Banganoir

Aadhaar, India's biometric ID system, was set out in 2010 when half of the Indian population didn't have any identity document and succeeded in bringing rapid identity and financial inclusion to 1.3 billion people. Banganoir wallet that integrates Anon Aadhaar has the potential to bring a vast number of people to the crypto world by allowing for an easy and secure onboarding using the Aadhaar identity card. Furthermore, should Aadhaar credentials be compromised, NoirOTP, the trustless zkOTP system, serves as a robust safeguard against unauthorized attempts to seize wallet ownership.

Anon Aadhaar

Anon Aadhaar is a zero-knowledge protocol that allows Aadhaar ID owners to prove their identity in a privacy-preserving way. It provides a set of tools to generate and verify proofs, authenticate users and verify proofs on-chain.

Banganoir Wallet authenticates transactions by verifying the zero-knowledge proof generated using unique and private user data, which is retrieved from Aadhaar's secure QR code. The hash of the user data is stored on smart contract and passed to verifyPoof() function as a public input. This ensures the verification can only succeed if the user provides the exact data matching the stored hash.

Additionally, the function includes a parameter called signalHash, the hash of userOpHash, passed as a commitment to prevent on-chain front-running. Essentially, it acts as a form of transaction signature, enhancing the security and integrity of transactions within the Banganoir Wallet.

ERC4337

Banganoir Wallet integrates Pimlico's ts library called permissionless.js and bundler to create user operations and broadcast transactions to scroll sepolia network.

NoirOTP

NoirOTP is a zk-powered trustless TOTP(Time-based one-time password) solution compatible with any authenticator app, e.g. Google Authenticator. It leverages Noir, a DSL for writing zkp circuits, to authenticate TOTPs through the verification of Merkle-inclusion proof.

Initial setup

During the initial setup, a secret key is randomly created to pre-generate numerous TOTPs that can cover the effective period of all the TOTPs, e.g. 30 days. These TOTPs are hashed to construct a Merkle tree whose each leave is the hash of a TOTP and timestep value.

• timestep: an incrementing value for each OTP ( = timestamp / step ).
• step: a valid period of each OTP. it's normally 30 seconds but set to 3 mins in NoirOTP.

Note that the secret key is only registered on the user's device, an Authenticator app through a QR code scan, and discarded immediately, instead of being stored neither on-chain nor on an external server.

Authentication

At an authentication, the user gets TOTP from the Authenticator app and enters it on an app UI. Then, noir_js is used to execute & generate a Merkle-inclusion proof of the TOTP hash, where root is fetched from smart contract, and other necessary inputs, such as hash_path[] and index are computed using all the TOTP hashes stored on IPFS via Pinata.

The proof is verified by NoirOTP contract where timestep as a public input is calculated with block.timestamp beforehand. In this approach, the functionality that websites perform in the conventional TOTP scheme can be emulated on-chain without storing the secret anywhere.