Vega: ZKPs for Private Digital ID

Microsoft Research has unveiled Vega, a system designed to revolutionize digital identity verification using zero-knowledge proofs (ZKPs). This technology allows users to prove specific facts from government-issued credentials, such as age or professional status, without ever exposing the credential itself. The credential remains securely on the user's device, a critical advancement in an era increasingly shaped by AI.

As AI-powered assistants and autonomous agents become more prevalent, the need for robust and private digital identity solutions is paramount. Verifying a user's identity, especially proving humanity or sharing credentials with AI-mediated services, requires trust. Government-issued credentials remain the bedrock of this trust, but current verification methods often necessitate sharing sensitive documents, a process fraught with privacy risks. High-profile data breaches underscore the dangers of this approach.

Vega directly addresses this challenge: can we verify information from a credential without revealing the credential? The system harnesses ZKPs, a cryptographic tool that enables proving a claim, like being over 21, without disclosing any other details. This means a user could prove their age from a driver's license without the verifier ever seeing the license itself.

From Theory to Practice: The Vega Approach

While the concept of ZKPs for privacy-preserving identity is not new, practical implementation has been hindered by performance and setup requirements. Prior systems often demanded complex, repeatable trusted setups or sacrificed speed and proof size for independence. Vega aims for real-world viability by generating proofs in under 100 milliseconds on standard client devices, with proofs around 108 KB and verification times of 23 ms. Crucially, no trusted setup is required.

The system builds upon several foundational cryptographic advancements from Microsoft Research, including Spartan for efficient R1CS proofs, Nova for folding schemes that compress computations, HyperNova for zero-knowledge via "NovaBlindFold," and NeutronNova for efficient batch processing. Vega integrates these components into a unified, auditable, and extensible proof system.

A key innovation is "fold-and-reuse" proving. This allows users to present credentials multiple times, for instance, to different services or AI agents, without incurring the full computational cost each time. After the initial proof generation, subsequent presentations leverage cached data, significantly reducing the work required.

Vega is built in Rust and is slated for open-sourcing soon. It targets real-world formats like mobile driver's licenses and the EU Digital Identity Wallet, aligning with emerging regulatory frameworks such as the EU's age-verification blueprint and the UK's Online Safety Act.

Performance and Privacy Under the Hood

Vega's efficiency stems from two core ideas: fold-and-reuse proving and a lookup-centric circuit design. The proving pipeline splits work into distinct phases. A one-time credential phase handles setup, while a per-presentation phase re-randomizes data for unlinkability and folds expensive SHA-256 hashing steps using NeutronNova. Spartan then proves the folded circuits, and NovaBlindFold ensures zero-knowledge properties.

Hashing is a significant computational cost. Vega optimizes this by using a small "step" circuit for each SHA-256 compression function, then collapsing these instances into one using NeutronNova's folding. This approach keeps the proving key small regardless of credential length.

Achieving zero-knowledge with minimal overhead is also paramount. Vega uses a novel method involving folding the constraint system with a random instance, which hides underlying data without the complexity of traditional approaches. This ensures that zero-knowledge overhead scales with a small constraint system, not the full secret data.

The system also avoids the need for a complex CBOR parser by treating credentials as byte-addressable lookup tables. This allows the circuit to efficiently extract specific fields while verifying data integrity and ensuring contiguous byte sequences, replacing a full parser with simple lookups.

Binding Identity to the Device

To prevent misuse, Vega incorporates device binding. This ensures that proofs originate from the legitimate holder's device. The system requires the device to sign a fresh session nonce using a private key stored in a secure element. The circuit then verifies this signature against the device public key extracted from the credential.

This cryptographic assurance is vital, especially as AI agents begin to act on behalf of users. Without device binding, leaked credentials could be exploited by attackers or unauthorized agents. The Vega system, implemented in Rust, aims to provide a robust foundation for these future digital interactions, enhancing security and privacy in decentralized identity solutions. As bots increasingly outnumber humans online, such proof of human imperative becomes critical for maintaining trust in digital interactions, a challenge also highlighted in discussions around decentralized identity solutions and how AI agents are breaking the web's old rules.

The underlying proof system is available as the open-source spartan2 project. The research, presented at the IEEE Symposium on Security and Privacy, extends beyond mobile driver's licenses to any credential with a stable byte encoding and digital signature. This technology holds significant promise for future applications, including agents carrying identity on behalf of humans, an area where Microsoft Research Vega is poised to make a substantial impact.