In today's digital world, identity verification systems are centralized, opaque, and vulnerable to data breaches. Organizations hold your sensitive documents, often without your knowledge or control. Users have no way to prove their identity without surrendering their data to third parties.
CivicGuard changes that.
Built on blockchain technology, CivicGuard empowers individuals with self-sovereign identityβa system where you control who sees your verified credentials, when, and how. Issuers (governments, institutions, employers) verify and issue documents on-chain. Volunteers (users) store and share them securely via QR codes. Verifiers (businesses, services) check authenticity without accessing the original document.
Privacy-first. Decentralized. Transparent.
|
Documents are hashed and registered on the blockchain, ensuring tamper-proof verification without exposing sensitive data. |
Share verified credentials via secure, short-lived QR codesβno need to hand over physical documents or original files. |
|
Seamless email OTP authentication with optional Google OAuth support for a frictionless user experience. |
Install CivicGuard on any device for an app-like experience with offline capabilities and biometric security. |
|
Prove your identity attributes (age, citizenship, etc.) without revealing underlying data using advanced cryptography. |
Real-time document validation via blockchain lookupsβno waiting, no manual checks, no third-party delays. |
| Requirement | Version | Check |
|---|---|---|
| Node.js | 18.x or 20.x | node --version |
| npm | 9.x or 10.x | npm --version |
| Git | Any recent | git --version |
-
Clone the Repository
git clone https://github.com/YOUR_USERNAME/CivicGuard.git cd CivicGuard -
Install Dependencies
npm install
-
Environment Configuration
Create
.env.localfrom the example template:cp .env.example .env.local
Configure the following variables in
.env.local:Variable Required Description NEXT_PUBLIC_CONTRACT_ADDRESSAuto-set* Deployed contract address (auto-populated by setup script) NEXT_PUBLIC_RPC_URLNo Blockchain RPC endpoint (default: http://127.0.0.1:8545)SMTP_USERNo** Gmail address for OTP emails SMTP_PASSNo** Gmail App Password (not regular password) ENCRYPTION_SECRETNo User registry encryption key (dev default provided) NEXT_PUBLIC_GOOGLE_CLIENT_IDNo Google OAuth client ID for Sign in with Google *Note: The
setup-demoscript automatically writes the deployed contract address to.env.local.**Note: Without SMTP configuration, OTPs are logged to the terminal and displayed on the auth screen in development mode.
Minimum for first run: Leave
.env.localas-is or with onlyNEXT_PUBLIC_RPC_URLset. Other variables can remain empty for initial testing. -
Start the Application
Option A: One Command (Recommended)
npm run start-all
This command will:
- Start the Hardhat blockchain node (port 8545)
- Deploy the CivicGuard smart contract
- Update
.env.localwith the contract address - Seed the default issuer (
rarealriree@gmail.com) - Launch the Next.js development server (port 3000)
When you see
Ready in X.Xs, open:http://localhost:3000Option B: Manual Setup (Two Terminals)
Terminal 1 β Start blockchain node (keep running):
npx hardhat node
Terminal 2 β Setup and run application:
npm run setup-demo npm run dev
Then open
http://localhost:3000. -
Verify Installation
- Home: Visit
http://localhost:3000 - Auth: Click "Get Started" β Sign Up β Volunteer β Enter email β OTP
- Issuer: Login as Issuer with
rarealriree@gmail.com(pre-seeded) - Verifier: Visit
http://localhost:3000/verifier(no login required)
- Home: Visit
CivicGuard operates on a three-actor model: Volunteers, Issuers, and Verifiers. Here's how they interact:
- Navigate to
http://localhost:3000and click Get Started - Choose Sign Up β Volunteer
- Enter your email (e.g.,
volunteer@test.com) - Enter the OTP (received via email or displayed in terminal/screen)
- Click Request Document
- Select Default Issuer β Aadhar (or other document types)
- Fill in the form:
- Aadhar Number
- Full Name
- Date of Birth
- Address
- Click Submit Request
- Open a new browser tab or incognito window
- Go to
http://localhost:3000/auth - Choose Login β Issuer
- Email:
rarealriree@gmail.com(pre-seeded default issuer) - Enter OTP (check email or terminal logs)
- Click Review on the pending request
- Upload the verified document (PDF or image)
- Click Approve & Send Document
The system will:
- Hash the document using SHA-256
- Register the hash on-chain
- Store encrypted metadata
- Notify the volunteer
- Return to the Volunteer dashboard
- Wait for "Processing your documentβ¦" (polls every 2 seconds)
- Once processed, the document appears with status Verified
- Click Share for Verification
- A QR code appears with a short-lived verification URL (valid for 10 minutes)
- Open
http://localhost:3000/verifier(no login required) - Select document type: Aadhar
- Optionally enable constraints:
- β Require age 18+
- β Require document not expired
- Click Scan QR
- Scan the Volunteer's QR code (using device camera)
- See Verification Passed with:
- β On-chain hash match
- β Metadata validation
- β Policy compliance
No sensitive data is shared. The verifier confirms authenticity without accessing the original document.
