The 6th KIR : Zkrypto_Zklay_Progress Report(1)

Klaytn Improvement Reserve

ZKlay : Zero knowledge based Klay to preserve privacy with verifiability for Klay transfer

Date: 2021.03.12


Along with the rapid growth of the blockchain market, digital assets using blockchain are emerging one after another. Thus, privacy and security issues for users’ digital assets are becoming more crucial. However, in Klaytn which is an account-based public blockchain, all activities and assets of users are available publicly. It not only reveals user privacy but also violates the privacy regulation like EU GDPR. Although the simple encryption of accounts and transactions can preserve privacy, it triggers two issues: how to ensure the correctness of the transactions and the accounts, and how to meet the other regulation of anti money laundering. It is important for Klaytn to meet the regulations which require privacy and verifiability.

This proposal aims to tackle the privacy and verifiability issue on Klaytn environment. To solve the problem, we propose a zero-knowledge proof based project called ZKlay. In the proposed ZKlay, the user account values are encrypted called zklay account (ZA). To transfer coins among ZA and external owned account (EOA), an anon_transfer function is called between the account model and the utxo model. A user can transfer the encrypted coins between the account model and the utxo model in an encrypted form while the correctness is guaranteed by the zero-knowledge proof. In the utxo model, the asset transfers are performed anonymously, in which the transfer is not traceable in public. Nonetheless, the proposed scheme allows an authorized auditing entity to trace the transactions if it is required. We will provide a technical report, and a software for the proposed ZKlay project.

This progress report contains the details on the progress at milestone 1.

Project Milestones and Schedule

At Milestone 1, we research the previous work related with privacy providing blockchain services such as Zcash, Zeth, and Zether. In addition, we design the Zklay protocol without security analysis.

ZKlay’s scheme is as following:

Fig 1. Overview of Zklay

Fig 2. Architecture of Zklay smart contract



• Auditor publishes its pk

•Using auditor’s private key, a ciphertext in a transaction can be decrypted

Encrypted Account (ZA)

•User account

•Each user has a private key and a public key

•The public key includes keys for auditing

•Account is a ciphertext of <u,v> where u is random and v is a value




•TriggerTransfer (sk,pk,pk′,dv′,pv,pv′,toEOA)

•dv’ : amount sent to a mixer

•pv : amount received from EOA (self)

•pv’ : amount sent to EOA (toEOA)

•Create a Tx = (π,rt,nf,addr,c′,ct′,pv,pv′,K′u,K′a,T′,CT′,toEOA)

Smart contract




•Verify a proof

•Manage root, nf, and account list

•Call transferFrom(self, this, pv) and transferFrom(this,toEOA, pv’)


•For a given transaction of (π,rt,sn,addr,c′,ct′,K′u,K′a,T′,CT′,toEOA)

•Compute k = K’aask

• <du’, dv’, addr’> = Dec(k, CT)

• The transaction reveals that dv’ amount is transferred from addr to addr’

Key Deliverables

At milestone 1, we write a technical paper explaining the Zklay protocol which is available at ZklayTechReport.pdf - Google Drive


The table below contains the status of invested resources.

Table 1: Resource investment (USD)

@Prop_hoh Thanks for your participation.
Could you share the technical report through google drive?
I can’t read the report.

I share the technical report in google drive.


1 Like