I am implementing a single Rust process to which you can connect a zero-knowledge proof of identity, such as can be created with ZKPassword from a physical passport. Each user ends up with a keypair which is:

1) Highly Sybil resistant. Neither the keypair owner nor anyone else can re-use the same underlying ID to link to another keypair.

2) Very high anonymity. While the Sybil resistance requires a nullifier representing the underlying ID to be present in a database (or stored in a public, decentralized form for blockchain use), there is no way to connect that nullifier with the keypair. Even if someone were to use brute force to successfully connect the nullifier with a specific underlying ID, such as a passport, there is no way to connect that ID with the keypair. (In the passport case, even merely brute-forcing the nullifier could only be done by the issuing government, someone who has hacked the government database, or someone with physical access to the passport. This is due to the fact that other passport information than the passport number is included in generating the underlying zero-knowledge proof.)

I understand that other technologies may have similar end-functionality, but this has the advantage that most of the functionality is encapsulated in a single Rust executable that could be easily used in any context, whether distributed or decentralized. (If anyone would like to know more, my contact info is at garyrobinson.net.)