Identity Relayer

The core function of an Identity Relayer is to abstract gas fees away from the end-user. Instead of requiring users to hold and spend the native token (e.g., ETH) for transaction fees, the relayer can:

• Sponsor transactions on behalf of users.
• Accept payment for fees in any ERC-20 token.
• Enable gasless transactions, where a dApp or third party covers the cost. This removes a major onboarding barrier and simplifies the user experience.

The relayer verifies user permissions and authenticity without relying on a central database. It typically interacts with decentralized identifiers (DIDs) and verifiable credentials (VCs) stored in user-controlled wallets. This process ensures that:

• Authentication is cryptographically provable.
• User data is not stored on the relayer itself.
• Compliance with rules (e.g., proof of humanity, KYC) can be verified trustlessly.

To improve efficiency and reduce costs, relayers often batch multiple user operations into a single blockchain transaction. This provides significant benefits:

• Lower gas costs per user operation through shared overhead.
• Faster processing for applications with high throughput needs.
• Enables complex multi-step interactions (e.g., swap then bridge) as a single user-facing action.

A relayer integrates with a Paymaster smart contract, which is responsible for ultimately paying the network fees. This separation of concerns allows for flexible fee models:

• Sponsored Transactions: Dapps pay for their users' gas.
• ERC-20 Payments: Users pay fees in USDC, DAI, or other tokens.
• Subscription Models: Users pay a flat fee for unlimited transactions. The Paymaster holds the funds and executes the final fee payment on-chain.

A key design goal is to relay user transactions without exposing sensitive identity data. Techniques include:

• Zero-Knowledge Proofs (ZKPs) to prove eligibility without revealing underlying credentials.
• Meta-transactions where the relayer submits a signed user request, obscuring the original sender.
• Avoiding the creation of on-chain links between a user's various actions and their core identity.

Modern Identity Relayers are built for ERC-4337 Account Abstraction. They act as the Bundler infrastructure, accepting UserOperations from smart contract wallets. This allows for:

• Session keys for temporary transaction permissions.
• Social recovery and customizable security schemes.
• Atomic multi-operations (e.g., approve and swap in one click). The relayer becomes the gateway between user intents and blockchain execution.

Enables users to claim token airdrops by proving they are on a whitelist without revealing their entire wallet history or identity. The relayer verifies the user's eligibility off-chain and submits the claim transaction on their behalf, shielding the user's address from the airdropping entity.

• Key Mechanism: Zero-Knowledge Proofs (ZKPs) or attestations.
• Benefit: Prevents sybil attacks while preserving user privacy.
• Example: A project can distribute tokens to early supporters without exposing their full on-chain activity graph.

Controls access to exclusive content, communities, or services by verifying a user holds a specific NFT or token, without the service provider learning which specific token it is. The relayer acts as a trusted intermediary that confirms possession.

• Key Mechanism: Proof of ownership via digital signatures.
• Benefit: Enables privacy-focused membership models (e.g., private Discord channels, articles).
• Example: A user proves they own an "Art Collector DAO" NFT to enter a private forum, without revealing which serial number they hold.

Allows DeFi protocols or services to comply with regulatory Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements without forcing users to publicly link their wallet address to their legal identity. A trusted verifier attests to the user's status off-chain.

• Key Mechanism: Verifiable Credentials (VCs) or signed attestations from a KYC provider.
• Benefit: Users maintain pseudonymity on-chain while protocols demonstrate compliance.
• Example: A user gets an attestation from a KYC provider, and a relayer uses it to let them interact with a regulated lending pool.

Facilitates private voting in DAO governance by separating voter identity from vote content. A relayer can submit a user's encrypted vote or a zero-knowledge proof that they are an eligible tokenholder, ensuring vote secrecy and preventing coercion.

• Key Mechanism: Blind signatures or ZKPs for membership.
• Benefit: Enables truly anonymous on-chain voting, critical for sensitive governance decisions.
• Example: A DAO member votes on a contentious treasury proposal without their address and vote being publicly linked.

Enables private creditworthiness checks for undercollateralized lending. A user can prove they have a sufficient credit score or transaction history from an off-chain source (e.g., traditional credit bureau, on-chain reputation system) without exposing the underlying data.

• Key Mechanism: ZK-proofs of score ranges or attestations from a scorer.
• Benefit: Allows for risk-based lending in DeFi while protecting users' financial history.
• Example: A user proves their credit score is above 700 to receive a loan with a favorable interest rate, without revealing their exact score or identity.

