[HN Gopher] Confess your love with zero-knowledge ___________________________________________________________________ Confess your love with zero-knowledge Author : amirGi Score : 206 points Date : 2022-06-03 15:52 UTC (7 hours ago) (HTM) web link (www.zkcrush.xyz) (TXT) w3m dump (www.zkcrush.xyz) | AndrewStephens wrote: | I used a similar technique to obfuscate the answers in a silly TV | quiz[0] I wrote a couple of years ago. | | I have a terrible habit of looking at the source of web-based | puzzles to discover the solutions and wanted to make something | where that was impossible. | | My solution was to use the given answers as the key to decode a | small blob of data. Multiple correct answers (different | spellings) were handled by simply encoding the blob multiple | times and trying them all. | | Everything happens client side but at no time does the client | store any information about the answers unless the user proves | they know them by typing them in. | | [0] https://sheep.horse/2020/4/tv_opening_sequences_quiz.html | skrebbel wrote: | I sent it to my wife but she spelled her own name wrong and now | she thinks I have a crush on someone else | anthropodie wrote: | Now you either gotta point out her mistake or you gotta admit | you have crush on someone else. Good luck getting out of this | :) | skrebbel wrote: | I told her I have zero knowledge of any of this | andrewstuart2 wrote: | OP should probably trim whitespace too. I sent it to my wife | and it's not a match either, because there was a trailing space | left by her keyboard. | ntoskrnl wrote: | Don't forget normalizing unicode. You don't want to see Jorge | fighting with Jorge. | runj__ wrote: | It does handle emojis though! In case... Uhhh... You have | emojis in you name? | dylan604 wrote: | Don't give Musk any ideas! | splitstud wrote: | 0xedb wrote: | lmao | sshine wrote: | I did the same. | | I never had a thing for good spellers. | easton wrote: | Context: http://sigtbd.csail.mit.edu/pubs/2016/paper10.pdf | natly wrote: | I think this is the first time I've understood zero-knowledge | communication. | drdaeman wrote: | As far as I understand it (and I'm not a cryptographer!), it is | not zero knowledge. | | _Zero_ knowledge means you can prove you know something | without disclosing _any_ additional information about it, _at | all_ - that 's why it's called "zero". And here, a hash of | crush name is exposed, so it's not. | | Check this out for a much better explanation: | https://crypto.stackexchange.com/questions/70877/is-a-hash-a... | lvass wrote: | >Zero knowledge means you can prove you know something | without disclosing any additional information, at all | | This is physically impossible and definitely not what ZK | means. | drdaeman wrote: | I could be wrong, yes. | | But why impossible? Take this example: | https://en.wikipedia.org/wiki/Zero- | knowledge_proof#Discrete_... - all parties exchange are | essentially random numbers (which doesn't count as | "additional information"), yet they establish the fact that | Peggy knows _x_. There 's that footnote about how _r_ must | be truly random, of course, but as long as everything 's | done right there is no additional _information_ there | whatsoever, only random _noise_. | | Side note: one thing I certainly don't understand are NI-ZK | - while I think I have some rough understanding of how | interactive ZK proofs work - well, I mean, I've read | Quisquater et al.'s "How to explain zero-knowledge | protocols to your children" - but I'm pretty clueless how | they manage to make such things non-interactive. | lvass wrote: | Any information exchange must go through a medium and | it's not possible to create one with zero metadata. | drdaeman wrote: | Oh, I think I see your point now. But I think it's a | weird argument, to be honest. | | I suppose the fact that it's Peggy and Victor who are | running that protocol is simply irrelevant. They're | talking about that value of _x_ after all, and nothing | related to that topic is revealed beyond the proof of the | fact that Peggy knows it. If she 'd appear in person, | wherever she wears a red shirt or a white one would be | might be considered "information" but it would be | completely out of scope. | go_to_moon wrote: | This isn't zero knowledge, like, at all | | "The essence of zero-knowledge proofs is that it is trivial to | prove that one possesses knowledge of certain information by | simply revealing it; the challenge is to prove such possession | without revealing the information itself or any additional | information." | lvass wrote: | "In cloud computing, the term zero-knowledge (or occasionally | no-knowledge or zero access) refers to software services that | store, transfer or manipulate data such that it is only | accessible to its owner, not to the service provider." | drdaeman wrote: | > In cloud computing | | Your quote heavily misspells "bullshit marketing" ;) | | For marketing reasons, people try give things fancy names, | even if those names are misused and are completely wrong. | This is exactly what happened with all those "zero- | knowledge encrypted cloud storages" and so on. | agucova wrote: | This seems to imply terms can only have and only one | "right" definition, which is not how languages work, at | all. | | Clearly there are two big clusters of meaning for "zero- | knowledge" and they seem distinct enough to not overlap. | Seems fine to me. | [deleted] | ok_dad wrote: | I might be an old timer but there used to be a site where you | would put in your email and your crushes email and if they did | the same you'd both be notified. I don't remember the name of the | site now though. | dylan604 wrote: | allyourcreditarebelongtous.com? | | i assume at this point in life that any site doing something as | silly as this has ulterior motives for the site's existence. | aarondia wrote: | To stop my friends from using this to guess who my crush is, a | fun iteration could be instead of entering the person's name, you | enter the last text you sent, place you met, etc. Something only | the two of you would know ... and maybe even something romantic | :) | macintux wrote: | Virtually guaranteeing you'd never match even if you match. | a-dub wrote: | that's called salting. | jonahbenton wrote: | What if you love hashes? | paxys wrote: | Nice. Kinda along the lines of what made the current generation | of dating apps (starting with Tinder) so popular. Take a large | group of 1st and 2nd degree friends. People anonymously select | who all they'd like to get with. If there's a match, both parties | are notified. If not, no one gets to know. It's such a simple | concept, and it's odd that someone like Facebook wasn't able to | capitalize on it first despite providing all the infrastructure | (the social graph) to make a service like this possible in the | first place. | snarkconjecture wrote: | What does this achieve that posting "text me and I'll tell you if | I have a crush on you" doesn't? | | Or texting your crush directly? | | I suppose it's a useful commitment mechanism for proving you | aren't telling everyone they're your only crush, but that seems a | bit of a niche use case. | mikebenfield wrote: | 1. Since it's an external web site with a little bit of tech | behind it that presumably others are using, it might seem less | desperate or strange than the post you suggest. | | 2. The potential crushee can do the check without notifying you | they're doing so. They might be too embarrassed/intimidated to | actually tell you they're interested in whether you have a | crush. | m00dy wrote: | I hardly see how this is related to zero-knowledge | ghayes wrote: | Yeah zero-knowledge is supposed to give you no usable | information, but brute-forcing aside, the fact anyone can learn | they are _not_ the target is knowledge, right? | m00dy wrote: | right. | woojoo666 wrote: | I believe "zero knowledge" refers to the third party here. That | is, you give it A => B, and it tells you if B => A was given | previously, without it knowing the actual values of A or B. | While _you_ might be able to brute force the system by trying | every name you know, the third party can 't unless you give the | third party a registry of names to try. | | Related is the humorous paper "Solving the Dating Problem with | the SENPAI Protocol" [1], though the solution in that paper | does not rely on a third party. | | [1]: http://sigtbd.csail.mit.edu/pubs/2016/paper10.pdf | varispeed wrote: | It's fascinating to see how far people are willing to go to avoid | the awkward feeling of potential rejection. I mean I have been | there. But as I am older this just feels funny. If you like | someone just tell them. Rejection is part of the fun. | anticristi wrote: | Right? I embraced rejection therapy and the results were scary | good. A whole new world opened up, not only in romance, but | sales, financing, recruitment, etc. | can16358p wrote: | Love these kind of ideas. Reminded me of once I was trying to | allow access to a file with a password. It wasn't any super- | secret file or anything, just a CV of a friend hosted