Skip to Content
đź‘‹ Hey there! Welcome to the ZenZ Docs. Got issue? Report here
đź“‘ DocumentationIdentityZ-ID

Z-ID

Identity Infrastructure in ZenZ Ecosystem

Z-ID is the high-performance, decentralized identity gateway for the MOI Zen ecosystem, serving as a universal identity layer for users, autonomous applications, and physical resources (IoT/Compute). Unlike traditional identity providers that rely on centralized databases, Z-ID maintains zero canonical state in local storage. It derives all identity, credential, and capability states exclusively from the MOI Blockchain. This architecture ensures that Z-ID is purely a read/write gateway to the immutable ledger, eliminating “split-brain” state issues and serving as a trusted oracle for identity verification.

The service enforces a strict Capability-Based Access Control (CBAC) model rather than traditional RBAC. Authorization is not verified by checking “who you are,” but by verifying “what you hold” (a valid, unexpired Capability signed by an issuer). All external interactions are standardized via the Model Context Protocol (MCP), allowing AI agents and external applications to discover, resolve, and utilize identity services seamlessly.

Identity Types

Any entity that shall be identified, in zenz ecosystem there will 3 types of participants

  • User, the real human
  • Application, the agents or applications
  • Resource, the nodes that host and process different set of interactions

User

Identifier

However there is always one master unique identifier for a user, user will be having different set of identifiers respective to different contexts. To start with ZenZ enables identifying the user by their:

  • Decentralized Identifiers (DIDs)
  • Simple Usernames
  • Multi-Chain Wallet IDs
export interface Identifier {
  readonly participantID: string;
  identifierType: IdentifierType;
  value: string;
  status: string;
  verified: boolean;
  verifiedAt?: string; //timestamp
  addedAt: string; //timestamp
}

AuthMethod

This feature will enable user to have multiple authentication methods which will be picked by different applications user interacts with. Examples

  • IOMe uses zero_knowledge_proof for authentication
  • DID driven platforms user verifiable credentials for authorization
  • Tradional apps uses Google or X oAuth for single sign-on

This gives the user flexibility to interoperate between web2 and web3 systems without any friction.

export interface AuthMethod {
  authType: AuthMethodType;
  config?: Record<string, any>;
}

Credential

In today’s digital world, creating a deepfake information or pretenting to be someone else is very easy. ZenZ Identity Infrastructure treats every attribute or in simpler every digital information of the user as a “Credential”.

So, if a Credential is owned by user such as email, phone, kyc or degree, it need to be encrypted and attested. Ofcourse, the proof corresponding to credential is always available globally with or without ZenZ.

export interface Credential {
  attribute: string;
  isEncrypted: boolean;
  data?: Uint8Array; // data will be encrypted bytes if isEncrypted=true
  cryptoParams: Uint8Array; // { method, key, salt, nonce }
 
  // Verification details
  verifiedAt: string;
  isVerified: boolean;
  verProof: bool;
}
Last updated on:
MethodsUser Methods