Biometric signatures for transactions

There are a number of wallets that do or will involve biometrics somehow, but that’s not enough to provide guarantee that only the account owner can execute transactions.

Very high level, transactions on Ethereum, for example, require a valid account, a non-zero balance and the account’s private key to sign the transaction with. I’d argue that in order for biometrics to be involved, a transaction should also require successful proof of biometric identification pertaining to the account owner.

This could be the proof of computation of a successful biometric authentication, in the form of a zk-SNARK. That way, the biometric data that is used or checked against is not revealed, only whether it was successful or not. This is possible because maths (https://crypto.stackexchange.com/questions/60668/can-zk-snarks-verify-the-results-of-turing-complete-computations).

This biometric data can reside on the blockchain or inside your phone’s security enclave (https://www.howtogeek.com/387934/your-smartphone-has-a-special-security-chip.-heres-how-it-works/), for example. Multisig or any other third party authentication data could be accepted as well for the non-human accounts which will outnumber us.

The rant above is about blockchains and IDs in general. I don’t think any existing blockchain does this already or plans for it in the near future. I however think it is possible and even necessary for adoption. Private key management is arguably the hardest thing to comprehend and do right by the average user. Using biometrics to generate, operate and recover accounts needs to happen somehow, perhaps the high level idea above can be a start.

I brought this here because you eat zk-SNARKs for breakfast, lunch and dinner. Looking forward to hearing your thoughts.

1 Like

This is a really interesting concept, and I think the compatibility of this “biometric authentication” algorithm with a zkSNARK is directly dependent on its complexity.

Do you have an example of code somewhere that implements a biometric check (fingerprint, iris, etc)?

Very interesting. I’m not familiar with biometric information much, but given this, I will be doing some basic research into it :).

At first glance, seems to me that, in order for this to work, there would have to be some information in the account record that would “identify” a biometric identity, ideally without revealing the underlying identity. Otherwise, there wouldn’t be a constraint we can encode in the snark between the biometric identity we confirm for the txn and the account in the ledger.

Thanks for the responses, guys. I’ve researched the topic a bit more, there are two interesting proposals:

https://link.springer.com/chapter/10.1007/978-3-319-72359-4_55 - they implemented biometrics and even short-term private keys on Hyperledger. From what I understand, there is a Biometric Certification Authority used that issues a 10kb Public Template Certificate, which takes some computing power to verify & seems to come from a centralized source (unless someone builds a blockchain based BCA).

This is another proposal from the guys at Veridium, who are looking at building something similar. Some of the links in there are dead in the meantime. https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/topics-and-advance-readings/Biometric-transaction-signing-on-blockchain.md

These guys are one of the many biometrics authentication services out there https://fidoalliance.org/how-fido-works/ Their strategy relies on devices and tokens, which can be lost & replaced, with some solutions existing to address that https://docs.google.com/presentation/d/1gjrgrh0dURyxj4o-yfzrXt6f220XbUghjSo9vDb6O60/edit#slide=id.g4510d03ea5_0_367

I don’t think that is suitable for blockchain integration though, so maybe just leave that as third party so they deal with all that stuff on their own. What could be done is trust some of these biometrics providers by accepting a SNARK of a successful user authentication (other methods for devices) as prerequisite for sending a transaction.

I read a lot more than I actually understand, so please try and read the links I provided rather than my interpretations :slight_smile:

Haven’t looked through the links yet (will try to do soon), but just some details on how this could be implemented at a technical level. We could set it up so that a biometric snark proof could be recursively composed into the transaction snark (and required to build a transaction snark proof if the account has a biometric identity attached to it). Then you would submit the biometric snark proof with your transaction when you submit it to the network. The big question here that would have to be answered is whether or not the additional constraints to verify the biometric snark would be expensive to implement in the transaction snark, and if the number of constraints required to prove a biometric snark are reasonable enough for account owners to produce in order to send a transaction.