Monorepo for the Proof of Passport protocol.
Proof of Passport lets users scan the NFC chip in their government-issued passport and prove the correctness of the signature in a zk-SNARK. This unlocks two interesting use cases:
As a first application, users who can prove they indeed hold a valid passport can verify this proof on-chain to mint a Soulbound Token (SBT).
app
: Mobile appcircuits
: Circom circuitscontracts
: Solidity contractscommon
: Common utilsregistry
: Public key registryIf it has this symbol on the front cover, yes.
The circuit looks like this:
Most of the data of interest is in the Datagroup 1, which contains the following info:
This goes through a bunch of hashes, concatenations with other data, and then is signed. By verifying the signature, we can make sure the personnal information cannot be altered.
Most countries use RSA with sha256 but some of them use other signature algorithms like ECDSA and other hash functions like SHA-512. You can find a summary of the signature algorithm used here
Currently we support the most common one, RSA with sha256. We're planning to add support for others shortly. Feel free to try your hand at implementing one!
The International Civil Aviation Organization (ICAO) is a specialized agency of the United Nations. Among other things, it establishes the specifications for passports, that have to be followed by all countries. The full passport specs are available here.
You can download the full list of public keys on the ICAO website, in the strange .ldif
format. The parsed list is here
Here is all that can be proven:
Note that we can't access DG3 and DG4 which are optional fingerprint and iris scan without government authorization.
Yep. Currently we don't use it. If you have an idea of some fun zkml to do with it, let us know!
The SBT circuit includes a commitment to your address. If someone else tries to mint it, they will mint it to your address.
We will provide bounties for all those applications. Those are not fixed right now, so please contact us if you're interested.
Everything we write is MIT licensed. Circom and circomlib are GPL tho.
We are actively looking for contributors. Please check the open issues if you don't know were to start! We will offer bounties from $100 to $1000 for any significant progress on these, depending on difficulty. Please contact us for more details.
Contact me @FlorentTavernier on telegram for any feedback.
Thanks to Rémi, Youssef, Aayush, Andy, Vivek, Marcus and Andrew for contributing ideas and helping build this technology, and to EF PSE for supporting this work through grants!