SOULBOUND · SOLANA

NFT-Encrypted Identity

Your identity is a digital badge that lives on the Solana blockchain — it cannot be stolen, transferred, or faked. When you log in, you prove you hold the badge by signing a unique one-time challenge. We also confirm the badge is still live on-chain before granting access. Your data is locked with a key only your wallet can generate — ZKey never holds it. To remove someone, an admin destroys their badge on-chain. Access is gone permanently. No grace period.

Ed25519pNFT Rule SetAES-256-GCMHKDFShamir SSSRedis TTLAdmin Burn
01
Issue your badge
A unique digital badge is created and locked to your wallet. It can never be moved, sold, or copied.
02
Prove it's you
You sign a unique one-time challenge. We verify your signature and confirm the badge is live on-chain.
03
Lock your data
Your data is encrypted with a key only your wallet can create. ZKey stores only the locked version.
04
Share access
Grant colleagues access by wrapping a key for their badge. Revoke it anytime, instantly.
05
Stay logged in
Your session is remembered securely in real time. No slow database checks on every click.
06
Remove access
Destroy the badge on-chain. All keys deleted. Access cut permanently — no exceptions.

Soulbound pNFT with Deny-All Rule Set

A Metaplex Programmable NFT (pNFT) is minted to the user's Solana wallet at onboarding. The NFT is bound to a custom Authorization Rule Set that denies all transfer operations — Wallet-to-Wallet, Sale, Delegate, LockedTransfer — making it permanently non-transferable. The only permitted action is an authority-only burn using a PubkeyMatch rule tied to the mint authority. This makes the NFT a true soulbound credential: it cannot be sold, gifted, or moved — only destroyed.

// Rule Set (mpl-token-auth-rules v2)
operations: {
  'Transfer:WalletToWallet':  notV2(passV2()),  // deny
  'Transfer:Owner':           notV2(passV2()),  // deny
  'Delegate:Sale':            notV2(passV2()),  // deny
  'Burn:Holder':  pubkeyMatchV2('Authority', mintAuthority),  // admin only
}

Challenge–Response Auth Flow

On login, the server generates a cryptographically random 32-byte nonce (stored in Redis with a 5-minute TTL) and returns it to the client. The client signs the message `ZKey Auth: <nonce>` with their Solana wallet private key using Ed25519. The server verifies the signature with TweetNaCl and simultaneously checks the user's token account on-chain to confirm the soulbound NFT is still present and active. Both checks must pass. Once verified, a session token is issued and cached in Redis for 1 hour.

// Verification
const msg = new TextEncoder().encode(`ZKey Auth: ${nonce}`);
const valid = nacl.sign.detached.verify(msg, sig, pubkeyBytes);
const tokenAccount = await getAccount(connection, ata);
assert(tokenAccount.amount === 1n);

Wallet-Derived Encryption (AES-256-GCM + HKDF)

Encrypted records stored in ZKey use keys derived from the user's wallet signature — never from a server-side secret. The client signs a deterministic derivation message, feeds the signature into HKDF-SHA256 to produce a 256-bit Data Encryption Key (DEK), then encrypts data with AES-256-GCM. The DEK is wrapped (encrypted) with each authorized NFT holder's wallet-derived key and stored alongside the ciphertext. The server stores only ciphertext and wrapped keys — it never sees the plaintext DEK.

// Client-side only (never on server)
const sig    = await wallet.signMessage(deriveMsg);
const dek    = await hkdf(sig, salt, 'ZKey-DEK-v1', 32);
const { ct, iv } = await aesGcmEncrypt(dek, plaintext);
const wrapped = await aesGcmEncrypt(holderKey, dek);

Threshold Decryption (Shamir Secret Sharing)

For high-security records, the DEK is split into N shares using Shamir's Secret Sharing. Each authorized NFT holder receives one encrypted share. Decryption requires any K-of-N holders to cooperate (threshold). The server coordinates a threshold session — collecting blinded share contributions from K holders — but the final DEK reconstruction happens exclusively on the client side. The server never holds enough shares to reconstruct the secret alone.

Instant Revocation via Admin Burn

When a user's access needs to be revoked, an admin triggers a burn transaction using the mint authority's keypair. The pNFT is permanently destroyed on-chain via the Metaplex burnV1 instruction. All wrapped keys and shares associated with that mint address are immediately deleted from the database. Any subsequent auth attempt fails the on-chain ownership check — the wallet no longer holds the credential. No grace period, no token blacklist needed.

Audit Trail

Every significant NFT auth action is recorded in an immutable audit log: nonce generation, signature verification, session creation/expiry, mint, burn, record creation, key wrapping, and threshold session events. Logs capture wallet address, mint address, IP, user-agent, success/failure, and timestamp — providing a complete forensic record for compliance.

All Features
NFT-Encrypted IdentityWallet-Based LoginOAuth 2.0 / OIDCOTP AuthenticationOrganizations & Sub-OrganizationsImmutable Audit Trail

Ready to implement?

ZKey deploys on Railway in minutes. Postgres + Redis included.

Sign in to admin
Next →
Wallet-Based Login
© 2026 ZKey — Dishub TechnologiesSystem Admin →