Skip to main content

zkTLS Operations

image

The Issue of Handling Private Data

Traditional zkTLS algorithms provide data authenticity for applications. In this model, the zkTLS client ultimately receives an attestation from the attestor, where the embedded raw data and its corresponding signature together prove that a zkTLS session was executed correctly and successfully verified by the attestor.

In many scenarios, offering the raw data is not considered as a good option if privacy is preferred. Handling the data computation within the attestation is a proper approach. Primus SDKs offers zkTLS operations to further adapt to the privacy-preserving applications.

Supported zkTLS Operations

Using comparison operations expressed as boolean conditions within the zkTLS attestation is an effective way to handle private data securely. During attestation generation, various comparison operators can be applied to specific data fields. Each comparison produces a boolean result—true or false—indicating whether the condition is satisfied.

The supported comparison operators within Primus SDKs include:

  • '>' (greater than): verifies if the data item is greater than a target value

  • '<' (less than): verifies if the data item is less than a target value

  • '=' (equal to): verifies if the data item is equal to a target value

  • '!=' (not equal to): verifies if the data item is not equal to a target value

  • '>=' (greater than or equal to): verifies if the data item is greater than or equal to a target value

  • '<=' (less than or equal to): verifies if the data item is less than or equal to a target value

How to Use the zkTLS Operations in SDKs?

1. Build on The Network: Primus Network SDK and Primus Network Core SDK

When using Primus Network SDK or Primus Network Core SDK, You can simple enable the operation in the zkTLS attestation generation, by the following example code:

// Set Attestation conditions
const responseResolves = [
  [
    {
      ...otherParams,
      op: ">",
      value: "YOUR_CUSTOM_TARGET_DATA_VALUE",
    },
  ],
];
const attestParams = {
  ...submitTaskParams,
  ...submitTaskResult,
  requests,
  responseResolves,
};
let attestResult = await primusNetwork.attest(attestParams);

2. Build with Enterprise Solutions: Primus zkTLS SDK and zkTLS Core SDK

When using Primus zkTLS SDK or Primus zkTLS Core SDK, You can simple enable the operation in the zkTLS attestation generation, by the following example code:

// Set Attestation conditions
request.setAttConditions([
 [
  {
    field: 'YOUR_CUSTOM_DATA_FIELD',
    op: '>',
    value: 'YOUR_CUSTOM_TARGET_DATA_VALUE',
   },
  ],
]);

Comparison with DVC Pattern

zkTLS operations natively support performing data computations directly over the attestation. In contrast, the DVC (Data Verification and Computation) pattern leverages a zkVM to shift the computation into a zkVM circuit. While zkTLS operations offer a level of privacy comparable to DVC, they provide less public verifiability and trustlessness, since the output of a zkVM circuit, namely a SNARK proof, can be publicly verified on-chain. Even so, zkTLS remains an efficient and architecturally simple approach for enabling application-level privacy.