Solo: A Web3 trusted anonymous identity layer based on zkHE identification protocol.

"Solo is building a "trusted anonymous" on-chain identity system based on its original zkHE architecture, which is expected to break the long-standing "impossible triangle" that has plagued Web3, achieving a balance among privacy protection, identity uniqueness, and decentralized verifiability."

Recently, the Web3 identity layer project Solo announced the completion of a $1.2 million Pre-Seed funding round, led by Draper Associates with follow-on investment from Velocity Capital. Brian Retford, founder of RISC Zero, and Matt Katz, founder of Caldera, also participated as strategic angel investors. This funding round further positions Solo as a focal point in the Web3 identity sector.

Focusing on the fundamentals of the project, on one hand, the strength of the core team behind it is impressive. CEO Edison studied at Yale School of Management, where he co-founded the Yale Blockchain Society and led the organization of the first Yale Blockchain Summit. To concentrate on advancing the Solo project, Edison chose to drop out and commit full-time to R&D. The other two co-founders, Stephen and Sissi, are both professors at Shenzhen University, each with deep expertise in blockchain and artificial intelligence — Stephen is one of the early contributors to the Ethereum Foundation, while Sissi has achieved significant results in AI research and practical applications.

In terms of technical pathways, Solo has built an identity architecture centered on its unique zkHE (zero-knowledge homomorphic encryption) solution, achieving a dynamic balance between privacy protection, identity uniqueness, and decentralized verifiability. Given the current Web3 ecosystem's systemic issues, such as frequent witch attacks, lack of user credit systems, and difficulties in compliance access, the solution proposed by Solo may hold significant reference and leading significance.

This article will deeply analyze the new paradigm of identity represented by Solo from multiple dimensions, including market structure, technical pathways, and narrative positioning.

01 The long-term identity layer's long-term vacancy in the Web3 world

Although the infrastructure in the Web3 field is continuously improving at a rapid pace, the "identity layer" as a key module supporting trust and participation has long been absent.

In fact, from data labeling, behavior scoring to protocol interaction and community governance, a large number of key tasks in Web3 rely on "human input" as an effective data source. However, from the perspective of on-chain systems, users are often merely a wallet address composed of letters and numbers, lacking structured individual characteristics and behavior tags. Without additional identity layer mechanisms, the crypto-native world is almost unable to establish trustworthy user profiles, let alone achieve reputation accumulation and credit assessment.

The lack of an identity layer directly gives rise to one of the most common and challenging issues in Web3, namely, witch attacks. In various incentive activities that rely on user participation, malicious users can easily fabricate multiple identities to repeatedly claim rewards, manipulate votes, and pollute data, rendering mechanisms that should be driven by "real human participation" completely ineffective. Taking Celestia as an example, in its 2023 airdrop, as much as 65% of the 60 million $TIA was acquired by bots or witch accounts, a similar phenomenon is also widely observed in the distribution processes of projects like Arbitrum and Optimism.

Despite some projects attempting to introduce "anti-Sybil" mechanisms to screen for abnormal behavior, the reality is that these measures often mistakenly harm real users, while actual bots can easily circumvent the rules. For example, the previous airdrop anti-witch rule of EigenLayer sparked some controversy, as some normal users were misjudged as witch attackers and thus excluded from the airdrop, leading to disputes. Therefore, we see that in the absence of a strong identity foundation, on-chain incentive distribution is always difficult to achieve fairly, efficiently, and sustainably.

In other vertical scenarios of Web3, the issues caused by the lack of identity are equally significant.

For example, in the DePIN field, the phenomenon of submitting fabricated data with false addresses to deceive incentives is common, disrupting the authenticity of data and directly affecting the practicality and trust foundation of the network. Similarly, in GameFi, behaviors such as using multiple accounts to complete tasks and claim rewards in bulk severely disrupt the balance of the in-game economic system, leading to the loss of real players and the failure of project incentive mechanisms.

In the field of AI, the absence of an identity layer has also brought profound impacts. Current large-scale AI model training increasingly relies on "human feedback" (such as RLHF) and data labeling platforms, and these tasks are often outsourced to open communities or on-chain platforms. Without the assurance of "human uniqueness," the phenomenon of script batch simulation behavior and robot-generated inputs has become more severe, not only contaminating the training data but also significantly weakening the model's expressiveness and generalization ability.

