Investment Proposal: zk-money fork

Temperature check: Shall LunarDAO fund and manage a fork of zk-money?

The discussion continued in Telegram, including another poll. Majority believes that to fork zk.money is a good move for the DAO. At the same time, the team from Firn protocol shared their warning and proposal to support Firn. Below is the message from @Grav from April 19th:

hi all. with full respect for the autonomy of the DAO, we would like to caution the DAO, regarding a cryptographic fact about how zk.money works, which—we believe—could make the project prohibitively difficult to maintain, and could ultimately result in loss of funds of both LunarDAO itself and for its users.

cryptographically, zk.money works by maintaining a full bitcoin-like system of UTXOs within an Ethereum smart contract. these UTXOs moreover cryptographically conceal their amounts and owners. to send funds, a user proves in zero-knowledge that he performed a bitcoin-like “join–split” operation—except the UTXOs getting consumed are cryptographically hidden—and moreover the user proves that the monetary invariants hold (i.e., sum of inputs == sum of outputs).

by definition, the funds any given user owns are given by the total—across all UTXOs directed to that user—of the value present in those UTXOs. in order to even determine this amount, the user’s wallet must download the entire UTXO state stored on-chain, and trial-decrypt each UTXO, in order to determine if it’s addressed to that user. this processes is assisted by Aztec’s “roll-up” indexer, who maintains some kind of derived / indexed variant of this state, and serves it to users.

the bandwidth requirements are very high, both for the users and for the indexer. when data (in the megabytes or more) can’t be effectively served to a client, that client becomes unable to even determine his own account balance/state, let alone spend funds. this problem was extremely widespread in the Aztec community, with many users unable to even see their funds for months after deposit—or ever. this led to a huge amount of tension and distress in the community, and the discord’s support ticketing system was completely overwhelmed. we believe that this issue was the primary cause behind zk.money’s shutdown.

with full respect to the LunarDAO community—and wanting only what’s best for the DAO—we caution you strongly against attempting a zk.money fork, until you learn more about the engineering challenges that would be entailed, and what could go wrong. we suggest you look through Aztec’s Discord (Aztec Network), and look through the “community-support” channel.

we claim that Firn fixes all of these problems, but that is another discussion—let us know how we can best explain the situation to you. thank you!

LET’S DISCUSS HERE!

Thanks for posting @ogma, if anyone has any questions please let me know.

I found zk.money somewhat complicated and buggy sometimes. I wouldn’t fork this and especially maintain it.

I think the Firn partnership is a better idea - if it is safe / unexploited etc. Or the Sideshift way via XMR.