Guest Blog: .zkdid™

· 5 min read
Guest Blog: .zkdid™

With the DIF Hackathon starting on October 26, DIF caught up with Toby Bolton, Founder of .zkdid™ who is looking to collaborate on his innovative use case for Decentralized Identifiers (DIDs) and other DIF work items. 

What is .zkdid? 

.zkdid is an acronym for Zero Knowledge Decentralized Identity. It’s a Decentralized Domain Name System (dDNS) protocol intended to empower the public. It’s also a registered trademark, it’s the name of the project, intended as a mark-of-trust and is a prospective Web3 top-level domain (like .com).   

The purpose is to establish a “.zkdid” Zero Knowledge (ZK) decentralized identity protocol for Web3 that is compliant with government Know Your Customer (KYC) requirements.

Each address with the .zkdid extension is a unique identifier in the form of a Non-Fungible Token (NFT) which is resistant to duplication. The goal is to use these identifiers to create a ZK Proof of personhood registry and NFT-gated community that is Sybil resistant. Sybil resistance mechanisms aim to ensure that each participant in a network has a unique and singular identity.

This creates the basis for a secure, publicly owned/governed, decentralized, zero-knowledge Domain Name System (DNS). 

How did the .zkdid initiative come into being, and why are you doing it? 

First and foremost, I worry about the future of my daughters, and how these novel identity technologies could possibly erode human rights and privacy if not deployed with due diligence and care. So I wanted to find the solution to such problems. I’ve been aware for quite a while that identity is a great use case for blockchain. Then zero-knowledge proofs (ZKPs) became a hot topic. That’s when I got onto the .zkdid path. 

The idea for .zkdid initially came from an online chat where we were discussing the Ethereum Name Service (ENS). The question I had was, “what is the top-level domain of Web3?”, which sparked quite a debate. 

I believed the top-level domain for Web3 would likely be an identity protocol, and possibly even .zkdid.

The aim is to connect the public to an identity layer that is not centrally controlled. The details of this decentralized governance identity protocol are still being researched. 

How will .zkdid be different? 

There are quite a few blockchain name services. I wanted to improve on what I had found. ENS is likely the best known dDNS protocol but uses tokenomics for its governance and can be owned anonymously which in my opinion doesn’t work for a proof of personhood protocol. In my view I’m developing an alternative. What I’m building is also an alternative to other proof-of-personhood protocols in the market like Worldcoin and Proof of Humanity.

The point of .zkdid is to create a decentralized DNS layer, one that is publicly owned by a not for profit foundation, which does not rely on tokenomics that can manipulate leadership of the protocol. These are areas I saw in other protocols that I believe need improving.

With .zkdid, the identity is the token. Your .zkdid domain name will enable you to prove who you are in the Web3 digital domain without needing to reveal any personal information about yourself. Each person is one token. You are the token. 

How do you see this coexisting with current Identity and DNS systems?

DNS (Domain Name System) is one of the most widely used internet protocols, most of us use it daily and it’s possible that one day .zkdid can connect the Identity industry to a publicly owned dDNS protocol.

When I registered .zkdid, I knew it was important that it was secured from every dDNS registrar. Once I registered the domain name, I submitted a Trademark application in the United Kingdom, which was promptly published. 

ICANN do not govern decentralized DNS domain names, so a strategy is needed to protect them. However, I understand ICANN are looking into blockchain technologies and it would be a pleasure to have them involved in the project. We are also inline to become a Web3 Domain Alliance (W3DA) member, it’s an important initiative that intends to act as a foundation to inhibit possible dDNS collisions. We need to bring people together. No one should be excluded, .zkdid is meant to be a public good after all. 

What are the next steps for the project? 

Recently, I’ve been collaborating with a team at the Fraunhofer Institute that is looking to use the traditional DNS system to create a trust registry of all humans and IoT devices. My vision is to use dDNS and for the public to be issued a .zkdid identifier through the eIDAS initiative. This means if you are a European citizen, your .zkdid identifier could be connected to your government issued identity.

This was not the initial objective but as things progressed I learned the only way to achieve our ambitious goal is to integrate with government initiatives like eIDAS. 

I’ve now managed to build a great team of enthusiastic developers to work with me on this concept during the DIF Hackathon. To work within the Hackathon rules this first step is likely going to take advantage of the Open Source Iden3 toolkit. I’m going to suggest we use that, plus relevant DIF work items such as the Universal Resolver, BBS Signature Scheme, DIDComm and Sidetree Protocol. We need to focus on making it multi-chain and interoperable. 

I’m really pleased that Polygon ID is one of the sponsors of the Hackathon, because it was the PolygonID/Iden3 wallet that was the original inspiration for this project. When I first encountered PolygonID I thought it was impressive, very abstract but really clever technology.

During the Hackathon we will develop this concept into an initial functioning prototype. If the people who join me for the Hackathon subsequently want to team up to form a .zkdid Working Group at DIF to develop the specification, that would be brilliant. 

I’m looking for team members who are pro freedom and human rights, who understand the importance behind decentralized technologies, and have an optimistic and balanced outlook. 

Why have you chosen DIF to host this initiative? 

The opportunity came out of the blue. When I first joined the DIF I was introduced to Andor Kesselman, who chairs the Technical Steering Committee. Andor said “You’ve got a great vision, now let’s start from the beginning.” He asked me to strip down the concept to the basics needed to commence a DIF working group. 

And stripping it back to the bare bones we find a zero-knowledge decentralized DNS system. I always intended .zkdid to be a global mark of trust and an open standard that works with any kind of wallet, identity network and protocol. Now I’m in the DIF, I’ve got an opportunity to be part of the process of defining the specification that may actually become a standard. 

I feel like I've been thrown out of the frying pan into the fire, which is a bit overwhelming but exactly what I needed! 

What should people do if they are interested in getting involved? 

Firstly, please provide feedback on the idea by contacting Toby on Slack, or via email at

The next step is to join forces with Toby to participate in the DIF Hackathon

Finally, please let Toby know if you are interested in working with him to establish a new .zkdid Working Group at DIF.