Vega enables sub‑100 ms on‑device zero‑knowledge proofs for government IDs

Researchers have unveiled Vega, a Rust‑implemented cryptographic proof system that can generate zero‑knowledge proofs from government‑issued credentials on a user’s device in under 100 ms on a commodity client. The speed makes the cryptography practical for interactive applications and agent‑mediated requests, while keeping the underlying credential on the device — a combination that could let services verify attributes without collecting or storing sensitive ID documents.

Vega’s proofs require no trusted setup and operate directly on credentials “as issued,” so issuers do not need to change document formats or issuance workflows. The system implements a fold‑and‑reuse proving model: the first presentation performs the full proving work, but subsequent presentations to different services or via AI agents reuse much of that computation and skip the most expensive steps, reducing cost and latency for common multi‑party and repeated‑presentation use cases.

The project targets real‑world identity formats, explicitly including mobile driver’s licenses and the EU Digital Identity Wallet, and is written in Rust. The team says Vega will be open sourced soon, enabling developers to evaluate and integrate both proof generation and verification components into apps, digital wallets, and agent frameworks without waiting for issuer‑side changes.

Vega’s design builds on recent cryptographic advances to balance performance and deployment practicality. It draws on Spartan — an approach for efficient R1CS proofs without a trusted setup — and on folding schemes such as Nova and HyperNova, the latter applying a technique called NovaBlindFold. Related work such as NeutronNova also informs the architecture. That lineage addresses earlier trade‑offs where systems either demanded a trusted setup or produced large, slow proofs.

For developers and service operators, Vega’s mix of sub‑100 ms client proof generation, succinct proofs, and fold‑and‑reuse semantics implies practical, privacy‑preserving identity checks at scale. Because credentials never leave the device and issuers need not alter formats, applications can avoid asking users to upload sensitive IDs and reduce exposure from centralized storage. The model also allows AI‑mediated services to obtain verified attributes without accessing full documents, preserving user control over sensitive data.