Introducing ProofPack: The Future of Privacy-Preserving Data Sharing

08 Aug 2025

08 Aug 2025 by Luke Puplett - Founder

Who fancies uploading their passport and selfie to a porn site?

No one, right? But that's exactly what happens every time you need to prove your age online. You upload your passport or driver's license—with your full name, address, date of birth, and photo—to some website that only needs to know you're over 18. Even if the site is perfectly legitimate, you're still sending them your entire identity when they only need to verify one small fact.

Today, you'd have to share the entire ID document, or post a selfie where some system (which might be humans) guesses your age! The website gets access to all your sensitive information, stores it in their database, and creates a permanent record of your personal details. If their database gets compromised, your entire identity is exposed.

This is the fundamental problem with data sharing today: it's all-or-nothing. You either share everything or share nothing. There's no middle ground that lets you prove specific claims while keeping the rest of your data private.

So the folks at @opentable finally convinced me to stop using their app. Is it me or is every idiot app on the planet adopting silly levels of authentication? And now @Uber wants me to "validate" and send them a copy of my passport?? Really? The world has gone insane....

— Richard Christopher Whalen (@rcwhalen) March 25, 2025

I went to get a Qwen API key from Alibaba Cloud and it asked me for pictures of my bank statements and a scanned copy of my passport.... Yeah I dont think thats happening pic.twitter.com/XZExElbPap

— 0.005 Seconds (3/694) (@seconds_0) July 23, 2025

This isn't just about ride-sharing apps or restaurant bookings. It's happening everywhere—from cloud services to financial platforms, from travel sites to gaming platforms. Every service seems to want your entire identity when they only need to verify one small fact.

We're excited to announce ProofPack—a new standard for verifiable data exchange that solves this problem. With ProofPack, you can share only the specific information needed while maintaining cryptographic proof that the data is authentic and comes from a trusted source.

What is ProofPack?

ProofPack is a JSON format and a library for developers that enables privacy-preserving data sharing with blockchain attestation. It's designed to bridge traditional data sharing with emerging blockchain-based trust ecosystems.

At its core, ProofPack provides three key capabilities:

• Selective Disclosure: Reveal only the specific data fields you want to share while keeping everything else private

• Cryptographic Integrity: Prove that the data hasn't been tampered with using Merkle tree verification

• Blockchain Attestation: Link data to on-chain attestations for verifiable trust chains

Unlike Zero-Knowledge Proofs (ZKPs) that prove statements without revealing any underlying data, ProofPack is designed for situations where you want to share actual data but control which specific fields are disclosed. It's like a digital ID card where you can choose which information to show.

ProofPack creates static, downloadable files that can be reused across different scenarios. Once issued, you can edit the JSON to redact sensitive fields while maintaining the cryptographic integrity of the remaining structure.

Building Verifiable Trust Chains

The power of ProofPack lies in its ability to create verifiable trust chains through blockchain attestations. Let's use a concrete example of verifying someone's date of birth:

Today, trust chains exist only in words. For example:

Date of Birth ← Passport ← Zipwire ← Yoti ← iBeta ← NIST

But these relationships are currently just claims on websites. ProofPack envisions a future where each link in this chain is verifiable through blockchain attestations:

• NIST attesting to iBeta's testing capabilities

• iBeta attesting to Yoti's MyFace technology

• Yoti attesting to Zipwire's implementation

• Zipwire attesting to passport verification

• The passport authority attesting to date of birth

This creates a verifiable chain of trust that can be cryptographically proven, rather than just claimed. Trust is built through verifiable attestations, and users can verify the entire chain of trust through onchain proof, not just marketing claims.

How Users Actually Use ProofPack

Here's how the ProofPack user experience works in practice:

1. Visit an authoritative source: You go to a trusted website that has verified your data—like your bank, passport office, or university. This could be a government portal, financial institution, or certified verification service.

2. Select what to reveal: Instead of downloading your entire passport or bank statement, you choose specific fields you want to share. For example, you might select "date of birth" and "nationality" from your passport, or just "account balance" from your bank statement.

3. Download your proof: The authoritative source creates a ProofPack file containing only the selected information, cryptographically signed and attested. You download this file to your device.

4. Upload to the service that needs verification: When a website or app needs to verify something about you, you upload your ProofPack file. The service can cryptographically verify that the data comes from a trusted source and hasn't been tampered with.

5. Access granted: The service gets the confidence it needs about the specific fact it wanted to verify, without seeing any of your other sensitive information.

