ZKON proposal to become a zkOracle on top of Mina Ecosystem

Recently, the Mina Foundation (MF) published a Request for Proposal (RFP) on GitHub aimed at advancing their ecosystem. The goal is to integrate zkOracle functionality with o1js, enabling Mina zkApp developers to include zk-oracalized data in their applications.

zkOracles allow for proving statements about Web 2.0 data within Web 3.0 applications without revealing the entire data set, a process known as selective disclosure. The attestation of Web 2.0 data in the form of credentials owned by wallet users enables end-users to integrate aspects of their Web 2.0 identity and activities into Mina zkApps.

We at ZKON recognized that our technology was a game-changer thanks to our collaborative Zero Knowledge approach. Consequently, the Mina community will be able to reuse decentralized o1js proofs, managed and verified through ZKON zkApps. This model enhances Mina's ecosystem by offering a unique method to import off-chain data, ensuring data authenticity and integrity without exposing the underlying data. This collaborative effort not only distributes the workload, resulting in a more scalable system, but also adds redundancy and a consensus mechanism that could further protect the protocol against single points of failure or malicious actors operating independent o1js circuits. For the Mina community, this means a broader range of off-chain data sources can be confidently used, significantly broadening the potential use cases and applications within the Mina ecosystem.

Here, we share our detailed proposal. You can also review it on the Mina Foundation's GitHub page.

1) What makes ZKON best-suited to execute this project?

  1. Open Source our Collaborative ZK implementation on top of the o1js framework for the rest of the Mina community: By adopting our collaborative Zero-Knowledge (ZK) approach, Mina community will be able to reuse decentralized o1js proofs being managed a verified through ZKON zkApps. This model adds value to mina's ecosystem by creating a unique approach to import off-chain data, ensuring data authenticity and integrity without revealing the underlying data. This collaborative effort not only distributes the workload, leading to a more scalable system, but also introduces redundancy and a consensus mechanism that could further secure the protocol against single points of failure or malicious actors running stand alone o1js circuits. For the Mina community, this means a richer set of off-chain data sources can be utilized with confidence, greatly expanding the potential use cases and applications within the Mina ecosystem.
  2. Integration with an Oracle Service provide that will enable not only new price feeds into Mina Network but also to provide verified price feeds through zkApp and collaborative ZK based on o1js.
  3. Outlier Ventures Base Camp Success: Our team's recognition as the best team in the Outlier Ventures incubation under the ZK Cohort showcases our potential and credibility in the field.
  4. Dedicated and Specialized Team Composition: A full-time team of 7, encompassing roles like CEO, CTO, BD, Cryptographer, Senior Rust Developer, Junior Rust Developer, and Marketing Operations, demonstrates a well-rounded and dedicated team structure.
  5. Financial Stability and Runway: Having sufficient financial runway is crucial for the uninterrupted progress and scalability of the project. It reflects good financial planning and resource allocation.
  6. Mature and Tested Solution: The maturity and tested nature of the solution indicate reliability and readiness for market deployment, it assures potential customers of the product's efficacy and minimizes the risks
  7. Established Customer Base and Real-world Applications:
    - Existing customers from day one provide a solid foundation for business growth and market presence also for Mina.
    - Sharing customer stories like the decentralized API connector and trading data validation on your website highlights successful real-world applications of the technology.
    - The involvement with prominent projects like eGrains and DIA Data further showcases the versatility and market acceptance of our solution.
  8. Strategic Partnerships and Network Integration: We believe that with our current customer base and traction we will be able to add transactions to the Mina Network adding a strategic partnership for any further integration and customer that we add.
  9. Developer oriented: We are constantly seeking developers and community feedback to improve our documentation materials here some of the key documents for our main products: d-Auth Fast Widget, d-Auth SDK & d-Proofs.

