Solo: zkHE-based authentication protocol to build a trusted anonymous identity layer for Web3

Not long ago, the Web3 identity layer project Solo announced the completion of a $1.2 million Pre-Seed round of financing, led by Draper Associates, followed by Velocity Capital, and RISC Zero founder Brian Retford and Caldera founder Matt Katz also participated as strategic angel investors. After this round of financing, Solo has further become a focus project in the Web3 identity track.

Focusing on the fundamentals of the project, on the one hand, the core team behind it is quite strong. CEO Edison studied at Yale Business School, where he co-founded the Yale Business School Blockchain Society and led the first Yale Blockchain Summit. In order to focus on promoting the Solo project, Edison chose to drop out of school and devote himself to research and development full-time. The other two co-founders, Stephen and Sissi, are both professors at Shenzhen University, with deep accumulation in the fields of blockchain and artificial intelligence respectively - Stephen is one of the early contributors to the Ethereum Foundation, and Sissi has achieved remarkable results in AI research and practical applications.

In terms of technology, Solo uses its unique zkHE (zero-knowledge homomorphic encryption) solution as the core to build an identity architecture that achieves a dynamic balance between privacy protection, identity uniqueness, and decentralized verifiability. In the context of the current Web3 ecosystem facing systemic problems such as frequent witch attacks, lack of user reputation system, and difficulty in compliant access, the solution proposed by Solo may have important reference and leading significance.

This article will deeply analyze the new paradigm of identity represented by Solo from multiple dimensions such as market structure, technological path and narrative positioning.

01 The Web3 world where the identity layer is long absent

Although the infrastructure in the Web3 field is continuing to improve at a relatively fast pace, the "identity layer", as a key module supporting trust and participation, has been absent for a long time.

In fact, from data labeling, behavior scoring to protocol interaction and community governance, a large number of key tasks in Web3 rely on "human input" as an effective data source. However, from the perspective of the on-chain system, a user is usually just a wallet address consisting of letters and numbers, lacking structured individual characteristics and behavior labels. Without the support of an additional identity layer mechanism, the crypto-native world can hardly establish a credible user portrait, let alone achieve reputation accumulation and credit assessment.

The absence of an identity layer directly gave rise to one of the most common and difficult problems in Web3, namely the Sybil attack. In various incentive activities that rely on user participation, malicious users can easily forge multiple identities, thereby repeatedly receiving rewards, manipulating votes, and polluting data, making the mechanism that should have been driven by "real people participating" completely ineffective. Take Celestia as an example. In its 2023 airdrop, as much as 65% of the 60 million $TIA was obtained by robots or Sybil accounts. Similar phenomena also widely appeared in the distribution process of projects such as Arbitrum and Optimism.

Although some projects have tried to introduce "anti-Sybil" mechanisms to screen abnormal behaviors, the reality is that such methods often cause accidental harm to real users, while real brushes can easily bypass the rules. For example, EigenLayer's airdrop anti-sybil rules have caused some controversy. Some normal users were misjudged as sybil attackers and were excluded from the airdrop, which caused controversy. So we see that in the absence of a strong identity foundation, on-chain incentive distribution is actually always difficult to be fair, efficient and sustainable.

In other vertical scenarios of Web3, the problems caused by lack of identity are equally significant.

For example, in the DePIN field, it is common to submit fake addresses and forged data to defraud incentives, which disrupts the authenticity of the data and directly affects the practicality and trust foundation of the network. Similarly, in GameFi, the behavior of multiple accounts brushing tasks and batch receiving rewards seriously disrupts the balance of the in-game economic system, resulting in the loss of real players and the failure of the project incentive mechanism.

In the field of AI, the lack of an identity layer also has far-reaching consequences. Currently, large-scale AI model training increasingly relies on "human feedback" (such as RLHF) and data annotation platforms, and these tasks are usually outsourced to open communities or on-chain platforms. In the absence of "human uniqueness" guarantees, the phenomenon of script batch simulation behavior and robot forgery input has become increasingly serious, which not only pollutes the training data, but also greatly weakens the expressiveness and generalization ability of the model.

In a previous study called Best-of-Venom, researchers successfully induced the RLHF model to shift during training and output significantly manipulated results by injecting only 1–5% of "malicious feedback comparison data." Even if these forged human preference data account for a very small proportion, they are enough to undermine the robustness of the model and affect the final generation quality. More importantly, since the identity of the participants cannot be effectively constrained, the system is almost unable to identify or block this sophisticated disguised manipulation behavior from the source.

