Brave Unveils Coral, Their New System for Verifiable Parsing

In a new paper and accompanying blog post, Brave has unveiled Coral, “a system for proving in zero-knowledge that a committed byte stream corresponds to a structured object in accordance with a Context Free Grammar.”

The system aims to plug a previously under-examined hole in zero-knowledge proofs: getting from a raw stream of data to a structured. According to Brave, current solutions “typically assume the API response is already a well-formed JSON object (or HTML).” If invalid HTML or JSON is provided, it could allow a malicious prover to convince the verifier of a wrong fact."

The idea behind zero-knowledge proofs is to prove a specific fact without revealing any other data, hence “zero-knowledge.” ZKP consist of a ”prover,” who is trying to prove they know an secret, and a “verifier,” who the prover is trying to prove the statement to without revealing any extra information other than fact that the statement is true.

Brave previously released a blog post detailing the issues with current zero-knowledge proof implementations, among which was the "semantic gap between low-level data (e.g., raw byte streams) and the structured data over which the proof is supposed to operate." They highlighted, albeit only briefly, the fact that "[most] systems implicitly assume that inputs are already well-formed, for instance, that a JSON object respects its grammar or that a credential conforms to a standard syntax."

The new research seeks to fill this gap and inch us closer to more resilient ZKP systems such as those found in digital IDs being rolled out in certain countries and states.

They highlight some possible future applications:

With parsing in zero knowledge now within reach, new avenues open up. For instance, a prover can commit to a TLS transcript and prove not just that some field exists, but that the transcript itself parsed correctly under the relevant grammar. A user can prove properties of a credential without revealing the token or its structure, knowing that malformed inputs cannot trick the verifier. Compilation chains, often opaque and difficult to audit, can be proven end-to-end: from source code to binary, with the parsing steps included. Even middleboxes can enforce policies while respecting privacy, because they can rely on proofs about the syntactic structure of traffic rather than trust opaque byte streams.

With ZKP seemingly becoming more and more relevant to our daily lives, this type of research is much needed. Congrats to the researchers and I can't wait to see what they do next.