zk-nym

Nym credentials can be used to enable end users to access digital apps and services without having to reveal sensitive information (based on the Coconut protocol)

Learn more

Introducing zk-nyms

Imagine you go to the cinema, you should only need to show your ticket

That is not the case online.

When you watch a movie or make a purchase or use other online services, you repeatedly have to provide your name, payment details, address and other sensitive information. It should not have to be that way.

With zk-nym credentials, it is possible to anonymously prove your right to access digital services while retaining your privacy.

e-cash-payments

E-cash payments

Protect your privacy while paying online. The zk-nym scheme can be used for e-cash, enabling private financial transactions, also when paying via cryptocurrencies as well as utility tokens like the NYM token.

self-sovereign-identity

Self-sovereign identity

Prove attributes of your identity while retaining privacy. For example, prove you are above a certain age without revealing your actual birth date.

authentication-process

Authentication process

Sign in to digital services in a privacy preserving manner, ensuring that your information is delinked so you are not traced across apps, sites and services.

mixnet-credentials

Mixnet credentials

Use and pay for the mixnet in a privacy preserving manner, ensuring wallet address and transaction history cannot be linked to your mixnet usage.

How do zk-nyms work?

zk-nyms are decentralized, cryptographic privacy-preserving credentials.

You can request anonymous credentials from what are called “issuing authorities”. For the mixnet, the issuing authorities are the Nyx blockchain validators.

The validators issue anonymous credentials that have “threshold issuance”, meaning they only hold part of the key of the credential and cannot piece together the full key to deanonymise you.

You now have an anonymous credential that you can use to cryptographically prove something about yourself to a “verifier”, meaning the given digital service you are trying to use.

Privacy properties of zk-nyms include:

Threshold issuance

Validators only hold a part of the key that signs the credential. This has a similar byzantine-fault tolerance as other validator bases schemes: not only does it distribute trust but it also avoids “crush” of the system in case some validators go offline or are malicious.

Blind signatures

The property of blind issuance means that even if all the validators colluded, they would not be able to piece together the private attribute of your credential.

Unlinkability

Once you have your credential, rest assured that the issuance of your credential and your subsequent showing of it is unlikable. Even if validators collude with the service to which you show your credential, they cannot learn any additional information.

Re-randomizable signatures

Signatures are re-randomizable, meaning you can use the credentials again without making these traceable and compromising privacy.

Build with zk-nym credentials

zk-nym credentials are available as an open source library with Nyx blockchain validators as issuing authorities.

The library makes zk-nyms anonymous credentials available to everyone, with no work required by the end-user.

Built on the Coconut credentials protocol, the first use-case is anonymous access credentials for the Nym mixnet.

Read more about the how you can use them

Read more