Skip to main content

ZK Passport

Rarimo has developed a novel solution that turns a regular biometric passport into a flexible digital identity credential for Web3. Importantly, this is done without compromising the security of your sensitive data by using zero-knowledge proofs.

ZK Passport can be used to prove reliably:

  • uniqueness
  • humanity
  • citizenship
  • age
  • any other data contained in the passport

How it works

info

Check out the ZK Passport sandbox to get familiar with the flow.

Using ZK Passport from a user perspective is simple and seamless:

  1. Set Up: Install the RariMe App on your phone. Use the app to scan your passport with the phone's camera and NFC chip during a one-time setup.
  2. Proof Request: When a DApp requests passport proof, scan the QR code provided by the DApp using the RariMe App and approve the proof generation request.
  3. Proceed: After the proof is processed, continue using the DApp without interruption.

Light vs full verification mode

ZK Passport offers two modes of verification to balance decentralization and computation load on the client:

  • Full Verification: This mode is fully decentralized. The client generates proof of passport validity by verifying the issuer's signature and checking the hash sum for integrity. Uniqueness is guaranteed by adding the passport hash to an on-chain Merkle tree stored in the ZK Registry. However, a limitation of this mode is that certain types of digital signatures used in passports cannot yet be efficiently incorporated into ZK proofs. Despite this, full verification is the preferred choice for privacy-sensitive applications, offering robust censorship resistance and leveraging the privacy network effect described below.

  • Light Verification: This mode reduces decentralization slightly to offload some computations from the client while maintaining privacy. The client generates proof of passport integrity (hash sum check), while a trusted verifier performs the validity check (issuer's signature). Uniqueness is limited to the scope of the verifier instance. By offloading signature verification, this mode supports most existing passport types out of the box, making it a practical option for less privacy-critical applications.

DApps can verify the proofs both on-chain and off-chain.

Dictionary attacks and the privacy network effect

Passport issuers or other third parties may try to identify users who participate in specific social apps by executing a "dictionary" attack that consists of hashing all known passports and checking them against the passport registry.

By using a global Merkle tree of passport hashes shared by all users and social apps, Rarimo creates a privacy network effect where the system's security is enhanced with the growth of the user base. The dilution of hashes in the shared Merkle tree makes it progressively more challenging to deduce a connection between specific passports and social apps. The bigger the network gets, the more plausible deniability the users get.

Challenges and limitations

The first implementation of ZK Passport comes with some limitations:

  • Some types of passports are not supported in the full verification mode yet due to limitations of mobile phone hardware.
  • No biometric checks are included, meaning someone may scan a stolen or borrowed passport. ZKML solutions may alleviate this in the future.
  • There's no way to prevent a holder of multiple passports from onboarding multiple times.
  • Only passports with Active Authentication support recovery at the moment. An MPC-based solution is considered to circumvent this limitation.