I was wondering how we could solve the issue of account verification on blurt so that there would be no need to collect any data about a given person in the blockchain network or even about who verified themselves with what data and in connection with what nickname.

After all, I think that everyone would like to be sure that, for example, a given person is a real person, but at the same time no one would want to be able to link any account to their data if the person does not wish it, and preferably not at all.

So I came up with this idea.

Since there are verification databases in which you can verify someone's identity, for example KYC, the following system could be created:

1. A person sends an encrypted transaction signed with their key via the blockchain network, which, however, does not save the data, but only the confirmation of sending such a transaction, assigned to specific data. The blockchain only saves the size of the transaction and other parameters, not the data about the person.

2. The API of the database, which is able to verify the correctness of the person's data, gives the blockchain a response whether the data has been verified correctly.

3. The blockchain saves the API response. If the response is true, it generates a verification key that is assigned to the given account and permanently verifies the account as coming from the given person. We do not know who this person is, what their name is and who they are. Even if someone breaks the security or takes over the keys of a given account, we are not able to determine who it actually belonged to. We only know that they were verified as a real person.

4. Each subsequent account created by this account is signed with the same key as belonging to the same person without the need for repeated verification.

Of course, this is just such a concept, but it seems quite sensible. The most problematic situation would seem to be the transfer of accounts, but here it would be possible, for example, to reset the verification key, saved in the blockchain network, using your own key, the owner, and the issue of the situation when someone previously somehow impersonates a given person and the real person is unable to verify themselves. The third problem is the record in the verification database itself that a given person verified themselves at a given time and there is a correlation between the blockchain record and the query to the database, which could reveal to the government, for example, who owns a given account, but I think that there would be solutions for this too.

In this way, we have KYC without KYC and the problem of fake AI accounts is gone.

I also asked Chat gpt for his opinion :P See what he threw out on this topic:

---

Encrypted Account Verification on Blurt

Is it possible for a user to verify their account as legitimate by providing their data, based on a database such as PESEL or other documents, but in a way that the verification happens P2P between the database and the verifier, while also not bypassing the blockchain at any stage, ensuring fraud prevention? Additionally, the data provided by the verifier should be readable only by them using their MEMO key.

System Assumptions:

1. P2P verification between the database (e.g., PESEL) and the user – the user's data is checked in the database but is not stored in a readable form or accessible to others.
2. Use of blockchain – registering proof of verification in an immutable manner.
3. Data encryption – the user provides their data for verification, but only they can read it later (e.g., using the MEMO key in Blurt).
4. Fraud prevention – the system prevents identity fraud or multiple verifications under different identities.

How it Could Work

1. User Verification Process

a) User Initiates Verification

• The user enters the required data (e.g., name, surname, PESEL, ID document) in the verification application.
• The data is encrypted locally on the user's device using their private key.

b) Verification Against the Database

• The encrypted data is sent to a verification server, which has access to the PESEL database (or another identity registry).
• The server checks the data's validity and generates a cryptographic proof of verification.
• The server never stores the user’s data—only confirming its authenticity.

c) Recording on the Blockchain

• The verification proof (hash of the user's data + verification result) is stored in Blurt's blockchain as a MEMO transaction.
• The data is encrypted with the user’s public key, meaning only they can read it.

2. Privacy Protection and Security

1. No sensitive data is stored – the blockchain holds only encrypted information, and the PESEL database does not retain a history of the user.
2. MEMO Key Encryption – only the user can decrypt their verification status using their private key.
3. Immutable Verification Proof on Blockchain – any tampering attempt is impossible since blockchain records each transaction permanently.
4. Fraud Prevention – if a user tries to verify a different identity, the blockchain can detect and block multiple attempts.

3. Example Technical Architecture

Technologies Used:

• Blurt Blockchain – for storing verification proofs.
• Cryptographic Keys (Ed25519, AES-256) – for encrypting and decrypting data.
• Intermediary Verification Server (e.g., PESEL API Validator) – to check data validity without storing it.
• Blurt Wallet – users can check their verification status by decrypting the MEMO in their wallet.

4. Practical Example of Use

1. The user wants to verify their identity → they enter their data → the data is encrypted.
2. The verification system checks its validity → generates a hash and records it on the blockchain.
3. The user can check their verification result by decrypting the MEMO in their Blurt wallet.
4. Other users cannot see their private data, but they can see a public verification proof (e.g., "Verified" without personal details).

Advantages of This Solution

✅ Security – data is not stored in plaintext, and only the user can access their verification status.
✅ Immutability – blockchain prevents fraud and records every verification attempt.
✅ Anonymity – only the user has access to their data, while others see only a verification confirmation.
✅ P2P and Decentralization – blockchain ensures independence from centralized systems.

---

Then I expressed my doubts about the issue of saving data:

But the blockchain would have to somehow mediate in the transfer of data to prevent, for example, an attempt to cheat and save a false verification. how to do it so that the data does not have to be saved on the blockchain at the same time?

---

To ensure that the blockchain intermediates in data transmission and prevents fraud (e.g., fake verification records) while not storing user data directly on the blockchain, a zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) mechanism or interactive zero-knowledge cryptography can be used. This allows verification without revealing data and without the need to store it on the blockchain.

How It Works?

1. User Encrypts Their Data Locally

• They generate a private key and a public key.
• They encrypt their personal data (e.g., PESEL, ID document) locally on their device.
• They generate a cryptographic proof confirming the correctness of the data.

1. Blockchain as an Intermediary in Verification

• The user sends the encrypted proof to a smart contract on the blockchain, which executes zk-SNARKs to verify the authenticity of the data.
• The contract does not know the user’s actual data but can confirm whether it matches a real record in the database (e.g., PESEL).

1. An Intermediary Server Queries the Database

• The blockchain passes the encrypted query to a server that has access to the PESEL database (or another registry).
• The server checks if the data exists in the database, but never reveals the full data to the blockchain.
• If the data is valid, it generates another zero-knowledge proof and sends it back to the blockchain.

1. Blockchain Stores Only the Verification Proof, Not the Data

• It stores a hash of the verification result on the blockchain but not the personal data itself.
• Only the user can access their verification status using the MEMO key.

Fraud Prevention

🚫 Fake verification is impossible because:

• The data is encrypted and verified directly with the database, meaning users cannot provide false information.
• The blockchain only stores proof that verification was successful, without storing actual personal data.
• Impersonation is prevented, as only authentic data from the PESEL database can pass verification.

Key Benefits of This Approach

✅ Security – Data is never exposed, and blockchain only confirms verification.
✅ Anonymity – Users do not reveal their personal data, only the proof of validity.
✅ Immutability – Blockchain records every verification attempt, preventing fraud.
✅ No need to store personal data on the blockchain – Only a cryptographic proof is recorded.

Example Technical Workflow

1. User encrypts their data locally and generates a zk-SNARK proof.
2. Blockchain sends an encrypted query to the verification server (e.g., PESEL API).
3. The server confirms data validity and generates another zk-SNARK proof.
4. Blockchain records the verification result as a hash – the user can decrypt it with their MEMO key.
5. No one knows the user’s actual data, but the blockchain ensures a secure verification process.

---

So as it turns out, something like zk-SNARKs already exists and I'm just reinventing the wheel.

So I am throwing this whole concept out as an idea to verify and remember that such an idea appeared at all, but if we want to somehow verify users, limit spam and filter bot accounts from real users, and at the same time provide some level of verification on our blockchain without storing sensitive data and allowing anyone to identify who is who, it might be worth exploring this topic more broadly and seeing how it could be implemented in the blurt network.

I invite you to discuss and verify the idea, as well as express your opinion on the subject.