PolariPass

Like the North Star, your identity should be a fixed point of trust, not a trail of data. Selective presence for a more private, autonomous, and secure digital era.

Comment

PolariPass

Orion Build Challenge 2026

"Polaris has guided navigators for thousands of years not by following them, but by staying exactly where it is. PolariPass gives every digital citizen the same power: a fixed, trusted identity anchor that shares only what you choose, only when you choose."

💡 Inspiration

We live in an era of mandatory digital visibility. While governments and enterprises sprint toward universal Digital ID systems, citizens are left with a growing anxiety: Digital Tethering.

We don't fear digital identification itself. We fear the implicit, 24/7 surveillance that follows every interaction with the modern world that to access a bank, a clinic, or a government portal, we must surrender our full name, date of birth, real-time location, and biometric history. This creates massive personal risk and enterprise liability at the same time.

Our inspiration was Polaris, the North Star. For thousands of years, Polaris has guided navigators not by following them, but by remaining a fixed, unchanging point of trust. PolariPass is that fixed point in the digital universe an approach to identity built from the psychological need for autonomy: the ability to choose when to be visible and when to be "off-grid," without losing access to society's essential services.

◈ What It Does

PolariPass introduces the Selective Presence Layer a trusted proxy that sits between a citizen's full identity record (the "Master Vault") and external services (Fintech, Health, Enterprise SaaS).

Using simulated Zero-Knowledge Proof (ZKP) logic, the system decouples Permission from Identity. When a service requires verification, PolariPass doesn't send the user's date of birth or full profile. Instead, it generates a single-use PolarisToken: a cryptographically signed assertion for example, Assertion: Over 18 = TRUE that the enterprise can trust, but cannot use to de-anonymize the user.

Key Features

🌟 The Identity Constellation A "Calm Tech" dashboard where a user's data points Location, DOB, Solvency, Citizenship are visualized as stars in a personal constellation. Users can "dim" (hide) or "brighten" (share) specific attributes per interaction, based entirely on their own comfort level. No defaults pushed on them. No dark patterns.

🔒 Blackout Mode — Local-First In off-grid, mesh-network, or high-privacy scenarios, sensitive documents are encrypted and stored locally on-device. The system generates single-use StellarTokens with a 60-second expiry for immediate offline verification simulating a mesh/Bluetooth handshake protocol with no internet required.

🏢 Mock Enterprise Gateway Interactive portals for a Global Merchant (requires OVER_18) and a City Health Clinic (requires REGION_VERIFIED) demonstrate the enterprise side of the value proposition: zero PII received, zero PII stored, zero breach liability.

🔧 How We Built It

We simulated a complete cross-domain architecture to demonstrate both feasibility and scale.

Domain Implementation
Fintech / Cybersecurity The core polaris.ts engine uses HMAC-SHA256 cryptographic hashing to generate signed PolarisTokens. This protocol proves an attribute (e.g., AGE_VERIFIED) without revealing any underlying PII.
UX / Product A dark-themed React application built around the "Identity Constellation" UI, following Calm Technology principles — minimizing cognitive load and restoring a genuine sense of control and safety.
Enterprise SaaS / Scalability Mock Merchant and Clinic portals accept PolarisTokens, validate the user, and grant access without ever receiving, processing, or storing raw identity data.
Sustainability / Off-Grid The app defaults to Local-First operation. Token generation is simulated on-device, minimizing data-center dependencies and making the project fully compatible with solar-powered hardware.

Tech Stack: React 19 · TypeScript · Vite · Tailwind CSS 4 · Motion · Lucide React · LocalStorage

🚧 Challenges We Ran Into

The primary challenge was distilling the complexity of Zero-Knowledge Proofs into a deployable prototype within a 4-day sprint. Full zk-SNARKs were beyond the hackathon's scope but we successfully implemented the logic of ZKP: proving a property without revealing the underlying value. The polaris.ts engine uses HMAC-SHA256 commitment schemes that faithfully represent the protocol's real-world behaviour, with code comments mapping each step to its cryptographic counterpart.

We also navigated strict Content Security Policy (CSP) constraints and the limitations of browser-based development sandboxes, ultimately opting for a robust browser-local simulation that functions with zero external server dependencies.

A third challenge emerged during the UI build: when a user modified their constellation mid-verification, the app threw Cannot read properties of null (reading 'expiresAt'). Handling the race condition between token state, verification state, and UI re-renders required a useEffect cleanup hook a small fix, but a reminder that real-world identity flows must handle interrupted sessions gracefully.

🏆 Accomplishments We're Proud Of

We are proud of building a product that is not "anti-system" but "pro-system done right." We didn't just hide data we built a functional bridge that addresses the genuine friction points of modern identity infrastructure.

Our two-sided value proposition is the core accomplishment:

  • For the Individual: Restored psychological autonomy. The user decides what is visible, to whom, and for how long.
  • For the Enterprise: Eliminated the liability of storing "Toxic PII." No data ingested means no data breached.

The Identity Constellation metaphor — stars you dim or brighten is the design achievement we're most proud of. It made a technically complex concept feel like a natural, human gesture.

📖 What We Learned

We learned that impactful technology solutions consistently emerge at the intersection of disciplines. By combining Fintech compliance, Cybersecurity principles (Data Minimization), and Psychology (Calm Technology), we created a more humane product than any single domain could produce alone.

We also deepened our understanding of Local-First, offline-compatible software architecture a critical skill for building tools that remain resilient in low-connectivity environments. And we learned that the hardest design problem is not building the vault; it's communicating trust through a UI that never feels clinical or threatening.

🚀 What's Next for PolariPass

PolariPass is a scalable platform, not just a competition prototype. Our roadmap includes:

  • True ZKP Integration — Migrating from the HMAC simulation to real-world ZK libraries (SnarkJS / Circom) to produce legally verifiable, production-grade proofs.
  • DID / SSI Standards — Integrating with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to make PolariPass compatible with the emerging global standards for Self-Sovereign Identity.
  • Hardware Wallet Support — Extending Blackout Mode to store Master Vault encryption keys on specialized hardware wallets, enabling a true cold-storage / hot-proof architecture.
  • Government ID Compatibility — Native support for eIDAS (EU), Aadhaar (India), and ISO 18013-5 mDL (mobile Driver's Licence), making verifyAnchorClaim() a universal integration layer.

PolariPass — Your fixed point in a moving digital world.

Built With

Share this project:

Updates