This project demonstrates a Decentralized Identity (DID) system using zero-knowledge proofs with the gnark library. It consists of a Go backend with cryptographic operations and a Next.js frontend that can utilize WebAssembly modules for client-side cryptographic operations.
.
├── backend/ # Go backend with DID operations
│ ├── cmd/
│ │ ├── api/ # REST API server
│ │ └── wasm/ # WebAssembly entry points
│ │ ├── did/ # DID operations WASM module
│ │ └── crypto/ # Cryptographic utilities WASM module
│ ├── pkg/
│ │ └── did/ # Core DID functionality
│ └── internal/ # Internal services and handlers
├── client/ # Next.js frontend
│ ├── pkg/ # Generated WASM modules (created by build)
│ └── src/ # Frontend source code
└── Makefile # Build automation for WASM modules
- DID Creation: Generate decentralized identifiers with EdDSA key pairs
- Authentication: Zero-knowledge proof-based DID authentication
- Age Credentials: Issue and verify age credentials with ZK proofs
- Membership Proofs: Create proofs of organization membership and balance ranges
- REST API: HTTP endpoints for DID operations
- User Interface: Modern React-based interface for DID management
- Client-side Crypto: WebAssembly modules for browser-based cryptographic operations
- Integration: Seamless integration with backend services
- DID Module (
client/pkg/did.wasm): Client-side DID operations - Crypto Module (
client/pkg/crypto.wasm): Low-level cryptographic functions
- Go 1.19 or later
- Node.js 18 or later
- pnpm (for client dependencies)
# Build WASM modules for the client
make build-wasm
# Or for development with verbose output
make build-wasm-dev
# Or for production with optimizations
make build-wasm-prodmake help # Show all available targets
make check-deps # Verify required dependencies
make install-deps # Install Go dependencies
make build-wasm # Build WASM modules
make build-wasm-dev # Development build with verbose output
make build-wasm-prod # Production build with optimizations
make clean # Clean build artifacts
make verify-wasm # Verify built WASM modules
make info-wasm # Show WASM module information
make all # Complete build pipelinecd backend
go run cmd/api/main.gocd client
pnpm install
pnpm dev// Load the Go WASM runtime
import './pkg/wasm_exec.js';
// Load DID operations module
const didWasm = await WebAssembly.instantiateStreaming(
fetch('/pkg/did.wasm'),
go.importObject
);
// Load crypto utilities module
const cryptoWasm = await WebAssembly.instantiateStreaming(
fetch('/pkg/crypto.wasm'),
go.importObject
);
// Wait for modules to be ready
while (!globalThis.wasmDIDReady || !globalThis.wasmCryptoReady) {
await new Promise(resolve => setTimeout(resolve, 100));
}createDID()- Create a new DID with key pairauthenticateDID(didID, privateKey, challenge)- Authenticate a DIDverifyAuthentication(didID, proof, signature)- Verify authentication proofissueAgeCredential(didID, age)- Issue age credentialcreateAgeProof(didID, credentialID, ageThreshold, actualAge, salt)- Create age proofverifyAgeProof(didID, credentialID, ageThreshold, proof)- Verify age proofcreateMembershipAndBalanceProof(orgID, balance, min, max, salt)- Create membership proof
generateKeyPair()- Generate EdDSA key pairsignMessage(privateKey, message)- Sign a messageverifySignature(publicKey, message, signature)- Verify signaturegenerateRandomBigInt()- Generate random big integerhashMessage(message)- Hash a message
// Create a new DID
const didResult = await createDID();
const { did, privateKey } = JSON.parse(didResult);
// Authenticate the DID
const challenge = "random_challenge_string";
const authResult = await authenticateDID(did.id, privateKey, challenge);
const { proof, signature } = JSON.parse(authResult);
// Verify authentication
const verifyResult = await verifyAuthentication(did.id, proof, signature);
const { verified } = JSON.parse(verifyResult);
console.log('Authentication verified:', verified);The backend provides RESTful API endpoints:
POST /api/auth/register- Register a new userPOST /api/auth/login- User loginPOST /api/auth/did-login- DID-based loginPOST /api/users/profile- Get user profilePUT /api/users/profile- Update profilePOST /api/did/create- Create DIDPOST /api/did/authenticate- DID authenticationPOST /api/did/verify- Verify DID proof
# Build WASM with debug information
make build-wasm-dev
# Watch for changes and rebuild
make clean && make build-wasm-dev# Build optimized WASM modules
make build-wasm-prod# Verify modules are built correctly
make verify-wasm
# Show module information
make info-wasmThe system uses:
- gnark: Zero-knowledge proof framework
- EdDSA: Digital signatures on twisted Edwards curves
- Groth16: Zero-knowledge proof system
- BN254: Elliptic curve for cryptographic operations
- MiMC: Hash function for commitments
- Private keys are generated using cryptographically secure random number generation
- Zero-knowledge proofs ensure privacy-preserving authentication
- Age credentials use commitments to hide actual age while proving thresholds
- All cryptographic operations use well-established algorithms and libraries
- Fork the repository
- Create a feature branch
- Make your changes
- Test the WASM build:
make clean && make all - Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.