In addition, in the absence of an effective identity layer, the KYC mechanism, credit scoring system, and behavioral profiling widely used in the Web2 world can hardly be mapped to the chain in a native and credible way. This not only limits institutions from participating in Web3 under the premise of protecting user privacy, but also the financial system on the chain is always in an identity vacuum. A most representative example is that the DeFi lending model has long relied on the over-collateralization mechanism, and has always been difficult to reach a wider range of uncollateralized credit lending scenarios, severely limiting user coverage and capital efficiency.

The same problem also occurs in Web3 advertising, social networking and other fields. Due to the lack of verifiable user identity and behavioral preferences, mechanisms such as accurate recommendations and personalized incentives are difficult to establish, further limiting the deep operational capabilities and commercialization space of on-chain applications.

02 Exploration of Web3 Identity Layer

In fact, there are dozens of Web3 identity layer solutions on the market, such as Worldcoin, Humanode, Proof of Humanity, Circles, idOS, ReputeX, Krebit, etc. These solutions are actually trying to fill the gap in the Web3 identity layer. We can roughly divide them into four categories:

• Biometrics

Biometrics are usually characterized by biometrics (such as iris, facial recognition, fingerprint) technology to ensure identity uniqueness. This type of solution usually has strong anti-Sybil attack capabilities. Representative projects include Worldcoin, Humanode, Humanity Protocol, ZeroBiometrics, KEYLESS, HumanCode, etc.

We have seen that such solutions often infringe on user privacy by collecting biometric data, generating hashes, and so on, resulting in relative weakness in terms of privacy protection and compliance. For example, Worldcoin has come under regulatory scrutiny in multiple countries due to iris data privacy issues, including EU GDPR compliance issues.

• Social Trust

Social trust solutions usually pay more attention to "user sovereignty", emphasize social trust networks and open verification, and usually use Web of Trust, reputation scoring, etc. as core elements to establish a trusted identity network through social relationship graphs, community mutual authentication, human recommendations, etc. Representative projects include Proof of Humanity, Circles, Humanbound, BrightID, Idena, Terminal 3, ANIMA, etc.

Such schemes are usually highly decentralized in theory, and are expected to expand the trust network based on community consensus and overlay reputation governance mechanisms. However, we have seen that such schemes are usually difficult to guarantee identity uniqueness, are easily vulnerable to Sybil attacks, have poor scalability in acquaintance networks, and are therefore susceptible to identity forgery or community cold start issues. Proof of Humanity once adjusted its verification mechanism due to bot issues.

• DID Aggregation

DID aggregation solutions can usually further build a composable on-chain identity structure by integrating external credentials such as Web2 identity/KYC data and Verifiable Credentials (VCs). This type of solution is actually highly compatible with the existing compliance system, and most solutions can also support users to control data sovereignty, making it easier for some institutions to adopt. Some representative projects include Civic, SpruceID, idOS, SelfKey, Fractal ID, etc.

However, DID aggregation solutions also have weak identity uniqueness. We see that most of them are highly dependent on external data sources such as Web2 KYC or intermediary data support, so the degree of decentralization is relatively limited and the architecture is relatively complex. Although some projects such as SpruceID are exploring privacy protection through ZK-SNARKs, most solutions in this sector have not yet solved issues such as privacy verifiability.

• Behavior Analysis

Behavior analysis solutions are usually based on on-chain address behavior, interaction trajectories, task records and other data, using graph algorithms to build user portraits and reputation systems. Representative projects include ReputeX, Krebit, Nomis, Litentry, WIW, Oamo, Absinthe and Rep3.

The advantage of modeling with addresses as units is good privacy protection. It is naturally compatible with the on-chain ecosystem without the need for additional input and has strong overall adaptability. However, on the other hand, because it is impossible to establish a connection with the user's real identity, the lack of identity uniqueness leads to the prominent phenomenon of multiple addresses for one person. It is also susceptible to interference from witch behavior, and can only establish a partially labeled identity, resulting in distorted data quality.

So in summary, in the current practice of the existing identity layer solutions, we can see that they are generally trapped in an impossible triangle dilemma:

That is, privacy protection, identity uniqueness and decentralized verifiability are often difficult to take into account at the same time. At the same time, we found that except for biometric solutions, identity mechanisms in other sectors generally cannot effectively guarantee "identity uniqueness".

