← Back to the directory
Community listing This entry is based on publicly available sources and was not created by the owner. Is this your website?
Claim for free
· Standard Standard-Status
llmstxt.info directory · Standard Featured

Cardless ID

cardlessid.org ↗
Community listing llms.txt reachable AI Impact Score 95/100 · A

Cardless ID is listed in the llmstxt.info directory as an AI-discoverable organization. Industry: Other. The website cardlessid.org provides its llms.txt at https://cardlessid.org/llms.txt. Listed since 13. June 2026.

Business category
Other
Listed since
Online presence
Under GDPR Art. 17 you can request the deletion of your data.
llms.txt — current content Open ↗
# Cardless ID > Decentralized identity credential system built on Algorand blockchain with W3C Verifiable Credentials **Latest Version:** This documentation is also available at `https://cardlessid.org/llms.txt` for remote access with tools like `blz`. ## Project Overview Cardless ID is a privacy-focused, decentralized identity verification platform that issues W3C-compliant verifiable credentials on the Algorand blockchain. The system enables one-time identity verification with cryptographic proofs, designed primarily for age verification across websites while maintaining user privacy. **Key Features:** - W3C Verifiable Credential standard compliance - Algorand blockchain integration for credential storage - Sybil-resistant duplicate detection via composite hashing - Privacy-first architecture with no persistence of PII data - Mobile wallet support for credential management - QR code-based verification flow **Primary Use Case:** Age verification for adult content sites (24 US states + UK, France, Germany require age verification by law) ## Architecture ### Application Structure ``` . |-- app/ |-- components/ # React components | |-- credentials/ # W3C credential templates | +-- verification/ # Identity verification UI |-- routes/ # React Router v7 routes | |-- api/ # API endpoints | +-- app/ # Application pages |-- utils/ # Utility functions |-- layouts/ # Layout components +-- hooks/ # Custom React hooks |-- docs/ # Documentation +-- scripts/ # Build and test scripts ``` ### Technology Stack - **Framework:** React Router v7 (framework mode) - **Language:** TypeScript - **Styling:** Tailwind CSS + DaisyUI - **Database:** Firebase Realtime Database - **Blockchain:** Algorand (testnet/mainnet) - **Identity Verification:** AWS Textract, Google Document AI, AWS Rekognition - **Credential Standard:** W3C Verifiable Credentials v2 ### Import Path Alias Use `~` as an alias for `/app` in all imports: ```typescript import { something } from '~/utils/helper'; ``` ## Core Concepts ### W3C Verifiable Credentials Cardless ID issues W3C-compliant verifiable credentials with the following structure: **Credential Schema:** - `@context`: W3C contexts + custom Cardless context - `id`: Unique credential identifier (UUID) - `type`: ["VerifiableCredential", "BirthDateCredential"] - `issuer`: DID (Decentralized Identifier) - `did:algo:WALLET_ADDRESS` - `credentialSubject`: Contains composite hash of identity - `evidence`: W3C standard verification metadata (fraud detection, OCR confidence, biometrics) - `credentialStatus`: References Algorand issuer registry smart contract - `service`: (Optional) System attestation linking to git commit of issuing code - `proof`: Ed25519 signature for cryptographic verification **Example Credential:** See [app/components/credentials/w3c-minimal.ts:30-92](app/components/credentials/w3c-minimal.ts) ### Composite Hash (Sybil Resistance) The `compositeHash` field prevents duplicate credentials from being issued to the same person: ```typescript // Format: SHA-256 hash of "firstName|middleName|lastName|birthDate" compositeHash: "d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35" ``` This enables duplicate detection without storing personal data. See [app/utils/composite-hash.server.ts](app/utils/composite-hash.server.ts) ### Cryptographic Proof Each credential includes an Ed25519 signature: 1. Credential is canonicalized (proof field removed) 2. Issuer signs with private key 3. Verifiers validate using issuer's public key (derived from Algorand address) This ensures credentials cannot be forged. See [app/utils/data-integrity.server.ts](app/utils/data-integrity.server.ts) ### Evidence Property (Verification Quality) The W3C-standard `evidence` property includes: - **fraudDetection**: Google Document AI fraud signals - […truncated]