zkMe Protocol Components
Last updated
Last updated
The zkMe App is a secure, decentralized SSI wallet utilizing MPC cryptography, enabling users to store and manage anonymized identity information, including VCs from trusted entities. This allows Identity or attribute proof without disclosing any personal data. MPC distributes private keys across multiple devices or nodes, reducing unauthorized access risk.
The app features OCR and facial recognition for mobile credential verification. OCR extracts data from ID documents, while facial recognition confirms that the user matches the document. These enhance security and limit data sharing. Users are also screened against criminal, terrorist, or PEP lists to identify potential risks.
With zkMe, the Holder's verification proofs (in form of Soulbound Token or SBT) are minted from the SSI wallet, accessible via the zkMe App or Widget, onto the Holder’s asset wallet. The asset wallet is a digital wallet that Holders use to interact with Web3 dApps. It is typically self-custodial, granting users full control over their assets and private keys. If a Holder participates in multiple blockchain ecosystems, a delegated copy of the SBT is minted for each ecosystem. This ensures a seamless Holder dApp user experience.
zkMe employs Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARKs), running directly on user devices to generate anonymized Zero-Knowledge Proofs (ZKPs) representing the Holder's identity without disclosing sensitive data. Only anonymized credentials are presented to Verifiers, ensuring privacy and security.
-> Get started: zkMe Identity Hub
The zkMe widget is provided by the zkMe JavaScript SDK, allowing developers to integrate credential verification features into their applications. It provides libraries and APIs for easy interaction with the zk-credential network.
The zkMe Widget is a JS component and the first offering within the zkMe SDK. It is designed for desktop browser use, enabling seamless user verification directly within the user interface. It provides all zkMe App functionalities via mobile QR codes, simplifying secure user interaction with web3 services. The zkMe SDK provides a user-friendly verification method. Verifiers can efficiently validate presented proofs (SBTs in the Holder's asset wallet) through zkMe web API, smart contracts, or prompt users for new proofs via a Pop-Up window.
-> Get started: Integration Guide
The zkMe Dashboard is a versatile dashboard tailored for a dApp’s user eligibility check needs. Verifiers can customize preset "Verification Profiles", defining specific business eligibility requirements, such as age or geographic restrictions and checking . Equipped with a comprehensive toolset, zkMe Biz streamlines KYC processes for developers, providing customizable verification criteria, analytics, and reporting. With configurable API keys, developers can seamlessly integrate their web3 dApps with the zkMe Credential Network, ensuring compliance and a smooth user experience.
-> Get started: Set Up Your zkMe Dashboard
The zkMe OpenAPI serves a critical function by enabling developers to seamlessly integrate advanced credential verification processes into their applications. It facilitates secure user interactions and compliance with privacy standards through its comprehensive suite of RESTful services. It includes detailed API documentation for both KYC (Know Your Customer) and KYT (Know Your Transaction) procedures, offering a wide array of endpoints for tasks such as checking API status, compiling user lists, accessing KYC information, managing address labels, and conducting in-depth risk assessments and transaction analyses. Essential for ensuring secure and private user verification, the OpenAPI supports developers with necessary tools for authentication, including the use of merchant numbers and API keys, and outlines the protocol for request structure and rate limitations to maintain system integrity and performance.
-> Get started: zkMe API
The zkMe zkVault is a Verifiable Data Registry on IPFS-based decentralized storage; providing a distributed architecture to prevent single points of failure and unauthorized access. Single ZKPs within a Holder's SBT are stored, ensuring proof reusability and tamper resistance. Additionally, in cases required by law, threshold encryption is used to encrypt raw identity documents, requiring multiple parties to jointly encrypt and decrypt data, enhancing security. The original identity documentation is securely stored using 2-out-of-2 threshold cryptography, which will transition to 3-out-of-3 threshold cryptography, ensuring maximum privacy through split private keys while maintaining regulatory compliance.
-> Learn more: zkMe zkVault
The zkMe DID Registry is the on-chain registry that records and manages zkMe decentralized identifiers (DIDs). It enables users to register, update, delete, and resolve DIDs through a smart contract deployed on ZetaChain. Each zkMe DID is linked to an EVM address, which acts as the controller, ensuring secure and verifiable identity management. The registry maintains essential DID data such as creation timestamps, updates, and associated DID documents. The registry ensures security through cryptographic signing and immutable on-chain records, making it a trustless and verifiable identity solution.
-> Learn more: zkMe DID Method
To facilitate decentralized verification, zkMe developed a suite of smart contracts, enabling the protocol and Verifiers to process verifications autonomously. zkMe Mint and Delegate smart contracts mint the original and delegate copies of the DID to the Holder's wallets. zkMe Verify and Certify smart contracts allow Verifiers to interact with the zkMe network and request minting of a special SBT copy for legal data access requirements if necessary. All functionalities available through the zkMe SCs are also available on zkMe APIs for non-web3 native Verifiers.
-> Learn more: zkMe Protocol Smart Contract
