Skip to main content

Documentation Index

Fetch the complete documentation index at: https://nexaid.hashkey.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Verification Logics and Private Data

By default, a zkTLS attestation can return the verified field values in plaintext. This is the simplest mode, but it is not always the right choice when the proved data is privacy-sensitive. To handle this, NexaID SDKs support a shared concept called verification logics. In practice, verification logics are expressed through zkTLS operations that decide how each verified field should be processed before it is returned in the attestation. The three most common patterns are:
  • Plaintext result: reveal the verified value directly
  • Hashed result: return a digest such as SHA256 instead of the raw value
  • Condition result: return whether a comparison such as >, <, = or != is satisfied
In the current SDK documentation, verification logics are configured in Network-JS-SDK through attConditions.

Supported zkTLS Operations

Using comparison operations inside the attestation is an effective way to avoid exposing raw data while still proving useful facts about it. The supported comparison operators include:
  • >: verifies whether the data item is greater than a target value
  • <: verifies whether the data item is less than a target value
  • =: verifies whether the data item is equal to a target value
  • !=: verifies whether the data item is not equal to a target value
  • >=: verifies whether the data item is greater than or equal to a target value
  • <=: verifies whether the data item is less than or equal to a target value

Hash Operations

SHA256 hides a single proved field by returning its SHA-256 digest instead of the plaintext value. SHA256_EX is the extended version used when you need to hide multiple data fields, especially in multi-URL scenarios.

How to Use Verification Logics in SDKs

Network-JS-SDK

For DApps that build on NexaID and use Network-JS-SDK, verification logics are configured with the attConditions parameter when calling attest().
Parameter NameTypeRequiredDescription
attConditionsArrayNoBy default, the SDK returns plaintext verification results. You can also define verification logics for hashed results or condition-based results. Example hashed result: const attConditions = [[{ field: "YOUR_CUSTOM_DATA_FIELD", op: "SHA256" }]]. Example condition result: const attConditions = [[{ field: "YOUR_CUSTOM_DATA_FIELD", op: ">", value: "YOUR_CUSTOM_TARGET_DATA_VALUE" }]].

When to Use zkTLS Operations vs DVC

zkTLS operations perform lightweight processing directly inside the attestation flow. This is useful when you want to hide raw values or prove simple comparisons without introducing another proving system. By contrast, the DVC (Data Verification and Computation) pattern sends the attestation data and related HTTP responses into a zkVM circuit for further computation. DVC provides stronger public verifiability, while zkTLS operations are usually simpler and more efficient for application-level privacy needs.