In a previous study called Best-of-Venom, researchers successfully induced a shift in the training of RLHF models by injecting 1–5% of "malicious feedback comparison data," resulting in significantly manipulated outputs. These fabricated human preference data, even at a very low proportion, are sufficient to undermine the model's robustness and affect the quality of the final output. More importantly, due to the inability to effectively constrain the identities of the participants, the system is almost incapable of identifying or blocking such cleverly disguised manipulation behaviors from the source.

Moreover, in the absence of an effective identity layer, the KYC mechanisms, credit scoring systems, and behavioral profiling widely used in the Web2 world can hardly be mapped onto the blockchain in a native and trustworthy manner. This not only limits institutions' participation in Web3 while safeguarding user privacy, but also keeps the financial system on-chain in a state of identity vacuum. A representative example of this is that the DeFi lending model has long relied on over-collateralization mechanisms, making it difficult to access broader scenarios of unsecured credit lending, severely limiting user coverage and capital efficiency.

The same problem also arises in the fields of Web3 advertising, social networking, etc. Due to the lack of verifiable user identities and behavioral preferences, mechanisms such as precise recommendations and personalized incentives are difficult to establish, further limiting the depth of on-chain application operations and commercialization space.

02 Exploration of Web3 Identity Layer

In fact, there are currently dozens of Web3 identity layer solutions on the market, such as Worldcoin, Humanode, Proof of Humanity, Circles, idOS, ReputeX, Krebit, etc. These solutions are all attempting to fill the gap in the Web3 identity layer, and we can roughly categorize them into four types:

• Biometric

Biometric types are typically characterized by biometric technologies (such as iris, facial recognition, fingerprints) to ensure identity uniqueness. These solutions often possess strong resistance to witch attacks, with representative projects including Worldcoin, Humanode, Humanity Protocol, ZeroBiometrics, KEYLESS, and HumanCode.

We see that such solutions often tend to infringe on user privacy due to the collection of biometric data, generation of hashes, etc., leading to relatively weaker dimensions in privacy protection and compliance. For example, Worldcoin has faced regulatory scrutiny in multiple countries due to iris data privacy issues, including compliance issues with the EU's GDPR.

• Social Trust Class

Social trust solutions typically place a strong emphasis on "user sovereignty" and highlight social trust networks and open validation. They often center around core elements such as Web of Trust and reputation scoring, establishing a trustworthy identity network through social relationship graphs, community mutual certification, human recommendations, and other means. Representative projects include Proof of Humanity, Circles, Humanbound, BrightID, Idena, Terminal 3, ANIMA, etc.

Such schemes are theoretically capable of achieving a high degree of decentralization, with the potential to expand trust networks based on community consensus and to overlay reputation governance mechanisms. However, we have observed that such schemes often struggle to ensure identity uniqueness, making them vulnerable to Sybil attacks, with poor scalability in familiar networks, and consequently susceptible to issues such as identity forgery or community cold start problems. Proof of Humanity has previously adjusted its verification mechanism due to bot issues.

• DID Aggregation Type

DID aggregation solutions can usually further build a composable on-chain identity structure by integrating Web2 identity/KYC data, Verifiable Credentials (VCs), and other external credentials. These solutions are actually highly compatible with existing compliance systems, and most solutions also support user control over data sovereignty, making it easier for some institutions to adopt. Some representative projects include Civic, SpruceID, idOS, SelfKey, Fractal ID, etc.

However, for DID aggregation solutions, the uniqueness of identity is relatively weak. We see that most of them heavily rely on external data sources such as Web2 KYC or intermediary data providers, so the degree of decentralization is relatively limited, and the architecture is relatively complex. Although some projects like SpruceID are exploring privacy protection through ZK-SNARKs, most solutions in this sector have not yet addressed issues such as privacy verifiability.

• Behavioral Analysis Category

Behavioral analysis solutions are typically based on on-chain address behavior, interaction trajectories, task records, and other data, utilizing graph algorithms to construct user profiles and reputation systems. Representative projects include ReputeX, Krebit, Nomis, Litentry, WIW, Oamo, Absinthe, and Rep3.

The advantage of modeling by address is that it provides good privacy protection, naturally compatible with the on-chain ecosystem without the need for additional inputs, and has strong overall adaptability. However, on the other hand, because it cannot establish a connection with the user's real identity, the lack of identity uniqueness leads to a prominent phenomenon of one person having multiple addresses. It is also easily affected by witchcraft behavior and can only establish localized labeled identities, resulting in data quality distortion.

Therefore, based on the above, we can see that the existing identity layer solutions generally fall into an impossible triangle dilemma.

