Level-2 Identity Verification

[Proposal setup] Proposal title

Please provide your proposal title

Level-2 Identity Verification

[Proposal Summary] Budget Information

Enter the amount of funding you are requesting in ADA

75000

[Proposal Summary] Time

Please specify how many months you expect your project to last

9

[Proposal Summary] Translation Information

Please indicate if your proposal has been auto-translated

No

Original Language

en

[Proposal Summary] Problem Statement

What is the problem you want to solve?

Cardano dApps lack a privacy-preserving, uniform Level‑2 identity/KYC layer to unlock compliant features (age/country/PEP gating) while keeping user PII off‑chain and under user control

[Proposal Summary] Project Dependencies

Does your project have any dependencies on other organizations, technical or otherwise?

No

Describe any dependencies or write 'No dependencies'

No dependencies

[Proposal Summary] Project Open Source

Will your project's outputs be fully open source?

Yes

License and Additional Information

https://github.com/ptanh05/Level-2-Identity-Verification

[Theme Selection] Theme

Please choose the most relevant theme and tag related to the outcomes of your proposal.

Identity & Verification

[Campaign Category] Category Questions

Describe what makes your idea innovative compared to what has been previously funded (whether by you or others).

Wallet-native L2 identity: binds DID ↔ Cardano wallet (Eternl first) via CIP‑30/CIP‑8, no custodial accounts.

Privacy by design: selective disclosure + offline verification; revocation via StatusList; dApps see only necessary info (e.g., “over 18”).

Developer-first UX: lightweight open-source verify SDK + sample dApp; minimal infra, swappable KYC adapters.

Optional on-chain attestations: store only commitment hashes in UTxO for auditability, no PII leaks.

Open standards & interop: W3C VC/DID, compatible with Atala PRISM or Veridian/KERI‑ACDC; future wallets via CIP‑30 adapters.

Describe what your prototype or MVP will demonstrate, and where it can be accessed.

MVP (M3) showcases full privacy-preserving flow:

• Connect wallet (Eternl) → sign challenge (CIP‑8) → bind DID.

• Receive Level‑2 VC from sandbox issuer (age‑over‑18, country, PEP flag).

• Present selective-disclosure proof to sample dApp → gated features unlock; revocation via StatusList.

• (Optional) On-chain attestation UTxO with commitment hash for audit.

Access:

• Public testnet demo + code on GitHub (spec, issuer, verify SDK @levl2did/verify, sample dApp).

• Docs with quick-start, API, videos; pilot partners get sandbox + keys.

Describe realistic measures of success, ideally with on-chain metrics.

Quantitative KPIs

• Adoption: ≥2 pilot dApps by Month 7; ≥5 integrated dApps/DAOs by Month 9.

• Usage: ≥5,000 verification sessions/month during beta; P95 verification latency < 1.5s; success rate > 99%.

• Dev ecosystem: SDK weekly downloads, stars/issues, and community integrations.

On‑chain metrics (from M4 optional attestation):

• Of Levl2DID attestation UTxOs created (under our published policy/script hash) per epoch.
• Of distinct wallet addresses creating/consuming those UTxOs.
• Of revocation/status updates referenced on‑chain (if anchored) and median time‑to‑propagate.

[Your Project and Solution] Solution

Please describe your proposed solution and how it addresses the problem

Levl2DID provides a Level‑2 identity layer for Cardano:

• Users complete one-time KYC with a compliant provider. The issuer service converts validated attributes (age over 18, nationality, PEP/sanctions flags) into a W3C Verifiable Credential (VC) signed by an issuer DID. No raw PII is placed on-chain.

• Wallet binding: Using CIP‑30 (Eternl) and message signing (CIP‑8), a holder agent binds the user’s wallet address to their DID, proving control of the address without revealing PII.

• Selective disclosure: dApps use our open-source verify SDK to request only the minimum claims (e.g., “over 18” or “resident=VN”) via ZK/SD techniques supported by the chosen SSI stack. Verification occurs locally against issuer keys and revocation lists (StatusList 2021), avoiding phone-home to protect privacy.

• Optional attestation-on-chain: For auditability, dApps may record a commitment hash UTxO (schema+issuer DID+subject DID hash). This is optional and never stores PII.

Why this approach:

• It aligns with W3C standards, keeps PII off-chain, is wallet-native via CIP‑30, and is simple for dApp developers (1–2 function calls).

• Beneficiaries include dApps needing compliance gating (launchpads, marketplaces, DeFi with jurisdictional blocks) and users retaining privacy and control over identity proofs.

This strengthens Cardano’s app-layer safety and compliance readiness without compromising self-sovereignty.

[Your Project and Solution] Impact

Please define the positive impact your project will have on the wider Cardano community

Value to Cardano:

• Compliance unlock: Enables age/country/PEP gating so more real-world and regulated use cases can launch on Cardano.

• Privacy by design: Selective disclosure and offline verification keep users safe and reduce liability for dApps.

