zk-DEX

zk-DEX is privacy preserving, decentralized and secure ERC20, Ether exchange protocol. People can hide their orders behind zk-dex, but the transaction itself executed in fully decentralized manner.

Comment

Inspiration

Transactions on the blockchain are pseudonymous. Based on patterns of transactions, people can figure out who you are and what you are trying to do. We build protocol for private ERC20 exchange.

What it does

Zk-DEX enables you to exchange any ERC20 tokens privately. When you come to Zk-DEX Dapp, it offers you to exchange any of your tokens with other people's tokens. All transaction is public, but the information about your history of exchange is hidden in secret NOTE(like UTXO) and zk-DEX Protocol. Maker(Seller) and Taker(Buyer) doesn’t have to know each other, but it executed fully safe and decentralized manner.

How we built it

Using zokrates(zero-knowledge tool kit for ethereum) circuit compiler for the zk-SNARKS. It's consist of these main 5 circuits.

  • makeOrder : circuit for making order proof.
  • takeOrder : circuit for taking order proof.
  • settleOrder : circuit for settling order proof.
  • transferNote : circuit for transfering Note proof.
  • mintNBurn : circuit for minting and burning of Note(ERC20 --> Note, Note --> ERC20)

Challenges we ran into

Understanding and dealing with Zokrates languages and CLI.

Like this,

When it comes to inequality checks, there is a caveat: when executing a < b, both a and b will be asserted to be strictly lower than the biggest power of 2 lower than p/2. This means that a and b are both asserted to be between 0 and 2**252 - 1. The same applies to other inequality checks.

Accomplishments that we're proud of

Exchange protocol is a little bit complicated, but we finally finished planning, implementing, testing and making a DEMO.

What we learned

Hash manipulation in bit level, application insight of zero-knowledge proof, zokrates, javascript, VUE.js, teamwork and how to stay awake all night.

What's next for zk-DEX

  1. Research and Compare with other privacy protocol(miximus, aztec, zk-dai-optimistic, minblewimble, z-cash, mobius, zether) and find a point where can be improved futher.
  2. "Broker" concept applying. Using "viewingKey" in this protocol, settlement can be made by thrid party, not by Maker. But in this case, Broker knows Maker's and Taker's exchange history, so we want to set this type of Note exchanging optional.
  3. We think our model can be a liquidity pool of other DEX protocol like Kyber Network and 0x Protocol. Need a implementation and documentation more about it.

Built With

Share this project:

Updates