It is often difficult to ensure privacy protection, identity uniqueness, and decentralized verifiability simultaneously. At the same time, we find that, apart from biometric solutions, identity mechanisms in other areas generally struggle to effectively guarantee "identity uniqueness."

Biometric features are therefore often regarded as the most definitive elements in the identity layer and have been practically validated in multiple projects. However, relying solely on biometrics to build a truly trustworthy identity system is indeed insufficient to address the balance between privacy protection and decentralization.

In the context of the aforementioned issues, Solo also chooses biometric recognition as the fundamental means of user identity uniqueness, and based on cryptography, further proposes a relatively unique technical path around the balancing dilemma of "privacy protection" and "decentralized verifiability."

03 Deconstructing the technical solution of Solo

As mentioned above, using biometric recognition for identity verification can effectively prove the uniqueness of users, but the biggest challenge lies in how to ensure data privacy and verifiability at any time and place.

The Solo solution is based on the zkHE architecture, which integrates Pedersen commitments, homomorphic encryption (HE), and zero-knowledge proofs (ZKP). Users' biometric features can undergo multi-layer encryption processing locally, allowing the system to generate verifiable zero-knowledge proofs and submit them to the blockchain without exposing any raw data, thereby achieving the non-repudiability of identity and verifiability under privacy protection.

zkHE architecture

In the zkHE architecture of Solo, the authentication process is composed of a dual encryption defense: Homomorphic Encryption (HE) and Zero-Knowledge Proof (ZKP). The entire process is completed locally on the user's mobile device, ensuring that sensitive information in plaintext will not be leaked.

• Homomorphic Encryption

The first line of cryptographic defense is homomorphic encryption. Homomorphic encryption is a cryptographic scheme that allows computations to be performed directly on encrypted data, with the final decrypted result being exactly consistent with the plaintext operation, which represents the correctness and usability of the data itself.

In zkHE, the system further inputs the biometric features after commitment into the circuit in the form of homomorphic encryption, performing logical operations such as matching and comparison without the need for decryption throughout the process.

The "comparison" here essentially calculates the distance of the biometric feature vectors between the registered data and the current verification data to determine whether the two sets of data come from the same person. This distance calculation process is also completed in an encrypted state, and the system subsequently generates a zero-knowledge proof based on the comparison result to determine "whether the distance is less than the threshold," thereby completing the judgment of "whether it is the same person" without exposing the original data or the distance value.

This approach aims to achieve trustworthy computing under the premise of privacy protection, ensuring that the authentication process is verifiable, scalable, and always confidential.

• Zero-Knowledge Proof

After completing the aforementioned cryptographic computation, Solo will generate a zero-knowledge proof locally for on-chain submission verification. This ZKP proves "I am a unique and real human being" without revealing any original biometric information or intermediate computation details.

Solo itself uses the efficient Groth16 zk-SNARK as the proof generation and verification framework, generating concise and robust ZKP with minimal computational overhead. The verifier only needs to check this proof to confirm the validity of the identity, and the entire process does not require access to any sensitive data. Ultimately, this ZKP is submitted to the dedicated Layer2 network SoloChain, where it is verified by on-chain contracts.

In addition to privacy and security guarantees, Solo also performs exceptionally well in verification efficiency. Thanks to the streamlined design of the encryption process and the introduction of high-performance primitives, Solo is able to achieve low-latency, high-throughput identity verification experiences on mobile devices, providing strong technical support for large-scale user adoption and on-chain integration.

verification efficiency

The Solo scheme itself has extremely high verification efficiency, partly due to its highly optimized and adapted cryptographic algorithms.

In fact, in the Web3 identity layer track, there are not a few cases of introducing cryptography to ensure privacy and data security, especially with ZK as the main focus. However, currently, there are very few solutions that can truly be implemented, and it ultimately comes down to.

In terms of zero-knowledge proof construction, Solo has chosen the highly efficient Groth16 zk-SNARK as its main framework. This system features an extremely small proof size (approximately 200 bytes) and can achieve millisecond-level verification on-chain, significantly reducing interaction latency and storage overhead.

Recently, the Solo team conducted experiments on its cryptographic model as shown in the figure below. When faced with higher-dimensional biometric feature data (Biometric Vector Length), the zkHE architecture adopted by Solo (HE + ZKP) far outperformed traditional ZKP solutions in proof generation time and total authentication time. Under the condition of 128-dimensional data, the authentication time of traditional ZKP exceeds 600 seconds, while the Solo solution remains almost unaffected, consistently staying within the range of several seconds.

