Sui’s zkLogin is a groundbreaking primitive that enables users to transact on the blockchain using familiar Web2 identity providers—like Google, Facebook, or Apple—while maintaining full self-custody and privacy. By combining zero-knowledge proofs with OAuth credentials, zkLogin redefines how users interact with Web3, removing the traditional barriers of seed phrases, private key management, and complex wallet setups.
This guide explores zkLogin in depth, covering its architecture, security model, integration workflow, and real-world implications for developers and users alike.
What Is zkLogin?
zkLogin allows you to send transactions from a Sui address using an OAuth credential—such as a Google or Apple login—without publicly linking your identity to your blockchain activity. It leverages zero-knowledge proofs to authenticate users securely while preserving privacy and decentralization.
Core Objectives of zkLogin
- Streamlined Onboarding: Users sign in via familiar OAuth flows (e.g., “Sign in with Google”) instead of managing cryptographic keys.
- Self-Custody Preserved: The OAuth provider cannot act on behalf of the user; every transaction requires explicit approval.
- Enhanced Security: A two-factor mechanism combines OAuth credentials with a user-held salt value. Compromising one factor isn’t enough to access funds.
- Strong Privacy Guarantees: Zero-knowledge proofs prevent third parties from linking your Sui address to your real-world identity.
- Optional Verified Identity: Users can choose to verify their identity on-chain, enabling trusted interactions in DeFi, gaming, or social applications.
- Native Sui Integration: zkLogin works seamlessly with other Sui features like multisig, sponsored transactions, and programmable wallets.
- Rigorously Audited: The system has undergone independent audits by leading zero-knowledge security firms and features a transparent, community-driven setup ceremony.
👉 Discover how zkLogin simplifies blockchain access with secure social login
How zkLogin Works: A Step-by-Step Overview
zkLogin operates through a secure, multi-step protocol that blends OAuth authentication with zero-knowledge cryptography. Here's how it functions:
1. User Authentication via OAuth
The process begins when a user logs into an OpenID Connect (OIDC)-compatible provider (e.g., Google). During this flow:
- The application generates an ephemeral key pair
(eph_sk, eph_pk). - The public key
eph_pk, along with an expiry time (max_epoch) and randomness (jwt_randomness), is embedded into the nonce field of the OAuth request.
Once authenticated, the provider returns a JSON Web Token (JWT) containing claims like iss (issuer), aud (audience), and sub (subject identifier).
2. Salt Retrieval
The frontend sends the JWT to a salt service, which validates it and returns a unique user_salt. This salt ensures that even if someone knows your OAuth ID (sub), they cannot link it to your Sui address.
3. Zero-Knowledge Proof Generation
The user submits the JWT, salt, ephemeral public key, and other parameters to a ZK proving service, which generates a Groth16 zero-knowledge proof. This proof verifies:
- The nonce was correctly constructed.
- The JWT is valid and signed by the provider.
- The key claim (e.g.,
sub) matches the expected value. - The derived Sui address is consistent with the inputs.
Crucially, none of these sensitive details are revealed on-chain.
4. Transaction Signing & Submission
The ephemeral private key signs the transaction locally. The final submission includes:
- The ephemeral signature
- The zero-knowledge proof
- Public inputs (e.g.,
iss,aud,max_epoch)
Sui validators verify both the signature and the ZK proof before executing the transaction.
Key Entities in the zkLogin Ecosystem
Understanding the roles of each component helps clarify how trust and responsibility are distributed:
- Application Frontend
Typically a wallet or dApp interface. It manages the ephemeral private key, initiates OAuth login, constructs transactions, and submits them. - Salt Backup Service
Returns a persistentuser_saltfor a given(iss, aud, sub)triplet. This service must be stateless and secure—no persistent storage of sensitive data. - ZK Proving Service
Generates the zero-knowledge proof based on private inputs (JWT, salt, etc.). Like the salt service, it should not retain user data after processing.
These services can be operated by wallet providers or third parties, but crucially, no single entity controls access to funds.
