{"id":1171880,"date":"2026-05-21T06:48:40","date_gmt":"2026-05-21T13:48:40","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/?p=1171880"},"modified":"2026-05-21T09:19:17","modified_gmt":"2026-05-21T16:19:17","slug":"vega-zero-knowledge-proofs-for-digital-identity-in-the-age-of-ai","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/research\/blog\/vega-zero-knowledge-proofs-for-digital-identity-in-the-age-of-ai\/","title":{"rendered":"Vega: Zero-knowledge\u00a0proofs for\u00a0digital identity in the\u00a0age of AI"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1024x576.jpg\" alt=\"Three white line-style icons centered on a textured blue-to-green gradient background: a shield, a checkmark inside a circle, and an ID card with a user silhouette\u2014representing security, verification, and digital identity.\" class=\"wp-image-1171918\" srcset=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1024x576.jpg 1024w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-300x169.jpg 300w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-768x432.jpg 768w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1066x600.jpg 1066w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-655x368.jpg 655w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-240x135.jpg 240w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-640x360.jpg 640w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-960x540.jpg 960w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1280x720.jpg 1280w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1.jpg 1400w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<div style=\"padding-bottom:0; padding-top:0\" class=\"wp-block-msr-immersive-section alignfull row wp-block-msr-immersive-section\">\n\t\n\t<div class=\"container\">\n\t\t<div class=\"wp-block-msr-immersive-section__inner wp-block-msr-immersive-section__inner--narrow\">\n\t\t\t<div class=\"wp-block-columns mb-10 pb-1 pr-1 is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\" style=\"box-shadow:var(--wp--preset--shadow--outlined)\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<h2 class=\"wp-block-heading h3\" id=\"at-a-glance\">At a glance<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vega lets users prove facts from government-issued credentials \u2014 age, personhood, professional\u00a0status \u2014 without revealing the credential itself. The credential never leaves the device.\u00a0<\/li>\n\n\n\n<li>Zero-knowledge proofs are\u00a0generated in\u00a0under 100\u00a0ms\u00a0on a commodity client device with no trusted setup, making private identity verification practical at scale.\u00a0<\/li>\n\n\n\n<li>Fold-and-reuse proving means repeated presentations \u2014 to different services or through AI agents \u2014 skip most of the expensive work after the first proof.\u00a0<\/li>\n\n\n\n<li>Vega targets real-world formats like mobile driver&#8217;s licenses and the EU Digital Identity Wallet, is built in Rust, and will be open sourced soon.<\/li>\n<\/ul>\n<\/div>\n<\/div>\t\t<\/div>\n\t<\/div>\n\n\t<\/div>\n\n\n\n<p>AI is transforming how people interact with digital, from AI-powered assistants to autonomous agents that act on a user\u2019s behalf. As these capabilities grow, so does the value of strong digital identity: users need reliable ways to establish trust, whether proving they are human or sharing a credential with an AI-mediated service. Government-issued credentials are\u00a0still the strongest\u00a0foundation for trust,\u00a0but today\u2019s verification methods\u00a0often\u00a0require\u00a0people to\u00a0hand\u00a0them over. As AI agents begin acting on behalf of humans and interacting with decentralized systems, the need for fast, privacy-preserving\u00a0ways\u00a0to prove credentials\u00a0will only grow.<\/p>\n\n\n\n<p>These needs are already materializing in policy. Governments are moving quickly to formalize digital identity. The EU Digital Identity (EUDI) framework aims to make digital wallets available to all EU citizens, and efforts like the EU\u2019s age-verification blueprint and the UK\u2019s Online Safety Act mandate government ID-based methods for age checks. Application providers face a double bind: they must either use less accurate approaches like AI-based age estimation, or compromise user privacy by requiring ID uploads.<\/p>\n\n\n\n<p>The credential gets uploaded, processed, sometimes stored, and eventually (hopefully) deleted. But high-profile breaches have repeatedly exposed government IDs that users shared for routine verification. These are not edge cases. They are the predictable consequence of a system that asks users to share their most sensitive documents to prove a single bit of information.<\/p>\n\n\n\n<p>This is the question we set out to answer with Vega: Can we make it practical to prove something about a credential without ever revealing the credential itself?