ZK-PKI and PNS 2.0 going live on testnet this week

ZK-PKI: Hardware-Anchored Proof of Personhood for Polkadot: Testnet Live This Week

I’ve been building a blockchain-native PKI system as a Substrate FRAME pallet and filed a provisional patent this morning. Application 64/043,754. Now I can talk about it publicly. Been dying to tell you about it.

What it does

ZK-PKI issues identity certificates anchored to the hardware security chip already in your laptop or phone. The TPM or StrongBox generates a keypair that never leaves the device. The manufacturer’s attestation chain proves the hardware is genuine. The Endorsement Key, a device-unique identifier burned in at manufacture, is registered on-chain to enforce one proof-of-personhood certificate per physical device per trust hierarchy.

No biometrics. No eyeball scanning. No trusted third party. The hardware you already own is the proof.

Why it matters for Polkadot

Polkadot’s governance, airdrops, and community systems all assume one address equals one person. That assumption is wrong and everyone knows it. ZK-PKI fixes that at the protocol level with hardware-grade Sybil resistance.

What’s been built

• 267 tests passing across the workspace
• Verified against real hardware: Samsung S3K250AF StrongBox and AMD fTPM TPM 2.0 so far.
• Full cert lifecycle: root → issuer → template → offer → mint → continuous hardware integrity verification on every signing operation
• Paseo runtime end-to-end verified with production Config values
• JSON-RPC API for relying party verification, OCSP equivalent
• Inverted fee model: proof-of-personhood certs are cheapest, self-attested are most expensive. Hardware does the security work, users shouldn’t pay a premium for it.

Trust is contextual

A bank operates its own root. A government operates its own root. T-Mobile could operate its own root and issue proof-of-personhood certificates tied to SIM activation: hardware-attested calls, no more robocalls. Each root is an independent trust domain. Relying parties choose which roots they trust. Nobody is forced to accept anyone else’s certificates.

Testnet goes live this week on Paseo.

Technical specification available on request. Looking for feedback from the Fellowship and anyone building identity, governance, or reputation systems on Polkadot.

PNS2 needs no intro. Its lightweight, and Ive created a new class of external web2 client called the snorkel. One end is a UDP port for serving DNS requests, the other end connects to the network to fetch data from the blockchain if its not cached or the TTL expired. Snorkels have a built-in janitor function that calls ‘cleanup()’ extrinsics on-chain to reap deposits from expired PNS records or X.509 zkpki certs to make it economical.

also, I dont like this “money pot the validators get paid from” 3rd party risk, so 40% of all minting fees get paid directly to the block creator. Validators, we love you please don’t go anywhere.

Prodigalwon ← Thatsa me!
substrate.icu. ← PNS2 root domain.
Patent Pending — US Application 64/043,754

Question: How is assuming one device equals one person any better than assuming one address equals one person?

Above, you already mention “laptop or phone”, this scenario already gives 2 potential certificates to each human.

You’re right that one person can have multiple devices. I didn’t claim otherwise and that’s a known tradeoff, but let’s put it in perspective.
The existing PoP approaches don’t solve this either. Pseudonym parties require you to physically show up. What stops someone from sending five people to five locations? Worldcoin requires an iris scan. What stops someone from using someone else’s iris or a synthetic one? The question isn’t whether a system is perfect, it’s whether it raises the cost of attack meaningfully.
What ZK-PKI actually eliminates is the bot farm and the VM farm. You cannot map many “persons” to one TPM. One TPM, one active PoP cert per root. You can map many TPMs to one person: yes. But that person now needs to physically own and manage each device, pay the mint fee on each, and keep each device enrolled. A fleet of laptops in a file box is a real cost, not a script.
The inverse attack, one bot controlling thousands of identities, is what we’re solving for. That’s what destroys governance systems, airdrops, and reputation networks today. ZK-PKI closes that specific vector with hardware economics.
Apple devices are ineligible for PoP by design. iOS doesn’t expose the hardware primitives needed. So the eligible universe is already narrowed to Android with StrongBox and Windows/Linux with TPM 2.0.
Could someone game it with a fleet? Yes. Is that the same threat model as a bot farm spinning up 100,000 addresses for free? No. Those are categorically different problems.

I’m just a casual observer, but it does make sense to mitigate the threat model from a single person using 100,000 VMs or addresses to the threat of a single person using 100,000 physical devices. Still technically doable, but adds a difficulty challenge in coordination and cost. And I suppose security is like building any fence. You make the task of getting in difficult enough that someone malicious decides it is not worth all the work. But someone motivated enough with a big enough ladder will still find a way.

There’s likely not to be a single unified Proof-of-Personhood aside from bringing every person on the planet together at the same time, in the same place. So a multi-layered approach may work in the interim.

Exactly this. Security is friction, not a wall. ZK-PKI shifts the attack from “run a script” to “buy hardware, manage a fleet, pay per cert.” Most attackers decide it’s not worth it at that point.
And you’re right that there’s no single unified solution. ZK-PKI is one layer. Reputation scoring is another. Governance design is a third. Stack them and the effective attack cost compounds. No single layer needs to be perfect.
The 100,000 physical devices scenario exists in theory. In practice, the person running that operation is no longer a bot farm; they’re a well-funded adversary with a logistics problem. That’s a different threat category that gets handled differently.

One point worth making explicit: ZK-PKI doesn’t govern governance. It provides the identity layer.

For something like OpenGov, the relevant root would be operated by whoever governs Polkadot: Parity, Web3 Foundation, Technical Fellowship, or whomever. They choose their own KYC requirements. They decide whether a passport check, a video call, or just hardware attestation is sufficient for their use case. Their issuer, their rules.

A sleeper fleet doesn’t survive that model. If the governance root requires KYC at issuance, each cert in that fleet represents a real verified identity that someone paid to create. That’s not a bot farm problem anymore. That’s an organized fraud problem with a paper trail.

Hardware attestation closes the cheap attack. KYC at the issuer layer closes the expensive one. ZK-PKI provides the infrastructure for both without mandating either.

It’s worth being precise about this because the distinction matters for anyone building on top of the system.

Hardware gate only (no issuer KYC)

The pallet enforces one active PoP certificate per physical device per root trust hierarchy. This stops bot farms and VM farms cold; you cannot map thousands of fake identities to one TPM. What it does not prevent is one person owning multiple devices. Someone with 12 laptops can hold 12 certificates.

This tier is the right tool for: reducing airdrop Sybil attacks, filtering bot traffic from comment sections and polls, making ticket scalping expensive rather than trivially automated, and any use case where raising the cost of attack is sufficient even if it doesn’t eliminate it entirely.

Hardware gate + issuer KYC

When an issuer performs identity verification before issuing a certificate; passport check, government ID, biometric match, whatever their standard is… the certificate carries the weight of that verification. The issuer has skin in the game through their on-chain reputation score. One person, one certificate under that root. This is where one-person-one-vote actually holds.

This tier is the right tool for: governance systems with real stakes, UBI distribution, professional licensing, clinical trial enrollment, authenticated communications, and anywhere that truly requires one identity per human.

The T-Mobile robocall scenario is Tier B. They already do KYC at SIM activation. ZK-PKI adds the hardware anchor on top of existing verification without requiring them to change their onboarding process.

The distinction matters because Tier A you can deploy today with no changes to existing user onboarding. Tier B requires an issuer who already has a KYC relationship with their users, which describes most regulated institutions already.