Sample iOS app that runs the OpenAC zero-knowledge pipeline for the FIDO/SHA256RSA4096 circuit: authenticate with Taiwan's MOICA digital signature service, generate a ZK proof, and verify it on-device. It uses OpenACSwift—Swift bindings for OpenAC on iOS.
| Download Circuits | Sign with MOICA | Generate Proof |
|---|---|---|
 |
 |
 |
| ~19 seconds | ~11 seconds | prove ~ 9 seconds | verify ~9 seconds |
The app walks through four stages:
Downloads sha256rsa4096.r1cs (~92.9 MB) and rs256_4096_proving.key (~66.9 MB) from cloud storage. The verifying key is fetched on demand when Verify is first run. Once downloaded, the Setup section collapses.
| Step | Description |
|---|---|
| ID Number | Enter your Taiwan national ID (e.g. A123456789) |
| Get SP Ticket | Calls POST /moise/sp/getSpTicket on fidoapi.moi.gov.tw with an AES-256-GCM checksum. Returns a signed sp_ticket. |
| Verify with MOICA | Deep-links to mobilemoica://moica.moi.gov.tw/a2a/verifySign so the MOICA app performs the signature. Returns to openac://callback with rtn_val. |
| Auth Result | Calls POST /moise/sp/getAthOrSignResult, polling every 4 s until the signature is available. Retrieves signed_response and the signer's certificate. |
| Generate Input | Calls generateInputFido from OpenACSwift to build input.json from the MOICA response, ready for the ZK circuit. |
| Step | Description |
|---|---|
| Generate Proof | Calls proveFido — runs the Groth16 prover over the FIDO circuit. Reports proof size and time. |
| Verify | Calls verifyFido — verifies the Groth16 proof on-device. |
Individual steps can be triggered with their own play button, or tap Run All Steps in the toolbar to run the full pipeline in sequence.
- iOS 16+
- Xcode 15+
- MOICA app installed on device for the FIDO authentication flow
- A registered FIDO service ID and matching AES key (see Secrets)
- OpenACSwift — Swift bindings for
proveFido,verifyFido,setupKeysFido,generateInputFido - ZIPFoundation — extracts downloaded
.zipcircuit archives - CryptoKit (system) — AES-256-GCM for the
sp_checksumrequired by the FIDO API
The FIDO API requires a service ID and AES key. Create OpenACExampleApp/Secrets.swift (gitignored):
enum Secrets {
static let fidoSpServiceID = "<your-sp-service-id>"
static let fidoAESKey = "<your-aes-key-base64>"
}Both values can also be injected via environment variables FIDO_SP_SERVICE_ID and FIDO_AES_KEY (useful for CI).
- Open
OpenACExampleApp.xcodeprojin Xcode. - Add your
Secrets.swift(see above). - Select an iPhone simulator or device.
- Build and run.
- On first launch, tap Download Circuit in the Setup section and wait for the download to complete (~160 MB total).
- Enter your ID number, then follow the FIDO / MOICA steps in order.
- Tap Run All Steps (or individual play buttons) to generate and verify the ZK proof.
- OpenACSwift — API, installation, and prebuilt binaries
- zkID releases — circuit and key files