We propose the concept of "zk-SBT"—a zero-knowledge soulbound token. A zk-SBT has an open part and a secret part. The open part is a non-transferable NFT. The secret part is a verifiable credential. The two parts are linked by storing the hash/CID of the credential in the NFT.

A zk-SBT can be minted by a trusted party and bound to the address of a receiver to represent a transfer of trust. E.g. a city hall can mint an identity zk-SBT to a citizen. The NFT shows "Residence Permit". The credential stores the detailed information of the receiving person.

Flexible disclosure. People can use this zk-SBT to show they have a residence permit by simply showing the NFT. They can also show personal details by presenting the credential. Most interesting is, they can prove attributes about themselves with the ZK scheme provided by zCloak.

Note that the credential part should only be stored in user device. This fits the concept of Self-Sovereign Data. We consider it the ultimate way to preserve user privacy. An app, such as the zCloak ID Wallet, can be used to hold user credentials and perform ZKP computations.