This project is for enabling functionality to check a user's age in a website, with Zero Knowledge technology. The project utilizes o1js ZK library for generating ZK proofs and verifying them.
This project is aimed to be used as a template, a proof of concept and educational material. It is not meant for production use.
The project showcases how user's age verification can be performed for restricted websites. If a suitable KYC provider is used, this project's code can be utilized almost as-is for a real product.
To utilize a real KYC provider with this project, the provider has to meet the following requirements:
- Have a simple UI that can be utilized through an iframe
- Return data in a specific format
- Sign the returned data using Schnorr signatures with specific elliptic curves
Below is a general overview of the process. Each piece is described in more detail.
A restricted website that prompts the user to verify their age.
Later in the process the website asks the Mina circuit to verify a provided proof.
A ZK program is written in the o1js framework. The circuit does the following:
- Receive a signed message from a KYC provider. Verify the signature and generate a proof for the data
- Verify a received proof, along with the claimed data
This is a mocked KYC provider. It's a service which accepts an identity document (or, a mock of one), extracts requested data from it and sends back the data in a signed message.
Used as a coordinator in the process, and to eventually access the website.
The overall process follows the following steps:
- User wants to open a website. The website requires all users to prove that they are above certain age.
- The website opens a separate KYC provider to an iframe.
- The KYC provider is mocked in this project. The provider has their own frontend which is shown in the iframe.
- User performs steps required by the provider. In this project the steps are uploading your mock ID to the provider. The mock ID is a .txt file. The file should contain only the user's age and nothing else. (You can, for example, just save a file with text "50" in it and submit this).
- The KYC provider extracts the age information from the submitted document, creates a JSON message of it and signs it with their private key. The signed message is sent back to the user's browser, out of the iframe.
- The user's browser forwards this message to a Mina ZkProgram. The ZkProgram verifies that the signature is valid and provides a proof for it.
- The user can then submit this proof for the restricted website for verification.
- If the proof is valid, the user is displayed the restricted website
The project is deployed at https://zk-agecheck.vercel.app/ .
The project utilizes Next.js. To run it locally:
- Generate a keypair:
ts-node keygen.ts - Add file .env.local with content:
ORACLE_PRIVATE_KEY="GENERATED_PRIVATE_KEY" - Change the public key in variable
ORACLE_PUBLIC_KEYin index.tsx - Run
npm install - Run
npm run devand open your browser at http://localhost:3000/
You can deploy the project to any hosting service. The only special configuration you need to set is the oracle private key.