Privacy-preserving identity for the sovereign web.
ZER0ID proves who you are without revealing what you are. ZK-SNARK circuits generate cryptographic proofs of identity attributes — age, jurisdiction, sanctions compliance, sybil resistance — without exposing underlying data.
Built for VEIL agents and humans alike.
zeroid/
├── circuits/ Circom ZK circuits
│ ├── kyc_verifier.circom Master KYC verification circuit
│ ├── age_check.circom Age threshold proof
│ ├── country_check.circom Jurisdiction membership proof
│ ├── sanctions_check.circom OFAC sanctions exclusion proof
│ └── sybil_nullifier.circom Unique-human nullifier
│
├── contracts/
│ └── ZeroIdVerifier.sol On-chain Groth16 verifier
│
├── packages/
│ ├── sdk/ Client SDK (TypeScript)
│ │ ├── client.ts API client
│ │ ├── prover.ts Browser-side proof generation
│ │ ├── passkey.ts WebAuthn passkey integration
│ │ └── types.ts Shared types
│ │
│ ├── server/ Issuer & Verifier (Node.js)
│ │ ├── api/ REST endpoints (credential, proof, verify, aggregate)
│ │ ├── crypto/ AES-256, EdDSA, key management
│ │ ├── issuer/ Credential issuance, escrow, Poseidon hashing
│ │ ├── kyc/ KYC provider adapters
│ │ ├── sanctions/ OFAC Merkle tree, sanctions screening
│ │ ├── verifier/ Proof verification, caching, aggregation
│ │ └── db/ OrbitDB persistence
│ │
│ └── widget/ React Components
│ ├── ZeroIdModal.tsx Drop-in verification modal
│ ├── ProofStatus.tsx Proof state display
│ └── useZeroId.ts React hook
│
└── turbo.json Monorepo pipeline
| Level | Name | What It Proves |
|---|---|---|
| L0 | Anonymous | Nothing — default state |
| L1 | Pseudonymous | Unique human (sybil nullifier) |
| L2 | Verified | Age + jurisdiction + sanctions clear |
| L3 | Attested | L2 + third-party attestation |
| L4 | Sovereign | L3 + on-chain identity bond |
# Install dependencies
npm install
# Build all packages
npx turbo build
# Run the server
cd packages/server && npm start
# Compile circuits (requires circom + snarkjs)
cd circuits/scripts && ./compile.sh && ./setup.shimport { ZeroIdClient } from '@zeroid/sdk';
const client = new ZeroIdClient({ endpoint: 'https://api.zeroid.dev' });
// Generate a proof of age ≥ 18 without revealing DOB
const proof = await client.prove('age_check', {
threshold: 18,
credential: userCredential,
});
// Verify on-chain or off-chain
const valid = await client.verify(proof);import { ZeroIdModal } from '@zeroid/widget';
<ZeroIdModal
checks={['age_check', 'sanctions_check']}
onVerified={(proof) => handleProof(proof)}
/>- Credential Issuance — User completes KYC with a provider. ZER0ID issues a signed credential containing hashed attributes (never raw data).
- Proof Generation — Client-side Circom circuits generate a Groth16 proof that specific attributes satisfy constraints (e.g., age ≥ 18) without revealing the attributes themselves.
- Verification — Proofs are verified on-chain via
ZeroIdVerifier.solor off-chain via the server API. The verifier learns only the boolean result. - Nullifiers — Sybil nullifiers ensure one-proof-per-human without linking proofs to identities.
Circom · Groth16 · snarkjs · Solidity · TypeScript · React · OrbitDB · WebAuthn
- Product Page: thesecretlab.app/kyc
- VEIL Ecosystem: veil.markets
- Parent Org: thesecretlab
Prove who you are without revealing what you are.