This is a technical introduction to Rarimo’s ZKPs for biometric passports. It covers how passports are securely scanned, verified, and used to generate ZK Proofs-of-Citizenship.

Ihor Diachenko, Kitty Horlick

Cyberspace cannot transcend meatspace, at least not yet anyway. Whether it's for DeFi protocols complying with US sanctions or political dissidents organizing online, as long as the physical world has borders, the digital world will need ways of verifying citizenship.

The two most widespread methods, however, encroach on privacy and come with major drawbacks:

1. IP range filteringIP range filtering hinders the use of anonymization tools like TOR which is a deal breaker for anyone with privacy concerns: particularly those living in oppressive regimes.

   It is also something of a paper tiger, dissolving quickly in the face of VPNs.

2. KYC providersAs centralized entities, KYC providers are vulnerable to attacks and can be easily commandeered by governments.

In pursuit of a better solution: one that is truly decentralized, anonymous and places control back into the hands of the users, Rarimo has developed Proof-of-Citizenship.

This method uses biometric passports and zero-knowledge cryptography to enable users to verify their citizenship in incognito mode. They are protected from tracing and do not reveal any additional information about themselves.

Biometric passports 101

Biometric passports are familiar to any traveler. Currently, 172 nations issue ID documents compatible with the ICAO Machine Readable Travel Documents standard, making them the most widely used identity credential worldwide.

Each biometric passport contains an MRZ(Machine-Readable Zone). Inside the MRZ is an RFID chip that stores data for biometric verification, personal details, an expiration date, and the issuer's digital signature.

To verify a passport’s validity, the verifier reads the MRZ using an NFC scanner, verifies the issuer's digital signature, and checks the expiration date.

Rarimo’s solution

Rarimo’s ZKP solution consists of the following components:

• The RariMe mobile app

  • RariMe is a self-custody identity wallet. No personal data ever leaves the device and everything is processed locally

  • It scans passports, securely stores their data, and generates ZK proofs

  • It is available on both Android and iOS

• A set of Rarimo Circom circuits

  • These generate and verify zero-knowledge proofs of identity.

• A set of Rarimo smart contracts

  • These manage the identity profile states.

• Rarimo's cross-chain messaging protocol

  • This propagates the identity states to other chains on demand.

To get started, the user must read the passport information using NFC, in other words, they must scan the chip inside their passport with their phone. After verifying that the passport is valid, the device securely and locally stores the following data:

• DG1 Personal Details

  • This reflects much of the information printed on the passport's data page. It includes primary identity information including name, date of birth, nationality, and passport number.

• DG2 Facial photograph

  • This contains the passport photo

  • In the future, it will be used for facial recognition with ZKML proofs

• DG15: Active Authentication Public Key

  • This includes the public key used for Active Authentication(AA), a security feature preventing unauthorized copying of passport data

• Hash values of other DGs

• Issuer's signature

• Document Signer Certificate (CDS)

None of this data is shared anywhere or is accessible to outside parties. Rarimo achieves this by performing all actions locally, without access to the internet.

Next, RariMe creates a passport-derived profile by:

1. Generating a keypair for identity management

2. Signing the public key for the identity management keypair using the passport's Active Authentication mechanism

3. Generating a Zero-Knowledge proof of passport validity

4. Submitting all of the above to the identity state contract on the Rarimo chain. This registers the profile

Passport Liveness Commitments

The protocol also supports periodic passport liveness commitments. This prompts users to re-verify their passports every few months. Proving passport ownership over time is useful for cases such as voting where a corrupt government could skew results by issuing fake passports.

To implement periodic passport liveness commitments, all the verifier application needs to do is set the time threshold to limit the impact of freshly printed documents on the final use case.

The Passport Validity Circom circuit can then start proving that the user owned a valid passport-derived profile at the specified time.

Additionally, this circuit also allows users to

• Prove that their citizenship matches the provided allowlist

• Prove that the expiration date of their passport is within a specified time bounds

• Prove that the date of their birth is within a specified time bounds

• Selectively disclose any personal data from DG1

DApps can verify the proofs both on-chain and off-chain. Rarimo's on-demand identity state replication technology scales the usage of on-chain proofs to any EVM-compatible network.

Technological limitations

The first implementation of Proof-of-Citizenship comes with some limitations:

• No biometric checks are included, meaning someone may scan a stolen or borrowed passport. However, ZKML solutions can alleviate this in the future.

• There's no way to prevent a holder of multiple passports from onboarding multiple times.

• Now, only passports that support Active Authentication are supported. The Rarimo community is, however, working on an MPC-based solution to circumvent this limitation.

Use cases

The Proof of Citizenship technology is open source and can be used by any commercial or non-profit Web3 project that needs to run anonymized citizenship, age, humanity, or uniqueness checks.

The Rarimo community has already built several such DApps:

• Freedom Tool: a surveillance-free voting solution uses ZKPs for biometric passports to allow citizens to prove voter eligibility without being traced. The Russian opposition used the technology to build Russia2024, a secure protest app for dissidents.

• RariMe: Rarimo’s soon to be launched self-custody identity wallet. Users will be able to privately store their passport data, and use it to verify their citizenship, age, and humanity without revealing personal information. The first use-case will be programmable airdrops, including a humanitarian aid drop that puts money directly into the hands of citizens.

Conclusion

Proof-of-Citizenship combines biometric passports and Zero-Knowledge-Proof technology to provide a truly incognito method for verifying citizenship.

As well as using Zero-Knowledge cryptography, Rarimo’s solution operates locally and avoids third-party involvement. This federated model is exceptionally difficult to attack and provides top-tier privacy guarantees.

Rarimo’s Proof-of-Citizenship solutions have been designed to ensure that citizenship remains a characteristic that citizens and activist groups, instead of just the state, can use to organize.

The community hopes to see a plethora of new use cases and social applications that leverage Proof-of-Citizenship to help spread freedom, privacy, and meaningful human connection. Surveillance-free voting and charitable airdrops are just the start.

Privacy is Freedom.

Read more on Rarimo X page