## ZK Face ID Wallet <iframe src="https://giphy.com/embed/MaYuIS9HJb2c2d0cF9" width="222" height="480" frameBorder="0" class="giphy-embed" allowFullScreen></iframe><p><a href="https://giphy.com/gifs/MaYuIS9HJb2c2d0cF9"></a></p> An open-source, ERC-4337 wallet that lets users sign transactions with Face ID, eliminating the need for seed phrases. ## How it works Demo is live at [https://noseedphrases.xyz](https://noseedphrases.xyz). First, we trigger a [WebAuthn](https://webauthn.io/) registration on the client's device, triggering a Face ID, Touch ID, or another supported authentication gesture. We ask it to sign a specific challenge string that indicates a possible transaction – for example, sending 0.1 ETH to vitalik.eth. Next, we take the resulting ECDSA signature and public key and generate a ZK proof using the [Halo2](https://zcash.github.io/halo2/concepts/proofs.html) proof system. Specifically, we build off of Axiom's [halo2-ecc](https://github.com/axiom-crypto/halo2-lib) library, which has an implementation of an ECDSA proof on the secp256k1 curve. WebAuthn uses the secp256r1 curve, so we added its parameters and curve operations, published [here](https://github.com/zkwebauthn/halo2curves). Essentially, we're creating a proof that says, _I have correctly performed Face ID and I authorize this transaction_. And anyone who sees the proof will be able to verify it, and not gain any information about my secret key or personal data. Finally, we'll need to send this proof to Ethereum to execute our transaction! We bundle a [UserOperation](https://eips.ethereum.org/EIPS/eip-4337#definitions) and set the `signature` field to our zero-knowledge proof. We send the UserOperation to a bundler, where it's redirected to our [P256Wallet](https://github.com/zkwebauthn/webauthn-halo2/blob/main/contracts/src/P256Account.sol) smart contract wallet that verifies the proof and completes the transaction. Future Application: [Know Nothing Labs](https://twitter.com/knownothinglabs) is currently building out a consumer application πŸ‘€ ## Roadmap βœ… Develop ZK circuits for proving secp256r1 elliptic curve based signatures used by the WebAuthn protocol βœ… Modify steps of the WebAuthn procedure to inject userop data into body signed by the WebAuthn authorizer's signature βœ… Build an account abstraction wallet which verifies proofs of valid WebAuthn signatures to validate userops YOU ARE HEREπŸ‘‡ πŸ—οΈ Buidling a consumer app deeply integrated with our novel, easy to use wallet infra. Follow us at [@knownothinglabs](https://twitter.com/knownothinglabs) for more updates! ## Links Twitter: https://twitter.com/knownothinglabs Demo: https://www.noseedphrases.xyz/ Github: https://github.com/zkwebauthn/webauthn-halo2