Vega: Zero-knowledge proofs for digital identity in the age of AI

Vega: Zero-knowledge proofs for digital identity in the age of AI - Microsoft Research

Skip to main content

Research

Publications Code & data People Microsoft Research blog

Artificial intelligence Audio & acoustics Computer vision Graphics & multimedia Human-computer interaction Human language technologies Search & information retrieval

Data platforms and analytics Hardware & devices Programming languages & software engineering Quantum computing Security, privacy & cryptography Systems & networking

Algorithms Mathematics

Ecology & environment Economics Medical, health & genomics Social sciences Technology for emerging markets

Academic programs Events & academic conferences Microsoft Research Forum

Behind the Tech podcast Microsoft Research blog Microsoft Research Forum Microsoft Research podcast

About Microsoft Research Careers & internships People Emeritus program News & awards Microsoft Research newsletter

Africa AI for Science AI Frontiers Asia-Pacific Cambridge Health Futures India Montreal New England New York City Redmond

Applied Sciences Mixed Reality & AI - Cambridge Mixed Reality & AI - Zurich

Register: Research Forum

Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365

Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability

Education Automotive Financial services Government Healthcare Manufacturing Retail

Find a partner Become a partner Partner Network Microsoft Marketplace Software companies

Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research

View Sitemap

Return to Blog Home Microsoft Research Blog

At a glance

Vega lets users prove facts from government-issued credentials — age, personhood, professional status — without revealing the credential itself. The credential never leaves the device.

Zero-knowledge proofs are generated in under 100 ms on a commodity client device with no trusted setup, making private identity verification practical at scale.

Fold-and-reuse proving means repeated presentations — to different services or through AI agents — skip most of the expensive work after the first proof.

Vega targets real-world formats like mobile driver’s licenses and the EU Digital Identity Wallet, is built in Rust, and will be open sourced soon.

AI is transforming how people interact with digital services, from AI-powered assistants to autonomous agents that act on a user’s behalf. As these capabilities grow, so does the value of strong digital identity: users need reliable ways to establish trust, whether proving they are human or sharing a credential with an AI-mediated service. Government-issued credentials are still the strongest foundation for trust, but today’s verification methods often require people to hand them over. As AI agents begin acting on behalf of humans and interacting with decentralized systems, the need for fast, privacy-preserving ways to prove credentials will only grow.

These needs are already materializing in policy. Governments are moving quickly to formalize digital identity. The EU Digital Identity (EUDI) framework aims to make digital wallets available to all EU citizens, and efforts like the EU’s age-verification blueprint and the UK’s Online Safety Act mandate government ID-based methods for age checks. Application providers face a double bind: they must either use less accurate approaches like AI-based age estimation, or compromise user privacy by requiring ID uploads.

The credential gets uploaded, processed, sometimes stored, and eventually (hopefully) deleted. But high-profile breaches have repeatedly exposed government IDs that users shared for routine verification. These are not edge cases. They are the predictable consequence of a system that asks users to share their most sensitive documents to prove a single bit of information.

This is the question we set out to answer with Vega: Can we make it practical to prove something about a credential without ever revealing the credential itself?

The path to Vega: From idea to practice

Zero-knowledge proofs (ZKPs) are the cryptographic tool that makes this possible. The idea is simple: they allow a user to prove a claim, such as “I am over 21”, without revealing anything else. In practice, this means a user could prove their age from their driver’s license without the verifier ever seeing the license, whether to a website, an app, or a service mediated by an AI agent.  The proof works directly on the credential as issued, so the issuer does not need to change anything.

This is not a new idea. The challenge has always been practicality. Prior systems either require a trusted setup that had to be repeated whenever the logic changed, or they sacrificed performance to avoid the trusted setup, often producing large proofs in the process. For real-world use, the proof needs to be fast to generate, small enough to transmit quickly, and efficient enough to run on a mobile device.

We have spent several years working toward a practical solution. Privacy-preserving identity has been a motivating application (opens in new tab) throughout, and Vega’s proof system draws on several building blocks from that line of work:

Spartan (opens in new tab) showed how to efficiently prove R1CS, a standard way to express statements for a general-purpose proof system, with succinct proofs and without a trusted setup.

Nova (opens in new tab) introduced folding schemes, which let a prover compress many instances of a computation into one.

HyperNova (opens in new tab) showed that Nova’s folding also provides a key building block for zero-knowledge: folding a real instance with a random instance hides the underlying secret data, a technique dubbed “NovaBlindFold.”

NeutronNova (opens in new tab) provided the most efficient folding scheme for handling a batch of instances at once.

Vega puts these building blocks together into a single proof system. A key design goal is simplicity. Spartan, Nova, and NeutronNova are composed in a direct way, and the circuit is built from a small number of standard components, with no exotic multi-field constructions and no trusted setup. On top of this simple foundation, Vega adds the ability to reuse work across multiple proofs of the same credential and a new way to achieve zero-knowledge with minimal overhead. The result is a system that is easy to audit, extend to new credential formats, and deploy.…