- GitHub:
- circom circuits: https://github.com/jypthemiracle/zkIdentity/tree/circuits
- frontend: https://github.com/jypthemiracle/zkIdentity/tree/snoop (highly appreciates to my friend, @realsnoopso, who did pair programming an hour for every day)
- Deployed Address: https://abit.ly/zkiden_ver1
- Demo Video: https://youtu.be/3Z7hyrzN0-o
- Contract Address which is on Polygon Network
- Verifier address: 0xe162f60a32130596D56D31b1d2A562E3a8161be9
- AttestationMinter address: 0x16BA61441Ae1345Dbb17d476f8295b0d6517CDbB
- The circom circuits branch is clone coding of https://github.com/jefflau/zk-identity for learning circom. only minor changes, no major changes made by me. I focused on learning circom library during testnet launch.
- However, due to the difficulty of circom library, I changed my frameworks from circom to semaphore.
- now working on here: https://github.com/jypthemiracle/zkIdentity/tree/main
- the repo is based on semaphore boilerplate. https://github.com/semaphore-protocol/boilerplate
- plans to complete a dedicated full feature til the late submission (May 22)
Authenticating one's identity through public Ethereum Address severely restricts the privacy. Thus, crypto users might want to prove that they are eligible to join or partake in specific activities without revealing one's public address or public keys. Protocols are motivated to support the actions from user side since they might wawnt to distribute an airdrop through off-chain activities.
Imagine you request to get an airdrop, but it immediately leaks your previous financial history since it is associated with your public identity. You want to join DAO voting but someone prevents to do that since you had voted against the administrator of the DAO. Sounds crazy, right? Let us solve this problem by enabling users to claim airdrops anonymously while prove one's identity (i.e. one has a NFT) without revealing their public keys.
I am going to build a set of Ethereum contracts and web frontend that allows a user to prove that they were a previous DarkForest.Eth
winner without revealing the recipent's Ethereum address. By doing so, one could claim the prize (i.e. NFT is minted) without the worries of doxxing one's financial history. One could play DarkForest
game by creating new address, and claim the prize with existing wallet that you want to be claimed with.
-
User, with
account 1
, signs a message to prove that one has a public key ownership or not. -
User create a
key
andsecret
and they concatenate them to create hash which iscommittment
.
committment = hash(key + secret)
- The
committment
is transmitted across a public channel, and stored in aMySQL
database, which is a off-chain in a Amazon Web Service instance - or local storage in a computer. - Hashing a merkle tree recursively and publish merkle root hash to on-chain.
- Users, with another account without connection to previous account 1, can redeem with a zero-knowledge proof that validates they belongs in the Merkle tree without revealing which
commitment
is associated with their public key. - When users enter an input with
key-secret pair
, it generates awitness
that serves as an input to the proof generation algorithm. - User submits merkle path proof to smart contract, and it verifies one's identity without revealing which
commitment
is associated with one's public key. - Smart contract mints a NFT and sends to
account 2
- Version 1: Allow users to verify that they are the ones who are in merkle-tree commitments and retrieve NFT, in
DarkForest.eth
, usingSemaphore
library. - Version 2: Building a sociable prove system that one has its NFT without revealing one's Ethereum address, using
circom
.