This Python repository implements a "Zero-Knowledge" Proof (ZKP) system combined with HMAC for secure authentication in messaging applications. It allows proving possession of secrets without revealing them, enhancing privacy and security for authentication, authorization, and accounting (AAA) operations. The target audience includes developers building secure communication systems and those interested in privacy-preserving cryptography.

How It Works

The system leverages Schnorr's Protocol with a state seed for ZKPs, enabling a prover to authenticate to a verifier without disclosing sensitive information. HMAC is integrated to ensure message integrity and authenticity. The ZKP component verifies identity or credential possession, while HMAC guarantees that messages are unaltered and originate from the expected sender, creating a robust, layered security approach.

Quick Start & Requirements

• Install via pip install -r requirements.txt (assuming a requirements.txt file exists).
• Requires Python 3.x.
• Example usage demonstrates client-server interaction using Queue and Thread for simulation.
• Official documentation and detailed examples are available within the README.

Highlighted Details

• Implements Non-Interactive "Zero-Knowledge" Proofs (NIZKPs) for text-based secrets.
• Integrates HMAC for message authentication and data integrity.
• Supports elliptic curves like secp256k1 and secp384r1 with hash algorithms such as sha3_256 and sha3_512.
• Provides clear API components for ZKP parameters, signatures, proofs, and data wrappers.

Maintenance & Community

• Developed by zk-Call.
• No specific community channels (Discord/Slack) or roadmap links are provided in the README.

Licensing & Compatibility

• The README does not explicitly state a license. This requires clarification for commercial use or integration into closed-source projects.

Limitations & Caveats

• The README mentions that while efforts are made to explain the proofs, deeper understanding may require consulting external research papers.
• No explicit mention of production readiness, performance benchmarks, or extensive testing is present.