Flow
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β β β β β β
β User β β Your API β β SP1 Prover β
β (0x123...) β β (zkip) β β β
β β β β β β
ββββββββ¬ββββββββ ββββββββ¬ββββββββ ββββββββ¬ββββββββ
β β β
β POST /prove β β
β {excluded: ["FR", "DE"], β β
β wallet: "0x123..."} β β
ββββββββββββββββββββββββββββββββββββΆβ β
β β β
β β Extract IP from TCP connection β
β β Load IP-to-country range table β
β β β
β β Private: IP + range table β
β β Public: excluded countries β
β ββββββββββββββββββββββββββββββββββββΆβ
β β β
β β β ZK Circuit:
β β β 1. Lookup IP
β β β 2. Check country
β β β 3. Output result
β β β
β β proof + is_excluded β
β βββββββββββββββββββββββββββββββββββββ€
β β β
β Discard IP from memory β β
β β β
β {proof, is_excluded, timestamp} β β
βββββββββββββββββββββββββββββββββββββ€ β
β β β
β Store proof for audit β β
β (No IP ever stored) β β
β β β- User Request: Client sends excluded countries list and wallet address
- IP Extraction: Server extracts IP from TCP connection (transient, in memory only)
- Proof Generation: SP1 Prover runs ZK circuit with:
- Private inputs: User's IP address + full country range table
- Public inputs: List of excluded countries
- Circuit Execution: Proves IP is NOT in any excluded country
- Response: Server returns proof and result, then discards IP from memory
- Audit Trail: User stores proof for compliance (without revealing IP)