From 2be848434c1c01527562c22340057cabd66b7d1a Mon Sep 17 00:00:00 2001 From: mangoplane Date: Thu, 11 Jan 2024 17:26:34 +1100 Subject: [PATCH 01/27] Create xgov-119.md --- Proposals/xgov-119.md | 117 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 Proposals/xgov-119.md diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md new file mode 100644 index 00000000..3b13d3f9 --- /dev/null +++ b/Proposals/xgov-119.md @@ -0,0 +1,117 @@ +--- +id: 119 +title: Zorkin: Social Login for Self-Custodial Account Authentication with ZK-SNARKs +author: Winton Nathan-Roberts (@mangoplane) +discussions-to: https://forum.algorand.org/t/xgov-119-zorkin/ +company_name: Helium Labs +category: dApps +focus_area: User Onboarding +open_source: Yes +amount_requested: 100000 +status: Draft +--- + +## Abstract + +Zorkin aims to implement a ZK-SNARK based OpenIDConnect authentication solution that is native to Algorand, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A fiat on-ramp will be integrated into the solution to enable regulatory-compliant blockchain asset purchases using major payment methods, such as credit cards. It improves upon related solutions like Web3Auth and Magic by having a competitive pricing model that is scalable & sybil-resistant by only charging for authentication from users that transact, which is particularly relevant for Free-To-Play games where typically only 2-5% of users transact. + +## Team + +Winton Nathan-Roberts as Research, Design & Development lead. With assistance from a number of skilled independent contractors for software engineering related tasks. + +## Experience with Algorand + +Winton Nathan-Roberts is a Machine Learning PhD dropout with over 4 years of industry experience in Software Engineering working for various Startups & Blue Chip companies like Wargaming. + +Over the last two years, he has been working on an Algorand-based Web3 gaming venture and solutions to onboard non-technical users. His focus now is on simplifying access to Web3 games and apps via compliant authentication and fiat on-ramping. Helium Labs on GitHub represents this work, although many of its repositories are private. + +## Present Proposal + +Zorkin allows the provision of an on-chain application called `TenantAuth` that represents supported OAuth clients, through which users can authenticate themselves with OpenIdConnect to gain access to a self-custodial account that's linked to the application and their Social Login account. Once they have proven account access via a ZK-SNARK proof, an authorized session is created that can last several hours wherein transactions are gated through an associated client-side ephemeral key. JSON Web Token (JWT) signature authenticity is verified against a cache of JSON Web Key (JWK) signing keys for each supported OAuth issuer, which is updated through infrequent decentralized HTTPS requests with a Multi-Party Computation solution like ChainLink. Zorkin supports providers that allow customization of at least one JWT claim in the initial request, like the nonce, which includes most providers like Google and Firebase. Reliance on unnecessary dependencies, like a salting service with a user-specific salting values database, is minimized. + +Periodic infrastructure upgrades, including adding new OpenID Providers and ensuring protocol compatibility, are overseen by a Decentralized Autonomous Organization (DAO) to reduce centralization. Only a trusted entity can initiate updates, which must be approved through Sybil-resistant voting ballots. + +User accounts are available in two forms: a Logic Signature Contract Account and a Stateful Contract Account. The Logic Signature version functions similarly to a native account, while the Stateful variant aligns with Account Abstraction (ARC-58). Both types aim to ease user experience by simplifying or eliminating Algorand Asset Opt-In and Minimum-Balance Requirements (MBR). For instance, application clients can automatically opt-in authenticated LSIG accounts without requiring user consent for each transaction. + +We aim to integrate compliant third-party fiat on-ramp services like MoonPay and NFTPay into Zorkin as a B2B service, allowing users to purchase approved NFTs and fungible tokens using mainstream payment methods, subject to regulatory compliance approval. + +### Video Presentation & Minimum-Viable Product Demo + +The following video presents Zorkin, and includes a Minimum-Viable Product demo. + +
+ + YouTube Video Thumbnail + +
+ +Please visit the Github repository for Zorkin to learn more. + +## Future Blueprint + +The following sets out a roadmap of key tasks involved in delivery. + +### Deploy ChainLink infrastructure + +Implement a ChainLink EVM contract to fetch issuer JWKs from their endpoints and transmit the data to the JWK cache contract on Algorand using the Wormhole bridge. + +### Create Account Abstraction Variant (ARC-58) + +Add a user account variant based on Account Abstraction (ARC-58). + +### Deploy Scalable ZK-SNARK Prover Infrastructure + +Develop an efficient, scalable infrastructure for the computationally intensive ZK-SNARK prover, unsuitable for client-side hosting. Initially, deploy a scalable Docker Container of the prover using Scaleway, offering on-demand scaling. Long-term, explore Ingonyama's hardware-accelerated provers for enhanced efficiency, combined with ZK-SNARK optimizations like chain-based RSA verification, pending the potential introduction of a modulo-exponentiation operator in a future AVM version. + +### Trust-minimized Infrastructure Upgrades with a DAO + +Contract infrastructure upgrades need DAO approval, with only a Trusted Entity authorized to initiate ballots. These upgrades require a majority approval via Quadratic Voting. To counter duplicate votes and bots, we aim to implement voter deduplication using social media verification, if feasible. + +### Launch on Testnet + +Zorkin will initially launch on Testnet to thoroughly evaluate security and legal aspects through user testing and reviews over a period of time. + +### Integrate 3rd Party FIAT On-Ramps + +Integrate a third-party fiat on-ramp, like MoonPay, enabling users to buy approved assets using major payment methods, including credit cards. + +### Launch on Mainnet + +Launch the product on mainnet, with continued maintenance & refinement. + +### Support Cross-Chain Assets + +Consider improving interoperability by supporting cross-chain assets through Wormhole Connect token bridging. + +## Benefits for the community + +Algorand builders can offer Social Login to their dApp users, incurring costs only for authentication of transactions outside an authorized session. This sybil-resistant pricing is scalable, particularly for Free-To-Play (F2P) games where typically only 2-5% of users transact. Authentication costs can be recouped immediately via user-initiated atomic transactions. The integration of a fiat on-ramp eases fiat purchases, and UX friction in Opt-In and MBR procedures can be greatly reduced or eliminated. + +## Additional information + +### Open Source Clarification + +The proposal's metadata suggests it will be Open Source, but this applies only to certain frontend-hosted application clients and components at Zorkin's discretion. The Open Source components of the solution will be licensed under the GNU General Public License v3.0, which applies to the code's copyright but not the intellectual property it interacts with. + +### IP Ownership + +Zorkin's intellectual property is fully owned by Winton Nathan-Roberts, as allowed by law. It offers unique contributions and, to our knowledge, doesn't violate any patents. Zorkin may experience ownership changes, potentially resulting in rebranding or integration with another company or product. + +### Self-Custodial Definition + +The proposal's Self-Custody aspect means that Zorkin does not hold users' sensitive access keys, such as private keys. Account access is restricted to the user, their Open ID provider, and the application client. + +### Disclaimers + +To the fullest extent permitted by law, this proposal and Zorkin are subject to the following legal disclaimers: + +- NO WARRANTIES: We offer no warranties or guarantees, explicit or implied. +- NO LIABILITY: We are not liable for any damages from using or inability to use this content. +- INDEPENDENCE: We do not necessarily have a direct affiliation with any party mentioned or implied besides Zorkin. +- INDEMNIFICATION: You must defend and indemnify us against all claims and damages from your use of the