KZero Wallet

[dejavukong]

Project Abstract

KZero is a keyless, self-custodial wallet solution that leverages zero-knowledge proofs (ZKP) and OpenID protocol. With KZero, Web2 users can directly access the blockchain and send transactions using their Google, Apple, or other accounts, eliminating the need to safeguard mnemonic phrases or pre-install wallet applications. Users can access Web3 applications without any restrictions. KZero can be integrated into any Substrate-based chain without disrupting its existing account system.

Grant level

• Level 1: Up to $10,000, 2 approvals
• Level 2: Up to $30,000, 3 approvals
• Level 3: Unlimited, 5 approvals (for >$100k: Web3 Foundation Council approval)

Application Checklist

• The application template has been copied and aptly renamed (project_name.md).
• I have read the application guidelines.
• Payment details have been provided (Polkadot AssetHub (USDC & DOT) address in the application and bank details via email, if applicable).
• I understand that an agreed upon percentage of each milestone will be paid in vested DOT, to the Polkadot address listed in the application.
• I am aware that, in order to receive a grant, I (and the entity I represent) have to successfully complete a KYC/KYB check.
• The software delivered for this grant will be released under an open-source license specified in the application.
• The initial PR contains only one commit (squash and force-push if needed).
• The grant will only be announced once the first milestone has been accepted (see the announcement guidelines).
• I prefer the discussion of this application to take place in a private Element/Matrix channel. My username is: @_______:matrix.org (change the homeserver if you use a different one)

[github-actions]

CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

[dejavukong]

I have read and hereby sign the Contributor License Agreement.

[takahser]

@dejavukong thanks for submitting this, this already looks great!

I have just a few questions:

• is the recovery mechanisms (for the case that ZK wallet is no longer maintained, at a later point) covered by this proposal?
• how is the ephemeral private key stored on the user's client?

Feel free to also have a look at my inline questions.

[takahser]

Could you elaborate on how the randomness is generated?

[dejavukong]

Add this content in a new section titled "Security and Privacy"

[dejavukong]

@dejavukong thanks for submitting this, this already looks great!

I have just a few questions:

• is the recovery mechanisms (for the case that ZK wallet is no longer maintained, at a later point) covered by this proposal?
• how is the ephemeral private key stored on the user's client?

Feel free to also have a look at my inline questions.

@takahser the recovery mechanisms are added in the proposal, along with the storage of ephemeral private key, included in the new section titled "security and privacy"

[takahser]

Sounds good, thanks for adding.
Could you clarify whether this is within the scope of this grant?

[dejavukong]

@takahser Given that these two mechanisms are not in conflict, we prioritize implementing the built-in recovery mechanism in this grant, while planning to develop the zkLogin + proxy mechanism at the application level in the future.

[takahser]

@dejavukong sounds good to me. Could you add this to the deliverables (or in case it's already added, point out which deliverable this would equate to)?

After that I'm happy to approve it.

[dejavukong]

@takahser included in Milestone 2

[takahser]

@dejavukong thanks for the updates and clarifications, adding my approval here. I'll also mark the application as Ready for Review and ping the rest of the grants committee to have a look at it.

In the meanwhile, could you submit KYB for your company? This should be the same entity that is going to send the invoices after completing each of the milestones.

[takahser]

@dejavukong sorry, I just realized that the DOT percentage is currently missing.
Note that at least 50% of the grants are supposed to be paid in DOT, see our template.

DOT %: Percentage of Total Costs to be paid in (vested) DOT (≥ 50%)

Could you add this info as well? After that I'll add my approval again.

[dejavukong]

@dejavukong sorry, I just realized that the DOT percentage is currently missing. Note that at least 50% of the grants are supposed to be paid in DOT, see our template.

DOT %: Percentage of Total Costs to be paid in (vested) DOT (≥ 50%)

Could you add this info as well? After that I'll add my approval again.

@takahser Added.

[semuelle]

Sounds good to me, happy to support this.

[bhargavbh]

The proposal contains sufficient technical depth and looks thorough. In general, this would be useful feature for onboarding new users and i am happy to support it.
I have one question, how does the attacker/threat model differ from Sui's zkLogin, is there any additional Substrate based assumption which crawls in your design?

[dejavukong]

@bhargavbh
Thank you for your support and insightful question. While we acknowledge Mysten Labs' pioneering work on zkLogin and consider their implementation as best practice (we follow their approach on salt service and ephemeral key storage), there are several key differences in our design due to Substrate's unique characteristics:

Address Format:
While Sui uses different prefixes to distinguish different address types, in Polkadot, address prefixes are reserved for network identification. Therefore, KZero's zkLogin addresses follow the standard Substrate address generation scheme without special prefixes. This design choice ensures seamless compatibility across all Relay chains and Parachains.

Replay Attack Prevention:
Due to fundamental differences between Sui's UTXO-like model (which prevents replay through object references) and Polkadot's Account model, we've implemented it following Polkadot's design. In KZero, the ephemeral private key signs transactions using the zkLogin address's nonce rather than a separate ephemeral key nonce. This ensures replay protection while maintaining compatibility with Substrate's account model.

Enhanced Recovery Mechanism:
KZero's zkLogin runtime incorporates a built-in recovery mechanism for each zkLogin address. This provides an additional security layer ensuring users can recover their assets even in extreme scenarios (like service interruption), which is particularly important for Substrate-based chains.

[keeganquigley]

Thanks for the deep dive @takahser LGTM. Excited to see this on Polkadot!

[PieWol]

Hey @dejavukong, this looks interesting. Happy to support this. Just one question: Which OAuth providers will you support in the SDK and thus the demo website of Milestone 4? Will I be able to login with e.g. my Google account?

[dejavukong]

@PieWol Sure thing! We'll set up with a frontend page and demo-kzero-node(with zklogin runtime) so you can try out all the features.

[PieWol]

@dejavukong could you please also include a DOT payment address?

[dejavukong]

@PieWol Included.

[PieWol]

Hey @dejavukong ,
sorry for the individual requests. We also would need you to change the USDT request to USDC. We only pay in DOT and USDC at the moment. See here.

Once thats done I'll re-approve.

[PieWol]

Thanks for the quick changes.

[semuelle]

We have enough votes to approve the grant, @dejavukong, but we are still waiting for you finishing the KYB process, as requested above.

[github-actions]

Congratulations and welcome to the Web3 Foundation Grants Program! Please refer to our Milestone Delivery repository for instructions on how to submit milestones and invoices, our FAQ for frequently asked questions and the support section on our website for more ways to find answers to your questions.

Before you start, take a moment to read through our announcement guidelines for all communications related to the grant or make them known to the right person in your organisation. In particular, please don't announce the grant publicly before at least the first milestone of your project has been approved. At that point or shortly before, you can get in touch with us at [email protected] and we'll be happy to collaborate on an announcement about the work you’re doing.

Also, if you haven't yet, consider signing up for the Polkadot Alpha Program. The program offers plenty of resources for people building on Polkadot. Lastly, please remember to let us know in case you run into any delays or deviate from the deliverables in your application. You can either leave a comment here or directly request to amend your application via PR. We wish you luck with your project! 🚀