Open in app

Sign in

Write

Sign in

Harnessing Zero-Knowledge Technology for Identity

A Guide to PolygonID and Verifiable Credentials

Thulasiram Peddiboina(Ram)
10 min readApr 23, 2024

1. Introduction:

In the digital era, identity verification remains a pivotal challenge, balancing between security and privacy. Polygon ID uses zero-knowledge proofs to ensure privacy, allowing users to verify their identity without revealing sensitive information.

What are Verifiable Credentials(VCs)?

Verifiable Credentials (VCs) are digital claims made by an issuer about a subject (a person, organization, or thing) that can be verified using cryptographic proofs. In the context of Polygon ID, these credentials are stored in the user’s wallet, making them tamper-proof and easily verifiable by any party without needing direct access to the original issuer.

VCs can represent a wide array of information related to an entity, ranging from personal attributes like age or educational qualifications to official memberships, such as a certificate issued by a Decentralised Autonomous Organization (DAO). If you wanna learn more about VCs go to this link.

Understanding the Core Components of Polygon ID

At the heart of Polygon ID lies the concept of Decentralised Identifiers (DID), a unique identifier that represents every identity — be it an individual, enterprise, or object. This innovative approach to identity is further enriched by the use of Verifiable Credentials (VCs).

Polygon ID distinguishes itself by adhering to the W3C standards, ensuring a universally accepted and compliant framework. The architecture of Polygon ID is meticulously designed around the “Triangle of Trust,” comprising three fundamental modules: the Identity Holder, the Issuer, and the Verifier. This structure facilitates a seamless and secure interaction within the ecosystem.

The Triangle of Trust Explained

  • Identity Holder: This entity possesses claims in the form of VCs, issued by an Issuer. The Holder can generate zero-knowledge proofs for these VCs, allowing them to prove certain information to a Verifier without revealing the underlying data.
  • Issuer: Entities (individuals, organizations, or things) that issue VCs to Holders. These credentials are cryptographically signed, ensuring their authenticity and integrity.
  • Verifier: Verifiers play a crucial role in the ecosystem by validating the proofs presented by Holders. This process involves checking that the VC was indeed signed by the correct Issuer and that it meets the Verifier’s specific criteria, whether conducted off-chain or on-chain.

The Significance of Trust

A pivotal element within this ecosystem is the inherent trust between the Verifier and the Issuer. The cryptographic verifiability of information within a VC doesn’t inherently validate its truthfulness. The reputation and trustworthiness of the Issuer are crucial, enabling the Verifier to rely on the information provided by the VCs issued.

Role of a wallet:

In the Polygon ID ecosystem, the Wallet is instrumental, serving as the conduit for a seamless exchange between the Identity Holder and both the Issuer and Verifier. It’s not just a storage unit but a sophisticated tool that safeguards the user’s private keys, enabling the retrieval of Verifiable Credentials (VCs) and the generation of zero-knowledge proofs. These proofs allow for the secure and private verification of information without exposing the data itself. The design of the Wallet prioritizes the protection and preservation of the Holder’s identity, ensuring that sensitive information is only disclosed with explicit consent.

2. Step-by-Step Guide: Verifying if someone is a frequent traveller using a Polygon ID

Imagine a scenario where a hotel needs to verify whether a patron is a frequent traveler. Traditionally, this involves showing a government ID or travel history, which contains more information than necessary. Polygon ID simplifies this process, allowing an individual to prove their status through a digital credential issued by a trusted entity, such as a government agencies, and stored securely on their mobile device.

Step 1: Downloading and Install the PolygonID Wallet App

  1. Availability: The Polygon ID app is readily available for download on both Android and iOS platforms. Ensure you’re downloading the official app from the respective app stores to guarantee security and functionality.
  2. Installation: Follow the standard installation process as you would with any other app. After installation, open the app to set up your digital wallet. This wallet will store your Verifiable Credentials(VC) securely so please make sure you set a strong PIN to unlock the wallet.

Step2:(Optional) Add custom network to Polygon ID Wallet App

If you want to change the network, click on the network(Which defaults to the Polygon Amoy)

you can see a new window that lists the default networks available.

Click on the “+” button to add a new network. It will open up a new window where you can enter custom network details. Once you click the “Add network“ button, the wallet app will save your custom network and you can switch to your custom network anytime you want.

Step3: Creating frequent traveler schema :

Schema is the underlying structure that defines the credential attributes for a claim. To reuse claims across different services is necessary to keep consistent data formatting. A Claim Schema encodes the structure of a particular claim by defining a type, the fields that must be included inside a claim, and a description for these fields.

Schemas are described via JSON-LD documents. A claim issuer could reuse existing claim schemas or create new ones from scratch.

The Schema Builder is a tool created to simplify the process of creating schemas by using an intuitive user interface and enabling everyone to check previously made schemas.

In this tutorial, I will walk through the process of creating a sample schema called the “Frequent traveler” schema.

Head to Schema Builder where you can start creating your schema. You can fill in basic details on this page and once you fill in those details you can click on the “Define attributes” button to move to the next step.

On this page, you can define basic attributes as mentioned in the image below. Next, you can connect your wallet and publish the schema to the IPFS for free.

After publishing the schema, note down JSON schema URL, and JSON-LD Context URL. These are required to issue credentials and during the verification process.

Note: Once you publish your schema, your schema will be stored on the Polygon ID schema explorer and can be accessible to you and other people to reuse that schema.

