這篇研究主要探討了如何在保護個人隱私的前提下，利用區塊鏈技術和零知 識證明來確保社群媒體評價的可驗證性。隨著網路的發展，社群媒體已經產生了 大量可以供企業分析的評價數據，對於改善產品和服務以及了解客戶滿意度具有 重要價值。然而，面對全球隱私保護的議題，用戶在社群媒體上的資料經常沒有 控制權，也經常有社群媒體將使用者言論限制的情形發生，因此使用者的言論控 制權需要以不同的形式被加以保障。
基於前述問題情境，本研究旨在設計一種可以追溯證明的評價系統，將 zk- SNARK、Ed25519、ECIES 應用到區塊鏈而成為一種新的評價隱私保護方法。該 系統可以在公有區塊鏈上儲存用戶的評價，並讓用戶可以向他人證明自己的評價 的真實性。這個系統雛型以瀏覽器擴充功能的形式實現，具有多種功能，包括生 成密鑰、註冊匿名身分、在網站上提供評價、查看特定網站的評價、上傳授權請 求和給予檢視者權限等功能。也因為該系統利用 zk-SNARK 應用於評價隱私保 護，使用戶可以在公開資訊上匿名提出評價，並在需要時向他人證明評價的真實 性，同時確保用戶有權控制自己的數據。

This study explores the application of blockchain technology and Zero- Knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARK) in ensuring the verifiability of social media evaluations while safeguarding user privacy. As social media evolves, a wealth of evaluation data is generated, providing valuable insights for businesses in improving their products and services and understanding customer satisfaction. However, amidst global privacy concerns, users often lack control over their data on these platforms, and instances of limiting user comments occur. Thus, it's crucial to ensure users' freedom of speech in various ways. Addressing this problem, this research aims to design a traceable and verifiable evaluation system. A new privacy protection method for evaluations is proposed by integrating zk-SNARK, Ed25519, and Elliptic Curve Integrated Encryption Scheme (ECIES) into blockchain technology. Furthermore, a functional evaluation system is designed.
The system can store user evaluations on a public blockchain, allowing users to prove the authenticity of their evaluations. This prototype system is realized as a browser extension with multiple features, including key generation, anonymous identity registration, providing evaluations on websites, viewing evaluations of specific websites, uploading authorization requests, and granting viewing permissions to reviewers. With the application of zk-SNARK for evaluation privacy protection, users can anonymously submit evaluations on public information, and when necessary, prove the authenticity of their evaluations, ensuring that they retain control over their data.

[1] T. Dimitriou, “Decentralized Reputation,” in Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy, Virtual Event USA: ACM, Apr. 2021, pp. 119–130. doi: 10.1145/3422337.3447839.
[2] I. Miers, C. Garman, M. Green, and A. D. Rubin, “Zerocoin: Anonymous Distributed E-Cash from Bitcoin,” in 2013 IEEE Symposium on Security and Privacy, May 2013, pp. 397–411. doi: 10.1109/SP.2013.34.
[3] E. Ebrahimi, “Post-quantum Efficient Proof for Graph 3-Coloring Problem,” Nov. 2021, [Online]. Available: https://orbilu.uni.lu/bitstream/10993/48607/1/SucPro-3-coloring.pdf
[4] E. Ben Sasson et al., “Zerocash: Decentralized Anonymous Payments from Bitcoin,” in 2014 IEEE Symposium on Security and Privacy, May 2014, pp. 459–474. doi: 10.1109/SP.2014.36.
[5] M. Petkus, “Why and How zk-SNARK Works,” arXiv.org, Jun. 17, 2019. https://arxiv.org/abs/1906.07221v1 (accessed Jun. 18, 2023).
[6] J. Groth, “On the Size of Pairing-Based Non-interactive Arguments,” in Advances in Cryptology – EUROCRYPT 2016, M. Fischlin and J.-S. Coron, Eds., in Lecture Notes in Computer Science. Berlin, Heidelberg: Springer, 2016, pp. 305–326. doi: 10.1007/978-3-662-49896-5_11.
[7] V. Buterin, “Quadratic Arithmetic Programs: from Zero to Hero,” Medium, Dec. 13, 2016. https://medium.com/@VitalikButerin/quadratic-arithmetic-programs-from-zero-to-hero-f6d558cea649 (accessed Jun. 18, 2023).
[8] Y.-W. Jeng, “Unirep: A private and non-repudiable reputation system,” Privacy & Scaling Explorations, Jul. 05, 2022. https://medium.com/privacy-scaling-explorations/unirep-a-private-and-non-repudiable-reputation-system-7fb5c6478549 (accessed Jun. 18, 2023).
[9] dave, “Zero-Knowledge rollups,” ethereum.org. https://ethereum.org (accessed Jun. 18, 2023).
[10] Chainlink, “How DECO Enables Undercollateralized Lending,” Chainlink Blog, Sep. 16, 2022. https://blog.chain.link/undercollateralized-lending-teller-deco-poc/ (accessed Jun. 18, 2023).
[11] Metamask, “The crypto wallet for Defi, Web3 Dapps and NFTs | MetaMask.” https://metamask.io/ (accessed Jun. 18, 2023).
[12] Semaphore protocol, “What Is Semaphore? | Semaphore.” https://semaphore.appliedzkp.org/docs/introduction (accessed Jun. 18, 2023).
[13] The Graph, “About The Graph,” The Graph Docs. https://thegraph.com/docs/ (accessed Jun. 18, 2023).
[14] The graph, “Querying The Graph - The Graph Docs.” https://thegraph.com/docs/en/querying/querying-the-graph/ (accessed Jun. 18, 2023).
[15] Metamask, “What are metatransactions?,” MetaMask, Jan. 26, 2023. https://support.metamask.io/hc/en-us/articles/12143770005275-What-are-metatransactions- (accessed Jun. 18, 2023).
[16] “IEEE Standard Specifications for Public-Key Cryptography - Amendment 1: Additional Techniques,” IEEE Std 1363a-2004 Amend. IEEE Std 1363-2000, pp. 1–167, Sep. 2004, doi: 10.1109/IEEESTD.2004.94612.
[17] J. Brendel, C. Cremers, D. Jackson, and M. Zhao, “The Provable Security of Ed25519: Theory and Practice,” in 2021 IEEE Symposium on Security and Privacy (SP), May 2021, pp. 1659–1676. doi: 10.1109/SP40001.2021.00042.
[18] D. J. Bernstein, “Curve25519: New Diffie-Hellman Speed Records,” in Public Key Cryptography - PKC 2006, M. Yung, Y. Dodis, A. Kiayias, and T. Malkin, Eds., in Lecture Notes in Computer Science. Berlin, Heidelberg: Springer, 2006, pp. 207–228. doi: 10.1007/11745853_14.
[19] Hardhat, “Hardhat | Ethereum development environment for professionals by Nomic Foundation.” https://hardhat.org (accessed Jun. 18, 2023).
[20] Aave, “Aave - Open Source Liquidity Protocol.” https://aave.com/ (accessed Jun. 18, 2023).
[21] Uniswap Protocol, “Uniswap Protocol,” Uniswap Protocol. https://uniswap.org/ (accessed Jun. 18, 2023).
[22] Compound finance, “Compound.” https://compound.finance (accessed Jun. 18, 2023).