Q: If how Verifiable Credentials (VCs) work is inherently Zero-Knowledge (ZK), then what does the ZK layer in Citopia do?
A: VCs are not inherently ZK. Typically they will contain clear text data making claims about a subject that might be pseudonymous when using DIDs and attested to by a VC issuer that might also be using a Decentralized Identifier (DID). But that is not ZK. ZK in a VC is, for example, attesting to a ZK proof that the subject is over 21 years of age without revealing the birthday at the time the VC was issued.
Q: Is it more of a verification that ZK is actually being preserved?
A: It is a verification that a ZK proof was created at a specific point in time, more than anything else. But that is a very powerful statement by itself since otherwise, you cannot prove when a ZK proof was created.
Q: Interaction between digital twins is zero trust (ZT) in a network, but if a digital twin is accessed by an API, is it still a ZT network?
A: Yes, it is as long as the requester of the Self-Sovereign Digital Twin (SSDT) API is required to prove its identity using public key cryptography every time the requester accesses the API of the SSDT.
Q: What is the difference between the Citopia nodes being connected using Citopia API vs the Citopia nodes being connected via ITN?
A: Citopia Nodes connected to one another are network nodes in one network connected to one another, as network nodes are in IPFS or Bitcoin or Ethereum. Citopia Nodes connected to the ITN are one network talking to another network – cross-network node communications.
Q: When do the Citopia nodes communicate with one another?
A: Only when one node wants to discover or access services and applications in another node or when Citopia membership credentials are replicated between nodes.
Q: Is it strictly for peer-to-peer communications, such as proof presentations?
A: Basically, yes.
Q: I think peer-to-peer communication including write transactions is slow, what is the tech in order to speed up the communication?
A: Requests between Nodes can be processed in parallel. Therefore, more powerful compute and network infrastructure improves throughput.
Q: Is it correct to understand that interaction between Citopia API nodes is ZT and interaction between Citopia applications is ZT but interaction between Citopia API node and Citopia application node is NOT ZT because that API interaction is not by ZT (DID to DID)?
A: Communication within a Citopia node is within a trust boundary. Therefore, although all traffic is encrypted, not all applications must authenticate each other. However, all external requests made to a Citopia node must be authenticated and authorized by the Citopia node and by the targeted Citopia Application – double verification.
Q: Which ensures ZKPs? SSDTs by themselves or SSDTs with Citopia services or SSDTs and Citopia services interacting with core services?
A: ZKPs are generated and verified by Citopia Services or — a bit later on the roadmap due to required optimizations — directly within a Citopia SSDT as part of an SSDT’s capabilities.