Polygon ID

A core principle where the user is the sole owner of their identity data. Verifiable Credentials (VCs) are stored in a user-controlled digital wallet, not on a centralized server. This eliminates reliance on third-party identity providers and gives users full control over what information they share, with whom, and for how long.

The technology that enables selective disclosure and privacy. Instead of sharing raw data (e.g., a birth date), a user can generate a cryptographic proof that verifies a specific claim (e.g., "I am over 18") without revealing the underlying information. This minimizes data exposure and enhances privacy for credential verification.

The foundational data models for portable digital identity.

• Decentralized Identifiers (DIDs): A user's unique, cryptographically verifiable identifier, anchored on the blockchain, that they control.
• Verifiable Credentials (VCs): Tamper-proof digital attestations (like a driver's license or university degree) issued by trusted entities to a user's DID. They can be presented and verified anywhere.

The system leverages the Polygon blockchain for critical trust functions. Issuer DIDs and the public keys for verifying credential signatures are registered on-chain, creating a global, tamper-proof registry of trusted issuers. This allows any verifier to cryptographically confirm the authenticity of a credential without contacting the issuer directly.

The user-facing applications that manage the identity lifecycle. These wallets (e.g., mobile apps) allow users to:

• Store their DID and private keys securely.
• Receive and hold Verifiable Credentials from issuers.
• Generate Zero-Knowledge Proofs from their credentials.
• Present proofs to verifiers (dApps, services) to access gated features.

Ensures interoperability and structured data. Credentials are issued according to predefined JSON-LD schemas that define the data fields and their meaning (e.g., a DiplomaCredential schema). This standardization allows different applications and verifiers to understand and process credentials uniformly, enabling a composable identity ecosystem.

The core data unit of Polygon ID, representing a cryptographically signed attestation about a user. VCs are issued by trusted entities (issuers) and can contain claims like age, KYC status, or professional accreditation. They are stored in the user's identity wallet and can be selectively disclosed to verifiers.

The privacy engine of Polygon ID. ZKPs allow a user to prove a claim is true without revealing the underlying data. For example, a user can prove they are over 18 without disclosing their birth date. This is implemented through circuit-based proofs (like Circom) that generate a succinct proof of credential validity.

A user-controlled application (mobile or browser-based) that acts as a secure vault. Its functions include:

• Generating a Decentralized Identifier (DID).
• Storing and managing Verifiable Credentials.
• Creating zero-knowledge proofs for selective disclosure.
• Interacting with verifiers via QR code or deep link protocols.

A service run by credential-issuing organizations (e.g., universities, DAOs, KYC providers). It performs key operations:

• Signs and issues Verifiable Credentials to user wallets.
• Publishes its public DID and credential schemas to the Issuer's State Contract on-chain.
• Revokes credentials by updating a revocation registry, often using a Merkle tree for efficiency.

The component used by applications to request proof. A verifier defines a query specifying the required credential and the claim to be proven (e.g., "age > 18"). Polygon ID uses a JSON-LD based query language that allows for complex, logical conditions. The verifier receives and validates the ZK proof without seeing raw user data.

Smart contracts that anchor the system's trust model. Key contracts include:

• State Contracts: Manage the identity state (like the issuer's root of identity) and revocation registries on the Polygon network.
• Verification Smart Contracts: Allow on-chain dApps to verify ZK proofs directly, enabling trustless gated access to DeFi protocols or NFT mints.

The core privacy mechanism of Polygon ID. ZKPs allow a user to cryptographically prove they possess certain credentials (e.g., is over 18, is a verified citizen) without revealing the underlying data. This enables selective disclosure and minimizes data exposure.

Polygon ID uses W3C-compliant Decentralized Identifiers (DIDs) as the foundation for user identities. A DID is a unique, user-owned identifier stored on-chain, eliminating reliance on centralized authorities and giving users self-sovereign identity (SSI) control.

Claims about a user (like a driver's license or university degree) are issued as W3C Verifiable Credentials. These are tamper-proof digital certificates signed by an issuer. The user stores them locally in a wallet and presents only the necessary proofs.

• On-Chain: Only the DID document (containing public keys and service endpoints) and the state of identity claims are stored on the Polygon blockchain.
• Off-Chain: The actual Verifiable Credential data and private keys remain securely stored on the user's device, preventing sensitive personal data from being publicly visible.

To generate a ZK proof, a user's wallet runs a zk-SNARK circuit. This circuit is a program that defines the logic for the claim being proven (e.g., "age > 18"). The security relies on the cryptographic soundness of these circuits and the trusted setup used to create them.

Key security considerations include:

• Issuer Trust: The system assumes credential issuers are legitimate and honest.
• Wallet Security: Compromise of the user's local wallet leads to identity theft.
• Circuit Integrity: Maliciously crafted circuits could leak data.
• Revocation: Mechanisms for revoking compromised credentials must be secure and efficient.