Privacy preserving wallet on Ethereum

hushling · August 18, 2022, 6:41pm

Privacy preserving wallet on Ethereum

Project Title: Hush private wallet

Description: We are building a smart contract wallet which can shield all Ether, ERC20 and NFT transfers. All of this is done using cryptography and ZK techniques. For the first deliverable, we’ll focus only on ETH transfers.

It’ll be easy to extend it for ERC20 and NFT transfers in the newer version.

Manifesto/Vision: We believe privacy is a fundamental right, and we want to build tools that enables privacy for general users on Ethereum.

Problem: If you know someone’s address on Ethereum, you can see their entire history (and future) of transfers and balance, which should be considered private information. You shouldn’t need to expose this information to receive a payment for your service, or when you decide to donate to a cause!

These are the problems we see in transfers —

Anyone can see the parties involved in a transfer.
Anyone can see the amount in a transfer.

We aim to keep this information private from everyone.

Solution: We are building a smart contract in which users can transfer ETH from their address.

There are 3 main functionalities this wallet (W) provides —

deposit any amount of ETH in W
transfer any amount of ETH to another address. Here, the ETH remains in W, just the internal accounting changes so that the transferred ETH is now controlled by the recipient address.
withdraw any amount of ETH from W to an address.

Any external observer won’t be able to know the transfer amount and the parties involved.

As an example, here is a user lifecycle —

Alice wants to deposit 0.7 ETH to W. Alice generates a secret and a ZK proof to hide this secret. Alice then deposits ETH along with the proof. This transfer is visible to everyone.
Now, Alice wants to transfer 0.2 ETH to Bob. Alice generates a ZK proof using a new key. Alice instructs W to change its internal accounting so that 0.2 ETH from her balance is now under Bob’s control.
Note that this 0.2 ETH is still in W, however using ZK we shielded the transfer amount and also the fact that Alice transfered funds to Bob.
Suppose Bob received multiple funds from different parties. Bob will be able to withdraw ETH from W in any arbitrary amount. An observer won’t be able to tell the source of this ETH.

Note that the general caveats of privacy systems apply. It’s possible to link depositors and withdrawers if only a few users are using it. For example, if only Alice and Bob are using the system, it’s possible to deduce the details of the transfer.

We’re happy to provide a detailed spec which explains the ZK circuits making this possible.

Product Features:

Transfers on Ethereum shielding the amount and the parties involved. This solution can be deployed on any EVM compatible chain (like L2s).
Zero user fee through smart contracts. Relayer support might be added later which can take fee.

Validation: We haven’t approached potential users for feedback. The team is excited about this idea as it extends privacy features on Ethereum.

Progress: We are currently building zkSNARK circuits required to generate the proofs and smart contract verifiers. You can track the progress here on our radicle code repo. We aim to keep our development and product stack decentralized.

Differentiation (from other projects): Our approach is extensible enough that it can shield arbitray amounts and the parties involved. The same technique can be tweaked to enable shielded ERC20 and NFT transfers without much effort, which generally is a difficult problem due to the uniqueness property of NFTs.

Team: hushling, katharvol - Anon builders in the Ethereum space. We are ZK and smart contract devs.

Grant Request $:
$100,000. We’re open to incremental funding on completing milestones.

What the Funds Are For:

Personal funding which will let us work on this project.
Security audit. ZK security is a niche and audits are costly in this space.

Help Requested:
Currently, we are self-sufficient in engineering capacity. However, later we aim to collaborate with a frontend engineer to build decetralized frontends for user adoption. When we reach that stage, any help to find a frontend engineer will be appreciated!

Additional Resources, Links, Portfolio
Our code repository

0x965fdb32e3fcdc6dc3 · August 19, 2022, 10:43pm

This is an interesting idea. Can you help me understand how it is different from something like zk.money?

hushling · August 20, 2022, 9:01am

I am not much familiar with the inner working of zk.money. However, it’s currently limited to ETH and ERC20 (specifically only to DAI, but that may be a business decision). On the tin, the features our proposal provides in the first version will be the same.

However, shielded NFT transfers is something that is missing in the space. As long as the NFT stays in W, no matter how many times it’s transferred, the transfer information will stay private between the parties involved.

So only the entry and exit of the NFT can be observed. Observers will not be able to tell how many times it was transferred inside that. For NFT withdrawal, stealth addresses can be used to further protect privacy.

NFT support will be added in the second version.

We will add support for viewing keys which lets you prove an ownership of an asset (ETH/ERC20/ERC721/ERC1155) while it stays in W.

trent.eth · August 26, 2022, 6:32pm

hush - can you DM/ share a contact? i’d like to connect you with the Privacy and Scaling Explorations team at the EF.

hushling · August 27, 2022, 4:00pm

I am not able to DM you here. can you dm me and i’ll share email there

hushling · August 28, 2022, 6:37pm

@trent.eth, (some random chars to fill in the limit of 20 chars) ^

trent.eth · August 31, 2022, 6:27pm

best place to reach me is at trent_vanepps on tg or twitter

hushling · September 1, 2022, 11:45am

Our proposal is up on-chain DAOhaus