2) ZKON proposed solution based on the requirements and core features outlined in the Mina RFP:

2.1) Background of ZKON Approach

Blockchain oracles play a pivotal role in the integration of blockchain systems with the external world, bridging the gap between on-chain and off-chain environments. They function as on-chain Application Programming Interfaces (APIs), facilitating access to external information for smart contracts. This capability is vital since Turing-complete systems inherently lack the ability to directly retrieve external or personal data. The presence of secure oracles is particularly crucial in DeFi.

Existing oracle solutions encounter challenges in effectively incorporating private web2 legacy data and establishing completely decentralized and trustless cross communication with the web3 ecosystem. Prominent players like Chainlink, Band Protocol, and API3 have successfully integrated real-world data, such as weather forecasts and asset prices, into the blockchain. Yet, a considerable challenge remains in securely and effectively connecting private and legacy data sources to the decentralized framework.

To address these limitations, ZKON introduces an innovative trustless decentralized network as a new form of zkOracles, that merges Multiparty Computation (MPC) with Collaborative Zero-Knowledge Proofs (Collaborative ZK). This groundbreaking approach allows multiple entities to collaboratively conduct computations and validate data integrity without the dependence on a centralized authority. Utilizing Collaborative ZK, the network guarantees the correctness and privacy of data, thus enabling Smart Contracts to securely verify and use data from diverse sources. This strategy not only bolsters the reliability and efficiency of data integration in DeFi but also heralds a new era of decentralized data processing and verification.

The integration of MPC and Collaborative ZK in this network represents a significant stride in overcoming the limitations of current blockchain oracles, fostering a more secure and efficient environment for data handling in the blockchain and DeFi spaces.

2.2) User Experience

Our user experience will flow through our zkApp that will act as a verifier of the collaborative proofs that our independent attestators will be providing, so in order to request a collaborative proof from our network of oracles the end zkApp will need to charge our zkApp with ZKON in order to incentives the attestators to provide their proofs.

More precisely, our User Persona are developers building zkApps for end-customers, the sequence diagram below shows how a user obtaining verifiable data on a give zkApp on Mina that uses ZKON with the help of two nodes part of the ZKON Netowrk. Initially, the user requests API keys and creates secure, divided data portions—shares—for the oracles, ensuring that no single ZKON oracle has complete information. The zkApp then sends these shares to the ZKON oracles and crafts a "Request Message." Each oracle contributes to the data processing without having full access to the information. They work together to generate a proof that the data processing is correct. One oracle requests the needed data from a data source, which after confirming the request's validity, sends the data back. The oracles process this data, and the user receives it with a proof of authenticity, verifying the data's integrity before using it. This method ensures a secure and verifiable data exchange, maintaining privacy and trust between all parties involved.

Preferred Interface for Web2.5 Applications

ZKON has invested a lot of time for new applications to join easaly and start using ZKON infrastructure so that is why for web2.5 consumer applications that ones to provide data proofs onchain (Mina Protocol) they have two options:

  1. Widget: is designed to be straightforward and easy to integrate ZKON within the interface of the zkApp with a simple piece of HTML code or iFrame, please find our customizable demo here.
  2. SDK: is the library to access programmatically to ZKON Network so the zkApp can request automatically off-chain requests without the manual intervention of the end user and ensuring no single party have the full access requests.
ZKON User Experience

Preferred Interface for zkApps (web3 applications on Mina)

For native zkApps that want to leverage ZKON data feeds and HMAC signing requests we also will provide all necessary information for these zkApps to access ZKON services through our ZKON zkApp that will activate any request.

ZKON will also be deploying a native token into Mina ecosystem in order to reward the Attestators or Oracles that computes and generate collaborative zk Proofs to the network.

