Block Qualified

A forward step in the decentralization of credentials. Solve multiple-choice tests hosted on ipfs and prove your solution privately yet on-chain using zero-knowledge proofs.

Comment

Introduction

We in the Ethereum community are probably all familiar with the idea of zero-knowledge proofs by now. The idea that you can prove to someone, beyond a reasonable doubt, that you know something, without revealing anything other than the fact that you know that something is incredibly powerful.

Although the concept of zero-knowledge proofs has been around for long, it was not until recently that it found major applications. While the cryptographic principles themselves are mathematically sound, applications require you either verify it yourself or trust the word of a verifier. If only there was a decentralized computer that could do it...

And it is exactly this decentralization that allows us to harness the incredible power of these tools. We have seen rollups, currency mixers, and even gaming DApps being built with them. But it is likely that one of the biggest applications to come will be identity services: proving that you hold certain credentials, security clearances, or that you did not engage in OFAC sanctioned activity, all without providing any additional information, and ensuring your privacy is preserved.

Inspiration

In a recent thread, punk6529 revealed his participation in what will be the first fully on-chain university course. But there is one piece missing: how do you make exams on-chain?

You can’t just submit your answers inside a transaction, because transactions are public, and anyone will be able to see those answers. One could just copy them, cheat on the exam, and gain the same credentials as you. You need to somehow hide exam answers, while still being able to check if they are right, all inside a public ledger.

And that is what Block Qualified allows you to do.

What it does

The idea was to enable a way to create and obtain credentials, all in a decentralized manner. You do this by solving multiple-choice tests, which are pinned on IPFS, and sending your solutions on-chain. To ensure your solution is kept private, zero-knowledge proofs are used. Esentially, another person cannot come behind, copy your transaction, and gain the same credentials.

The generation of these proofs also relies on IPFS, as the files necessary to compute the witness and proof are also pinned on IPFS to ensure anyone can access them and gain credentials:

The Block Qualified frontend nevertheless generates the necessary proofs automatically when solving a test, without the possibility of recording your solution (as there is no backend).

The only way to get a credential is to correctly answer all the questions that make up its multiple choice test, esentially verifying that you know the subject. When you receive a credential, you get sent a certificate as a non-transferable NFT validating your skills, which links back to the multiple choice test pinned on IPFS which you just solved.

The end result is a credential service that is fully decentralized: once a party creates a new credential, anyone can attempt to solve it and gain the qualifications. The credential owner may still choose to restrict this to only a select group of people by requiring that solvers own a given NFT.

How it was built.

Zero-knowledge proofs are used to submit and verify answers to these multiple-choice tests.

When solving a multiple choice test, your public transaction never shows the answers, but simply provides a proof of your knowledge of them. The additional use of a cryptographic salt ensues that each solving transaction cannot be replicated, while keeping the answers perfectly private.

zk-circuit

A multiple choice test is defined by its solution hash, which is the Merkle root of the answers tree. This answers tree has a total of n leaves, each with m possible values: the multiple choices available. Whenever a new test NFT gets minted, it stores this solution hash.

In your transaction, you don't submit a solution directly, as that would reveal it to the public. Instead, what you do is you prove your knowledge of your solution. In this solving proof, you show that you know an answer tree (it does not need to be the right one) which when hashed together with a random salt, it returns a solving hash.

Your answers tree remains private (and thus your answers), while the solving hash and salt are public. The smart contract checks if your solving hash is the result of hashing your salt and the solution hash defined earlier, and only then does it grant you the credential: minting a credential NFT that links back to the original NFT, and certifies your knowledge.

By voiding the salts that have been used, we can ensure the only way to gain a credential is by solving the test, as cheating rapidly becomes unfeasible: for a simple multiple choice test with 10 questions, each with 6 possible answers, you would have a one in sixty million chance of guessing it right. Increase the number of questions to 20, and that chance becomes almost one in four quadrillion.

The rest of the project is built around this:

  • Smart contracts in Solidity to handle users creating and gaining credentials, which both function as non-transferrable NFTs
  • A frontend built on React.js to allow for an easy and intuitive blockchain interaction, as well as pinning and retrieving multiple choice tests to and from IPFS, and handling all of the cryptography (hashing, zero-knowledge proofs) behind the scenes.
  • IPFS, more specifically web3 storage, as the storage solution.

Challenges ran into

Prototyping the zero-knowledge circuit, as described above, was the most challenging part, as there are still very few applications of the technology.

Being able to generate all the necessary proofs directly from the frontend was also a challenge. It would have been possible to send requests to a backed server to generate these proofs, but that would sacrifice on decentralization. The end result is a frontend anyone can access. And even if they wish not to, for whatever reason, they can still access the only necessary files to generate proofs from IPFS, ensuring the full decentralization of this credential service.

What's next for Block Qualified

For now, the project only allows you to create and solve multiple choice tests to gain credentials. A not too different implementation would allow users to answer questions directly, and the proof verification would check if their answers are exactly right. Circuit modifications like that would enable a better experience for both credential issuer and solver, and a more comprehensive testing ability.

I have reached out to the creator of useweb3, a learning platform covering all things blockchain. He is quite interested in the project, and we will be looking at ways to implement it inside of the platform. After all, credentials are worth nothing if the issuer is not recognized.

Additional Resources

Evmos Explorer Links:

Reach out on Twitter: @0xdeenz

Built With

Share this project:

Updates

posted an update

I thought it might help people new to the DApp for the first time to know the solution to an existing test. This way, they can see the process of proof generation, and also see the difference between solving a test (transaction is valid) and not being able to (transaction reverts).

So, which better way than to share the solutions to the Understanding Block Qualified test. This way you also learn a little bit more about the background tech in the meantime!

1 - A, Block Qualified decentralises the entire credential process. 2 - C, Credential NFTs can only be minted to the solver of a Tester NFT. 3 - B, both are non transferrable NFTs. 4 - D, 6*20 ≈ 1015 (one quadrillion). 5 - *A, salts get voided, the solution hash is stored as part of the NFT, and the address of the solver gets stored inside the Credentials contract. The solving hash is only used for verification, and never gets stored in the blockchain. 6 - B, Block Qualified uses Poseidon, the ZK-friendly hash function. 7 - D, Block Qualified uses groth16 as its proving/verification scheme. 8 - C, the prize money for a Tester can only be obtained by either solving it first, or deleting it as the owner. 9 - D, salts ensure that solving transactions are both private and non-replicable. So since two answers are true, that means that none of them are the correct answer, and thus it is none of the above (bit of a tricky one, that's what they put me through in school). 10 - C, as explained in the home page.

So now you can try it out and earn your Basic understanding of Block Qualified NFT!

If you still have some questions, you can reach out at @0xdeenz.

Log in or sign up for Devpost to join the conversation.