Reclaim Protocol: Verified HTTPS Traffic for Privacy-Preserving Proofs

Hello Optimism Community,

We are excited to announce the launch of the Reclaim Protocol, a robust solution for creating verifiable claims while preserving user privacy. Here’s a detailed and technical overview of how it works and why it matters.

What is Reclaim Protocol?

Reclaim Protocol (YC W21) leverages HTTPS session keys to generate zero-knowledge proofs (zkproofs) of users’ profile information. It creates digital signatures, known as zk proofs, of users’ identity and reputation on any website. These digital signatures are computed entirely on the client side, ensuring they are private and secure. When a user shares this proof with any application, one can be certain that its authenticity and integrity haven’t been compromised.

How Reclaim Protocol Works

Reclaim Protocol operates through a sophisticated mechanism that ensures the security and privacy of HTTPS traffic. Here’s a detailed technical breakdown of the process:

  1. User Interaction with HTTPS Proxy Server:
    • When a user logs into a desired website, their HTTPS request and the corresponding response are routed through an HTTPS Proxy Server known as the Attestor. The Attestor intercepts and monitors the encrypted packets transferred between the user and the website, ensuring that no private data is exposed during this process.
  2. Key Sharing and Attestation:
    • The user shares session keys that reveal non-private information of the request to the Attestor. The Attestor examines the request, which contains all data in plain text except for private information such as authentication credentials. The Attestor then generates a cryptographic signature to attest that the correct request was made, ensuring the transaction’s integrity without compromising user privacy.
  3. Zero-Knowledge Circuit and Regex Matching:
    • The encrypted response from the website is passed to a ZK circuit. This circuit uses a decryption key as a private input to extract a regex match on the encrypted data. The Attestor further attests that the public input to the ZK proof was indeed the encrypted data from the website, ensuring the response’s authenticity.
  4. Verification by Third-Party Applications:
    • With these signatures on the request and the encrypted response, along with the ZK proof itself, any third-party application can verify the existence and authenticity of the data on the user’s profile without compromising privacy. The combination of these cryptographic proofs ensures that data integrity is maintained throughout the verification process.

Security and Efficiency

An independent third-party research group from Purdue University has formally analyzed the security of proxy-based TLS models. The key result is that the security provided by Reclaim Protocol is equivalent to that established by much more bandwidth-intensive models such as MPC (Multiparty Computation) and garbled circuits.

This research confirms that while the proxy model is generally considered insecure for TLS, it is fully secure when used in the context of HTTPS, as implemented by Reclaim Protocol. The study explores potential attacks and mitigations, many of which are already implemented in Reclaim Protocol. Therefore, when questions about the security of Reclaim Protocol arise, we can confidently reference this formal definition of security.

The paper highlights that Reclaim Protocol’s approach is not only secure but also significantly more efficient than other industry approaches like Deco, TLSNotary, ZkPass, Pado, and Opacity, which rely on MPC. With this formal proof published in a respected publication, we have the external validation that solidifies our position as leaders in the industry.

A bonus is that Reclaim Protocol’s whitepaper has been cited in this research paper, marking our first citation. This recognition affirms the robustness and efficiency of our protocol.

Get Involved

We are committed to fostering an inclusive and transparent environment where all contributors have the opportunity to thrive. Whether you’re a seasoned developer, a budding entrepreneur, or simply passionate about the future of decentralized technology, we encourage you to explore and integrate Reclaim Protocol into your projects.

To learn more about Reclaim Protocol and how it can enhance your projects, please refer to our website linked above.

Join the conversation and connect with us on Telegram: Reclaim Protocol Telegram

We look forward to your thoughts, feedback, and any questions you may have. Join us in this exciting journey to enhance user privacy and data security!

Best regards,
Adithya Dinesh
Community & Growth, Reclaim Protocol