zkTLS Infrastructure
zkTLS retrofits non-repudiation onto the TLS protocol — enabling users to prove to third parties what a server said, without server-side changes. TLS provides confidentiality and server authentication but not portability: because session keys are symmetric, anyone holding the key can forge transcripts. zkTLS breaks this by introducing a three-party protocol — prover (user), server, and notary/verifier — designed so that the prover cannot fabricate server responses. The result: web data becomes a portable, verifiable credential. (→ [[devconnect-argentina]])
The Three Technical Modes
All zkTLS systems implement a security/performance tradeoff across three modes:
TEE-based: The TLS session runs inside a hardware enclave (Intel SGX/TDX). Fast and legacy-compatible. Trust assumptions: hardware manufacturer + operator. Easily blocked by servers that IP-ban known TEE providers.
Proxy-based: A verifier or prover sits inline as a relay. Two sub-variants: verifier-proxy (weaker prover privacy, easier to block) and prover-proxy (harder to block, weaker protocol soundness). ~10× faster than MPC but soundness depends on network topology.
MPC-based (2-Party Computation): Prover and verifier jointly hold the TLS session key via cryptographic secret sharing. Neither party can unilaterally forge traffic. Strongest security. Cost: ~23MB bandwidth per 1KB request using garbled circuits. Mitigated by QuickSilver (vole-based interactive IVC): sub-second proof times for KDF/AES circuits, but designated-verifier only (not publicly re-verifiable).
After the TLS Session: Proof Options
- Selective disclosure: reveal byte ranges, redact others. Leaks redaction length as a side channel (adversary learns “this field was 24 bytes”).
- ZK proofs over transcript: prove predicates (age > 18, balance > X) without revealing the underlying value. SNARKs (Groth16) are publicly verifiable but memory-intensive for large TLS circuits; QuickSilver is fast but interactive.
- ZKVM over attested data (RISC Zero, Brevis Pico/RISC-V 32-bit, Nexus): arbitrary computation on committed plaintext. Enables complex aggregation, business logic, and multi-source proofs. Canonical production pipeline: TLS session → notary attestation → ZKVM proves correct verification → Groth16 on-chain → smart contract.
Performance Benchmarks (Devconnect 2025)
| Operation | Time | Source |
|---|---|---|
| Browser extension proof (2–8 KB request) | 15–20 seconds | vlayer |
| Mobile proof (ZKP2P, local SNARK) | 5–6 seconds | ZKP2P |
| TLSNotary default (local) | ~1.5 seconds | Verity |
| Verity with domain pre-warming | 0.5 seconds | Verity |
| QuickSilver (KDF/AES, MPC) | <1 second | Primus |
| Large payload (200 KB ChatGPT image) | <2 minutes | Primus |
| MCP data marketplace (+proof overhead) | +20–30 seconds | MCPay |
| MPC bandwidth per 1 KB request | ~23 MB | Primus |
| Proxy vs. MPC speed ratio | 10× faster (proxy) | Primus |
| Cost (QuickSilver, trillion gates) | <$2 | Primus |
| Primus decentralized notary (on Base) | 80% fees to testers | Primus |
Application Landscape
P2P Fiat/Crypto Settlement (most mature)
ZKP2P (Sachin): zkTLS replaces the screenshot in P2P trading. Smart-contract escrow unlocks on verified proof of Venmo/Revolut/Wise payment. $2M/month volume; $700K/month on Venmo, >$1M on Revolut; <60-second end-to-end settlement. Live on Base, Arbitrum, Solana, Hyperliquid, Ethereum. Mobile proof: 5–6 seconds.
Mansa Finance (Ricardo): Cross-border payment liquidity. $4 trillion trapped in nostro/vostro accounts globally (T+3 settlement). zkTLS proof of bank balance or SWIFT transaction replaces PDF/screenshot → instant B2B lending against verified collateral. Proof stored on IPFS + EAS + on-chain. Flow completes in <1 minute.
Undercollateralized / Alternative Credit
Stormbit Labs (Mehdi): Fixed-term, no-liquidation DeFi lending using zkTLS creditworthiness proofs. Borrowers prove income (Stripe, Binance KYC) without revealing identity. DeFi lending currently $83.7B TVL — less than 0.1% of the $100T global credit market, gated primarily by overcollateralization requirements. Targets YouTubers, freelancers, traders, Airbnb hosts.
Cr3dentials (Kofi): Income verification for gig economy workers invisible to traditional credit. Targets LatAm: Lemon has 5M users with no income visibility; dollar depreciation ~90% over 25 years in Argentina. Pilot: micro-credit for Uber drivers (Cassie Money). Enables digital-nomad income portability and borderless credit scores.
Identity / Proof of Humanity / Sybil Resistance
Bring ID (Mikhail): Web-account activity (Uber trips, Apple device ownership) as proof of personhood. MPC-TLS + TLSNotary + Semaphore for on-chain unlinkable nullifiers. >10,000 extension installs; >2,000 successful verifications. Sybil-resistant airdrop faucet that cannot link Web2 identity to wallet address.
Reclaim Protocol (Maduan): 21,000 providers live on dev.reclaimprotocol.org. Enterprise thesis: AI-generated screenshots are accelerating fraud — zkTLS is anti-AI-fraud infrastructure. Use cases: recruiting credential verification, insurance, retail status-match. 17,000 universities alone as potential credential issuers.