Therefore, biometrics are often regarded as the most deterministic element in the identity layer and have been verified in practice in many projects. However, to build a truly trusted identity system, relying solely on biometrics is indeed not enough to solve the balance between privacy protection and decentralization.

In the context of the above problems, Solo also chose to use biometric recognition as the basic means of user identity uniqueness, and based on cryptography, further proposed a more unique technical path around the difficult problem of balancing "privacy protection" and "decentralized verifiability".

03 Deconstructing Solo’s technical solution

As mentioned above, using biometrics as the identity layer can effectively prove the uniqueness of the user, but the biggest difficulty lies in how to ensure the privacy of the data and its verifiability anytime and anywhere.

Solo's solution is based on the zkHE architecture, which integrates Pedersen commitments, homomorphic encryption (HE) and zero-knowledge proof (ZKP). The user's biometrics can complete multiple encryption processes locally. The system generates a verifiable zero-knowledge proof and submits it to the chain without exposing any original data, thereby achieving the unforgeability of identity and verifiability under privacy protection.

zkHE Architecture

In Solo's zkHE architecture, the authentication process consists of a double encryption defense line: homomorphic encryption (HE) and zero-knowledge proof (ZKP). The entire process is completed locally on the user's mobile device to ensure that sensitive information is not leaked in plain text.

• Homomorphic encryption

The first line of defense is homomorphic encryption. Homomorphic encryption is a cryptographic scheme that allows calculations to be performed directly while the data remains encrypted. In the end, as long as the decryption result is completely consistent with the plaintext operation, it represents the correctness and availability of the data itself.

In zkHE, the system further inputs the committed biometrics into the circuit in a homomorphically encrypted form and performs logical operations such as matching and comparison, without the need for decryption throughout the process.

The "comparison" here is essentially to calculate the distance between the biometric vectors of the registered and current verification data to determine whether the two sets of data are from the same person. The distance calculation process itself is also completed in an encrypted state. The system then generates a zero-knowledge proof of "whether the distance is less than the threshold" based on the comparison result, thereby completing the judgment of "whether it is the same person" without exposing the original data or distance value.

This approach aims to achieve trusted computing under the premise of privacy protection, ensuring that the authentication process is verifiable, scalable, and always confidential.

• Zero-knowledge proof

After completing the aforementioned cryptographic calculations, Solo will generate a zero-knowledge proof locally for on-chain submission verification. This ZKP proves that "I am a unique and real human being" but does not reveal any original biological information or intermediate calculation details.

Solo itself uses the efficient Groth16 zk-SNARK as a proof generation and verification framework to generate a concise and robust ZKP with minimal computational overhead. The verifier only needs to verify this proof to confirm the validity of the identity, and the entire process does not require access to any sensitive data. Finally, this ZKP is submitted to the exclusive Layer2 network SoloChain and verified by the on-chain contract.

In addition to privacy and security protection, Solo also performs particularly well in verification efficiency. Thanks to the streamlined design of the encryption process and the introduction of high-performance primitives, Solo can achieve a low-latency, high-throughput identity authentication experience on mobile devices, providing strong technical support for large-scale user use and on-chain integration.

Verification efficiency

The Solo solution itself has extremely high verification efficiency, partly because it highly optimizes and adapts cryptographic algorithms.

In fact, in the Web3 identity layer track, it is not uncommon to introduce cryptography to ensure privacy and data security, especially ZK. However, there are very few solutions that can be truly implemented. In the final analysis, it all depends on

In terms of zero-knowledge proof construction, Solo chose Groth16 zk-SNARK, which has extremely high verification efficiency, as the backbone framework. The system has an extremely small proof size (about 200 bytes) and can achieve millisecond-level verification on the chain, significantly reducing interaction delays and storage overhead.

Not long ago, the Solo team conducted an experiment on its cryptographic model. As shown in the figure below, when facing higher-dimensional biometric data (Biometric Vector Length), the zkHE architecture (HE + ZKP) adopted by Solo is far superior to the traditional ZKP scheme in terms of proof generation time and total authentication time. Under 128-dimensional data conditions, the authentication time of traditional ZKP exceeds 600 seconds, while the Solo scheme is almost unaffected and always remains within a few seconds.

