ZKP-based Full Privacy Protocol Extension for Arianee cover
Case Study

ZKP-based Full Privacy Protocol Extension for Arianee

ArchitectureSmart ContractsWeb3AgileOpen Source
Node.jsTypeScriptSolidityFoundryEthersCircomCircleCI

About

Arianee1 is the leading protocol for creating tokenized Digital Product Passports (DPPs) for global brands. While the protocol empowers brands to operate on public blockchains, this transparency presents a major privacy challenge, exposing two types of sensitive data: off-chain metadata and on-chain activity. The Arianee Privacy Gateway2 already protects the private content of a DPP, but a brand's on-chain actions such as minting, transferring, or updating passports remain publicly visible, revealing business intelligence to competitors.

To solve this on-chain privacy problem while upholding the protocol's core principles of being open and self-custodial, a cryptographic solution was required. A simple centralized wallet, for instance, was not an option. Building on the foundation of the new upgradable Protocol v2, my mission was to design and build the Full Privacy module3. The goal was to leverage Zero-Knowledge Proofs (ZKPs)4 to allow brands to prove their administrative rights and manage their DPPs on-chain with complete anonymity.

The challenge was to empower global brands to operate on a public blockchain with the confidentiality of a private ledger, using Zero-Knowledge Proofs to prove ownership without revealing identity.

Work

  • [x] Researched, formalized, and architected a ZKP-based solution to enable anonymous management of ERC-721 tokens (DPPs) on a public blockchain.
  • [x] Developed the Solidity smart contracts5 for the Full Privacy protocol extension, allowing issuers to manage NFTs with ZKPs.
  • [x] Engineered the ZK circuits using Circom6, which serve as the cryptographic foundation of the privacy-preserving authentication system.
  • [x] Built a client-side TypeScript library using CircomJS to provide a seamless developer experience for generating proofs and interacting with the new privacy-enabled protocol features.
  • [x] Extended the main Arianee SDK with a "Full Privacy" mode, allowing existing clients to adopt the new privacy features with minimal changes.
  • [x] Managed the end-to-end security audit process for all smart contracts and circuits with the external auditing firm Veridise.

Results

  • Delivered a first-of-its-kind, production-ready privacy layer for a leading Digital Product Passport protocol.
  • Empowered brands to manage their DPPs (NFTs) on a public blockchain with complete anonymity, solving a critical barrier to enterprise adoption.
  • Ensured the highest level of security for the entire system through a comprehensive, successful external audit by Veridise.
  • Provided developers with a seamless integration path via a dedicated TypeScript library, abstracting away the complexity of ZKP.

Resources

  1. Arianee: Enterprise Solutions for Digital Product Passports (Website)
  2. Docs: Arianee Privacy Gateway (Docs)
  3. Docs: Full Privacy (Docs)
  4. How are we using Zero-Knowledge Proofs to create on-chain privacy for Digital Product Passport? (Article)
  5. GitHub: Arianee Privacy Contracts (Repository)
  6. GitHub: Arianee Privacy Circuits (Repository)

This project successfully brought private NFTs management to public blockchains, delivering an audited, production-ready Zero-Knowledge Proofs extension for the Arianee Protocol.