zkLogin: Privacy-Preserving Blockchain Authentication with Existing Credentials
Arnab Roy
Video
Abstract:
For many users, a private key based wallet serves as the primary entry point to blockchains. Commonly recommended wallet authentication methods, such as mnemonics or hardware wallets, can be cumbersome. This difficulty in user onboarding has significantly hindered the adoption of blockchain-based applications. We develop zkLogin, a novel technique that leverages identity tokens issued by popular platforms (any OpenID Connect enabled platform e.g., Google, Facebook, etc.) to authenticate transactions. At the heart of zkLogin lies a signature scheme allowing the signer to sign using their existing OpenID accounts and nothing else. This improves the user experience significantly as users do not need to remember a new secret and can reuse their existing accounts.
zkLogin provides strong security and privacy guarantees. By design, zkLogin builds on top of the underlying platform's authentication mechanisms, and derives its security from there. Unlike prior related works however, zkLogin avoids the use of additional trusted parties (e.g., trusted hardware or oracles) for its security guarantees and instead leverages zero-knowledge proofs (ZKP) to ensure that the link between a user's off-chain and on-chain identities is hidden, even from the platform itself. We have implemented and deployed zkLogin on the Sui blockchain as an additional alternative to traditional digital signature-based addresses. Due to the ease of web3 on-boarding just with social login, many hundreds of thousands of zkLogin accounts have already been generated in various industries such as gaming, DeFi, direct payments, NFT collections, sports racing, cultural heritage, and so on.
Bio:
Arnab designs cryptographic protocols focusing on decentralized systems with applications to finance and digital assets, working with researchers at Mysten Labs specializing in cryptography, distributed systems, language design and formal verification. His areas of research have spanned zero-knowledge, blockchain, secure communication, biometric authentication, data privacy, post-quantum cryptography, trusted hardware enclaves, machine learning and quantum-inspired algorithms. He has served as co-chair of the US NIST Big Data Security and Privacy SG, worked at Meta, Fujitsu, and IBM, and obtained his PhD in CS from Stanford, advised by Prof. John C. Mitchell.