This flow gives you complete control over your data while providing the verification confidence that services need. You're not sharing documents—you're sharing cryptographically proven facts.

How ProofPack Works

ProofPack uses a layered approach to security and verification, with each layer serving a specific purpose:

Layer 1: Merkle Exchange Document

The innermost layer contains your actual data structured as a Merkle tree. Each piece of data becomes a "leaf" in the tree, and the root hash provides a cryptographic commitment to the entire dataset. This enables selective disclosure—you can reveal specific leaves while keeping others private, and the root hash remains verifiable.

Layer 2: Attested Merkle Exchange Document

This layer adds blockchain attestation metadata, including references to on-chain attestations (like Ethereum Attestation Service), timestamps for replay protection, and nonces for security. The attestation links the Merkle root hash to a blockchain record, creating a verifiable trust chain.

Layer 3: JWS Envelope

The outermost layer provides cryptographic signatures using JSON Web Signatures (JWS). This ensures the document hasn't been tampered with and can be verified without accessing the blockchain. The envelope can contain multiple signatures from different parties.

This layered approach enables privacy-preserving data sharing with cryptographic proof of integrity and blockchain-based attestation. The recipient can verify both the data authenticity and the on-chain attestation without needing to store or process the original sensitive data.

Real-World Applications

ProofPack is designed for practical, everyday use cases where you need to share verifiable data while maintaining privacy. The core pattern is simple: any complete record containing multiple data points can be structured as a Merkle tree, and from that complete record, selective disclosure proofs can be created to reveal only specific information while maintaining cryptographic proof of authenticity. Here are some concrete examples:

Age Verification

Instead of sharing your entire passport to prove you're over 18, ProofPack lets you reveal only your date of birth. The recipient can verify that the data comes from a trusted source (like a government-issued ID) without seeing your name, address, or passport number. The proof is cryptographically signed and can be verified against blockchain attestations.

Identity Verification for Services

When accessing EU medical services, you might need to prove your nationality. With ProofPack, you can create a proof that reveals only your nationality from your passport, without exposing any other personal information. The medical service can verify the proof's authenticity and that it comes from a trusted identity verification provider.

Supply Chain Provenance

For responsibly sourced timber, ProofPack enables verifiable tracking without exposing sensitive business information. A complete supply chain record contains detailed data: exact GPS coordinates, harvest dates, trucker licenses, fuel costs, port fees, and profit margins. Using ProofPack, this complete record becomes a Merkle tree where each piece of information is a leaf. From this complete record, selective disclosure proofs can be created: customers see only "Sourced from Canada, May 2025" while auditors access detailed coordinates and compliance data, and competitors never see pricing or profit information.

Compliance Sharing

Financial institutions can share AML compliance status across trading platforms without revealing full customer details. A compliance provider creates an attested ProofPack containing sanctions list checks and PEP status. Trading apps can request specific compliance data via OAuth, and the provider creates new ProofPacks with only the requested fields.

Energy Performance Certificates

When selling a house, energy performance certificates could be transformed into verifiable ProofPack documents containing the complete dataset, attested by the calculation software. The chain of attestations extends from the EPC calculation software through certification bodies to government approval, creating a verifiable trust chain.

The Pattern: Complete Records → Selective Disclosure

These examples all follow the same powerful pattern: start with a complete record containing multiple data points, structure it as a Merkle tree, then create selective disclosure proofs that reveal only what's needed while maintaining cryptographic proof of authenticity. This pattern applies to virtually any scenario where you have comprehensive data but need to share only specific parts.

The applications are endless: medical records where you reveal only vaccination status for travel, academic credentials showing just degree completion for job applications, financial statements disclosing only revenue figures to investors, employment history sharing specific skills without revealing salary details, insurance claims showing coverage status while protecting personal details, real estate records proving ownership without exposing purchase prices, vehicle histories revealing safety status while hiding maintenance costs, legal documents proving execution dates without exposing confidential terms, research data sharing summary statistics while protecting raw datasets, certification programs showing competency without revealing training details, and countless more scenarios where comprehensive records need selective disclosure.

The beauty of ProofPack is that once you understand this pattern—complete record → Merkle tree → selective disclosure—you can apply it to any scenario where you need to share verifiable information while maintaining privacy. The possibilities are truly endless.

