Verifiably deterministic signatures on Ethereum make it possible to have a unique, anonymous identity. Developing this cryptographic primitive, or PLUMEs, into wallets, will unlock sybil-resistant anonymous apps like zk nullifiers for anonymous unlinked airdrops, anonymous decentralized voting which only allows one vote per account, anonymous proof of solvency, and message boards with a consistent identity. We think that fully executing this work will create a whole new class of dapps and web3 social apps with pseudonymity.

This anonymous identity is henceforth called your PLUME -- a privately linked unique message entity. In other words, we will deploy verifiably deterministic signatures on Ethereum.

This grant will go to helping to integrate a new, non-interactive signature scheme into wallets such as Metamask, implementing ERC 7524 in more wallets, and engineering faster and faster zero knowledge cryptography behind it. Note that this scheme offers an improvement to semaphore or tornado cash nullifiers, because the first few people who sign up will not have small anonymity sets. The grant will also help to publish the paper that proves the security of the scheme via a DDH-VRF argument, and pay for conference expenses so it can be presented more widely. It will be split amongst Kobi, Aayush, Richard, Piotr, and future grants for future work to anyone else who would like to help productionize this work!

If you'd like to read the paper, it can be found at https://aayushg.com/thesis.pdf. The slides to fully explain the new scheme are found here: https://docs.google.com/presentation/d/1mKtOI4XgKrWBEPpKFAYkRjxZsBomwhy6Cc2Ia87hAnY, and the code is here: https://github.com/zk-nullifier-sig/zk-nullifier-sig. The academic paper is here: https://eprint.iacr.org/2022/1255. A blog post is here: https://blog.aayushg.com/posts/nullifier. DM @yush_g on Twitter with questions, or anywhere in the EF PSE Discord! Initial research was funded by a $4k grant from 0xPARC and done as part of an MIT masters thesis.

WANT TO HELP? We are looking for help to integrate this scheme into more wallets, help finish the halo2 version, as well as redo stealthdrop.xyz to work with this scheme. If you're excited about being a major part of the future of Ethereum and creating novel primitives like private voting, private airdrops, proof of solvency, or message boards with reputation, please reach out to @yush_g on Telegram or Twitter! We have grants out from this Gitcoin Grant pool available to help people -- especially hash to curve in halo2.

OCTOBER 2023 UPDATE: Your money has gone to good use! A number of open source contributors have picked up bounties and resolved over half of the outstanding issues. Grants funded by you helped get a PR out to Taho Wallet (by Oren Yomtov) to integrate PLUME, and have a Ledger C implementation (by PSE) finished for which we are waiting on both an audit and review by their team. We also have a grant in progress with Aztec to get PLUME into Noir to be a note type on their network, and Mina published work regarding PLUMEs in their system as well. While we got a grant to integrate into Metamask Snaps, a recent change actually made that impossible. We also published ERC 7524 for PLUME to give teams a universal standard :)

APRIL 2023 UPDATE: Your money has gone to good use! Due to your generosity, we were able to push forward a lot of progress, including that we were able to develop a Metamask snap (deployed at nullifier.xyz) and push an independent Javascript implementation that discovered an overflow bug in both of the Rust implementations! We also released a circom version, and received a V2 proposal from Poseidon. We also started working on a Ledger implementation with two new teammates (as of April 2023). We also are building towards an ERC/EIP as well as early bugfixes and a V3 proposal with a smaller hash to curve circuit, both of which we are actively polishing drafts on in collaboration with EF PSE and hope to have published once the halo2 proof is done.

A V2 proposal was submitted by Poseidon/Manta in Q1 2023: https://www.notion.so/mantanetwork/PLUME-Discussion-6f4b7e7cf63e4e33976f6e697bf349ff?pvs=4 which we have already built into the original repository and ERC!