project screenshot 1
project screenshot 2
project screenshot 3
project screenshot 4
project screenshot 5
project screenshot 6

Blaze ID

Secure your data with zero-knowledge proofs & verifiable credentials. Local-first wallet for ultimate control.

Blaze ID

Created At

HackFS 2024

Winner of

trophy

Lit Protocol - Participation Prize

Prize Pool

trophy

ETHGlobal - 🏆 HackFS 2024 Finalist

Project Description

Blaze ID is a self-sovereign identity (SSI) wallet solution built on Lit Protocol's programmable key pair wallets. It supports a variety of Decentralized Identifiers (DIDs) including:

  1. did:key - DIDs based on cryptographic keys
  2. did:web - DIDs associated with web addresses
  3. did:ethr - DIDs linked to Ethereum addresses
  4. did:polygonid - Zero-knowledge proof (ZK) based DIDs

It also has two types of Credential Issuance based on identifiers:

  1. ZK-based Issuance: Credentials are issued using Zero-Knowledge Proofs. This is only available for did:polygonid DIDs.
  2. Standard Issuance: Credentials are issued using W3 Credential standards. This is available for did:key, did:web, and did:ethr DIDs.

All data is stored locally first, prioritizing user privacy. Security is ensured through Lit Protocol's Threshold Signature Scheme (TSS) encryption.

How it's Made

Authentication is done through a Lit Protocol's Programmable Key Pair. Users can create a new PKP through WebAuthn Passkeys. Users can use biometric methods such as Face ID or Touch ID to authenticate against their PKPs.

Authentication generates SessionSigs which are stored as cookies in the browser. These SessionSigs are used to sign transactions and messages on behalf of the user.

Decentralized Identifiers (DIDs)

Blaze ID supports a variety of DIDs including did:key, did:web, did:ethr, and did:polygonid. Users can create new DIDs and associate them with their PKPs.

Storage

Blaze ID stores all data locally first. This includes DIDs, credentials, and other user data. Data is encrypted using Lit Protocol's Threshold Signature Scheme (TSS) encryption and stored in IndexedDB.

Credential Issuance

Credentials can be issued via two ways:

  1. ZK-based Issuance: Credentials are issued using Zero-Knowledge Proofs. This is only available for did:polygonid DIDs.
  2. Standard Issuance: Credentials are issued using W3 Credential standards. This is available for did:key, did:web, and did:ethr DIDs.

There are two examples located in the Examples page:

  1. KYC Credential: A Zero-Knowledge Proof based KYC credential which proves that the user is over 18 years old.
  2. COVID-19 Vaccination Credential: A standard W3C credential which proves that the user has been vaccinated.

Credential Verification

Credentials can be verified via two ways:

  1. ZK-based Verification: This includes AtomicQuerySigV2, StateTransition, and AtomicQueryMTPV2 verification methods loaded as wasm modules.
  2. Standard Verification: This includes JWT verification method.

Backup and Recovery

Users can backup their data by encrypting it and storing on IPFS using Lit Protocol and recovery by decrypting it using PKPs inside of Lit Actions.

background image mobile

Join the mailing list

Get the latest news and updates