Please introduce yourself and tell us the background to your project, "Anonymous Door Unlocking with Anonymity Revocation"
My name is Ken Watanabe. I’m studying cryptography at Waseda University under Kazue Sako. My current research focus is on use cases for Verifiable Credentials (VCs), as well as signature schemes such as BBS+.
The first time I used VCs was during a national project for the Japanese government, where we used VCs to authenticate UAVs (drones) delivering packages from A to B.
For the hackathon, we were looking for a simple use case we could implement in our day-to-day environment. We work in a lab, so I decided to make a physical door unlocking system using 3D printers, that enables us to unlock the door to the lab using VCs.
Please can you describe your solution?
In our solution the university is the issuer, students are the holders and the door unlocking application is the verifier.
We also introduced a new role in the ecosystem, ‘Opener’. Only the Opener can revoke a holder’s anonymity. The holder and verifier agree who will be the Opener during the setup process.
The key technical components are Decentralized Identifiers (DIDs), W3C JSON-LD Verifiable Credentials and Decentralized Web Nodes (DWNs).
We chose DWNs as they offer both storage and messaging. We realized we could put our VC into a DWN and deliver it to other entities like doors using the TBD messaging libraries. This met our requirements and made it simpler to develop.
We made a wallet application that connects to the DWN, shows the list of VCs and presents the needed information to verifiers through a QR code.
We used Dock network (which supports BBS+ signatures) and Arkworks to implement the crypto libraries, which I developed myself.
Why was anonymity revocation an important feature?
We think Selective Disclosure is very important for many use cases, including this one. The holder shouldn’t have to share unnecessary attributes and the verifier shouldn’t need to hold sensitive data.
But sometimes, data breaches, a theft or a physical accident might occur and the incident needs to be investigated.
The Verifiable Presentations (VPs) generated by the application are stored on the lab’s Slack channel. This enables the lab manager to see when the door is opened in real time, without seeing who opened it. If something bad happens, you can pick the presentation from Slack and send it to the Opener to open.
Please can you explain how the system preserves users’ privacy?
The holder can choose which attributes to share and generate a Verifiable Presentation (VP) with just this information. They don’t need to share their name, only their faculty membership.
We used BBS+ signatures because of the unlinkability feature, which means you can’t link multiple transactions to a single user, for enhanced privacy. BBS uses Zero Knowledge Proofs (ZKPs) to hide attributes. In this project we added another ZKP to the BBS signature, that we call “verifiable encryptions”. In our system, the holder encrypts his identifier using the Opener’s public key. The extra ZKP means the verifier can verify this has happened.
We think it’s our main contribution to these kinds of door unlocking systems.
What’s next for the application?
Only four faculty members use the system currently. I want others to be able to use it. To do this we need to issue VCs to more students. I also want to introduce the system to other doors within the university. But I know it will take time to get it into production, as we need to verify it works well.
Only one credential can be used in the application currently, but in future we want to make VPs from multiple VCs. I also want to introduce the ability for the holder and verifier to negotiate the Opener dynamically.
What other use cases do you envisage?
This is a research project but we think the system can apply to other scenarios. One is ride hailing apps such as Uber and Lyft. The customer can order a taxi anonymously but if an accident happens, their anonymity can be revoked. Another is anonymous social networks. Users can chat anonymously, but if there’s a message that’s violent or abusive the author’s anonymity could be revoked.
Apart from VCs, my other interest is I'm a cryptographer, so I also want to make completely different scenarios. I want to keep using it.
Last week I presented the application at SCIS2024 in Nagasaki, the biggest cryptography conference in Japan. Many people from government, academia and industry were there. I hope it generated a lot of interest.
How did you find the experience of participating in the hackathon? Do you envisage participating in DIF going forwards?
I really enjoyed the hackathon and am very honored to receive this prize. It was my first time using Decentralized Web Nodes. I found the DWNs GitHub readme page and API documentation very easy to read. I just followed the intro and found I could implement it easily. It was straightforward to store the VCs using DWNs.
For me, BBS Signatures is an interesting area to explore further. I’d also like to use DWNs in other projects and, if possible, I would like to add some features to it.