content. +- NOT PRODUCTION READY: The content may have vulnerabilities and is not for production use. +- USE AT YOUR OWN RISK: You are solely responsible for using the content and ensuring its legal compliance. +UNVERIFIED CLAIMS: Claims in the content are not independently verified; do your own research before relying on them. +- IMPORTANT NOTICE: This document, including all disclaimers, should not be considered as legal or investment advice. The information provided is for general informational purposes only. + +Please note that this research-intensive development is likely to evolve, as ongoing research may reveal limitations or improvements in the initial proposal, leading to adjustments in our development trajectory. Consequently, all claims in this proposal are subject to change. \ No newline at end of file From b9ef7d2044eed1d2cafd15a1b6216247d1be3ef6 Mon Sep 17 00:00:00 2001 From: mangoplane Date: Thu, 11 Jan 2024 17:42:00 +1100 Subject: [PATCH 02/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 3b13d3f9..ee029cbe 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -1,6 +1,6 @@ --- id: 119 -title: Zorkin: Social Login for Self-Custodial Account Authentication with ZK-SNARKs +title: Zorkin - Social Login for Self-Custodial Account Authentication with ZK-SNARKs author: Winton Nathan-Roberts (@mangoplane) discussions-to: https://forum.algorand.org/t/xgov-119-zorkin/ company_name: Helium Labs From 8455c6e5041d14045a78ddecda9668dbe05786b9 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 16 Jan 2024 11:12:11 +1100 Subject: [PATCH 03/27] Update xgov-119.md --- Proposals/xgov-119.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index ee029cbe..d7f1cc74 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -1,5 +1,6 @@ --- id: 119 +period: 3 title: Zorkin - Social Login for Self-Custodial Account Authentication with ZK-SNARKs author: Winton Nathan-Roberts (@mangoplane) discussions-to: https://forum.algorand.org/t/xgov-119-zorkin/ @@ -114,4 +115,4 @@ To the fullest extent permitted by law, this proposal and Zorkin are subject to UNVERIFIED CLAIMS: Claims in the content are not independently verified; do your own research before relying on them. - IMPORTANT NOTICE: This document, including all disclaimers, should not be considered as legal or investment advice. The information provided is for general informational purposes only. -Please note that this research-intensive development is likely to evolve, as ongoing research may reveal limitations or improvements in the initial proposal, leading to adjustments in our development trajectory. Consequently, all claims in this proposal are subject to change. \ No newline at end of file +Please note that this research-intensive development is likely to evolve, as ongoing research may reveal limitations or improvements in the initial proposal, leading to adjustments in our development trajectory. Consequently, all claims in this proposal are subject to change. From dd70d16452965c603c79ebf372fb1229a80216a8 Mon Sep 17 00:00:00 2001 From: mangoplane Date: Tue, 23 Jan 2024 02:03:35 +1100 Subject: [PATCH 04/27] Update --- Proposals/xgov-119.md | 92 +++++++++++++++++-------------------------- 1 file changed, 37 insertions(+), 55 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index d7f1cc74..f83a52ad 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -3,7 +3,7 @@ id: 119 period: 3 title: Zorkin - Social Login for Self-Custodial Account Authentication with ZK-SNARKs author: Winton Nathan-Roberts (@mangoplane) -discussions-to: https://forum.algorand.org/t/xgov-119-zorkin/ +discussions-to: https://github.com/algorandfoundation/xGov/pull/119 company_name: Helium Labs category: dApps focus_area: User Onboarding @@ -13,94 +13,76 @@ status: Draft --- ## Abstract +Zorkin aims to implement a ZK-SNARK based OpenIDConnect authentication solution that runs natively on Algorand, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. -Zorkin aims to implement a ZK-SNARK based OpenIDConnect authentication solution that is native to Algorand, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A fiat on-ramp will be integrated into the solution to enable regulatory-compliant blockchain asset purchases using major payment methods, such as credit cards. It improves upon related solutions like Web3Auth and Magic by having a competitive pricing model that is scalable & sybil-resistant by only charging for authentication from users that transact, which is particularly relevant for Free-To-Play games where typically only 2-5% of users transact. +A fiat on-ramp will be integrated into the solution to enable regulatory-compliant blockchain asset purchases using major payment methods such as credit card. ## Team +- Winton Nathan-Roberts as Research, Design & Software Engineering lead +- Skilled independent contractors for auxiliary tasks spanning software engineering, legal consultation, and financial services -Winton Nathan-Roberts as Research, Design & Development lead. With assistance from a number of skilled independent contractors for software engineering related tasks. +Contractor involvement in core system design and implementation will be minimal and subject to rigorous validation checks. ## Experience with Algorand Winton Nathan-Roberts is a Machine Learning PhD dropout with over 4 years of industry experience in Software Engineering working for various Startups & Blue Chip companies like Wargaming. -Over the last two years, he has been working on an Algorand-based Web3 gaming venture and solutions to onboard non-technical users. His focus now is on simplifying access to Web3 games and apps via compliant authentication and fiat on-ramping. Helium Labs on GitHub represents this work, although many of its repositories are private. +Over the last two years, he has been working largely in silence on an Algorand-based Web3 gaming venture. His current focus is on enhancing user onboarding for Web3 dApps and games, with a specific emphasis on regulatory-compliant authentication and fiat on-ramping. Helium Labs on GitHub represents some of this work, with many of its repositories private. ## Present Proposal -Zorkin allows the provision of an on-chain application called `TenantAuth` that represents supported OAuth clients, through which users can authenticate themselves with OpenIdConnect to gain access to a self-custodial account that's linked to the application and their Social Login account. Once they have proven account access via a ZK-SNARK proof, an authorized session is created that can last several hours wherein transactions are gated through an associated client-side ephemeral key. JSON Web Token (JWT) signature authenticity is verified against a cache of JSON Web Key (JWK) signing keys for each supported OAuth issuer, which is updated through infrequent decentralized HTTPS requests with a Multi-Party Computation solution like ChainLink. Zorkin supports providers that allow customization of at least one JWT claim in the initial request, like the nonce, which includes most providers like Google and Firebase. Reliance on unnecessary dependencies, like a salting service with a user-specific salting values database, is minimized. +Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by XGov-117. -Periodic infrastructure upgrades, including adding new OpenID Providers and ensuring protocol compatibility, are overseen by a Decentralized Autonomous Organization (DAO) to reduce centralization. Only a trusted entity can initiate updates, which must be approved through Sybil-resistant voting ballots. +Multiple system designs are being explored, with one variant and its MVP implementation detailed at this Github repository. However, the final deliverables will differ, as development is expected to lead to an enhanced design and implementation. -User accounts are available in two forms: a Logic Signature Contract Account and a Stateful Contract Account. The Logic Signature version functions similarly to a native account, while the Stateful variant aligns with Account Abstraction (ARC-58). Both types aim to ease user experience by simplifying or eliminating Algorand Asset Opt-In and Minimum-Balance Requirements (MBR). For instance, application clients can automatically opt-in authenticated LSIG accounts without requiring user consent for each transaction. +Zorkin will be integrated with a 3rd Party Fiat On-Ramp to allow users to buy approved crypto assets using major payment methods like credit card, taking care of relevant compliance. A Fiat On-Ramp such as MoonPay will be