Fraud investigation process

Purpose and context

The main purpose of Galacticas fraud investigation and secret sharing tech is retroactive compliance. Meaning the possibility to investigate illicit activity after it happened. Example cases are hacks or abuse of undercollateralized loans.

Galactica’s zero-knowledge technology completely hides undisclosed private information. Jurisdictions requiring access to KYC data for investigations therefore need an additional mechanism.

The base concept of combining zero-knowledge certificates with compliance originates from this paper. The integration into Galactica as a whole is described in more detail in the whitepaper.


Providing fraud investigation capabilities to legal authorities obviously has disadvantages because it can be misused to compromise privacy. Justifying such measures requires a sufficient amount of advantages and mitigation. Compliance benefits include clarity to involved actors, compatibility for traditional industries and long term stability.

Security precautions

Decentralizing access with secret sharing

A central authority should not control the fraud investigation process unchecked. If a DApp requires fraud investigation data to be included in a zkKYC proof, Galactica can split it into shares that are distributed to multiple institutions. Similar to a Multisig, a configurable number of those institutions have to work together to decrypt the data. The algorithm used for this is Shamir's secret sharing. It has two parameters. n for the number of shares the secret was split into, and k for the minumum amount of shares needed to reconstruct the secret. The secret itself only includes the zkKYC DID and provider. Therefore legal authorities still have to query personal data from the provider after reconstructing the secret. The personal data is not available on-chain.

Transparency and awareness

Galactica's zkKYC protocol ensures transparency about rules and involved parties. The smart contract fixes the rules and defines the requirements for the ZKP as well as the investigation institutions. Whenever a user creates a ZKP, the Galactica Snap shows what statements are proven by the ZKP and what investigation institutions are involved.


The fraud investigation process is divided into the following three sub-processes for different steps in the lifecycle of a DApp and user interaction on Galactica.

1. Requirement definition by DApp builders

2. Secret sharing during user verification

Before a user can interact with a DApp requiring the possibility of fraud investigations, they create a ZKP for verification. The ZK circuit computing the ZKP discloses the zkCert DID and provider DID to the consortiium of investigation institutions. It uses Shamir's secret sharing to split this information into n shares, one for each institution. So that it can be only constructed if at least k institutions agree to recover the information. The ZK circuit also encrypts each share with the public key of the institution receiving it. The encrypted shares are submitted as public inputs of the ZKP and saved on the blockchain in the verification SBT data.

3. Investigation request, decryption and reveal

Last updated