A secure Identity and Access Management (IAM) service that combines Zero Knowledge Proofs (ZKP) with blockchain technology for enhanced security and privacy.
- π Zero Knowledge Proof authentication
- βοΈ Blockchain-based identity storage
- π Secure claim management
- π RESTful API interface
- π Smart contract integration
- π Real-time identity verification
- Prerequisites
- Installation
- Project Structure
- Configuration
- Usage
- API Documentation
- Smart Contract Deployment
- Testing
- Security Considerations
- Contributing
- License
- Python 3.8 or higher
- Node.js 14+ and npm (for smart contract deployment)
- Ethereum node (local or remote)
- Windows, Linux, or macOS
- Clone the repository:
git clone https://github.com/AshenWijesingha/zkp_blockchain_iam.git
cd zkp-blockchain-iam- Create and activate virtual environment:
For Windows:
python -m venv venv
venv\Scripts\activate.batFor Linux/MacOS:
python -m venv venv
source venv/bin/activate- Install dependencies:
pip install -r requirements.txt- Install Ethereum development dependencies:
npm install -g truffle
npm install @openzeppelin/contractszkp_blockchain_iam/
βββ contracts/
β βββ IdentityContract.sol # Ethereum smart contract
βββ core/
β βββ __init__.py
β βββ zkp.py # ZKP implementation
β βββ blockchain.py # Blockchain interactions
β βββ identity.py # Identity management
βββ api/
β βββ __init__.py
β βββ routes.py # API endpoints
βββ tests/
β βββ __init__.py
β βββ test_zkp.py
β βββ test_blockchain.py
β βββ test_identity.py
βββ config/
β βββ config.yaml # Configuration file
βββ main.py # Application entry point
βββ requirements.txt # Python dependencies
βββ truffle-config.js # Truffle configuration
βββ README.md # This file
- Create a
config.yamlfile in the config directory:
blockchain:
node_url: "http://localhost:8545"
contract_address: "0x..." # Your deployed contract address
gas_limit: 2000000
api:
host: "0.0.0.0"
port: 8000
debug: false
security:
min_password_length: 12
max_failed_attempts: 3
lockout_duration: 300 # seconds- Set environment variables:
export ETHEREUM_PRIVATE_KEY="your-private-key"
export SECRET_KEY="your-secret-key"- Start the API server:
python main.py- Create a new identity:
curl -X POST http://localhost:8000/identity/create \
-H "Content-Type: application/json" \
-d '{"address": "0x...", "secret": "user-secret"}'- Verify an identity:
curl -X POST http://localhost:8000/identity/verify \
-H "Content-Type: application/json" \
-d '{"address": "0x...", "secret": "user-secret", "blinding_factor": "..."}'Create a new identity with ZKP commitment.
Request:
{
"address": "string",
"secret": "string"
}Response:
{
"status": "success",
"address": "string"
}Verify an identity using ZKP.
Request:
{
"address": "string",
"secret": "string",
"blinding_factor": "string"
}Response:
{
"status": "success",
"valid": boolean
}- Configure Truffle:
// truffle-config.js
module.exports = {
networks: {
development: {
host: "127.0.0.1",
port: 8545,
network_id: "*"
}
},
compilers: {
solc: {
version: "0.8.0"
}
}
};- Deploy the contract:
truffle migrate --network developmentRun the test suite:
python -m pytest tests/Run specific tests:
python -m pytest tests/test_zkp.py- Always use secure communication channels (HTTPS)
- Regularly update dependencies
- Monitor smart contract events
- Implement rate limiting
- Use secure key storage
- Regular security audits
- Implement proper access controls
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
MIT License - see LICENSE file for details