CivicGuard/
βββ contracts/ # Solidity smart contracts
β βββ CivicGuard.sol # Core identity verification contract
βββ data/ # Runtime data (not tracked in git)
β βββ wallets.json # User wallet registry
β βββ otps.json # Temporary OTP storage
βββ scripts/ # Deployment and automation scripts
β βββ deploy.js # Contract deployment
β βββ seed-issuer.js # Pre-seed default issuer
β βββ setup-demo.js # One-command demo setup
β βββ start-all.js # Orchestrates blockchain + app startup
βββ src/
β βββ app/ # Next.js App Router pages
β β βββ api/ # API routes (auth, documents, verification)
β β βββ volunteer/ # Volunteer dashboard
β β βββ issuer/ # Issuer dashboard
β β βββ verifier/ # Verifier interface
β βββ components/ # React components
β β βββ AuthForm.jsx
β β βββ QRScanner.jsx
β β βββ ShareModal.jsx
β βββ context/ # React Context (AuthContext)
β βββ lib/ # Core utilities
β βββ blockchain.ts # Ethereum/contract interaction
β βββ crypto.ts # Hashing, encryption
β βββ storage.ts # Local data persistence
β βββ zkProver.ts # Zero-knowledge proof generation
βββ .env.example # Environment variable template
βββ hardhat.config.js # Hardhat configuration
βββ next.config.js # Next.js configuration
βββ package.json # Dependencies and scripts
βββ README.md # This file
| Command | Description |
|---|---|
npm run start-all |
Recommended: Start Hardhat node, deploy contracts, seed data, and launch dev server |
npm run reset |
Clear all data, restart blockchain, redeploy contracts, and start fresh |
npm run dev |
Start Next.js dev server only (requires Hardhat node to be running) |
npm run setup-demo |
Deploy contract and seed issuer (requires Hardhat node to be running) |
npx hardhat node |
Start local blockchain node only (port 8545) |
npm run compile |
Compile Solidity smart contracts |
npm test |
Run unit tests |
npm run test:e2e |
Run end-to-end Playwright tests |
To enable email-based OTP delivery:
- Enable 2-Factor Authentication on your Gmail account
- Create an App Password:
- Google Account β Security β 2-Step Verification β App passwords
- Add to
.env.local:SMTP_USER=your-email@gmail.com SMTP_PASS=your-16-char-app-password
- Restart the development server
To enable "Sign in with Google":
- Go to Google Cloud Console
- Create OAuth 2.0 credentials (Web application)
- Configure:
- Authorized JavaScript origins:
http://localhost:3000 - Authorized redirect URIs:
http://localhost:3000
- Authorized JavaScript origins:
- Add to
.env.local:NEXT_PUBLIC_GOOGLE_CLIENT_ID=your-client-id.apps.googleusercontent.com
- Restart the development server
- Important: Ensure Hardhat node is running (
npx hardhat node) for wallet funding during signup
| Issue | Solution |
|---|---|
| Port 3000 or 8545 already in use | Run npm run reset or manually kill processes on those ports |
| "Hardhat node is not running" | Start npx hardhat node in a separate terminal before running setup or dev |
| "Blockchain not configured" | Run npm run setup-demo with Hardhat node running |
| "Blockchain registration failed" | Ensure Hardhat node is running and setup completed successfully |
| OTP not received | Check terminal logs (dev mode) or configure SMTP with Gmail App Password |
| Camera not working for QR scanning | QR scanning requires localhost or HTTPS (secure context) |
| Google OAuth "origin not allowed" | Add http://localhost:3000 to Authorized JavaScript origins in Google Cloud Console |
| Need a fresh start | Run npm run reset and clear browser site data (F12 β Application β Clear site data) |
We welcome contributions from the community! Whether you're fixing bugs, improving documentation, or proposing new features, your input is valued.
Please read our Contributing Guidelines (coming soon) before submitting a pull request.
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
We take security seriously. If you discover a security vulnerability, please do not open a public issue.
Report security issues to: security@civicguard.example
For more information, see our Security Policy (coming soon).
This project is licensed under the MIT License β see the LICENSE file for details.
Built with:
- Next.js 14 β React framework for production
- Hardhat β Ethereum development environment
- Ethers.js β Ethereum library
- Tailwind CSS β Utility-first CSS framework
- html5-qrcode β QR code scanning
- qrcode.react β QR code generation
- Documentation: Check this README and HACKATHON_DEMO.md
- Issues: GitHub Issues
- Discussions: GitHub Discussions
Made with β€οΈ for a decentralized future
Website β’ Documentation β’ Demo β’ Twitter