zk-eligibility-sdk 1.0.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +30 -0
- package/LICENSE-APACHE2.0 +165 -0
- package/README.md +398 -0
- package/RULES.md +490 -0
- package/SECURITY.md +347 -0
- package/dist/circuits/activityClass/activityclass.circom +59 -0
- package/dist/circuits/activityClass/activityclass_final.zkey +0 -0
- package/dist/circuits/activityClass/activityclass_js/activityclass.wasm +0 -0
- package/dist/circuits/activityClass/activityclass_js/generate_witness.js +20 -0
- package/dist/circuits/activityClass/activityclass_js/witness_calculator.js +337 -0
- package/dist/circuits/activityClass/verification_key.json +109 -0
- package/dist/circuits/cooldown/cooldown.circom +33 -0
- package/dist/circuits/cooldown/cooldown_final.zkey +0 -0
- package/dist/circuits/cooldown/cooldown_js/cooldown.wasm +0 -0
- package/dist/circuits/cooldown/cooldown_js/generate_witness.js +20 -0
- package/dist/circuits/cooldown/cooldown_js/witness_calculator.js +337 -0
- package/dist/circuits/cooldown/verification_key.json +94 -0
- package/dist/circuits/manifest.json +32 -0
- package/dist/circuits/minActivity/minactivity.circom +31 -0
- package/dist/circuits/minActivity/minactivity_final.zkey +0 -0
- package/dist/circuits/minActivity/minactivity_js/generate_witness.js +20 -0
- package/dist/circuits/minActivity/minactivity_js/minactivity.wasm +0 -0
- package/dist/circuits/minActivity/minactivity_js/witness_calculator.js +337 -0
- package/dist/circuits/minActivity/verification_key.json +94 -0
- package/dist/circuits/tokenHold/tokenhold.circom +31 -0
- package/dist/circuits/tokenHold/tokenhold_final.zkey +0 -0
- package/dist/circuits/tokenHold/tokenhold_js/generate_witness.js +20 -0
- package/dist/circuits/tokenHold/tokenhold_js/tokenhold.wasm +0 -0
- package/dist/circuits/tokenHold/tokenhold_js/witness_calculator.js +337 -0
- package/dist/circuits/tokenHold/verification_key.json +94 -0
- package/dist/circuits/walletAge/verification_key.json +94 -0
- package/dist/circuits/walletAge/walletage.circom +28 -0
- package/dist/circuits/walletAge/walletage_final.zkey +0 -0
- package/dist/circuits/walletAge/walletage_js/generate_witness.js +20 -0
- package/dist/circuits/walletAge/walletage_js/walletage.wasm +0 -0
- package/dist/circuits/walletAge/walletage_js/witness_calculator.js +337 -0
- package/dist/cli/commands/listRules.d.ts +2 -0
- package/dist/cli/commands/listRules.d.ts.map +1 -0
- package/dist/cli/commands/listRules.js +11 -0
- package/dist/cli/commands/listRules.js.map +1 -0
- package/dist/cli/commands/prove.d.ts +2 -0
- package/dist/cli/commands/prove.d.ts.map +1 -0
- package/dist/cli/commands/prove.js +39 -0
- package/dist/cli/commands/prove.js.map +1 -0
- package/dist/cli/commands/verify.d.ts +2 -0
- package/dist/cli/commands/verify.d.ts.map +1 -0
- package/dist/cli/commands/verify.js +38 -0
- package/dist/cli/commands/verify.js.map +1 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +57 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/constants/limits.d.ts +7 -0
- package/dist/constants/limits.d.ts.map +1 -0
- package/dist/constants/limits.js +10 -0
- package/dist/constants/limits.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +25 -0
- package/dist/index.js.map +1 -0
- package/dist/providers/alchemy.d.ts +6 -0
- package/dist/providers/alchemy.d.ts.map +1 -0
- package/dist/providers/alchemy.js +119 -0
- package/dist/providers/alchemy.js.map +1 -0
- package/dist/providers/index.d.ts +4 -0
- package/dist/providers/index.d.ts.map +1 -0
- package/dist/providers/index.js +67 -0
- package/dist/providers/index.js.map +1 -0
- package/dist/providers/infura.d.ts +4 -0
- package/dist/providers/infura.d.ts.map +1 -0
- package/dist/providers/infura.js +13 -0
- package/dist/providers/infura.js.map +1 -0
- package/dist/providers/types.d.ts +8 -0
- package/dist/providers/types.d.ts.map +1 -0
- package/dist/providers/types.js +3 -0
- package/dist/providers/types.js.map +1 -0
- package/dist/rules/activityClass/activityClass.d.ts +12 -0
- package/dist/rules/activityClass/activityClass.d.ts.map +1 -0
- package/dist/rules/activityClass/activityClass.js +39 -0
- package/dist/rules/activityClass/activityClass.js.map +1 -0
- package/dist/rules/activityClass/config.d.ts +3 -0
- package/dist/rules/activityClass/config.d.ts.map +1 -0
- package/dist/rules/activityClass/config.js +3 -0
- package/dist/rules/activityClass/config.js.map +1 -0
- package/dist/rules/cooldown/config.d.ts +4 -0
- package/dist/rules/cooldown/config.d.ts.map +1 -0
- package/dist/rules/cooldown/config.js +3 -0
- package/dist/rules/cooldown/config.js.map +1 -0
- package/dist/rules/cooldown/cooldown.d.ts +12 -0
- package/dist/rules/cooldown/cooldown.d.ts.map +1 -0
- package/dist/rules/cooldown/cooldown.js +65 -0
- package/dist/rules/cooldown/cooldown.js.map +1 -0
- package/dist/rules/minActivity/config.d.ts +4 -0
- package/dist/rules/minActivity/config.d.ts.map +1 -0