Step4: Get your Frequent Traveller credentials:

Once you’ve set up your schema, the next step is to acquire your Frequent Traveler credentials. This can be done through one of two options, depending on your preference and accessibility:

Option-1: From the Polygon ID demo issuer:

Go to the demo issuer https://issuer-ui.polygonid.me/

This is the website created by the PolygonID team to experience what VC issuance would look like. Here you can see a few test credentials schemas that we can use to issue credentials and We can also import our schemas to issue credentials.

Option -2: From the self-hosted issuer:

For those who prefer more control or need to integrate this system into an existing infrastructure, setting up a self-hosted issuer might be the way to go. This method allows you to issue credentials from your server, offering greater flexibility and customization in managing digital identities and credentials. This option is ideal for organizations looking to implement a more personalized approach to credential issuance.

You can refer to this step-by-step guide to set up your issuer node along with the issuer UI.

For more information about the Issuer Node UI, you can refer to this documentation.

Note: It's very important to update these values for the custom network

ISSUER_ETHEREUM_URL=<YOUR_RPC_PROVIDER_URI_ENDPOINT>
ISSUER_DATABASE_URL=<YOUR_POSTGRESQL_DB_INSTANCE>
ISSUER_REDIS_URL=<YOUR_REDIS_INSTANCE>
ISSUER_KEY_STORE_ADDRESS=<YOUR_VAULT_INSTANCE>
ISSUER_SERVER_URL=<PUBLICLY_ACCESSIBLE_URL_POINTING_TO_ISSUER_SERVER_PORT>

Once you can set the issuer node and run the Issuer node UI, or if you can visit the demo issuer click on the “Import schema” button in the top right corner.

on the next page you can paste your JSON schema IPFS URL in the input field and click on the Fetch button(you don’t need to add https to the IPFS URL)

It will fetch details of the schema, and you can check it by clicking on Preview import and clicking on the “Import” button to import it.

Now our Frequent traveler schema has been added temporarily to the available schemas list in the demo issuer.

Now we are ready to get our VC. Go to the demo issuer home page and click on the Issue credential button (next to the “Import schema” button).

Next, select the “Credential link” and click on Next step

Select “frequenttraveller” credential from the dropdown menu.

In the next step, you can choose the credential value you want to add to the VC. For this example, we selected “Yes” to represent that the user who owns this VC is indeed a frequent traveler.

Next, click on the “Create credential link” button

On the next page, you can copy the link address or click on the Open the View link button.

You can see a QR code to scan like the below image and you can scan it using Polygon ID mobile wallet.

After scanning you will be notified to connect with your wallet.

Once you click on Connect, it will send you the claim as a push notification

Note: In some cases, if you don’t get the push notification you can click on the bell icon on the PolygonID wallet app to see the claim notification in the Inbox

Once you click on the Push notification or message(in the inbox) you will be moved to the screen where you can accept the claim.

Once you accept the claim the credential will be added to your DID and you can check your VCs in your wallet by clicking on the Unlock button on the home screen.

Step 3: Verifying Your Credential

Now that you have obtained your credentials, let’s examine how a third party, such as a hotel employee, can easily verify your status as a frequent traveler without requiring your physical identity proof or travel history. This streamlined verification process leverages digital credentials, ensuring a seamless and secure confirmation of your frequent traveler status

Verifying your credential can be accomplished through several methods, each offering different levels of control and integration:

A. Using Polygon ID Query Builder:

  1. Accessing the Polygon ID Query Builder: Navigate to the Polygon ID Query Builder. Here, you’ll find forms to input the URL for JSON-LD Context.
  2. Inputting the URL into the Query Builder: Paste the JSON-LD Context URL (we previously noted down along with the JSON schema URL) into the Query Builder form. The form will automatically retrieve the schema data, allowing you to specify what you wish to build a query for in this case, checking frequent traveler status.
  1. Setting Up Your Query: Ensure that the proof type is set to “Signature-based (SIG).” Follow the guidance provided on the platform to build your query accordingly, then click on the “Create query” button.
    Note: For more details about the query language you can check this documentation.

On the following page, click on the “Test Query” button to generate a QR code.

  1. Scanning the QR Code: Use your PolygonID wallet app, which contains your credentials, to scan the QR code. You will be prompted to approve the verification process. Click on “Approve.”

Upon successful verification, the query builder will display a confirmation message, indicating the successful verification of your credentials.

B. Self-Hosted Verifier:

If you prefer to manage the verification process internally, you can use a self-hosted verifier. This option allows for greater control and customization. You can deploy your verifier backend using this open-source repository.

C. On-Chain Verifier:

The on-chain verification method utilizes a Smart Contract on the blockchain to verify users’ credentials. This approach employs Zero-Knowledge Proof cryptography to ensure that the verification is private, meaning it does not reveal any personal information of the user (prover). To understand more about how on-chain verification works and how it can be implemented, you can refer to the detailed documentation provided.

Conclusion:

This step-by-step guide will help you effectively demonstrate the use of Polygon ID for managing and verifying digital credentials in a practical scenario.

You can visit PolygonID documentation for Integrating Polygon ID into your applications.

Zero Knowledge Proofs
Polygon Network
Polygon Id
Ethreum
Zero Knowledge

--

--

Thulasiram Peddiboina(Ram)

Written by Thulasiram Peddiboina(Ram)

19 Followers

Sr. Solutions Engineer @ Polygon Labs | Solidity Smart Contract Dev | Full-Stack Web3 Developer | Zero Knowledge(ZK) Developer | Certified SmartContract Auditor

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams