Slide 1

Slide 1 text

Looking back at EDCON 2019 Shun Takagiwa Senior Software Architect at LayerX Inc. blockchain.tokyo #19

Slide 2

Slide 2 text

about me Shun Takagiwa / 高際 隼 Senior Software Architect at LayerX Inc. ● Software developer using blockchain (2018-) ● former smartphone games developer (2013-2018) ● studied mathematics & computer science at Tokyo Tech (2007-2013) currently responsible for a product development to securitize real estate using blockchain technology @shun_tak

Slide 3

Slide 3 text

Table of contents 1. Participated in EDCON!!!! a. What is EDCON? b. at the hackathon (April 8-10) c. in the main hall (April 11-13) 2. ZEXE on Plasma (my team’s product at the hackathon)

Slide 4

Slide 4 text

Participated in EDCON!!!! Sydney

Slide 5

Slide 5 text

What is EDCON? Community Ethereum Development Conference ● annual global Ethereum conference ○ aiming to boost the communication and interaction of Ethereum communities worldwide and to accelerate the sound development of Ethereum ecosystem ● EDCON2019 in 8-13 April in Sydney (6 days) ○ 3-day hackathon ○ 3-day conference ● EDCON2018 in Toronto (3 days) ● EDCON2017 in Paris (2 days)

Slide 6

Slide 6 text

at the hackathon 2 teams participated from LayerX you can see all 18 teams here: https://edcon-hack.devpost.com/submissions ● ZEXE on Plasma (my team) ○ Scaling decentralized arbitrary computation with zk-SNARKs ● CBC Casper Validator Rotation (colleagues’s team) ○ A proposal of the protocol of validator rotation in CBC Casper and the implementation of a simulator & visualizer to do experiments Hachathon topics ● Layer 1: Sharding/PoS/Clients ● Layer 2: Plasma/Channel/Snark

Slide 7

Slide 7 text

CBC Casper visualization

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

ENS Prize Winners (including my team :)

Slide 11

Slide 11 text

in the main hall

Slide 12

Slide 12 text

in the main hall

Slide 13

Slide 13 text

No content

Slide 14

Slide 14 text

No content

Slide 15

Slide 15 text

in the main hall 2 speakers participated from LayerX Ryuya Nakamura Formal Verification and CBC Casper https://www.youtube.com/watch?v=XUguMReOXek Dominik Harz XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets The video hasn’t been uploaded on YouTube yet

Slide 16

Slide 16 text

ZEXE on Plasma Scaling decentralized arbitrary computation with zk-SNARKs

Slide 17

Slide 17 text

Background Scalability with Plasma e.g. MVP, Generalized Plasma Privacy with zk-SNARKS e.g. ZoKrates, Zcash, ZEXE Why not both? Let’s build ZEXE on Plasma!

Slide 18

Slide 18 text

ZEXE is generalized - UTXO model (original paper) - Privacy-preserving smart contracts - Arbitrary contract functions - Arbitrary data in contracts - Succinct proofs with zk-SNARKS Our use case: ERC20 contracts in zero knowledge

Slide 19

Slide 19 text

ZEXE Overview https://eprint.iacr.org/2018/962.pdf Public: Serial numbers, commitments, memo, ledger digest, zk proof, predicates Private: address public key, address secret key, data payload

Slide 20

Slide 20 text

ZEXE on Plasma https://eprint.iacr.org/2018/962.pdf Plasma Smart contract on Ethereum Public: Serial numbers, commitments, memo, ledger digest, zk proof, predicates Private: address public key, address secret key, data payload IPFS

Slide 21

Slide 21 text

System components of ZEXE on Plasma Merkle root 1 Merkle root 2 Merkle root 3 Merkle root 1 tx1 Merkle root 2 tx2 Merkle root 3 tx3 Private inputs 1 Private inputs 2 Private inputs 3 Front-end Secret sharing zk-Plasma Root chain Generate transaction Execute zk-proving Mint coin Transfer coin

Slide 22

Slide 22 text

Workflow 1. Generate a transaction and a zk-proof on local 2. Store secret data on IPFS to share with a counterparty 3. Send the transaction on Plasma 4. Execute a smart contract to update merkle root Team Yohei Oka, Quantstamp Web3, Smart contract, ENS Shun Takagiwa, LayerX IPFS, Data sharing Dominik Harz, LayerX Plasma, Smart contract Osuke Sudo, LayerX zk-SNARKs, Transaction

Slide 23

Slide 23 text

DEMO

Slide 24

Slide 24 text

Transaction generation with Rust Private data is uploaded to IPFS in this process Uploaded data ⇒

Slide 25

Slide 25 text

Plasma node

Slide 26

Slide 26 text

No content

Slide 27

Slide 27 text

Now Hiring!!!! Web系や金融系の経験がある方、ぜひ一緒に新しいサービスを作りませんか? 参考:LayerXの事業紹介とカルチャー    ⇒https://link.medium.com/Ftg6zkkMWW

Slide 28

Slide 28 text

Appendix

Slide 29

Slide 29 text

What we built ● Privacy-preserving transaction to mint tokens ● Private data sharing using IPFS ● Plasma smart contract and off-chain contract ○ to prevent double spending ○ to maintain merkle tree of commitment records ● Transaction execution on plasma ● Web UI ● ENS

Slide 30

Slide 30 text

What works ● Minting transactions ● Sending transactions ● Sharing a secret on IPFS ● Storing Merkle headers to Ethereum ● Storing Merkle tree and transaction verification on the Plasma child chain

Slide 31

Slide 31 text

Things that were challenging ● ZEXE uses a different curve than Ethereum supports ● ZEXE has no concept of blocks ● Transaction model of ZEXE is different to Plasma MVP UTXO

Slide 32

Slide 32 text

Next steps ● Make elliptic curve be compatible with Ethereum ○ From BLS12-381 to BN256 ● Verify zk-SNARKS ● Encrypt data on IPFS with a recipient’s public key ● Make it optional to use IPFS for data exchange (enable to use e-mail, temporary shared storage, etc) ● Add more functionalities ○ e.g. ERC20, DEX, stable coin ● Allow exit in Plasma contract

Slide 33

Slide 33 text

Background - Private computation ● ZEXE’s Goal: A ledger-based system in which transactions attest to offline computations while simultaneously providing privacy and succinctness ● Zerocash ○ Money is represented via coins ○ Commitment of a coin is published on the ledger when the coin is created ○ Serial number of the coin is published when the coin is consumed ○ A zero knowledge proof attesting that the serial numbers belong to coins created in the past without identifying which ones ○ Commitments contain new coins of the same total value ○ A transaction is private which contains how many coins were consumed and created (each coin’s value and owner address remain hidden) ● ZEXE: Extending to an arbitrary function ○ The function is known in advance to everyone ○ Think of a coin as a record that stores some arbitrary data (payload) rather than integer