In addition, although the proof size of Solo in some vector dimensions is slightly larger than that of traditional solutions, its overall verification time is still controlled within the range of 30-70ms, which is sufficient to meet the latency and performance requirements of most high-frequency interaction scenarios (such as chain games, DeFi login, L2 real-time authentication, etc.).

In terms of client performance, Solo has also made a lot of optimizations.

Its zkHE verification process (including Pedersen commitment generation, homomorphic encryption processing and ZKP construction) can be completed locally on ordinary smartphones. The actual test results show that the overall calculation time on mid-range devices is 2-4 seconds, which is enough to support the smooth interaction of most Web3 applications without relying on any proprietary hardware or trusted execution environment, greatly reducing the threshold for large-scale deployment.

04 A new attempt to break the “impossible triangle” of the Web3 identity layer

From a global perspective, Solo actually provides a new path to break the "impossible triangle" of the Web3 identity layer, that is, to achieve a technical balance and breakthrough between privacy protection, identity uniqueness and usability.

In terms of privacy, the zkHE architecture allows all user biometrics to be homomorphically encrypted and ZKP constructed locally. The entire process does not require the original data to be uploaded or decrypted, thereby completely avoiding the risk of privacy leakage and getting rid of dependence on centralized identity providers.

In terms of identity uniqueness, Solo uses a feature vector distance comparison mechanism in an encrypted state to confirm whether the current validator is the same person as the historical registration record without leaking the data structure, thereby constructing the basic identity constraint of "there is a real and unique human behind each address", which is what Solo emphasizes as one person, one account (1P1A).

In terms of usability, Solo ensures that all computing tasks can be completed on ordinary mobile devices by fine-tuning the zk proof process. Actual tests show that the verification generation time is usually controlled within 2-4 seconds, and the on-chain verification process can be completed within milliseconds and is fully decentralized, which can meet the application scenarios with extremely high real-time requirements including chain games, DeFi, L2 login, etc.

It is worth mentioning that Solo itself has reserved compliance docking interfaces in the system design, including optional bridge modules that support integration with on-chain DID and KYC systems, as well as the ability to anchor verification status to a specified Layer1 network in specific scenarios. Therefore, when Solo is implemented in the compliance market in the future, it is expected to meet the requirements of various regions for identity authentication, data traceability and regulatory cooperation while maintaining privacy and decentralization.

From a more macro perspective, we mentioned above that the current Web3 identity solutions can actually be roughly divided into several technical paths, including reputation portrait systems based on on-chain behavior, VC/DID architectures based on centralized authentication, zk identity solutions that emphasize anonymity and selective disclosure, and some lightweight PoH protocols based on social networks and group authentication.

In the diversified evolution of the Web3 identity track, the biometric + zkHE-based path adopted by Solo happens to be naturally complementary to other solution paths.

Compared with solutions that focus on upper-level identity tags or behavioral credentials, Solo's advantage lies in building a basic identity network that can complete "human uniqueness confirmation" at the lowest level, and has features such as privacy protection, trustlessness, embeddability, and sustainable verification, providing basic "human entity verification" for higher-level VCs, SBTs, social graphs, etc.

In a sense, Solo is more like the underlying consensus module in the identity stack, focusing on providing a privacy-protected human uniqueness proof infrastructure for Web3. Its zkHE architecture can not only be connected as a plug-in module for various DIDs or application front-ends, but can also form a combination with existing VC, zkID, SBT, etc., to establish a verifiable and composable real identity foundation for the on-chain ecosystem.

Therefore, Solo itself can be seen as the bottom-level "trusted anonymity layer" infrastructure in the identity system, filling the industry's long-missing "1P1A (One Person, One Account)" capability gap to further support higher-level applications and provide a foundation for compliance.

Currently, Solo has reached cooperation with multiple protocols and platforms, including Kiva.ai, Sapien, PublicAI, Synesis One, Hive3, GEODNET, etc., covering multiple vertical tracks such as data annotation, DePIN network and SocialFi games. These collaborations are expected to further verify the feasibility of Solo's identity authentication mechanism, provide a feedback mechanism for its zkHE model to calibrate real-world needs, and help Solo continuously optimize user experience and system performance.

Summarize

By building a trusted and anonymous identity layer system for the Web3 world, Solo is laying the foundation for 1P1A capabilities and is expected to become an important underlying infrastructure to promote the evolution of on-chain identity systems and the expansion of compliant applications.