on a static | file server and she wanted it to "protect" it with a simple | password (just didn't want it to be directly available to anyone | viewing the homepage. No mission-critical secret of any kind | otherwise). | | Having no real/strict security requirements and being lazy to go | server-side scripting, I simply hashed the password. Noted the | hash. Saved the file into a folder like "/${hash}/Proper | Name.pdf". Hashed the hash again and embedded it into client-side | JS. Wrote a JS function that took the input, hashed it twice, and | if second hash of the entered password matches that, download the | file "/${first hash}/Proper Name.pdf". | | It worked like a charm, but please note that this is prone to | attacks so if anyone reading this thinks it's a good idea to | implement actual security, DO NOT. It is not. Fun to play with | though. | jesprenj wrote: | What attacks? | martin-adams wrote: | Maybe the browser or an extension leaking the URL of the | file, which could ultimately get indexed in a search engine. | [deleted] | flax wrote: | I own the domain ilikeyou.fyi and considered doing something very | much like this. I rejected that plan for all the reasons above. | | It could be done better with public/private key cryptography, but | then your audience has to be able to deal with that. | | Oh well, it's on my backlog down in the "I'll never actually get | there" section. | Garvey wrote: | Small idea, no idea how useful if at all but maybe it could be | a simple page with a list of reasons why the sender likes the | recipient, and/or a YouTube playlist of songs that remind them | of the recipient etc | batch12 wrote: | Maybe don't display the hash and self destruct after n bad | guesses or something. | makach wrote: | Yeaaahh, but no. It doesn't need to be mutual. Guess can be | correct but the reveal will probably just out you and cause | problems. For confessing your love do it openly, they are no | short cuts. | exikyut wrote: | * _Hires team of synchronized skywriters to draw SHA-256 hash | above crush 's location_* | michaelmior wrote: | Avoiding hash collisions has never been so important... | hsnewman wrote: | What if your girlfriend and wife have the same hash? | runjake wrote: | Maybe this would be better using | Twitter/Instagram/TikTok/Snapchat handles? (I don't use 75% of | those, but presumably they all use handles.) | Liron wrote: | Last year my wife and I suspected we might have gotten each other | the same Christmas gift, but didn't want to spoil the surprise in | case we didn't. So we compared SHA256 hashes... and sure enough | they both came out cb17007d (theragun) | avg_dev wrote: | What did you hash? The name of the product? Or the UPC or | something? I am curious. | Liron wrote: | We both hashed "theragun" in all lowercase. We actually | bought each other two different models of Theragun but it was | pretty natural to refer to them with that string. | nullc wrote: | Not technically zero knowledge, since you could brute force | search her non-matching hash later. | | A true ZK comparison[1] would just return a true or false | without exposing any other information such as the hash of the | item. | | I'm sure the hash was good enough for your purpose, however! | | [1] https://en.wikipedia.org/wiki/Socialist_millionaire_problem | hinkley wrote: | There are a couple of science and science fiction authors that | started posting hashes or signatures for their predictions for | the future, and then post it after events played out. | | I think the idea is that unlike pundits predicting the future, | you don't want your particularly clever friend speculating out | loud ten minutes into the suspense movie what they think is | going on because they either guess the ending, or their guess | makes you figure out the ending, and then it's 70 minutes of | sitting there reading all of the other foreshadowing and not | getting to enjoy any of it. | garaetjjte wrote: | Doesn't work, because you can reasonably brute-force possible | gifts. | Liron wrote: | Yeah I'm not sure what's the best protocol that's actually | zero-knowledge here, but since we both trusted each other to | only want to find out whether or not our gifts were the same, | and otherwise to not spoil the surprise, this did the job. | kevinventullo wrote: | You could write a script that does the hash comparison for | you and simply outputs "Yes" or "No" for whether the hashes | are identical. | 10000truths wrote: | Sure, but the example is contrived, as it serves to | illustrate the point in an easily