Acts as a bridge for identity credentials across different blockchain networks. A user's verified identity or reputation on one chain can be used to access services on another via a relayer that validates and translates the attestation.

• Key Mechanism: Cross-chain message passing (e.g., using IBC or optimistic bridges) with verification.
• Benefit: Creates a unified, portable identity layer across the multi-chain ecosystem.
• Example: A user's KYC attestation on Ethereum mainnet is relayed to allow them to mint an identity NFT on a Cosmos app-chain.

The primary role of an Identity Relayer is to abstract gas fees from the end-user experience. It allows users to sign messages (like transaction intents) without needing the native token (e.g., ETH, MATIC). The relayer then:

• Receives the signed user operation.
• Pays the gas fee on the user's behalf.
• Submits the transaction to the blockchain.
• Is reimbursed by the dApp, a paymaster, or through other mechanisms defined by the protocol.

Modern relayers are often built around standardized systems like ERC-4337 (Account Abstraction). Key components include:

• UserOperation: A standardized object representing a user's transaction intent.
• Bundler: A specialized relayer that bundles multiple UserOperations into a single blockchain transaction.
• Paymaster: A contract that can sponsor gas fees for users.

Prominent protocols in this space include Ethereum's ERC-4337 standard, Gelato Network, and OpenGSN (Gas Station Network).

Identity Relayers unlock several critical user experience and business model improvements:

• Onboarding: New users can interact with a dApp immediately, without first acquiring crypto from an exchange.
• Subscription Models: dApps can pay gas for their premium users.
• Corporate Gas Policies: Enterprises can manage and pay for employee blockchain interactions.
• Improved UX: Removes the friction of wallet pop-ups for gas fee approval, creating a Web2-like experience.

While relayers enhance UX, they introduce considerations around censorship resistance and trust. A malicious relayer could censor transactions. Mitigations include:

• Permissionless Relay Networks: Multiple independent relayers (like in GSN) prevent single points of failure.
• User Operation Mempools: In ERC-4337, UserOperations are broadcast to a public mempool, allowing any bundler to include them, preserving decentralization.
• Reputation Systems: Relay networks often implement staking and slashing to ensure honest behavior.

Relayers are economically incentivized to perform their service. Common models include:

• Fee from Paymaster: The dApp or paymaster contract pays the relayer a premium over the base gas cost.
• Priority Fees: Users or applications can attach a tip to their UserOperation to incentivize faster inclusion.
• Staking Rewards: In some networks, relayers stake tokens to participate and earn rewards for honest service.

The economic design ensures the relay network remains robust and responsive.

In the ERC-4337 (Account Abstraction) stack, a Bundler is the canonical Identity Relayer. Its workflow is:

1. Listens for UserOperation objects in a peer-to-peer mempool.
2. Validates signatures and simulates execution.
3. Bundles multiple valid operations into a single transaction.
4. Pays the Ethereum gas fee for that bundle.
5. Receives reimbursement from each operation's designated Paymaster contract, plus a small profit.

This creates a competitive, decentralized market for transaction processing.

A Zero-Knowledge Proof is a cryptographic method that allows one party (the prover) to prove to another party (the verifier) that a statement is true without revealing any information beyond the validity of the statement itself.

• Application to Identity: Enables selective disclosure (e.g., proving you are over 21 without revealing your birthdate).
• Relayer Enhancement: Advanced relayers can facilitate the transmission of ZK proofs, allowing users to share minimal, context-specific attestations, dramatically enhancing privacy.

A Credential Wallet (or Identity Wallet) is a user-controlled application, often a browser extension or mobile app, that stores Decentralized Identifiers (DIDs), private keys, and Verifiable Credentials (VCs). It is the endpoint for a relayer.

• Core Functions: Issues, stores, and presents VCs; manages DIDs and keys.
• Interaction with Relayer: The wallet receives presentation requests relayed from a dApp, prompts the user for consent, and returns the signed credential or proof via the relayer.
• Examples: MetaMask (with Snaps), SpruceID's Credible, Trinsic Wallet.

A Presentation Request is a structured query sent by a verifier (e.g., a dApp) to a holder (user) via a relayer, specifying the credentials or claims required for access or service.

• Content: Defines the required credential type, the specific claims needed, and any constraints (like issuer trust).
• Protocols: Often formatted using standards like Presentation Exchange (PEX) or W3C's Verifiable Presentations.
• Relayer's Function: The relayer's core operational task is to deliver this request to the user's credential wallet and return the resulting Verifiable Presentation.