• Developer velocity: Open-source SDK, examples, and trust registry lower integration cost.

Measurement:

• # of integrated dApps/DAOs (target ≥ 2 pilots by Month 7; ≥ 5 by Month 9 post‑release)

• Verification sessions/month (target ≥ 5,000 in beta)

• P95 verification latency (< 1.5s) and success rate (> 99%)

• Community adoption (SDK installs, GitHub stars/issues, workshop attendance)

Sharing outputs:

• Public repos, docs site, tutorials, and recorded workshops; periodic forum posts and Catalyst reports; pilot case studies.

[Your Project and Solution] Capabilities & Feasibility

What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

Capability & Governance:

• Leadership: Anh Phung (PO/Lead Dev) and Bao Nguyen (Founder/TL/PM) provide technical/product leadership and delivery governance. Business strategy is guided by An Vu (BA/Advisor) with support from Van Tran (BA Jr/PA) and Duong Pham (Finance/Marketing/Ops).

• Engineering capacity: Vu Nguyen (full‑stack), Khanh Pham (Blockchain/Smart contract), Giap Mai (Web3 + Comms), Phuc Pham (testing/optimization), and Phat Phan (research/ZK). Together they cover CIP‑30 wallet integration, issuer agent, verify SDK, on‑chain attestation scripts, and security/performance research.

• Trust & accountability: Milestone‑based delivery with public repos, monthly updates, PoAs (code, demos, docs), and financial tracking by Ops. Multi‑sig fund management, internal peer‑review, and external security review in M6.

Feasibility Validation:

• Alpha (M1–M2): Eternl wallet binding via CIP‑30/CIP‑8, DID creation, and local VC verification with SSI SDK stubs; issuer agent issuing minimal claims.

• Interop tests (M3): Verify SDK passes conformance tests for selective disclosure and StatusList revocation without phone‑home; sample dApp gates features based on proofs.

• Beta pilots (M5): ≥2 dApps integrate SDK; we track P95 latency (<1.5s), success rate (>99%), and simulate revocation/expiry. Findings feed M6 hardening.

Funds Handling:

• Transparent budget allocations (engineering, security review, KYC sandbox, infra, community). Disbursements tied to PoAs. Incident runbook and key‑rotation policy documented in M6.

[PROJECT MILESTONES] What are the key milestones you need to achieve in order to complete your project successfully?

Answer:

M0 (Weeks 1–2): Governance & compliance framing — PRD, data flows, threat model, privacy impact, trust registry draft. PoA: spec repo + docs.

M1 (Weeks 3–6): Wallet binding (Eternl) — CIP‑30 connect, CIP‑8 signing, DID creation; mini SDK. PoA: demo dApp + code + tests.

M2 (Weeks 7–12): Issuer service & KYC adapter — issue VC with minimal claims; revocation model (StatusList). PoA: issuer agent + schema + admin console.

M3 (Weeks 13–16): Verify SDK & sample dApp — selective disclosure, offline verify. PoA: NPM package + sample + e2e tests.

M4 (Weeks 17–18): Optional on‑chain attestation — commitment UTxO design and scripts. PoA: scripts + rationale doc.

M5 (Weeks 19–24): Beta with 2 pilot dApps — telemetry and feedback. PoA: MoUs/LoIs + metrics dashboard.

M6 (Weeks 25–28): Security hardening & key rotation policies — audit fixes. PoA: audit report + changelog.

M7 (Weeks 29–36): Docs, OSS release, workshops & close‑out — tutorials, videos, community rollout. PoA: repos, guides, close‑out report/video.

[Milestones] Project Milestones

Milestone Title

Infrastructure & Equipment Setup

Milestone Outputs

Purchase 10 laptops (1,050 ₳ each) for the core development team to ensure standardized performance and reliability across contributors.

Acquire necessary supporting software and tools (e.g., Cursor, Windsurf, collaboration tools, monitoring services) to accelerate productivity and improve coordination.

Procure a dedicated PC server for backend testing, stress testing, and simulation of high-load credential issuance scenarios.

Allocate a contingency fund for unforeseen technical setup requirements such as additional storage, licenses, or backup equipment.

Acceptance Criteria

All laptops, servers, and supporting tools are delivered, configured, and validated as operational before active development starts.

The setup must enable a fully synchronized dev environment for collaborative work (e.g., shared repos, CI/CD pipelines, and monitoring).

Evidence of Completion

Invoices for all purchased equipment and licensed tools.

Setup verification & readiness report confirming that all systems are fully operational.

Delivery Month

1

Cost

15000

Progress

20 %

Milestone Title

System Architecture & Wallet Binding

Milestone Outputs

Define comprehensive data flows, draft trust registry architecture, and identify potential privacy and security threats.

Implement wallet binding through Eternl using CIP-30 (dApp connector) and CIP-8 (signed data) to establish secure DID ↔ wallet relationships.

Deliver a lightweight verify SDK prototype for selective disclosure tests, enabling verification of minimal claims without requiring central servers.

