Governance in DAOs can break down when people aren't comfortable publicly voicing their honest opinions.
Today we're launching
@HeyAnoun
, a tool that lets nouners give feedback on
@nounsdao
proposals pseudonymously using zk proofs
⌐◨-◨
1/n
introducing
persistent pseudonyms for nouners to communicate from
and what we believe is a precursor to the future of naming on Ethereum (and eventually the internet) as a whole
[New Post] Introducing spartan-ecdsa
We introduce spartan-ecdsa, which to our knowledge is the fastest open-source method to verify secp256k1 ECDSA signatures in zero-knowledge.
We can now make proofs about ECDSA signature verification in a web browser in 5 seconds
Introducing merkle-tree, a rust crate
Now we can build a Poseidion Merkle tree with 65536 leaves in under 250ms thanks to Rust and multi-threading.
Built on
@arkworks_rs
👋 Nouners, we've been sprinting hard on HeyAnoun — A tool that lets noun-holders give feedback on proposals anonymously (using zero-knowledge proofs)
This is work that was originally founded by
@nounsdao
prop 150
Here's a quick update on where things are:
Introducing Sapir
New experimental proving library built for client-side zk.
is now using Sapir and the proving time has improved from >60s to 10s
Sapir is based on Spartan with modifications in how it obtains zero-knowledge.
[New Post] Efficient ZK ECDSA (1/n)
In this first post of a multipart series, we share a new technique for optimizing ECDSA signature verification in a SNARK
hello bogota
we're excited to share some of the things we've been up to this week at
#DevconVI
the past month has been extremely exciting for the progress of ZK applications and we hope to share a glimpse of the future with this week's talks and workshops
a first pass on what 'pseudonym-powered' discussion might feel like for
@nounsdao
from
@SalvinoArmati
notice the ability to post from 3 types of 'identity':
1. 'doxed', i.e Seneca
2. persistent pseudonym (i.e. Mr. Noun)
3. heyanoun-style anon (i.e. Anon)
With the launch of Nouns Nymz behind us, we want to explain some of the key product design decisions and features
a 🧵
(h/t
@devjeetdc
for the animation)
To our knowledge, this is one of the first uses of zk applied to human communication that's likely to affect real on-chain activity.
heyanoun was originally funded as prop 150 ()
You can view messages
@HeyAnoun
and at
heyanoun initially is scoped to props.
For a given prop, you can post as:
- a snapshotted holder of >=1 noun
- a snapshotted holder of >=2 nouns
- a nounder
Posting requires generating a zero-knowledge proof showing that you are in the relevant group of nouners.
we believe there’s a wide spectrum between pure anonymity and being fully doxed
while it’s valuable to be able to express the most controversial opinions, there are many important opinions that are only expressed if there's some reputation 'staked' in expressing them
as always, all of our code is open source:
details for our phase2 trusted setup for our circuits can be found here
we're always excited to work with new collaborators, pls reach out if you're interested!
no one knows if you control multiple pseudonyms or which Eth address a pseudonym you control belongs to
we believe that this flavor of identity, with maximal freedom to exit for users, enables the internet we want
Every posted message is paired with a zero-knowledge proof.
With the proof, anyone can trustlessly verify that a commenter is a part of the noun group without learning any personally identifiable information about the commenter.
As a commenter, nothing about your identity (address) is revealed, both publicly and to this service.
When you leave a comment, the only information that's revealed is:
· the group you've claimed to be a part of
· the contents of the comment itself
· the prop you commented for
Some features we'd like to explore in the future w.
@HeyAnoun
:
↳ anonymous voting
↳ broadcast messages to community discord servers
↳ moderation. i.e. remove messages if N nouners downvote
↳ more complicated anonymity sets (i.e. 'voted YES on a related proposal in the past')
one major drawback of the
@heyanoun
approach was that there was very little cost to saying things that were maximally controversial
many things that wouldn’t be expressed otherwise came out, but we also saw behavior similar to on proto-anon networks like 4chan’s /b/
Using the spartan proving system allows us to use secq256k1 on the backend, which enables us to do native, 'right-field' arithmetic in secp256k1
For more on this pair of curves (secp/secq), see
Wed (10/12) 12PM at ZK Community Hub
@viv_boop
,
@xyz_pierre
, and
@lakshmansankar
lead a session on launching pseudonymous twitter bots
we have tools to make twitter weirder and cooler and we want to equip *you* with them. join us to learn how
we’re excited to see what new nyms emerge in the coming weeks
s/o to the small but fearsome nyms development crew:
@cha0sg0d_
@amirbolous
@dan_tehrani
@lakshmansankar
get in touch if you'd like to build the future of identity systems with us
introducing
persistent pseudonyms for nouners to communicate from
and what we believe is a precursor to the future of naming on Ethereum (and eventually the internet) as a whole
Cryptography friends, if this work excites you and you'd like to collaborate, please get in touch!
The shape of the 'personae revolution' is becoming clearer and clearer
use of these pseudonyms is handled cryptographically, completely at client-side. they're cross-platform by default
we foresee (and are building towards) a future where you can take your psuedonyms to *any* social platform. h/t
@varunsrin
for inspiration on this topic
as with
@heyanoun
, while we’re hosting the frontend ourselves, the data being produced is independently verifiable and can be accessed via our public API:
let us know if you’d like to integrate! cc
@nounsagora
@nermanbot
at the beginning of this year, we launched
@heyanoun
, a pseudonymous channel for nouners to broadcast messages about the DAO
as a nouner ourselves, we were driven by the feeling that there were things that weren’t naturally expressed in the ‘normal’ nouner discourse
also Thu (10/13) 2PM
@yush_g
will present a non-interactive nullifier scheme for new ZK apps
nullifiers are a key element in establishing reputation in pseudonymous contexts and this scheme, designed in collaboration with
@__geometry__
, is ready for wallet implementation
These groups are meant to represent (pseudonymously) the credibility with which you can speak.
