanced zero knowledge proof That are able to just give you an answer to a yes or no And have it So that the it is verified through cryptography as being derived from a credential That is provided from A trusted source So that's where we're going with this And that that really is a really nice capability, right? Okay Different things that we might want to be able to And have yes or no answers to is basically what this Is slide is talking about So these are potential predicate objects For example You must be 50 to join AARP. Can you is that derived down to a yes or no answer? Yes, okay. So this is something that if you have a credential you could check an age on a credential And see that you're you're 50 or older. You can join AARP notice how cleverly i'm still Shying away from the uh, you know 21 to buy a drink type of example all right height if you had something that Credential from the dmv or something that says uh, you're this tall Well, you could prove height Or if you had weight insurance discount if you have a body mass index less than 28, okay So so that would be something you could do a true or false and provide a predicate proof on This last one is actually one that a customer of mine was interested in They were actually the other way around they said We service the following states We don't really want to know which state they're in We just want to know that they're from one of these states Can I give you a list of of states and uh And have a predicate come back and say true or false this person is in one of your service area states Okay Or as this example here says offer void if you're in a select state you could you can reverse that So these are potential predicate objects Or examples of them. So so really they boiled down to I came up with these if anyone else Uh Can think of other things. These are the ones that I've Seeing customers come to me and say hey, I would like a predicate that does this sort of thing So for example um Greater than or less than would be if you're over 50 if you're over 21 uh those types of numerical type of Of greater than less than are examples of of predicate type of operators Equal to is is another one It you know Yes or no it needs to be exactly this Is a member of So that would be the state example I just used right need uh Be a member of this set. This would be something once again. You could get an up or down a predicate Boolean type of result of it our um Possession where you have a credential And they don't really care about what's in it, but they just want to know that you have one um I guess an example would be if you're trying to prove somebody is A citizen of the united states Well one way to tell that would be if they have a social security number Maybe you don't really even want to know Their social security number But just tell me do you have a credential with a social security from the social security administration? And if so they're a citizen and you know things go forward So just possession of a credential These are all things that can be answered with a true or false Boolean type of uh response So this is what we would like to have um We don't necessarily have that in our current implementations Let's talk about what we do have Well, the first uh thing I ought to mention is one of the reasons that we're here at a hyper ledger conference talking about this Is that we do predicate pruce in current hyper ledger indy and aries implementations Okay, so say of the art We we we have this But there is a limitation on what we have right now All we have implemented are numeric So if I want to see if somebody is A member of a state or something like that Uh member of set like that that isn't you know something that can be just uh defined numerically um Current implementations you're out of luck um I can tell greater than or less than that's pretty much it Okay It's based on cl comminish But I'm okay. I'm not gonna I'm I'm gonna hack this. I'll just say it's based on cl signatures um and Reading through a recent uh document put out by um by identity woman um She uh she said this Jason's ekp cl generates a numeric representation of each field And then signs both the numeric and text representation of the statements using a cl signature So what this is basically saying Is that we we are going to the degree that we actually Are are signing things twice in order to make this thing work in these implementations and indian aries One of which is a numeric representation and that allows us to use these predicates In order to do it. So so there are some There are certainly limitations on what the current implementations a predicate person Provide Will it be able to tell if I am over 18? Or 21? Yes Will it be able to tell if I am a citizen of a particular state? Not without some fairly spectacular gyrations and how your credentials are issued Um, it's it's not going to happen now I would like Even even for dates even for things like am I over 21? There are some limitations and that I can't just put a text representation of my birthday in somewhere um so for example Even if we use the most computer slash human friendly format for uh For representing dates. I like the iso 8601 format Okay, it puts the year first and then the month of the day. So this is today's date And as long as a person knows what to expect That's pretty human readable And it's also very good for representing things in a way that computers can operate on because this is in a Little indian format that is able to be You know, I could I could put that Into an ASCII or a utf-8 representation like I did here and if this was 2021 06009 That would just increment that last little eight and hexadecimal to a nine And I can easily tell with a computer. I can say is this greater than or less than and And and that will work for me However um, the current implementations of What is in indian aries doesn't even do this As soon as you put those little dashes in there Then indies and indie and aries Uh implementations will say well that is a text string. That is not a numeric And so if you try to do a predicate proof it will fail So there are definitely limitations on the current implementation and and actually when I first Proposed this little presentation That was going to be the thrust of my entire presentation Is that we need to fix it so that We could take text like this converted into just a hexadecimal representation of it and we would be able to If we if we just tweak Indian areas just a little bit We would be able to do predicate proofs on strings like this that are also human readable Because dates is one the main thing that everybody wants this stuff for um but That being said As you'll see later in the presentation some of my reasoning has has been overcome and we're we're going to go on And and leave this for now. Just realize that there is that limitation right now I'm going to do a brief little Um demonstration of a way to work around this to some degree, right? So say that I want to get a transcript I didn't put all these for my little demo here. I didn't put all the different fields that I put In my initial slides um, I I just put graduation date GPA and major and Okay, and I want to be able to prove that I've graduated before or after a certain date Okay Now in order to do this I'm going to add an additional field to the credential. I'm going to call it a date code. You can see it's really the utf 8 Except that I omitted the dashes All right And so if I do it like this I can issue a predicate proof on that date code Okay So this is somebody is issued to my wallet a request to see Whether I have Whether the date code Is greater than or less than 1990 with all zeros That should be able to basically that tells if I have graduated since 1990 Okay And and this is acceptable. This will work And you