digestible (heh) way. In | real world applications, both the possible messages and the | possible hashes would be way too large to brute force. | lights0123 wrote: | You could reveal the hash letter-by-letter and stop as soon | as a letter differs so there's more possibilities. | mbauman wrote: | You can similarly brute force mutual acquaintances in TFA | PascLeRasc wrote: | This explained zero knowledge so much easier than that parable | about the caves, thank you. | vintermann wrote: | But it isn't zero-knowledge. If it was zero-knowledge, you | would be able to know what you had the same gift/crush, but | it would be impossible to prove to someone else. | | Mere hashing doesn't do that. For the crush example (This | site), your crush could show everyone the link and their | name. For that matter, someone could enter the names of | everyone you knew in turn, until you were outed. | sangel wrote: | Non interactive zero knowledge allows one proof to be | checked by many verifiers. I think folks would still | consider that to be a zero knowledge proof no? | | That said, yeah this hashing example is not zero knowledge | because, among other things, the hash is not hiding. | josephcsible wrote: | An actual zero-knowledge way to do that would be the | Socialist Millionaires' Protocol. | puffoflogic wrote: | As the sibling comment says, neither gp comment nor this post | are zero-knowledge. | | But in addition to the definition given in sibling comment, | here's another necessary condition of a zero-knowledge proof: | it _must_ be possible to forge transcripts (i.e., one party | writing both sides of the interaction) of a zk proof even | without possessing the secret. | [deleted] | tinktank wrote: | Pretty clever IMO | niyazpk wrote: | Well... hactually... This is kind like the opposite of zero- | knowledge, where everyone can know your crush just by entering | all suspecting names in the link. | UmbertoNoEco wrote: | Nothing says romance like a sha-256 hash. Neruda,take notes. | sixhobbits wrote: | "First and Last name capitalised" | | Seems like someone hasn't read the famous "Falsehoods Programmers | Believe about Names"[0] | | [0] https://www.kalzumeus.com/2010/06/17/falsehoods- | programmers-... | alanh wrote: | I mean, it's basically a helpful hint there to maximize the | chance that both parties include the same names with the same | capitalizations | kube-system wrote: | And it's a unhelpful suggestion to butcher names that aren't | correctly formatted that way. | lvass wrote: | Maybe they did, got confused and gave up. How would you deal | with 4, 11, 12+13, 14 and 18 here? | soco wrote: | Quite simple: you don't deal at all. That's zero assumptions | about the name. Let them eat cake and enter whatever they | want. The user should know their sweetie well enough to guess | what they will enter as own name. This is an assumption about | their level of mutual knowledge, true, but not one about the | naming scheme. | lvass wrote: | This is a design decision that will very likely lead to | missed matches, bold of you to assume it's desirable but | even that doesn't answer the entire ordeal. How are they | going to enter the name, have you read 11? | not2b wrote: | On the contrary, there is a very strong and completely | invalid assumption: that Alice will type her name in | exactly the way Bob typed her name, and vice versa, that | neither will misspell it, that either both will use the | official name or both will use the same nickname. | kube-system wrote: | > 4. People have, at this point in time, one full name which | they go by. | | The relationship between person and name is one-to-many | | > 11. People's names are all mapped in Unicode code points. | | You can implement custom characters, i.e. | https://en.wikipedia.org/wiki/Private_Use_Areas or have a | process for exceptions | | > 12. People's names are case sensitive. 