Introduction

Orange Pass

Orange Pass is a Chrome extension designed to protect and authenticate users' Web2.0-related information using Zero-Knowledge Proofs, storing the proof on the blockchain or providing it to third-party services.

Why Orange Pass

In the traditional data verification and validation process, the Prover submits their information to the Verifier. The Verifier retrieves this data and collaborates with the data source to perform authentication checks. In this model, the Verifier acts as an intermediary or broker.

Each party in this scenario faces unique challenges: for the Prover, there is a risk of exposing too much personal information; for the data source, despite being a trusted provider, it cannot offer personalised verification services; for the Verifier, they have access to all customers' private data with full visibility, posing significant risks of data breaches.

Orange Pass is designed to solve this problem. By using Orange Pass, the Prover can securely and quickly prove to a Verifier his information on any web2 website without compromising the privacy of his data.

Features

  • Privacy Preserving: Utilize Transport Layer Security(TLS) and Zero Knowledge Proof (ZKP) technologies to ensure users' information and actions are not exposed.

  • Tamper-Proof Information: Employ cryptographic schemes such as digital signatures and on-chain storage to ensure users' information and actions cannot be altered.

  • Fast and user-friendly: Without much interaction, users can generate proof in seconds and present it to any third party.

System Architecture

Basically three parties are involved in generating proofs:

  • Prover: Browser extension, which initiates proof on behalf of the user, such as proving that the amount of funds in a certain exchange is greater than 100 USD.

  • Verifier: The validator, which acts on behalf of the third party who wants to verify user information on a web2 website.

  • Server: The web2 service provider, which has the user's information.

Orange Pass has two different modes, MPC mode and Proxy mode. For performance reasons, the Orange Pass defaults to Proxy Mode. MPC Mode is only used in cases where certain APIs do not support proxy access.

MPC Mode

The Prover and Verifier act together as the client, performing MPC (Multi-Party Computation) calculations and communicating with the Server. The Verifier holds part of the key, allowing data verification without decrypting the data, ensuring both data privacy and verifiability. Details can be found here.

Proxy Mode

The Prover acts as the client, communicating with the Server through the Verifier's proxy. The Verifier records all communication between the Prover and the Server but does not hold the key, so it cannot decrypt the communication data. Details can be found here.

Extension Backend

The extension backend verifies whether the attestation passes based on the schema configuration. If it passes, the attestation is signed and returned to the plugin.

The extension can send the signed attestation to third-party applications or invoke a smart contract to store it on the blockchain.

PreviousGet Campaign Info using APINextMPC Mode

Last updated

Was this helpful?