2.3) Security Model

2.3.1) Securing Secret Sharing through MPC

Using Multiparty Computation (MPC), it is possible to safely transmit Secrets, like API keys to an oracle through a cooperative procedure that protects the keys’ confidentiality. An overview of using MPC to safely provide API keys to an oracle is shown below Refer to Figure 1:

Figure 1
  • Splitting the API key: The API key is split into several shares, often referred to as secret shares, in MPC. These shares are allocated to various participants in the computation, including the owner of the dApp or smart contract and the Oracle nodes. Each party has a separate, private piece of the API key Refer to Figure 2.
  • Communicating Payload and Shares: After computing the share, API owners send the shares to the Oracle along with the payload that needs to be signed before sending a request to the Exchange.
  • Collaborative Signing: The oracles with their shares generate local signatures using distributed signing algorithm and send this signature to the API owner. The API owner sums up the local signature to get the final signature and sends a request to the exchange using the payload.
Figure 2

The API key is kept secret throughout the procedure by utilizing MPC. No entity holds the entire key, removing the possibility of a single point of failure or someone obtaining the key without authorization. For sending API keys to oracles, MPC offers an extra layer of security, reducing the dangers of key disclosure and unauthorized access. It allows for safe and private communication while upholding the necessary privacy and security of the API keys in a decentralized setting.

Further, we want to ensure that the API keys are not reconstructed without the consent of the API key owner. Therefore an access structure is constructed using MPC inside TEE such that without the consent of the owner of API keys malicious oracles cannot collaborate to reconstruct the keys.

2.3.2) Privacy through ZK Implementation

A zero-knowledge proof (ZKP) is a technique that allows a sender device (prover) to convince a receiver device (verifier) that a certain statement is true, without revealing any extra details or information about the statement itself.

A zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) is a type of zk proof system that offers a concise and easily verifiable argument that the prover possesses a witness to a public statement while keeping the witness itself hidden.

The primary strength of zk-SNARKs is that they do not disclose any information about the secret data except for its validity. Additionally, zk-SNARKs offer two key advantages. Firstly, they have broad applicability, as there exist zk-SNARKs that can prove any relationship that can be represented by a finite-sized arithmetic circuit.

Secondly, zk-SNARKs have efficient verification, with proof size and verification time scaling sublinearly with the amount of secret data (usually in the order of kilobytes and tens of milliseconds), and anyone can perform the verification.

However, there are also two important limitations associated with zk-SNARKs.

First, the process of generating a proof can be computationally expensive. It often takes thousands of times longer to generate proof compared to directly checking the underlying relationship. This can be a significant drawback in terms of computational resources and time requirements.

Second, zk-SNARKs are designed to work with secret data held by a single party.

They do not natively support scenarios where the secret data is distributed or shared among multiple parties. This limitation restricts the applicability of zk-SNARKs in situations where collaborative proof generation is required. The constraint of having the secret data held by a single party imposes restrictions on the range of applications that can benefit from zk-SNARKs. It prevents the use of zk-SNARKs in scenarios where the secret data is distributed among multiple mutually distrusting parties.

In distributed Oracles, it will be efficient for Oracles to collaboratively proof a statement rather than building individual proofs and comparing them**.**

Our approach is based on Collaborative zkSNARK proofs through o1js framework allowing the generation of proofs over the secrets of multiple parties who do not trust each other. This is achieved by extending traditional zk-SNARKs into secure protocols among N provers, enabling them to collectively create a single proof over a distributed witness. In the context of pairingbased zkSNARKs, the proof generation algorithm is optimized to leverage algebraic techniques for multiparty computation (MPC), resulting in efficient protocols for generating proofs.

Figure 3

Please find more information on our Cryptographic Paper.

