API

ZK ONE exposes a minimal, secure API layer that interacts with smart contracts, off-chain zk-proof generation, and identity management flows.

Authentication

Omega uses wallet-based authentication.

Authorization: Bearer <signature>
X-Wallet-Address: <address>

The client receives a challenge (/auth/challenge)

Signs the challenge in the wallet

Receives a session token

Identyty API

Upload Identity Document

Uploads user identity data → hashes → sends transaction → starts verification.

POST /api/identity/upload

Body

{
  "documentType": "passport",
  "file": "<base64-encoded-document>"
}

Response

{
  "hash": "0xabc123...",
  "txHash": "0xdef456...",
  "status": "pending_verification"
}

Get Identity Status

GET /api/identity/status?user=<address>

Response

{
  "documentType": "passport",
  "verified": true,
  "timestamp": 1712345678,
  "zkProofIncluded": true
}

Revoke Identity

Revokes a previously uploaded identity document.

POST /api/identity/revoke

Body

{
  "documentType": "passport"
}

Response

{
  "status": "revoked",
  "txHash": "0x9876abcd..."
}

Hash Data

Hashes sensitive data client-side → uploads hash to L2.

POST /api/data/hash

Body

{
  "payload": "base64-string-or-json"
}

Response

{
  "hash": "0xaa11bb22...",
  "txHash": "0xcc33dd44..."
}

Submit zk-Proof

Submit ZK proof for a document or data record.

POST /api/data/zk-proof

Body

{
  "dataHash": "0xaa11bb22...",
  "proof": {
    "a": "...",
    "b": "...",
    "c": "..."
  }
}

Response

{
  "verified": true,
  "contractTx": "0x1122aabb..."
}

Verify Data

Third-party checks whether the provided data matches the on-chain hash.

POST /api/data/verify

Body

{
  "providedHash": "0xaa11bb22..."
}

Response

{
  "valid": true,
  "timestamp": 1712345678
}

Access Control API

Grant Access

POST /api/access/grant

Body

{
  "targetAddress": "0x123...",
  "resource": "passport"
}

Response

{
  "granted": true,
  "txHash": "0xaabbccddee..."
}

Revoke Access

POST /api/access/revoke

Body

{
  "targetAddress": "0x123...",
  "resource": "passport"
}

Response

{
  "revoked": true,
  "txHash": "0xdeadbeef..."
}

Get Access List

GET /api/access/list?resource=<name>

Response

{
  "resource": "passport",
  "authorizedUsers": [
    "0x111...",
    "0x222..."
  ]
}

Smart Contract Interfaces

Below are the ABI-level contract definitions used by Omega.

DataVerificationContract

Functions

storeHash(bytes32 hash)

Stores a new hash of user data on-chain.

Returns: bool success

verifyHash(bytes32 providedHash)

Checks whether the provided hash matches the stored one.

Returns: bool valid

submitProof(bytes proof)

Submits a zk-proof for verification.

Returns:

(bool valid, address verifier, uint256 timestamp)

grantAccess(address target, string resource)

Updates access control mapping.

revokeAccess(address target, string resource)

Removes access from a user.

getAccessList(string resource)

Returns list of allowed addresses.

PreviousSecurity Model

Last updated 2 months ago

Good night

hashtagAuthentication

hashtagIdentyty API

hashtagUpload Identity Document

hashtagGet Identity Status

hashtagResponse

hashtagRevoke Identity

hashtagBody

hashtagHash Data

hashtagBody

hashtagSubmit zk-Proof

hashtagBody

hashtagVerify Data

hashtagBody

hashtagAccess Control API

hashtagBody

hashtagRevoke Access

hashtagBody

hashtagGet Access List

hashtagResponse

hashtagSmart Contract Interfaces

hashtagDataVerificationContract

hashtagFunctions

Authentication

Identyty API

Upload Identity Document

Get Identity Status

Response

Revoke Identity

Body

Hash Data

Body

Submit zk-Proof

Body

Verify Data

Body

Access Control API

Body

Revoke Access

Body

Get Access List

Response

Smart Contract Interfaces

DataVerificationContract

Functions