Rute's Proof of Residency with Hylé and SP1
Hylé’s grantee Rute has built a proof of residency app using signed PDFs from official Portuguese service providers.
We set out to do this grant with one goal in mind: to make a provable app that would respect privacy and have a real-world use case.
The more we talked, the more we realized that too many services ask for proof of residency − a document proving that you live at a particular address, usually to ascertain your city or country of residence. More importantly, proof of residency is currently achieved by sharing your full address, name, and the exact amount of one of your utility bills in the form of a PDF sent to whoever’s asking. This is an unnecessary and invasive disclosure of personal information.
To gain access to your local swimming pool at discounted rates or complete your application for a new apartment, why should you tell an intermediary how much you’ve spent on heating last month?
From there, we decided to build a PDF-based proof of residency application. With Rute currently living in Portugal, the obvious choice for the first iteration was Portuguese utility bills. They have a strong advantage: all Portuguese invoices are digitally signed using ATCud. ATCud is a unique QR code for each invoice that combines a sequential document number and a validation code from the tax authority.
🔐 Been working on something cool: a privacy-first way to verify Portuguese residency using @hyle_org & @SuccinctLabs.
— Rute Figueiredo (@_rutefig) December 16, 2024
Upload your utility bill, get a ZK proof and settle it on Hylé - that's it. No more sharing sensitive data or your exact address.
Coming soon! 🇵🇹✨ pic.twitter.com/TZrI1ro0DU
Rute’s Proof of Residency app works like this:
- Upload a PDF with an ATCud signature and a postcode
- Generate a proof through SP1
- Verify the proof through Hylé
- Congrats, we now have proof that you pay utility bills in Portugal!
How Proof of Residency works
Behind the scenes
Here’s what happens behind the scenes:
- User enters the app
- Front-end calls the server, creating a session and a dedicated prover instance for this user (this ensures privacy as each user gets an isolated environment)
- User uploads the file directly to the prover instance
- Prover instance processes the file
- Prover instance uses the Proof of Residency library by Rute to generate a proof
- Prover instance sends the proof back to the front-end
- Once the proof is created, the prover instance is destroyed alongside any data it has used
- The frontend sends the proof to Hylé
Leveraging Hylé for Proof of residency
Proof composability
Proof composability on Hylé makes multi-proof transactions incredibly easy. Rute says: « I think putting several proofs in a single transaction is the best thing about Hylé. Thanks to it, I don’t need to be so worried about the future and what I’ll have to do when I decide to integrate other proving systems into the app. »
Read more about proof composability on our blog.
Cross-contract composition
Once the proof exists and has been settled on Hylé, you can use it as the basis for other contracts. For example, you can use the proof of residence to gate a token transfer so that only people living in a given region of Portugal will be eligible to use a local digital currency!
You can also reuse the proof of residence on Hylé for future needs without needing to prove it again.
Possible next steps
Proof of residency is a functional app, but it can still be improved.
Explore client-side proving
Currently, proving is done server-side, and the server deletes your document as soon as the proof has been generated to improve privacy.
The truly private option is client-side proving. It could be interesting to offer both options, one being more private and the other faster for less powerful devices.
Integrating with zkEmail
Our original idea was to parse emails and PDF attachments directly to link the proof of residency to an email address rather than upload a PDF that you could have gotten from someone else rather than the utility provider directly.
We changed this to a simple PDF upload because PDF parsing through zkEmail is currently untested. But « untested » doesn’t mean « impossible », and while we didn’t want to take risks with our proof of concept, it would be great to offer this!
Integrating with official government API
Currently, the app only checks for the presence of an ATCud code. It can become more robust if we validate this ATCud. However, this is not the case yet because the Portuguese government allows access to their API only through requests.
Expanding to other countries
The most natural next step for the Proof of Residency app is to expand to other countries with signed utility bills. Several countries, most of them in the European Union, offer this, for example France’s 2D-Doc.
Want to build provable applications with us? Check out our grants program and reach out if you have any questions!