ZK Email lets users prove facts about real DKIM-signed emails (sender, subject, regex matches over the body) without revealing the email itself. The Blueprint Registry compiles ZK circuits and deploys on-chain Solidity verifiers; the JS SDK then generates and verifies proofs from any frontend or Node backend.
- 01email-based proof of ownership / membership
- 02wallet recovery via email
- 03anonymous airdrops gated by mailing-list membership
- 04pseudonymous KYC ('I work at @company')
- 05on-chain verification of off-chain web2 receipts
- pnpm add @zk-email/sdk
- pnpm add @zk-email/helpers
- forge install zkemail/zk-email-verify
| Variable | Scope | Description |
|---|---|---|
| ZK_EMAIL_BLUEPRINT_SLUG | Client | Blueprint slug (e.g. `myorg/proof-of-twitter@v1`) created in the ZK Email Registry. |
Use ZK Email to prove claims over DKIM-signed emails. First, define a Blueprint in the registry UI at https://registry.zk.email — specify regex patterns over the email and which fields are public. In your app, install `@zk-email/sdk` and call `const sdk = initZkEmailSdk(); const blueprint = await sdk.getBlueprintBySlug(ZK_EMAIL_BLUEPRINT_SLUG); const prover = blueprint.createProver(); const proof = await prover.generateProof(rawEmlString);`. Verify off-chain with `await blueprint.verifyProof(proof)` or on-chain by calling the auto-deployed `Groth16Verifier` contract with `proof.proofData` and `proof.publicData`. Use `@zk-email/helpers` to fetch a user's email via Gmail OAuth or to parse `.eml` uploads.
- ⚑Proofs depend on the sender's DKIM key — if the domain rotates keys, historical emails may stop verifying unless you snapshot the public key at proof time.
- ⚑Browser proving is heavy (often 30s–2min and >1GB memory); offer a server-side proving fallback for mobile users.
- ⚑The Blueprint Registry deploys verifier contracts on a fixed set of chains; check chain support before promising on-chain verification on exotic networks.
- ⚑Regex circuits have hard length bounds — emails longer than the blueprint's max body length silently fail to prove.
- ⚑Anyone with access to the same email can produce the same proof; treat ZK Email proofs as 'someone who held this email proved X', not as live authentication.