Social / InfoFi / Reputation
Nillion + Primus / Ticker.app (Dimitris Mouris): TLShare — multi-prover, multi-server zkTLS feeding FHE or MPC nodes for joint computation. Ticker.app: live leaderboard of trading P&L from Binance and Hyperliquid, computed inside a TEE. Replaces the fake-screenshot economy for crypto signal sellers. Verifiable performance = basis for subscription services.
Brevis + Kaito (Michael Dong): Social leaderboard (Twitter yappers) with verifiable DeFi activity. Pico zkVM (RISC-V 32-bit, among fastest per claim). MetaMask, PancakeSwap, Uniswap, Aave use Brevis as a zkVM co-processor. InfoFi without doxxing: social weight multipliers based on verified on-chain behavior without wallet linkage.
Data Infrastructure / Oracle Primitives
Verity / Usher Labs (Ryan): ETL pipeline with domain pre-warming (1.5s → 0.5s for known domains), ZK rollup of multiple TLS attestations (destructure proof: private part in ZKVM + public part on-chain). 90% reduction in Internet Computer oracle costs. Application: fiat-backed DEX depth — prove bank balance → back stablecoin liquidity on Uniswap.
Opacity (0xWildhare/Steve): The “other hard problem” — request reverse-engineering, burner accounts, variable-length responses. ZK response transformation: omit rather than redact fields (eliminates length side-channel). Restaking-based economic security for notary network (design stage).
AI Agent Data Marketplace
MCPay (Luís Freitas): zkTLS proof bundled inside the MCP meta field of each API response — guarantees AI agents received authentic data with cryptographic receipt. Pay-per-call: “a few cents” for Twitter API data vs. $200/month subscription. Currently adds 20–30 seconds per request; early stage (hackathon origin). See also Oracle Infrastructure for the oracle-proof-machine connection.
The Unsolved Trust Problem: Malicious Notary
The hardest open problem in zkTLS is collusion or a malicious notary. A single notary can sign fabricated attestations. Approaches in various stages:
| Approach | Security | Status |
|---|---|---|
| Multi-notary honest-majority | Degrades linearly | Deployed (TLSNotary) |
| Multi-party MPC handshake with notaries | Strong but timeout risk | Theoretical |
| Notary in TEE + smart-contract random selection | TEE trust | Deployed (Primus, on Base) |
| Restaking economic security | Economic deterrent | Design stage (Opacity) |
No solution combines decentralization, performance, and cryptographic trustlessness simultaneously.
Key Design Tensions
MPC vs. Proxy: MPC is cryptographically strongest; proxy is ~10× faster. Neither dominates — choice is use-case-dependent.
Static circuits vs. general computation: Basic zkTLS attests data; it cannot aggregate or run business logic natively. ZKVM integration (Brevis Pico, RISC Zero) enables arbitrary computation but adds cost and latency. The “DVC mode” (Data Verification + Computation) — zkTLS → zkVM → on-chain proof — is the emerging standard but not yet formalized.
Interactive vs. publicly verifiable proofs: QuickSilver (vole-based IVC) is fast but designated-verifier only. SNARKs are publicly re-verifiable but memory-constrained for large TLS circuits. Implication: QuickSilver proofs are suitable for delegated trust contexts (e.g., smart contract calls) but not for independently auditable archives.
Data source maintenance: Private API schemas change without notice. Maintaining request templates at scale is operationally expensive. Panel consensus (Devconnect 2025): this is the primary near-term bottleneck, not the cryptographic layer. Solution: 21,000-provider community repos (Reclaim) and domain pre-warming automation (Verity).
Standardization vs. fragmentation: Multiple incompatible implementations (TLSNotary, Reclaim, Primus, vlayer, Opacity). No shared attestation format, no L2Beat-style observability dashboard. Panel consensus: still too early to standardize. Need more production deployments to identify stable interfaces. MiCA-driven EU P2P volume (effective January 2026) is expected to sharply accelerate production deployments.
Connections
- Oracle Infrastructure — zkTLS as “proof machine” generation; Verity’s ETL pipeline; ZK TLS oracle integration
- Bridge Security & Cross-Chain Interoperability — ZKP2P and Mansa Finance use zkTLS as the payment proof layer for intent-based settlement
- DeFi Institutional Transition — Undercollateralized credit via zkTLS (Stormbit, Cr3dentials) as the path to closing the $100T credit market gap
- Privacy as UX Design — zkTLS enables private credential portability; connects to Kohaku wallet and oblivious RPC
- ZK Proving Infrastructure — Brevis Pico zkVM, Primus QuickSilver, RISC Zero; zkTLS as ZK application layer
- Metadata Privacy — Selective disclosure length side-channels; TLShare multi-prover multi-server pattern
Open Questions
- Can restaking-secured notary networks (Opacity’s design) achieve economic security sufficient for high-value applications?
- Will a standard attestation format emerge organically from ZKP2P/Mansa/Reclaim production deployments, or does it require deliberate standardization effort?
- Does the MCP + zkTLS proof bundle (MCPay) become a standard for AI agent data authenticity? Can 20–30s latency drop enough to be practical?
- At what point does the financial institution channel (Mansa, Stormbit) trigger regulatory scrutiny of zkTLS credit as unlicensed lending?
- Does MiCA-driven P2P volume in the EU (January 2026) produce the deployment density needed to resolve the data-source-maintenance bottleneck?