hackquest logo

Halo

Prevent social engineering with signed links & portable credentials.

Videos

Description

Overview

Halo is a privacy-preserving verification system that stops phishing and social engineering attacks by using verifiable credentials (VCs) to cryptographically prove:

  • That meeting links (like Google Meet, Zoom) truly come from who they claim to.

  • That job applicants or external collaborators are genuinely compliant without exposing excessive personal data.

What it solves

  • No more fake recruiters or fake company representatives sending meeting links.

  • No more invasive KYC PDFs that leak full passport data.

  • Stops costly social engineering attacks by proving trust cryptographically.

How it works

Role

Description

Issuer

A trusted entity (KYC provider like Chainalysis, Onfido, or company signing server) issues a verifiable credential.

Holder

The user (candidate or company rep) holds this credential in their AIR Wallet.

Verifier

The other party (e.g. Kraken interviewer, recipient of a meeting invite) verifies the credential via browser extension or portal.

Tech stack

  • Next.js: Web app to generate and verify links

    • AIR Credential SDK: for issuing and proving VCs with ZK circuits.

    • AIR Wallet: to store credentials and generate proofs.

  • Chrome extension: to verify signatures & show trust badges.

Why this matters

  • Privacy: Only minimal facts proven via zk, full identity never exposed.

  • Security: No manual checks or forged PDFs, all cryptographically enforced.

  • Trust: Recipients can instantly see if links or applicants are verified.

Progress During Hackathon

1) Built a Next.js frontend with Tailwind + AIR SDK for wallet connection on Moca Chain testnet. 2) Created AIR Credentials schema and implemented credential issuance + verification programs. 3) Frontend issues a verifiable credential (VC) tied to meeting links and generates a ZK proof. 4) Developed link verification flow: users paste a link, app checks VC + proof, and shows trust badge. 5) Built a Chrome extension that scans pages (e.g. Gmail, Twitter, Discord) for meeting links, then highlights them as Verified or Unverified, and allows generating new signed links and verifying.

Tech Stack

Next
React
Web3
AIR SDK

Fundraising Status

0

Team LeaderBb z
Sector
Infra