Skip to content

Latest commit

 

History

History
129 lines (78 loc) · 4.48 KB

README.md

File metadata and controls

129 lines (78 loc) · 4.48 KB

Anon DigiLocker

Anon DigiLocker is a protocol for proving ownership of identity documents in DigiLocker by selectively revealing information in the doc.

We create Zero Knowledge Proof of signed XML documents from DigiLocker. Proof generation happens entirely on the browser meaning no data has to be sent to a server. The proof can be verified on-chain and off-chain.

It is recommended to use this alongside Anon Aadhaar


Demo: https://anon-digilocker.vercel.app/


How it works

  • DigiLocker documents are issued with XML signatures.
  • The signature process works like this - the certificate data is signed using SHA256, and the hash is added to the <SignedInfo> node, which is then signed under SHA1-RSA.
  • The circuits take in
    • The signed data of the XML
    • <SignedInfo> node
    • Signature and Public key
    • and more...
  • The circuit generates the SHA256 hash of the signed data, ensures it is present in the <SignedInfo> node, generates the SHA1 hash of the <SignedInfo> node, and verifies the RSA signature of SHA1 hash with the public key.
  • The circuit extracts the type of document (PAN, DrivingLicense, etc), computes a nullifier, and reveals data between the start and end indices as set by the prover.

Fetching Digilocker XMl Document

  1. Open DigiLocker app and go to the "Issued" tab.
  2. Find the document you want to make proof of and choose "Download XML" from the menu.
  3. Copy the XML and save it as xml file
  4. You can save it in the /packages/circuits/test/test-data folder and run yarn test to test with your document.

📦 Packages

This repo contains the core ZK circuits of Anon DigiLocker and JS SDK for developers to integrate into their applications.

The following packages are available, and published to npm:


Building and Running locally

Below steps are for building Anon DigiLocker circuits locally and generating proof with it.

For production, always use the published npm packages.

Requirements:

  • Node JS (v18 or higher)
  • Yarn

Install dependencies

yarn install

Build circuit and generate zkey

# PWD = packages/circuits

yarn build
yarn trusted-setup

This will generate the build folder with the compiled circuit and artifacts. The generated zkey is only meant for testing and should not be used in production.

⚠️ This will take a couple of minutes to finish.

Generate Witness

The below command will generate input for PAN documents and reveal data between num= and " (which is the PAN card number). Note that the revealed data contains the start/end selectors as well.

# PWD = packages/circuits

XML_PATH=test/test-data/pan.xml REVEAL_START='num="' REVEAL_END='"' NULLIFIER_SEED=123  yarn gen-witness

Generate Proof

# PWD = packages/circuits

yarn gen-proof

This will generate and save the proof to packages/circuits/build/proofs/proof.json and the public signals to packages/circuits/build/proofs/public.json

Verify the proof

# PWD = packages/circuits

yarn verify-proof

This will verify the generated proof and print the result to the console.

Verify on-chain

You can also generate the solidity verifier contract using yarn gen-contract and deploy it to a blockchain to verify the proof on-chain. You can use this method to convert the generated proof to a format that can be used in the contract.


Our Community

  • PSE Discord server:
  • Twitter account:
  • Telegram group:

Please join our Telegram group to receive updates, ask questions, get support with integration, etc.


License

MIT