37b8f0ca71
* KR-01: Scope KMP Android to 3-domain parity with provider delegation
Move SecureStorageProvider, CryptoProvider, and CryptoBridgeHandler to
commonMain so both platforms share the same contract. Add default Android
providers (EncryptedSharedPreferencesProvider, AndroidKeystoreCryptoProvider)
that consumers can replace via SdkProviderRegistry.
- Rewrite Android SecureStorageBridgeHandler to delegate to provider and
fix get() response shape to return { value: string | null }
- Register only 3 handlers (secureStorage, crypto, lifecycle) in Activity
- Add WebChromeClient with permission and file upload handling
- Add query param support to WebView URL loading
- Add bridge protocol version validation to MessageRouter
- Remove NFC/camera/biometric dependencies from build.gradle.kts
- Remove out-of-scope permissions from AndroidManifest.xml
- Create IosProviderRegistry for iOS-specific provider fields
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* KR-02: Scope KMP iOS to 3-domain parity with query param support
Move SecureStorageBridgeHandler to commonMain (fixes iOS get() response
shape to return { value: string | null } matching the bridge adapter).
Both Android and iOS now share the same handler via commonMain.
- Register only 3 handlers on iOS (secureStorage, crypto, lifecycle)
- Add queryParams parameter to WebViewProvider interface
- Update IosWebViewHost to forward query params from VerificationRequest
- Update WebViewProviderImpl.swift to append query params to URL
- Relax isConfigured check to only require secureStorage + crypto + webView
- Remove unused handler imports from SelfSdk.ios.kt
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* KR-03: Simplify test app to 3-domain smoke harness
Gut the MRZ/NFC-first flow from the test app and replace with a focused
3-domain smoke test screen that validates secureStorage (set/get/remove
round-trip), crypto (generateKey/getPublicKey/sign/deleteKey), and
lifecycle (validated via SDK launch flow).
- Add DomainSmokeScreen with pass/fail output per domain
- Remove MRZ/NFC navigation routes and expect/actual screen declarations
- Remove NFC/CAMERA permissions from Android manifest
- Remove camera dependency from build.gradle.kts
- Scope iOS test app to register only required providers (secureStorage,
crypto, webView)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix issues - test app
* coderabbit comments
* fix ci
* klint
* coderabbit review comments
* Enhance permission handling in AndroidWebViewHost
* fix registry
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Monorepo for Self.
Self is an identity wallet that lets users generate privacy-preserving proofs from government-issued IDs such as passports, ID cards, and Aadhaar cards. By scanning the NFC chip in their ID document, users can prove their validity while only revealing specific attributes such as age, nationality or simply humanity. Under the hood, Self uses zk-SNARKs to make sure personal data is redacted, but the document is verified.
Use cases unlocked include:
- Airdrop protection: Protect a token distribution from bots
- Social media: Add humanity checks to user's profiles
- Quadratic funding: Prevent farmers from skewing rewards
- Wallet recovery: Safeguard assets using IDs as recovery sources
- Compliance: Check a user is not part of a sanctioned entity list
Currently, Self supports electronic passports, biometric ID cards following the ICAO standards, and Aadhaar cards. Support for new identity documents is on the way!
Checkout the docs to add Self to your project.
FAQ
Is my document supported?
Passports: Biometric passports have the biometric passport logo on their front cover.
Aadhaar: Indian Aadhaar cards are supported for privacy-preserving identity verification. Use the mAadhaar app to generate a QR code and import it into Self.
Coverage: Checkout our coverage map here to see supported documents and countries.
What can I request/prove with Self?
When a country issues a passport or a compliant ID document, they sign datagroups that include at least:
- First and last name
- Nationality
- Date of birth
- Gender
- Expiration date
- Passport number
- Photo
Applications are able to request each of those data points.
What is the signature algorithm ?
Countries use different signature algorithms to sign ID documents. Check out our coverage map to see which.
Where can I find the countries' public keys ?
The main list of public keys can be downloaded from the ICAO website. We use multiple lists published by different ICAO members.
What's the ICAO ?
The International Civil Aviation Organization (ICAO) is a specialized agency of the United Nations. Among other things, they establish the specifications for passports, that have to be followed by all countries. The full passport specs are available here.
Project Ideas
- Combine Self with other identification mechanisms as in Vitalik's pluralistic identity regime.
- Help adding support for other identity documents to Self, such as Japan's my number cards or Taiwan DID.
- Build a social network/anonymous message board for people from one specific country.
- Create a sybil-resistance tool to protect social networks against spambots.
- Build an airdrop farming protection tool.
- Allow DeFi protocols to check if the nationality of a user is included in a set of forbidden states.
- Gate an adult content website to a specific age.
- Create a petition system or a survey portal.
- Passport Wallet: use active authentication to build a wallet, a multisig or a recovery module using passport signatures
We provide bounties for new and interesting applications using Self.
Development Setup
This project requires Node.js 22.x. Use the included .nvmrc to match the version.
Run yarn install to bootstrap dependencies and husky hooks.
Gitleaks will scan staged changes on each commit via yarn gitleaks.
Development Documentation
Note: We do not accept text-only pull request changes. While we appreciate the feedback, we will not merge external pull requests that only modify markdown files or code comments (e.g., typo fixes in documentation or comments). Pull requests must include functional code changes.
For detailed development patterns and conventions, see:
- Development Patterns - React Native architecture, navigation, state management, and code organization
- Testing Guide - Jest configuration, mock patterns, testing strategies, and E2E testing
- SDK Specs - Architecture specs, implementation guides, and wave plan for the SDK refactor (WebView engine + native shells)
These guides provide comprehensive context for AI-assisted development with ChatGPT Codex, Cursor, and CodeRabbit AI.
Contributing
We are actively looking for contributors. Please check the open issues if you don't know where to start! We offer bounties for significant contributions.
Important: Please read and follow the guidelines in contribute.md when opening your pull request.
Contact us
- Discord for technical support or reporting a bug.
- Telegram's Self builder channel for technical questions about the sdk implementation.
- Telegram's Self public group for general questions and updates.
Thanks Rémi, Florent, Ayman, Justin, Seshanth, Nico and all other contributors for building Self.
Thanks Aayush, Vivek, Andy and Vitalik for contributing ideas and inspiring us to build this technology, and PSE for supporting the initial work through grants!