Alright, so I just read this blog that got me thinking what if we could prove stuff like “yes, I have a bank account” or “my balance is above $1000” without actually showing any of that info?
That’s the vibe behind zkTLS, a new-ish protocol that combines zero-knowledge proofs with regular old HTTPS (TLS). Here's the post that kicked it off:
👉 https://oasis.net/blog/zktls-blockchain-security
It’s basically a way to verify that some secure interaction with a website happened without revealing anything sensitive. And it’s not sci-fi, there are already a few teams working on real use cases.
So why should anyone care?
Because Web3 dapps today are kinda limited to public on-chain data. If you want to prove something like “I have a good credit score” or “I pay for Spotify” you either need to trust a centralized oracle, or overshare your data.
With zkTLS, you could just… prove it cryptographically. No middleman. No leaking personal info.
How does it work?
There are a few approaches:
MPC-based (decentralized key generation)
TEE-based (using secure hardware like Intel SGX)
Proxy-based (a server watches traffic and generates a ZK proof)
Each one has pros/cons (performance, trust assumptions, complexity), but the general idea is to make TLS sessions provable in ZK.
Real-world use cases?
Some cool ones mentioned:
Proving you’re over 18 without doxxing yourself
Verifying your off-chain balance for DeFi loans
Pulling in scores/reputation from Web2 apps (Uber, Airbnb, etc.)
Login-less access to content (e.g., “I have Netflix, let me through”)
Some existing projects using similar ideas:
zkPass, zkFetch, Opacity, DECO + Teller
Why I think this matters:
If crypto really wants to eat the world, it needs to interact with the world and right now, Web3 apps can't “see” any of your real-life data unless you hand it over. zkTLS might be the bridge that makes this both possible and private.
Not just for DeFi this feels big for identity, governance, access control, even gaming.
Curious what you all think:
Which zkTLS approach is the most promising?
Would you trust a zk proof that came from a TEE-based system?
What’s your dream use case for this?
Full blog post here: https://oasis.net/blog/zktls-blockchain-security
Top comments (1)
zkTLS feels like a huge unlock, finally a way for Web3 to tap into Web2 data without sacrificing privacy or decentralization. TEE-based approaches (like what Oasis is exploring) seem like a solid middle ground: hardware-backed, fast, and already in production.