Visit Zipwire

Attestation Schemas

Technical details of the attestation schemas used by Zipwire Attest, including IsAHuman and Private Data schemas on the Base blockchain.

Overview

Zipwire Attest uses two main attestation schemas on the Base blockchain through the Ethereum Attestation Service (EAS). These schemas provide different levels of verification and privacy protection for users.

Schema Types

IsAHuman Schema

The "IsAHuman" schema provides basic Proof of Personhood verification.

Schema Details

  • Schema Name: IsAHuman

  • Schema Type: Boolean

  • Data Structure: Simple true/false value

  • Privacy Level: Basic - no personal data included

  • Transferability: Not transferable

  • Revocability: Revocable by Zipwire

Use Cases

  • Bot prevention in any wallet-connectable application

  • Access to gated communities

  • Basic trust verification

  • DAO participation requirements

Limitations

  • No identity linkage to specific person

  • No selective disclosure capabilities

  • Can only be claimed against wallets connected before ID check

  • Revocable if verification is compromised

Private Data Schema

The "Private Data" schema provides cryptographic attestations of documents using Merkle root hashes.

Schema Details

  • Schema Name: Private Data

  • Schema Type: Merkle Root Hash

  • Data Structure: Cryptographic hash of document data

  • Privacy Level: High - enables selective disclosure

Merkle Tree Structure

Each Private Data attestation contains a Merkle root hash that represents:

  • Passport data - All fields from verified passport document

  • AML report data - All fields from background check report (if completed)

Leaf Structure

Each leaf in the Merkle tree includes:

  • data: Hex-encoded content of the field

  • salt: Random bytes to prevent preimage attacks

  • hash: Hash of data + salt

  • contentType: MIME type of the data

Selective Disclosure

Users can selectively reveal any field from their documents by generating Merkle proofs:

  • Age verification: Reveal only date of birth

  • Nationality verification: Reveal only nationality

  • AML status: Reveal only specific compliance fields

  • Any document field: Reveal any individual field as needed

Technical Implementation

Blockchain Integration

  • Network: Base blockchain

  • Service: Ethereum Attestation Service (EAS)

  • Attester: Zipwire's master attester address

  • Verification: On-chain attestation records

Attestation Process

  1. Wallet Connection: User connects their Ethereum wallet (must be done before ID check)

  2. ID Verification: User completes self-check on phone/PC camera + passport photo

  3. Document Processing: Zipwire automatically processes and verifies documents

  4. Merkle Tree Creation: Zipwire automatically creates Merkle tree from document data

  5. Root Hash Generation: Zipwire automatically generates cryptographic hash of the entire dataset

  6. User Claim: User claims attestation to their connected wallet

  7. Blockchain Attestation: Zipwire automatically attests root hash on Base via EAS

Proof Generation

When users need to prove specific information (coming soon):

  1. Select Fields: Choose which data fields to reveal via UI

  2. Generate Proof: Create Merkle proof for selected fields

  3. Create ProofPack: Package proof in ProofPack format

  4. Share: Send ProofPack to recipient

Note: OAuth integration allowing other sites/apps to view proofs is on the longer-term roadmap.

Schema Specifications

IsAHuman Schema

{
  "uid": "attestation_uid",
  "schema": "schema_uid",
  "attester": "0x2651e...",
  "recipient": "user_wallet_address",
  "data": "0x0000000000000000000000000000000000000000000000000000000000000001", // ABI encoded boolean true
  "timestamp": "2024-01-01T00:00:00Z",
  "revoked": false
}

Private Data Schema

{
  "uid": "attestation_uid", 
  "schema": "schema_uid",
  "attester": "0x2651e...",
  "recipient": "user_wallet_address",
  "data": "0x1316fc0f...", // ABI encoded bytes (Merkle root hash)
  "timestamp": "2024-01-01T00:00:00Z",
  "revoked": false
}

Verification Process

On-Chain Verification

  1. EAS Scan: Check attestation on Base blockchain

  2. Attester Verification: Confirm attestation from Zipwire's address

  3. Schema Validation: Verify correct schema type

  4. Revocation Check: Ensure attestation is not revoked

  5. Timestamp Check: Ensure attestation is current

Proof Verification

  1. Merkle Proof: Verify leaf hashes against root

  2. Data Integrity: Confirm revealed data matches proof

  3. Salt Validation: Check salt prevents preimage attacks

  4. Content Type: Validate MIME types

Note: ProofPack SDK verification is not yet available. Manual verification using the ProofPack specification is required.

Security Considerations

Privacy Protection

  • No Personal Data: Only cryptographic hashes stored on-chain

  • Selective Disclosure: Users control exactly what to reveal

  • Salt Protection: Prevents preimage attacks on hashes

  • Self-Sovereign: Users own and control their proofs

  • Localized Storage: Original data stored in double-encrypted localized storage

  • Technical Redaction: Advanced users can download full reveal proofs, delete data and salt, and create custom redacted proofs (unsigned but chain-validatable)

Integrity Assurance

  • Cryptographic Proofs: Merkle trees ensure data integrity

  • Blockchain Verification: On-chain attestations prevent tampering

  • Signature Validation: JWS envelopes provide tamper-proofing

  • Timestamp Protection: Prevents replay attacks

Developer Integration

EAS Integration

// Example: Verify attestation on Base
const attestation = await eas.getAttestation(attestationUid);
const isValid = attestation.attester === "0x2651e..."; // check official Zipwire attester address
const isNotRevoked = !attestation.revoked;

See our official Zipwire attester address on our GitHub.com

ProofPack Verification

// Example of future SDK: Verify Merkle proof (manual implementation required)
const proof = await verifyMerkleProof(leafData, proofPath, rootHash);
const isValid = proof && rootHash === attestedRootHash;

Note: ProofPack SDK verification is not yet available. Manual verification using the ProofPack specification is required.

Related Resources

Schema UIDs

Zipwire uses the following EAS schema UIDs for its attestations:

IsAHuman Schema

  • Schema UID: 0x8af15e65888f2e3b487e536a4922e277dcfe85b4b18187b0cf9afdb802ba6bb6

  • Purpose: Proof of personhood verification

  • Type: Simple boolean attestation

  • Use Cases: Bot prevention in any wallet-connectable application

Private Data Schema

  • Schema UID: 0x20351f973fdec1478924c89dfa533d8f872defa108d9c3c6512267d7e7e5dbc2

  • Purpose: Selective disclosure of document information

  • Type: Merkle root attestation with selective disclosure

  • Use Cases: Age verification, nationality verification, credential verification

Attester Information

All Zipwire attestations are issued by our master attester wallet. For verification purposes, you can find the official public key and Ethereum wallet address at:

Zipwire Public Keys on GitHub

This is the authoritative source for verifying that attestations were issued by Zipwire.

PreviousYour Digital Identity on the BlockchainNextProof Verification

Last updated