ZK NonFungibleDomains (ZKNFD)

Privacy-preserving credential NFTs for domain ownership on Aleo.

Comment

posted an update

Project Update: ZK NonFungibleDomains (ZKNFD)

After several iterations, we’ve streamlined the ZKNFD Leo program to be fully self-contained, efficient, and SDK-compatible. Here's what's new in the final version:

Final Design Highlights

Self-Contained Leo Contract

Our program no longer relies on external Aleo Name Service contracts. Instead:

  • We inline the TokenId struct and use it to reconstruct the domain hash.
  • We verify domain ownership using a public nft_owners mapping.
  • We keep the CredentialNFT and DomainZPass issuance logic lean and readable.

Simplified On-Chain Logic

The Leo program now expects:

  • A valid signature from the issuer (signed off-chain with the ZPass SDK),
  • The Merkle root representing the credential,
  • The domain name split into 4 u128 parts + parent,
  • An issuer address.

All ZK processing — including leaf hashing and Merkle tree construction — is done off-chain via the SDK.

ZKPass SDK Integration

We’ve confirmed compatibility with the ZPass SDK:

  • Signature generation with signMerkleRoot()
  • Merkle tree leaf hashing with getLeavesHashes()
  • Credential issuance via issueZPass() using the contract’s issue_domain_credential transition

This enables smooth frontend-to-chain interaction.

Final Verification Function

The contract includes a native Merkle path verifier:

transition verify_domain_credential(
    zpass: DomainZPass,
    leaf_hash: field,
    proof: [field; 3]
) -> bool

Log in or sign up for Devpost to join the conversation.