considered for integration. -We aim to integrate compliant third-party fiat on-ramp services like MoonPay and NFTPay into Zorkin as a B2B service, allowing users to purchase approved NFTs and fungible tokens using mainstream payment methods, subject to regulatory compliance approval. +### Deliverables -### Video Presentation & Minimum-Viable Product Demo +The deliverables of this proposal are the success criteria, against which the proposal can be considered delivered on should they be met, and are enumerated below. -The following video presents Zorkin, and includes a Minimum-Viable Product demo. +`ZorkinInfra` is defined as a ZK-SNARK based OpenIDConnect authentication solution that authenticates access to a Self-Custodial Algorand Account, that's local to a specific tenant. A tenant is an application interface to `ZorkinInfra`, through which users can authenticate access with `ZorkinInfra` to self-custodial Algorand accounts that are local to the tenant. `PaymentInfra` is defined as payment infrastructure that allows billing of tenants for their usage of `ZorkinInfra` to cover related operating expenses (e.g. cloud hosting costs) and a pre-determined profit margin. The `Dashboard` is an area where customers can configure their tenants, and manage their billing via `PaymentInfra`. `LegalConsult` refers to consulting with a relevant legal professional to ensure the deliverables comply with relevant laws, and to assist in drafting necessary legal documents such as terms of service. -
- - YouTube Video Thumbnail - -
- -Please visit the Github repository for Zorkin to learn more. - -## Future Blueprint - -The following sets out a roadmap of key tasks involved in delivery. - -### Deploy ChainLink infrastructure - -Implement a ChainLink EVM contract to fetch issuer JWKs from their endpoints and transmit the data to the JWK cache contract on Algorand using the Wormhole bridge. - -### Create Account Abstraction Variant (ARC-58) - -Add a user account variant based on Account Abstraction (ARC-58). +In chronological order, the deliverables are: -### Deploy Scalable ZK-SNARK Prover Infrastructure +0. Development of `ZorkinInfra` +1. Development of `Dashboard` +1. Development of `PaymentInfra` +2. Testnet Deployment of `ZorkinInfra`, with a tenant configurable via `Dashboard` and billed via `PaymentInfra` +3. Integration of at least one 3rd Party Fiat On-Ramp +4. Initiation and completion of `LegalConsult` +4. Refinements of `ZorkinInfra`, `Dashboard` & `PaymentInfra` against feedback on their testnet deployments & legal consultation (`LegalConsult`) +5. Mainnet Deployment of `ZorkinInfra`, with a tenant configurable via `Dashboard` and billed via `PaymentInfra` -Develop an efficient, scalable infrastructure for the computationally intensive ZK-SNARK prover, unsuitable for client-side hosting. Initially, deploy a scalable Docker Container of the prover using Scaleway, offering on-demand scaling. Long-term, explore Ingonyama's hardware-accelerated provers for enhanced efficiency, combined with ZK-SNARK optimizations like chain-based RSA verification, pending the potential introduction of a modulo-exponentiation operator in a future AVM version. +The delivery timeline is deliberately open-ended to prioritize legal compliance and consumer safety. The deliverables will be available for public access only in jurisdictions where they fully adhere to local laws. The deliverables will be adjusted against feedback from legal consultation to ensure legal feasibility. These services will be offered as long as they are financially viable and legally permissible, with a planned legal sunsetting and exit strategy to be devised and communicated to consumers through the terms of service. -### Trust-minimized Infrastructure Upgrades with a DAO +### Minimum-Viable Product Demo -Contract infrastructure upgrades need DAO approval, with only a Trusted Entity authorized to initiate ballots. These upgrades require a majority approval via Quadratic Voting. To counter duplicate votes and bots, we aim to implement voter deduplication using social media verification, if feasible. +The following video showcases an early-stage design of Zorkin, featuring a demo of the Minimum Viable Product for this variant. Please be aware that the described variant is in its early stages; the final deliverables may differ significantly as the design will be refined throughout development. -### Launch on Testnet - -Zorkin will initially launch on Testnet to thoroughly evaluate security and legal aspects through user testing and reviews over a period of time. - -### Integrate 3rd Party FIAT On-Ramps - -Integrate a third-party fiat on-ramp, like MoonPay, enabling users to buy approved assets using major payment methods, including credit cards. - -### Launch on Mainnet - -Launch the product on mainnet, with continued maintenance & refinement. - -### Support Cross-Chain Assets - -Consider improving interoperability by supporting cross-chain assets through Wormhole Connect token bridging. +
+ + YouTube Video Thumbnail + +
## Benefits for the community -Algorand builders can offer Social Login to their dApp users, incurring costs only for authentication of transactions outside an authorized session. This sybil-resistant pricing is scalable, particularly for Free-To-Play (F2P) games where typically only 2-5% of users transact. Authentication costs can be recouped immediately via user-initiated atomic transactions. The integration of a fiat on-ramp eases fiat purchases, and UX friction in Opt-In and MBR procedures can be greatly reduced or eliminated. +If implemented, developers in supported countries can provide users with a ZK-SNARK based OpenIdConnect authentication solution to access an application-specific self-custodial Algorand account linked to their OAuth credentials. The integrated 3rd party Fiat On-Ramp will enable users to buy approved crypto assets using major payment methods, including credit cards. Some of Algorand's UX challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56. Estimates of operating expenses like cloud hosting suggest it may have competitive pricing to competitors in the space. ## Additional information ### Open Source Clarification -The proposal's metadata suggests it will be Open Source, but this applies only to certain frontend-hosted application clients and components at Zorkin's discretion. The Open Source components of the solution will be licensed under the GNU General Public License v3.0, which applies to the code's copyright but not the intellectual property it interacts with. +The proposal's metadata suggests it will be Open Source, but this applies only to solution components chosen at our discretion such as certain frontend application clients. Each open-source component will be subject to a separate license with respective terms and conditions that must be adhered to. -### IP Ownership +### Ownership of Deliverables & Intellectual Property -Zorkin's intellectual property is fully owned by Winton Nathan-Roberts, as allowed by law. It offers unique contributions and, to our knowledge, doesn't violate any patents. Zorkin may experience ownership changes, potentially resulting in rebranding or integration with another company or product. +The deliverables and related intellectual property (IP) will be fully owned by Winton Nathan-Roberts, who reserves the right to do anything with the property as permitted by law. To the best of our knowledge, the current IP isn't conflicting with any patents. The intellectual property and deliverables might undergo ownership transfers, leading to possible rebranding or integration with other companies or products. For instance, Zorkin could be renamed and associated with a different product the author is affiliated with under similar ownership changes. Zorkin, described by the proposal, is a commercial endeavour with the aim to profit. ### Self-Custodial Definition -The proposal's Self-Custody aspect means that Zorkin does not hold users' sensitive access keys, such as private keys. Account access is restricted to the user, their Open ID provider, and the application client. +The proposal's Self-Custody aspect means that Zorkin or its affiliates do not hold users' sensitive account access keys, such as private keys, whose possession would allow the holder access to the users' account. Account access is restricted to the user, their OAuth account provider, and potentially frontend application clients. ### Disclaimers @@ -112,7 +94,7 @@ To the fullest extent permitted by law, this proposal