Z Z ypherpunk
Back to projects
Openbands icon

Openbands

Bringing credible anonymity to online discussions

$2,000
Total awarded
Devfolio Openbandsxyz/Openbandsv2 Twitter
Stratos's avatar
Stratos
Builder
Solidity React Zero-Knowledge Proofs (ZKPs) Tailwind CSS Noir ZKEmail Self Protocol

Awards

The problem it solves

Zypherpunk Hackathon Progress

We built a crucial upgrade for Openbands:
mobile verification for nationality and age, which was previously not possible.
You can read more about this in Challenge 2 above.

Short Project Context

We started building Openbands during Aztec’s NoirHack hackathon, where we won 1st place.
We later joined the Self Protocol ZK Residency, where we implemented nationality and age verification.
Most recently, we were selected as a finalist in Base Batches 002 and presented Openbands at Devconnect Buenos Aires.

What is Openbands?

Openbands is a social space where you can speak freely without exposing who you are.
A place where identity stays private, but authenticity is verified.

It enables:

  • Citizens to voice honest opinions
  • Employees to share real workplace insights
  • Creators to build private communities
  • All without fear of judgment or surveillance

Openbands brings credibility back to anonymity and privacy back to online discussion.

Think of it as Reddit with authentic communities:
you can only join a group if you truly belong there.

For example:

  • Only verified U.S. citizens can access the U.S. community
  • Only verified employees can join their company’s community

This approach enables genuine, human interaction while minimizing bots, fakes, and sybils

We see this as an urgent need in a world increasingly dominated by AI-generated content.

Live Product

Our MVP is live: https://app.openbands.xyz

Users can verify multiple real-world attributes:

  • Company affiliation via work email (zkJWT)
    → post anonymously inside your company community
  • Nationality & age via passport (Self Protocol)
    → join nationality or age-based communities

After verification, users can:

  • Create and join communities with custom badge requirements
  • Post anonymously
  • Engage with verified members while staying private

We are early adopters of zkEmail and Aztec’s zkJWT repo, and our code is open-source.

Technical Context

zkJWT (Company Verification)

  • ZK proof of a JWT from Google after signing in with a company email
  • JWT fields: $headers $payload $signature Verified using Google’s public key
  • Noir circuit verifies RSA signature and extracts email domain
  • Only domain and JWT public key are public outputs
  • Proof is generated client-side. Nothing leaves the user’s device

Self Protocol (Nationality & Age Verification)

  • Users scan passport in the Self mobile app
  • On-chain verifications stored on Celo
  • Mobile-first UX via deeplinks for smooth flow
  • Desktop users scan QR with their phone

Communities

  • Permissionless creation with customizable badge requirements
  • Supports AND/OR logic for multi-attribute membership
  • Posts are always anonymous

Onchain Contracts

Base (Company Verification)

  • Honk Verifier
    → 0x8Cda51EBA880183C5F4174b553b1C7ea175c7a90
  • ZkJwtProofVerifier
    → 0x0bC7F66F9b76eA37Ae37e3965E866bDeD8b2824C
  • ZkJwtProofManager
    → 0x9218D30c18e2342BA5A1661E95a8B2BFeD6911e2

Celo (Nationality & Age Verification)

  • Nationality Registry
    → 0x5aCA8d5C9F44D69Fa48cCeCb6b566475c2A5961a
  • Age Registry
    → 0x72f1619824bcD499F4a27E28Bf9F1aa913c2EF2a

Future Plans

Proof Composability

Combine zkPassport + zkJWT into one recursive proof for better UX and multi-attribute verification.

Semaphore Integration

Hide wallet addresses for fully anonymous interaction in Noir.

zkPDF

Prove salary or bank balance from signed PDFs — without revealing sensitive data.

Web3 Attestations

Support:

  • ERC20 holdings
  • NFT ownership
    → Token-gated communities without wallet exposure

Why This Matters

When users remain private → trust collapses due to bots and misinformation.
When platforms demand trust → privacy disappears through surveillance and data leaks.

AI makes this worse…

  • Meta deletes millions of fake profiles every year
  • 16B+ credentials exposed in breaches in 2024
  • Malicious bots make up 37% of the internet, and rising

Authenticity online is breaking.
Openbands restores integrity without sacrificing privacy.

Vision

A world where:

Verifiability and privacy coexist Not one at the cost of the other.

One trusted place with:

  • Verifiable human presence
  • No blind faith
  • No surveillance
  • No data exposure

Challenges we ran into

Challenge 1 (Open): Client-Side Proof Generation

The current verification for nationality and age works via Self Protocol, which does not provide client-side proving yet. The proofs are currently generated in trusted execution environments (TEEs), which still pose certain security risks and potential backdoors that could be exploited to retrieve users’ passport credentials.

This challenge is still unsolved. However, we are exploring possible solutions such as zkPassport (https://zkpassport.id/). Client-side proving is not yet very efficient—it takes a long time to generate proofs, which creates a poor user experience.

We are working closely with Self Protocol to develop a UX-friendly solution for client-side proving. This is essential to Openbands, as we want to ensure users remain anonymous and that their passport credentials are never exposed.

Challenge 2 (Solved): Mobile Verification Flow

Verifying nationality and age via Self Protocol works seamlessly on desktop using a QR code scan. However, Openbands is a consumer mobile-first app. Mobile devices cannot scan a QR code from their own screen, so the verification process could not rely solely on this method.

To solve this, we implemented a verification button that allows users to verify their passport credentials directly on mobile without QR scanning. This challenge has been successfully resolved and was the main focus of this hackathon update.

How It Works (Simple Flow)

  1. Start Verification

    • User clicks “Add New Badge” → Selects “Nationality” or “Age” → Chooses Self Protocol

  2. Desktop Flow

    • A QR code is displayed
    • User scans it with their phone
    • Verification happens in the Self app

  3. Mobile Flow (Challenge solved)

    • A button appears: “Open Self App to Verify”
    • User taps the button
    • Device automatically opens the Self app

  4. In the Self App

    • Already scanned passport: tap “Approve”
    • First-time verification: scan passport → tap “Approve”

  5. Blockchain Verification

    • Self app sends verification to the blockchain (Celo network)
    • User is redirected back to the website
    • A “Checking verification…” screen polls the blockchain every 3 seconds
    • Once confirmed: Success! 🎉 Redirect to the badges page

  6. Result

    • The newly verified badge appears in “My Badges”

Gallery

Openbands screenshot 1 Openbands screenshot 2 Openbands screenshot 3