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"the-path-to-vega-from-idea-to-practice\">The path to Vega: From idea to practice<\/h2>\n\n\n\n<p>Zero-knowledge proofs\u00a0(ZKPs) are the cryptographic tool that makes this possible. The idea is simple:\u00a0they allow a\u00a0user\u00a0to prove\u00a0a\u00a0claim, such as\u00a0\u201cI am over 21\u201d, without revealing anything\u00a0else..\u00a0In practice, this means a user could prove their age from their driver\u2019s license without the verifier ever seeing the license, whether\u00a0to\u00a0a website, an app, or a service mediated by an AI agent.\u00a0\u00a0The proof works directly on the credential as issued, so the issuer does not need to change anything.<\/p>\n\n\n\n<p>so the issuer does not need to change anything.&nbsp;<\/p>\n\n\n\n<p>This is not a new idea. The challenge has always been\u00a0practicality. Prior systems either require a trusted setup\u00a0that had to be repeated whenever the logic changed,\u00a0or they sacrificed\u00a0performance to avoid the trusted setup, often producing large proofs in the process. For real-world use, the proof needs to\u00a0be fast to generate, small enough to\u00a0transmit\u00a0quickly, and efficient\u00a0enough to\u00a0run\u00a0on a mobile device.<\/p>\n\n\n\n<p>We have spent several years working toward a practical solution. Privacy-preserving identity has been a <a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/advancing-privacy-with-zero-knowledge-proof-credentials\/1441554\" type=\"link\" id=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-security-blog\/advancing-privacy-with-zero-knowledge-proof-credentials\/1441554\" target=\"_blank\" rel=\"noopener noreferrer\">motivating application<span class=\"sr-only\"> (opens in new tab)<\/span><\/a> throughout, and Vega\u2019s proof system draws on several building blocks from that line of work:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"https:\/\/eprint.iacr.org\/2019\/550\" type=\"link\" id=\"https:\/\/eprint.iacr.org\/2019\/550\" target=\"_blank\" rel=\"noopener noreferrer\">Spartan<span class=\"sr-only\"> (opens in new tab)<\/span><\/a><\/strong> showed how to efficiently prove R1CS, a standard way to express statements for a general-purpose proof system, with succinct proofs and without a trusted setup.<\/li>\n\n\n\n<li><a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"https:\/\/eprint.iacr.org\/2021\/370\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Nova<\/strong><span class=\"sr-only\"> (opens in new tab)<\/span><\/a>\u00a0introduced folding schemes, which let a prover compress many instances of a computation into one.\u00a0<\/li>\n\n\n\n<li><strong><a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"https:\/\/eprint.iacr.org\/2023\/573\" target=\"_blank\" rel=\"noopener noreferrer\">HyperNova<span class=\"sr-only\"> (opens in new tab)<\/span><\/a><\/strong> showed that Nova\u2019s folding also provides a key building block for zero-knowledge: folding a real instance with a random instance hides the underlying secret data, a technique dubbed &#8220;NovaBlindFold.\u201d<\/li>\n\n\n\n<li><strong><a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"https:\/\/eprint.iacr.org\/2024\/1605\" type=\"link\" id=\"https:\/\/eprint.iacr.org\/2024\/1605\" target=\"_blank\" rel=\"noopener noreferrer\">NeutronNova<span class=\"sr-only\"> (opens in new tab)<\/span><\/a><\/strong> provided the most efficient folding scheme for handling a batch of instances at once.<\/li>\n<\/ul>\n\n\n\n<p>Vega puts these building blocks together into a single proof system. A key design goal is simplicity. Spartan, Nova, and NeutronNova are composed in a direct way, and the circuit is built from a small number of standard components, with no exotic multi-field constructions and no trusted setup. On top of this simple foundation, Vega adds the ability to reuse work across multiple proofs of the same credential and a new way to achieve zero-knowledge with minimal overhead. The result is a system that is easy to audit, extend to new credential formats, and deploy.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"performance\">Performance<\/h3>\n\n\n\n<p>Vega generates a zero-knowledge proof of age from a typical mobile driver\u2019s license, about 2 kilobytes (KB), in 92 miliseconds (ms) on a commodity client device. The resulting proof is 108 KB and can be verified in 23 ms. No trusted setup is required. The prover key is 464 KB; it fits comfortably on any phone. For smaller credentials, proving drops to 62 ms, with 83 KB proofs, and 17 ms verification. In practice, a user taps a button to present a credential, and 92 ms later the proof is done. The service learns only the requested fact; the credential never leaves the phone.