2.3.3) Considered Attack Vectors

  • Secret sharing with MPC: Api secret keys / session keys are not exposed to oracles with the help of MPC inside TEEs . Each oracle receives an additive key share which is used for HMAC signature generation. Privacy through zk implementation: Anyone can verify the data received by the oracle originates from the particular session key / api key. Collaborative zk snarks utilize the distributed proof generation technique to generate proof collaboratively proving that they have the correct key shares required to get the data from a particular source.
  • Malicious Provers: On a 3Gb/s link, it is possible to achieve security against a malicious minority of provers while maintaining a similar runtime as that of a single prover. Even when dealing with N-1 malicious provers, the slowdown required is only around 2 times. This efficiency is uncommon because secure distributed computations typically experience significant slowdowns, often by orders of magnitude. The efficiency of collaborative proofs means that most applications that can handle the cost of a single-prover proof should also be able to handle the cost of a collaborative proof. For ZK Miners, Oracles can proof the correctness of the data received from a given exchange or data source using collaborative zkproof.
  • Adversarial Setting: We assume the adversarial model to be the dishonest majority in an active adversary setting where a malicious participant has the capability to corrupt messages exchanged between them.
  • Coalition of parties: is considered both for MPC as well as collaborative zk. Both mpc and collaborative zk security assumptions take in consideration that if n-1 parties are dishonest the protocol will abort

2.4) Flexible Attestation

ZKON does not only provide flexible Attestation but unparallel independent attestation system. By using MPC randomly selected ZK Oracles are available to witness different data points using SnarkyJS without ever holding the full secret for accessing the underlaying data.

Ones the oracles achieve enough consensus (at least 3-n agreeing on the data output), the Smart Contract requester can use the output answer in any Smart Contract, either updating any user wallet interacting with your dApp or updating any other smart contract.

2.5) Current ZKON Use Cases

Verified Price Feeds together with Oracle Service provider

We offer the generation of Decentralized Trustless Price Feed Verification to Oracle Service provider, our offering to them leverages our expertise in Multi-Party Computation (MPC) and Zero-Knowledge Proofs (ZKP) to deliver a pioneering solution that enhances data authenticity and security. Our decentralized WebSocket connector enables Oracle Service provider to access and verify trading history with unmatched precision, ensuring the integrity of data through advanced TLS key management and certificate verification processes. By incorporating a collaborative ZKP framework and a robust threshold agreement protocol, we ensure the transparency and reliability of trading data, setting new industry standards for security and trust.

Proof of Reserves with e-Grains

ZKON's innovative proposal for the "Decentralized & Trustless Proof of Reserves of Soja Grains" project aims to revolutionize the agricultural sector by introducing a cutting-edge system that ensures the authenticity and quantity of soja grain reserves. Utilizing a sophisticated integration with IoT devices and leveraging Multi-Party Computation (MPC) alongside advanced cryptographic techniques, our solution guarantees real-time verification of grain quantities with unmatched security and integrity. By incorporating TLS certificate verification and deploying Collaborative Zero-Knowledge Proofs (ZKP), we offer a transparent, secure method for e-grains to authenticate data sources and validate grain reserves without compromising sensitive information.

Proof of Trading with Zuus Ai

ZUUS Trading Bot Platform's integration with ZKON's d-Auth Decentralized API Connector marks a significant advancement in secure and efficient cryptocurrency trading. Addressing the critical challenge of security risks associated with centralized API key management, ZUUS AI leveraged ZKON's innovative d-Auth technology. This decentralized approach, utilizing Multi-Party Computation (MPC) to shard and distribute API key fragments across a network, ensures no single point of failure, drastically reducing the risk of breaches and unauthorized access. The d-Auth widget not only enhances the platform's security but also maintains the essential low latency for effective trading strategies, reinforcing ZUUS AI's commitment to providing a secure, reliable, and user-friendly trading experience as well as incorporating proofs of trading activity into Mina protocol.

