Skip to content
SuiVerify

SuiVerify

Your Identity, Your Control, Zero Compromise.

24
Built at NMIT HACKS 2025

Created on 18th May 2025

SuiVerify

SuiVerify

Your Identity, Your Control, Zero Compromise.

Carousel Gallery Item: 1
Carousel Gallery Item: 2
Carousel Gallery Item: 3
Carousel Gallery Item: 4
Carousel Gallery Item: 5
Carousel Gallery Item: 6

The problem SuiVerify solves

The Problem It Solves

What Is the Problem?

Today, most Web3 and Web2.5 applications require users to prove their identity or eligibility (such as age, citizenship, or KYC status). This is usually done by uploading sensitive documents (like Aadhaar, passport, or driver’s license) to a centralized server. This approach has several major issues:

  • Privacy Risks: Centralized storage of sensitive documents exposes users to data leaks, hacks, and misuse-even if the data is only accessed temporarily.
  • Lack of User Control: Users have no way to control or audit how their data is stored, used, or shared after submission.
  • Repetitive KYC: Users must repeatedly submit the same documents to every new service or dApp, increasing exposure and friction.
  • Verifier Burden: dApps and verifiers must handle and secure sensitive data, which increases compliance costs and risk.

How suiVerify Makes Things Easier and Safer

  • Privacy-Preserving Verification:
    Users can prove eligibility (e.g., “I am 18+”) without ever sharing their actual documents or personal information with dApps or verifiers.
  • User-Controlled Identity:
    Once verified, users receive an NFT attestation that can be reused across any supported dApp, putting them in control of when and how they share proof of eligibility.
  • No Data Exposure:
    Sensitive documents are encrypted client-side and stored in decentralized storage (Walrus), never accessible to the provider, verifier, or any third party.
  • Trustless Attestations:
    Verifiers can trust the authenticity of a claim by checking on-chain attestations, without needing to see or handle sensitive data.
  • Frictionless Experience:
    Users only need to verify once, then use their NFT as proof anywhere-no more repeated KYC or document uploads.
  • Reduced Compliance Burden:
    dApps and verifiers no longer need to store or process sensitive user data, reducing their legal and operational risk.

Use Cases

  • Streaming platforms verifying age for content access.
  • Voting dApps checking citizenship or residency without exposing identity.
  • DeFi protocols requiring proof of KYC/AML compliance without storing user documents.
  • Gaming platforms enforcing age or regional restrictions safely.

In summary:
suiVerify solves the problem of secure, privacy-preserving, and reusable identity verification for Web3 applications-making it safer and easier for both users and dApps.

Challenges I ran into

Challenges I Ran Into

Building Trust Between Provider and Verifier

One of the biggest hurdles was establishing a trustworthy and privacy-preserving bridge between the identity provider (us) and the verifier dApps. In a decentralized setting, verifiers need to trust that user credentials are authentic-without ever seeing the original sensitive data.

The Bug/Hurdle

  • Problem:
    If the provider can see or manipulate user data, the system isn’t truly trustless. If the verifier can’t independently trust the attestation, the whole flow breaks down.
  • Initial Attempts:
    Early prototypes exposed too much to the backend, or required verifiers to trust off-chain processes, which defeated the purpose of decentralization.

The Solution

  • TEE (Trusted Execution Environment):
    I implemented a TEE to ensure all sensitive verification logic (like document checks and face matching) runs in a secure, isolated enclave. This means even the backend can’t access raw user data.
  • On-Chain Attestation Contracts:
    Every verified claim is attested on-chain using Sui Move smart contracts. Verifiers can now programmatically validate that an attestation was issued by a trusted provider, without ever seeing the underlying data.
  • Decentralized Storage (Walrus) & Encryption (Seal):
    All user documents are encrypted client-side with Seal and stored in Walrus, a decentralized storage layer. Neither the provider nor the verifier ever has access to the raw data.

Why This Makes suiVerify Special

  • The infrastructure is zero-knowledge by design: the provider never sees the data, and the verifier only sees cryptographic proofs and attestations.
  • This approach raises the bar for privacy and trust in decentralized identity, making suiVerify stand out from traditional and even other Web3 identity solutions.

In summary:
By combining TEE, on-chain attestations, and decentralized encrypted storage, I overcame the core challenge of building verifiable trust-without ever exposing user data.

Tracks Applied (1)

Blockchain

Decentralized Identity & Verification: Sui is designed to support secure, privacy-preserving digital identity systems, e...Read More

Technologies used

Node.js

Next.js

Blockchain

Tailwind CSS

Smart Contracts

Cheer Project

Cheering for a project means supporting a project you like with as little as 0.0025 ETH. Right now, you can Cheer using ETH on Arbitrum, Optimism and Base.

Discussion

Builders also viewed

See more projects on Devfolio