Acceptance Criteria

PRD and system design finalized with a focus on privacy, interoperability, and security protocols.

Demo dApp demonstrates successful DID-to-wallet binding in real-time.

SDK provides claim verification locally, ensuring privacy-first principles and no dependency on third-party servers.

Evidence of Completion

Architecture document, finalized PRD, and threat model documentation.

Technical repository containing specs, drafts, and implementation notes.

Demo dApp + source code with unit tests and integration tests available on GitHub.

Delivery Month

2

Cost

15600

Progress

40 %

Milestone Title

Issuer Service & Verifiable Credential Issuance (MVP)

Milestone Outputs

Build a functional issuer agent service integrated with a sandboxed KYC adapter.

Enable issuance of Verifiable Credentials (VCs) such as age, nationality, and politically exposed person (PEP) flag, with a revocation mechanism based on StatusList 2021.

Extend SDK for developers to verify claims and integrate into a sample dApp for access control.

Acceptance Criteria

Issuer agent issues valid W3C-compliant VCs based on sandbox KYC data.

Revocation process is fully functional, ensuring invalid credentials are recognized instantly.

Sample dApp successfully demonstrates real-world gating based on VCs (e.g., age-restricted access).

Evidence of Completion

Issuer agent, schema, and admin console implemented.

Deployment logs from testnet showing issuance, verification, and revocation in action.

GitHub repo updated with extended SDK and dApp integration code.

Delivery Month

2

Cost

16240

Progress

60 %

Milestone Title

Pilot Launch with dApps & Security Review

Milestone Outputs

Run a structured beta pilot program with at least 2 dApps to validate functionality in real use cases.

Collect performance metrics including verification latency, error rates, and overall success rates.

Commission an external security audit to assess vulnerabilities, and integrate remediation fixes.

Acceptance Criteria

At least 2 pilot dApp integrations live by Month 7, each actively issuing and verifying credentials.

Verification sessions ≥5,000 per month, ensuring scalability and real adoption.

Measured performance: P95 latency < 1.5s and success rate > 99% across all verification flows.

Independent audit completed, report published, and necessary fixes integrated into production.

Evidence of Completion

Signed pilot MoUs or LoIs with dApp partners.

Metrics dashboard with verification KPIs (latency, success/failure rates).

Finalized audit report + changelog of applied security fixes.

Delivery Month

2

Cost

16640

Progress

80 %

Milestone Title

Full Deployment & Open-Source Release

Milestone Outputs

Public mainnet release of Levl2DID, with optional on-chain attestation stored via commitment UTxOs for verifiable transparency.

Publish verify SDK to NPM, along with sample dApps, issuer templates, and comprehensive developer documentation under the Apache-2.0 OSS license.

Execute a community rollout campaign including workshops, tutorials, and governance model exploration to ensure broad ecosystem adoption.

Acceptance Criteria

Mainnet application fully operational with all core features.

SDK available via NPM, with well-documented APIs and example integrations.

Community engagement demonstrated with ≥1,000 combined views/downloads of educational content.

Evidence of Completion

Public GitHub repos with source code, documentation, and OSS release tag.

Mainnet application URL with demo/test accounts.

Community materials: video tutorials, guides, and reports from live workshops.

Delivery Month

2

Cost

16520

Progress

100 %

[Final Pitch] Budget & Costs

Please provide a cost breakdown of the proposed work and resources

Our proposal is expected to be divided into 5 milestones with the estimated budget as follows:

Milestone 0: Infrastructure & Equipment Setup — 15000 ADA ⇔ 20.0% (We really need this first to make the best preparation for developing Levl2DID Project)

Milestone 1: System Architecture & Wallet Binding — 15600 ADA ⇔ 20.8%

Milestone 2: Issuer Service & Verifiable Credential Issuance (MVP) — 16240 ADA ⇔ 21.65%

Milestone 3: Pilot Launch with dApps & Security Review — 16640 ADA ⇔ 22.19%

Milestone 4: Full Deployment & Open-Source Release — 16520 ADA ⇔ 22.03%

Grand Total: 75000 ₳.

View Details Here: https://docs.google.com/spreadsheets/d/1VGYtyT9-BQPS1XIoilDHP3zCntR3vpOiiv5HF8p80ko/edit?usp=sharing

[Final Pitch] Value for Money

How does the cost of the project represent value for the Cardano ecosystem?

The budget focuses on shipping core, reusable OSS assets (verify SDK, sample dApp, trust registry tooling) that immediately reduce integration cost for many dApps. Personnel rates align with regional market medians for experienced blockchain/SSI engineers and part‑time security review. By using selective disclosure and offline verification, we minimize ongoing infra costs; optional on‑chain attestation avoids storing PII and reduces legal exposure for integrators. The result is a durable, composable identity layer that unlocks compliant use cases across Cardano at a fraction of the cost of bespoke KYC integrations per dApp.

[Required Acknowledgements] Consent & Confirmation

Terms and Conditions:

Yes