diff --git a/content/SUMMARY.md b/content/SUMMARY.md index e06c44a..1af81b5 100644 --- a/content/SUMMARY.md +++ b/content/SUMMARY.md @@ -11,8 +11,8 @@ - [πŸͺ§ Verifiable Games Using RISC Zero](./risc-zero/zypher-buildathon/presentation.md) - [πŸ‘· ZK Chess Checkmate](./risc-zero/zypher-buildathon/workshop.md) - [πŸ—ƒοΈ ZK Hack - Montreal - August 2024](./risc-zero/zk-hack-montreal/materials.md) - - [πŸͺ§ No Circuits Required - Building ZK Proof Systems in Pure Rust](./risc-zero/zk-hack-montreal/presentation.md) - - [πŸ‘· ZK ERC20 Balance of EDCSA Verified Account](./risc-zero/zk-hack-montreal/workshop.md) + - [πŸͺ§ Boundless On-chain Execution Using Proven Off-chain Coprocessing](./risc-zero/zk-hack-montreal/presentation.md) + - [πŸ‘· Prove ERC20 Balance of ECDSA Verified Account Owner](./risc-zero/zk-hack-montreal/workshop.md) - [πŸ™‹ Contribute](./contribute/index.md) - [πŸŒ€ Topic Template](./contribute/template/page.md) diff --git a/content/risc-zero/zk-hack-montreal/img/fusion-dragon-ball.gif b/content/risc-zero/zk-hack-montreal/img/fusion-dragon-ball.gif new file mode 120000 index 0000000..9496a97 --- /dev/null +++ b/content/risc-zero/zk-hack-montreal/img/fusion-dragon-ball.gif @@ -0,0 +1 @@ +../../zypher-buildathon/img/fusion-dragon-ball.gif \ No newline at end of file diff --git a/content/risc-zero/zk-hack-montreal/presentation.md b/content/risc-zero/zk-hack-montreal/presentation.md index b9dad4d..408550f 100644 --- a/content/risc-zero/zk-hack-montreal/presentation.md +++ b/content/risc-zero/zk-hack-montreal/presentation.md @@ -1,4 +1,4 @@ -# No Circuits Required - Building ZK Proof Systems in Pure Rust +# Boundless On-chain Execution Using Proven Off-chain Coprocessing
diff --git a/content/risc-zero/zk-hack-montreal/slides.md b/content/risc-zero/zk-hack-montreal/slides.md index 4526cb7..e8e5f0b 100644 --- a/content/risc-zero/zk-hack-montreal/slides.md +++ b/content/risc-zero/zk-hack-montreal/slides.md @@ -1,5 +1,5 @@ --- -title: No Circuits Required - Building ZK Proof Systems in Pure Rust +title: Boundless On-chain Execution Using Proven Off-chain Coprocessing tags: RISC Zero, Talk, Presentation, Workshop, zkVM, Steel, EVM, Hackathon, Zero Knowledge Proof, Applied Cryptography, Rust, ZK Hack, Montreal duration: 60 minuets description: RISC Zero Workshop for the Zypher Provable Games Buildathon - June 2024 @@ -23,9 +23,15 @@ revealOptions:
-# No Circuits Required +# Boundless On-chain Execution -## Building ZK Proof Systems in _Pure Rust_ +## Using Proven Off-chain Coprocessing + + + + + +**_On-chain_ $~~~$ πŸ‘‰ $ZK$ πŸ‘ˆ $~~~$ _Off-chain_** Event Materials ↗️ @@ -33,7 +39,9 @@ revealOptions: ## Why RISC Zero? -### _Write Rust πŸ¦€
Not Circuits π›Œ_ +> ### _Write Rust πŸ¦€_ +> +> ### _Not Circuits π›Œ_ Notes: @@ -126,7 +134,7 @@ Notes: --- -## RISC Zero On-chain +## RISC Zero 🀝 EVM Chains @@ -136,7 +144,7 @@ Notes: # ✨ Inspiration -##### ⚠️ -- Do not copy 🍝 -- πŸ™ +> #### ⚠️   Do **not** copy 🍝   ⚠️ Notes: @@ -158,8 +166,12 @@ Notes: --- +## Proven Historical State of EVM + +> A trustless "off-chain worker" for EVM RPC calls, and more! + Notes: Want to build even more complicated or otherwise impossible contract logic? @@ -197,7 +209,7 @@ Notes: ## πŸŽ‡ What is special about RISC Zero? (2) - Proof continuation -
  Unbounded guest programs +
  Boundless guest programs - Proof composition
  "Proof-ception"
  Hybrid Client side {πŸ•΅οΈprivacy} & server {🦾power} @@ -248,4 +260,4 @@ Notes: - Discord `#πŸ’»|support-forum` channel for help
  Join: discord.gg/risczero -> 🧠 Don't need to know the crypto details to build...
don't forget you are building a cryptographic system! +> 🧠 Don't need to know the crypto details to build...