We're curious in the future to explore the voices that emerge from more interesting groups, like
- 'voted NO on a past, related prop'
- 'participated in K of the first N props'
at Personae, we're trying to bring more verified pseudonymity into the world.
if you've done impressive things onchain and want to launch an anon with us, fill this out:
On Day 0 of the launch, the user journey is going to be able to do the following:
1. Nouns will be able to view all props/details
2. Nouns will be able to leave a comment on a specific prop, while maintaining privacy.
3. Feedback is auto-posted to Twitter + our site
We're quite excited about the progress here and how it'll enable us to build products with considerably better UX
@HeyAnoun
+
@heyanonxyz
users, imagine if proofs now take ~5s to generate
we realized that we needed some type of persistent symbol to which reputation could accrue while maintaining some degree of pseudonymity
from this realization, nyms were born. a simple, persistent, pseudonymous naming scheme for nouners
This endeavor builds on the work of
-
@srinathtv
, who created spartan and its excellent rust implementation
-
@nibnalin
, who created the nova-scotia compiler, which we modified slightly to be compatible with secq256k1
There are going to be 3 kinds "anonymity sets" that you can verifiably belong to:
👑 Nounder
❶ Nouner (holds 1 vote)
❷ > 2 nouns (holds at least 2 votes)
we're interested in the convergence of two trends:
1. the growth of publicly verifiable social networks
2. the rapid development of new cryptography on consumer devices
I'm hearing a lot of interest in Brakedown from different teams.
After doing our evaluation, our conclusion is that its prover is fast but the verification is concretely too expensive (at least in **our context** which is proof gen in resource-constrained devices)
1/n
@superphiz
is Ethereum's champion for decentralized staking and one of the founders of the ethstaker community
using creddd, he's identified himself as a beacon chain genesis staker and an original funder of the
@StatefulWorks
beacon book
Thu (10/13) 12PM at ZK Community Hub
@yush_g
and
@sampriti0
will show off a new mechanism for noninteractively and trustlessly proving e-mail reception
this could be a gamechanger. humans can prove that they received an e-mail from a specific recipient with a specific body
current progress:
↳ created initial Figma + implemented UI
↳ implemented (most of) the client-side proof-generation
↳ initial implementation of proof verification on the backend
Ever since our earliest experiments with heyanon, setting up merkle trees has been painful.
As our rate of experimentation has grown, so has the need for faster tooling.
What once took 1-2 minutes now takes <1s.
By only requiring the verification to run when an invalid proof is submitted, and only running the part of the verification that asserts upon invalidation, the gas required to put proofs on-chain is significantly reduced
some quick thoughts on a persistent pseudonym scheme (co-authored with
@dan_tehrani
) -
to my nouner friends, we're trying to design pseudonymous reputation in heyanoun v2 :)
also Thu (10/13) 4PM
@lakshmansankar
, along with
@theyisun
of axiom will zoom out and talk about what we expect in the next 6mo. of zk-application development
in particular, where does succinctness matter relative to privacy and how might we expect the industry to evolve?
[New Post] Efficient ZK ECDSA (1/n)
In this first post of a multipart series, we share a new technique for optimizing ECDSA signature verification in a SNARK
also Thu (10/13) during the ZK application showcase at 3PM
@viv_boop
will present progress on
@heyanonxyz
heyanon is a proto-version of pseudonymous social experiences in the future and there are many things we've learned building it
along with the UX updates, we're shipping a couple more labels to identify aligned etherean voices:
- ethereum pre-sale participant
- protocol guild member
h/t
@TimBeiko
+
@superphiz
for the suggestions
cheeky is a longtime Etherean and
@ProtocolGuild
contributor
using creddd, he's identified himself as a beacon chain genesis staker and an original funder of the
@StatefulWorks
beacon book
we care about the outcomes the technology we build can have. we realize that this technology is inherently political and hope to set good norms around its use
Sapir also plans to support optimistic on-chain verification.
Optimistic verification fits Sapir's proof verification which requires elliptic curve operations that are not supported by the EVM.
Broadly, we had a few goals motivating our design process:
1. unearth novel interactions between doxed and pseudonymous users
2. prove that a simple, delightful user interface is possible with ZKPs
3. make the decision b/w creating a new nym and using an old nym very clear
creddd is a tool for linking high-signal ethereum-related reputation to a username
things like:
- participated in the ethereum pre-sale
- run a validator with a triple-digit index
- deployed a contract in the top 1% of txes
in particular, it's a place with rich conversations among a constantly shifting set of counter-parties with explicit, publicly verifiable financial and social stake
at Personae, we're trying to bring more verified pseudonymity into the world.
if you've done impressive things onchain and want to launch an anon with us, fill this out:
At Personae Labs, we develop cutting edge applications and do cutting edge research in lockstep.
Being at the cutting edge of apps gives us clear insights about research directions to traverse.
Being at the cutting edge of research allows us to build the best apps.
How cool is it to be able to prove these things in a privacy-preserving way, using only a browser?!
..but also, these proofs qualify me to post spicy Tweets on the whole LSD debate, right? 😋
If you're an anon or privacy-conscious, and want to prove you've done some cool
If this is interesting to you, join our discord
We're a collective of product and research folks interested in the frontier.
Come hang and collaborate.
we're iterating quickly on creddd and we'd love to hear what you think of it!
specifically, if you have any ideas for predicates we should add, let us know: