Documentation
Everything you need to integrate Glacis Protocol into your Starknet application.
Why Glacis
Sybil-resistant identity for Starknet. Glacis lets dApps verify that a wallet belongs to a unique human — no biometrics, no personal data stored, no trusted setup.
Post-Quantum Security
Built on STARKs (hash-based proofs), not SNARKs (elliptic curves). Resistant to quantum computing attacks. No trusted setup ceremony.
Zero Personal Data
No name, nationality, or biometric data on-chain or off-chain. Only a deterministic nullifier (Poseidon hash) and scoped pseudonyms.
Government-Grade Trust
Verification uses the cryptographic signature already on your passport's NFC chip, signed by your country's certification authority. No new trust assumptions.
Free for dApps
Querying isVerifiedHuman() is a free storage read. The user pays a one-time verification fee. Your dApp pays nothing.
Use Cases
- Governance: one-person-one-vote (no whale manipulation)
- DeFi: sybil-resistant airdrops, human-only lending pools
- Social: verified human interactions, anti-bot feeds
- Gaming: fair launches, anti-farming
Quick Start
Install the SDK and query verification status in under a minute.
1. Install
npm install @vauban/glacis-sdk2. Initialize the client
import { GlacisClient } from'@vauban/glacis-sdk';
// For mainnet
const glacis = new GlacisClient({ network:'starknet-mainnet' });
// For Sepolia testing
const glacisSepolia = new GlacisClient({ network:'starknet-sepolia' });3. Check if a wallet is verified
const isHuman = await glacis.isVerifiedHuman(walletAddress);
if (isHuman) {
// User has a valid STARK-verified identity
console.log('Verified human!');
} else {
// Redirect to Glacis mobile app for verification
console.log('Not verified yet');
}4. Get full attestation info
const info = await glacis.getAttestationInfo(walletAddress);
console.log(info);
// {
// verified: true,
// expiry: Date('2031-02-15'),
// revoked: false,
// expired: false,
// }5. Get scoped pseudonym
// Each app gets a unique pseudonym per user (privacy-preserving)
const pseudonym = await glacis.getScopedIdentity(
walletAddress,
'my_app_name'
);API Reference
new GlacisClient(config)
Create a new client instance. Defaults to read-only mode.
interface GlacisConfig {
network:'starknet-mainnet' |'starknet-sepolia';
providerUrl?: string; // Custom RPC endpoint
contractAddress?: string; // Custom verifier address
attestationTokenAddress?: string; // Custom attestation token address
}isVerifiedHuman(wallet: string): Promise<boolean>
Check if a wallet has a valid (non-expired, non-revoked) human attestation. Free on-chain read — no gas cost.
getScopedIdentity(wallet, appDomain): Promise<string>
Get the scoped pseudonym for a wallet in your application domain. Each app gets a unique pseudonym per user, preventing cross-app tracking. Returns '0x0' if not verified.
getAttestationExpiry(wallet): Promise<Date | null>
Get the expiration date of a wallet's attestation. Returns null if no attestation exists. Default TTL is 5 years.
getAttestationInfo(wallet): Promise<AttestationInfo>
Get full attestation details in a single call: verified, expiry, revoked, expired.
getAttestationDetails(wallet): Promise<AttestationDetails | null>
Get detailed attestation data including verified status, mint timestamp, and TTL. Returns null if no attestation exists.Added in v1.3.0
submitProof(account, submission): Promise<TransactionResult>
Submit a STARK proof for on-chain verification. Requires a starknet.js Account instance. Typically called from the mobile app, not from web integrations.
Contract Addresses
Starknet Mainnet
| Contract | Address |
|---|---|
| verifier | 0x002b3476ff9eb25b5df0fe19b08e802b8e9b8255ed65f6522ceb7527fab0d162 |
| nullifierRegistry | 0x06aead833697703c72900455c953c26122fd0cfddfd7c3c3ffd42d4d5a70eaa3 |
| attestationToken | 0x011a05f739a6e546365afaf59e07e762b7540b93b39ec1715c09e70c54d8b7cd |
| feeController | 0x01010b6701a2af9dc699d1496805a46d5b459fbef1a83c882a0df831749ce0eb |
| caRegistry | 0x014da7d335312e516e6778651ec9d585a379289734ac39cc633f03e699ac487c |
Starknet Sepolia
| Contract | Address |
|---|---|
| verifier | 0x051814c8a17ace1491a7203d9fac2525a32c0813fe44d78bb96ba8bd8737cf9c |
| nullifierRegistry | 0x042d1c440a3ed2f12c30b67384f5784e358d3c8e8f4c326536123750004c4ee0 |
| attestationToken | 0x0082d381f17ac9490c0de35f95f86916bececebb2a472398f64514982a5bf54c |
| feeController | 0x03cbaea371a242dd87f40dc58c1e8d32cf85222fdd396ff953a1ae4dbc9b7447 |
| caRegistry | 0x03425e2acdfdc36cfcc75a6cf7c4218d22b37875f6d5f823a7d1e529a7bb0015 |
Download App
Get the Glacis mobile app to verify your identity with your passport.
Requires Android 8.0+. Enable "Install from unknown sources" in your device settings.
FAQ
What data is stored on-chain?
Only a deterministic nullifier (Poseidon hash) and scoped pseudonyms. No name, nationality, date of birth, or any personally identifiable information. The nullifier cannot be reversed to recover passport data.
How long does verification last?
The Soulbound Token has a 5-year TTL by default, aligned with passport validity. Users can renew by re-verifying with their current or renewed passport.
Can a user have multiple wallets?
No. The nullifier is deterministic — the same passport always produces the same nullifier. A user can migrate their attestation to a new wallet using the migration flow, but they cannot hold multiple active attestations simultaneously.
Is it quantum-resistant?
Yes. STARKs are based on hash functions (Poseidon), not elliptic curves. They are inherently resistant to quantum computing attacks, unlike SNARKs and most ECDSA-based systems.
What about biometrics?
Glacis does not use biometrics. No iris scanning, no face recognition. Identity is proven via the government-signed digital signature on the NFC chip in your passport.
How does this compare to Worldcoin?
Worldcoin requires iris scanning (biometrics) and uses SNARKs (not quantum-resistant). Glacis uses NFC passport reading (no biometrics) and STARKs (quantum-resistant). Both solve sybil resistance, but with fundamentally different trust assumptions.