XGitHub

Architecture

zkSIM is designed as a modular system with three independent layers, each responsible for a specific function. This structure allows developers to use components in

Layer 1 - ZK Identity Layer

Purpose: Authenticate eSIM devices without revealing sensitive information like IMSI or phone number.

Key Features:

  • Pseudonymous identity creation

  • Generation of zero-knowledge proofs (ZKPs)

  • Verification of subscription validity by the server

Tech Stack:

  • Circuit Language: Noir

  • Prover: TypeScript

  • Verifier: Node.js

Example of Layer Interaction (TypeScript / Server):

// Generate ZK proof on client
const proof = await generateProof(userIdentity, tariffPlan);

// Send proof to server for verification
const isValid = await fetch('/verify-proof', {
  method: 'POST',
  body: JSON.stringify({ proof }),
}).then(res => res.json());

if(isValid) {
  console.log("Identity verified successfully!");
}

Layer 2 - Privacy Marketplace

Purpose: Enable users to buy and activate eSIM plans anonymously.

Key Features:

  • ZK proofs confirm payment and plan validity

  • No wallet, personal data, or phone number is exposed

  • Supports offline proof generation

Example Flow (Pseudo-Code / JSON):

POST /buy-esim
{
  "proof": "<zk-proof-of-payment>",
  "planId": "data-plan-1"
}

Response:
{
  "status": "ok",
  "message": "eSIM plan purchased successfully"
}

Marketplace Logic:

  • User generates ZK proof for plan

  • Server verifies proof

  • Server issues activation token

Layer 3 - Web3 Layer

Purpose: Integrate eSIM authentication with blockchain and decentralized systems.

Key Features:

  • NFT or token acts as access pass

  • On-chain proofs can unlock services or subscriptions

  • Optional integration with DePIN networks or Web3 dApps

Example Flow (TypeScript / Web3):

// Connect wallet
const provider = new Web3Provider(window.ethereum);
await provider.send("eth_requestAccounts", []);

// Verify subscription using NFT proof
const accessGranted = await verifyOnChainNFT(userAddress, nftId);

if(accessGranted) {
  console.log("Access to dApp granted!");
}

Diagram / Architecture Overview

+-------------------+       +---------------------+
|                   |       |                     |
|  Layer 1: ZK ID   | --->  |  Layer 2: Marketplace |
|  (Noir circuits)  |       |  (anonymous eSIM)     |
+-------------------+       +---------------------+
           |
           v
   +-------------------+
   |                   |
   | Layer 3: Web3 Layer|
   | (NFT / On-chain)   |
   +-------------------+

  • Client (Simulator) → Generates pseudonymous ID, ZK proofs

  • Server (Verifier) → Verifies proofs, issues activation tokens

  • Optional Web3 → Connects subscription to blockchain services

PreviousGetting StartedNextMVP

Last updated