and Zorkin are subject to - INDEMNIFICATION: You must defend and indemnify us against all claims and damages from your use of the content. - NOT PRODUCTION READY: The content may have vulnerabilities and is not for production use. - USE AT YOUR OWN RISK: You are solely responsible for using the content and ensuring its legal compliance. -UNVERIFIED CLAIMS: Claims in the content are not independently verified; do your own research before relying on them. +- UNVERIFIED CLAIMS: Claims in the content are not independently verified; do your own research before relying on them. - IMPORTANT NOTICE: This document, including all disclaimers, should not be considered as legal or investment advice. The information provided is for general informational purposes only. -Please note that this research-intensive development is likely to evolve, as ongoing research may reveal limitations or improvements in the initial proposal, leading to adjustments in our development trajectory. Consequently, all claims in this proposal are subject to change. +Due to the research heavy nature of the proposal, all claims are subject to change. \ No newline at end of file From e4dad3890d5ff28131e67153c7f3921a95d6700c Mon Sep 17 00:00:00 2001 From: mangoplane Date: Tue, 23 Jan 2024 02:06:11 +1100 Subject: [PATCH 05/27] Update --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index f83a52ad..9590d06c 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -9,7 +9,7 @@ category: dApps focus_area: User Onboarding open_source: Yes amount_requested: 100000 -status: Draft +status: Final --- ## Abstract From 53fd09d0d5d6686817e3da70084fb257fad63335 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Tue, 23 Jan 2024 09:55:18 +0100 Subject: [PATCH 06/27] Add xgov 117 link --- Proposals/xgov-119.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 9590d06c..3d44eff3 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -31,7 +31,7 @@ Over the last two years, he has been working largely in silence on an Algorand-b ## Present Proposal -Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by XGov-117. +Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by [xGov-117](https://github.com/algorandfoundation/xGov/pull/117). Multiple system designs are being explored, with one variant and its MVP implementation detailed at this Github repository. However, the final deliverables will differ, as development is expected to lead to an enhanced design and implementation. @@ -97,4 +97,4 @@ To the fullest extent permitted by law, this proposal and Zorkin are subject to - UNVERIFIED CLAIMS: Claims in the content are not independently verified; do your own research before relying on them. - IMPORTANT NOTICE: This document, including all disclaimers, should not be considered as legal or investment advice. The information provided is for general informational purposes only. -Due to the research heavy nature of the proposal, all claims are subject to change. \ No newline at end of file +Due to the research heavy nature of the proposal, all claims are subject to change. From 117d2fc755f67604627fcacde531ee9dc8ba0cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Tue, 23 Jan 2024 09:56:49 +0100 Subject: [PATCH 07/27] Add link to pr #117 --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 3d44eff3..f9b5fcfd 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -31,7 +31,7 @@ Over the last two years, he has been working largely in silence on an Algorand-b ## Present Proposal -Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by [xGov-117](https://github.com/algorandfoundation/xGov/pull/117). +Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by xGov-117. Multiple system designs are being explored, with one variant and its MVP implementation detailed at this Github repository. However, the final deliverables will differ, as development is expected to lead to an enhanced design and implementation. From 140f32e04bc2bbe7ffcc74348a52fc3aceac4d49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Tue, 23 Jan 2024 09:59:10 +0100 Subject: [PATCH 08/27] Fix linting --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index f9b5fcfd..88687444 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -31,7 +31,7 @@ Over the last two years, he has been working largely in silence on an Algorand-b ## Present Proposal -Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by xGov-117. +Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by [xGov-117](./xgov-117.md). Multiple system designs are being explored, with one variant and its MVP implementation detailed at this Github repository. However, the final deliverables will differ, as development is expected to lead to an enhanced design and implementation. From 22917d4f38b3bcb81f782475ccbe0f2448edf991 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Mon, 5 Feb 2024 18:42:50 +1100 Subject: [PATCH 09/27] Update xgov-119.md --- Proposals/xgov-119.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 88687444..1897bc8f 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -31,7 +31,8 @@ Over the last two years, he has been working largely in silence on an Algorand-b ## Present Proposal -Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by [xGov-117](./xgov-117.md). +Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by xGov-117. Multiple system designs are being explored, with one variant and its MVP implementation detailed at this Github repository. However, the final deliverables will differ, as development is expected to lead to an enhanced design and implementation. From 59010e8ca4f1dbcc7fbc7fa2b7573b3fae32070e Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Mon, 5 Feb 2024 19:48:29 +1100 Subject: [PATCH 10/27] Update xgov-119.md --- Proposals/xgov-119.md | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 1897bc8f..becd2050 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -13,21 +13,26 @@ status: Final --- ## Abstract -Zorkin aims to implement a ZK-SNARK based OpenIDConnect authentication solution that runs natively on Algorand, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. +Zorkin aims to implement a ZK-SNARK based OpenIDConnect authentication solution that runs natively on Algorand, allowing Social Login like Facebook to authorize transactions from a linked self-custodial Algorand Account. -A fiat on-ramp will be integrated into the solution to enable regulatory-compliant blockchain asset purchases using major payment methods such as credit card. +A fiat on-ramp will be integrated into the solution for regulatory-compliant blockchain asset purchases using major payment methods such as credit card. ## Team - Winton Nathan-Roberts as Research, Design & Software Engineering lead - Skilled independent contractors for auxiliary tasks spanning software engineering, legal consultation, and financial services -Contractor involvement in core system design and implementation will be minimal and subject to rigorous validation checks. +Contractor work will be rigorously checked for validity. ## Experience with Algorand -Winton Nathan-Roberts is a Machine Learning PhD dropout with over 4 years of industry experience in Software Engineering working for various Startups & Blue Chip companies like Wargaming. +Winton Nathan-Roberts is a Machine Learning PhD dropout boasting over 4 years of industry experience in Software Engineering with various startups and blue-chip companies, including [Wargaming](https://wargaming.com/en/). -Over the last two years, he has been working largely in silence on an Algorand-based Web3 gaming venture. His current focus is on enhancing user onboarding for Web3 dApps and games, with a specific emphasis on regulatory-compliant authentication and fiat on-ramping. Helium Labs on GitHub represents some of this work, with many of its repositories private. +He has dedicated over two years to developing an Algorand-based Web3 gaming venture. Currently he is focusing on streamlining the onboarding process, with solutions that lower friction in Algorand account authentication, transaction authorization, and fiat purchases. Some of his projects can be viewed at [Helium Labs](https://github.com/Helium-Labs/) on GitHub, though many repositories are private. + +Here are some relevant projects he has worked on, linked to videos for further detail: + +- [Aido: FIDO2 Transaction Authorization](https://www.youtube.com/watch?v=0_M8aunqZyA): Implements the passwordless & phishing-resistant FIDO2 protocol for transaction authorization from an Algorand account +- [SessionWallet](https://www.youtube.com/watch?v=66N7bFn19Ck): Provides low-friction application specific account creation and transaction approval, leveraging transactions as session tokens via on-chain MsgPack parsing ## Present Proposal From d8350a543e0a5520662afd100365248b588f15bc Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Mon, 5 Feb 2024 19:48:45 +1100 Subject: [PATCH 11/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index becd2050..a995c1e2 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -31,7 +31,7 @@ He has dedicated over two years to developing an Algorand-based Web3 gaming vent Here are some relevant projects he has worked on, linked to videos for further detail: -- [Aido: FIDO2 Transaction Authorization](https://www.youtube.com/watch?v=0_M8aunqZyA): Implements the passwordless & phishing-resistant FIDO2 protocol for transaction authorization from an Algorand account +- [Aido - FIDO2 Transaction Authorization](https://www.youtube.com/watch?v=0_M8aunqZyA): Implements the passwordless & phishing-resistant FIDO2 protocol for transaction authorization from an Algorand account - [SessionWallet](https://www.youtube.com/watch?v=66N7bFn19Ck): Provides low-friction application specific account creation and transaction approval, leveraging transactions as session tokens via on-chain MsgPack parsing ## Present Proposal From 0692e01e2e8180ae2cf4425c65287dab90cd6f1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Mon, 5 Feb 2024 12:36:59 +0100 Subject: [PATCH 12/27] Update xgov-119.md --- Proposals/xgov-119.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index a995c1e2..f2fba63f 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -27,12 +27,12 @@ Contractor work will be rigorously checked for validity. Winton Nathan-Roberts is a Machine Learning PhD dropout boasting over 4 years of industry experience in Software Engineering with various startups and blue-chip companies, including [Wargaming](https://wargaming.com/en/). -He has dedicated over two years to developing an Algorand-based Web3 gaming venture. Currently he is focusing on streamlining the onboarding process, with solutions that lower friction in Algorand account authentication, transaction authorization, and fiat purchases. Some of his projects can be viewed at [Helium Labs](https://github.com/Helium-Labs/) on GitHub, though many repositories are private. +He has dedicated over two years to developing an Algorand-based Web3 gaming venture. Currently he is focusing on streamlining the onboarding process, with solutions that lower friction in Algorand account authentication, transaction authorization, and fiat purchases. Some of his projects can be viewed at Helium Labs on GitHub, though many repositories are private. Here are some relevant projects he has worked on, linked to videos for further detail: -- [Aido - FIDO2 Transaction Authorization](https://www.youtube.com/watch?v=0_M8aunqZyA): Implements the passwordless & phishing-resistant FIDO2 protocol for transaction authorization from an Algorand account -- [SessionWallet](https://www.youtube.com/watch?v=66N7bFn19Ck): Provides low-friction application specific account creation and transaction approval, leveraging transactions as session tokens via on-chain MsgPack parsing +- Aido - FIDO2 Transaction Authorization: Implements the passwordless & phishing-resistant FIDO2 protocol for transaction authorization from an Algorand account +- SessionWallet: Provides low-friction application specific account creation and transaction approval, leveraging transactions as session tokens via on-chain MsgPack parsing ## Present Proposal From 69ed14e03fd2dfcbc246f9d2f3f167307261960c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Mon, 5 Feb 2024 12:38:41 +0100 Subject: [PATCH 13/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index f2fba63f..1761871b 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -25,7 +25,7 @@ Contractor work will be rigorously checked for validity. ## Experience with Algorand -Winton Nathan-Roberts is a Machine Learning PhD dropout boasting over 4 years of industry experience in Software Engineering with various startups and blue-chip companies, including [Wargaming](https://wargaming.com/en/). +Winton Nathan-Roberts is a Machine Learning PhD dropout boasting over 4 years of industry experience in Software Engineering with various startups and blue-chip companies, including Wargaming. He has dedicated over two years to developing an Algorand-based Web3 gaming venture. Currently he is focusing on streamlining the onboarding process, with solutions that lower friction in Algorand account authentication, transaction authorization, and fiat purchases. Some of his projects can be viewed at Helium Labs on GitHub, though many repositories are private. From 9ce0d757e1234c9d5306dbc45862a97436e8e447 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Mon, 5 Feb 2024 23:45:52 +1100 Subject: [PATCH 14/27] Update xgov-119.md --- Proposals/xgov-119.md | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 1761871b..e5ec103f 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -36,12 +36,25 @@ Here are some relevant projects he has worked on, linked to videos for further d ## Present Proposal -Zorkin aims to implement a ZK-SNARK based OpenIDConnect (OIDC) authentication solution, allowing Social Login like Facebook to authenticate access to an application specific self-custodial Algorand Account. A variant has been implemented by Mysten Labs for their Sui blockchain called ZK-Login, which is only usable with Sui. Zorkin will attempt to improve upon ZK-Login, if possible. Some of Algorand's user experience (UX) challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56 whose development is proposed by xGov-117. +Zorkin plans to develop a turnkey solution for low-friction user authentication and transaction authorization with Social Login via an OAuth provider (e.g. Google), linking an Algorand account to the user's OAuth identity. At its core, users authenticate themselves using a familiar OpenID Connect experience. The resulting JSON Web Token (JWT) access token can then be utilized to create an authorized session wherein users can approve transactions from their linked Algorand account with the associated session parameters. ZK-SNARKs are used to preserve the privacy of the JWT access token during session authorization, so it isn't revealed on-chain. The sensitive session access keys are stored within the interfacing application client, intended for management by the user, making the solution self-custodial. -Multiple system designs are being explored, with one variant and its MVP implementation detailed at this Github repository. However, the final deliverables will differ, as development is expected to lead to an enhanced design and implementation. +ZK-Login by Mysten Labs, created exclusively for the Sui blockchain, has inspired the development of Zorkin. Zorkin plans to introduce various improvements such as allowing seamless OAuth client migration, postponing session creation until necessary, among other enhancements. -Zorkin will be integrated with a 3rd Party Fiat On-Ramp to allow users to buy approved crypto assets using major payment methods like credit card, taking care of relevant compliance. A Fiat On-Ramp such as MoonPay will be considered for integration. +Zorkin aims to enhance the user experience on Algorand by tackling its inherent challenges, like the requirement for users to manually opt into assets. To that end, we may offer a compatible ARC-56 compliant plugin-based contract account. xGov-117 proposes to develop ARC-56. + +Lastly, our plan includes adding a regulatory-compliant, third-party fiat on-ramp service like MoonPay. This will enable users to buy approved assets with popular payment methods, including credit cards. + +### Prototype Video Demonstration + +We are currently experimenting with several design variants. One notable variant can be found in the Zorkin GitHub repository. For a preview of this variant, watch the video below showcasing a prototype demonstration. + +
+ + YouTube Video Thumbnail + +
