Skip to main content

What is Zikuani?

Zikuani is a solution that allows holders of a government-signed digital identity to prove their identity in a privacy preserving way. It provides tools to generate and verify proofs, authenticate users, and verify proofs using Web2 or Web3 technologies.

The project aims to create a privacy respecting infrastructure for enhancing the digital identity system. We strive to strengthen people privacy by minimizing data collection, enabling individuals to access a wide range of valuable services without disclosing sensitive information.

What problems solve this project?

A lot of sensitive user data are leaked daily to private companies, criminals, and other organizations. This fact occurs because the technology we use daily is hungry for collecting people's information, which does not even serve any purpose for the user. This collected data is sold to other organizations or governments or is usually lost in cyberattacks.

Sometimes, service providers need to identify their users as real persons, especially when regulations require it. We need a way for the user to prove their identity and other characteristics abouth themselves (Such as their age) in a manner that does not leak sensitive information but can be totally trusted and verifiable by the service provider. This trust could come, for example, from the government-supplied digital identity.

How we solve this problems

We have used one of the most significant innovations in cryptography in recent years, called zero-knowledge proofs (ZKP). This type of cryptography allows the user to prove to have some information to someone else without actually revealing the data. For instance, a user can show that she knows a secret password without sending it to the other party. As another example, she can also prove that she has a secret key that belongs to a public key pair without actually sharing the secret key.

ZK allows the user to create a mathematical proof of having some information that can be validated by a third party called the verifier. In our use case, we extract the signed identity data locally on the user's device — today, either from a biometric passport's NFC chip (ICAO 9303) or from a government digital signature credential such as Costa Rica's Firma Digital — and create an anonymous proof of it. Hence, the user can prove that she has an identity validated (signed) by the government without actually sending the document and the sensitive information contained there. On the other hand, depending on the use case the service provider can ask the user to reveal specific information from the credential that the person has to accept and confirm.

Support for the mobile driver's license standard (mDL, ISO/IEC 18013-5) is planned as a third credential source.

Potential Use Cases

Zikuani has many potential use cases where we can help improve user privacy, such as:

  • Anonymous authentication
  • Decentralized anonymous voting
  • Anonymous proof of humanity
  • Health data privacy
  • Know Your Customer (KYC)
  • Privacy-preserving verification
  • Anti-Sybil mechanisms
  • DAO governance
  • Quadratic Funding (QF)
  • Wallet recovery

And many more