Getting Started with ProofPack

ProofPack is available for both JavaScript/TypeScript and .NET, with cross-platform compatibility. Here's how to get started with the JavaScript implementation:

Installation

npm install @zipwire/proofpack @zipwire/proofpack-ethereum

Understanding Merkle Trees and Selective Disclosure

At the heart of ProofPack is a Merkle tree structure that contains all your data. Each piece of information becomes a "leaf" in the tree, and the root hash provides a cryptographic commitment to the entire dataset. This enables selective disclosure—you can reveal specific leaves while keeping others private, and the root hash remains verifiable.

Here's how it works:

import { MerkleTree } from '@zipwire/proofpack';

// Create a complete Merkle tree with all your data
const sourceTree = new MerkleTree();
sourceTree.addJsonLeaves({
    name: 'John Doe',
    email: 'john@example.com',
    salary: 75000,
    ssn: '123-45-6789',
    department: 'Engineering'
});
sourceTree.recomputeSha256Root();

console.log('Complete tree root:', sourceTree.root);
// This root hash is cryptographically committed to ALL the data

The Merkle tree structure includes:

• Header Leaf: Automatically created with metadata (algorithm, leaf count, document type)

• Data Leaves: Each piece of data becomes a separate leaf with salted hashes

• Root Hash: Cryptographic commitment to the entire dataset

Creating Selective Disclosure Proofs

From your complete data tree, you can create selective disclosure proofs that reveal only specific information while maintaining cryptographic integrity:

// Keep only specific fields (name and email)
const selectiveTree = MerkleTree.fromKeys(sourceTree, new Set(['name', 'email']));

// The selective tree maintains the SAME root hash as the original
console.log('Original root:', sourceTree.root);
console.log('Selective root:', selectiveTree.root); // Same as original!

This is the magic of ProofPack: the selective disclosure proof has the same root hash as your complete data, proving it comes from the same source while revealing only what you choose to share.

Blockchain Attestation: The Trust Layer

Once you have your Merkle tree root hash, the next step is to attest to it on the blockchain. This is where ProofPack connects to the broader trust ecosystem through attestation services like the Ethereum Attestation Service (EAS).

The Ethereum Attestation Service (EAS) is an open infrastructure that allows anyone to make on-chain attestations about anything. Think of it as a global, decentralized notary service. When an authority—like an ID checking website, a flying school, a university, or a government agency—attests to your data hash, they're making a permanent, verifiable statement on the blockchain that they've seen and verified your data.

This attestation infrastructure is becoming critical to the future of blockchain, the internet, global commerce, and our way of life. Just as the internet needed SSL certificates to establish trust in website security and privacy, the trust economy needs attestation services to map identities and credentials to verifiable on-chain statements. Solana has its own attestation service, and we're seeing similar infrastructure emerge across different blockchain ecosystems.

The beauty of this approach is that the hash itself reveals nothing about your data—it's just a cryptographic fingerprint. But when combined with an attestation from a trusted authority, it becomes a powerful tool for establishing trust without revealing sensitive information. A flying school can attest to your pilot license, a university can attest to your degree, or an ID verification service can attest to your identity—all without ever storing your actual data on-chain.

Creating Attested Proofs

Now let's create a complete attested ProofPack that combines selective disclosure with blockchain attestation. The final document is wrapped in a JWS (JSON Web Signature) envelope—a standard for signed JSON that provides cryptographic integrity and authenticity.

import { AttestedMerkleExchangeBuilder, MerkleTree } from '@zipwire/proofpack';
import { ES256KJwsSigner } from '@zipwire/proofpack-ethereum';

// 1. Create complete data tree
const tree = new MerkleTree();
tree.addJsonLeaves({ 
    name: 'John Doe', 
    age: 30,
    email: 'john@example.com',
    salary: 75000,
    ssn: '123-45-6789'
});
tree.recomputeSha256Root();

// 2. Create selective disclosure (reveal only name and age)
const selectiveTree = MerkleTree.fromKeys(tree, new Set(['name', 'age']));

// 3. Create attested proof with blockchain attestation
const attestationLocator = {
    serviceId: 'eas',
    network: 'base-sepolia',
    schemaId: '0xdeadbeef',
    attestationId: '0xbeefdead',
    attesterAddress: '0x01020304',
    recipientAddress: '0x10203040'
};

// 4. Build the attested Merkle exchange document
const builder = AttestedMerkleExchangeBuilder
    .fromMerkleTree(selectiveTree)
    .withAttestation(attestationLocator);

// 5. Sign and wrap in JWS envelope
const signer = new ES256KJwsSigner('your-private-key-here');
const envelope = await builder.buildSigned(signer);

console.log(JSON.stringify(envelope, null, 2));

The resulting document has three layers:

• Merkle Exchange Document: Contains your selective disclosure data and Merkle tree

• Attested Merkle Exchange Document: Wraps the data with blockchain attestation metadata

• JWS Envelope: Provides cryptographic signatures for integrity and authenticity

This layered approach ensures that your data is not only selectively disclosed but also cryptographically signed and linked to verifiable blockchain attestations.

