How to Integrate Privado ID to WAX: Proof of Human Features for Web3 Apps
In the rapidly evolving Web3 space, user trust and privacy are paramount. As developers build decentralized applications (dApps) on the WAX blockchain, integrating a reliable identity verification system is crucial to ensure authenticity, prevent fraud, and protect users’ data. This is where Privado ID comes in — an open-source, privacy-focused identity management solution that can help Web3 applications implement proof of human features seamlessly, such as for Sybil resistance, reusable KYC, and antibot mechanisms.
In this article, we’ll explore how to integrate Privado ID with Web3 apps on the WAX blockchain, the benefits it brings to the ecosystem, and practical steps for developers to get started.
What is Privado ID?
Privado ID is a comprehensive toolset for developers to build privacy-first identity management features into their applications. It provides users with control over their personal information while maintaining security and privacy standards through cryptography, decentralized verification, and zero-knowledge proofs. It enables:
- Verifiable credentials: Issued by trusted organizations like governments or KYC providers, these credentials are cryptographically signed and tamper-proof.
- Zero-knowledge proofs: Users can prove facts about their identity (like age or proof of humanity) without revealing sensitive data.
- Privacy and decentralization: Privado ID ensures that user data is only decrypted on the user’s device and never shared without consent.
- Reusable credentials: Once obtained, credentials can be reused across multiple apps and dApps without having to go through verification again, offering a fast and seamless user experience.
Real-World Example: Bountyblok Integration
A great example of Privado ID’s proof of humanity in action is bountyblok, a platform for running contests and competitions on the WAX blockchain. To filter out bots and ensure fair participation, bountyblok integrated Privado ID for human verification. This integration has added an extra layer of trust and transparency to the platform, ensuring that only unique, verified individuals can participate.
Here’s the official announcement from bountyblok:
Privado ID also shared their excitement about this collaboration:
Why Integrate Privado ID on the WAX Blockchain?
WAX, one of the most developer-friendly and sustainable blockchains, is home to a variety of applications — from NFT marketplaces to decentralized finance (DeFi) and gaming platforms. But with its growth comes challenges like Sybil attacks, where bad actors use multiple identities to game a system or fraudulently participate in airdrops, contests, or token distributions.
By integrating Privado ID into WAX applications, developers can address these concerns while boosting user trust. Proof of humanity ensures that only verified, unique individuals are engaging with dApps, marketplaces, or contests. This is particularly beneficial for:
- Marketplaces: Preventing bot-driven purchases and ensuring fair distribution of assets.
- Games: Ensuring real players interact with the game, eliminating bot farms.
- Launchpads and DAOs: Guaranteeing that users can only vote or participate once, avoiding vote manipulation or airdrop farming.
- DEXes (Decentralized Exchanges): Enhancing security by verifying the authenticity of users without sacrificing privacy.
Step-by-Step Integration Guide for WAX Developers
Integrating Privado ID into your WAX application is a straightforward process, thanks to its open-source infrastructure and SDKs. Here’s a high-level guide to get started:
Step 1: Setting Up Privado ID for Identity Verification
Create a Verification Request
Begin by creating a verification request in your client app and redirecting the user to Privado ID’s web wallet for face scan and credential acquisition. This can be done with the following code snippet:
verificationRequest() {
const verificationRequest = {
backUrl: `https://my-app.org/back`,
finishUrl: `https://my-app.org/finish`,
logoUrl: "https://my-app.org/logo.png",
name: "My app",
zkQueries: [{
circuitId: "credentialAtomicQuerySigV2",
id: 1711399135,
query: {
allowedIssuers: ["did:iden3:privado:main:2ScrbEuw9jLXMapW3DELXBbDco5EURzJZRN1tYj7L7"],
context: "https://raw.githubusercontent.com/anima-protocol/claims-polygonid/main/schemas/json-ld/pol-v1.json-ld",
type: "AnimaProofOfLife",
credentialSubject: { human: { $eq: true } }
}
}],
callbackUrl: `https://my-app.org/api/callback`,
verifierDid: "did:iden3:privado:main:28itzVLBHnMJV8sdjyffcAtWCx8HZ7btdKXxs7fJ6v",
};
const base64EncodedVerificationRequest = btoa(JSON.stringify(verificationRequest));
window.open(`https://wallet.privado.id/#${base64EncodedVerificationRequest}`);
}This code initiates the verification process, sending the user to Privado ID’s web wallet to undergo the face scan or credential verification.
Verify the Proof
After the user’s identity is verified, the proof is generated, and you need to verify this proof using a backend verifier service.
Step 2: Setting Up a Verifier for Proof Validation
- Create a new Node.js app, and install the required
@iden3/js-iden3-authpackage to handle verification:
npm install @iden3/js-iden3-auth2. Add the following callback function to verify the proof:
async function callback(req, res) {
const sessionId = req.query.sessionId;
const raw = await getRawBody(req);
const tokenStr = raw.toString().trim();
const ethURL = 'https://polygon-mainnet.infura.io/v3/<API-KEY>';
const contractAddress = '0x624ce98D2d27b20b8f8d521723Df8fC4db71D79D';
const ethStateResolver = new resolver.EthStateResolver(ethURL, contractAddress);
const privadoResolver = new resolver.EthStateResolver('https://rpc-mainnet.privado.id', '0x975556428F077dB5877Ea2474D783D6C69233742');
const resolvers = {
["polygon:amoy"]: ethStateResolver,
["privado:main"]: privadoResolver,
};
const verifier = await auth.Verifier.newVerifier({
stateResolver: resolvers,
circuitsDir: path.join(__dirname, "../keys"),
ipfsGatewayURL: "https://ipfs.io",
});
try {
const opts = { AcceptedStateTransitionDelay: 5 * 60 * 1000 };
var authResponse = await verifier.verifyJWZ(tokenStr, opts);
console.log('Verification Successful');
} catch (error) {
console.error('Verification Failed', error);
return res.status(500).send(error);
}
res.status(200).send(authResponse);
}3. Host the verifier backend so that it can interact with the Privado ID web wallet.
By following these steps, your WAX application will be ready to verify users’ identities in a privacy-preserving and decentralized manner, ensuring that only real, unique individuals engage with your dApp.
Benefits of Privado ID Integration for WAX
- Sybil Resistance: Prevents multiple identities from being created by bots or fraudsters.
- Reusable KYC: Users only need to complete identity verification once, making future logins or registrations effortless.
- Enhanced Privacy: Thanks to zero-knowledge proofs, users can prove their identity without revealing sensitive information.
- Interoperability: Privado ID’s credentials are based on global standards, making them compatible across various dApps and platforms.
- Trust and Security: Verifiable credentials ensure tamper-proof identity verification, backed by cryptography and blockchain technology.
As WAX continues to attract more developers and users, integrating Privado ID offers a unique opportunity to enhance security, build trust, and improve user experience across various Web3 applications, from marketplaces and games to DeFi platforms and DAOs.
For more details on integrating Privado ID, refer to the official Privado ID documentation.
Conclusion
By integrating privacy-focused solutions like Privado ID, WAX-based projects can raise the standard for secure and transparent user interactions, creating a more trustworthy and efficient ecosystem. This empowers developers to build applications that not only prioritize user privacy but also foster genuine engagement by ensuring that only real, verified users participate in their platforms.
