TravelID 2.0 - Secure Travel Document Verification

TravelID 2.0 turns identity from papers into proof — a Polkadot-based platform for instant, tamper-proof, and private verification of travel documents anywhere in the world.

Comment

Inspiration

Travel document verification is a common problem. Traveler's often need to prove document authenticity to authorities, hotels, and services, but current methods are fragmented and vulnerable to forgery. We wanted a solution that:

  • Provides cryptographic proof of document authenticity
  • Works without exposing sensitive document contents
  • Uses decentralized infrastructure for trust
  • Is accessible to anyone with a wallet

Polkadot’s interoperability and security make it a good fit for a cross-chain verification system that can scale globally.

What it does

TravelID 2.0 is a decentralized document verification platform on Polkadot. Users can:

  1. Upload travel documents (passports, driver’s licenses, national IDs) via a web interface
  2. Generate cryptographic hashes (SHA-256) of documents
  3. Store hashes on-chain using Polkadot system remarks for immutable proof
  4. Verify authenticity by comparing document hashes with on-chain records
  5. Share verification via QR codes or links without exposing document contents

The system verifies authenticity without storing or exposing document contents, protecting privacy while providing cryptographic proof.

How we built it

Backend (Rust)

  • Axum for async HTTP
  • Subxt for Polkadot/Substrate integration
  • SQLx with PostgreSQL for metadata
  • SHA-256 hashing for document integrity
  • System remarks to store hashes on-chain

Frontend (React + TypeScript)

  • React 18 with TypeScript
  • Polkadot.js for wallet integration (Polkadot.js, Talisman)
  • shadcn/ui components
  • TanStack Query for data fetching
  • Zustand for state
  • QR code generation for sharing

Architecture

  1. Document upload: frontend sends file to backend
  2. Hash generation: backend computes SHA-256
  3. Database storage: metadata stored in PostgreSQL
  4. Blockchain submission: hash submitted via Subxt as a system remark
  5. Verification: anyone can verify by comparing hashes

The system uses Polkadot’s remark pallet to store hashes on-chain, providing immutable proof without custom pallets.

Challenges we ran into

  1. Polkadot integration: learning Subxt and Polkadot’s transaction model, handling async operations and transaction finalization. it was tough especially finding explorers and my local txhash when it was successful
  2. Wallet connection: integrating multiple wallet extensions with different APIs
  3. Hash verification: designing a system that verifies without exposing document contents
  4. UX: making blockchain concepts accessible to non-technical users
  5. Performance: optimizing database queries and blockchain interactions for responsiveness

Accomplishments that we're proud of

  1. Full-stack implementation: working backend and frontend with blockchain integration (Testnet/Localnet)
  2. Privacy-first design: verification without exposing document contents
  3. User experience: intuitive interface for document management and verification
  4. Real blockchain integration: actual transactions on Polkadot, not just mockups
  5. QR code sharing: easy verification sharing
  6. Modern tech stack: Rust backend and React frontend with TypeScript (could also use next but I had a template ready for this kind of stuff)

What we learned

  • Polkadot ecosystem: Subxt, transaction lifecycle, and remark pallet usage
  • Rust async programming: Tokio, Axum, and async patterns
  • Blockchain UX: simplifying complex concepts for end users
  • Cryptographic hashing: SHA-256 for document integrity
  • Full-stack development: integrating blockchain, database, and frontend
  • Error handling: robust error management in distributed systems

What's next for TravelID 2.0 - Secure Travel Document Verification

  1. Custom Polkadot pallet: replace system remarks with a dedicated pallet for better indexing and querying
  2. Multi-chain support: leverage Polkadot’s interoperability for cross-chain verification
  3. Document encryption: optional client-side encryption before hashing
  4. Mobile app: native iOS/Android apps or react native app (hopefully if i win)
  5. Batch verification: verify multiple documents at once
  6. API access: public API for third-party integrations
  7. Advanced features: document expiration tracking, revocation, and delegation
  8. International standards: compliance with W3C Verifiable Credentials and related standards

Built With

Share this project:

Updates