Zero-Knowledge GitHub Developer Attestations on Solana
VeriSol enables developers to mint compressed NFTs (cNFTs) that cryptographically prove their GitHub contributions without revealing sensitive data. Built with Anchor, Bubblegum, and Circom.
πΊ Watch the full demonstration β
See VeriSol in action: wallet connection, GitHub OAuth, ZK proof generation, and compressed NFT minting on Solana devnet.
- Node.js 18+ and npm
- Rust and Cargo
- Solana CLI configured for devnet
- Anchor CLI 0.29+
- Git
git clone https://github.com/krewdev/solana-zk.git
cd solana-zk
npm install# Copy example environment file
cp frontend/.env.local.example frontend/.env.localRequired Environment Variables:
# GitHub OAuth (create at https://github.com/settings/developers)
GITHUB_ID=your_github_app_id
GITHUB_SECRET=your_github_app_secret
# NextAuth (generate: openssl rand -base64 32)
NEXTAUTH_SECRET=your_nextauth_secret
NEXTAUTH_URL=http://localhost:3000
# Helius API (get free key at https://helius.xyz)
NEXT_PUBLIC_HELIUS_API_KEY=your_helius_api_key
# Program deployment (auto-populated by setup scripts)
NEXT_PUBLIC_PROGRAM_ID=mUQFmu8w9jf4RGd5cHE6Y54y1B7Bou5an5Rvezu9GY6
NEXT_PUBLIC_MERKLE_TREE=will_be_generated
NEXT_PUBLIC_TREE_AUTHORITY=will_be_generated# 1. Build and deploy the Solana program
cd solana-program
anchor build
anchor deploy
# 2. Create compressed NFT infrastructure
cd ..
node setup-real-cnft.mjs
# 3. Install frontend dependencies
cd frontend
npm install# Start frontend (from frontend/ directory)
npm run dev
# Visit http://localhost:3000- Anchor Program (
solana-program/): On-chain ZK proof verification + cNFT minting - Next.js Frontend (
frontend/): Wallet integration, GitHub OAuth, proof generation - Circom Circuit (
zk-circuit/): Zero-knowledge proof system for GitHub data - Setup Scripts (root): Automated Merkle tree and infrastructure deployment
- Privacy-Preserving: Prove GitHub activity without exposing specific repos/commits
- Compressed NFTs: Low-cost attestations using Metaplex Bubblegum
- Flexible Verification: Support for multiple proof types and verifiers
- Developer UX: Simple wallet connection + GitHub OAuth flow
- Connect Wallet: Phantom, Backpack, or other Solana wallet
- GitHub Authentication: OAuth login to access profile data
- Select Verifier: Choose proof type (follower count, repo count, etc.)
- Generate Proof: Client-side ZK proof generation using snarkjs
- Mint cNFT: On-chain verification + compressed attestation minting
- Verify On-Chain: Public verification of attestations
cd solana-program
anchor build
anchor testcd frontend
npm run dev # Development server
npm run build # Production build
npm run lint # ESLint checkscd zk-circuit
node run_proof.mjs # Recompile circuit and generate test proof
# Update frontend assets
cp circuit.wasm ../frontend/public/zk/
cp circuit_final.zkey ../frontend/public/zk/
# Update program verification key
node convert-vk.mjs # Updates solana-program/src/verifier.rsβββ frontend/ # Next.js application
β βββ components/ # React components
β βββ pages/ # Next.js routes
β βββ lib/ # Anchor IDL and utilities
β βββ public/zk/ # Circuit artifacts
βββ solana-program/ # Anchor Solana program
β βββ src/lib.rs # Main program logic
β βββ src/verifier.rs # ZK proof verification
β βββ tests/ # Program tests
βββ zk-circuit/ # Circom ZK circuit
β βββ circuit.circom # Circuit definition
β βββ run_proof.mjs # Build and test script
βββ zk-artifacts/ # Compiled circuit outputs
βββ *.mjs # Setup and utility scripts
-
Configure Mainnet:
solana config set --url https://api.mainnet-beta.solana.com -
Update Program ID:
# In solana-program/src/lib.rs and frontend/.env.local # Generate: solana-keygen new -o deploy-keypair.json
-
Deploy Program:
cd solana-program anchor build anchor deploy --provider.cluster mainnet -
Create Production Tree:
node setup-real-cnft.mjs
Update frontend/.env.local with production values:
- GitHub OAuth app with production callback URL
- Mainnet RPC endpoint (Helius, QuickNode, etc.)
- Production domain for
NEXTAUTH_URL
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open Pull Request
MIT License - see LICENSE file for details.
- Live Demo (when deployed)
- Documentation (coming soon)
- Discord (coming soon)
Built with β€οΈ for the Solana ecosystem
frontend/: Next.js 14 app with wallet + GitHub OAuth, proof generation, and mint workflows.zk-circuit/&zk-artifacts/: Circom sources, trusted-setup automation, and ready-to-use proving/verifying keys.- Root scripts for allocating Bubblegum merkle trees and syncing environment files.