- package/dist/rules/minActivity/config.js +3 -0
- package/dist/rules/minActivity/config.js.map +1 -0
- package/dist/rules/minActivity/minActivity.d.ts +12 -0
- package/dist/rules/minActivity/minActivity.d.ts.map +1 -0
- package/dist/rules/minActivity/minActivity.js +61 -0
- package/dist/rules/minActivity/minActivity.js.map +1 -0
- package/dist/rules/tokenHold/config.d.ts +5 -0
- package/dist/rules/tokenHold/config.d.ts.map +1 -0
- package/dist/rules/tokenHold/config.js +3 -0
- package/dist/rules/tokenHold/config.js.map +1 -0
- package/dist/rules/tokenHold/tokenHold.d.ts +12 -0
- package/dist/rules/tokenHold/tokenHold.d.ts.map +1 -0
- package/dist/rules/tokenHold/tokenHold.js +68 -0
- package/dist/rules/tokenHold/tokenHold.js.map +1 -0
- package/dist/rules/walletAge/config.d.ts +4 -0
- package/dist/rules/walletAge/config.d.ts.map +1 -0
- package/dist/rules/walletAge/config.js +3 -0
- package/dist/rules/walletAge/config.js.map +1 -0
- package/dist/rules/walletAge/walletAge.d.ts +12 -0
- package/dist/rules/walletAge/walletAge.d.ts.map +1 -0
- package/dist/rules/walletAge/walletAge.js +76 -0
- package/dist/rules/walletAge/walletAge.js.map +1 -0
- package/dist/sdk/ZKEligibiltySDK.d.ts +13 -0
- package/dist/sdk/ZKEligibiltySDK.d.ts.map +1 -0
- package/dist/sdk/ZKEligibiltySDK.js +57 -0
- package/dist/sdk/ZKEligibiltySDK.js.map +1 -0
- package/dist/sdk/errors.d.ts +10 -0
- package/dist/sdk/errors.d.ts.map +1 -0
- package/dist/sdk/errors.js +23 -0
- package/dist/sdk/errors.js.map +1 -0
- package/dist/sdk/executeRule.d.ts +4 -0
- package/dist/sdk/executeRule.d.ts.map +1 -0
- package/dist/sdk/executeRule.js +38 -0
- package/dist/sdk/executeRule.js.map +1 -0
- package/dist/sdk/generateProof.d.ts +3 -0
- package/dist/sdk/generateProof.d.ts.map +1 -0
- package/dist/sdk/generateProof.js +14 -0
- package/dist/sdk/generateProof.js.map +1 -0
- package/dist/sdk/index.d.ts +6 -0
- package/dist/sdk/index.d.ts.map +1 -0
- package/dist/sdk/index.js +27 -0
- package/dist/sdk/index.js.map +1 -0
- package/dist/sdk/ruleRegistry.d.ts +11 -0
- package/dist/sdk/ruleRegistry.d.ts.map +1 -0
- package/dist/sdk/ruleRegistry.js +41 -0
- package/dist/sdk/ruleRegistry.js.map +1 -0
- package/dist/sdk/types.d.ts +24 -0
- package/dist/sdk/types.d.ts.map +1 -0
- package/dist/sdk/types.js +3 -0
- package/dist/sdk/types.js.map +1 -0
- package/dist/sdk/verifyProof.d.ts +9 -0
- package/dist/sdk/verifyProof.d.ts.map +1 -0
- package/dist/sdk/verifyProof.js +21 -0
- package/dist/sdk/verifyProof.js.map +1 -0
- package/dist/types/ErrorCode.d.ts +12 -0
- package/dist/types/ErrorCode.d.ts.map +1 -0
- package/dist/types/ErrorCode.js +16 -0
- package/dist/types/ErrorCode.js.map +1 -0
- package/dist/types/Errors.d.ts +13 -0
- package/dist/types/Errors.d.ts.map +1 -0
- package/dist/types/Errors.js +32 -0
- package/dist/types/Errors.js.map +1 -0
- package/dist/types/Proof.d.ts +8 -0
- package/dist/types/Proof.d.ts.map +1 -0
- package/dist/types/Proof.js +3 -0
- package/dist/types/Proof.js.map +1 -0
- package/dist/types/Provider.d.ts +8 -0
- package/dist/types/Provider.d.ts.map +1 -0
- package/dist/types/Provider.js +3 -0
- package/dist/types/Provider.js.map +1 -0
- package/dist/types/Rule.d.ts +6 -0
- package/dist/types/Rule.d.ts.map +1 -0
- package/dist/types/Rule.js +3 -0
- package/dist/types/Rule.js.map +1 -0
- package/dist/zk/cache.d.ts +7 -0
- package/dist/zk/cache.d.ts.map +1 -0
- package/dist/zk/cache.js +28 -0
- package/dist/zk/cache.js.map +1 -0
- package/dist/zk/generateProof.d.ts +10 -0
- package/dist/zk/generateProof.d.ts.map +1 -0
- package/dist/zk/generateProof.js +49 -0
- package/dist/zk/generateProof.js.map +1 -0
- package/dist/zk/generateWitness.d.ts +8 -0
- package/dist/zk/generateWitness.d.ts.map +1 -0
- package/dist/zk/generateWitness.js +14 -0
- package/dist/zk/generateWitness.js.map +1 -0
- package/dist/zk/runCmd.d.ts +2 -0
- package/dist/zk/runCmd.d.ts.map +1 -0
- package/dist/zk/runCmd.js +32 -0
- package/dist/zk/runCmd.js.map +1 -0
- package/dist/zk/verifyProof.d.ts +2 -0
- package/dist/zk/verifyProof.d.ts.map +1 -0
- package/dist/zk/verifyProof.js +33 -0
- package/dist/zk/verifyProof.js.map +1 -0
- package/package.json +39 -0
package/LICENSE
ADDED
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# DUAL LICENSE
|
|
2
|
+
|
|
3
|
+
ZK Eligibility SDK uses a dual licensing model:
|
|
4
|
+
|
|
5
|
+
## Apache 2.0 License
|
|
6
|
+
|
|
7
|
+
The following components are licensed under Apache License 2.0:
|
|
8
|
+
- SDK source code (src/ directory)
|
|
9
|
+
- ZK circuits (circuits/ directory)
|
|
10
|
+
- Circom library (circomlib/ directory)
|
|
11
|
+
- CLI tooling (cli/ directory)
|
|
12
|
+
- Test infrastructure (tests/ directory)
|
|
13
|
+
- Documentation files (README.md, IMPLEMENTATION_GUIDE.md, RULES.md, SECURITY.md)
|
|
14
|
+
|
|
15
|
+
See LICENSE-APACHE2.0 for the full Apache 2.0 license text.