<\/p>\n\n\n\n\t<div class=\"border-bottom border-top border-gray-300 mt-5 mb-5 msr-promo text-center text-md-left alignwide\" data-bi-aN=\"promo\" data-bi-id=\"1002645\">\n\t\t\n\n\t\t<p class=\"msr-promo__label text-gray-800 text-center text-uppercase\">\n\t\t<span class=\"px-4 bg-white display-inline-block font-weight-semibold small\">Spotlight: AI-POWERED EXPERIENCE<\/span>\n\t<\/p>\n\t\n\t<div class=\"row pt-3 pb-4 align-items-center\">\n\t\t\t\t\t\t<div class=\"msr-promo__media col-12 col-md-5\">\n\t\t\t\t<a class=\"bg-gray-300 display-block\" href=\"https:\/\/aka.ms\/research-copilot\/?OCID=msr_researchforum_Copilot_MCR_Blog_Promo\" aria-label=\"Microsoft research copilot experience\" data-bi-cN=\"Microsoft research copilot experience\" target=\"_blank\">\n\t\t\t\t\t<img decoding=\"async\" class=\"w-100 display-block\" src=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2024\/01\/MSR-Chat-Promo.png\" alt=\"\" \/>\n\t\t\t\t<\/a>\n\t\t\t<\/div>\n\t\t\t\n\t\t\t<div class=\"msr-promo__content p-3 px-5 col-12 col-md\">\n\n\t\t\t\t\t\t\t\t\t<h2 class=\"h4\">Microsoft research copilot experience<\/h2>\n\t\t\t\t\n\t\t\t\t\t\t\t\t<p id=\"microsoft-research-copilot-experience\" class=\"large\">Discover more about research at Microsoft through our AI-powered experience<\/p>\n\t\t\t\t\n\t\t\t\t\t\t\t\t<div class=\"wp-block-buttons justify-content-center justify-content-md-start\">\n\t\t\t\t\t<div class=\"wp-block-button\">\n\t\t\t\t\t\t<a href=\"https:\/\/aka.ms\/research-copilot\/?OCID=msr_researchforum_Copilot_MCR_Blog_Promo\" aria-describedby=\"microsoft-research-copilot-experience\" class=\"btn btn-brand glyph-append glyph-append-chevron-right\" data-bi-cN=\"Microsoft research copilot experience\" target=\"_blank\">\n\t\t\t\t\t\t\tStart now\t\t\t\t\t\t<\/a>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div><!--\/.msr-promo__content-->\n\t<\/div><!--\/.msr-promo__inner-wrap-->\n\t<\/div><!--\/.msr-promo-->\n\t\n\n\n<h2 class=\"wp-block-heading\" id=\"under-the-hood-fold-reuse-and-lookup\">Under the hood: Fold, reuse, and lookup<\/h2>\n\n\n\n<p>Vega\u2019s speed comes from two ideas: fold-and-reuse proving and lookup-centric circuit design. The figure below shows the proving pipeline end to end.<\/p>\n\n\n\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1532\" height=\"1180\" src=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA_high_res.png\" alt=\"Diagram showing a two-phase zero-knowledge proof workflow. In the \u201conce per credential\u201d phase, a credential input is split into step and core circuits, then reusable data is committed and cached. In the \u201conce per presentation\u201d phase, session-specific data is re-randomized and committed using cached commitments, producing step instances and a core instance. Step instances are folded into one using NeutronNova, combined with the core instance in a Spartan proving step, then processed through NovaBlindFold to add zero-knowledge, resulting in a final ZK proof with size and performance metrics.\" class=\"wp-image-1172822\" srcset=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA_high_res.png 1532w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA_high_res-300x231.png 300w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA_high_res-1024x789.png 1024w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA_high_res-768x592.png 768w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA_high_res-234x180.png 234w\" sizes=\"auto, (max-width: 1532px) 100vw, 1532px\" \/><figcaption class=\"wp-element-caption\"><strong>Vega&#8217;s proving pipeline.\u00a0<\/strong>Work is split into two phases. The once-per-credential phase splits the credential into step and core circuits and commits reusable data. The\u00a0once-per-presentation phase re-randomizes cached commitments for\u00a0unlinkability, folds all SHA-256 step instances into one via\u00a0NeutronNova, proves the folded step and core circuits with Spartan, and applies zero-knowledge via\u00a0NovaBlindFold. The final output is a 108 kB proof generated in 92\u00a0ms\u00a0and\u00a0can be verified in 23\u00a0ms.\u00a0<\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"the-hashing-problem-and-how-folding-solves-it\">The hashing problem, and how folding solves it<\/h3>\n\n\n\n<p>A credential\u00a0proof must do two expensive things: hash the credential bytes with SHA-256\u00a0and\u00a0verify the issuer\u2019s digital signature. Signature verification would normally be the bottleneck,\u00a0but\u00a0\u00a0Vega\u00a0avoids that cost by working in a field where the signature arithmetic is native.