github/zkp2p-poc
1
1
Fork 0
mirror of https://github.com/zkp2p/zkp2p-poc.git synced 2026-01-09 13:48:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
158 Commits 11 Branches 0 Tags
sachin/v1/circuit-fixes
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
0xSachinK 1729eeb1b3 update scripts
2023-05-16 17:02:05 +05:30
app
Add claim_id to gen_input
2023-05-16 12:47:26 +05:30
circuit
update scripts
2023-05-16 17:02:05 +05:30
contracts
Fix contract bugs; Add tests
2023-05-16 14:49:18 +05:30
images
[v1] Update ZKP-MOOC submission (#23)
2023-04-30 23:46:38 +05:30
regex_to_circom
[V1] Add circuits (#11)
2023-04-27 22:50:25 +05:30
scripts
update scripts
2023-05-16 17:02:05 +05:30
test
Fix contract bugs; Add tests
2023-05-16 14:49:18 +05:30
zk-email-verify-circuits
Brian/contract finalized (#8)
2023-04-03 23:37:03 +01:00
.gitignore
[v1] Add contracts (#17)
2023-04-30 01:23:23 +05:30
hardhat.config.js
Add max amount functionality
2023-05-09 19:33:30 +05:30
package-lock.json
Added some deployment logic, orders getter, and start of proof validation logic.
2023-04-01 14:59:03 +01:00
package.json
Add gen verifier contract server script
2023-05-16 14:18:44 +05:30
README.md
Update README.md
2023-05-02 13:22:00 +05:30
yarn.lock
Brian/contract finalized (#8)
2023-04-03 23:37:03 +01:00
zkp-mooc-hackathon-submission.md
Add Mantle network contract addresses for bounties
2023-05-01 13:55:14 +05:30

README.md

NOTE: This is our Readme. Please find the ZKP MOOC Hackathon submission doc here.

ZKP2P

A trustless P2P fiat onramp powered by ZK proofs

ZKP2P is a trustless P2P fiat onramp that can be built on top of any web2 payment rails (e.g. Venmo) without permission from the payment network itself. The network is powered by ZK proofs of DKIM signatures in payment confirmation emails. We build upon the 0xParc / PSE ZK Email libraries to prove the SHA256, email regex and RSA without revealing sensitive contents in the email. Upon successful proof generation, a user will be able to trustlessly unlock escrowed assets on-chain.

The PoC is live on Goerli! Try it at zkp2p.xyz. Note: repo currently in heavy development.

Part of ZK Hack Lisbon 2023 (2nd place winner). Our demo at the ZK Hack closing ceremony and Devfolio

DM us to join the conversation!

Twitter

Telegram

Problem

  • New retail users face huge barriers to onboard funds onto web3
  • Users must register for a centralized exchange (e.g. Coinbase) or use centralized fiat onramps which charge high fees (e.g. 5%)
  • Crypto natives are unable to offboard funds into the real world
  • Only institutional accounts have direct access to convert USDC or USDT to USD
  • Existing P2P solutions either require meeting in person (e.g., LocalBitcoins) or rely on a centralized intermediary (e.g., OTC desks)

High Level Flow

There are 2 actors in the system: 1) off-rampers and 2) on-rampers:

  1. Off-rampers are users who intend to trade their USDC on-chain to USD on Venmo
  2. On-rampers are users who intend to trade their USD on Venmo to USDC on-chain

Following table contains information about our main circuit:

Metric Value
constraints 6618823
public inputs 18
public outputs 4
private inputs 7478
wires 6400562
labels 30385320

Usage

Fetching Venmo ID Instructions

ZKP2P on-ramping requires submitting Venmo IDs on chain so the on-rampers knows where to send the payment. A Venmo ID is unique identifier (e.g. 1234567891011121314 up to 19 digits) for your Venmo account that is separate from your handle (@Venmo-User). They are encrypted with keys generated automatically for the on-ramper and stored locally. We cannot extract Venmo handles directly from the ID as it violates Venmo's Terms of Service. You can look up your Venmo ID using one of the following methods:

  • Open any Venmo payment receipt email and click on 'Show original' and search for user_id. As of writing these instructions [4/30/2023], you should be able to locate your id in multiple places but may need to splice the 3D encoding in front of the id.
  • Paste curl https://account.venmo.com/u/[YOUR_VENMO_HANDLE] | grep -o '"user":{"displayName":"[^"]*","id":"[0-9]*"' | sed 's/.*"id":"\([0-9]*\).*/\1/' into the command line.

To verify your id, you can go to https://venmo.com/code?user_id=[YOUR_VENMO_ID] and the page should resolve to a profile for your account.

Approving and Acquiring FakeUSDC

As of 4/30/2023, users must mint and approve the fake USDC token on Goerli to interact with our app. We still haven't wired it into the UI flow yet, so you must do it manually. You can do so by going to the FakeUSDC Etherscan link below and calling the mint function with the amount of USDC you want to mint. Then, on the same Etherscan page and call the approve function with a USDC value scaled by 10e6 and the address of the Ramp contract (below)

Deployed Addresses (Goerli)

Mantle (L2)

Limitations

  • Slow proving time
  • Mechanism relies on trusting Venmo. It is likely not sound for large transactions where a malicious actor has more incentive to attack the system. (e.g. chargebacks, convincing Venmo signatures to sign a malicious email). Hopefully for smaller transactions, there is more recourse (e.g. user ID is doxxed and victim can complain to Venmo)
  • Currently only supports USDC and Venmo. Can be extended to other P2P payment systems (e.g. Paypal, Zelle) and other assets (ETH, NFTs etc.)

Future Work

  • Deploy to prod!
  • Design around edge cases (What if a hacker gets Venmo to sign a malicious email? What are ways of recourse? How to deal with chargebacks? Nullifiers?)
  • Optimizations. Speed up proving time perhaps using Halo2 libs
  • Integrate more P2P payment systems (Paypal, Zelle) and potentially bank ACH / wires
  • Onchain composability 👀
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme MIT 59 MiB
Languages
TypeScript 44.1%
Circom 30.2%
JavaScript 18.2%
Shell 3.8%
Python 2.8%
Other 0.9%