Privacy Preserving

Traditional Face Recognition

As we have seen in the previous section, traditional Face Recognition depends on generating and storing a biometric template during enrollment and then subsequently generating and comparing a new template during verification.

Since two generated feature vectors/templates can be compared, if one is stored in a database operated by company A and the other is stored in a database operated by company B, a comparison can be made between them to determine if it is the same person.

This is despite the fact that company A and company B may be unrelated to each other. This violates the principle of Unlikability in a Privacy by Design framework.

Privacy Preservation

The ability to compare feature vectors/templates with one another in traditional biometrics is what makes the stored data biometric in nature.

To enable privacy preservation, a system should be able to generate any number of different data structures (akin to feature vectors/templates) from a single image. If it does so, the data structures generated cannot be compared to one another.

Since there is no way to compare the data structures generated by a privacy-preserving framework, if they were stored in separate databases, there would be no way to determine that the data structures correspond to the same person. This satisfies the principle of Unlikability in a Privacy by Design framework and makes the data structures non-biometric in nature.

Biometric Verifiability

We have seen how two privacy-preserving data structures generated from the same data cannot be compared to determine any kind of similarity.

But, given a Biometric Sample (such as a facial image), can it be determined that the privacy-preserving data structure was generated from a similar biometric sample?

This is where the ZelfEncrypt algorithm comes in. It makes possible the verification of privacy-preserving data structures without compromising user privacy.

Even though the data structures, called ZelfProofs, generated by the ZelfEncrypt algorithm are non-biometric in nature, they can still be used for Biometric Verification.

Integration with Crypto Wallets

In the context of crypto wallets, traditional biometric verification methods often rely on the storage and comparison of biometric templates, which expose users to privacy risks if the data is shared or stored across multiple platforms.

However, with ZelfEncrypt and ZelfProofs, crypto wallets can offer Safeguarding of your assets and encryption/decryption features while preserving user privacy. Each ZelfProof is unique, preventing correlation across different wallets or services. This ensures the privacy of user identity without compromising security.

Users can use their facial image to generate a ZelfProof, which can act as a secure authentication token or an encryption key without storing any biometric data. This enables a secure and decentralized way to manage crypto assets, encrypt sensitive data, and verify user identity without the risk of biometric leakage across platforms.

The ZelfEncrypt system aligns with the principles of Privacy by Design, ensuring users' private information remains unlikable and non-biometric across all wallet interactions.

Principles of Privacy-Preserving Face Verification

In the previous section, we explored how ZelfProofs are data structures that are privacy-preserving. It is impossible to determine that two ZelfProofs, when compared to each other, were generated from the same person's face or data.

We also highlighted how ZelfProofs have the property of Biometric Verifiability. Given a person's face and a ZelfProof, it is possible to verify that the ZelfProof was indeed generated from that person's face, without storing or transmitting any biometric information.

In this section, we outline the Privacy by Design principles that should be embedded in any robust system, especially in contexts such as crypto wallets where privacy and security are paramount.

Unlikability

Definition: Given two data structures (e.g., ZelfProofs), it should be impossible to tell whether they were generated from the same data (face + metadata) or from different data.

Application in Crypto Wallets: In the context of crypto wallets, unlinkability ensures that two ZelfProofs generated for different wallets or services cannot be correlated. Even if a user accesses multiple wallets using the same facial image, each generated ZelfProof is unique. This guarantees that user activity across wallets cannot be tracked or linked together, providing enhanced privacy and security for crypto transactions.

Irreversibility

Definition: Given a ZelfProof, it should be impossible to reconstruct or reverse-engineer the original face used to generate it. Traditional face verification systems do not satisfy this property, as they rely on a similarity score between two biometric templates, which exposes them to Hill Climbing Attacks.

Application in Crypto Wallets: For crypto wallets, irreversibility means that even if an attacker gains access to the ZelfProof, they cannot extract the user's facial data. The facial image is never stored, and no similarity score is exposed, preventing the system from being compromised through biometric leakage or reverse engineering. This ensures that wallet access remains secure, and users are protected from identity theft.

