Had someone on twitter think they know more than me about zkTLS.

Test your understanding and see if you can spot why this person is wrong without opening the thread.

cc @avichalp

@lithdew @AFDudley0 @hdevalence @OpacityNetwork All i said was its 30s default on nginx.

&gt; point me to the specific part of the protocol that makes it necessary to generate the proof during the request.

We use mpc. You have to:

1. Open socket connection
2. TLS handshake in mpc
3. Encrypt request (potentially in mpc)
4.… https://t.co/LCLAOGi1kd

@Euler__Lagrange @AFDudley0 @hdevalence @OpacityNetwork It takes a few seconds to generate a ZK proof to prove a merkled TLS trace (MPC isn’t necessary but also takes only a few seconds either way). How you got to having to deal with timeouts is what I’m not understanding here and what I’d like you to point out.

Kenta Iwasaki

Had someone on twitter think they know more than me about zkTLS.

Test your understanding and see if you can spot why this person is wrong without opening the thread.

cc @avichalp 

https://x.com/lithdew/status/1875026558899089900?s=46

Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

/opacity
/eulerlagrange

Building https://addr.id •
Also web3 tech lead at Ubisoft

I think that's the main misunderstanding for most people (was mine for longer than I care to admit!)

A doodler and computerer. I like permissive/permissionless open source, smart contracts, p2p systems, room-scale VR, and NixOS.

shazow.net

Currently: WhatsABI

Was for me too man, there’s no shame.

I’ve been in crypto since i was 16. We deal with asymmetric crypto which makes life easier.

I think I skipped symmetric crypto altogether and just assumed everyone is smart enough to use asymmetric.

Life lesson: don’t skip fundamentals

I was familiar with both, I just made an incorrect assumption that I held for a long time. It actually wasn't until I dug deep into zktls that I realized  my assumption about how TLS worked as wrong!

Even having written a very popular http library, I just never had to touch TLS at a low level enough for it to matter.

Does that mean that it's not possible without your MPC solution (with the current state on ZK research) to first prove that the initial handshake and key exchange is valid, and then prove the symmetric exchange, without revealing any secret?