Summary: Semaphore is a docs-and-spec-first zero-knowledge protocol for proving membership in a group and broadcasting a signal without revealing which member produced it. Its official materials show that it is not just a one-off anonymous voting app: Semaphore is a reusable privacy layer with formal V4 specification work, onchain contracts, offchain libraries, identity and group tooling, nullifier-based double-signal prevention, trusted-setup artifacts, and a public package ecosystem aimed at Ethereum and other EVM-compatible environments.
What it does:
Lets users generate Semaphore identities and join groups represented as Merkle trees of identity commitments
Enables users to publish votes, endorsements, or arbitrary messages while proving group membership without exposing personal identity
Prevents double-signaling through nullifiers derived from a scope plus the user’s secret, allowing one-proof-per-topic style constraints
Ships Solidity contracts and JavaScript libraries for group management, proof generation, and proof verification across onchain and offchain environments
Publishes a formal V4 spec and circuit-level implementation details, making the protocol legible as a reusable primitive rather than only an application brand
Maintains supporting infrastructure such as trusted-setup parameters, audits, package documentation, and CLI/developer tooling
Key claims:
The official docs describe Semaphore as a zero-knowledge protocol that allows a user to cast a message as a provable group member without revealing identity, with use cases including private voting, whistleblowing, anonymous DAOs, and mixers
The docs say Semaphore is intended as a “simple and generic privacy layer” for dapps on Ethereum and that it combines onchain Solidity contracts with offchain JavaScript libraries
The public README describes Semaphore as a generic privacy layer where users can prove group membership and send messages offchain or across EVM-compatible blockchains without revealing identity
The V4 specification says the protocol is designed to be simple, lightweight, and efficient, using identity commitments, LeanIMT Merkle trees, and a nullifier that prevents the same proof from being reused for the same scope
The spec makes the control surface legible: whoever defines group-entry criteria, scope selection, and root-validity policy effectively shapes how anonymous participation works in downstream applications
The docs note that Semaphore’s current trusted setup for V4 involved more than 400 participants, and the docs surface multiple audit reports across versions 2 through 4
Whitepaper: No canonical standalone whitepaper or litepaper surfaced in this pass. The strongest primary materials were the official docs, the V4 specification, and the public protocol repository; see ../whitepapers/semaphore-primary-sources-2026-05-09.md.