In addition, although the proof size of Solo is slightly larger than traditional schemes in certain vector dimensions, its overall verification time is still controlled within the range of 30–70ms, which is sufficient to meet the latency and performance requirements of most high-frequency interaction scenarios (such as blockchain games, DeFi logins, L2 real-time authentication, etc.).

In terms of client performance, Solo has also made a lot of optimizations.

The zkHE verification process (including Pedersen commitment generation, homomorphic encryption processing, and ZKP construction) can be completed locally on a regular smartphone. Test results show that the overall computation time on mid-range devices is 2–4 seconds, which is sufficient to support smooth interactions for most Web3 applications, without relying on any proprietary hardware or trusted execution environments, greatly reducing the threshold for large-scale deployment.

A New Attempt to Break the "Impossible Triangle" of Web3 Identity Layer

From a global perspective, Solo actually provides a new path to break the "impossible triangle" of Web3 identity layer, achieving a technological balance and breakthrough among privacy protection, identity uniqueness, and usability.

At the privacy level, the zkHE architecture allows all users' biometric features to be homomorphically encrypted and constructed with ZKP locally, without the need to upload or decrypt the original data throughout the process, thereby completely avoiding the risk of privacy leakage and eliminating dependence on centralized identity providers.

In terms of identity uniqueness, Solo confirms whether the current validator is the same person as the historical registration record through a feature vector distance comparison mechanism in an encrypted state, without revealing the data structure. This builds the foundational identity constraint of "each address corresponds to a real unique human," which is the emphasis of Solo's one person one account (1P1A) principle.

In terms of usability, Solo ensures that all computing tasks can be completed on ordinary mobile devices through fine optimization of the zk proof process. Test results show that the verification generation time is usually controlled within 2 to 4 seconds, while the on-chain verification process can be completed in milliseconds and is fully decentralized, meeting the high real-time requirements of application scenarios such as blockchain games, DeFi, L2 logins, and more.

It is worth mentioning that Solo itself has reserved compliance docking interfaces in its system design, including optional bridging modules that support integration with on-chain DID and KYC systems, as well as the capability to anchor verification status to a designated Layer 1 network in specific scenarios. Therefore, in the future, when targeting the compliance market, Solo is expected to meet the requirements for identity verification, data traceability, and regulatory cooperation while maintaining privacy and decentralization characteristics.

From a more macro perspective, the current Web3 identity solutions can actually be roughly divided into several technical paths, including on-chain behavior-based reputation profile systems, centralized certification-based VC/DID architectures, zk identity solutions that emphasize anonymity and selective disclosure, as well as lightweight PoH protocols that are partially based on social networks and group certification.

In the process of diversified evolution of the Web3 identity track, the path adopted by Solo, which is based on biometrics + zkHE, happens to form a natural complementarity with other solution paths.

Compared to solutions that focus on upper-layer identity labels or behavioral credentials, the advantage of Solo lies in the construction of a foundational identity network capable of completing "human uniqueness verification" at the lowest level. It features privacy protection, trustlessness, embedability, and sustainable verification, providing the basic "human authenticity verification" for higher-level VC, SBT, social graphs, and more.

In a sense, Solo is more like the underlying consensus module in the identity stack, focusing on providing the infrastructure for human uniqueness proof with privacy protection capabilities for Web3. Its zkHE architecture can not only serve as a plug-in module for various DIDs or application front-ends, but it can also form a combination with existing VCs, zkIDs, SBTs, etc., to establish a verifiable and composable real identity foundation for the on-chain ecosystem.

Therefore, Solo itself can be regarded as the most fundamental "trusted anonymous layer" infrastructure within the identity system, filling the long-standing capability gap of "1P1A (One Person, One Account)" in the industry, to further support higher-level applications and provide a foundation for compliance.

Currently, Solo has established partnerships with multiple protocols and platforms, including Kiva.ai, Sapien, PublicAI, Synesis One, Hive3, GEODNET, among others, covering various verticals such as data labeling, DePIN networks, and SocialFi games. These collaborations are expected to further validate the feasibility of Solo's authentication mechanism, providing a feedback mechanism calibrated to real-world demand for its zkHE model, helping Solo continuously optimize user experience and system performance.

Summary

By building a credible and anonymous identity layer system for the Web3 world, Solo is laying the foundational capabilities for 1P1A and is expected to become an important underlying infrastructure to promote the evolution of on-chain identity systems and the expansion of compliant applications.