From 5d03d937446d61df8d9ff0b59c1730c930742750 Mon Sep 17 00:00:00 2001 From: Justin Frevert Date: Sat, 30 Sep 2023 00:43:17 -0400 Subject: [PATCH] Rln pallet application --- applications/rate_limiting_nullifier.md | 257 ++++++++++++++++++++++++ 1 file changed, 257 insertions(+) create mode 100644 applications/rate_limiting_nullifier.md diff --git a/applications/rate_limiting_nullifier.md b/applications/rate_limiting_nullifier.md new file mode 100644 index 00000000000..7cc34a1d856 --- /dev/null +++ b/applications/rate_limiting_nullifier.md @@ -0,0 +1,257 @@ +# Semaphore/RLN + Application Grant proposal draft + +> This document will be part of the terms and conditions of your agreement and therefore needs to contain all the required information about the project. Don't remove any of the mandatory parts presented in bold letters or as headlines (except for the title)! Lines starting with a `>` (such as this one) should be removed. Please use markdown instead of HTML (e.g. `![](image.png)` instead of ``). +> +> See the [Grants Program Process](https://github.com/w3f/Grants-Program/#pencil-process) on how to submit a proposal. +- **Team Name:** Bilinearity + +- - **Payment Address:** + - Justin: 5EhDGkJAh1ZMPVXwzyAWYwnXqczTNyWyirsth2Hyq8wKAPMb(USDC on Polkadot) + - Vivek: 0x6f140f64FC13482F2209eB1cCF9c2bf633409B78 (USDC (ERC20) on Ethereum) +- **[Level](https://github.com/w3f/Grants-Program/tree/master#level_slider-levels):** 1 + +> :exclamation: *The combination of your GitHub account submitting the application and the payment address above will be your unique identifier during the program. Please keep them safe.* +## Project Overview :page_facing_up: + +If this application is in response to an RFP, please indicate this on the first line of this section. + +If this is an application for a follow-up grant (the continuation of a n earlier, successful W3F grant), please provide name and/or pull request of said grant on the first line of this section. + +### Overview + +Please provide the following: + +#### High-level Summary +- Substrate implementation of [Semaphore](https://semaphore.pse.dev/) and [Rate-Limiting Nullifier](https://rate-limiting-nullifier.github.io/rln-docs/) pallets for use by other pallets and offchain applications + +#### Description +- Context: + - Semaphore is a tool based on zero-knowledge proofs for anonymously proving membership in a group. This tool boosts privacy, as the group consists of a merkle tree of identity commitments, which may be anonymous. + - Rate-Limiting Nullifier builds on Semaphore. It is a similar protocol, except that it also involves computing a secret key with [Shamir's Secret Sharing](https://en.wikipedia.org/wiki/Shamir%27s_secret_sharing) per each epoch of an application, incrementally revealing shares of a sender's key when that sender sends a message. This reveal of someone's share is a deterrent to any individual participant spamming the protocol with messages. + +- A brief description of your project. + - This project consists of core components of Semaphore and Rate-Limiting Nullifier. + - Circuits, written in Rust, for generating proofs of the above protocols. + - Pallets for verifying proofs generated by the circuits mentioned above. + - A: [P2P multiwriter event feed](https://github.com/nabladelta/lambdadelta/blob/master/docs/architecture/general.md) pallet for example purposes. This will be dependent on the rate limiting nullifier pallet. + - Additional components of Semaphore and Rate-limiting nullifier are not included. +- An indication of how your project relates to / integrates into Substrate / Polkadot / Kusama. + - This project should be used by others in Substrate interested in integrating: + - Private/anonymous sets + - Anonymous rate-limiting(sybil resistance) + - Example use cases are: + - Anonymous offchain applications with sybil protection + - Anonymous onchain transactions + - NFT auction + - DAO voting +- An indication of why your team is interested in creating this project. + - Underserved ZK tooling in Polkadot ecosystem in terms of quality and amount of tools. + - Semaphore and RLN are well-known and researched protocols designed to address challenges around privacy and sybil resistance + +### Project Details +- Assumptions: + - The pallets will be implemented on the substrate node template + - We likely will not work on reducing trust assumptions from the circuit to the onchain state +- Proof System + - The system will rely on Groth16 proofs, supplied through the Arkworks framework as a prover backend. + - Groth16 was chosen for matching the original Semaphore project(at first), its efficiency, and widespread use. + +Semaphore components for Substrate +![](https://hackmd.io/_uploads/Byrvzr1lT.png) +![](https://hackmd.io/_uploads/Byv3fSkgT.png) + + +RLN onchain components +![](https://hackmd.io/_uploads/HyydBXrx6.png) +![](https://hackmd.io/_uploads/rkHImBJga.png) + + +Event writer pallet +![](https://hackmd.io/_uploads/SkAMO_UkT.png) + +#### Pallet Design + +Semaphore: +```rust +// Extrinsics +pub fn verify(origin: OriginFor, proof: BoundedVec) -> DispatchResult; + +// Storage +pub type ExternalNullifier = StorageValue<_, u32>; +``` + +Rate-Limiting Nullifier: +```rust +// Extrinsics +pub fn verify(origin: OriginFor, proof: BoundedVec) -> DispatchResult; + +// Storage +pub type ExternalNullifier = StorageValue<_, u32>; +``` + +Multiwriter Event Feed: +```rust +// Extrinsics +pub fn emit(origin: OriginFor, message: BoundedVec, proof: BoundedVec, relates_to: Option) -> DispatchResult; + +// Storage +pub type Events = StorageValue<_, BoundedVec>; +``` + +### Ecosystem Fit + +Help us locate your project in the Polkadot/Substrate/Kusama landscape and what problems it tries to solve by answering each of these questions: + +- Where and how does your project fit into the ecosystem? + - This solution consists of Substrate pallets which enable other substrate pallets to take advantage of unique properties of ZK technology. + - Privacy + - Anonymous rate-limiting + +- Target audience: + - Substrate or offchain application developers +- What need(s) does your project meet? + - General Privacy features for Substrate chains + - Missing rate-limiting features which are required for anonymous decentralized applications +- Are there any other projects similar to yours in the Substrate / Polkadot / Kusama ecosystem? + - Webb + - If so, how is your project different? + - Provides generic semaphore, meant to be easily accessible to other pallets, and is not tied to a particular application. + - Focuses on Rate-limiting nullifier, which gives Semaphore and more features, such as rate-limiting, sybil resistance, or identifying users of anonymous protocols based on their behavior. + - Manta + - Manta provides anonymous transactions, but not generic solutions for other chains to use anonymous sets or anonymous rate-limiting. + - If not, are there similar projects in related ecosystems? + - The most similar are the original Semaphore and Rate Limiting nullifier projects(linked previously) + +## Team :busts_in_silhouette: + +### Team members + +- Justin Frevert +- Vivek Pandya + +### Contact + +- **Contact Name:** Justin Frevert +- **Contact Email:** justinfrevert@gmail.com +- **Website:** None + +- **Contact Name:** Vivek Pandya +- **Contact Email:** vivekvpandya@gmail.com +- **Website:** None + +### Legal Structure + +- **Registered Address:** None +- **Registered Legal Entity:** None + +### Team's experience + +- Justin + - Previously worked at Parity Technologies on the Delivery Services team, where we built a PoC Substrate chain. Most recently worked at Futureverse as a Senior Protocol developer, working on a NPoS EVM-compatible chain. 2 Years of experience in Rust and Substrate, 4 years total as a developer. Been learning about Zero-Knowledge Proofs over the past year. +- Vivek + - Around 8 years of experience in software development. Worked as compiler developer for 4 Years at Nvidia and then worked as Substrate developer for 3 years at Composable Finanace and ZeitgiestPM. Recent experience is around Risc-V based ZK VM and plonky2. +- Additional background: + - Winners of Consensys Web3athon Polkadot track for RISC Zero ZKVM based project + - Runners-up for Polkadot APAC hackathon on separate RISC Zero ZKVM project + +Please describe the team's relevant experience. If your project involves development work, we would appreciate it if you singled out a few interesting projects or contributions made by team members in the past. + +### Team Code Repos +- [Decentralized ZK Proof market Substrate chain](https://github.com/justinFrevert/Project-TOEP) + +Please also provide the GitHub accounts of all team members. If they contain no activity, references to projects hosted elsewhere or live are also fine. + +- https://github.com/justinFrevert +- https://github.com/vivekvpandya + +### Team LinkedIn Profiles (if available) + +- https://www.linkedin.com/in/justin-frevert +- https://in.linkedin.com/in/vivekvpandya + +## Development Status :open_book: + +Only investigation into available proof systems, example circuits, and on-chain verification tests have been completed. + +## Development Roadmap :nut_and_bolt: +### Overview + +- **Total Estimated Duration:** Duration of the whole project (e.g. 2 months) +- **Full-Time Equivalent (FTE):** 6 FTE +- **Total Costs:** $10,000 + +### Milestone 1 Semaphore Pallet + +- **Estimated duration: 1 Month** +- **FTE:** 1.5 +- **Costs:** $2500 USD + +| Number | Deliverable | Specification | +| -----: | ----------- | ------------- | +| **0a.** | License | Apache 2.0 / GPLv3 / MIT / Unlicense | +| **0b.** | Documentation | We will provide both **inline documentation** of the code and a basic **tutorial** that explains how a user can (for example) spin up one of our Substrate nodes and send test transactions, which will show how the new functionality works. | +| **0c.** | Testing and Testing Guide | Core functions will be fully covered by comprehensive unit tests to ensure functionality and robustness. In the guide, we will describe how to run these tests. | +| **0d.