This feature is similar to [CLI Feature] Sign message, except way more in the spirit of Coda and zero-knowledge proofs!
Story: In the backdrop of the 2017 Equifax data breach (impacting an estimated 143 million US consumers), a person now wants to prove something private (a balance) to a third-party (a financial institution) without leaking any personal information.
Coda can possibly do this great thing for humanity!
Instead of signing a message with a specific address’s private key as in [CLI Feature] Sign message, implement a client command that creates a proof-of-balance with zero-knowledge about the account in question and the precise balance.
From the high-level a user/person simply wishes to prove to an off-chain third-party
“I own a Coda account with balance at least X”
without disclosing any account information or any further balance information.
Specifically, the proof-of-balance should not disclose:
- Which account is being proved
- The exact balance of the account
From the third-party’s perspective, to verify the proof they would need
- The current Coda succinct blockchain proof
- The user in questions proof-of-balance
- Some piece of information that links the proof-of-balance to the real person in question and prevent replay attacks (n.b. this can be a shared secret between the user and the third-party)
Given this information, the 3rd party should be able to cryptographically verify that the person in question controls a Coda address with balance > X.
Coupled with the succinct blockchain, this feature seems like a great application of the power of Coda, which in light of recent privacy disasters such as Equifax, would really motivate interest in Coda.