13. People's names | are case insensitive. | | You can store this as an attribute | | > 14. People's names sometimes have prefixes or suffixes, but | you can safely ignore those. | | This can be other fields if you're trying to structure the | data, or you can simply store the entire name as a contiguous | field. | | > 18. People's names have an order to them. Picking any | ordering scheme will automatically result in consistent | ordering among all systems, as long as both use the same | ordering scheme for the same name. | | Don't string compare names as a test for equality. | | The obvious response to this is: that's too hard (/impossible | to do). But that's just the reality of the situation. These | issues are not necessarily possible to solve. #21 in | particular makes this application very broken even with very | plain vanilla western names. | [deleted] | system16 wrote: | Humorous, but not zero-knowledge at all. They could be on to | something here though. Maybe blockchain's "killer app" will be | Verifiable Romance? | cableshaft wrote: | Instead of getting your SO's name tattooed on your body that | you'll regret in a few years, you'll instead get your names | added to the blockchain...that you'll regret in a few years. | TobyTheDog123 wrote: | Dont give them any ideas. The RomanceSmartChain is only a few | months out at this rate. | orthecreedence wrote: | $LOVE is MOONING!! | | Blake2b + Hybrid PoW chain with LOW TRANSACTION FEES and 4 | TX/S THROUGHPUT now CONFIRMING COMMITTED RELATIONSHIPS with | blockchain technology! Your relationship isn't valid until | there are AT LEAST 36 CONFIRMATIONS on $LOVE chain!!1 | | Also now supporting ON-CHAIN unique NFTs for couples for | low fees!! | sunshinerag wrote: | Link to white paper please | radicalbyte wrote: | Zero-knowledge describes the OP w.r.t zero-knowledge-proofs. | littlestymaar wrote: | Jacques Patarin[1], my cryptography teacher at university | introduced us with zero-knowledge proofs with a simple real-life | zero knowledge scheme for this exact purpose. All you need is 5 | cards, 3 identical red and 2 identical blacks. | | You give one black and one red to each person (Alice and Bob), | and keep the last red. | | The scheme is the following: | | Alice will puts her two cards ON TOP of the remaining red card: | to say yes, she puts her black card on top of her red card, to | say no she does the opposite (red on top of black). | | Bob will put his pair of cards BELOW the remaining red card, and | to say yes he puts his black card at the bottom, with his red | card in between, and to say no he does the opposite. | | Then you _cut_ the deck enough times to obfuscate who 've done | what, and you know that they've both day yes if you have the two | blacks cards next to each other (or both at each ends of the | deck). If anyone (or both of them) said no, you'd have black | cards separated by one red card. | | [1] https://fr.wikipedia.org/wiki/Jacques_Patarin | [deleted] | rockbruno wrote: | Fun concept, but quite easy to use with a malicious intent. It | would be better if only people who have a crush on you could use | the link (meaning the confession would work both ways) | leto_ii wrote: | > People can enter their names into this unique link to generate | the hash of their name. If the generated hash matches, they'll be | notified *you* are *their* crush | | Don't mean to be pedantic, but shouldn't it be "they'll be | notified *they* are *your* crush"? | ascv wrote: | Yes it seems to be worded incorrectly. | [deleted] | ihuman wrote: | I remember reading a joke research paper about something like | this. It explored all currently known methods of confessing your | love, their pros and cons, and had a funny acronym for each. It | then proposed a newer, secure algorithm for confessing to your | crush if the feeling was mutual, and without leaking information | to 3rd parties. I'm trying to find it, but I don't have it saved | and I haven't found it on Google yet. | easton wrote: | The SENPAI protocol! | http://sigtbd.csail.mit.edu/pubs/2016/paper10.pdf | anticristi wrote: | This is probably the geekiest CS paper I ever read! | ihuman wrote: | Thank you! I had a feeling the name had something to do with | anime, but I couldn't remember what. | SpaceManNabs wrote: | I can see this being somewhat popular on some campuses. | bigdict wrote: | I think this was originally a joke on a MIT Facebook page. | blueplanet200 wrote: | This is not the usual notion of zero-knowledge. | latchkey wrote: | https://www.zkcrush.xyz/api/hello | samiur1204 wrote: | Lol, sending someone the link kind of defeats the purpose, no? | Tomte wrote: | This is some strange notion of zero-knowledge. | | If Bob publishes his link, and I want to know who his crush is, I | can simply try all our classmates' names and quickly find out | that it's Alice. | | Those games only make at least a bit of sense when everybody | enters their crush and only when matching both get notified. | | Also brute-forceable, but at least it's quadratic (if you suspect | nothing about crushes, which is unrealistic in itself). | spekcular wrote: | Indeed, a similar "secure" crush confession on an MIT facebook | group was exploited in this way, by