know, it will compare this to this and it will give you a Uh, a bouillon response that is traceable to the original credential that was issued by the university and Will tell whether somebody graduated since that date and okay, so there's a there's a workaround But it ends up with a person having Kind of mysterious stuff in their credentials like what in the world is date code thing? Okay, if it's it's not something that is Immediately recognizable as a date And and you have to have a graduation date and that rather than just having one or the other All right So There there's there's the And and this is actually working code here. I'm not going to take the chance of of it in the um In this little presentation that's very brief but but This is implemented. This is uh a wallet implemented on top of aries All right, so What's changed that made me want to say? I've got to redirect this this presentation a little bit And that this is what's changed the community is moving away from cl signatures And i'm moving towards Json ld with bbs plus signatures Okay, aries is getting that that implementation is active and ongoing. It's one of the most exciting things happening in the aries community right now and Here's the bad news predic or peruse are going to be a casualty of this I I learned this after I proposed this presentation But I think this presentation is still worthwhile because I think it's going to be a temporary thing. They will be back um Now why are they a casualty of it? well, it's um Talking to some cryptographer friends and I will not put my my self in that camp But talking to some cryptographer friends They are doable But it's just going to be something that's on the backlog for the time being it's it's uh Not something immediately obvious And they're gonna have to go away and and and figure it out Okay so What do we have with the json ld? Why are we why are we moving to json ld and bbs plus? well, one of the things about The cl signatures is they require you to publish on to generate ahead of time and publish on to the Uh the blockchain or whatever Um wherever you're holding such data schemas With the json ld then It's no longer necessary to publish schemas on vans because you the schemas and cred deaths I I guess I should say credential definitions The these credential definitions um are basically all the keys for every field that go into the Uh the credentials that you're going to issue And so each individual field Each individual attribute has its own key set and And those are all being put into this um Into these credential definitions that need to be stored somewhere With json ld and bbs plus There is a deterministic key expansion. All you have to do is store one key for the entire credential class that you're going to issue So you don't have to store these large Uh pre-computed credentials that have lots of individual keys in them So that's an advantage The biggest advantage is probably the rich tech rich document for format rdf That allows hierarchal schemas. So if you have a schema that somebody has come up with for um For something and then somebody wants to incorporate that scheme into another schema Json ld will support that Uh, I I particularly like the multilingual capabilities because If you think of it, you could if you have hierarchal schemas you could have Uh a base schema and then have okay a Uh another schema that is going to incorporate that for english another and it's also going to incorporate it for spanish And it's also going to incorporate it for a big golly and have multiple copies of the same schema One for each language that you're going to issue credentials in and um That that way This this will provide multilingual capabilities in your credentials. So that's a wonderful thing Um json ld still will support The attribute level disclosures Excuse me json ld with bbs plus That combination will continue to support selective disclosure as far as only needing to give um A one attribute out of an entire set of attributes in a schema and excuse me in a credential So so that is another uh capability that is still there So you could if we go back to the previous example You could give the graduation date without disclosing all these other fields That is still supported in the json ld bbs plus Okay, um and Here's something that kind of excites me when I talk about predicate purfs is that if I If I have something like this I could have it Same way. I have multilingual capability. I could have one copy inside my parent scheme my overall schema that is english or or Human readable and I could have another copy of the same attributes and within that Uh credential that I'm issuing that's machine readable Uh all numeric such that it could be used for predicate purfs So that would uh in a way This json ld bbs plus type of A movement that is happening in the community in the long run could be better for predicate purfs Because once we figure out how to do predicate purfs with these signatures We can have things expressed the the exact same value expressed in multiple ways including ways that would be useful for predicate purfs um So, uh, for example um Going back to this I wouldn't have to show a separate date code I could have in my credentials. I'm displaying to the user The values in human readable format But I could have hidden in my same credential the exact same values For the exact same fields in a more machine readable format such as this And that would uh be supported now with the json ld Okay So i'm seeing great, uh potential here I'm putting out a call for cryptography credentials to get the bbs signatures working for Uh for predicate purfs So in conclusion, I'm nearly at the end of my time A limited form of predicate purfs exists in indian areas They uh, but they are going to be lost Until we figure out how to do predicate purfs for bbs plus signatures, which is i'm told is doable, but Needs to be added to the to-do list And potentially they will be better than ever when this happens Okay, I have allowed a entire two minutes For question and answer if anyone has any And uh If not, then I appreciate you attending this session and uh and and I hope you're excited about some of these neat privacy privilege or even things like I am I'll ask a quick question real quick And answer it myself Okay, this is hyper ledger. There's a blockchain conference Why do we care about this type of thing? Well indies Indy hyper ledger indy has historically stored credential type of metadata the different types of keys and such needed for digital signatures The public part of those keys onto a blockchain the indy project in particular and uh So so this This particular project even though a lot of it seems like it is external to a blockchain It has originated in hyper ledger. We're ahead of the rest of the world a lot of this stuff And it's exciting stuff and it still has there are still a lot of indy ledgers like sovereign and things That are out there. Okay. There's a question answer. Any any others? We're at the top of the hour. Thank you everybody. Oh wait one Okay, as far as indy, there's two different types. The question is is there development in indy for json ld bbs plus There's two different parts of indy. There's the indy sdk An indy sdk is the part that was used to be used to develop agents It really is not being continued to be developed much anymore Then there's the indy as far as the ledgers that are used to store the public keys and There will not be a much need for any development on the indy ledger so There will Indy the the sovereign ledger of the indy ledgers will continue to be useful with json ld bbs plus Into the future. I I don't anticipate there being a need for a lot of change there Aries on the other hand is is going to be changing a lot. All right. Thank you everyone