oConsent
Blog · Jun 28, 2026

Consent should be an instrument, not a checkbox

Why oConsent treats a yes the way the world treats a deed: signed, sealed, timestamped, and impossible to quietly rewrite.

Think about how the world handles agreements that actually matter. A deed to a house. A share in a company. A passport. None of them is a checkbox on someone’s server. Each is an instrument: signed, sealed, dated, and built so that the party who holds it cannot quietly change what it says. You can take it to a stranger and they can verify it without phoning the person who issued it.

Consent to use your data is treated as none of those things. You click “I agree,” and the only record of what you agreed to lives with the company that benefits from the agreement, in a format they alone control. They can lose it, reword it, or read it generously in their own favour. When a regulator asks for proof, they produce a log they wrote about themselves. That is not evidence. It is a story.

oConsent treats a yes the way the world treats a deed.

What that means in practice

A consent record names who the data is about, who may process it, for exactly which purposes, and for how long. The subject signs it with their own key, so it cannot be forged in their name or edited after the fact without the signature breaking. An independent timestamp, drawn from the NIST Beacon and from Bitcoin, fixes the date beyond the collector’s word. The proof is entered on a public chain, while the detail stays off it. From then on, anyone holding the record can verify it is real, current, and valid for a given use, without anyone’s permission. Revocation is entered the same provable way, so “I took it back” is as solid as “I agreed.”

That whole lifecycle is not a sketch. It is written, tested, and runnable today, in a Python SDK, a command line, and Solidity contracts you can read end to end. You can issue and verify a record this afternoon.

What is still ahead

The honest frontier is short and specific. The records carry a hash commitment now, where the design calls for full zero-knowledge proofs, so a processor could demonstrate valid consent without revealing the underlying detail. That is the next major build. Ethereum is wired; other chains are open ground. There is no hosted product, by choice, because right now the protocol is the product. All of that lives on the ledger, stated plainly, because a project about proof has no business asking you to take its word.

One small thing, since it is the whole point: this site sets no cookies, runs no third-party trackers, and serves its own fonts. Reading this does not feed you into anyone’s analytics. That should be the floor for a privacy project, not a feature.

Come build it

oConsent is small and open on purpose. The most useful thing you can do is read the protocol and try to forge a record it would accept. After that the open work is concrete: the zero-knowledge proofs, more chains, sharper docs. The code is here, and contributing tells you where to start. If you would rather just watch it grow, the feed is the no-tracking way to do it.

Written by Subhadip Mitra. Found a mistake or want to push back? Open an issue or email [email protected].