In the context of balancing on-chain KYC with privacy protection, traditional public account models struggle to manage credentials while minimizing data exposure. Manta Atlantic addresses this with parallel public-private addresses and zero-knowledge soulbound tokens (SBTs), keeping sensitive identity data off-chain or within encrypted commitments and delivering only verifiable zero-knowledge proofs to verifiers.
From the dual-chain ecosystem perspective of Manta Network, Atlantic serves as the identity and credential layer, while Pacific handles ZK application execution. zkAddress and zkSBT are the core mechanisms distinguishing Atlantic from Pacific's modular L2 and serve as the conceptual entry point to Manta's privacy compliance solution.
What Is zkAddress?
zkAddress is Manta Atlantic’s UTXO (Unspent Transaction Output) privacy address system, running parallel to public account addresses. It conceals SBT minting records, on-chain credential states, and linked off-chain identity information through zero-knowledge circuits, letting users manage identity assets in privacy-sensitive scenarios without revealing their full account profile.
Unlike one-time privacy addresses, zkAddress is reusable, independently manageable, and auditable, supporting multiple NFT-type assets under the same privacy address. Users can sync zkAddress across devices using a seed phrase, lowering the barrier to privacy identity management. Within Manta Atlantic’s identity layer, zkAddress functions as a "privacy container," with credentials like zkSBT ultimately bound to the zero-knowledge commitment corresponding to the zkAddress.
| Dimension |
Public Account Address |
zkAddress |
| Address Model |
Account balance model |
UTXO privacy model |
| Transaction Visibility |
Publicly visible on-chain |
Sensitive operations shielded by ZK |
| Credential Binding |
Directly associated with account |
Bound to privacy commitment |
| Reusability |
Single public identity |
Reusable, cross-device sync |
| Disclosure Control |
Full on-chain history visible |
Selective disclosure via Prove Key |
The table shows that zkAddress does not replace public addresses but offers a parallel privacy identity channel within the same network. Public addresses suit transparent, auditable operations like governance voting and staking; zkAddress fits scenarios needing data minimization, such as credential minting and private asset holding.
How Do Public and Privacy Addresses Work Together?
Manta Atlantic maintains both a public account address system and a zkAddress privacy system, letting users choose the appropriate channel based on the transaction type. Public addresses follow the standard Polkadot ecosystem account model, with balances, nonces, and governance participation visible on-chain. zkAddress follows the UTXO structure, storing credentials and assets as encrypted commitments verified by zero-knowledge proofs.
The two address types are independent in key management: public addresses are controlled by Substrate standard account keys, while zkAddress has its own seed phrase and Prove Key system, enabling credential operations without revealing any public account association. This dual-track design lets users toggle between "transparent operations" and "private operations" within the same wallet, avoiding forced consolidation of all on-chain activity into a single visible identity.
Figure 1. Manta Atlantic dual address model: account-based public addresses alongside UTXO-based zkAddress for shielded credentials.
The parallel design also brings mechanism boundaries: actions like MANTA transfers and governance voting on public addresses do not automatically gain privacy protection; credential verification within zkAddress depends on zero-knowledge circuit correctness and secure Prove Key custody. Understanding this division is essential for correctly using Atlantic's privacy identity features.
What Is the Difference Between zkSBT and zkNFT?
zkSBT (Zero-Knowledge Soulbound Token) is a non-transferable on-chain compliance credential on Manta Atlantic. After an issuer completes off-chain KYC or compliance review, they mint a zkSBT to the user’s zkAddress via zero-knowledge proof. The chain only records a verifiable commitment that "a certain condition has been met," without exposing raw sensitive fields like names or ID numbers.
Both zkSBT and zkNFT can be managed within the zkAddress system, but their functions differ: zkSBT emphasizes non-transferability and compliance verification, suitable for KYC proof and regional access; zkNFT focuses on private NFT capabilities, enabling digital asset holding under a privacy address. Issuers can set expiration times and revocation conditions, enforced on-chain by the Atlantic runtime module.
| Credential Type |
Transferability |
Core Use Case |
Typical Verification Scenario |
| zkSBT |
Non-transferable |
Compliance identity credential |
KYC, regional restrictions, institutional access |
| zkNFT |
As per contract |
Private NFT asset |
Private collections, event credentials |
| Public SBT |
Non-transferable |
Public on-chain reputation |
Public achievements, community member badges |
The comparison shows that zkSBT's value lies in "verifiable raw data that remains invisible," not asset transfer. Third-party projects verify the zero-knowledge proof corresponding to a zkSBT to confirm that a user meets access conditions, without accessing the full identity file. Manta Pacific also supports zkSBT-related compliance verification, creating cross-chain credential alignment between Atlantic and Pacific.
How Does the Prove Key Enable Selective Disclosure?
The Prove Key is a selective disclosure key within the zkAddress system, allowing credential holders to prove to a specific verifier that they "hold a certain zkSBT or meet a certain condition" without exposing other credentials or their full privacy identity. After receiving the Prove Key or an authorized proof request, the verifier can complete on-chain or off-chain verification without touching original KYC materials.