brute forcing every name in | the student directory. | hinkley wrote: | And when everyone is an actual adult, not a manchild or other | people without a fully formed prefrontal cortex and thus prone | to making ugly, life-changing decisions - for themselves and | others - on a dime. | | That's most of the demographic for this product. The number of | over-25 people, not in a committed relationship, who still | haven't figured out how to ask people out, is pretty small. | random314 wrote: | Or just tell your crush, without sharing URLs with everyone | staticassertion wrote: | Easy as an adult. But as a kid I feel like we jumped through | soooo many hoops to de-risk telling someone we had a crush on | them. | | I remember those reallllly early games like MASH or even | early "compatibility" apps. Very coy. | vintermann wrote: | There's nothing wrong with only wanting to reveal a crush | if it's somewhat returned. If it isn't, you're just putting | them in an uncomfortable position for no good reason. | the_af wrote: | Yes, I can see how -- as a kid -- sharing an URL of your | hashed crush with the world is not going to be awkward _at | all_. | soco wrote: | Putting links in your tiktok/whatever profile doesn't | seem like very unusual nowadays... | staticassertion wrote: | Awkward is the name of the game. | LeifCarrotson wrote: | You'd want to use asymmetric public key cryptography so that | Bob could hash his message with Alice's public key, and it | could only be decrypted with Alice's private key. | superjan wrote: | For heaven's sake just call her! | tawktiem wrote: | Yup, everyone publishes their public keys. No one's private | keys gets published (fake crush created). | | I'm not sure if zero-knowledge proofs exist for love outside | of action - repeated acts of commitment over time (to reduces | the confidence that someone doesn't love you). | vintermann wrote: | That lets Bob confess semi-deniably to Alice (if Alice is | willing to share her private key, she can still show Bob's | confession to Carroll and prove that it's authentic). But it | still doesn't do any matching; Alice will know about Bob's | feelings whether she returns then or not. | gizmo686 wrote: | That still lets Alice find out. | | I don't see a clear way of mapping the concept of a zero | knowledge proof to the crush problem. | | But the best I can come up with is: | | 1) No one learns that Alice (claims to) have a crush on Bob | | 2) Unless Bob also claims to have a crush on Alice, in which | case. | | 3) Only Bob learns that Alice has a crush on him. | | 4) If Bob learns that Alice has a crush on him, Alice learns | that Bob has a crush on her. | | 5) All the above guarantees are symmetric if you swap Bob and | Alice. | geysersam wrote: | Seems to me such a system must make it expensive to claim | to have a crush on someone. Otherwise Bob can just claim to | have a crush on everyone and will find out who crushes on | him. | [deleted] | mikebenfield wrote: | > Those games only make at least a bit of sense when everybody | enters their crush and only when matching both get notified. | | Even then, among heterosexuals they will suffer from the same | problem as basically every software platform for romance among | straight people: the massive asymmetry in interest between men | and women. Men would copy and paste virtually every woman they | know into the system as a "crush," so they can find which if | any of their female acquaintances might be interested, and | _then_ they would decide who to pursue. | pessimizer wrote: | > Men would copy and paste virtually every woman they know | into the system as a "crush," so they can find which if any | of their female acquaintances might be interested, and then | they would decide who to pursue. | | Smart men would, who know their place in the world. Any of | them are good enough for you, really. Take the one that you | like the most out of the ones who like you. Is this a | problem? If it weren't asymmetric, it would be hopeless. | Instead, most men get the choice between one or more | interested women, and most women get a response from one or | more of the men they were interested in. | | It's better if one side isn't as picky as the other. The | other options are that only a couple of people match up at | all, or everyone getting a response from everyone i.e. no | signal at all. | | edit: I mean, isn't that Bumble? | mikebenfield wrote: | I don't follow this, either logically or in practice. | | Granted I've never dated as a gay man or as a lesbian, but | from what I've