@semaphore-extensions/identity-proof
Advanced tools
A library to prove the ownership of a Semaphore identity without revealing the private key.
A library to prove the ownership of a Semaphore identity without revealing the private key.
This zero-knowledge library allows you to prove and verify that you have the private key of a Semaphore identity. It will be mainly used on-chain because you can get the same result off-chain using EdDSA signatures with the @semaphore-protocol/identity package. It facilitates the demonstration of having an EdDSA hash pre-image while keeping the pre-image value confidential. Additionally, it offers a mechanism to prevent the same proof from being reused. The circuit that forms the foundation of this library is accessible via this link. |
|---|
[!WARNING]
The Snark artifacts currently used to generate zero-knowledge proofs are the result of an insecure trusted setup, and the library has not yet been audited. Therefore, it is advised not to use it in production.
Install the @semaphore-extensions/identity-proof package:
npm i @semaphore-extensions/identity-proof
or yarn:
yarn add @semaphore-extensions/identity-proof
import { generate, verify } from "@semaphore-extensions/identity-proof"
// Your private key (secret) associated with your commitment.
const privateKey = "secret"
// A public value used to contextualize the cryptographic proof and calculate the nullifier.
const scope = "scope"
// Generate the proof.
const fullProof = await generate(privateKey, scope)
/*
nb. commitment and scope are always the same - proof is variable.
{
commitment: '21756852044673293804725356853298692762259855200429755225624171532449447776732',
scope: '52191664570483756643537362991541193331102618014473399276861326740461293928448',
proof: [
'14987543977537638797613616391807211498102534775759297152458980015937921301475',
'3399335485250714998192957632691923175498432819155620830553382340417897595836',
'458847933923791518779258584891719351511628278818450523853640641455008133942',
'9130558865745328382423837376229933835283742789420937388990076948167771186665',
'2527867303822223913583586720705858457538165210401589969189198821632271648294',
'870032122185130505849909299495220614500026484724112145131565329210361970548',
'7499124546917660821334566902083675362480525785493429715971012094306224236446',
'4681140599918274218600441523225984097742730174371377925026448119492671129895'
]
}
*/
console.log(fullProof)
// If not specified, the Snark artifacts are downloaded automatically.
// You can specify them as follows.
// const fullProof = await generate(privateKey, scope, {
// wasm: "<your-path>/identity-proof.wasm",
// zkey: "<your-path>/identity-proof.zkey"
// })
// Verify the proof.
const response = await verify(fullProof)
// true.
console.log(response)
Benchmarks were run on an Intel Core i7-1165G7, 16 GB RAM machine.
| Generate proof | Verify proof | Constraints |
|---|---|---|
258ms | 15ms | 1017 |
import { generate, verify } from "@semaphore-extensions/identity-proof"
console.time("generate")
const proof = await generate("secret", "scope")
console.timeEnd("generate")
console.time("verify")
console.log(await verify(proof))
console.timeEnd("verify")
FAQs
A library to prove the ownership of a Semaphore identity without revealing the private key.
We found that @semaphore-extensions/identity-proof demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.