ZK for legacy ECDSA
I wanted to survey some of the recent results regarding zero-knowledge proofs for legacy signature schemes like ECDSA. The main motivation for such a primitive has been the EU’s recent push for privacy-forward identity systems. In both this EU regulation, and a recent tender offer to develop age-assurance solution, the EU has codified the need for ZK proofs about identity attributes. While the crypto community has been tackling the problem of asserting identity attributes (e.g., age-over-18) for decades via the notion of anonymous credentials, deploying such anonymous credentials at scale will require a few critical new pieces. In my opinion, the only viable path is to develop ZK for legacy signature schemes like ECDSA. ...