+ +The final product may substantially change from the above preview after further development. ### Deliverables @@ -62,16 +75,6 @@ In chronological order, the deliverables are: The delivery timeline is deliberately open-ended to prioritize legal compliance and consumer safety. The deliverables will be available for public access only in jurisdictions where they fully adhere to local laws. The deliverables will be adjusted against feedback from legal consultation to ensure legal feasibility. These services will be offered as long as they are financially viable and legally permissible, with a planned legal sunsetting and exit strategy to be devised and communicated to consumers through the terms of service. -### Minimum-Viable Product Demo - -The following video showcases an early-stage design of Zorkin, featuring a demo of the Minimum Viable Product for this variant. Please be aware that the described variant is in its early stages; the final deliverables may differ significantly as the design will be refined throughout development. - - - ## Benefits for the community If implemented, developers in supported countries can provide users with a ZK-SNARK based OpenIdConnect authentication solution to access an application-specific self-custodial Algorand account linked to their OAuth credentials. The integrated 3rd party Fiat On-Ramp will enable users to buy approved crypto assets using major payment methods, including credit cards. Some of Algorand's UX challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56. Estimates of operating expenses like cloud hosting suggest it may have competitive pricing to competitors in the space. From 88704016952c81bd147840e2ee5e2e0711769f82 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 00:05:39 +1100 Subject: [PATCH 15/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index e5ec103f..de2a7de3 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -36,7 +36,7 @@ Here are some relevant projects he has worked on, linked to videos for further d ## Present Proposal -Zorkin plans to develop a turnkey solution for low-friction user authentication and transaction authorization with Social Login via an OAuth provider (e.g. Google), linking an Algorand account to the user's OAuth identity. At its core, users authenticate themselves using a familiar OpenID Connect experience. The resulting JSON Web Token (JWT) access token can then be utilized to create an authorized session wherein users can approve transactions from their linked Algorand account with the associated session parameters. ZK-SNARKs are used to preserve the privacy of the JWT access token during session authorization, so it isn't revealed on-chain. The sensitive session access keys are stored within the interfacing application client, intended for management by the user, making the solution self-custodial. +Zorkin plans to develop a turnkey solution for low-friction user authentication and transaction authorization with Social Login via an OAuth provider (e.g. Google), linking the user's OAuth identity to a unique Algorand Account from which transactions can be authorized. At its core, users authenticate themselves using a familiar OpenID Connect experience. The resulting JSON Web Token (JWT) access token can then be utilized to create an authorized session wherein users can approve transactions from their linked Algorand account with the associated session parameters. ZK-SNARKs are used to preserve the privacy of the JWT access token during session authorization, so it isn't revealed on-chain. The sensitive session access keys are stored within the interfacing application client, intended for management by the user, making the solution self-custodial. ZK-Login by Mysten Labs, created exclusively for the Sui blockchain, has inspired the development of Zorkin. Zorkin plans to introduce various improvements such as allowing seamless OAuth client migration, postponing session creation until necessary, among other enhancements. From 4f193a4fc222e4ce6706e108ddba6d63517903ed Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 00:27:10 +1100 Subject: [PATCH 16/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index de2a7de3..926d35cd 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -83,7 +83,7 @@ If implemented, developers in supported countries can provide users with a ZK-SN ### Open Source Clarification -The proposal's metadata suggests it will be Open Source, but this applies only to solution components chosen at our discretion such as certain frontend application clients. Each open-source component will be subject to a separate license with respective terms and conditions that must be adhered to. +The proposal's metadata suggests it will be Open Source, but this applies only to solution components chosen at our discretion such as certain frontend application clients. It is guaranteed that at least one component of the solution will be open-source. Each open-source component will be subject to a separate license with respective terms and conditions that must be adhered to. Any third-party code or design dependency will have its respective trademark, copyright & patent licenses respected. ### Ownership of Deliverables & Intellectual Property From 0316b7d4d1ca1452c0f52525999cf94705b2d1b6 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 01:14:14 +1100 Subject: [PATCH 17/27] Update xgov-119.md --- Proposals/xgov-119.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 926d35cd..01c1a237 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -87,7 +87,19 @@ The proposal's metadata suggests it will be Open Source, but this applies only t ### Ownership of Deliverables & Intellectual Property -The deliverables and related intellectual property (IP) will be fully owned by Winton Nathan-Roberts, who reserves the right to do anything with the property as permitted by law. To the best of our knowledge, the current IP isn't conflicting with any patents. The intellectual property and deliverables might undergo ownership transfers, leading to possible rebranding or integration with other companies or products. For instance, Zorkin could be renamed and associated with a different product the author is affiliated with under similar ownership changes. Zorkin, described by the proposal, is a commercial endeavour with the aim to profit. +The deliverables and any related novel intellectual property (IP) will be fully owned by Winton Nathan-Roberts, who reserves the right to do anything with the property as permitted by law. To the best of our knowledge, the IP isn't conflicting with any patents. The intellectual property and deliverables might undergo ownership transfers, leading to possible rebranding or integration with other companies or products. For instance, Zorkin could be renamed and associated with a different product the author is affiliated with undergoing similar ownership changes. Zorkin, described by the proposal, is a commercial endeavour with the aim to profit. + +### Intellectual Property Clarity + +The following is an argument as to why we think the Zorkin IP is safe to use and unlikely to encounter any disputes due to IP infringement. In particular, whether it is okay that Zorkin is similar in concept to ZK-Login by Mysten Labs, sharing some degree of design overlap. The following should not be construed as legal advice, is not written by a legal professional and is accurate to the best of our knowledge. + +- Zorkin isn't a clone of any other solution. It is inspired by other solutions and makes several innovations +- Currently there are no known patents or pending-patents for similar ideas +- Several unpatented designs exist, including [Snark JWT Verify](https://github.com/TheFrozenFire/snark-jwt-verify) & [zkOauth](https://github.com/0xrishabh/zkOauth). These designs are over a year old suggesting the idea of using ZK-SNARKs for OAuth/OIDC transaction authorization is unpatentable +- ZK-Login is described and implemented by Mysten Labs in an Open-Source codebase with an [APLv2](https://www.apache.org/licenses/LICENSE-2.0) license, and documentation that's covered by [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/deed.en) +- By the superposition of these licenses, APLv2 offers free use of any novel ideas conveyed in the codebase. The code itself is a detailed description of algorithms & systems, including ZK-Login + +Should any IP infringement dispute occur, or is predicted to occur, Zorkin will do anything it can to respect the law including preemptively shutting any public facing service with advanced notice per its Terms of Service. ### Self-Custodial Definition From 0d7cc351a4db0eac6af5b6b6921388e547a63240 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 01:51:40 +1100 Subject: [PATCH 18/27] Update xgov-119.md --- Proposals/xgov-119.