During zkSBT minting, sensitive data stays off-chain. The issuer generates a witness locally and constructs a Groth16 zero-knowledge proof, submits the minting transaction via the Atlantic runtime module, and binds the credential to the user's zkAddress commitment. After minting, the Prove Key is returned, which the holder can share with third-party projects. The verifier confirms credential validity without inferring other private assets.
Figure 2. zkSBT issuance off-chain, on-chain ZK mint to zkAddress, and Prove Key selective disclosure to verifiers.
The selective disclosure mechanism includes revocation and expiration logic: issuers can invalidate credentials by publishing nullifiers or updating revocation registries; credentials can have on-chain expiration times, after which verification automatically fails. Regulators or auditors can view aggregate issuance and revocation statistics without accessing personal identities, balancing privacy and compliance traceability.
What Scenarios Are Suitable for zkAddress and zkSBT?
zkAddress and zkSBT applications cover four main areas: decentralized KYC, compliant DeFi access, cross-project identity interoperability, and private NFT management.
In decentralized KYC, the issuer mints a zkSBT to the zkAddress after review, and subsequent protocols verify the user’s KYC status via the Prove Key without re-collecting sensitive data. In compliant DeFi access, protocols can require proof of conditions like "user is not from a restricted region," with only the zero-knowledge proof result verified on-chain.
Other Polkadot ecosystem projects can integrate the zkSBT standard, reusing existing credentials without building their own cryptography stack. In private NFT scenarios, users can hold assets like event badges within their zkAddress and provide the Prove Key as needed for verification.
Should Privacy Identities Be Managed on Atlantic or Pacific?
Manta Atlantic and Manta Pacific have distinct roles in privacy identity: Atlantic is the native chain for zkAddress and zkSBT, handling credential issuance, privacy address management, and the Prove Key system. Pacific is an Ethereum ecosystem modular L2 focused on Universal Circuits-driven ZK application execution and Celestia data availability scaling.
| Dimension |
Manta Atlantic |
Manta Pacific |
| Identity Core |
Native layer for zkAddress and zkSBT |
Can integrate zkSBT verification, not the main identity chain |
| Gas Token |
MANTA |
ETH |
| Technical Focus |
On-chain compliance credentials and privacy addresses |
ZK application deployment and modular execution |
| Typical User Action |
Mint zkSBT, manage zkAddress |
Deploy dApp, call Universal Circuits |
Pacific applications can verify a user’s zkSBT status through credential verification interfaces, but credential minting, revocation, and Prove Key generation are primarily on Atlantic. MANTA is used on Atlantic for network fees and purchasing credentials like zkSBT, while on Pacific it powers governance and restaking — the two chains’ functions should not be confused. Understanding this boundary helps distinguish "where to manage privacy identities" from "where to run ZK applications."
Summary
zkAddress, as Manta Atlantic's UTXO-style privacy address, runs parallel to public accounts, providing a reusable, syncable privacy container for on-chain credentials. zkSBT binds compliance results such as KYC to zkAddress as non-transferable zero-knowledge credentials. The Prove Key enables selective disclosure of specific conditions to verifiers without exposing the full identity. Atlantic focuses on the identity and credential layer, while Pacific focuses on ZK application execution, forming a complementary dual-chain ecosystem. Mastering the public-private address division, zkSBT minting and verification, and Prove Key disclosure logic is key to understanding Manta's privacy compliance solution.
FAQ
What is zkAddress?
zkAddress is Manta Atlantic's UTXO-style privacy address that runs parallel to public account addresses. It hides SBT minting, on-chain credentials, and linked off-chain identity data through zero-knowledge circuits, supports cross-device seed phrase sync, and can hold multiple NFTs. It serves as the foundational container for Atlantic's privacy identity system.
What is the difference between zkSBT and a regular SBT?
zkSBT is a zero-knowledge soulbound token where only a verifiable commitment is recorded on-chain, not raw sensitive data like KYC information. Regular SBT metadata and attributes are typically publicly visible on-chain. zkSBT is non-transferable and designed for privacy-preserving compliance verification, not asset trading.
How does the Prove Key work?
The Prove Key is a selective disclosure key within the zkAddress system. The credential holder provides it or an authorized proof to a verifier, who can then confirm that the user meets specific conditions (e.g., has passed KYC) without seeing other credentials or the full privacy identity.
Is zkAddress the same as a mixing address?
No. zkAddress is designed for selective disclosure of compliant identities and credentials, not for hiding fund sources or evading regulation. zkSBT binds review results to a privacy address in a verifiable manner, and together with issuer revocation and expiration mechanisms, supports KYC and compliance access.
Can zkSBT be used on Manta Pacific?
Yes. Manta Pacific supports verifying zkSBT status through credential verification interfaces for DeFi compliance access. However, minting, revocation, and Prove Key generation of zkSBT are primarily on Manta Atlantic; Pacific focuses on ZK application execution rather than native identity credential management.
What precautions should be taken when using zkAddress?
Safeguard the Prove Key and zkAddress seed phrase — losing them may prevent credential disclosure to verifiers. Zero-knowledge proofs depend on circuit correctness and the issuer's revocation strategy. Public address and zkAddress operations are independent; privacy protection does not automatically extend to public account on-chain activities.