** | Docker | We will provide a Dockerfile(s) that can be used to test all the functionality delivered with this milestone. | +| 1. | Semaphore Circuit | We will implement a circuit via Arkworks for proving membership of an onchain identity commitment merkle tree in zero-knowledge | +| 2. | Semaphore Circuit verifier pallet | We will implement a Substrate pallet which will allow for zk proof verification of Semaphore merkle tree inclusion | +| 3. | Semaphore Circuit verifier pallet | The Substrate pallet will allow registering new "groups", or anonymous sets of users. | +| 4. | Semaphore Circuit verifier pallet | The Substrate pallet will allow updating existing "groups" with additional anonymous users | + + +### Milestone 2 Rate-Limiting Nullifier Pallet + +- **Estimated Duration: 1 Month** +- **FTE:** 1.5 +- **Costs:** $2500 USD + +| Number | Deliverable | Specification | +| -----: | ----------- | ------------- | +| **0a.** | License | Apache 2.0 / GPLv3 / MIT / Unlicense | +| **0b.** | Documentation | We will provide both **inline documentation** of the code and a basic **tutorial** that explains how a user can (for example) spin up one of our Substrate nodes and send test transactions, which will show how the new functionality works. | +| **0c.** | Testing and Testing Guide | Core functions will be fully covered by comprehensive unit tests to ensure functionality and robustness. In the guide, we will describe how to run these tests. | +| **0d.** | Docker | We will provide a Dockerfile(s) that can be used to test all the functionality delivered with this milestone. | +| 1. | Rate-limiting Nullifier Circuit | We will implement a a circuit for generating proofs conformant to Rate Limiting Nullifier(with Semaphore circuit as a starting point) | +| 2. | Rate-Limiting Nullfiier verifier Pallet | We will implement a Substrate pallet which will allow for verification of Rate-Limiting Nullifier zk proofs. | +| 3. | Rate-Limiting Nullfiier verifier Pallet | The Y Substrate pallet will allow registering new "groups", or anonymous sets of users. | +| 4. | Rate-Limiting Nullfiier verifier Pallet | The Substrate pallet will allow updating existing "groups" with additional anonymous users | + +### Milestone 3 RLN Example application: Private P2P Multiwriter event feed Pallet + +- **Estimated Duration:** 1 Month +- **FTE:** 1 +- **Costs:** $2000 USD + +| Number | Deliverable | Specification | +| -----: | ----------- | ------------- | +| **0a.** | License | Apache 2.0 / GPLv3 / MIT / Unlicense | +| **0b.** | Documentation | We will provide both **inline documentation** of the code and a basic **tutorial** that explains how a user can (for example) spin up one of our Substrate nodes and send test transactions, which will show how the new functionality works. | +| **0c.** | Testing and Testing Guide | Core functions will be fully covered by comprehensive unit tests to ensure functionality and robustness. In the guide, we will describe how to run these tests. | +| **0d.** | Docker | We will provide a Dockerfile(s) that can be used to test all the functionality delivered with this milestone. | +| 1. | Multiwriter Event Feed Pallet | We will implement a pallet which allows for emitting events conformant to the spec, and based on RLN proof verification | +| 2. | Multiwriter Event Feed Pallet | The pallet will allow for generating events dependent on one another | +| 3. | Multiwriter Event Feed Pallet | The pallet will allow for locking/reserving some amount for participation in semaphore or RLN group | +| 4. | Multiwriter Event Feed Pallet | The pallet will contain an example for accepting proof verification as an alternative to signed transaction verification | +### Milestone 4 Adapt to alternative proof system + +- **Estimated Duration:** 2 Months +- **FTE:** 2 +- **Costs:** $3000 USD + +| Number | Deliverable | Specification | +| -----: | ----------- | ------------- | +| **0a.** | License | Apache 2.0 / GPLv3 / MIT / Unlicense | +| **0b.** | Documentation | We will provide both **inline documentation** of the code and a basic **tutorial** that explains how a user can (for example) spin up one of our Substrate nodes and send test transactions, which will show how the new functionality works. | +| **0c.** | Testing and Testing Guide | Core functions will be fully covered by comprehensive unit tests to ensure functionality and robustness. In the guide, we will describe how to run these tests. | +| **0d.** | Docker | We will provide a Dockerfile(s) that can be used to test all the functionality delivered with this milestone. | +| 0e. | Article | We will publish an article for Substrate developers that explains the significance of the pallets, the foundations of Semaphore and Rate-Limiting Nullifier, their applicability to different types of applications, and how to incorporate them in Substrate-based chains | +| 1. | Plonky2 Circuit | We will write the Semaphore circuit using a plonky2 library | +| 2. | Plonky2 Verifier | We will implement a verifier pallet primitive for Plonky2 to verify proofs from the new Plonky2 circuit | +| 3. | Plonky2 Circuit | We will implement the circuit inputs and constraints for Rate-Limiting Nullifier | + + +## Future Plans +- Documentation in the form of gitbook showing terminology, context, introduction, tutorial, and basic example usage of the delivered pallets for relevant use cases. + +## Additional Information :heavy_plus_sign: + +**How did you hear about the Grants Program?** Personal Recommendation \ No newline at end of file