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 01c1a237..1ab83560 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -75,6 +75,8 @@ In chronological order, the deliverables are: The delivery timeline is deliberately open-ended to prioritize legal compliance and consumer safety. The deliverables will be available for public access only in jurisdictions where they fully adhere to local laws. The deliverables will be adjusted against feedback from legal consultation to ensure legal feasibility. These services will be offered as long as they are financially viable and legally permissible, with a planned legal sunsetting and exit strategy to be devised and communicated to consumers through the terms of service. +Note the scope of the proposal, including the deliverables, are completely limited to whatever is described in this proposal document and excludes any external resource or dependency such as a Github repository where some design or intention may be proposed. + ## Benefits for the community If implemented, developers in supported countries can provide users with a ZK-SNARK based OpenIdConnect authentication solution to access an application-specific self-custodial Algorand account linked to their OAuth credentials. The integrated 3rd party Fiat On-Ramp will enable users to buy approved crypto assets using major payment methods, including credit cards. Some of Algorand's UX challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56. Estimates of operating expenses like cloud hosting suggest it may have competitive pricing to competitors in the space. @@ -118,4 +120,4 @@ To the fullest extent permitted by law, this proposal and Zorkin are subject to - UNVERIFIED CLAIMS: Claims in the content are not independently verified; do your own research before relying on them. - IMPORTANT NOTICE: This document, including all disclaimers, should not be considered as legal or investment advice. The information provided is for general informational purposes only. -Due to the research heavy nature of the proposal, all claims are subject to change. +Due to the research heavy nature of the proposal, all claims are subject to change. The scope of the proposal, including the deliverables, are completely limited to whatever is described in this proposal document and excludes any external resource or dependency such as a Github repository where some design or intention may be proposed. From e729c14e520bc4b46e59fe366dacd4ee1f05821d Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 02:37:28 +1100 Subject: [PATCH 19/27] Update xgov-119.md --- Proposals/xgov-119.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 1ab83560..1c35e216 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -79,7 +79,7 @@ Note the scope of the proposal, including the deliverables, are completely limit ## Benefits for the community -If implemented, developers in supported countries can provide users with a ZK-SNARK based OpenIdConnect authentication solution to access an application-specific self-custodial Algorand account linked to their OAuth credentials. The integrated 3rd party Fiat On-Ramp will enable users to buy approved crypto assets using major payment methods, including credit cards. Some of Algorand's UX challenges, like the need for explicit consent for asset Opt-In, will be mitigated by possibly leveraging ARC-56. Estimates of operating expenses like cloud hosting suggest it may have competitive pricing to competitors in the space. +If implemented, developers in supported countries could integrate Zorkin into their applications to facilitate Social Login for user authentication and transaction approval, creating a smoother experience. The inclusion of a third-party Fiat On-Ramp allows users to purchase approved assets using major payment methods, including credit cards. Some Algorand specific user experience challenges, such as explicit asset Opt-In approval, will be addressed cohesively. Furthermore, initial cost estimates for services like cloud hosting indicate that Zorkin could offer competitive pricing compared to alternative solutions like Web3Auth. ## Additional information @@ -91,6 +91,8 @@ The proposal's metadata suggests it will be Open Source, but this applies only t The deliverables and any related novel intellectual property (IP) will be fully owned by Winton Nathan-Roberts, who reserves the right to do anything with the property as permitted by law. To the best of our knowledge, the IP isn't conflicting with any patents. The intellectual property and deliverables might undergo ownership transfers, leading to possible rebranding or integration with other companies or products. For instance, Zorkin could be renamed and associated with a different product the author is affiliated with undergoing similar ownership changes. Zorkin, described by the proposal, is a commercial endeavour with the aim to profit. +Zorkin will be a paid service, where users must pay for their usage covering operating expenses at minimum. + ### Intellectual Property Clarity The following is an argument as to why we think the Zorkin IP is safe to use and unlikely to encounter any disputes due to IP infringement. In particular, whether it is okay that Zorkin is similar in concept to ZK-Login by Mysten Labs, sharing some degree of design overlap. The following should not be construed as legal advice, is not written by a legal professional and is accurate to the best of our knowledge. @@ -98,8 +100,8 @@ The following is an argument as to why we think the Zorkin IP is safe to use and - Zorkin isn't a clone of any other solution. It is inspired by other solutions and makes several innovations - Currently there are no known patents or pending-patents for similar ideas - Several unpatented designs exist, including [Snark JWT Verify](https://github.com/TheFrozenFire/snark-jwt-verify) & [zkOauth](https://github.com/0xrishabh/zkOauth). These designs are over a year old suggesting the idea of using ZK-SNARKs for OAuth/OIDC transaction authorization is unpatentable -- ZK-Login is described and implemented by Mysten Labs in an Open-Source codebase with an [APLv2](https://www.apache.org/licenses/LICENSE-2.0) license, and documentation that's covered by [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/deed.en) -- By the superposition of these licenses, APLv2 offers free use of any novel ideas conveyed in the codebase. The code itself is a detailed description of algorithms & systems, including ZK-Login +- ZK-Login is described and implemented by Mysten Labs with most of its components existing in an Open-Source codebase with an [APLv2](https://www.apache.org/licenses/LICENSE-2.0) license, and documentation that's covered by [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/deed.en). Some components, in particular its circuit, are closed-source +- The conclusion we can reach is that the design for ZK-Login is most likely subject to APLv2, on the basis it is nearly described in its entirety in codebases that are subject to APLv2 Should any IP infringement dispute occur, or is predicted to occur, Zorkin will do anything it can to respect the law including preemptively shutting any public facing service with advanced notice per its Terms of Service. From 3ae83b3f9094855b0f0a00d9b7981173e873237d Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 02:38:38 +1100 Subject: [PATCH 20/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 1c35e216..b31d7ce8 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -103,7 +103,7 @@ The following is an argument as to why we think the Zorkin IP is safe to use and - ZK-Login is described and implemented by Mysten Labs with most of its components existing in an Open-Source codebase with an [APLv2](https://www.apache.org/licenses/LICENSE-2.0) license, and documentation that's covered by [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/deed.en). Some components, in particular its circuit, are closed-source - The conclusion we can reach is that the design for ZK-Login is most likely subject to APLv2, on the basis it is nearly described in its entirety in codebases that are subject to APLv2 -Should any IP infringement dispute occur, or is predicted to occur, Zorkin will do anything it can to respect the law including preemptively shutting any public facing service with advanced notice per its Terms of Service. +Should any IP infringement dispute occur, or is predicted to occur, Zorkin will do anything it can to respect the law including preemptively terminating any public facing service with advanced notice per its Terms of Service. ### Self-Custodial Definition From fe0b214c3f92fbbf6697e802eda438347fe51f60 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 02:52:38 +1100 Subject: [PATCH 21/27] Update xgov-119.md --- Proposals/xgov-119.