\u00a0As a result,\u00a0hashing\u00a0becomes\u00a0the dominant cost. SHA-256 works by applying the same compression function to one 64-byte block at a time. A straightforward circuit simply\u00a0unrolls\u00a0all of\u00a0these\u00a0iterations,so\u00a0its size grows with the length of the credential. For a typical\u00a0mobile driver\u2019s license, that is 30 blocks of compression, all\u00a0captured in a single\u00a0circuit.<\/p>\n\n\n\n<p>We take a different approach. Instead of unrolling the entire hash, we define one small \u201cstep\u201d circuit that proves a single SHA-256 compression step, and we instantiate it once per block. Because these step instances are structurally identical, we can use NeutronNova\u2019s folding scheme to collapse them into a single instance. The prover does work to fold the 30 step instances into one, but this folding cost is modest. Spartan then only needs to prove a single step-sized circuit alongside a separate \u201ccore\u201d circuit that handles the rest of the checks, including signature verification and age predicates, rather than a monolithic circuit with 30 unrolled blocks. The proving key only needs to describe one step and one core, so it stays small regardless of credential length.<\/p>\n\n\n\n<p>There is a subtle privacy issue here to arddress. Credentials vary in length, and if the circuit size varied with the credential, that would leak information. To prevent this, all step circuits share a committed table of intermediate digests. The core circuit picks the selects the appropriate digest using a private index. If the prover selects the wrong entry, the issuer\u2019s signature check fails.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"making-it-zero-knowledge-cheaply\">Making it zero-knowledge, cheaply<\/h3>\n\n\n\n<p>A proof system needs to be zero-knowledge: the verifier should learn nothing beyond the claim being proved. Existing approaches to achieve this are often complex to engineer and can add significant overhead to the prover. We found a simpler way.<\/p>\n\n\n\n<p>A standard first step is to commit to every message the prover sends using hiding cryptographic commitments, so the verifier sees commitments rather than values. The harder question is to prove that those hidden values would have passed the verifier\u2019s checks. We express those checks as a small constraint system, just a few hundred constraints, since the verifier only performs a logarithmic number of operations. We then fold this constraint system iwith a random instance via Nova\u2019s folding scheme. This step hides the underlying data, so the zero-knowledge overhead scales with this small constraint system, not the full secret data.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"proving-once-presenting-many-times\">Proving once, presenting many times<\/h3>\n\n\n\n<p>A user who presents their credential to one website will likely present it again to another, and another. In a world where AI agents handle many of these interactions on a user\u2019s behalf, the same credential may need to be presented dozens of times a day. The credential itself does not change between these presentations. What changes is the session nonce, a fresh random value from the verifier, and possibly the date or the predicate threshold.<\/p>\n\n\n\n<p>Vega\u00a0takes advantage of this\u00a0structure by\u00a0by\u00a0splitting the prover\u2019s secret data into three parts. The\u00a0<em>shared<\/em>\u00a0data\u00a0(SHA-256 tables) and the\u00a0<em>precommitted<\/em>\u00a0part, such as the\u00a0issuer signature\u00a0and\u00a0field\u00a0locationsm\u00a0are computed and committed\u00a0once when\u00a0the credential is first loaded. The\u00a0<em>online<\/em>\u00a0part, such as the\u00a0device signature\u00a0and\u00a0\u00a0today\u2019s\u00a0date,\u00a0is committed fresh each time. Before each proof, the precomputed commitments are refreshed with new randomness, which is cheaper than recomputing them and ensures that two proofs about the same credential cannot be linked.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"avoiding-the-parser\">Avoiding the parser<\/h3>\n\n\n\n<p>Another important part of Vega\u2019s efficiency comes from how it handles the credential format. A\u00a0mobile driver\u2019s license\u00a0is encoded in\u00a0Concise Binary Object Representation\u00a0(CBOR), and building a full CBOR parser as a circuit would be both complex and expensive. But we realized we do not actually need a parser. The credential bytes are signed by a trusted issuer, so we know they are well-formed. We only need to\u00a0reach\u00a0in\u00a0and grab specific fields.<\/p>\n\n\n\n<p>We treat the credential as a byte-addressable lookup table. The prover says, \u201cthe device public key starts at byte 847\u201d and supplies the bytes. The circuit checks three things: that the bytes actually match the authenticated credential, that the right CBOR prefix appears at the start of the field so the prover cannot claim the wrong field, and that the addresses are contiguous so the prover cannot splice bytes from unrelated locations. This replaces an entire parser with a handful of lookups.