基於區塊鏈與零知識證明之隱私與公平性保護售票務系統

Abstract

線上售票系統中，尤其在熱門活動的情境下，黃牛炒票的手法層出不窮，嚴重影響票券交易的公平性。現有解決方案多仰賴實名制以限制重複購票，然而此方法需要使用者揭露大量個人資訊，並使售票平台成為高度敏感資料的集中管理者，增加隱私外洩與濫用的風險。本研究旨在提出一套兼顧使用者隱私保護與交易公平性的線上售票系統，避免在防制黃牛的同時犧牲使用者隱私。 本研究提出名為BlozkTix的線上售票系統。系統建於以太鏈上，透過智慧合約執行購票與票券狀態管理，以確保交易流程的透明性、公正性與抗攻擊能力。同時，系統引入真人唯一性（Proof of Personhood, PoP）證明作為身分驗證機制，在使用者無需揭露個人資訊的情況下仍能有效限制重複購票行為。 在虛擬貨幣逐漸普及、交易紀錄公開可驗的背景下，如何在公開帳本中避免交易紀錄與現實身分關聯已成為一大挑戰。為此，本研究採用多重匿名身分設計，將不同生命週期的身分證明分離，讓使用者在購票、選位等不同階段的行為完全無法被關聯分析。 此外，透過採用裝置通行密鑰（passkey）作為票券身分的衍生來源，使匿名身分可透過裝置驗證即時重建，而不需以可轉移的私鑰或助記詞形式儲存，降低票券身分被轉移、外流與遺失的風險。 實作與評估結果顯示，本研究提出之系統在合理的計算時間與交易成本下，有效實現跨購票生命週期的身分不可連結性，同時維持票券交易的公平性與實用性，提供可行的隱私保護型線上售票解決方案。

In online ticketing systems, especially for high-demand events, ticket scalping has become increasingly prevalent and severely affected fairness in ticket distribution. Existing solutions often rely on real-name registration to restrict repeated purchases. However, such approaches require users to disclose extensive personal information and place ticketing platforms in the role of centralized custodians of highly sensitive data, increasing the risk of privacy leakage and misuse. This thesis aims to design an online ticketing system that preserves user privacy while maintaining transaction fairness, avoiding the trade-off between anti-scalping measures and privacy protection.

This work proposes BlozkTix, an online ticketing system built on the Ethereum blockchain. Smart contracts are used to perform ticket purchases and manage ticket states, ensuring transparency, fairness, and resistance to tampering. To replace traditional real-name verification, the system adopts Proof of Personhood (PoP) as the identity verification mechanism, allowing users to prove their uniqueness and eligibility. Hence, the system effectively limiting repeated purchases without revealing personal information.

As cryptocurrencies become increasingly prevalent and transaction records remain publicly verifiable, preventing the linkage between on-chain activities and real-world identities becomes a critical challenge. To address this issue, BlozkTix introduces a lifecycle-scoped anonymous identity design, in which identity proofs used at different stages of the ticket lifecycle are explicitly separated. As a result, user actions during ticket purchase, seat selection, and other stages cannot be correlated by any party.

Furthermore, the system derives ticket-related anonymous identities from device-bound passkeys. By allowing identities to be re-derived through device authentication rather than stored as transferable private keys or mnemonic phrases, this reduces the risk of identity transfer, leakage, or loss, at the same time improving usability for end users. Implementation and performance evaluation results show that the proposed system achieves cross-stage unlinkability of user identities under acceptable computational cost. At the same time, it preserves fairness and practicality in ticket transactions, providing the practical solution of a privacy-preserving online ticketing system.