This paper introduces the zk-IoT framework, a novel approach to enhancing the security of Internet of Things (IoT) ecosystems through the use of Zero-Knowledge Proofs (ZKPs) on blockchain platforms. Our framework ensures the integrity of firmware execution and data processing in potentially compromised IoT devices. By leveraging the concept of ZKP, we establish a trust layer that facilitates secure, autonomous communication between IoT devices in environments where devices may not inherently trust each other. The framework comprises zk-Devices, which utilize functional commitment to generate proofs for executed programs, and service contracts for encoding interaction logic among devices. It also provides for IoT device automation using proof-carrying data (PCD) and a blockchain layer for transparent and verifiable data processing. We conduct experiments, the results of which show that proof generation, publication, and verification timings meet the practical requirements of IoT device communication, demonstrating the feasibility and efficiency of our solution. The zk-IoT framework represents a significant advancement in the realm of IoT security, paving the way for reliable and scalable IoT networks across various applications, such as smart city infrastructures, healthcare systems, and industrial automation.

翻译：本文提出zk-IoT框架，这是一种通过区块链平台运用零知识证明（ZKP）增强物联网（IoT）生态系统安全性的创新方法。该框架确保了在可能遭受攻击的物联网设备中固件执行与数据处理过程的完整性。通过利用ZKP概念，我们构建了一个信任层，使得在设备间可能缺乏固有信任的环境中，仍能实现安全自主的物联网通信。该框架包含zk-Devices组件（利用函数承诺机制为已执行程序生成证明）与服务合约组件（用于编码设备间交互逻辑），同时采用携带证明数据（PCD）实现物联网设备自动化，并构建区块链层保障数据处理的透明性与可验证性。实验结果表明，证明生成、发布与验证的时间满足物联网设备通信的实际需求，验证了本方案的可行性与高效性。zk-IoT框架标志着物联网安全领域的重大突破，为智慧城市基础设施、医疗系统及工业自动化等多场景下构建可靠可扩展的物联网网络奠定了基础。