sigil

A passport-based identity
registry for Ethereum addresses.

Prove you're a real person with a valid passport. Tap the passport on your phone via the app, and it will generate a zero-knowledge proof that the passport is genuine and binds it to your address. That proof goes onto a public registry on-chain, and any other contract or service can check with a single call.

Open source on GitHub Registry Contract Base Sepolia

Sigil is open source and currently testnet-only on Base Sepolia. RSA-signed passports for now. Mobile app coming soon to iOS and Android.

The verification check

Sigil is for smart contracts that need to filter for real people. Airdrops, voting contracts, and faucets are some examples.

Personhood check 
// Require a real person behind the caller.
require(sigil.isVerified(msg.sender), "not verified");

isVerified(address) returns true if a real passport is currently registered to that address.

Sybil dedup 
// Dedupe by passport, not by address.
bytes32 id = sigil.nullifierOf(msg.sender);
require(!claimed[id], "already claimed");
claimed[id] = true;

nullifierOf(address) returns a per-passport ID, the same value for every address the same passport has registered. If you track that ID in a seen set, one passport gets one share regardless of how many addresses it controls.

How it works

  1. 01

    Select an address

    Open the Sigil app, connect a wallet, and pick the address you want to sigilize.

  2. 02

    Scan and tap

    Scan the MRZ on your passport, then hold the passport to the phone. The app reads DG1 and the Security Object over NFC. Nothing leaves the phone nor saved on it.

  3. 03

    Prove on-device

    A Noir circuit checks the passport's signature chain and derives an opaque per-passport ID. The whole proof runs on the phone.

  4. 04

    Register on-chain

    Submit the proof to the registry. After that, any contract or backend can look up the address with one call: isVerified(address) for personhood, nullifierOf(address) for sybil dedup.

What's actually on-chain

Your passport data never leaves the phone and is never saved. The name, date of birth, nationality, and passport number never reach the chain.

Stored on-chain

  • An opaque nullifier (one-way hash of your passport secret)
  • The address that registered it
  • A registration timestamp and expiry, rounded to 90-day buckets

Never on-chain

  • Name, date of birth, nationality, sex
  • Passport number, issue date, the MRZ
  • DG1 / SOD bytes, RSA signatures, document images
  • Anything that ties back to the actual person

Multiple sigilized addresses are linked

You can sigilize as many addresses as you want with the same passport. They'll all share the same on-chain ID.

The visible consequence: anyone reading the chain can tell which of your sigilized addresses belong to the same passport.

The control sits with you, per address. If you don't want certain addresses connected, don't register them.

About

What it is

An open source project including a mobile app, smart contracts, and Noir circuits. one GitHub repo.

Compatibility

Sigil currently verifies passports signed with RSA-2048, the most common with biometric passports today (US, most EU, Japan, and many others). Some countries use ECDSA which isn't supported yet. The app checks at tap time and tells you if your passport isn't compatible.

Where this is going

Testnet only on Base Sepolia for now with mainnet deployment pending.

Get the app

iOS and Android, soon.

Coming soon to App Store Coming soon to Google Play