observed it seems to me a much smoother and | more mutual process than straight dating. I've even heard | from bi men about how much easier and less stressful it is | to date men than women. AFAICT when both parties are on a | level playing field, and there's not a massive asymmetry in | power, interest, and investment, there's a lot less grief | overall. | | > edit: I mean, isn't that Bumble? | | Bumble is a valiant attempt to fix this issue but it seems | to mostly be a failure. An average man may occasionally get | a message (which will usually just say "hi"), but the | asymmetry in interest is still there, and it's still mostly | men's responsibility to do the _real_ initiating. | a-dub wrote: | that's because it's not zero knowledge, it's password hashing. | | a zero knowledge proof would do something like prove a valid | attestation of love, but reveal nothing about who (other than | maybe membership in some large enough set). | momojo wrote: | This could be a fun way to teach a class about the | vulnerabilities around hashing. Strong hash != strong | protection. | | Maybe the second half of the class could be about designing a | more secure system. Or use this dilemma to explain public- | private key encryption. | praptak wrote: | Yeah, it is like hashing a phone number to protect its owner's | identity. With a small domain known by the attacker hashing | isn't really one-directional. | tgv wrote: | If it tells you how many letters are right, and how many are in | the right place, it could become Datle. | DrewADesign wrote: | * Flirdle | andrewstuart2 wrote: | Challenge: build something worthy of being called 204Date | (2048 clone). | jandrese wrote: | Smashing together people to win at dating? Isn't that just | Tinder? | CameronNemo wrote: | Tinder goes in two directions. This would go in 4 | directions. Swipe up to send them to your friends, down | to your enemies, left to the void, right to you. | bonzini wrote: | Match fruits until you get a date? | dylan604 wrote: | Careful, FruitNinjaDating could get interesting if not | messy | darig wrote: | giantrobot wrote: | SHA256 doesn't work like that. Even single bit differences | between inputs should result in very different outputs. | forty wrote: | Enjoy ;) | https://rsk0315.github.io/playground/passwordle.html | drdaeman wrote: | It doesn't. But there are so-called locality sensitive | hashes. | | https://www.pinecone.io/learn/locality-sensitive-hashing/ | giantrobot wrote: | Sure, such hashes exist. SHA256 is not one of them. | lvass wrote: | Or even easier, use a SHA-256 reversing service that has all | names. | yosito wrote: | Wrapping this in a native app could be a nice little moneymaker. | Lots of speed dating events could use this to help match | attendees that were interested in each other. | tecleandor wrote: | Poor John Smith. | latchkey wrote: | https://github.com/amirgamil/zk-crush/blob/main/pages/crush.... | const isMatch = React.useMemo(() => hash === crushHash, | [crushHash]); | | Sure is a lot of work to do a string comparison 'efficiently'. | qudat wrote: | Definitely a waste. `useMemo` has a bunch of performance issues | related to it and should only be used when absolutely | necessary. | [deleted] | jkcxn wrote: | That's mad because the useMemo clearly has to do an equality | check to see if it changed anyway... | wfh wrote: | Reminds me a paper I co-authored all the way back in 2000! | https://www.cl.cam.ac.uk/~fms27/papers/2000-StajanoHar-roman... | wow that's a long time ago! | markus_zhang wrote: | Interesting but I'm too old for this. | baby wrote: | This has nothing to do with zero-knowledge crypto. Here's some | intuition about what zero-knowledge is actually about: | https://minaprotocol.com/blog/kimchi-the-latest-update-to-mi... | hinkley wrote: | It's my understanding that zero-knowledge concepts can be | extended to databases, in a way where I can query a database | and get a result without knowing the contents, perhaps to pass | on to a trusted system to perform another action. | | Depending how you slice it, I either do or don't get to know if | the result set is empty. In the latter case, there's a | variation of this crush registration system where I don't get | to know if Sally has a crush on me, but I do find out if | _anyone_ has a crush on me. Of course if the answer is empty | set, I don 't know if I'm unloved or only loved by people that | don't use the app. Which could be pretty heavy. ___________________________________________________________________ (page generated 2022-06-03 23:00 UTC)