Verity: A zkTLS Protocol empowering the IC as a Co-Processor
Hello IC Hackers 
Usher Labs is excited to share our latest developments on the Internet Computer!
Introducing Verity, a zkTLS protocol designed to help developers create fully verifiable data pipelines between private or restricted data sources and any blockchain.
For those unfamiliar with zkTLS, it’s a cryptographic method that proves data authenticity from a TLS-enabled source, such as an API. This proof ensures the data is tamper-resistant and accurately represents the source.
What sets Verity apart from other zkTLS solutions is its focus on business-oriented processes and its unique capabilities:
- A server-side design, eliminating the need for user-facing interfaces.
- High-frequency and concurrent proof generation.
- zkProofs that can be verified on any blockchain.
- Preservation of data privacy and security while enabling verifiable processing.
In simple terms, Verity acts as a zkRollup for TLS attestations, making it a powerful tool for secure and efficient data verification.
History
Where did Verity come from? Let’s dive into its origins.
At Usher Labs, we’ve seen firsthand how data-driven protocols can be compromised through issues like data injection or tampering. Recognising this challenge, we committed to solving it by focusing on data security in Web3.
As part of this journey, we explored how secure data could enhance the Internet Computer (IC). By securely understanding the state of external blockchains within the IC, we realised the potential for innovative cross-chain asset management.
This effort led to the creation of the Cross-chain Asset Manager Protocol (CCAMP), initially developed for the IC as a protocol and framework for app-specific multi-chain liquidity coordination. Over time, CCAMP evolved into the Verity Data Processor (VDP), now a core component of the Verity Protocol. For more details on CCAMP, refer to the original README.
In its evolution, the logic enabling the IC as a cross-chain orchestrator and co-processor was extracted and modularised into libraries and components. These now form the framework you can use today to build verifiable data pipelines from private data sources to any blockchain, with a particular focus on the IC.
Verity enhances data sourcing and indexing throughput for the IC by serving as a cost-efficient off-chain component, working seamlessly with Canisters deployed to the IC. In its original cross-chain orchestration model, the IC is well-positioned for zkTLS, enabling state sourcing from various RPCs at high frequencies and rolling this data into state advancements within Canisters.
Why Verity?
Verity offers a compelling alternative to HTTPS Outcalls for Canisters, especially when high-frequency, concurrent data sourcing is required.
By offloading data sourcing, error handling, wake-up mechanics, and state management to an off-chain solution using verifiable, portable proofs, Verity significantly reduces costs associated with managing these tasks on the IC.
Our research shows Verity achieves cost efficiencies of 67% to 80% compared to HTTPS Outcalls.
However, this efficiency comes with a base server cost for node operation and the associated overheads. Operating a Verity Prover requires a server, with the size and compute capacity depending on sourcing demand and concurrency requirements. To simplify adoption, Usher Labs offers an entirely managed Verity Prover for partners. Instead of managing infrastructure, partners can interface directly with an API provided by Usher Labs.
The Verity Prover functions as a proxy, receiving HTTP request parameters and executing these requests with support from the Verity protocol to generate a TLS attestation.
Beyond cost savings, Verity unlocks new capabilities. By moving data sourcing off-chain and embedding ZK technology into the protocol, private data can be securely accessed and interoperable with on-chain environments.
This means sensitive details, like secret keys or specific data within HTTPS requests and responses, can be redacted. For scenarios where the entire API request transcript must remain private, a zkVM can process sensitive data securely, maintaining confidentiality while enabling verifiability.
IC at the Core
In the zkTLS protocol, the Internet Computer (IC) serves as a decentralised Verifier, enabling us to offload a significant portion of the computation over public proofs and data from any ZK environment to the IC. This includes partial or full verification of TLS proofs on the IC, enabling subsequent verification within a ZK environment.
This approach significantly reduces ZK proving times and enhances the capacity for higher throughput in ZK proof generation.
Additionally, Canisters can integrate this Verifier through the XNET interface, enabling them to index TLS proofs and defer verification as needed.
Application
Usher Labs is proud to collaborate with leading partners, including:
- Truflation: A decentralised economic database powering next-generation markets with real-world data.
- ChainSight: A platform for building Oracles that embed models over data sourced from virtually anywhere.
- Rooch Network: A Bitcoin + Move Layer 2 where Verity enables on-chain SocialFi dynamics by powering proof of social data.
In addition, we’ve introduced our own Asset Data Canister (ADC). The ADC significantly improves cost efficiency compared to the native Exchange Rate Canister by leveraging Verity for data sourcing while deferring indexing and verification of proofs to the IC.
Explore more about the IC-ADC in our repository.
Learn More
Dive deeper into Verity by exploring our video walkthrough and project repository:
- Video Walkthrough: Watch on Loom
- Repository: Explore on GitHub
If you’re ready to start using Verity, let us know by joining our Discord community.
We welcome your questions, feedback, and ideas as we work together to shape the future of the IC and Chain Fusion.
Warm regards,
Ryan Soury
Usher Labs
Discord: Usher Labs
Twitter: x.com