Zero-Knowledge Vehicle Identity
Cryptographic proof that a vehicle
is exactly what it claims to be.
Three tamper-resistant Secure Element chips embedded at manufacture. All three must co-sign every identity proof. VIN fraud becomes permanently impossible on new vehicles.
$20B
lost annually to VIN fraud & theft
80M+
new vehicles manufactured per year
3-of-3
hardware co-signatures required
<30s
live ZK proof generation
EN-1 · Engine Node
Engine Control Unit
ECU housing · engine bay
Independent Ed25519 keypair generated in-chip at manufacture. Tamper response: immediate key wipe on ECU breach. Monitors engine-bay intrusion.
CN-2 · Chassis Node
Structural Chassis
A-pillar · body-in-white stage
Embedded into the steel chassis during production. Cannot be removed without destroying the frame. Key wipe triggered by structural breach detection.
TN-3 · Telematics Node
Telematics Module
Behind dashboard · telematics housing
Orchestrates verification: challenges EN-1 and CN-2 with a session nonce, assembles the three signed witnesses, passes to proof server. Also the connectivity layer.
Key property: Remove, damage, or substitute any one chip and the 3-of-3 co-signature fails. The vehicle cannot produce a valid identity proof. VIN cloning becomes physically impossible — you would need to replicate all three chips, embedded in different structural parts of the vehicle.
🔍
Query
Authority sends challenge to TN-3 via VAP-1 API
→
🔐
Co-Sign
EN-1, CN-2, TN-3 each sign session nonce with in-chip keys
≤5s
→
⚙️
ZK Proof
Proof server (PLONK/KZG) generates zero-knowledge proof from witness data
≤25s
→
🌐
On-Chain
Midnight Network validates proof against minted VIT token
→
✅
Result
Role-specific fields disclosed. No PII on-chain.
total ≤30s
🛡 Cached public status via GraphQL: <1s
🔒 Private witness data never appears on-chain or in the proof
⛓ Proof system: PLONK + KZG · BLS12-381 + JubJub
Each stakeholder receives a cryptographic proof revealing only their authorised fields — the same ZK proof, different disclosed outputs.
🚔
Police / Law Enforcement
status
vin (stolen only)
owner identity, purchase history
🏢
Insurance
identity valid
ownership count
service count
previous owner details, other claims
🏪
Dealer
identity valid
transfer count
service count
flags
previous owner details
🏛
Government / DMV
status
vin
transfer count
recall flags
personal data (not on-chain)
🏭
Manufacturer
full build data
tamper alerts
recall tools
other OEM data, owner details
👤
Vehicle Owner
full own record
vin
service history
build spec
other owners' data
Five Revenue Streams — All Fiat, No Crypto Required
Speculative projections — actual fees vary by region, OEM tier, and regulatory environment.
STREAM 1
VIT Minting Fee
One-time per vehicle at manufacture. Volume tiers: Ultra-scale (3M+/yr) $3–5 · Large OEM $8–12 · Mid OEM $12–18 · Small/early adopter $20–25. Billed by invoice to manufacturer.
STREAM 2
Verification API
Per-query for insurers, lenders, fleet operators. Status check $0.15–0.35 · Ownership verify $1.75–2.50 · Full identity proof $9–15 · Live tamper check $6–12. Card or invoice.
STREAM 3
Dealer Portal Subscription
Monthly SaaS per dealership. Small $199 · Mid $349 · Large franchise $599/month. DMS integration for franchised dealers. Card or direct debit billing. ~10,000 dealers by Year 5.
STREAM 4
Consumer Platform
$5 per private ownership transfer (market-dependent). Seller initiates → buyer confirms → ZK proof → on-chain update. Card, Apple Pay, Google Pay. Owner app read-only is free.
STREAM 5
Enterprise & Government
Insurance partnerships (revenue share from fraud savings) · Government integration contracts — Model B path: $500K–$2M integration fee + annual maintenance per jurisdiction (DVLA, DMV etc.) · Enterprise data products from Year 4. Long-term goal: Model C regulatory mandate.
Fiat-first model: All client payments in USD / GBP / EUR via standard billing rails. ShieldVIN holds a DUST operational reserve and absorbs all on-chain transaction costs. No crypto wallet required from any user.
Three Product Surfaces
ShieldVIN API
Embedded infrastructure. Insurers, lenders, fleet operators, government. Invisible to end user. Like Stripe for vehicle identity.
Dealer Portal
Web app + DMS plugin. Verify stock, process ownership transfers, issue buyer proof receipts. Monthly subscription.
Consumer App
Private sellers + owners. $5 ownership transfer. View own record free. Card or mobile pay checkout.
5-Year Revenue Projection
Base case · 5 streams · speculative — varies by region and adoption rate
Revenue Breakdown ($M)
| Year |
Minting |
API |
Dealer |
Consumer |
Ent+Govt |
Total |
| Y1 | 0.18 | 0.05 | — | — | — | 0.23 |
| Y2 | 1.00 | 0.25 | 0.60 | 0.05 | 0.10 | 2.00 |
| Y3 | 5.20 | 1.50 | 3.50 | 0.35 | 2.00 | 12.55 |
| Y4 | 18.00 | 8.00 | 14.90 | 1.60 | 5.50 | 48.00 |
| Y5 | 42.00 | 25.00 | 39.60 | 6.30 | 18.00 | 131.00 |
Phase 1–2 investment: $12M–$18M
Minting: volume tiers $3–$25/vehicle · API: $0.15–$12/query by type
Dealer: $199–$599/month · Consumer: $5/transfer · All billed in fiat
DUST is an operational cost absorbed by ShieldVIN — not a revenue stream
🔏
Selective Disclosure ZK Proofs
Native disclose() primitive controls exactly which fields leave the private witness. Different outputs for different roles from the same proof.
🛡
No PII On-Chain by Design
Private witness data is structurally separated from the public ledger. GDPR Article 25 compliance by construction — not by encryption bolted on afterwards.
🔬
PLONK Proof System
PLONK + KZG polynomial commitments over BLS12-381 and JubJub curves. Universal trusted setup — no per-circuit ceremony required as the standard evolves.
🌐
Enterprise Confidentiality
Query patterns are private. That insurer X queried VIN Y is not visible on-chain. Ethereum, Cardano, Hedera all fail this requirement by design.
⚡
Compact DSL
Purpose-built ZK circuit language. TypeScript-familiar syntax. Lower barrier than raw Circom or Rust. The vehicle_identity.compact stub is already written.
🤝
Ecosystem Fit
Midnight is actively seeking enterprise use cases that validate "rational privacy" at real-world scale. AirLog (aviation maintenance records) confirms the DApp pattern. ShieldVIN is that use case at automotive scale.
A Proposal to Midnight Network
ShieldVIN is the enterprise use case that demonstrates Midnight Network's selective-disclosure ZK proofs at real-world scale — 80 million vehicles per year, six distinct stakeholder roles, zero personal data on-chain.