Soulbound Tokens (SBTs) are digital identity tokens representing the unique traits, features, and achievements that comprise a person or entity. Issued by "Souls," which correspond to blockchain accounts or wallets, these tokens are non-transferable.
The concept of Soulbound Tokens (SBT) was proposed in May 2022 by Ethereum co-founder Vitalik Buterin, lawyer Puja Ohlhaver, and E. Glen Weyl, an economist and social technologist.They unveiled their ideas in a whitepaper titled “Decentralized Society: Finding Web3’s Soul," elucidating the foundation of a fully-decentralized society (DeSoc) governed by its users. It detailed how SBTs could serve as everyday credentials.
SBTs, representing a person's identity using blockchain technology, can encompass a range of information, including medical records and work history. The wallets that hold or issue these records are known as “Souls.”
SBTs aim to expand the NFT concept beyond mere financial or status symbols. They create a unique, non-transferable token representing a person or entity's reputation. Unlike NFTs, which symbolize assets and property, SBTs hold no monetary value and cannot be traded once issued to a wallet.
zk-SBT, or Zero-Knowledge Soulbound Token, serves to verify that a user's identity meets certain requirements without exposing their private information.
At zCloak Network, we protect user identity data with W3C verifiable credentials, incorporating a built-in merkle tree data structure for functions such as selective disclosure and ZKP computation. These credentials are private by default, stored in the user's device for data sovereignty, and can be issued/attested by a trusted organization without tokens or gas fees. They only require an ECDSA signature, making them quick and easy for everyday use.
When it's necessary to utilize personal identity data for on-chain applications, such as validating age for Decentralized Finance (DeFi) or social platforms, it's vital to transfer this data securely to the blockchain without compromising personal privacy. This scenario provides an optimal use case for Zero-Knowledge Proofs (ZKPs).
A consistent pattern can be observed in such instances: private data, once attested, undergoes computation through a zkProgram on a Zero-Knowledge Virtual Machine (zkVM), which then allows for the disclosure of the computational result instead of the raw data itself.
From the perspective of a verifier, the authenticity of two elements needs to be established: 1) the data itself, and 2) the accuracy of the computation. The authenticity of the data can be confirmed through the signature of your verifiable credential, while the computation's accuracy is validated by the ZKP.
A zk-SBT is generated following the successful verification of both the ZKP and the attester's signature. Therefore, rather than providing detailed personal information such as "Jack, from Australia, age 23," a zk-SBT can be minted that simply validates you as an adult from Oceania. By altering the zkProgram, you can create proofs of various attributes about yourself with relative ease.
Curious about zk-SBT? Join our latest event to see it in action: https://cred.zkid.app/#/event/zk-kyc2023
If you're a developer and want to interact with the zk-SBT Contract, you can set up a smart contract to pull data from the zCloak smart contract (as shown in our 3.2 Demo Contract).
We've created a function called checkSBTClassValid in the zCloak smart contract to make this process easier for developers.
function checkSBTClassValid(
address userAddr,
address attester,
bytes32 programHash,
uint64[] memory publicInput,
bytes32 ctype
) public view returns (Tokens.TokenOnChain memory)
userAddr: address, the address of the SBT Holder