| Plurality is the first identity-lego-building-block for dapp creators that lets them identify their users without using any third-party KYC provider or other middlemen, whilst preserving the privacy of users. It encourages modular application design, allowing dApp developers to choose and customize the on-chain and off-chain components they need. |
|---|
Plurality supercharges DApps by helping them to:
- Setup a verification mechanism tied to off-chain credentials in a few clicks
- Use ZK-Proofs to prove on-chain that a user has been verified
- Verify Personal Identifiable Information of user off-chain and never publish any sensitive information on chain - not even the blockchain address!
Adding zero knowledge verification proofs on chain after verifying through Verifiable Credentials (VCs)
A demo to demonstrate how a user can use off-chain W3C Verifiable Credentials to prove its identity to a DApp's verifier.
The DApp in this case is a mortgage lending platform that needs to check the identity of its users before allowing them access to lending resources. The DApp sets up a verifier and requests users to provide proof of valid german identity card. After verification, the verifier pushes zero knowledge proof of identification on chain so that the DApp can allow/disallow the user from accessing its services on-chain.
The short intro and demo video of this project can be found here: https://youtu.be/7fA5Kyl2NcA
To run this demo, you need:
- an SSI wallet (android, apple)
- the wallet needs to be on the Bcovrin Test Ledger (you can change the ledger from settings by uploading the genesis file )
This demo has three different perspectives: Issuer's, Verifier's and Dapp's
- Uses standard opensource SSI framework components like [Hyperledger Aries Cloud Agent Python] (https://github.com/hyperledger/aries-cloudagent-python) and [Business Partner Agent] (https://github.com/hyperledger-labs/business-partner-agent)
- Issues SSI based credentials to the user wallet after establishing a connection using on DID communication protocol
- Can revoke this user's access at a later point in time
- In our demo use case the issuer issues an identity card to the user's Identity wallet
- The issuer demo service can be accessed at this public addressissuer
- Asks the user to connect using QR code scanning by mobile wallet
- Asks the user to present off-chain proof using the credentials in his/her mobile wallet
- Verifies the credentials to check if proof requirements are satisfied
- Create a new identity for this user correlated with this user's Decentralized Identifier (DID)
- Adds this user's identity to the SemaphoreIdentity contract to the appropriate group
- Can revoke this user's access at a later point in time
- The verifier demo service can be accessed at this public address verifier
- Asks the user to submit zero knowledge proof that he/she is already verified on the SemaphoreIdentity contract
- Approves the (mortgage/loan) request if the user's zero knowledge proof is correct.
The deployed SemaphoreIdentity contract can be found here: 0xe8758638fD2E34f230b99e9b6D8587508B6D90EA
The discussion thread on ethereum magicians forum for this idea can be found here: https://ethereum-magicians.org/t/eliminating-the-middleman-from-kyc-verification-of-blockchain-addresses/13671
Clone the repository
git clone https://github.com/Web3-Plurality/zk-onchain-identity-verification.git
Start the application containers using following command
ACAPY_ISSUER_ENDPOINT=http://<DOMAIN>:<PORT> ACAPY_VERIFIER_ENDPOINT=http://<DOMAIN>:<PORT> ./start.sh up
Stop the application containers using following command
docker-compose down
To compile the smart contract:
npx hardhat compile
To deploy the smart contract:
npx hardhat run scripts/deploy.js --network sepolia
After deployment of an updated smart contract, you need to update in .env file the address of REACT_APP_SEMAPHORE_IDENTITY_CONTRACT