Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Generic zk-SNARKs (zk-snarks)
bofreq-lai-zk-snarks-03

Versions:

Document	Type	Declined BOF request
	Title	Generic zk-SNARKs (zk-snarks)
	Last updated	2025-06-25
	State	Declined
	Editor	Ying Tong Lai
	Responsible leadership
	Send notices to	(None)

bofreq-lai-zk-snarks-03

Name: Generic zk-SNARKs

Description

Generic zk-SNARKs are being considered as a candidate solution for instantiating anonymous credentials in digital identity systems, such as the EUDI Wallet. In practice, zk-SNARK proof systems are highly modular, and can be modified for different deployment contexts and levels of assurance. Having standards for the core primitives of zk-SNARKs, and their safe composition, would allow for the instantiation of application-specific variants, without having to go through the full standardisation process each time. We seek to understand how the IETF community is using generic zk-SNARKs, and which approaches to standardisation may be useful for their applications.

Required Details

Status: not WG Forming
Responsible AD: Paul Wouters
BOF proponents: Ying Tong Lai <yingtong.lai@gmail.com>
Number of people expected to attend: 100
Length of session (1 or 2 hours): 2 hours
Conflicts (whole Areas and/or WGs)
Chair Conflicts: TBD
Technology Overlap: TBD
Key Participant Conflict: TBD

Information for IAB/IESG

Existing standards efforts for generic zk-SNARKs include:
- the ZKProof Standards working groups (zkproof.org), which are specifying the modular components of generic zk-SNARKs: arithmetisation, polynomial interactive oracle proofs, polynomial commitment schemes, and the Fiat-Shamir Heuristic;
- the libZK IETF draft by Google, which specifies the proof system described in their paper "Anonymous Credentials from ECDSA" [FS24];
- the EUDI's "Specification for ZKP Implementation in EUDI Wallet";
- the proponents have been working with the W3C Data Integrity CCG to discuss the use of generic zk-SNARKs as a data integrity proof for verifiable credentials.

Open source projects implementing anonymous credentials using generic zk-SNARKs:
- Crescent Credentials by Microsoft
- libZK by Google (no publicly available implementation as of 23 May 2025)
- ZKPassport
- Self by Celo
- Rarimo ZK Passport
- AnonAadhaar by Ethereum Foundation

Agenda

Note Well and Agenda Bashing (5 minutes)
Use Cases (25 minutes)
- Anonymous Credentials in EUDI Wallet
- Verifiable Credentials Data Integrity Proofs
Current standards work (40 minutes)
- ZKProof Standards
- W3C Data Integrity CCG
Open Mic - Feedback from the community (30 minutes)
Explore consensus and next steps (20 minutes)

Links to the mailing list, draft charter if any, relevant Internet-Drafts, etc.

Relevant Internet-Drafts:
Polynomial commitment schemes:
- https://datatracker.ietf.org/doc/draft-zkproof-polycommit/
Sigma protocols:
- https://datatracker.ietf.org/doc/draft-orru-zkproof-sigma-protocols/
libZK:
- https://datatracker.ietf.org/doc/draft-google-cfrg-libzk/

Generic zk-SNARKs (zk-snarks) bofreq-lai-zk-snarks-03