BUT don't forget you are building a cryptographic system! diff --git a/content/risc-zero/zk-hack-montreal/workshop.md b/content/risc-zero/zk-hack-montreal/workshop.md index a89fb21..84e2ab3 100644 --- a/content/risc-zero/zk-hack-montreal/workshop.md +++ b/content/risc-zero/zk-hack-montreal/workshop.md @@ -1,12 +1,19 @@ -## ZK ERC20 Balance of ECDSA Verified Account (R0 v1.0) +# Prove ERC20 Balance of Verified Account Owner (R0 v1.0) -### _Signing and Steeling_ +## πŸ‘· _Signing and Steeling_ -Let's experiment with the powers provided by the [Steel library](https://github.com/risc0/risc0-ethereum/tree/main/steel) by taking the ERC20 example and extending it. -The base example only proves that some address holds a balance, with the essential proof being "Some address holds over 1 token at some ERC20 contract at the most recent block" -That isn't a particularly useful statement... let's constrain the proof a bit more to assert that the prover also holds the key to the account in question. +Let's experiment with the powers provided by the [Steel library](https://github.com/risc0/risc0-ethereum/tree/main/steel) by taking the [base ERC20 example](https://github.com/risc0/risc0-ethereum/tree/main/examples/erc20) and extending it with the [base ECDSA example](https://github.com/risc0/risc0/tree/main/examples/ecdsa). +The ERC20 example only proves that some address holds a balance, with the essential proof being "Some address holds over 1 token at some ERC20 contract at the most recent block" +That isn't a particularly useful statement... in our case we want to know that the **owner** of some account has a balance. -> NOTE: The address and contract are optionally hidden to the verifier, so we can know the prover has a balance, but not DOX them! +### 🫑 Our Mission + +_**Constrain**_ the ERC20 example to _**assert**_ that the **prover** also holds the key to the account we are checking the balance of, hence is the "owner". +We do this by verifying a ECDSA signature for the EVM account in question. + +_NOTE: The address and contract are optionally hidden to the verifier, so we can know the prover has a balance, but not DOX them!_ + +### πŸš€ Let's GO! 1. Watch this playlist to learn the basics of RISC Zero. 1. Use `rzup` to setup your development environment based on the **correct version of the RISC Zero Getting Started Docs** for you. @@ -16,7 +23,40 @@ That isn't a particularly useful statement... let's constrain the proof a bit mo # Follow command instructions to use rzup # ... This will take a while first time! ``` -1. TODO workshop repo will be up soonℒ️ +1. Generate a new repo from the template for this workshop source: + ```sh + # Clone direct, or your new repo fom this template: + git clone https://github.com//risc0-v1-chess + # **OR** Clone the template direct: + git clone https://github.com/nuke-web3/signing-and-steeling + cd signing-and-steeling + cargo r -r + # ... This will take a while first time! + # If you get errors, see step one to get setup! + ``` + +1. Take a look at the structure of the code and key files: + ```sh + signing-and-steeling + β”œβ”€β”€ README.md + β”œβ”€β”€ Cargo.toml # πŸ“ Config = MUST use consistent R0 versions! + β”œβ”€β”€ methods + β”‚ └── guest + β”‚ └── src + β”‚ └── main.rs # 🧰 Guest = Game Logic to be proven 🌟 + └── src + └── main.rs # πŸƒ Host = Execution of guest & GUI & more unproven + ``` + Other files may need some minor adjustments, but is essentially boilerplate for the context of this workshop. + +1. Extend the ERC20 balance check to ensure that the **prover is the owner of the account being checked.** + +
+⚠️ SPOILERS ⚠️ + +> One possible solution with comments and tips + +
## πŸ“ Key Takeaways @@ -24,10 +64,15 @@ That isn't a particularly useful statement... let's constrain the proof a bit mo - Use standard patterns like `println!` & `fmt!` normally for basic experiments and debugging in `DEV_MODE`. - 10s on lines of code overall -> useful proof, easily extensible! - There is still many risks of creating privacy and security faults via bugs and all the normal ways cryptographic systems can break down... - _**With zkVMs you are abstracting the math/circuits of zk... NOT the robust design and audits required to harden your system!**_ + +> 🧠 You don't need to know the deeper cryptographic details to build proof systems using zkVMs... BUT don't forget you are building a _cryptographic system!_ +> +> ⚠ **With zkVMs you are NOT abstracting the requirement for robust design and audits of your proof system!** ## πŸ€“ Taking it Further Here are some ideas to keep extending this example to learn more: -- Soonℒ️ +- Take the core logic and host workflows and embed them into a **coprocessor**with the [Foundry Template](https://github.com/risc0/risc0-foundry-template)- NOTE: versions MUST match throughout for `Cargo.toml` with respect to `risc0-...` dependencies. +- Fix the replay attack inherent in this example to ensure the prover is the key holder, rather than anyone that has a valid signed message for this proof. +- Bench and optimize the guest program, as there are likely ways to make this example _much_ more performant!