|
|
16
|
+
|
|
17
|
+
## MIT License
|
|
18
|
+
|
|
19
|
+
The following components are licensed under MIT License:
|
|
20
|
+
- Smart contracts (contracts/ directory)
|
|
21
|
+
|
|
22
|
+
See LICENSE-MIT for the full MIT license text.
|
|
23
|
+
|
|
24
|
+
## Usage
|
|
25
|
+
|
|
26
|
+
- If you are using the SDK for ZK eligibility checking, the Apache 2.0 license applies.
|
|
27
|
+
- If you are deploying the smart contracts or integrating with the verifier contracts, the MIT license applies.
|
|
28
|
+
- You may use both licenses depending on which components you are using.
|
|
29
|
+
|
|
30
|
+
For more details, see the respective LICENSE files.
|
|
@@ -0,0 +1,165 @@
|
|
|
1
|
+
Apache License
|
|
2
|
+
Version 2.0, January 2004
|
|
3
|
+
|
|
4
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
5
|
+
|
|
6
|
+
1. Definitions.
|
|
7
|
+
|
|
8
|
+
"License" shall mean the terms and conditions for use, reproduction,
|
|
9
|
+
and distribution as defined in Sections 1 through 9 of this document.
|
|
10
|
+
|
|
11
|
+
"Licensor" shall mean the copyright owner or entity authorized by
|
|
12
|
+
the copyright owner that is granting the License.
|
|
13
|
+
|
|
14
|
+
"Legal Entity" shall mean the union of the acting entity and all
|
|
15
|
+
other entities that control, are controlled by, or are under common
|
|
16
|
+
control with that entity. For the purposes of this definition,
|
|
17
|
+
"control" means (i) the power, direct or indirect, to cause the
|
|
18
|
+
direction or management of such entity, whether by contract or
|
|
19
|
+
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
|
20
|
+
outstanding shares, or (iii) beneficial ownership of such entity.
|
|
21
|
+
|
|
22
|
+
"You" (or "Your") shall mean an individual or Legal Entity exercising
|
|
23
|
+
permissions granted by this License.
|
|
24
|
+
|
|
25
|
+
"Source" form shall mean the preferred form for making modifications,
|
|
26
|
+
including but not limited to software source code, documentation
|
|
27
|
+
source, and configuration files.
|
|
28
|
+
|
|
29
|
+
"Object" form shall mean any form resulting from mechanical
|
|
30
|
+
transformation or translation of a Source form, including but
|
|
31
|
+
not limited to compiled object code, generated documentation,
|
|
32
|
+
and conversions to other media types.
|
|
33
|
+
|
|
34
|
+
"Work" shall mean the work of authorship, whether in Source or Object
|
|
35
|
+
form, made available under the License, as indicated by a copyright
|
|
36
|
+
notice that is included in or attached to the work.
|
|
37
|
+
|
|
38
|
+
"Derivative Works" shall mean any work, whether in Source or Object
|
|
39
|
+
form, that is based on (or derived from) the Work and for which the
|
|
40
|
+
editorial revisions, annotations, elaborations, or other modifications
|
|
41
|
+
represent, as a whole, an original work of authorship, thus including
|
|
42
|
+
the Work and any other modifications that You make.
|
|
43
|
+
|
|
44
|
+
"Contribution" shall mean any work of authorship, including
|
|
45
|
+
the original Work and any Derivative Works thereof, submitted to,
|
|
46
|
+
or received by, Licensor for inclusion in the Work by the copyright owner
|
|
47
|
+
or by an individual or Legal Entity authorized to submit on behalf of
|
|
48
|
+
the copyright owner. For the purposes of this definition, "submitted"
|
|
49
|
+
means any form of electronic, verbal, or written communication sent
|
|
50
|
+
to the Licensor or its representatives, such as but not limited to
|
|
51
|
+
communication on electronic mailing lists, source code control systems,
|
|
52
|
+
and issue tracking systems that are managed by, or on behalf of, the
|
|
53
|
+
Licensor for the purpose of discussing and improving the Work, but
|
|
54
|
+
excluding communication that is conspicuously marked or otherwise
|
|
55
|
+
designated in writing by the copyright owner as "Not a Contribution."
