> For the complete documentation index, see [llms.txt](https://parad0xlabs.gitbook.io/parad0xlabs-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://parad0xlabs.gitbook.io/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/dark-null-protocol.md).

# What It Is

### Prove who you are, and pay, and transact — without ever saying who you are.

<div align="center"><img src="/files/7hCPDahFt1jcqHx2p4wd" alt="Nully, masked up" width="170"></div>

***

## The Identity Problem

Every online identity system has the same flaw: to prove you are trustworthy, you have to reveal who you are.

Your wallet address is public. Your transaction history is traceable. Your account can be linked to your real identity. In Web3 (blockchain-based internet), "your wallet IS you" — and your entire history is exposed for anyone to read.

For AI agents, this is catastrophic. An agent that reveals its task history reveals its strategy, its clients, its earnings, and its weaknesses. Every job it has ever done is on-chain (recorded permanently on the blockchain) and readable by any competitor.

The assumption that transparency equals trust is wrong. You do not need to expose everything to prove something specific.

***

## The Dark NULL Family

Dark Passport is the flagship, but it is one of several privacy primitives under Dark NULL. Together they let an agent prove things, get paid, and move value without putting its identity, its counterparties, or its amounts on a public ledger. Each is at a different stage:

**Live on Solana mainnet:**

| Primitive                           | What it does                                                                                                                                                                              |
| ----------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Dark Passport — reputation gate** | Prove a track-record threshold (jobs, success rate, earnings) and reveal nothing else. A real proof has been verified on mainnet; replayed, forged, and tampered proofs are all rejected. |
| **Nullifier registry**              | One-time-use tokens — once a private proof is spent it can't be replayed or double-spent. The anti-cheat underneath everything else.                                                      |
| **x402 access gate**                | Unlock a paid endpoint by *proof*, not by account. The server learns you're allowed in; it never learns who you are.                                                                      |
| **Receipt commitment tree**         | A Merkle root of private receipts on-chain — prove a receipt exists without publishing the receipt.                                                                                       |

**Proven on devnet (mainnet is the next step):**

| Primitive                                                                                                          | What it does                                                                                                                                                                                         |
| ------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [**Shielded pool**](/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/shielded-pool.md)                 | Hide both the *sender* and the *amount* of a transfer behind a Groth16 proof. Sender-and-amount unlinkability runs end-to-end on devnet.                                                             |
| [**Stealth addresses / NullPay**](/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/stealth-nullpay.md) | Pay a `.null` name and the funds land at a fresh one-time address that can't be linked back to the name. Private pay-by-name.                                                                        |
| [**KVAC credential**](/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/kvac.md)                        | An anonymous keyed-verification credential — show "I'm authorized" with no account and no reusable identifier (a MAC over Ristretto; verified off-chain, spent once through the on-chain nullifier). |

**In design (next on the path):**

[GhostScore](/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/ghostscore.md) — pair the reputation gate with a paid x402 call so an agent can be *anonymous but accountable* on a per-call basis (identity-private; the payer's wallet is still its own visible address). Alongside it: a passkey "one name per person" Sybil gate and federated, ceremony-free ecash. These are designed, not shipped — on the roadmap, not live today.

The rest of this page goes deep on Dark Passport; the other primitives live alongside the [Groth16 stack](/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/how-it-works.md) and in `Parad0x-Labs/Dark-Null-Protocol`.

***

## What Dark Passport Is

**For someone new to crypto:** imagine you could prove to a stranger — "I have completed 10,000 jobs with a 99% success rate and earned $50,000" — without revealing which jobs you did, who hired you, when you did them, or how much each individual job paid. The stranger can verify your claim is mathematically true. But they learn nothing else about you. No history. No clients. No patterns.

That is a Dark Passport.

**For the technically inclined:** it is a ZK (zero-knowledge) proof — a cryptographic technique that lets you prove a statement about private data without revealing the data itself. The proof is generated from your own records. No company issues it. No authority can revoke it. The math guarantees the claim is true or the proof is invalid — there is no middle ground.

You hold your own reputation. You share only what you choose.