Address Derivation: Unlinking Identity from On-Chain Activity
A zkLogin address is derived using the following inputs:
iss: OAuth provider (e.g.,https://accounts.google.com)aud: Application identifiersub: Unique user ID per provideruser_salt: Secret unlinking valuekc_name: Key claim name (currentlysub)- Address flag:
0x05indicating zkLogin scheme
Using cryptographic hashing (Poseidon and Blake2b), these values are combined to generate a deterministic yet untraceable Sui address.
This design ensures that even if two users log in with the same Google account across different apps, they get different addresses—thanks to unique salts and audience identifiers.
Security & Privacy Model
zkLogin is built around minimizing trust assumptions while maximizing user control.
Security Layers
| Component | Risk if Compromised |
|---|---|
| JWT | Does not lead to fund loss if ephemeral key is safe; may expose metadata |
| User Salt | Enables linking identity to address but doesn't allow fund withdrawal alone |
| Ephemeral Private Key | Required for signing; lost keys can be regenerated via new OAuth session |
| ZK Proof | Useless without ephemeral signature |
Privacy by Design
By default:
- No personally identifiable information (PII) appears on-chain.
- The JWT is never published.
- Only public parameters (
iss,aud,kid) are used as public inputs for verification. - Third parties cannot link a Sui address to an OAuth identity without access to both the salt and JWT.
For enhanced use cases (e.g., KYC-compliant DeFi), users may opt-in to reveal verified identity data on-chain.
Frequently Asked Questions (FAQ)
Can I use any OAuth provider with zkLogin?
Yes—any OpenID Connect-compatible provider can support zkLogin. Currently supported include Google, Facebook, Apple, Twitch, Microsoft, and AWS (Tenant). Providers like Amazon and WeChat are under review.
How is zkLogin different from traditional wallets?
Traditional wallets require long-term management of private keys or seed phrases. With zkLogin:
- You only manage a short-lived ephemeral key.
- Recovery is possible through standard OAuth password reset flows.
- No need to back up mnemonics.
👉 See how zkLogin compares to legacy wallet models
Is zkLogin custodial?
No. zkLogin is fully non-custodial. Neither the OAuth provider nor the wallet vendor holds your keys. Access requires both your OAuth credentials and your salt—giving you full control.
What happens if my OAuth account is compromised?
Since zkLogin uses two-factor authentication (OAuth + salt), an attacker would need both:
- Your compromised OAuth account
- Your
user_salt
Without both, funds remain secure.
Do I lose access if I lose my OAuth account?
Yes. Since zkLogin depends on active OAuth authentication, losing permanent access to your account means losing access to your wallet. However:
- Most providers allow account recovery.
- Wallets can integrate multisig backup strategies, such as combining Google and Facebook logins in a 1-of-2 setup.
Is a new ZK proof needed for every transaction?
No. A single proof remains valid until the JWT expires (defined by max_epoch). You can reuse the same ephemeral key and proof for multiple transactions within that window—improving efficiency and reducing costs.
Developer Considerations
Builders can integrate zkLogin into wallets or dApps using Sui’s native support for cryptographic agility. Key resources include:
- zkLogin Integration Guide
- Example implementations in TypeScript
- Support for off-chain signature verification via GraphQL or CLI tools
Additionally, zkLogin works within multisig configurations, allowing hybrid setups where one signer uses traditional keys and another uses zkLogin for 2FA-style security.
Core Keywords
- zkLogin
- Sui blockchain
- Zero-knowledge proof
- OAuth login
- Self-custody wallet
- Web3 identity
- Non-custodial authentication
- Decentralized identity
👉 Start building with secure social login on Sui today
zkLogin represents a pivotal shift toward accessible, private, and secure blockchain experiences. By bridging Web2 convenience with Web3 ownership, it opens the door for mass adoption without sacrificing decentralization or user sovereignty. Whether you're a developer or end user, zkLogin offers a smarter way to engage with the decentralized future.