Verifying Proofs

Creating proofs is only half the story. The real power of ProofPack comes when other parties can read and verify your proofs. Without verification, you have a proof—but if no one accepts it, what's the point?

ProofPack libraries handle all the heavy lifting of verification automatically. When you verify a proof, the library performs a comprehensive integrity check:

• Merkle Tree Integrity: Verifies that the revealed data is consistent with the root hash

• Selective Disclosure: Confirms that hidden leaves are properly redacted while maintaining the original root

• Timestamp and Nonce: Validates replay protection mechanisms

• Blockchain Attestation: Verifies the attestation exists on-chain and matches the expected schema

• JWS Signatures: Validates cryptographic signatures and signer authenticity

Here's how verification works with ProofPack:

import { 
    AttestedMerkleExchangeReader, 
    JwsSignatureRequirement,
    createVerificationContextWithAttestationVerifierFactory 
} from '@zipwire/proofpack';
import { 
    EasAttestationVerifierFactory,
    ES256KVerifier 
} from '@zipwire/proofpack-ethereum';

async function verifyProofPackDocument(jwsEnvelopeJson, coinbaseApiKey) {
    // 1. Configure blockchain networks for EAS attestation verification
    const networks = {
        'base-sepolia': {
            rpcUrl: `https://api.developer.coinbase.com/rpc/v1/base-sepolia/${coinbaseApiKey}`,
            easContractAddress: '0x4200000000000000000000000000000000000021'
        }
    };

    // 2. Create EAS attestation verifier
    const attestationVerifierFactory = EasAttestationVerifierFactory.fromConfig(networks);

    // 3. Create JWS verifier resolver
    const resolveJwsVerifier = (algorithm, signerAddresses) => {
        if (algorithm === 'ES256K') {
            for (const signerAddress of signerAddresses) {
                return new ES256KVerifier(signerAddress);
            }
        }
        return null;
    };

    // 4. Define verification rules
    const maxAge = 24 * 60 * 60 * 1000; // 24 hours
    const hasValidNonce = async (nonce) => {
        return /^[0-9a-fA-F]{32}$/.test(nonce);
    };

    // 5. Create verification context
    const verificationContext = createVerificationContextWithAttestationVerifierFactory(
        maxAge,
        resolveJwsVerifier,
        JwsSignatureRequirement.AtLeastOne,
        hasValidNonce,
        attestationVerifierFactory
    );

    // 6. Verify the complete document
    const reader = new AttestedMerkleExchangeReader();
    const result = await reader.readAsync(jwsEnvelopeJson, verificationContext);

    if (result.isValid) {
        console.log('✅ Document verified successfully!');
        console.log('Merkle Root:', result.document.merkleTree.root);
        console.log('Attestation Network:', result.document.attestation.eas.network);
        console.log('Timestamp:', result.document.timestamp);
        return { success: true, document: result.document };
    } else {
        console.error('❌ Verification failed:', result.message);
        return { success: false, error: result.message };
    }
}

With just a few lines of code, you get complete cryptographic verification of the data's authenticity, integrity, and blockchain attestation. The ProofPack library abstracts away all the complex cryptographic operations, making it easy to build trust in your applications.

AI and LLM Integration

ProofPack's structured JSON format opens up fascinating possibilities with AI and Large Language Models. The format is naturally parseable by LLMs, enabling automated verification systems that can:

• Parse the ProofPack JSON structure and extract leaf data

• Write code to verify Merkle root hashes

• Use Model Context Protocol (MCP) to call blockchain services and verify attestations

• Build confidence by checking attester credentials and historical attestations

In June 2025, Google Gemini demonstrated this capability by decoding an Attested Merkle Exchange JSON, extracting hex-encoded UTF-8 data from leaves, and writing a script to verify that leaf hashes correctly roll up to the root hash. This shows how ProofPack's structured nature makes it particularly well-suited for AI-driven verification systems that can process proofs without human intervention while maintaining security and privacy guarantees.