|
|
56
|
+
|
|
57
|
+
"Contributor" shall mean Licensor and any Legal Entity on behalf of
|
|
58
|
+
whom a Contribution has been received by Licensor and subsequently
|
|
59
|
+
incorporated within the Work.
|
|
60
|
+
|
|
61
|
+
2. Grant of Copyright License. Subject to the terms and conditions of
|
|
62
|
+
this License, each Contributor hereby grants to You a perpetual,
|
|
63
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
64
|
+
copyright license to reproduce, prepare Derivative Works of,
|
|
65
|
+
publicly display, publicly perform, sublicense, and distribute the
|
|
66
|
+
Work and such Derivative Works in Source or Object form.
|
|
67
|
+
|
|
68
|
+
3. Grant of Patent License. Subject to the terms and conditions of
|
|
69
|
+
this License, each Contributor hereby grants to You a perpetual,
|
|
70
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
|
71
|
+
(except as stated in this section) patent license to make, have made,
|
|
72
|
+
use, offer to sell, sell, import, and otherwise transfer the Work,
|
|
73
|
+
where such license applies only to those patent claims licensable
|
|
74
|
+
by such Contributor that are necessarily infringed by their
|
|
75
|
+
Contribution(s) alone or by combination of their Contribution(s)
|
|
76
|
+
with the Work to which such Contribution(s) was submitted. If You
|
|
77
|
+
institute patent litigation against any entity (including a
|
|
78
|
+
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
|
79
|
+
or a Contribution incorporated within the Work constitutes direct
|
|
80
|
+
or contributory patent infringement, then any patent licenses
|
|
81
|
+
granted to You under this License for that Work shall terminate
|
|
82
|
+
as of the date such litigation is filed.
|
|
83
|
+
|
|
84
|
+
4. Redistribution. You may reproduce and distribute copies of the
|
|
85
|
+
Work or Derivative Works thereof in any medium, with or without
|
|
86
|
+
modifications, and in Source or Object form, provided that You
|
|
87
|
+
meet the following conditions:
|
|
88
|
+
|
|
89
|
+
(a) You must give any other recipients of the Work or
|
|
90
|
+
Derivative Works a copy of this License; and
|
|
91
|
+
|
|
92
|
+
(b) You must cause any modified files to carry prominent notices
|
|
93
|
+
stating that You changed the files; and
|
|
94
|
+
|
|
95
|
+
(c) You must retain, in the Source form of any Derivative Works
|
|
96
|
+
that You distribute, all copyright, patent, trademark, and
|
|
97
|
+
attribution notices from the Source form of the Work,
|
|
98
|
+
excluding those notices that do not pertain to any part of
|
|
99
|
+
the Derivative Works; and
|
|
100
|
+
|
|
101
|
+
(d) If the Work includes a "NOTICE" text file, then any
|
|
102
|
+
Derivative Works that You distribute must include a readable
|
|
103
|
+
copy of the attribution notices contained within such NOTICE file.
|
|
104
|
+
|
|
105
|
+
5. Submission of Contributions. Unless You explicitly state otherwise,
|
|
106
|
+
any Contribution intentionally submitted for inclusion in the Work
|
|
107
|
+
by You to Licensor shall be under the terms and conditions of
|
|
108
|
+
this License, without any additional terms or conditions.
|
|
109
|
+
Notwithstanding the above, nothing herein shall supersede or modify
|
|
110
|
+
the terms of any separate license agreement you may have executed
|
|
111
|
+
with Licensor regarding such Contribution.
|
|
112
|
+
|
|
113
|
+
6. Trademarks. This License does not grant permission to use the trade
|
|
114
|
+
names, trademarks, service marks, or product names of the Licensor,
|
|
115
|
+
except as required for reasonable and customary use in describing the
|
|
116
|
+
origin of the Work and reproducing the content of the NOTICE file.
|
|
117
|
+
|
|
118
|
+
7. Disclaimer of Warranty. Unless required by applicable law or
|
|
119
|
+
agreed to in writing, Licensor provides the Work (and each
|
|
120
|
+
Contributor provides its Contributions) on an "AS IS" BASIS,
|
|
121
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
122
|
+
implied, including, without limitation, any warranties or conditions
|
|
123
|
+
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
|
124
|
+
PARTICULAR PURPOSE. You are solely responsible for determining the
|
|
125
|
+
appropriateness of using or redistributing the Work and assume any
|
|
126
|
+
risks associated with Your exercise of permissions under this License.
|
|
127
|
+
|
|
128
|
+
8. Limitation of Liability. In no event and under no legal theory,
|
|
129
|
+
whether in tort (including negligence), contract, or otherwise,
|
|
130
|
+
unless required by applicable law (such as deliberate and grossly
|
|
131
|
+
negligent acts) or agreed to in writing, shall any Contributor be
|
|
132
|
+
liable to You for damages, including any direct, indirect, special,
|
|
133
|
+
incidental, or consequential damages of any character arising as a
|
|
134
|
+
result of this License or out of the use or inability to use the
|
|
135
|
+
Work (including but not limited to damages for loss of goodwill,
|
|
136
|
+
work stoppage, computer failure or malfunction, or any and all
|
|
137
|
+
other commercial damages or losses), even if such Contributor
|
|
138
|
+
has been advised of the possibility of such damages.