Use this document to go from clone to a working demo or redeployable build.
git clone https://github.com/krewdev/solana-zk.git
cd solana-zk
# Install root utilities (tree setup scripts)
npm install
# Install frontend deps
cd frontend
npm install
# Copy env template and fill in secrets
cp .env.local.example .env.local
# Start the Next.js dev server
npm run devVisit http://localhost:3000 to connect a devnet wallet, sign in with GitHub, and test proof generation. See Environment Variables for the required values.
| Tool | Version | Notes |
|---|---|---|
| Node.js | >= 18 | Required for frontend and scripts. |
| npm | >= 9 | Matches the generated lockfiles. |
| Rust toolchain | stable | Needed for Anchor builds. |
| Solana CLI | >= 1.18 | Configure to devnet with solana config set --url https://api.devnet.solana.com. |
| Anchor CLI | >= 0.29 | cargo install --git https://github.com/coral-xyz/anchor anchor-cli --locked. |
| Circom (optional) | 2.1+ | Only needed if you regenerate zk artifacts. |
Before running anything, ensure your Solana CLI has a funded devnet keypair:
solana-keygen new --outfile ~/.config/solana/id.json # skip if you already have one
solana config set --url https://api.devnet.solana.com
solana airdrop 2Duplicate frontend/.env.local.example and provide real values:
GITHUB_ID=... # GitHub OAuth App Client ID
GITHUB_SECRET=... # GitHub OAuth App Secret
NEXTAUTH_SECRET=... # Random 32-byte string (openssl rand -base64 32)
NEXTAUTH_URL=http://localhost:3000
NEXT_PUBLIC_HELIUS_API_KEY=... # Optional but recommended for RPC performance
NEXT_PUBLIC_PROGRAM_ID=... # Anchor program ID (defaults to mUQFmu8w9jf4RGd5cHE6Y54y1B7Bou5an5Rvezu9GY6)
NEXT_PUBLIC_MERKLE_TREE=... # Bubblegum tree public key
NEXT_PUBLIC_TREE_AUTHORITY=... # Derived authority PDA for the tree
When the tree setup scripts run they automatically patch frontend/.env.local with the latest tree addresses.
cd solana-program
anchor build # produces target/idl and target/types
# Optional: deploy your own program id. Requires Anchor wallet funding.
anchor deploy
# Copy refreshed IDL and type definitions into the frontend if you redeploy
cp target/idl/aletheia_protocol.json ../frontend/lib/
cp target/types/aletheia_protocol.ts ../frontend/lib/The verifier currently accepts any non-empty payload for demo purposes. Uncomment the real Groth16 verification path in solana-program/src/verifier.rs once you regenerate zk-artifacts/verification_key.json.
Run the TypeScript integration tests against devnet (mocks proof responses):
anchor test-
Precompiled artifacts live in
zk-artifacts/and are mirrored tofrontend/public/zk/. -
To rebuild the circuit and keys:
cd zk-circuit npm install node run_proof.mjs # orchestrates compilation, powers of tau, key gen, proof cp verification_key.json ../zk-artifacts/ cp circuit_final.zkey ../zk-artifacts/ cp circuit_js/circuit.wasm ../frontend/public/zk/ cp ../zk-artifacts/circuit_final.zkey ../frontend/public/zk/
-
After updating keys, refresh
solana-program/src/verifier.rswith the new constants and rebuild/deploy the Anchor program.
Use the provided scripts to allocate and configure a compressed NFT tree on devnet:
# From repository root
node simple-tree-setup.mjs # quick demo tree
# or
node setup-full-merkle-tree.mjs # full Bubblegum flowEach script reads the default CLI keypair and stores addresses in tree-addresses.json. It also updates the frontend .env.local. Inspect generated JSON before rerunning scripts; they are not idempotent.
Manual alternative commands:
node create-new-tree.sh
node prepare-merkle-tree.mjs
node finalize-merkle-tree.mjsRefer to create-* and setup-* scripts for variations (PDA trees, demo fallbacks, etc.).
cd frontend
npm run dev # start Next.js at http://localhost:3000- Connect a Solana wallet (Phantom, Backpack, etc.) to devnet.
- Click Sign in with GitHub to authorize NextAuth.
- Run Preflight to confirm program, tree, and RPC configuration.
- Use Mint Proof & cATT to generate a demo Groth16 proof and call
verify_and_mint.
For production builds:
cd frontend
npm run lint
npm run build
npm run start- Rebuild zk artifacts (optional) and update verifier constants.
anchor build && anchor deploywith the deployment keypair.- Copy refreshed IDL/type outputs into
frontend/lib/. - Regenerate merkle tree addresses and sync environment variables.
npm run buildinfrontend/and deploy to Vercel or your infra.- Commit updated artifacts, IDL, and environment templates.
- Program not found: Ensure
NEXT_PUBLIC_PROGRAM_IDmatches the deployed program and that it is on devnet. - Merkle tree missing: Run
Run Preflightin the UI; if it fails, re-run the tree setup script and confirm the tree authority. - Proof verification fails: With the demo verifier, proof bytes must be non-empty. Once the real verifier is enabled, confirm the circuit inputs align with
zk-circuit/input.json. - Anchor IDL mismatch: If frontend transactions fail with instruction layout errors, rebuild the program and copy the generated IDL + TypeScript types.
- RPC rate limits: Provide a Helius API key or custom RPC endpoint via
NEXT_PUBLIC_HELIUS_API_KEYandNEXT_PUBLIC_RPC_URLinfrontend/.env.local.
.
βββ frontend/ # Next.js dApp
βββ solana-program/ # Anchor program (Rust)
βββ zk-circuit/ # Circom sources and tooling
βββ zk-artifacts/ # Pre-built prover/verifier assets
βββ create-*.mjs # Bubblegum tree orchestration scripts
βββ README.md # You are here
MIT. See individual directories for additional notices if applicable.