zkAuth

A simple decentralized web app that lets users prove they're part of a group (like “Student”, “Employee”, “VIP”) without revealing private data. It uses zk proofs to verify access rights privately.

Comment

Inspiration

In today's digital landscape, users are often forced to share more personal information than necessary just to access basic services or verify their identity. We were inspired by the potential of zero-knowledge proofs to flip this paradigm—allowing people to prove something is true without revealing the underlying data. zkAuth is a privacy-first access control system that lets users prove they belong to a group (like “student” or “employee”) without revealing who they are.

We wanted to build something simple, functional, and meaningful that demonstrates the power of Aleo’s zero-knowledge tooling—while being light enough to vibe-code over a weekend.

What it does

zkAuth lets users prove that they belong to a private group (like “verified student”) using a zero-knowledge proof, without revealing any personal data.

For example, if a website offers content only to university students, zkAuth allows a user to prove they have “student” status via a cryptographic proof—without sharing their name, email, or university.

A simple frontend lets users select their access level, generate a proof, and get access confirmation—all without leaking private information.

How we built it

We wrote a Leo program that checks whether a user-provided role value (e.g., 1 = “student”) matches a pre-approved group.

The Leo program is compiled and deployed using Aleo’s snarkVM tooling.

On the frontend, we used vanilla HTML/CSS and JavaScript to create a lightweight interface for selecting a role and simulating proof generation.

For the demo, we stubbed or simulated parts of the zero-knowledge process to demonstrate flow quickly, but the backend logic is built to support real zk proof generation.

Challenges we ran into

Getting familiar with the Leo language and Aleo’s developer tools took time—especially understanding how to structure inputs and outputs for a zk proof.

Because Leo is purpose-built for Aleo, debugging was different than typical software development, and we had to rethink some mental models.

Generating and verifying real zk proofs client-side proved challenging under time constraints, so we had to mock some flows in the frontend.

Finding a simple yet meaningful use case that could demonstrate privacy without overengineering was a creative challenge.

Accomplishments that we're proud of

We created a fully working zero-knowledge program in Leo.

We designed a privacy-respecting UX that avoids over-collecting user data.

We kept the project lightweight and clean, focusing on doing one thing well.

We learned how to integrate Aleo tooling and zk concepts into a real-world use case that could be extended into production.

What we learned

How zero-knowledge proofs work under the hood, and how to implement them using Aleo’s Leo language.

The constraints and capabilities of working with privacy-first programming models.

How to keep frontend and backend interactions minimal and secure in a zk context.

That building private-by-design systems doesn't have to be complex—simple access control can be a great entry point.

What's next for zkAuth

Implement real-time proof generation and verification with snarkVM in-browser or via a secure backend.

Support more complex access policies (e.g. “must be both a student and a DAO member”).

Extend zkAuth to plug into existing web apps or protocols as a privacy-preserving access module.

Explore using anonymous credentials or NFT-gated access via Aleo’s NFT standard.

Package zkAuth as a reusable widget or SDK for developers building private apps on Aleo.

Built With

Share this project:

Updates