Verify your World ID 👁️ (ZK-SNARK), on Starknet ✨,

The problem StarkSight solves

Many projects make use of ZK-SNARK technology to achieve either scalability or privacy (like Worldcoin). Using groth16 over the curve BN254 is a very common practice, as Ethereum has a precompile for pairings over this curve. The problem is that other chains, like Starknet don't, and they also operate over a different field. Garaga emulates the BN254 curve over the Stark field, being able to perform the 3 pairings needed to verify the groth16 proof.

Furthermore, WorldID verification is only accessible on the chains where the Merkle Roots are stored. By using Herodotus we can make the roots available on any Ethereum layer, thus, making WorldID verifiable anywhere.

Challenges we ran into

  • Verifying BN254 groth16 proofs on Starknet is not trivial, as Starknet operates over the Stark field. Because of this, we had to build on top of Garaga, which emulates and provides pairings for the curve BN254 on Starknet.
  • Mocking World ID data
  • Garaga uses hints, so it's not yet deployable on Starknet. Because of this, we had to run the cairo logic locally, simulating the on-chain behavior
  • We wanted to update Argent X to display WorldID verification (upon successful verification). Because we are running locally proven cairo, we don't save the verification result on-chain, making it hard to update the state of Argent X (no real way of telling if the user has been verified yet)