The problem Knowallet solves
Knowallet is an identity layer for web which uses ZK, AI, cryptography & blockchain to prove identity without revealing any extra knowledge.
- B2C companies need to have KYC so that they could serve their customers the right product. Traditional KYC methods reveal more than what's needed. Knowallet solves this with ZK proofs & multi-chain smart contract verifiers.
- Polygon ID is solving identity problem. Knowallet adds extra layer of actual doc verification using AI.
- Institutions have full authority to lookup KYC details of any user. Knowallet imposes that they need to take consent from the end users now (consent notification is sent via Push Protocol).
- There is no on-chain identity proof that could serve as equivalent to off-chain identity proof (e.g. passport). Knowallet provides this on-chain id proof (using REVISE SDK).
- The Knowallet system ensures absolutely ZERO-trace of persistent user data. It means that the system does not store any confidential data about user (that they used to do KYC), even temporarily. So absolutely zero chance for data leaks!
- Apart from providing knowledge of if the holder of the wallet is of certain age, Knowallet also provides the data on if the wallet is owned by a person in the list of sanctioned countries and denies KYC for such wallets. THIS IS ONE OF THE MOST PAINFUL PROBLEM that government/defi companies/dexes/cexes are dealing with.
- IPFS is our fallback for secure-investigation in case requestors are not satisfied with the ZK-proof and verification. For the fallback, the user encrypts the confidential data with his public key and stores on IPFS (all via Knowallet). If a requestor wants to really see that data (which is the traditional way of KYC operations), he can seek consent from the user to decrypt it back using his private key. So, IPFS plays an important role in fallback investigation.
Challenges we ran into
- Bad WiFi at the venue.
2.Understanding ZK-SNARK, circom circuits & PLONK verifier took time as these are highly advanced topics.
- Deploying on-chain smart contract verifiers for the ZK proofs was challenging due to limited resource to look up to.
- Using Tesseract for AI-powered doc verification was challenging especially when we had little work-exposure to AI domain.
- There are a lot of moving parts: Frontend, API server, AI service, smart contract verifiers, ZK-proof generation scripts mainly form the core of the product. We then integrated other useful features of Push Protocol, Revise, ENS which made it further difficult to manage.