|
|
139
|
+
|
|
140
|
+
9. Accepting Warranty or Additional Liability. While redistributing
|
|
141
|
+
the Work or Derivative Works thereof, You may choose to offer,
|
|
142
|
+
and charge a fee for, acceptance of support, warranty, indemnity,
|
|
143
|
+
or other liability obligations and/or rights consistent with this
|
|
144
|
+
License. However, in accepting such obligations, You may act only
|
|
145
|
+
on Your own behalf and on Your sole responsibility, not on behalf
|
|
146
|
+
of any other Contributor, and only if You agree to indemnify,
|
|
147
|
+
defend, and hold each Contributor harmless for any liability
|
|
148
|
+
incurred by, or claims asserted against, such Contributor by reason
|
|
149
|
+
of your accepting any such warranty or additional liability.
|
|
150
|
+
|
|
151
|
+
END OF TERMS AND CONDITIONS
|
|
152
|
+
|
|
153
|
+
Copyright © 2024 Srivishnu G V
|
|
154
|
+
|
|
155
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
|
156
|
+
you may not use this file except in compliance with the License.
|
|
157
|
+
You may obtain a copy of the License at
|
|
158
|
+
|
|
159
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
|
160
|
+
|
|
161
|
+
Unless required by applicable law or agreed to in writing, software
|
|
162
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
|
163
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
164
|
+
See the License for the specific language governing permissions and
|
|
165
|
+
limitations under the License.
|
package/README.md
ADDED
|
@@ -0,0 +1,398 @@
|
|
|
1
|
+
# ZK Eligibility SDK
|
|
2
|
+
|
|
3
|
+
**Cryptographically Proven Eligibility. Zero Data Leakage.**
|
|
4
|
+
|
|
5
|
+
A zero-knowledge eligibility framework for Web3. Prove wallet properties—age, activity, holdings, cooldowns—without revealing transaction history, balances, or user identities.
|
|
6
|
+
|
|
7
|
+
For airdrop designers, DAO treasuries, and DeFi protocols that demand both security and privacy.
|
|
8
|
+
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
## The Problem
|
|
12
|
+
|
|
13
|
+
Today, Web3 teams face an impossible choice:
|
|
14
|
+
|
|
15
|
+
| Option | Problem |
|
|
16
|
+
|--------|----------|
|
|
17
|
+
| **Public allowlists** | Leaks entire wallet histories. Privacy nightmare. |
|
|
18
|
+
| **Centralized gatekeeping** | Requires trusting a third party. Single point of failure. |
|
|
19
|
+
| **Simple heuristics** | Easy to game. Sybil attacks succeed. |
|
|
20
|
+
| **This SDK** | ✅ Cryptographically proven. ✅ Privacy-preserving. ✅ Sybil-resistant. |
|
|
21
|
+
|
|
22
|
+
**With ZK Eligibility SDK, you get all three.**
|
|
23
|
+
|
|
24
|
+
---
|
|
25
|
+
|
|
26
|
+
## What You Get
|
|
27
|
+
|
|
28
|
+
✅ **Cryptographic Guarantees**
|
|
29
|
+
- If a proof verifies, the statement is mathematically true
|
|
30
|
+
- Forging eligibility is computationally infeasible under standard cryptographic assumptions
|
|
31
|
+
- Industry-standard Groth16 zk-SNARK implementation
|
|
32
|
+
|
|
33
|
+
✅ **Zero Data Leakage**
|
|
34
|
+
- Users prove eligibility without revealing wallet history
|
|
35
|
+
- No transaction hashes exposed
|
|
36
|
+
- No balance information leaked
|
|
37
|
+
- No timing patterns revealed
|
|
38
|
+
|
|
39
|
+
✅ **Production-Ready**
|
|
40
|
+
- 5 battle-tested eligibility rules
|
|
41
|
+
- CLI + SDK + on-chain verifier ready
|
|
42
|
+
- 11/11 edge cases passing
|
|
43
|
+
- Comprehensive edge-case test coverage
|
|
44
|
+
- Comprehensive security documentation
|
|
45
|
+
|
|
46
|
+
✅ **Easy Integration**
|
|
47
|
+
- TypeScript SDK (REST-style)
|
|
48
|
+
- Verifiable proofs for on-chain or off-chain use
|
|
49
|
+
- Drop-in replacement for centralized allowlists
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
## 5 Eligibility Rules (Composable)
|
|
54
|
+
|
|
55
|
+
### 1️⃣ Wallet Age
|
|
56
|
+
**Prove:** First transaction before block N
|
|
57
|
+
**Use case:** Sybil resistance, legacy user access, loyalty tiers
|
|
58
|
+
**Privacy:** Exact age hidden, only proves eligibility
|
|
59
|
+
|
|
60
|
+
### 2️⃣ Minimum Activity
|
|
61
|
+
**Prove:** At least N outbound transactions
|
|
62
|
+
**Use case:** Active user filtering, engagement gates, bot detection
|
|
63
|
+
**Privacy:** Exact count hidden, only proves threshold
|
|
64
|
+
|
|
65
|
+
### 3️⃣ Cooldown Period
|
|
66
|
+
**Prove:** Inactive for N+ blocks
|
|
67
|
+
**Use case:** Rate limiting, anti-spam, sequential access control
|
|
68
|
+
**Privacy:** Last activity block hidden
|
|
69
|
+
|
|
70
|
+
### 4️⃣ Token Hold Duration
|
|
71
|
+
**Prove:** Held token X for N+ blocks
|
|
72
|
+
**Use case:** Holder privileges, loyalty programs, time-weighted access
|
|
73
|
+
**Privacy:** Balances and transfer history hidden
|
|
74
|
+
|
|
75
|
+
### 5️⃣ Activity Classification
|
|
76
|
+
**Prove:** Wallet falls into activity band (0–3)
|
|
77
|
+
**Use case:** Fair distribution, tier-based rewards, heuristic filtering
|
|
78
|
+
**Privacy:** Exact metrics hidden, only rough band revealed
|
|
79
|
+
|
|
80
|
+
---
|
|
81
|
+
|
|
82
|
+
## Real-World Examples
|
|
83
|
+
|
|
84
|
+
**Airdrop Designer**
|
|
85
|
+
```
|
|
86
|
+
Requirement: "Only wallets active for 6+ months"
|
|
87
|
+
With ZK SDK: Users prove eligibility → receive airdrop
|
|
88
|
+
Result: No data breach. Sybil-resistant. Privacy-preserved.
