Digital identities embedded in phone wallets, workplace logins, and other apps are becoming ubiquitous, but they create new privacy risks such as linkability, the ability to associate multiple uses of a credential with a single person. Crescent is a cryptographic library developed to add unlinkability to widely used identity formats, including JSON Web Tokens and mobile driver’s licenses. The library is designed to prevent any data in a credential beyond what a user explicitly reveals from being used to link separate interactions, and it can operate without requiring issuing organizations to update their existing systems.
Crescent implements unlinkability using zero-knowledge proofs rather than specialized signature schemes, avoiding the need for broad infrastructure changes. At its core the system uses zero-knowledge SNARKs and specifically the Groth16 proof system so proofs are compact and fast to verify. Developers express the mathematical rules of what must be proven as a Rank-1 Constraint System, and Crescent splits proof generation into a prepare stage and a show stage. The prepare stage runs once to produce cryptographic values stored on the user device. The show stage is compact and randomized to prevent correlation with previous presentations. Preprocessing in the prepare stage makes proof generation practical on mobile devices, and the library also supports selective disclosure so users can prove facts such as validity or age without revealing identifying details like an exact expiration date.
The project includes a sample application that demonstrates employment verification and age verification flows. In the demo a Crescent service pre-generates parameters, credentials and keys are stored in a Crescent wallet, and presentation is handled by Rust servers and a browser-extension wallet. In one scenario a user proves employment to an online clinic without revealing identity or notifying the employer. In another scenario a user proves they are over 18 to a social network without disclosing their exact age. The paper and code are available on the Crescent GitHub page, and the project has been presented at Real-Word Crypto 2025 and North Sec 2025.
