MeID - Anti-Sybil Suite
Anti-Sybil SDK - A rapid and privacy-preserving solution to combat bot and sybil attacks by using the RedirectURL as the src-attribute value for the iFrame.
Use Case
When you need to protect a website or application from automated attacks, you can use anti-bot mechanisms. These attacks can result in malicious behavior, such as spamming, data theft, or network disruption. Anti-bot technology is designed to identify and block these attacks to ensure that only real human users can access your website or application.
In this case, users are required to undergo facial liveliness detection to prove that they are real human users. This detection requires users to perform specific actions or expressions in front of a camera to prove that they are genuine humans and not automated programs. This technology can help prevent automated attacks and fraud, and increase the security and reliability of your website or application.
zkMe-Widget MeID Process
Step 1: Enter the service authorization Widget page; the user confirms and goes to the next step
Step 2: E-mail verification login / Wallet address login
Step 3: Verify that the user has authorized MeID
Step 4: Based on the outcomes of the initiated query, a determination is made regarding whether to commence the authentication process for the specified user.
Interaction Instructions

Integration via NPM
You can refer to @zkmelabs/widget and please make sure to use the latest version.
Installation
pnpm add @zkmelabs/widget
# or
yarn add @zkmelabs/widget
# or
npm install @zkmelabs/widget
Getting Started
Step 1. Import styles
import '@zkmelabs/widget/dist/style.css'
Step 2. Create a new ZkMeWidget
instance
ZkMeWidget
instanceimport { ZkMeWidget, type Provider } from '@zkmelabs/widget'
const provider: Provider = {
async getAccessToken() {
// -------------------------TODO-------------------------
// Request a new token from your backend service and return it to the widget.
// For the access token, see docs.zk.me/zkme-dochub/verify-with-zkme-protocol/integration-guide/javascript-sdk/meid-anti-sybil-suite#how-to-generate-an-access-token-with-api_key
// ------------------------------------------------------
return fetchNewToken()
},
async getUserAccounts() {
// -------------------------TODO-------------------------
// If your project is a Dapp,
// you need to return the user's connected wallet address.
const userConnectedAddress = await connect()
return [userConnectedAddress]
// If not,
// you should return the user's e-mail address, phone number or any other unique identifier.
//
// return ['email address']
// or
// return ['phone number']
// or
// return ['unique identifier']
// ------------------------------------------------------
},
}
const zkMeWidget = new ZkMeWidget(
// -------------------------TODO-------------------------
appId, // This parameter means the same thing as "mchNo"
'YourDappName',
chainId,
provider,
{
lv: 'MeID'
// For other options, please refer to the table below
}
// ------------------------------------------------------
)
options.theme
Theme?
"auto"
, "light"
or "dark"
, default "auto"
.
options.locale
Language?
"en"
or "zh-hk"
, default "en"
.
Step 3. Listen to the meidFinished
widget event to detect when the user has completed the MeID process
meidFinished
widget event to detect when the user has completed the MeID processfunction handleFinished(results) {
const { isGrant, associatedAccount } = results
if (
isGrant &&
associatedAccount === userConnectedAddress.toLowerCase()
) {
// Prompts the user that MeID verification has been completed
}
}
zkMeWidget.on('meidFinished', handleFinished)
Step 4. Launch the zkMe widget and it will be displayed in the center of your webpage
// This is the code to launch our widget on your page
button.addEventListener('click', () => {
zkMeWidget.launch()
})
Helper functions
verifyMeidWithZkMeServices()
Before launching the widget, you should check the MeID status of the user and launch the widget when the check result is false
.
import { verifyMeidWithZkMeServices } from '@zkmelabs/widget'
// MeID
const { isGrant } = await verifyMeidWithZkMeServices(
appId,
userAccount
)
appId
string
This parameter means the same thing as "mchNo"
userAccount
string
The userAccount
info (such as wallet address, email, phone number, or unique identifier) must match the format of accounts returned by provider.getUserAccounts
.
How to Generate an Access Token with API_KEY
To use your API_KEY to obtain an accessToken, you will need to make a specific HTTP request. Here's how you can do it:
a. Endpoint: Send a POST
request to the token exchange endpoint.
POST
request to the token exchange endpoint.POST https://nest-api.zk.me/api/token/get
b. Request Body:
apiKey
True
string
The API_KEY provided by zkMe.
appId
True
string
A unique identifier (mchNo) to DApp provided by zkMe.
apiModePermission
True
number
0 - email login 1 - wallet address login
lv
True
number
The parameter must be passed and always be 2.
c. Response
ZkMeWidget instance methods
Response & Exceptions
Last updated