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
**DAO Treasury Manager**
|
|
92
|
+
```
|
|
93
|
+
Requirement: "Community governance token for users with 10+ tx"
|
|
94
|
+
With ZK SDK: Prove activity tier → vote with privacy
|
|
95
|
+
Result: Only qualified members participate. No doxxing.
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
**DeFi Protocol**
|
|
99
|
+
```
|
|
100
|
+
Requirement: "Risk-based access for established users"
|
|
101
|
+
With ZK SDK: Prove wallet age + activity → access premium features
|
|
102
|
+
Result: Fair, sybil-resistant gate. User privacy maintained.
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
---
|
|
106
|
+
|
|
107
|
+
## Why This Matters
|
|
108
|
+
|
|
109
|
+
| Traditional Approach | ZK Eligibility SDK |
|
|
110
|
+
|
|
111
|
+
| 📋 Off-chain allowlist | 🔐 Cryptographic proof |
|
|
112
|
+
| 🔓 Public wallet history | 🤖 Minimal Data Disclosure |
|
|
113
|
+
| 🙏 Trust required | ✅ Trust-minimized |
|
|
114
|
+
| ❌ Sybil-vulnerable | ✅ Sybil-resistant |
|
|
115
|
+
| 💸 Manual curation cost | 🤖 Automated verification |
|
|
116
|
+
| 🌍 Privacy nightmare | 🛡️ Privacy-first |
|
|
117
|
+
|
|
118
|
+
---
|
|
119
|
+
|
|
120
|
+
## How It Works
|
|
121
|
+
|
|
122
|
+
|
|
123
|
+
┌──────────────────────────────┐
|
|
124
|
+
│ User's Wallet (public) │
|
|
125
|
+
└──────────────┬───────────────┘
|
|
126
|
+
│
|
|
127
|
+
v
|
|
128
|
+
┌──────────────────────────────────────┐
|
|
129
|
+
│ Blockchain Data (on-chain, public) │ ← RPC Provider
|
|
130
|
+
│ fetched via Alchemy/Infura │
|
|
131
|
+
└──────────────┬───────────────────────┘
|
|
132
|
+
│ (private processing)
|
|
133
|
+
v
|
|
134
|
+
┌──────────────────────────────────────┐
|
|
135
|
+
│ TypeScript SDK │ ← Validates inputs
|
|
136
|
+
│ (verify constraints, policy) │ Prevents abuse
|
|
137
|
+
└──────────────┬───────────────────────┘
|
|
138
|
+
│ (private witness)
|
|
139
|
+
v
|
|
140
|
+
┌──────────────────────────────────────┐
|
|
141
|
+
│ ZK Circuit (Circom) │ ← Groth16 proof
|
|
142
|
+
│ Cryptographic proof generation │ generation
|
|
143
|
+
└──────────────┬───────────────────────┘
|
|
144
|
+
│ (public proof)
|
|
145
|
+
v
|
|
146
|
+
┌──────────────────────────────────────┐
|
|
147
|
+
│ Proof + Public Signals │ ← Verifiable by anyone
|
|
148
|
+
│ (cryptographically proven) │ Off-chain or on-chain
|
|
149
|
+
└──────────────────────────────────────┘
|
|
150
|
+
|
|
151
|
+
|
|
152
|
+
**Key insight:** Only the proof is shared. Private data never leaves the user's machine.
|
|
153
|
+
|
|
154
|
+
---
|
|
155
|
+
|
|
156
|
+
## Security Guarantees
|
|
157
|
+
|
|
158
|
+
✅ **Cryptographically Sound**
|
|
159
|
+
- Groth16 zk-SNARK (industry standard)
|
|
160
|
+
- Formal constraint verification
|
|
161
|
+
- No silent overflows or edge case failures
|
|
162
|
+
|
|
163
|
+
✅ **Conservative Design**
|
|
164
|
+
- Fail fast (TypeScript) on invalid parameters
|
|
165
|
+
- Fail loudly (ZK) on false statements
|
|
166
|
+
- Never default to true
|
|
167
|
+
- Explicit assumptions documented
|
|
168
|
+
|
|
169
|
+
✅ **Fail-Safe Behavior**
|
|
170
|
+
- All failures are deterministic
|
|
171
|
+
- No silent successes
|
|
172
|
+
- Clear error codes and reasons
|
|
173
|
+
- No ambiguous states
|
|
174
|
+
|
|
175
|
+
⚠️ **Important Notice**
|
|
176
|
+
- All circuits are **deterministic** (same input always produces same output)
|
|
177
|
+
- Circuits are **not audited** — use at your own risk in production environments
|
|
178
|
+
- The SDK minimizes data disclosure to only what is strictly required to verify eligibility
|
|
179
|
+
|
|
180
|
+
**See [SECURITY.md](./SECURITY.md) for detailed threat model and assumptions.**
|
|
181
|
+
|
|
182
|
+
---
|
|
183
|
+
|
|
184
|
+
## Quick Start
|
|
185
|
+
|
|
186
|
+
### Installation
|
|
187
|
+
```bash
|
|
188
|
+
npm install zk-eligibility-sdk
|
|
189
|
+
```
|
|
190
|
+
|
|
191
|
+
### Basic Usage
|
|
192
|
+
```typescript
|
|
193
|
+
import "dotenv/config";
|
|
194
|
+
import { ZKEligibilitySDK } from "zk-eligibility-sdk";
|
|
195
|
+
|
|
196