Extended Use Cases

As you have seen ZKON can provide a wide range of solutions to multiple customer types, we are also really excited on our future around key areas such are:

  • SocialFi: Develop new smart contract based social use cases (quests, reputation, loyalty…) by proving any data from off-chain applications like social media, CEXes, traditional banks, fintech (like Paypal, VISA…) or work management apps (like Asana, Notion…).
  • KYC/ID: Prove your humanity and adulthood by generating a zkProof of a KYC you passed in any centralized institution like CEXes, banks…
  • Gaming: Connect your game to the blockchain and transfer any data generated in local servers to smart contracts seamlessly.
  • DAOs: Vote on DAO proposals with tokens holded on centralized exchanges.
  • RWA & Insurance: Enhance insurance policies by integrating off-chain data such as historical crop yields, detailed weather reports, soil quality assessments. This data provides insurers with a comprehensive view and potential risks.
  • Payments: Privacy layer on off-chain and on-chain payments. Initiate fiat payments based on your off-chain exchange balances by imitating withdrawals and settling with the end PoS with Fiat.
  • Off-Chain Lending: As DeFi seeks to add new lending offerings, integrating the depth and breadth of web2 financial data as a collateral can be a game-changer.
  • Credential verifications: Verify credentials seamlessly & represent them in web3, reducing friction to decentralized job platforms and academic networks.
  • And many more!

To learn more visit ZKON's Customer Storie. To learn more about other potential use cases that could be deployed with ZKON visit our website.

3) ZKON step-by-step plan to execute this project, including expected deadlines for each piece of work:

Design and Planning Phase Completion (1-2 weeks)

  1. Focus on evaluating the compatibility of o1js zk circuits with your existing infrastructure.
  2. Identify potential integration challenges and develop strategies to address them.
  3. Collaborate with technical teams to ensure a clear understanding of the project's requirements and objectives.
  4. Establish a comprehensive roadmap detailing each step of the integration process, including timelines and resource allocation.

o1js ZK Circuits Integration (2-3 weeks)

  1. Integrate o1js zk circuits on the Testnet, ensuring seamless interaction with your existing systems.
  2. Conduct extensive testing to assess the performance, scalability, and security of the integration.
  3. Engage with at least one customer to participate in the testing phase, gathering feedback to refine and optimize the implementation.
  4. Document and address any issues or bugs encountered during the testing phase.

Smart Contract to Execute d-Auth connections (for each signing request) (1-2 weeks) and ZKON token deployment

  1. Migrate the existing contract to TypeScript
  2. Develop and deploy a payment smart contract on the Testnet that facilitates secure and efficient data requests and MPC connections.
  3. Incorporate features to handle various payment scenarios and ensure transaction security.
  4. Test the smart contract rigorously to ensure its reliability and compliance with relevant standards.
  5. Prepare documentation and user guides to assist customers in understanding and utilizing the payment system.

Staking Smart Contract to Become Part of the Network (2-3 weeks)

  1. Design a staking smart contract that clearly defines the criteria and process for oracles to join the network.
  2. Implement mechanisms within the contract to manage staking, rewards, and penalties, ensuring network integrity and performance using TypeScript and Mina resources.
  3. Conduct thorough testing to validate the smart contract's functionality and security.
  4. Provide comprehensive documentation and training materials to facilitate the onboarding of new oracles.

Security Audit (3-4 weeks)

  1. Smart contract code review and security analysis reports.

Mainnet Integration (2 weeks)

  1. Transition from the Testnet to the Mainnet, ensuring all components are fully operational and optimized.
  2. Collaborate closely with at least two ZKON customers to facilitate their integration and provide support throughout the process.
  3. Monitor the network's performance and address any issues promptly to maintain a high level of service quality.
  4. Gather feedback from customers and continuously improve the network based on their insights and experiences

4) Critical milestones that should be used to determine whether ZKON have executed on this proposal:

Milestone 1: Migration Design (1-2 weeks)

Deliverables:

  • Design a report on how to migrate our current Collaborative ZK approach to o1js and how the system can be adapted to a Collaborative framework.

Milestone 2: MVP Development (6-7 weeks)

Deliverables:

  • Smart Contracts migration to zkApps: Token Deployment, Payment zkApp, Staking process.
  • A working MVP demonstrating key features: MPC + TLS Sessions.
  • Initial community feedback sessions and MVP testing reports.

