EIP 1387: Merkle Tree Attestations with Privacy enabled Source

AuthorWeiwu Zhang, James Sangalli
TypeStandards Track


It’s often needed that an Ethereum smart contract must verify a claim (I live in Australia) attested by a valid attester.

For example, an ICO contract might require that the participant, Alice, lives in Australia before she participates. Alice’s claim of residency could come from a local Justice of the Peace who could attest that “Alice is a resident of Australia in NSW”.

Unlike previous attempts, we assume that the attestation is signed and issued off the blockchain in a Merkle Tree format. Only a part of the Merkle tree is revealed by Alice at each use. Therefore we avoid the privacy problem often associated with issuing attestations on chain. We also assume that Alice has multiple signed Merkle Trees for the same factual claim to avoid her transactions being linkable.


This ERC provides an interface and reference implementation for smart contracts that need users to provide an attestation and validate it.

Draft implementation

contract MerkleTreeAttestationInterface {
    struct Attestation
        bytes32[] merklePath;
        bool valid;
        uint8 v;
        bytes32 r;
        bytes32 s;
        address attester;
        address recipient;
        bytes32 salt;
        bytes32 key;
        bytes32 val;

    function validate(Attestation attestation) public returns(bool);

Relevant implementation examples

Here is an example implementation of the MerkleTreeAttestationInterface Here is an example service which would use such a merkle tree attestation

#1388 #1386