|
+
// Prove wallet has at least 10 transactions
|
|
197
|
+
const proof = await ZKEligibilitySDK.prove(
|
|
198
|
+
"MIN_ACTIVITY",
|
|
199
|
+
"0xWalletAddress",
|
|
200
|
+
{ minTx: 10 }
|
|
201
|
+
);
|
|
202
|
+
|
|
203
|
+
if (proof.isValid) {
|
|
204
|
+
console.log("User is eligible ✅");
|
|
205
|
+
// Grant access / send airdrop / etc
|
|
206
|
+
}
|
|
207
|
+
```
|
|
208
|
+
|
|
209
|
+
### CLI
|
|
210
|
+
```bash
|
|
211
|
+
# List all rules
|
|
212
|
+
npx zkesdk list-rules
|
|
213
|
+
|
|
214
|
+
# Generate a proof
|
|
215
|
+
npx zkesdk prove MIN_ACTIVITY 0xWallet '{"minTx":10}'
|
|
216
|
+
|
|
217
|
+
# Verify a proof
|
|
218
|
+
npx zkesdk verify MIN_ACTIVITY proof.json public.json
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
### On-Chain Verification
|
|
222
|
+
Proofs can be verified in a Solidity contract:
|
|
223
|
+
```solidity
|
|
224
|
+
groth16Verifier.verifyProof(
|
|
225
|
+
proof.pi_a,
|
|
226
|
+
proof.pi_b,
|
|
227
|
+
proof.pi_c,
|
|
228
|
+
publicSignals
|
|
229
|
+
);
|
|
230
|
+
|
|
231
|
+
```
|
|
232
|
+
We have also added a helper contract (EligibilityGate.sol) which will guarentee proper verification of calls based on the RuleId's
|
|
233
|
+
|
|
234
|
+
RuleID's are the keccak256 hashes of the rule names and are enforced consistently across the SDK,CLI and on-chain contracts
|
|
235
|
+
|
|
236
|
+
1) keccak256(WALLET_AGE)
|
|
237
|
+
2) keccak256(COOLDOWN)
|
|
238
|
+
3) keccak256(MIN_ACTIVITY)
|
|
239
|
+
4) keccak256(TOKEN_HOLD)
|
|
240
|
+
5) keccak256(ACTIVITY_CLASS)
|
|
241
|
+
|
|
242
|
+
For Additional Information refer (contracts\README.md)
|
|
243
|
+
---
|
|
244
|
+
|
|
245
|
+
## Deployment Options
|
|
246
|
+
|
|
247
|
+
### Option 1: Off-Chain (Fastest)
|
|
248
|
+
- User generates proof locally
|
|
249
|
+
- SDK verifies proof
|
|
250
|
+
- Instant access/allowlisting
|
|
251
|
+
- **Best for:** Airdrops, quick distributions
|
|
252
|
+
|
|
253
|
+
### Option 2: On-Chain (Most Trustless)
|
|
254
|
+
- User generates proof
|
|
255
|
+
- Smart contract verifies proof
|
|
256
|
+
- Transparent, auditable, trustless
|
|
257
|
+
- **Best for:** DAOs, protocols, public systems
|
|
258
|
+
|
|
259
|
+
### Option 3: Hybrid (Flexible)
|
|
260
|
+
- Backend verifies proof
|
|
261
|
+
- Backend gates access
|
|
262
|
+
- Best of both worlds
|
|
263
|
+
- **Best for:** Enterprise integrations
|
|
264
|
+
|
|
265
|
+
---
|
|
266
|
+
|
|
267
|
+
## What This Does NOT Do
|
|
268
|
+
|
|
269
|
+
❌ Prove wallet ownership (no sig checks)
|
|
270
|
+
❌ Prove identity or KYC status
|
|
271
|
+
❌ Guarantee real-time state under reorgs
|
|
272
|
+
❌ Prevent smart contract wallets
|
|
273
|
+
|
|
274
|
+
**These are features, not bugs.** This SDK does one thing and does it extremely well:
|
|
275
|
+
|
|
276
|
+
> Prove wallet properties without leaking wallet history.
|
|
277
|
+
|
|
278
|
+
Everything else is your application's responsibility.
|
|
279
|
+
|
|
280
|
+
---
|
|
281
|
+
|
|
282
|
+
## Specs
|
|
283
|
+
|
|
284
|
+
| Aspect | Spec |
|
|
285
|
+
|--------|------|
|
|
286
|
+
| **Proof System** | Groth16 (BN128 curve) |
|
|
287
|
+
| **Circuit Language** | Circom 2.0.0 |
|
|
288
|
+
| **Verification** | Off-chain + on-chain |
|
|
289
|
+
| **Supported Chains** | Ethereum (extendable) |
|
|
290
|
+
| **Languages** | TypeScript/JavaScript |
|
|
291
|
+
| **Test Coverage** | 11/11 edge cases passing |
|
|
292
|
+
| **Status** | Production-ready (v1.0) |
|
|
293
|
+
|
|
294
|
+
---
|
|
295
|
+
|
|
296
|
+
## Governance & Support
|
|
297
|
+
|
|
298
|
+
**Version Guarantees**
|
|
299
|
+
- v1.x: All cryptographic guarantees locked
|
|
300
|
+
- Breaking changes → v2.0 only
|
|
301
|
+
- Backward-compatible minor versions
|
|
302
|
+
|
|
303
|
+
**Security Policy**
|
|
304
|
+
- Responsible disclosure for vulnerabilities
|
|
305
|
+
- Private contact for security issues
|
|
306
|
+
- See [SECURITY.md](./SECURITY.md) for details
|
|
307
|
+
|
|
308
|
+
---
|
|
309
|
+
|
|
310
|
+
## Required: RPC Provider
|
|
311
|
+
|
|
312
|
+
This SDK does NOT ship with an RPC key.
