Skip to content


The Proof interface of the JS SDK performs the following functionalities:

  • Verifies the zero-knowledge proof for circuit IDs provided.
  • Generates proof in response to the protocol proof request.
  • Generates authentication inputs.
  • Performs state verification.
  • Performs transit state on the latest state to generate state transition proof and publish state to the blockchain.

Verify Zero-Knowledge Proof using verifyProof() method

This method performs verification of the zero-knowledge proof for a given circuit ID.

verifyProof(zkp: ZKProof, circuitName: CircuitId): Promise<boolean>;
where zkp is the zero-knowledge proof generated by the user's wallet. circuitId is the ID of the circuit used for generating proof.

The method returns the result of verification in the boolean format.

Click here for the API Reference.

Generate Zero-knowledge Proof using generateProof() method

This method generates the zero-knowledge proof for the given ZKP request, identity, and credential.

    proofReq: ZeroKnowledgeProofRequest,
    identifier: DID,
    credential: W3CCredential,
    opts?: ProofGenerationOptions
  ): Promise<ZeroKnowledgeProofResponse>;
where proofReq is the ZKP request for the proof generation. identifier is the DID of the user's wallet for which the proof is requested. credential is the Verifiable Credential associated with the DID that is used for proof generation. opts are the options selected for the proof generation. These are some of the possible options:
interface ProofGenerationOptions {
  authProfileNonce: number;
  credentialSubjectProfileNonce: number;
  skipRevocation: boolean;


When a user logs into a Verifier, it does not share its identity. Instead, it shares with it the profile as the user does not receive a credential on his/her identifier but on his/her profile. This profile is defined by credentialSubjectProfileNonce parameter in the proof generation options mentioned above. Sharing one's profile instead of his/her identity prevents the possible identity tracking by a Verifier.

The method returns a Zero-knowledge Proof along with the credential used for proof generation.

Click here for the API Reference.

Generate Authentication Inputs using GenerateAuthV2Inputs() Method

This method generates authentication inputs for a given circuit, DID, profile nonce, and a payload (such as the hash of a token). It is used as a protocol in the package manager of a JWZ token. These inputs are used to generate a Zero-knowledge Proof for an authentication circuit.

    hash: Uint8Array,
    did: DID,
    profileNonce: number,
    circuitId: CircuitId
  ): Promise<Uint8Array>; 

where hash is the payload token that the JS SDK signs. did is the DID of the Identity that generates the proof. profileNonce is the nonce associated with a specific profile of the Identity. circuitId is the ID of the circuit used for authentication.

This method returns an array of inputs for the authentication circuit.

Click here for the API Reference.

Verify State using verifyState() Method

This method is the state verification function that uses circuit ID and public signals to verify the state. These public signals are part of the Zero-knowledge Proof and contain an Identity State. To verify this state, you need to call this function.

 verifyState(circuitId: string, pubSignals: Array<string>): Promise<boolean>;

where circuitId is the ID of the circuit used for authentication. pubSignals are the public signals created during the proof generation process.

This method returns the state of verification in the boolean format.

Click here for the API Reference.

Generate State Transition Proof using transitState() Method

This method generates a state transition proof and publishes the identity's state to the blockchain. The state transition is always performed on the latest state of the identity.

    did: DID,
    oldTreeState: TreeState,
    isOldStateGenesis: boolean,
    stateStorage: IStateStorage,
    ethSigner: Signer
  ): Promise<string>;

where did is the DID of the Identity for which the state transition is to be performed. oldTreeState is the previous state of the identity. isOldStateGenesis determines if the state transition has been done from the Genesis state of the identity or not. stateStorage defines the storage of the identity states. Currently, only Ethereum-based storage is supported. ethSigner is the signer for transactions.

The method returns the transaction hash. For a state transition to happen, a transaction needs to be done from an Ethereum Wallet.

To know more about circuits, read here.

To know more about state transition, read here.

Click here for the API Reference.