ProofPack vs Alternatives

ProofPack serves a different purpose than other privacy-preserving technologies. Here's how it compares:

ProofPack vs Zero-Knowledge Proofs (ZKPs)

While both technologies enable privacy-preserving verification, they serve different use cases:

• ProofPack: Reveals actual data (selectively) - like showing only your age from a passport

• ZKPs: Proves statements without revealing any underlying data - like proving you're over 18 without showing your birth date

ProofPack is ideal when you need to share authentic data fields, while ZKPs are better when you want to prove properties without sharing any data at all.

ProofPack vs Traditional Data Sharing

Traditional approaches require sharing complete documents or storing sensitive data in databases:

• Traditional: Share entire passport, store in database, risk exposure

• ProofPack: Share only needed fields, verify cryptographically, flexible storage model

ProofPack provides a flexible storage model that adapts to your service design. The issuer may store the complete Merkle tree, but once you have your proofs, you can delete the original data if the issuer allows it. The issuer can also let you download a full proof and then re-upload it to produce more selective proofs with newer timestamps. This gives you control over data retention while maintaining cryptographic proof of authenticity.

When to Use ProofPack

Use ProofPack when you need to:

• Share actual data fields selectively

• Control which specific information is revealed

• Create reusable, static credentials

• Verify data authenticity and source

• Link data to blockchain attestations

ProofPack's sweet spot is scenarios where you want to share authentic data while maintaining privacy through selective disclosure.

ProofPack vs OAuth Flows

Traditional OAuth flows work by having the relying party (the application requesting your data) make an API call to an identity provider like Google or Microsoft. Even though OAuth has scopes that limit what data is shared, the relying party still receives more information than they might need, and the data flows through their servers.

In OAuth, the provenance—the proof that the data is authentic—comes from the HTTPS connection between web servers. The relying party trusts the data because it came over a secure connection from a trusted provider. But this creates a permanent link: the relying party must always connect to the identity provider to verify your information.

ProofPack breaks this link by providing cryptographic proof of authenticity that doesn't require ongoing API calls. Instead of the relying party fetching your data from Google, you can present a ProofPack that contains only the specific information needed—like your age or nationality—with cryptographic proof that it came from a trusted source. The relying party gets the same confidence in the data's authenticity, but you maintain control over what information is shared and when.

Current Status and Availability

ProofPack is production-ready and available today with comprehensive implementations across multiple platforms:

Implementation Status

• JavaScript/TypeScript: Complete implementation with full functionality and Ethereum integration

• .NET: Complete implementation with full functionality and Ethereum integration

• Cross-Platform Compatibility: Validated through comprehensive testing framework

Available Packages

JavaScript/TypeScript:

• @zipwire/proofpack v0.3.2 - Core functionality (JWS, Merkle trees, selective disclosure)

• @zipwire/proofpack-ethereum v0.3.2 - Ethereum integration (ES256K, EAS attestations)

.NET:

• Zipwire.ProofPack v0.2.2 - Core library (407 downloads)

• Zipwire.ProofPack.Ethereum v0.2.2 - Ethereum-specific extensions (394 downloads)

Documentation and Resources

Comprehensive documentation is available for both implementations:

• Technical Specification: Complete JSON format specification and security considerations

• API Documentation: Detailed usage examples and reference documentation

• Cross-Platform Testing: Validation framework ensuring interoperability

• Real-World Examples: Practical use cases and implementation patterns

All implementations are open source and available under the MIT license, enabling both commercial and non-commercial use.

Join the Future of Privacy-Preserving Data Exchange

ProofPack represents a fundamental shift in how we think about data sharing. By enabling selective disclosure with cryptographic integrity and blockchain attestation, it opens up new possibilities for privacy-preserving applications across industries.

Whether you're building identity verification systems, supply chain tracking applications, compliance platforms, or any other system that requires verifiable data exchange, ProofPack provides the tools you need to do it securely and privately.

Get Started Today

• GitHub Repository: github.com/zipwireapp/ProofPack

• Documentation: Complete guides, examples, and API reference

• npm Packages: @zipwire/proofpack v0.3.2 and @zipwire/proofpack-ethereum v0.3.2

• NuGet Packages: Zipwire.ProofPack v0.2.2 and Zipwire.ProofPack.Ethereum v0.2.2

Start building the future of privacy-preserving data exchange today. Install the packages, try the examples, and see how ProofPack can transform your applications.

Publication Date: 2025-01-27

---

Learn more