ZeroHour
ZK proofs on minimal wearable personal hardware
Created on 21st June 2025
•
ZeroHour
ZK proofs on minimal wearable personal hardware
The problem ZeroHour solves
ZeroHour
ZeroHour pushes the limit of client-side Zero Knowledge Proof generation by creating proofs of steps walked on a PineTime, an open-source smartwatch that only has 64kb RAM.
If you walk more than 10000 steps a day you'll get a discount from your health insurance. Maybe, one day. With ZKPs.
PineTime
PineTime is an open-source smartwatch capable of running open-source operating systems. By default it uses InfiniTime which is built on top of FreeRTOS. It contains a nRF52832 CPU chip and common health measurement tracking such has heart rate and steps walked.
This makes the PineTime a great (though extreme) testbed for privacy applications and zero knowledge proofs.
Proof system
64KB of RAM (assuming we could use all of it!) fits 2000 hashes or 1000 Elliptic Curve points! Clearly running an off-the-shelf SNARK or STARK will be infeasible on this device.
We went back to the roots and designed a Sigma protocol from scratch, which proves that the number steps is above 10k. It roughly works as follows:
- The prover commits to the bits of
number_of_steps - 10000
using hiding Pedersen Commitments - For each commitment, we prove in zero knowledge (using a Sigma protocol) that the committed value is either 0 or 1
What was built
- Proof system design.
- Proof system implementation in an InfiniTime (operating system) fork. This uses embedded C++ and tinycrypt library from Intel.
- InfiniTime app where the user can request proofs.
- InfiniSim (emulator) fork and build system integration for testing.
- Reference prover implementation in Python.
- Verifier in Python.
What we did not have time to finish
- Bluetooth transfer of the proof to a phone/laptop verifier
- Flashing the firmware onto an actual PineTime. In fact we bricked the thing at 4am with a bogus bootloader and it never woke up again. It'll survive.
Assumptions
There are other problems besides pure proof generation that would need to be solved to ensure this project's real world practicality, which we are not aiming at solving for the hackathon project, for example:
- Sybil attacks
- Chip direct manipulation
Challenges we ran into
This project was quite ambitious on the technical level, and I think we managed a surprising amount considering the amount of time. The challenges we did overcome:
Proof system
The clear first challenge was designing the tiny proof system itself. Of course this isn't anything revolutionary and builds on existing literature, but had to be designed in a custom way knowing the limitations of the hardware.
Proof system implementation
Development for embedded can be painful. And it was. This required changing an operating system that doesn't have that much documentation, and the dev/testing infrastructure is quite limited. The crypto library is also quite low level and required a lot of bit tweaking.
Overall complexity
Each part of the pipeline was complicated to design or implement in isolation, which was a challenge in itself. Jumping from complex issue to complex issue is quite draining.
Tracks Applied (1)
ZK Hack Berlin Winners
Technologies used