Zero-knowledge proof (ZKP) verifies only the fact required by a service instead of exposing a user's full personal information. BBATON applies this principle to anonymous verification so a service can receive only the result it needs, such as whether a user is an adult.
Prove what matters.
Reveal nothing else.
In real services, what matters is rarely a full identity record. ZKP is a proof system designed to verify only whether a claim is true or false without exposing the rest of the data.
If a claim is true, a valid proof must pass verification. In practice, this means legitimate users should be able to prove required conditions reliably.
If a claim is false, manipulation or bypass attempts must not fool the verifier. Operationally, that means false verification and forged results cannot pass.
The verifier should learn nothing beyond the fact that the claim is true. Names, birth dates, and original documents should not leak during verification.
In production, the user secret, the proof generated on the device, and the service interpreting the result should remain separated. The key is that the service receives only the result it needs, without raw source data.
A user's birth date, document details, and identifying values should stay on the device or in a user-controlled area. The service should not collect the full original record.
When a service asks for a specific condition such as whether the user is an adult, the device computes a proof locally. Original documents and detailed attributes are not embedded directly in the proof.
The service verifies whether the proof is valid and receives only the results required by policy. Even after verification, the user's raw identity data remains unknown.
The structure BBATON is working toward avoids centralized storage of raw source data and instead keeps it on the user device while focusing on result-based verification. result-centered verification. The service sends a question, the device creates only the proof required for that question, and returns only the result.
At initial enrollment, the required document information is read and converted into secret material and verification inputs that remain only on the user device.
The model avoids uploading original passport images or full birth date values to a central server or blockchain. The operational system handles only the minimum required information.
When the service requests a condition, the user device creates a proof from local information and the server receives only the result and verifiable evidence. Raw identity data is never transmitted.
In most services, what is truly needed is not a full identity record but confirmation that a specific condition is met. A convenience-store age check is one of the clearest examples of why ZKP matters in live services.
The service only needs to know whether the user is an adult, yet unnecessary personal data is exposed as well. The purpose of collection and the scope of exposed information do not match.
The service checks only the result required by policy and never sees raw values such as the name, address, or birth date. The verification purpose and the collected information now align.
BBATON is already designing its verification structure around the principle of minimum necessary information. Going forward, the structure can expand toward reducing raw attribute exposure even further at verification time.