Revocability and Renewability

Definition: In traditional biometric systems, only a single template or feature vector can be generated from one image. However, with ZelfEncrypt, multiple unique ZelfProofs can be generated from the same facial image. While a person cannot change their face, they can generate new ZelfProofs as needed.

Application in Crypto Wallets: The ability to generate multiple ZelfProofs from the same face provides an additional layer of security for crypto wallets. If a ZelfProof becomes compromised or a user wishes to update their wallet credentials, a new ZelfProof can be generated from the same face without any loss of functionality or privacy. This revocability ensures that users can update their wallet access keys without the risk of being permanently compromised.

Privacy Features of a ZelfProof

Replaceability

If a ZelfProof needs to be replaced, a new one can be generated from exactly the same image and data, and the newly generated ZelfProof will be entirely different from the revoked one. This ensures that even in cases where access keys are compromised or need to be updated, the new ZelfProof provides a fresh and secure authentication token without any linkage to the previous ZelfProof.

Renewability in Hot/Cold Wallet

In crypto wallets, renewability means that users can seamlessly refresh their identity keys (i.e., ZelfProofs) to maintain secure access to their wallets. This eliminates the need to rely on static passwords or biometric data that can be exposed or stolen. The user remains in full control, being able to generate new wallet keys or proofs as necessary, without compromising privacy.

Extended Privacy by Design Focus for Wallets

In the digital asset space, privacy and security are non-negotiable. Traditional verification systems, which rely on static, biometrically linked templates, pose a significant risk to users in the form of correlation attacks, data breaches, and identity theft. The ZelfEncrypt system, with its ZelfProofs, shifts away from this risky model by enabling privacy-preserving authentication and encryption without reliance on stored biometric data.

Privacy Enhancements for Wallet Authentication

Crypto wallets powered by ZelfEncrypt benefit from the following key features:

1. Decentralized Authentication: Users can authenticate into their wallets using ZelfProofs, which are unique for each wallet. No central authority stores their biometric data, ensuring complete privacy and autonomy.

2. Proof of Personhood: Through ZelfProofs, wallets can securely verify that a real person is accessing the system without storing any biometric identifiers. This meets the rising demand for decentralized identity solutions without compromising user privacy.

3. Passwordless Transactions: Users no longer need passwords or passphrases to secure their wallets. Their facial data is transformed into ZelfProofs using ZelfEncrypt, which act as their authentication token. This provides an ultra-secure, user-friendly approach to accessing crypto assets.

4. Encryption and Decryption for Secure Transactions: Beyond authentication, ZelfEncrypt can be used to securely encrypt and decrypt sensitive transaction data within the wallet. Users can trust that their private keys, transaction information, and any personal data stored within the wallet are protected by cutting-edge privacy-preserving encryption.

5. Cross-Wallet Privacy Protection: As each wallet generates its own unique ZelfProof, there is no risk of correlation across different services. This means that even if a user owns multiple wallets, their activity remains private and untraceable, safeguarding their financial privacy.

Protecting Against Hill Climbing Attacks

Traditional face verification systems expose users to Hill Climbing Attacks where attackers incrementally modify inputs to reverse-engineer the facial image used in verification. The ZelfEncrypt approach, by removing similarity scores and making ZelfProofs irreversible, ensures that users are protected against these attacks. No clues are provided that could allow attackers to recreate the original facial data, thus safeguarding wallet access.

Conclusion

The integration of ZelfEncrypt and ZelfProofs into crypto wallets offers a next-generation privacy-preserving solution. By embracing Unlikability, Irreversibility, Revocability, and Renewability, crypto wallets can provide users with secure, decentralized access without the risks associated with traditional biometric verification systems.

The result is a highly secure, user-centric system where privacy is not just an option, but a core principle. ZelfEncrypt ensures that users can confidently manage their crypto assets, knowing that their personal information remains safe, secure, and private at all times.