This proposal introduces an Anon Aadhaar integration for Devcon in Bangkok, enabling Indian citizens to prove their nationality using zero-knowledge proofs and access ticket discounts in a privacy-preserving way. This improves the user experience and eliminates the need to share sensitive identity documents.
Example Flow:
On the Devcon ticket ordering site, users click a button redirecting them to an Anon Aadhaar frontend.
Users are redirected to a web app, that prompts the user to prove the requested credentials (their nationality, optionally: age > 18, gender).
Users upload their Aadhaar Secure QR Code, downloaded on the mAadhaar app.
The user accepts to generate the proof, which is generated locally on their browser, and submitted to the callback URL.
Backend verifies the proof, checks the discount_codes table, and returns a discount code if valid.
thanks for the proposal!
Can you elaborate on #2 - how do they prove it? With their passport?
Especially wondering as we do zk-passport for SEA discounts now - so want to see the difference between Anon Aadhaar and zk-passport - and the difference should be in #2
Can you elaborate on #2 - how do they prove it? With their passport?
Sure!
So every Indian citizen has an Aadhaar card, which is signed by the government, this signature can be found on the Aadhaar secure QR code, that can be generated on the mAadhaar app.
So the document is different, but the proving process is the same, the difference is on the location of the signature, in the case of a passport the signature is located inside of the chip of the physical document itself, while in the Aadhaar case, the citizen can generate a signed QR code at any moment both on gov website and on the mAadhaar app.
so want to see the difference between Anon Aadhaar and zk-passport
I think both are complementary, using the same backend logic with different frontends and proving systems. India just started to issue ePassports and only a few citizens have access to them at the moment.
thanks for the clarification! Now the process makes sense to me.
Just a bit scared of themAadhaar app tbh - the first reviews I see when opening the app in the store is this:
also not fully sold on the security of the “secure QR code” - especially as I also saw printed QR codes on PVC cards - so they do not seem to be dynamic. But would need to dive deeper into this. But from the surface it feels a bit wrong in contrast to the chip in the passport.
So (mainly for the dependency on the app) wondering if it makes sense to dogfood this temporary solution (as you said they now also roll out the NFC passports) in this point of time - or just start to experiment with the process via zk-passport only.
Yes, you’re perfectly right to raise these points, let me be more clear.
Just a bit scared of themAadhaar app tbh
The mAadhaar app is widely used in India, and it’s the official app delivered by the government to manage your Aadhaar card. Also, this app has been downloaded more than 50m times and has a 4/5 rating on 356k reviews. So to reassure you the app is pretty safe and again it’s built by the gov.
especially as I also saw printed QR codes on PVC cards - so they do not seem to be dynamic
Yes exactly, that’s why we’re asking the user to generate freshly signed QR Code data and then it’s the job of the verifier to check that the proof contains a fresh timestamp.
From the DIP itself:
5. **Backend Verification**:
- The backend server receives the proof and verifies it.
- The verification process includes:
- Checking the validity of the proof.
- Checking the `nullifierSeed` value is corresponding to this action.
- Verifying that the proof was generated from a valid Aadhaar QR code public key, by checking the `pubkeyHash`.
- Verifying that the timestamp value is less than x minutes ago, to ensure users' have access to their UIDAI portal.
- Ensuring the proof has not been reused by checking the `nullifier` against previous claims.
It feels a bit wrong in contrast to the chip in the passport.
It has exactly the same security at the signature check level. I would even say that the timestamp as a TOTP (Time-based One Time Password) mechanism that exists on Anon Aadhaar is more secure because it gives a proxy to check whether the user is the owner of the identity and has not just found the document by accident.
Just to clarify - this is not true. As an India Citizen without an Aadhar - this would not work for everyone.
Woudn’t it be simpler to just check for a SMS OTP received with a +91 be much simpler? I don’t see why a government ID proof has to come in to provide discounts.
In general, a discount for just Indian developers would still be exclusionary - shouldn’t this apply to other low-income countries as well? And presumably via more general means than one specific Government ID.
Edit: As a correction, Aadhar is not a proof of citizenship, as the proposal assumes. It is not the equivalent of an Indian Passport - it is a proof of indian residency, and is available legally to anyone who has a continuos stay of 180 days in India.
Wouldn’t this be much easier to sybil attack? I assume it’s not that difficult to get multiple +91 numbers, though maybe I’m wrong.
Agree if we just gave discounts to Indian developers it would be oddly specific. But we do plan for steep discounts for all Local Builders in Southeast Asia. And while India does not qualify as part of SEA, there are strong arguments to facilitate Indian attendance at Devcon: i) India ranks first on many lists for web3 adoption, ii) for Devcon Bogota, Colombia rejected all visa applications from India, meaning almost no Indians could attend the last Devcon which is quite unfair, and iii) Thailand is the closest Devcon has ever been to India AND has a relatively welcoming policy for Indians which I feel we would be remiss if we did not capitalize on it.
It’s hard to find perfect solutions. Tradeoffs everywhere. Accessibility and Sybil Protection are hard to acheive fully, and are even often opposing. But I feel this is a pretty cool opportunity to demonstrate the power of ZKPs as way to extend existing digital identity systems in a privacy preserving way, and worth at least a small experiment.
and again it’s built by the gov.