StarkWare has rolled out a demo of “Private KYC” on Starknet that aims to solve a persistent crypto pain point: KYC checks that force users to hand over full identity documents when verifiers only need a single fact (like age or residency).
Why this matters now
- Companies that collect passports, addresses and other personal files create high-value targets for data breaches. The Identity Theft Resource Center tallied 3,322 U.S. data compromises in 2025 — a record and a 79% rise over five years — and IBM put the global average cost of a breach at $4.4 million in 2025. Crypto has its own examples: Ledger’s 2020 leak exposed more than 1 million emails plus names, phone numbers and addresses.
- StarkWare’s pitch: verification and privacy don’t have to be a trade-off. Instead of copying identity documents into every verifier’s database, users can prove specific facts without exposing underlying data.
How Private KYC works (fast summary)
- Users scan a passport with a phone. The camera and the phone’s NFC check the document’s authenticity and issuing authority signatures.
- Verified identity fields are encrypted and stored in the user’s Starknet wallet under a self-custody model.
- Users can register selected attributes in a public on-chain registry. Verifiers then accept zero-knowledge STARK proofs that a registered attribute is true — without ever seeing the passport, address or other raw data.
Tech foundation and context
- Private KYC uses zero-knowledge STARK proofs plus Starknet’s STRK20 privacy features for selective disclosure. STRK20, launched earlier this month, brings shielded balances and private transfers to ERC-20 tokens while preserving paths for lawful, targeted disclosure when needed.
- StarkWare emphasizes this is a risk-based compliance framework, not a legal pass: STRK20 and Private KYC are tools that can reduce data exposure but don’t eliminate KYC requirements.
How it differs from other privacy-ID projects
- World ID uses biometric proofs (notably iris scans) and has faced criticism for that approach. StarkWare’s demo focuses on passport checks, phone-based verification and selective disclosure via Starknet, keeping control with the user’s wallet rather than a centralized data holder.
Limitations and adoption hurdles
- Private KYC is a demo. Real-world rollout will hinge on legal review, integration by apps and verifiers, and more security audits to build trust.
- It doesn’t remove KYC obligations — it narrows what verifiers receive to the minimum necessary proof.
Why crypto watchers should care
- If adopted, Private KYC could reduce the incentive to hoard identity files across platforms, shrinking the attack surface for data breaches and lowering compliance friction for privacy-conscious users. It extends Starknet’s privacy roadmap from token privacy (STRK20) into identity, advancing a model where users prove facts, not hand over files.
Read more AI-generated news on: undefined/news
