STARKID

KYC Without Compromise , Privacy Meets Compliance

Comment

Inspiration

The idea for StarkID came from a frustrating personal experience. I was trying to onboard onto a new DeFi platform, and for what felt like the hundredth time, I had to upload my passport, take a selfie, and wait days for manual verification. It hit me, why are we still doing KYC like it's 2010? In an era where we have zero-knowledge proofs and blockchain technology, why am I still sending my most sensitive documents to centralized servers that could be hacked, leaked, or misused?

I talked to my teammates about it, and everyone had similar stories. One friend had their documents rejected three times due to "poor image quality." Another had their KYC data exposed in a data breach. We realized this wasn't just our problem, it's a systemic issue affecting millions of users trying to access Web3 services.

That's when it clicked: what if we could prove we're legitimate users without ever revealing our actual data? That's how StarkID was born.

What it does

StarkID is a privacy-preserving KYC platform that uses zero-knowledge proofs to verify identity without exposing personal information.

Here's the flow: Users generate cryptographic proofs locally based on their KYC documents—like their ID or proof of address. These proofs mathematically confirm they meet verification requirements (age, citizenship, etc.) without revealing the actual data. The proof is then submitted to the Starknet blockchain where smart contracts verify it instantly.

The result? Users get verified in seconds, their documents never leave their device, and they can reuse their verification across multiple platforms without going through KYC again.

How we built it

We built StarkID on Starknet using Cairo for our smart contracts and zk-STARKs for proof generation and verification with the use of noir+garaga. The choice of Starknet was deliberate,STARKs offer transparent, post-quantum secure cryptography without requiring a trusted setup, which aligns perfectly with our privacy-first philosophy.

The frontend is built with React and TypeScript, providing a clean interface for users to generate and submit proofs. We implemented the proof generation logic to run entirely client-side, ensuring documents never touch our servers.

For the smart contracts, we wrote verification logic in Cairo that validates the zero-knowledge proofs on-chain. This ensures that verification is trustless and publicly auditable while keeping user data completely private.

Challenges we ran into

The biggest challenge was getting the proof generation to work efficiently in the browser. Zero-knowledge proofs are computationally intensive, and we had to optimize heavily to make the experience smooth for users. We spent countless hours debugging performance issues and eventually implemented web workers to handle proof generation without freezing the UI.

Another major hurdle was designing the cryptographic schema. We had to figure out exactly what claims we needed to prove (age, nationality, document validity) and structure them in a way that was both secure and practical. This required deep dives into Cairo's proof system and multiple iterations.

We also struggled with the time constraints of the hackathon. There were features we wanted to implement, like cross-chain verification and the SDK,but we had to prioritize getting a working MVP that demonstrated the core concept.

Accomplishments that we're proud of

I'm incredibly proud that we actually got it working. Seeing a zero-knowledge proof generate on a user's device and get verified on-chain in seconds felt like magic, the kind of magic that could genuinely change how identity works in Web3.

We're also proud of the UX. Zero-knowledge cryptography can be intimidating, but we managed to create an interface where users don't need to understand the underlying math. They just verify themselves and move on.

Most importantly, we built something that solves a real problem we've all experienced. This isn't a solution looking for a problem,it's addressing genuine pain points in the Web3 onboarding experience.

What we learned

This hackathon taught us that privacy and usability don't have to be at odds. We learned the intricacies of Cairo and zk-STARKs, which was a steep but rewarding learning curve.

We also learned the importance of scoping. Initially, we wanted to build everything the SDK, multi-chain support, credential marketplace. But we quickly realized that for a hackathon, shipping a solid core feature is better than half-finishing ten features.

On the technical side, we gained deep insights into proof systems, on-chain verification patterns, and the unique challenges of building privacy-preserving applications. We learned that sometimes the hardest part isn't the cryptography it's making it accessible.

What's next for StarkID

We're excited about StarkID's future. First, we want to complete the SDK so developers can integrate zero-knowledge KYC into their dApps with just a few lines of code. We envision a world where any DeFi protocol, NFT marketplace, or DAO can offer privacy preserving verification without building the infrastructure themselves.

Next, we're planning to build a cross-platform identity layer essentially a shared, reusable verification system where one StarkID verification grants access across the entire ecosystem. We're also exploring partnerships with existing KYC providers to create trusted proof generation pipelines.

Long-term, we see StarkID becoming the identity standard for Web3 where privacy isn't a luxury, it's the default. We want to expand beyond basic KYC to support credential verification for education, employment, credit scores, and more all without compromising user privacy.

The future of identity is zero-knowledge, and we're just getting started.

Built With

Share this project:

Updates