Zero Knowledge Proof for SNAP (Standar Nasional OPEN API Pembayaran) in Indonesia

Abstract

SNAP (Standar Nasional OPEN API Pembayaran) is an implementation of open banking for encouraging digital transformation in the banking industry. SNAP was submitted by several sub-working groups formed jointly by ASPI and the Bank of Indonesia. In the document Pedoman Tata Kelola (Bank of Indonesia, n.d.), there is already a customer data protection mechanism between the bank, the owner of Open API, and the user of Open API. However, there is no data protection process carried out by consumers so third parties, that use the Open API of the bank, do not need to know the customer's data. Based on the web3 protocol, users can store data and transmit only in encrypted form which can only be opened by calculating the data with a pre-agreed smart contract. Banks can work like a decentralized network on web3, where the process of calculating proof and witness is carried out by the bank. Proof and witness are calculated using a zero-knowledge proof protocol, making it difficult to duplicate. For this reason, we propose a new architecture using smart contracts between banks and customers using the ZK-SNARK method. Therefore, there is no significant performance difference between using ZK-SNARK and without ZK-SNARK in the API call process.