|
|
313
|
+
|
|
314
|
+
You must set one of the following (Infura is not supported in this version as of yet):
|
|
315
|
+
|
|
316
|
+
- ALCHEMY_API_KEY
|
|
317
|
+
- INFURA_API_KEY
|
|
318
|
+
|
|
319
|
+
Example:
|
|
320
|
+
|
|
321
|
+
export ALCHEMY_API_KEY=your_key_here
|
|
322
|
+
|
|
323
|
+
## FAQ
|
|
324
|
+
|
|
325
|
+
**Q: Can I fake a proof?**
|
|
326
|
+
A: No. Cryptographically impossible. Groth16 soundness guarantees ensure only valid proofs verify.
|
|
327
|
+
|
|
328
|
+
**Q: What if the RPC provider lies?**
|
|
329
|
+
A: Proofs reflect the RPC provider's data. Use a trusted provider (Alchemy, Infura, Quicknode, or your own node).
|
|
330
|
+
|
|
331
|
+
**Q: Can I combine multiple rules?**
|
|
332
|
+
A: Yes. Generate multiple proofs and combine them at the application layer. Each proof is independent and verifiable.
|
|
333
|
+
|
|
334
|
+
**Q: What about wallet privacy?**
|
|
335
|
+
A: The proof proves eligibility. Transaction history, balances, and transfers are never revealed or computed by the SDK.
|
|
336
|
+
|
|
337
|
+
**Q: How much gas does on-chain verification cost?**
|
|
338
|
+
A: Typically ~250k-400k gas per verification. depending on the network and the calldata size.
|
|
339
|
+
|
|
340
|
+
**Q: Can this run on-chain natively?**
|
|
341
|
+
A: Proof generation happens off-chain. Verification happens on-chain. This is by design (privacy + efficiency).
|
|
342
|
+
|
|
343
|
+
---
|
|
344
|
+
|
|
345
|
+
## License
|
|
346
|
+
|
|
347
|
+
This project uses a **dual licensing model**:
|
|
348
|
+
|
|
349
|
+
### 📄 Apache 2.0 License
|
|
350
|
+
The following components are licensed under **Apache License 2.0**:
|
|
351
|
+
- SDK source code (`src/` directory)
|
|
352
|
+
- ZK circuits (`circuits/` directory)
|
|
353
|
+
- Circom library (`circomlib/` directory)
|
|
354
|
+
- CLI tooling (`cli/` directory)
|
|
355
|
+
- Test infrastructure (`tests/` directory)
|
|
356
|
+
- Documentation (README.md, IMPLEMENTATION_GUIDE.md, RULES.md, SECURITY.md)
|
|
357
|
+
|
|
358
|
+
**Use case:** Open-source usage, commercial integration, derivative works
|
|
359
|
+
**Requirement:** Include Apache 2.0 license and provide attribution
|
|
360
|
+
|
|
361
|
+
### 📝 MIT License
|
|
362
|
+
The following components are licensed under **MIT License**:
|
|
363
|
+
- Smart contracts (`contracts/` directory)
|
|
364
|
+
|
|
365
|
+
**Use case:** Contract deployment, integration with verifiers, modification and distribution
|
|
366
|
+
**Requirement:** Include MIT license and provide attribution
|
|
367
|
+
|
|
368
|
+
### How to Use
|
|
369
|
+
|
|
370
|
+
- **Using the SDK for eligibility checking?** → Apache 2.0 applies. Include `LICENSE-APACHE2.0`.
|
|
371
|
+
- **Deploying smart contracts?** → MIT applies. Include `LICENSE-MIT`.
|
|
372
|
+
- **Using both?** → Both licenses apply to their respective components.
|
|
373
|
+
|
|
374
|
+
See [LICENSE](./LICENSE), [LICENSE-APACHE2.0](./LICENSE-APACHE2.0), and [LICENSE-MIT](./LICENSE-MIT) for full license texts.
|
|
375
|
+
|
|
376
|
+
---
|
|
377
|
+
|
|
378
|
+
## Next Steps
|
|
379
|
+
|
|
380
|
+
🚀 **Start now:**
|
|
381
|
+
1. Clone the repo
|
|
382
|
+
2. `npm install`
|
|
383
|
+
3. Run `npm run test:all` (11 edge cases pass)
|
|
384
|
+
4. Integrate the SDK into your app
|
|
385
|
+
|
|
386
|
+
📖 **Learn more:**
|
|
387
|
+
- [RULES.md](./RULES.md) — Detailed rule specifications
|
|
388
|
+
- [SECURITY.md](./SECURITY.md) — Threat model & guarantees
|
|
389
|
+
- CLI: `npm run cli`
|
|
390
|
+
|
|
391
|
+
🤝 **Questions?**
|
|
392
|
+
- File an issue
|
|
393
|
+
- Check docs
|
|
394
|
+
- Security issues → private disclosure
|
|
395
|
+
|
|
396
|
+
---
|
|
397
|
+
|
|
398
|
+
**Made with intent. Shipped with integrity.**
|