Looking back at EDCON 2019 Shun Takagiwa Senior Software Architect at LayerX Inc. blockchain.tokyo #19 

about me Shun Takagiwa / 高際 隼 Senior Software Architect at LayerX Inc. ● Software developer using blockchain (2018-) ● former smartphone games developer (2013-2018) ● studied mathematics & computer science at Tokyo Tech (2007-2013) currently responsible for a product development to securitize real estate using blockchain technology @shun_tak 

Table of contents 1. Participated in EDCON!!!! a. What is EDCON? b. at the hackathon (April 8-10) c. in the main hall (April 11-13) 2. ZEXE on Plasma (my team’s product at the hackathon) 

Participated in EDCON!!!! Sydney 

What is EDCON? Community Ethereum Development Conference ● annual global Ethereum conference ○ aiming to boost the communication and interaction of Ethereum communities worldwide and to accelerate the sound development of Ethereum ecosystem ● EDCON2019 in 8-13 April in Sydney (6 days) ○ 3-day hackathon ○ 3-day conference ● EDCON2018 in Toronto (3 days) ● EDCON2017 in Paris (2 days) 

at the hackathon 2 teams participated from LayerX you can see all 18 teams here: https://edcon-hack.devpost.com/submissions ● ZEXE on Plasma (my team) ○ Scaling decentralized arbitrary computation with zk-SNARKs ● CBC Casper Validator Rotation (colleagues’s team) ○ A proposal of the protocol of validator rotation in CBC Casper and the implementation of a simulator & visualizer to do experiments Hachathon topics ● Layer 1: Sharding/PoS/Clients ● Layer 2: Plasma/Channel/Snark 

CBC Casper visualization 

No content

No content

ENS Prize Winners (including my team :) 

in the main hall 

in the main hall 

No content

No content

in the main hall 2 speakers participated from LayerX Ryuya Nakamura Formal Verification and CBC Casper https://www.youtube.com/watch?v=XUguMReOXek Dominik Harz XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets The video hasn’t been uploaded on YouTube yet 

ZEXE on Plasma Scaling decentralized arbitrary computation with zk-SNARKs 

Background Scalability with Plasma e.g. MVP, Generalized Plasma Privacy with zk-SNARKS e.g. ZoKrates, Zcash, ZEXE Why not both? Let’s build ZEXE on Plasma! 

ZEXE is generalized - UTXO model (original paper) - Privacy-preserving smart contracts - Arbitrary contract functions - Arbitrary data in contracts - Succinct proofs with zk-SNARKS Our use case: ERC20 contracts in zero knowledge 

ZEXE Overview https://eprint.iacr.org/2018/962.pdf Public: Serial numbers, commitments, memo, ledger digest, zk proof, predicates Private: address public key, address secret key, data payload 

ZEXE on Plasma https://eprint.iacr.org/2018/962.pdf Plasma Smart contract on Ethereum Public: Serial numbers, commitments, memo, ledger digest, zk proof, predicates Private: address public key, address secret key, data payload IPFS 

System components of ZEXE on Plasma Merkle root 1 Merkle root 2 Merkle root 3 Merkle root 1 tx1 Merkle root 2 tx2 Merkle root 3 tx3 Private inputs 1 Private inputs 2 Private inputs 3 Front-end Secret sharing zk-Plasma Root chain Generate transaction Execute zk-proving Mint coin Transfer coin 

Workflow 1. Generate a transaction and a zk-proof on local 2. Store secret data on IPFS to share with a counterparty 3. Send the transaction on Plasma 4. Execute a smart contract to update merkle root Team Yohei Oka, Quantstamp Web3, Smart contract, ENS Shun Takagiwa, LayerX IPFS, Data sharing Dominik Harz, LayerX Plasma, Smart contract Osuke Sudo, LayerX zk-SNARKs, Transaction 

DEMO 

Transaction generation with Rust Private data is uploaded to IPFS in this process Uploaded data ⇒ 

Plasma node 

No content

Now Hiring!!!! Web系や金融系の経験がある方、ぜひ一緒に新しいサービスを作りませんか？ 参考：LayerXの事業紹介とカルチャー 　　　⇒https://link.medium.com/Ftg6zkkMWW 

Appendix 

What we built ● Privacy-preserving transaction to mint tokens ● Private data sharing using IPFS ● Plasma smart contract and off-chain contract ○ to prevent double spending ○ to maintain merkle tree of commitment records ● Transaction execution on plasma ● Web UI ● ENS 

What works ● Minting transactions ● Sending transactions ● Sharing a secret on IPFS ● Storing Merkle headers to Ethereum ● Storing Merkle tree and transaction verification on the Plasma child chain 

Things that were challenging ● ZEXE uses a different curve than Ethereum supports ● ZEXE has no concept of blocks ● Transaction model of ZEXE is different to Plasma MVP UTXO 

Next steps ● Make elliptic curve be compatible with Ethereum ○ From BLS12-381 to BN256 ● Verify zk-SNARKS ● Encrypt data on IPFS with a recipient’s public key ● Make it optional to use IPFS for data exchange (enable to use e-mail, temporary shared storage, etc) ● Add more functionalities ○ e.g. ERC20, DEX, stable coin ● Allow exit in Plasma contract 

Background - Private computation ● ZEXE’s Goal: A ledger-based system in which transactions attest to offline computations while simultaneously providing privacy and succinctness ● Zerocash ○ Money is represented via coins ○ Commitment of a coin is published on the ledger when the coin is created ○ Serial number of the coin is published when the coin is consumed ○ A zero knowledge proof attesting that the serial numbers belong to coins created in the past without identifying which ones ○ Commitments contain new coins of the same total value ○ A transaction is private which contains how many coins were consumed and created (each coin’s value and owner address remain hidden) ● ZEXE: Extending to an arbitrary function ○ The function is known in advance to everyone ○ Think of a coin as a record that stores some arbitrary data (payload) rather than integer