PSDP Protocol

1. Bank KYC Verification —

Real Groth16 proof + Ed25519 signatures. Customer proves age >= 18, jurisdiction US, KYC level 2. Name, birthdate, passport number stay hidden.

2. Attack Playground

Pick a pre-built attack OR edit the JSON below to craft your own. Every tampering is caught.

Or edit any field and verify:

3. Privacy: Audit Mode vs Private Mode

Same credential, same verification — but look at what the verifier sees.

4. Backend Portability —

Same policy verified by 4 backends: arkworks (Rust), gnark (Go), Circom/snarkjs, and demo. Verifier code doesn't change. Tamarin-proven (L10a, L10b). Circuits formally verified (Picus + Circomspect).

5. Policy Engine: Beyond age >= 18

Range proofs, set membership, disjunctions, sanctions screening — one policy, one proof.

6. Wallet Integration (OpenID4VP)

Generate a standard authorization request that EUDI wallets can scan.

7. Formal Security Proofs

20 security lemmas verified by the Tamarin prover under Dolev-Yao adversary model. The project's standard verification command uses --derivcheck-timeout=0, which yields a clean wellformedness pass for both models.

8. Try It Yourself

Production API with authentication, rate limiting, and security headers:

curl -X POST http://localhost:8000/api/v1/verify \ -H "Content-Type: application/json" \ -H "X-API-Key: YOUR_API_KEY" \ -d '{"proof_request": {...}, "proof_package": {...}, "current_time": "2030-01-01T12:10:00Z"}'

API docs: /docs | Demo endpoints require no key.

Get Your API Key

Register for a free key to verify PSDP proofs independently. No credit card required.