vStudio: zkp-based private onboarding to Web3 communities

Toolkit to create and manage private communities in Web3. It adds a zero-knowledge layer that allows users to prove participation while preserving their right to selective disclosure.

Comment

Inspiration

The NEAR ecosystem is known for its user- and developer-friendly approach, and human-readable accounts are one of the distinguishing features in this direction. However, one shall not overlook the privacy concerns that come together with such simplicity. Many users don’t take extra measures to protect their digital identity and use the same nickname in different contexts: from DeFi platforms to online games. It might be a feature for those who look for such a level of transparency, but definitely a technological gap for those who don’t.

Zero-knowledge proofs (ZKPs) technology is an invaluable building block for self-sovereign identity that allows keeping both features in place: usability and privacy. As a practical application of this tech, we focus on the onboarding process to DAOs, guilds, and other Web3 communities. The problem we address is the lack of privacy in onchain-first processes associated with membership, whether it’s participation in councils or investments in IDO.

Disclaimer

vStudio is applying for the Native track for brand-new projects. It was built completely during the submission period.

What it does

vStudio is a web platform for community membership management. It allows users to list their communities or to join existing ones in a private or public manner. So, community members will have a choice whether to stay private or to become public & claim a non-transferable NFT as a membership badge.

It exhibits several key functions

  • Create community:
    • set up a community (name, description, icon)
    • set up NFT membership badge (name, description, source image)
  • Join community:
    • get a secret key of membership
    • get proof of membership (private)
    • get an NFT membership badge (public)
  • Verify membership in a given community.

How we built it

Tech stack

  1. Web Next.js T3 stack (Typescript/Tailwind CSS/tRPC) ****application provides user experience
  2. NEAR smart contract written in Rust provides business logic & stores all the community metadata on-chain
  3. Zero-knowledge proofs Bulletproofs & R1CS circuit implementation ensures user privacy
  4. Firebase & Google Cloud are used to hosting and content delivery
  5. For NEAR integration, we use NEAR JS SDK & WalletSelector
  6. NFT.Storage stores community source images
  7. To provide non-transferable NFT membership badges, we use vSelf API
  8. Mailchain is used for sending invites to join the community
  9. We’ve developed vSelf npm package (compiled from Rust to WebAssembly). It can be used by others to generate & verify proof-of-membership

Functionality

Our product consists of the following parts:

  • Frontend
  • NEAR contract
  • Zero-knowledge proofs npm package
  • API service

Frontend contains:

  • The main page with 2 options: find a community & create a community
  • The page with the list of available communities (data retrieved from the smart contract)
  • The community public page (data retrieved from the smart contract according to community id)
  • community metadata (general info & badge info & number of members)
  • join the community option (commitment is provided by zkp-package)
  • get proof option (proof is provided by zkp-package)
  • verify proof option (the answer for this request is provided by zkp-package)
  • option to invite new members to join the community (using Mailchain for P2P communication)
  • The page for a community member with 2 options: stay private & disclose yourself. In the case of membership disclosure:
    • add new public member to the contract
    • claim NFT membership badge through API service
  • The page with creating community functionality contains:
    • Input fields & load picture slots to set up a community (images are stored in NFT.Storage)
    • Creating a community means adding its metadata to the contract & setting the NFT badge giveaway using the API service.

Contact is able to:

  • Store private community metadata
  • Create new communities & remove existing ones
  • View metadata of all the existent communities
  • Add a private member to the community
  • By private member’s request, disclose their personality to a public one

ZKP-pack provides the following functions:

  • Generate commitment
  • Generate proof
  • Zero-knowledge proofs npm package ZKP npm package is available in the links attached to the application.

API service:

  • Set up NFT giveaway
  • Claim NFT badge

ZKPs solution

Our solution is fallen into the proof-of-membership category. It uses Bulletproofs, which is a well-established ZK-proof system without a trusted setup (unlike some zkSNARKs). On top of Bulletproofs, we build our R1CS circuit to prove set membership in zero-knowledge, so on-chain data doesn't reveal members’ identities. This is quite an experimental approach: we use MiMC hash under the hood (as it has low multiplicative complexity). The produced proof contains zero-knowledge attestation of the fact that one knows a secret behind the member’s public commitment and simultaneously belongs to a set of members. We provide proof of the following statement: “I have an input for some commitment which contains is in the given set

We use:

  1. Pure-rust implementation of bulletproofs and curve25519 based cryptography, open source and well audited https://github.com/zkcrypto/bulletproofs. This library implements Bulletproofs using Ristretto, using the ristretto255 implementation in [curve25519-dalek](https://doc.dalek.rs/curve25519_dalek/index.html) .
  2. The wasm-pack toolkit was used to compile our Rust library into WebAssembly and publish the resulting package to NPM registry.

Challenges we ran into

  • To build the ZKP for membership, we were looking for a solution for proof-of-set-membership implementations, which was not straightforward. We’ve tested a lot of zkp-based solutions ( we came across many range-proof ones), but none were available to meet our needs.
  • Project management challenge: we were working with a new team member for the first time, who left his part of the project undone. It required us to rebuild the development plan in a short time.

Accomplishments that we're proud of

We couldn’t find the appropriate zkp solution that satisfied our needs. We’ve created our own solution for the proof-of-set-membership problem described above & provide it as an npm package available for use by other developers.

What we learned

  • Conducted extensive R&D: read and analyzed ZKP articles & tested a lot of the ZKP packages.
  • Educated ourselves on the available privacy-preserving solutions and considered (and tried) the Calimero network as an alternative.
  • Dived deeper into product/team management in restricted time conditions and changeable environments.
  • Studied available solutions for P2P communication between NEAR addresses.

What's next for vStudio: zkp-based private onboarding to Web3 communities

ZKP R&D

In the near future, we plan to consider modern ZK-friendly hash functions, such as the popular Poseidon and Reinforced Concrete (based on lookup arguments). As for a constant size membership set accumulator, we have options to explore as well: replacing explicit set with Merkle tree root or Verkle trie root (this might be cheaper as we can save on hash arithmetization). As for the proof system, we consider Halo2 (zCash) also a Bulletproof-based one for even shorter proofs and lower verification costs.

UX/UI R&D

User experience can be improved using several tools:

  • Keypom integration
  • Mailchain for P2P messaging and notifications
  • Magic link for web2.5 authorization
  • Second-layer functions for community members (airdrops, private access, referral programs).
  • Near.Social integration
  • Ceramic DID
  • IPFS & Filecoin
  • GunGD integration

Built With

+ 2 more
Share this project:

Updates