Milestone 3: Production Release and Documentation (5-6 weeks)

Deliverables:

  • Finalized integration with comprehensive documentation.
  • Documentation & tutorials outlining example use cases.
  • Documentation outlining extensibility of the deliverables (e.g. how to expand to new types or sources of data)
  • Final report on community feedback incorporation and testing outcomes.

5) Additional support ZKON team would require to execute this project

Technical Support from O1 Labs

  • Continued collaboration with experts from O1 Labs, ensuring valuable technical guidance and alignment with the Mina ecosystem. as well as access to cutting-edge development tools, libraries, or frameworks from O1 Labs
  • It will be key to designate a strategy to implement a collaborative SnarkyJS approach to provide trustless verified data on our Collaborative zkApp approach.
  • Access to the Community Developer that is building the system that enables o1js to verify proof groth16

Financial support

  • Grant for System Migration: We request financial assistance from the Mina Protocol Foundation in the form of a grant. This support is crucial for the smooth transition of our systems onto the Mina Protocol. The grant would cover various costs, such the ones listed on the next section.

6) Financial needs and conditions:

We are budgeting $65,000.00 Grant not only for the execution but also for the commercialization of the project. The budget will be allocated as follows:

  1. At the approval of the grant: $10,000
  2. Public Protocol design to adapt o1js to Collaborative zero knowledge proofs: $10,000
  3. o1js integration with our zkApp Collaborative approach: $20,000
  4. Full integration example with one of our existing customers: $10,000
  5. Security Audit: $5,000
  6. Documentation & Open Source ZKON Collaborative ZK approach for the rest of the Mina Community: $5,000
  7. $5,000 in Mina tokens to incentivize new zkApps deploying on top of ZKON.

ZKON network is commited to add value to Mina Community that is why will be offering an airdrop of $10,000.00 ZKON token for the first 2 zkApps that build on top of ZKON infrastructure.

7) How have ZKON engaged with the Mina community to refine your proposal before submission?

Since our participation in the Outlier Ventures zero knowledge acceleration program sponsored by Mina, we have worked alongside the Mina and O(1) Labs teams to bring our technology to Mina and support the ecosystem with proposals that generate added value. The Mina and O(1) Labs teams have provided feedback on our proposal, and we have refined our proposal to meet the requested needs, also creating value thanks to the versatility of our solutions.

Our active participation in the zkIgnite program and consistent interaction with o1js team has been pivotal for refining our proposal. Through different conversations with the core o1js Team and Mina Foundation, we've tuned our collaborative ZK approach to meet Mina's technological needs and community vision. This hands-on engagement has deepened our integration within the ecosystem, allowing us to craft a community-endorsed, value-adding proposal.

A good example of our dedication to the community is the open discussions that we had through our zkIgnite application.

And our engagement with the Discord community through multiples threads regarding our zkIgnite application and making sure the community was engaged with us!

8) How does ZKON experience with Mina and the community increase the likelihood of success?

Working alongside the Mina and O(1) Labs teams and the Mina community drastically increases the likelihood of success for our proposal due to several factors: their extensive knowledge of Mina's architecture, their eagerness to innovate and embrace new proposals, and the diverse backgrounds of the people in the community. At ZKON, we have spent two years developing the technology we want to implement in Mina, and having an extended team that supports us and helps in critical processes is of great value to us and will undoubtedly help us deliver the product with all the necessary security and quality.

Also being able to get open feedback from the community during our zkIgninte application forces us to simplify our interface to communicate with other members from the Mina community.

It has been a great exercise to help us reducing complexity and being able to share our added value in simple terms. so Thanks!

SUPPORT & CONTACT

If you encounter any issues or have questions during the integration process, our support team is here to assist you.

Support Contact

Thank you for choosing ZKON. We're excited to be a part of your journey towards a more secure and decentralized world.

Contact us

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.