A privacy-preserving traceability system for self-sovereign identity-based inter-organizational business processes

Blockchain is a potential technology for collaborating organizations, notably for executing their Inter-Organizational Business Processes (IOBPs). While Blockchain’s transparency and decentralized characteristics address the lack-of-trust issue in IOBPs, many existing Blockchain solutions share this data on the ledger, often at the expense of serious privacy concerns. Alternatively, Self-Sovereign Identity (SSI) systems are revolutionary Blockchain-based solutions that provide complete data control. Unlike traditional Blockchain solutions, many SSI systems do not record the exchange of transactional data between entities on the ledger in order to comply with privacy regulations. However, this can imply a gap in cases where legal traceability is required for audit purposes. To address traceability issues in SSI-based IOBP, this paper leverages Zero-Knowledge Proof (ZKP) and Fully Homomorphic Encryption (FHE) to provide an efficient privacy-preserving traceability solution. The purpose of this paper is to achieve traceability that strikes a balance between privacy and transparency. This paper also provides a proof-of-concept implementation and a comparative evaluation. The evaluation shows that the proposed ZKP approach provides better financial cost and performance results compared to traditional Blockchain-based traceability solutions.