<\/p>\n\n\n\n<p>The same lookup idea powers length-hiding hashing, as described above: the circuit builds a table of all intermediate SHA-256 digests and picks the correct one at the point where the real message ends.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"device-binding\">Device binding<\/h3>\n\n\n\n<p>A zero-knowledge credential proof is only useful if it is tied to the person holding the credential. Without device binding, someone who obtains a leaked credential could generate valid proofs for any session. This matters even more in a world of AI agents: if an agent can present a proof on behalf of a user, we need cryptographic assurance that the proof originated from the user\u2019s device, not from an attacker or an unauthorized agent.<\/p>\n\n\n\n<p>Vega addresses this by requiring the holder\u2019s device to sign a fresh session nonce with the device private key, which is bound to the phone\u2019s secure element. The circuit extracts the device public key from the credential via lookup and verifies the device signature over the session nonce hash. Because the device private key never leaves the secure hardware, possession of the signed credential alone is not sufficient to produce a valid proof.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"where-this-leads\">Where this leads<\/h2>\n\n\n\n<p>Vega is implemented in Rust and will be open sourced soon. The proof system powering Vega is already available as the\u00a0open-source\u00a0<a class=\"msr-external-link glyph-append glyph-append-open-in-new-tab glyph-append-xsmall\" href=\"https:\/\/github.com\/microsoft\/spartan2\" target=\"_blank\" rel=\"noopener noreferrer\">spartan2<span class=\"sr-only\"> (opens in new tab)<\/span><\/a>\u00a0project on GitHub.\u00a0The\u00a0<a href=\"https:\/\/www.microsoft.com\/en-us\/research\/publication\/vega-low-latency-zero-knowledge-proofs-over-existing-credentials\/\" target=\"_blank\" rel=\"noreferrer noopener\">paper,<\/a>\u00a0joint work with Darya Kaviani,\u00a0will be presented at the upcoming IEEE Symposium on Security and Privacy in San Francisco.\u00a0<\/p>\n\n\n\n<p>While we focused on mobile driver\u2019s licenses as a concrete and timely application, especially given emerging frameworks like the EU Digital Identity wallet, the proof system and circuit techniques are general. They apply to any credential format with a stable byte encoding and a digital signature.<\/p>\n\n\n\n<p>We see several directions where the same primitive becomes increasingly important.<\/p>\n\n\n\n<p><strong>Agents carrying identity on behalf of humans<\/strong>. As autonomous AI agents begin acting on behalf of people, whether booking travel, interacting with services, or entering agreements, those agents will need to prove facts about the human they represent. For example, \u201cmy principal is over 18\u201d or \u201cmy principal is a licensed physician.\u201d The agent should be able to carry these proofs without ever holding the underlying credential. A zero-knowledge proof generated on the human\u2019s device, bound to the agent\u2019s session via device binding, lets the agent present identity signals without holding secrets.<\/p>\n\n\n\n<p><strong>Bridging off-chain identity to on-chain systems<\/strong>. Decentralized systems increasingly need real-world identity signals, such as KYC compliance, accredited investor status, and jurisdiction checks. Today, this is handled by uploading documents to a centralized intermediary, who then issues an on-chain attestation. The user loses privacy twice: once to the intermediary, and again on chain, where the attestation may be linkable across interactions. A ZKP over an off-chain credential could bridge this directly: the user proves a fact from their government-issued credential, and the on-chain verifier receives only the proof. No intermediary sees the credential, and rerandomization ensures repeated proofs are unlinkable.<\/p>\n\n\n\n<p>As digital identity mandates expand and AI reshapes how humans and agents establish trust, the need for privacy-preserving credential verification will only grow. We see Vega as one step in a broader shift: from a world where proving a fact about yourself requires giving up your identity, to one where cryptography lets you keep it.