***

## Why This Matters

**For humans:** build a professional reputation without doxxing (exposing) yourself. A freelancer can prove their track record to a new client without handing over a portfolio that reveals past clients, rates, or working patterns.

**For AI agents:** accumulate trust across sessions — across many jobs, many clients, many networks — without leaking strategy. An agent proves it is reliable without exposing how it operates, what it has learned, or who it has worked for.

**For the Web0 stack:** your `.null` domain (your identity on the Web0 network) holds your reputation proof. Anyone resolving (looking up) your `.null` name gets cryptographic proof of your track record — without seeing your history. The name carries the credential. The history stays private.

***

## How It Works

```
Your private data           Your passport             What others see
─────────────────           ──────────────            ───────────────
Job #1: paid $200      →
Job #2: paid $800      →    ZK Proof                → "10,000 jobs,
Job #3: paid $400      →    (passport_hash)         →  99% success,
...                    →                            →  $50k earned"
Job #10,000: paid $120 →                            →  [verified ✓]
```

The proof is a single hash (a short fingerprint of data, like a digital seal) stored on-chain. Verifying it takes milliseconds. Generating it happens on your own machine, using your own data.

***

## The `.null` Connection

Every `.null` name registered on Web0 has a reserved slot in its on-chain account: `passport_hash` at byte offset 257 inside the PDA (Program Derived Address — a deterministic account on Solana controlled by the Web0 program).

Right now that slot exists and is initialized to zero. Once the ZK pipeline is live, you populate it with your proof. Anyone resolving `yourname.null` can read the proof and verify your reputation in a single RPC (Remote Procedure Call — a network request to the blockchain) call.

Your identity layer and your reputation layer are the same object. No separate credential system. No third-party issuer.

***

## Current Status

**Live on Solana mainnet today:**

* The **reputation gate** (`dark_reputation_gate`, `9nN7…`) is deployed, and a real private track-record proof has been **verified on mainnet** — replayed, forged, and tampered proofs all rejected.
* The **nullifier registry** (`dark_nullifier_record`) and the **x402 access gate** (`dark_x402_access_gate`) are live; their program ids are being finalized — retired/superseded — see config (pending).
* The `passport_hash` slot is live in every `.null` PDA (offset 257, 32 bytes), writable via `UpdatePassport` (`0x07`); the PDA schema is final — no migration needed when the rest lands.

**In progress:**

* Wiring the *specific* Passport circuits (job count, success rate, earnings range) onto the live gate, plus finality-grade anchoring.
* The shielded pool, stealth / NullPay, and KVAC credential are proven on devnet and queued for mainnet.

**The one external dependency:** full on-chain Groth16 *pairing* verification rides on **BN254 native curve operations** reaching Solana mainnet (the alt-bn128 syscalls, SIMD-0302). The reputation gate already verifies against the on-chain commitment today; the heavier pairing-based circuits go fully on-chain — with no change to the `.null` account — once those syscalls activate.

***

## Why Solana

ZK proof verification is computationally expensive. On Ethereum (the largest smart contract blockchain), verifying a proof on-chain costs hundreds of dollars in gas fees (transaction fees). On Solana, the same verification will cost fractions of a cent once BN254 is natively supported via SIMD-0302.

Cheap verification means reputation checks become a standard part of every transaction — not a luxury operation reserved for high-value contracts.

***

## The Bigger Picture

Dark Null Protocol is not a privacy feature bolted onto Web0. It is the answer to a question every decentralized network eventually hits: how do you build trust between strangers who do not want to identify themselves?

The answer is not to force identification. The answer is to make provable claims possible without identification.

A `.null` name with a Dark Passport is more trustworthy than a real name with a public transaction history — because the passport proves specific, verified facts, while the public history reveals everything and proves nothing specific.

***

## Contributing

The ZK circuit code will be open-sourced here once it's hardened and ready. Watch this repo.

For questions on the `.null` PDA schema or the SIMD-0302 dependency, open an issue.

***

*Part of the Web0 stack. Built for agents and the humans who work alongside them.*


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://parad0xlabs.gitbook.io/parad0xlabs-docs/dark-null-protocol-zk-privacy-and-identity/dark-null-protocol.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.