Skip to content
Zassport

Zassport

Prove Identity. Protect Privacy. Build Nations.

57
Built at Zypherpunk

Created on 4th December 2025

Zassport

Zassport

Prove Identity. Protect Privacy. Build Nations.

Carousel Gallery Item: 1
Carousel Gallery Item: 2
Carousel Gallery Item: 3
Carousel Gallery Item: 4
Carousel Gallery Item: 5

The problem Zassport solves

The Privacy Paradox in Digital Identity

Today's digital world forces a false choice > prove who you are OR keep your privacy.

Every time you verify your identity for DeFi, prove nationality for services, or access region-locked content, you're forced to expose your entire passport :

  • full name
  • photo
  • date of birth
  • passport number
  • address even when you only need to prove you're over 18 or from country X.

This creates four critical problems :

1. Privacy Violation at Scale

  • Traditional KYC requires uploading full passport scans to centralized databases
  • Your data gets stored, shared, and potentially leaked across dozens of services
  • One breach = your identity exposed forever (passports can't be "reset" like passwords)
  • Example: You want to buy crypto, but now 10 companies have your full passport data

2. Surveillance Infrastructure

  • Centralized identity databases become honeypots for hackers and governments
  • Every verification creates a permanent record of where you've been and what you've done
  • No way to prove attributes without creating a surveillance trail
  • Result: Privacy death by a thousand cuts

3. Network State Measurement Problem

  • How do you count members of a digital community without doxxing them?
  • Traditional census = everyone reveals identity (privacy nightmare)
  • No census = can't measure growth, prove legitimacy, or allocate resources
  • Blocker: Network States can't scale without privacy-preserving population tracking

4. Broken Trust Model

  • You must trust third-party verifiers not to misuse your data
  • Verifiers must trust you're not faking documents
  • No cryptographic guarantees -> just "trust me bro"
  • Problem: Trust doesn't scale in decentralized systems

Zassport's Solution: Zero-Knowledge Identity

What people can use it for :

Age-Gated Access (Privacy-First KYC)

  • DeFi Platforms: Prove you're 18+ to access lending/trading without uploading passport
  • Social Platforms: Age verification for content access (no data harvesting)
  • Gaming: Age restrictions without exposing personal info
  • Why it matters: Current KYC creates massive data liability for platforms + privacy nightmare for users

Geographic Verification (Region-Specific Services)

  • Airdrops: Prove nationality for token eligibility (no fake sign-ups)
  • Localized Services: Access region-locked content/features privately
  • DAO Membership: Country-based participation without doxxing
  • Why it matters: Compliance without surveillance

Network State Census (zk-Census) (we can merge)

  • Population Tracking: Count unique members without revealing identities
  • Sybil Resistance: One passport = one identity (cryptographically enforced)
  • Growth Metrics: Prove community size to investors/partners privately
  • Resource Allocation: Fair distribution based on verified membership
  • Why it matters: First-ever way to measure digital populations with zero doxxing

Reputation Systems (Trust Without Identity)

  • Anonymous Voting: One passport = one vote (no Sybil attacks, no doxxing)
  • Reputation Building: Earn trust based on proofs, not exposed identity
  • Community Governance: Participate in DAOs without revealing who you are
  • Why it matters: Decentralized trust at scale

How It Makes Existing Tasks Easier & Safer

Safer Than Traditional KYC:

  • Old Way: Upload passport → stored in database → hope it doesn't leak
  • Zassport: Generate proof in browser → data never leaves device → nothing to leak
  • Result: Zero-knowledge = zero data breach risk

Faster Than Manual Verification:

  • Old Way: Submit docs → wait 24-48hrs → hope for approval
  • Zassport: Scan passport → generate proof (~3s) → instant verification
  • Result: Real-time verification vs. days of waiting

Cheaper for Platforms:

  • Old Way: Pay KYC providers $1-5 per verification + data storage costs
  • Zassport: ~$0.0002 per on-chain attestation (10,000x cheaper)
  • Result: Makes compliance affordable for small teams/DAOs

Accessible to Everyone:

  • Old Way: Requires uploading docs, trusting centralized services, often geo-restricted
  • Zassport: Works in any browser, no accounts, no geo-blocks, self-sovereign
  • Result: Financial inclusion for the unbanked

Cryptographically Guaranteed:

  • Old Way: Trust verifier not to lie or collude
  • Zassport: Ed25519 signatures + ZK proofs = math-based trust
  • Result: Don't trust, verify

Real-World Impact (Why should we care ?)

For Network States : This solves the #1 blocker for digital nation-building : how to measure population without doxxing citizens.