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vega turns a full credential into a single proof, sharing only what is needed and nothing more, with performance that works in real apps. <\/p>\n","protected":false},"author":43868,"featured_media":1171918,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"msr-url-field":"","msr-podcast-episode":"","msrModifiedDate":"","msrModifiedDateEnabled":false,"ep_exclude_from_search":false,"_classifai_error":"","msr-author-ordering":[{"type":"user_nicename","value":"Srinath Setty","user_id":"33709"}],"msr_hide_image_in_river":0,"footnotes":""},"categories":[1],"tags":[],"research-area":[13556,13558],"msr-region":[],"msr-event-type":[],"msr-locale":[268875],"msr-post-option":[243984],"msr-impact-theme":[],"msr-promo-type":[],"msr-podcast-series":[],"class_list":["post-1171880","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-research-blog","msr-research-area-artificial-intelligence","msr-research-area-security-privacy-cryptography","msr-locale-en_us","msr-post-option-blog-homepage-featured"],"msr_event_details":{"start":"","end":"","location":""},"podcast_url":"","podcast_episode":"","msr_research_lab":[199565],"msr_impact_theme":[],"related-publications":[],"related-downloads":[],"related-videos":[],"related-academic-programs":[],"related-groups":[],"related-projects":[],"related-events":[],"related-researchers":[{"type":"user_nicename","value":"Srinath Setty","user_id":33709,"display_name":"Srinath Setty","author_link":"<a href=\"https:\/\/www.microsoft.com\/en-us\/research\/people\/srinath\/\" aria-label=\"Visit the profile page for Srinath Setty\">Srinath Setty<\/a>","is_active":false,"last_first":"Setty, Srinath","people_section":0,"alias":"srinath"}],"msr_type":"Post","featured_image_thumbnail":"<img width=\"960\" height=\"540\" src=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-960x540.jpg\" class=\"img-object-cover\" alt=\"Three white line-style icons centered on a textured blue-to-green gradient background: a shield, a checkmark inside a circle, and an ID card with a user silhouette\u2014representing security, verification, and digital identity.\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-960x540.jpg 960w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-300x169.jpg 300w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1024x576.jpg 1024w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-768x432.jpg 768w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1066x600.jpg 1066w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-655x368.jpg 655w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-240x135.jpg 240w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-640x360.jpg 640w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1-1280x720.jpg 1280w, https:\/\/www.microsoft.com\/en-us\/research\/wp-content\/uploads\/2026\/05\/VEGA-BlogHeroFeature-1400x788-1.jpg 1400w\" sizes=\"auto, (max-width: 960px) 100vw, 960px\" \/>","byline":"<a href=\"https:\/\/www.microsoft.com\/en-us\/research\/people\/srinath\/\" title=\"Go to researcher profile for Srinath Setty\" aria-label=\"Go to researcher profile for Srinath Setty\" data-bi-type=\"byline author\" data-bi-cN=\"Srinath Setty\">Srinath Setty<\/a>","formattedDate":"May 21, 2026","formattedExcerpt":"Vega turns a full credential into a single proof, sharing only what is needed and nothing more, with performance that works in real apps.","locale":{"slug":"en_us","name":"English","native":"","english":"English"},"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/posts\/1171880","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/users\/43868"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/comments?post=1171880"}],"version-history":[{"count":16,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/posts\/1171880\/revisions"}],"predecessor-version":[{"id":1172889,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/posts\/1171880\/revisions\/1172889"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media\/1171918"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media?parent=1171880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/categories?post=1171880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/tags?post=1171880"},{"taxonomy":"msr-research-area","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/research-area?post=1171880"},{"taxonomy":"msr-region","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-region?post=1171880"},{"taxonomy":"msr-event-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-event-type?post=1171880"},{"taxonomy":"msr-locale","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-locale?post=1171880"},{"taxonomy":"msr-post-option","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-post-option?post=1171880"},{"taxonomy":"msr-impact-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-impact-theme?post=1171880"},{"taxonomy":"msr-promo-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-promo-type?post=1171880"},{"taxonomy":"msr-podcast-series","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-podcast-series?post=1171880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}