Hello guys,

I have a question about the zero knowledge proof.

I have understood that Indy’s/Sovrins ZKP relies on Idemix. I have also read that the proof has been a little bit over-engineered. I wonder why the ZKF has been made so complex.

I have an alternative (at least a logical approach).

Suppose Alice has to proof: salary > $ 2000 (for applying a loan at the Thrift bank).

Her wallet has a valid credential (I prefer the word claim) “Job-certificate” with salary = $ 2400, signed by Acme, her current employer.

Alice’s **Indy app** could satisfy a proof request of the Thrift bank as follows:

- Load the json structure of Alice’s Job-certificate as a (UML) object
- Inspect the predicate “salary > 2000”, looking up the “fact” “salary” in the job-certificate object
- Substitute “salary” in the predicate by 2400
- Evaluate the expression “2400 > 2000”, which is true
- Send the proof result to Thrift bank

Assumptions:

• The published Job-certificate scheme on the ledger (published by who?) could be considered as a xml scheme.

• The content should be formalized and standarized, like for instance XBRL for financial reporting

• The published Acme-Job-certificate definition on the ledger (published by Acme) could be considered as an instance of the Job-certificate scheme.

• The Thrift bank must be able to lookup schemes on the ledger to compose their required proofs.

• The Job-certificate scheme contains meta-data like datatype, kind of salary, month or year salary, gross or net salary, currency and so on.

• Predicates (I prefer assertions) are regular expressions of conditions , that evaluate to true or false

• The predicates in a proof request must refer to a published scheme (not to a definition as denoted in the getting started guide!)

**Why is such a kind of a ZKF not secure enough?**

Kind regards

Frank Alleman