Proof of Personhood with Zeronym on Verax for The Linea Voyage

Zeronym is a zero knowledge identity verification protocol developed by Holonym Foundation. It provides privacy-preserving proof of personhood, biometrics, residence, or compliance. Zeronym can be easily integrated into any site, on desktop or mobile, using the Silk SDK.

The Holonym Foundation is excited to announce a strategic partnership with Linea to bring another source of rigor for verifying and rewarding unique humans with the Verax attestation service.  Zeronym users that successfully mint  a proof of unique personhood SBT will now also receive an attestation on Verax's public registry, where their identity proofs can be discovered by dApps across EVM networks. 

Verax is an on-chain attestation registry.  It provides a way for developers to issue attestations on-chain that are discoverable, consumable and composable.  Verax was designed as a public good to support dApps and users within the Linea ecosystem, however it has also been deployed to other networks by different teams.  It is intended to be a community-maintained project, and has seen significant contributions from a number of teams, both in terms of commits to the open source repos and contributions to the governance process. Verax currently has over 5.2M attestations issued to over 1.4M unique accounts.

Right now most attestations are minted as SBTs that are used to attest to various accolades, achievements, membership etc. However, SBTs present some challenges when trying to understand what function they serve, who has issued them and why, and how they are intended to be used.  Once minted on-chain, they are not easily discoverable unless you already know about them somehow.

On-chain attestation registries have several advantages in this regard.  They offer a consolidated location on-chain where attestations are discoverable as soon as they are issued.  This also means that dApp developers only have to integrate once with the registry in order to access lots of data from multiple sources. It also allows services like Index Network, OrbisDB, Etherscan and more, to easily find attestations that have been issued to wallet addresses.

All attestations are associated with structured schemas that allow the attestations to be decoded by smart contracts and UIs, and that have human readable names and descriptions. Furthermore, attestations have useful properties such as expiry and revocation and they can be linked together.  Seen through this lens, it’s not hard to be convinced that on-chan attestations are poised to become a powerful primitive, and could easily see the same level of adoption as the ERC-721 standard.

The Ethereum ecosystem is rich with identity protocols and primitives, each offering different solutions. While identity can be captured in multiple dimensions, developers often struggle to navigate this landscape to find the best fit for their needs. Users also face the inconvenience of verifying their identity across multiple platforms.

Most identity verification is captured as SBT/NFT, which limits composability and reduces synergy between developer ecosystems. Verax’s attestation issuer stack, however, combines multi-dimensional identifiers, allowing developers and dApps to integrate with the registry based on their specific requirements. This flexibility also enables reputation protocols to design their own models.

Verax supports a variety of use cases, but let's focus on Zeronym’s Proof of Personhood here.

Over time, a user's crypto wallet becomes a rich descriptor that can directly associate the user with preferences, attributes, and future contributions and engagement. Identity attributes recorded in crypto wallets are unique because these attributes are persistent, usually open source, and can be combined with many other data sources to generate multi dimensional representations of the user and their preferences. However, the permission-less nature of blockchain allows the creation of multiple accounts, of many identities, which can be easily exploited by industrial-scale sybil attacks to mass produce "high reputation" accounts and unfairly claim rewards meant for unique individual users. 

Zeronym’s Proof of Personhood attestation, uses off-chain attributes such as phone number reputation and Government ID, to prove uniqueness in a private manner. The protocol uses a nullifier scheme ​​that maintains the integrity of the verification process, ensuring that a uniqueness proof can only be singularly generated. Proof of Personhood facilitates the fair distribution of rewards and airdrops, and supports digital governance mechanisms such as quadratic voting, and one-person-one-vote. These measures ensure an egalitarian approach, preventing sybil attacks and promoting genuine participation.

A recent report highlighted a 3000 percent increase in deep fake attempts, and a fivefold increase in digitally forged identities in 2023 which can be attributed to the accessibility and ease-of-use of AI tools. Most importantly, AI-based threats to automated electronic KYC is not a future phenomena, but an existing problem today. 

