Decentralized Identity Verification with zkKYC and Soulbound NFTs
Hans Martin
Today, we are sharing zkKYC, an open-source proof-of-concept demo for application and protocol developers to adopt secure, privacy-focused Know Your Customer (KYC) procedures using zero-knowledge proofs. Built using our zkVM, the first general purpose zero-knowledge virtual machine, it allows users to privately prove and mint their identity as a soul-bound NFT serving as a "Proof-of-Possession" token, representing a user's verified KYC status. The NFT contains only the proof of KYC status, with no personal information. This approach safeguards user data and promotes widespread adoption and efficient verification, while also respecting regulatory requirements, positioning zkKYC as a foundational model for developers to adapt zero-knowledge KYC processes in any onchain application.
Revolutionizing KYC in the Blockchain World
The blockchain ecosystem is increasingly under scrutiny, necessitating compliant yet private identity verification methods. Traditional KYC solutions fall short, either by breaching onchain privacy or failing to meet regulatory standards. Enter zkKYC: a solution that harnesses RISC Zero's versatile zkVM and soulbound NFTs, offering a proof-of-KYC without disclosing personal data onchain. zkKYC serves as a foundation for developers to explore and innovate, leveraging the capabilities of our adaptable zkVM andBonsai Proving Service. Drawing from the insights of Bonsai Pay, zkKYC integrates established web authentication methods with soulbound NFTs as "Proof-of-Possession" tokens, which can be minted following successful identity verification via our partner ID.me, a platform with a vast user base exceeding 100 million. zkKYC is a lock-step solution – reconciling the need for regulatory compliance with the blockchain community's values of privacy, ownership, and decentralization.
How it works:
The zkKYC project is an open-source proof of concept application designed to be familiar, user-friendly, and simple for developers to integrate. It begins with users connecting their wallet and logging into a trusted KYC provider, such as ID.me, to verify their identity through standard documentation like passports or state licenses. This document verification is handled by ID.me, who offers various levels of assurance (zkKYC demonstrates minimal KBA-replacement). Once ID.me confirms the user's identity, a cryptographically signed authentication token is issued from their service. We then leverage our zkVM and the Bonsai Proving Service to trustlessly authenticate the issued token's legitimacy, ensuring its authenticity, integrity, and validity without infringing on user privacy. A successful validation within the zkVM results in a zero-knowledge proof, enabling nearly instant and low-cost verification of the user's KYC status onchain without disclosing personal details. If a user holds the zkKYC NFT, they have successfully verified their identity.
This works on the same principles previously demonstrated in a prior proof-of-concept, Bonsai Pay - i.e zero-knowledge JSON Web Token Validation. Our approach is simple and based on the OpenPubKey Paper, employing a client-side modification to the OpenID Connect protocol, built upon the OAuth 2.0 authorization framework, where a users ethereum address is cryptographically coupled to a JSON Web token issued by an OpenID provider. This is fully compatible with many existing single-sign-on applications and requires no modifications to existing authentication protocols. The core component of zkKYC is our zkVM - which is used to statelessly validate the authenticity and integrity of the JSON Web Token, resulting in a zero-knowledge proof of the authentication completely verifiable onchain. Users who complete this process can then mint, own, or burn their identity token – a soul-bound NFT, that is non-transferable, unlocking simple integration into the broader onchain ecosystem.
We are excited about this project and encourage developers to fork, adapt, iterate, and innovate the codebase to meet their project's needs. To dive deeper into this solution, explore the fully open-source repository.
The Future of Identity Verification
RISC Zero is at the forefront of redefining trustless and scalable computing within the blockchain ecosystem, showcasing how security, privacy, and innovation can coexist. The zkKYC concept is not just a showcase for developers to adapt; it's a vision for a more secure and private blockchain future. zkKYC,is a logical step towards a future where blockchain transactions are linked to real people in a verifiable and private way. By utilizing the world's first, and most advanced general-purpose zkVM, along with the inherent adaptability of NFTs, zero-knowledge proofs are ready to set a new standard for identity verification in the blockchain ecosystem. ‘