zkVerify as verification layer

zkVerify serves as a public verification and aggregation network for the proofs generated by our stack.

High-level flow

  • Proof generation happens client-side or in a dedicated ZK service using the WalletOwnership circuit.

  • The client submits (proof, publicSignals, walletAddress, unifiedId) to a Glyph Relayer microservice.

  • The Relayer microservice interacts with the Horizen Labs zkVerify Relayer REST API to:

    • Register the verification key (once, cached).

    • Submit proofs for verification.

    • Poll and normalize the job result into a stable response shape.

Relayer responsibilities

Role: Hardened gateway between UnifiedID clients and the zkVerify network.

  • Input handling

    • Accepts proof bundle over POST /api/submit-proof:

      • proof, publicSignals

      • walletAddress, unifiedId

    • Performs:

      • Structural validation of proof and public signals

      • Wallet address format validation

      • UnifiedID format validation

      • Optional additional policy checks

  • Verification key management

    • Loads Groth16 VK from config/verification_key.json

    • Registers VK with zkVerify via POST /register-vk/{apiKey}

    • Caches returned vkHash in config/vk-cache.json for reuse

  • Integrating with zkVerify Relayer

    • Submit verification job.

    • Poll job status.

    • Stop when job reaches Finalized or times out.

    • The microservice normalizes job results to a stable, zkverifyjs-compatible shape.

    • Consumers can treat this as if it came from a direct zkVerify RPC client, without needing to manage VKs, polling, or zkVerify credentials themselves.

PreviousHow zk proofs are generatedNextWhy UnifiedID stays private

Last updated