Zassport enables :

  • Census without surveillance
  • Voting without identity exposure
  • Resource distribution based on verified membership
  • Proof of community size to investors/partners

First practical ZK-passport system on Solana

Challenges I ran into

Challenge 1 : The Groth16 Cost Explosion

The Problem :
Initially, I tried to verify ZK proofs on-chain in the Solana program. Groth16 verification requires pairing operations over BN128 elliptic curves -> this consumed ~200,000 compute units per proof (Solana's limit is 1.4M per transaction).

With multiple proofs per user (age + nationality + passport validity), I'd hit the compute limit immediately. Plus, at ~$0.20 per verification, the system would be economically non-viable.

How I Solved It :
I invented a hybrid architecture that's now Zassport's secret sauce:

  1. Off-chain verification : Verifier service validates ZK proof using snarkjs (instant, free)
  2. Ed25519 attestation : Verifier signs a message:

    "age_verified:true:user_pubkey:timestamp"

  3. On-chain validation : Solana program only checks Ed25519 signature (~1k compute units)

Result :

  • Cost : $0.20 → $0.0002 (1000x cheaper)
  • Speed : Block time → instant (off-chain)
  • Scalability : Single proof → unlimited proofs
  • Key insight : Not everything needs to be on-chain -> smart use of cryptographic signatures creates trust without on-chain computation

Challenge 2 : The Circuit Constraint Nightmare

The Problem :
My initial age proof circuit had 12,000+ constraints because I was naively implementing date arithmetic with standard comparison operators. Proof generation took 45+ seconds in the browser - completely unusable UX.

Circom doesn't have native date/time primitives, so every operation (division, modulo, comparison) gets compiled to R1CS constraints. My "simple" age check was actually 12,000 multiplication gates!

How I Solved It :
I rewrote the circuit using timestamp-based age calculation and optimized comparison operators:

Key optimizations :

  • Used Poseidon hash instead of SHA-256 (300 constraints vs. 20,000!)
  • Pre-computed date → timestamp conversions off-circuit
  • Leveraged Circom's built-in optimized comparators
  • Removed all unnecessary intermediate signals

Result :

  • Constraints : 12,000+ → 612 (95% reduction)
  • Proof time : 45s → 2.5s (18x faster)
  • Browser compatibility : Unusable → Smooth UX
  • Lesson learned : In ZK circuits, every line of code is expensive -> optimize like your life depends on it

Challenge 3 : The Nullifier Double-Spend Race Condition

The Problem :
Users could spam multiple registration transactions in quick succession, creating multiple identities from one passport before the first transaction's nullifier hit the blockchain. This broke our Sybil resistance guarantee.

How I Solved It :
I implemented atomic nullifier registration using Solana's account rent system:

By making nullifier creation part of the registration instruction itself, Solana's runtime guarantees atomicity:

  • If nullifier account already exists → transaction fails
  • If transaction fails → no state changes
  • Concurrent transactions → only first one succeeds

Result :

  • Race condition eliminated (cryptographically impossible now)
  • Sybil resistance : guaranteed one passport = one identity
  • Key insight : Leverage blockchain primitives (account creation) for security guarantees instead of manual checks

Challenge 4 : Browser ZK Proof Generation Memory Crashes

The Problem :
Initial circuit artifacts were 50MB+ per circuit. Loading 3 circuits (age, nationality, passport) = 150MB downloaded to browser. Mobile devices crashed, desktop browsers froze during proof generation.

How I Solved It :

  1. Optimized trusted setup : Used smaller Powers of Tau ceremony (adequate for circuit size)
  2. Lazy loading : Only download circuits when needed (not all upfront)
  3. Web Workers : Moved proof generation to background thread
  4. Artifact compression : Served .zkey files gzipped

Result :

  • Artifact size : 50MB → 10MB per circuit (5x reduction)
  • Mobile compatibility : Crashes → Smooth operation
  • UX: Frozen browser → Responsive UI with progress bar

Lessons Learned !!

  1. Hybrid architectures can give you the best of both worlds (privacy + efficiency)
  2. Every constraint matters in ZK circuits so optimize ruthlessly
  3. Leverage blockchain primitives for security instead of manual checks
  4. Browser performance is critical for real-world ZK adoption

These challenges taught me that building production-ready ZK systems requires thinking beyond just -- does the proof work?

you need economic viability, UX polish, and security-by-design. That's what separates Zassport from proof-of-concept demos.

Tracks Applied (1)

General Bounty

Zassport is purpose-built to solve both core challenges outlined in the Network School Track --> 1. zk-Passport: Privac...Read More

Network School

Technologies used

Next.js

NFC

Rust

Solana

Solana Blockchain

SolanaSDK

Cheer Project

Cheering for a project means supporting a project you like with as little as 0.0025 ETH. Right now, you can Cheer using ETH on Arbitrum, Optimism and Base.

Discussion

Builders also viewed

See more projects on Devfolio