To combat deep fakes, the protocol also supports ZK NFC, where users tap with their phones to an ePassport to privately prove the NFC data locally on the device. ZK NFC proofs leverage the ePassport metadata signed by a government authority following the ICAO-9303 standard to confirm identities without sensitive data ever having to leave the user's personal device. ZK NFC proofs of government ID are impossible to deep-fake. Bad actors would have to subvert the Certificate Signing Authority, bribe or force government officials to access these guarded keys, and act on these ill-gotten credentials before keys are rotated and their subversion discovered. ICA-9303 NFC government IDs are gaining global adoption, and expected to become the defacto solution to prevent identity theft, fraud, privacy-infringement, and human impersonation by AIs by the end of the decade.

Reputation is essentially one's identity attributed to a Web3 footprint in the form of on-chain engagement and behavior. It is highly use-case driven, and perceived from the lens of individual protocols on what constitutes "good" or "bad" reputation. Verax’s diverse range of issuers allows dApps and reputation protocols to plugin or design their own pluralistic reputation models.

Designing reputation models can be complex due to the inherent subjectivity involved. However, having a foundation of identity adds a layer of objectivity and authenticity, especially in terms of uniqueness. Also, proving uniqueness doesn’t necessarily indicate a good reputation, but analysis of Zeronym’s SBT users shows that these users engage more in governance activities and receive higher airdrops compared to average users. We will be sharing the analysis in an upcoming post. This highlights how a strong identity foundation can reflect positive engagement and contributions in the Web3 ecosystem.

With the passage of FIT21 and the implementation of MiCA soon, proactive compliance checks by protocols can help create a safer Web3 environment by deterring bad actors. Most compliance protocols require user data to comply with laws, often leading to the doxxing of users by linking their on-chain addresses with off-chain credentials.

Zero Knowledge technology helps safeguard user data through selective disclosure, though it complicates access to user data in cases of subpoenas. Zeronym’s “Proof of Clean Hands” addresses this challenge by keeping user data private while allowing for decryption based on pre-defined smart contract rules. Users must consent to the Terms and Conditions and the possibility of their data being decrypted to a specified entity under specific conditions (such as sending funds to a black-listed address). In the event of a subpoena, the data is decrypted from Mishti Network a threshold network secured as an Actively Validated Service (AVS) on EigenLayer. This approach ensures user privacy, places user consent first before disclosure, eliminates the need for mass surveillance, and all-the-while complying with customizable legal requirements.

Identity primitives are still being tested out in Web3, and no project has become a single winner yet. Each protocol offers nuanced solutions that align with data sovereignty and have seen significant adoption. Resilience to attack vectors, access to new users, high cost of forgery at a large scale, and relatively universal credentials are some of the factors that place Zeronym as a solution to the trilemma of privacy, rigour and accessibility. Verax’s consolidation of identity attestations from various personhood protocols enhances its position, offering a more comprehensive solution than any single method of identification.

As discussed in a research report on personhood protocols, it’s important to disclose privacy measures and caveats. Zeronym is open source, and users verified with Zeronym on-chain are unable to be linked with their identifying information by any third party. For traditional eKYC, accomplished by placing user proofs into an anonymity set and obfuscating any link between all data shared with any third party, including Holonym. For ZK NFC, only secure proofs leave the user device, never is any sensitive, plaintext information shard with third parties. To further decentralize the architecture, Zeronym is will utilize with Mishti Network, an Actively Validated Service (AVS) for private biometric proofs of personhood that can't be brute-forced. 

In light of this exciting partnership, we’re launching a special Galxe quest with a prize pool of $3000! Participate in the quest to be part of The Linea Voyage and get the Proof of Humanity Attestation. 

Once the user gets verified, Zeronym issues a Verax attestation for every SBT it sends. The attestation is a cryptographic signature that the Zero Knowledge proof has been verified. The attestation is issued on Linea mainnet, with the contracts here.

• For developers, the docs gives an example of how to query and validate Zeronym attestations.

• An example of the verification flow is here

• Get verified here

Special thanks to Simon Brown from the Verax team for reviewing this article and contributing to several sections.

Arun’s roles include content making and biz dev at Holonym Foundation. His primary interests are identity, reputation and DAO governance. He voluntarily started making content to understand web3, while he enjoys doing it full time now, with biz dev work.

While not working he enjoys spending time on Twitter or camping on weekends.
X