Zero-Knowledge Proofs

The Need for Privacy

Many required verifications involve sensitive data, such as Personally Identifiable Information (PII) from a KYC provider, private financial records, or other confidential credentials.

The NEUS protocol must be able to verify claims based on this data without ever seeing, storing, or exposing the raw data itself. This is achieved through the use of Zero-Knowledge (ZK) proofs.

The Core Principle: A ZK proof allows a "Prover" (the NEUS protocol) to convince a "Verifier" (a smart contract or a user) that a statement is true, without revealing any information beyond the statement's validity.

For example: "I can prove this user passed KYC with Coinbase, without revealing their name, date of birth, or country."

Modular Zero-Knowledge Stack

NEUS uses a modern, general-purpose ZK stack to make building and running privacy-preserving verifiers as simple as possible.

RISC Zero: The ZK Virtual Machine

Instead of using low-level, hard-to-write circuit-specific languages, NEUS uses the RISC Zero zkVM.

• What it is: A Zero-Knowledge Virtual Machine that can prove the correct execution of standard Rust code.

• How NEUS uses it: Our "circuits" are actually guest programs written in Rust. These programs take private data as input, perform validation logic, and output a public result. The zkVM then generates a proof that the program ran correctly.

• Example: A NEUS guest program takes private user claims as input, validates them cryptographically, and outputs a minimal public result (e.g., wallet address + proof success) — all without revealing any sensitive content.

Step-by-Step Breakdown

1. Initiation: A user requests a ZK-enabled verification (e.g., zk-verifier or forceZK: true).

2. Data Retrieval: NEUS uses a secure proxy service to retrieve the user's private claims from a trusted source (such as an identity provider).

3. Isolation: These sensitive claims are held only in memory and never persisted.

4. Proof Request: The NEUS verification engine securely submits these private inputs to the zero-knowledge proof orchestrator. The engine does not interpret or store the data.

5. Proof Generation: The orchestrator forwards the private input to a ZK proving service (compatible with a pre-registered verifier program) which handles proof computation.

6. Immediate Response: The NEUS API immediately returns a tracking identifier (qHash) to the user while proof generation occurs asynchronously.

7. Completion: Once the ZK proof is finalized, the orchestrator updates the proof record in NEUS's verification database with the resulting receipt. The original sensitive data is discarded, and only the cryptographically secure proof remains.

This process ensures that NEUS can verify sensitive information without ever taking custody of it, maintaining strict user privacy and minimizing trust assumptions.