Prove with Sismo
Frictionless and privacy-preserving logins
Sismo’s ultimate aim is to facilitate frictionless and privacy-preserving logins across web3 via Prove with Sismo.
Whether enhancing existing login infrastructures or accessing applications with one-time logins, Prove with Sismo gives users a seamless UX when proving facts about their identities. With the click of a button, users can leverage the accounts imported into their Sismo Vault to access particular applications or services.
Sign-In with Ethereum (SIWE) gives users sovereign data ownership yet fails to address privacy concerns. With ZK Badges resembling privacy-preserving web3 cookies, Prove with Sismo ensures that users only share necessary information instead of their entire web3 history.
As Sismo is an entirely modular protocol, it can be integrated into any application. In this regard, Prove with Sismo can become the new standard for decentralized, frictionless, and privacy-preserving logins.
After returning to the gated application, they make a transaction to submit the required proof. This proof is then forwarded to the relevant Sismo attester—simultaneously minting a Badge and granting access to the airdrop.
The single transaction flow provides a frictionless UX—benefitting both users and the application itself. It is best demonstrated with the Mergooor Pass—an NFT that allows Ethereum Merge contributors to access upcoming web3 events. After connecting to the app, users make a single transaction to simultaneously mint a ZK Badge proving their eligibility, and claim a Mergooor Pass.
Alternatively, users can access gated on-chain applications with two transactions. When clicking ‘Prove with Sismo’, the user is redirected to the Sismo app, where they mint a Badge. After the user receives the Badge from the relevant attester, they can send an additional transaction to access the Badge-gated on-chain application.
The dual transaction flow is easier to integrate from a developer's perspective yet requires additional input from the user. However, both of the flows described provide a frictionless UX for on-chain applications.
In addition to on-chain applications, Prove with Sismo can be integrated with off-chain applications. For example, a web3 community could have an off-chain merch store only accessible to verified community members.
If an off-chain application has already integrated Sign-In with Ethereum (SIWE), it can easily enhance its existing login infrastructure by integrating Prove with Sismo.
When clicking ‘Prove with Sismo,’ users are redirected to the Sismo app—where they mint the required Badge. Once the off-chain app has verified ownership of the newly minted Badge, it grants access to the gated service.
Off-chain applications can also accept zero-knowledge proofs directly instead of the Badges that represent them. In this flow, the user clicks the ‘Prove with Sismo’ button and generates a ZKP after being redirected to Sismo. This ZKP is then accepted as proof by the off-chain application’s backend.
Namely, the off-chain application must integrate Sismo’s verifier code into its backend. If the app wants to limit its services to a single ZK proof, it must also store Sismo’s nullifier—which associates the user’s address with the proof in question.
Both of the outlined flows provide off-chain applications with a way to enhance privacy and UX for their users.