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index b31d7ce8..b8539e3e 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -13,9 +13,7 @@ status: Final --- ## Abstract -Zorkin aims to implement a ZK-SNARK based OpenIDConnect authentication solution that runs natively on Algorand, allowing Social Login like Facebook to authorize transactions from a linked self-custodial Algorand Account. - -A fiat on-ramp will be integrated into the solution for regulatory-compliant blockchain asset purchases using major payment methods such as credit card. +Zorkin plans to develop a ZK-SNARK based solution for low-friction user authentication and transaction authorization with Social Login via supported OAuth providers (e.g. Google), linking the user's OAuth identity to a unique Algorand Account from which transactions can be authorized. Some Algorand specific user experience challenges, such as explicit asset Opt-In approval, will be addressed cohesively. A fiat on-ramp will be integrated into the solution for regulatory-compliant blockchain asset purchases using popular payment methods such as credit card. ## Team - Winton Nathan-Roberts as Research, Design & Software Engineering lead @@ -36,7 +34,7 @@ Here are some relevant projects he has worked on, linked to videos for further d ## Present Proposal -Zorkin plans to develop a turnkey solution for low-friction user authentication and transaction authorization with Social Login via an OAuth provider (e.g. Google), linking the user's OAuth identity to a unique Algorand Account from which transactions can be authorized. At its core, users authenticate themselves using a familiar OpenID Connect experience. The resulting JSON Web Token (JWT) access token can then be utilized to create an authorized session wherein users can approve transactions from their linked Algorand account with the associated session parameters. ZK-SNARKs are used to preserve the privacy of the JWT access token during session authorization, so it isn't revealed on-chain. The sensitive session access keys are stored within the interfacing application client, intended for management by the user, making the solution self-custodial. +Zorkin plans to develop a drop-in solution for low-friction user authentication and transaction authorization with Social Login via supported OAuth providers (e.g. Google), linking the user's OAuth identity to a unique Algorand Account from which transactions can be authorized. At its core, users authenticate themselves using a familiar OpenID Connect experience. The resulting JSON Web Token (JWT) access token can then be utilized to create an authorized session wherein users can approve transactions from their linked Algorand account with the associated session parameters. ZK-SNARKs are used to preserve the privacy of the JWT access token during session authorization, so it isn't revealed on-chain. The sensitive session access keys are stored within the interfacing application client, intended for management by the user, making the solution self-custodial. ZK-Login by Mysten Labs, created exclusively for the Sui blockchain, has inspired the development of Zorkin. Zorkin plans to introduce various improvements such as allowing seamless OAuth client migration, postponing session creation until necessary, among other enhancements. From 34fc25398196196745b69d649801bbb3420db015 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 03:09:29 +1100 Subject: [PATCH 22/27] Update xgov-119.md --- Proposals/xgov-119.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index b8539e3e..e54ff3b8 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -13,7 +13,11 @@ status: Final --- ## Abstract -Zorkin plans to develop a ZK-SNARK based solution for low-friction user authentication and transaction authorization with Social Login via supported OAuth providers (e.g. Google), linking the user's OAuth identity to a unique Algorand Account from which transactions can be authorized. Some Algorand specific user experience challenges, such as explicit asset Opt-In approval, will be addressed cohesively. A fiat on-ramp will be integrated into the solution for regulatory-compliant blockchain asset purchases using popular payment methods such as credit card. +Zorkin plans to develop a ZK-SNARK based solution for low-friction user authentication and transaction authorization with Social Login via supported OAuth providers (e.g. Google), linking the user's OAuth identity to a unique Algorand Account from which transactions can be authorized. Some Algorand specific user experience challenges, such as explicit asset Opt-In approval, will be addressed cohesively. A fiat on-ramp will be integrated into the solution for regulatory-compliant blockchain asset purchases using popular payment methods such as credit card. It will be launched as a paid service with pricing that is estimated, although not guaranteed, to be competitive with alternatives like Web3Auth. + +Disclaimers: +- The proposal is subject to terms, conditions and disclaimers as outlined in the body of the proposal +- Should the proposal be unfunded or fail to pass, we reserve the right to discontinue Zorkin development, terminate our plans and close any public services ## Team - Winton Nathan-Roberts as Research, Design & Software Engineering lead @@ -121,3 +125,5 @@ To the fullest extent permitted by law, this proposal and Zorkin are subject to - IMPORTANT NOTICE: This document, including all disclaimers, should not be considered as legal or investment advice. The information provided is for general informational purposes only. Due to the research heavy nature of the proposal, all claims are subject to change. The scope of the proposal, including the deliverables, are completely limited to whatever is described in this proposal document and excludes any external resource or dependency such as a Github repository where some design or intention may be proposed. + +Should the proposal be unfunded or fail to pass, we reserve the right to discontinue Zorkin development, terminate our plans and close any public services. From bbd49ad97a25e536b099bc0d742d0e190170b7df Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Tue, 6 Feb 2024 03:15:07 +1100 Subject: [PATCH 23/27] Update xgov-119.md --- Proposals/xgov-119.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index e54ff3b8..5fd83c51 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -101,8 +101,8 @@ The following is an argument as to why we think the Zorkin IP is safe to use and - Zorkin isn't a clone of any other solution. It is inspired by other solutions and makes several innovations - Currently there are no known patents or pending-patents for similar ideas -- Several unpatented designs exist, including [Snark JWT Verify](https://github.com/TheFrozenFire/snark-jwt-verify) & [zkOauth](https://github.com/0xrishabh/zkOauth). These designs are over a year old suggesting the idea of using ZK-SNARKs for OAuth/OIDC transaction authorization is unpatentable -- ZK-Login is described and implemented by Mysten Labs with most of its components existing in an Open-Source codebase with an [APLv2](https://www.apache.org/licenses/LICENSE-2.0) license, and documentation that's covered by [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/deed.en). Some components, in particular its circuit, are closed-source +- Several unpatented designs exist, like Snark JWT Verify. These designs are over a year old suggesting the idea of using ZK-SNARKs for OAuth/OIDC transaction authorization is unpatentable +- ZK-Login is described and implemented by Mysten Labs with most of its components existing in an open-source codebase with an APLv2 license, and documentation that's covered by CC-BY-4.0. Some components, in particular its circuit, are closed-source - The conclusion we can reach is that the design for ZK-Login is most likely subject to APLv2, on the basis it is nearly described in its entirety in codebases that are subject to APLv2 Should any IP infringement dispute occur, or is predicted to occur, Zorkin will do anything it can to respect the law including preemptively terminating any public facing service with advanced notice per its Terms of Service. From 794b724a04cad964c69182785634bb5739795f63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Mon, 5 Feb 2024 18:05:13 +0100 Subject: [PATCH 24/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 5fd83c51..acabf132 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -42,7 +42,7 @@ Zorkin plans to develop a drop-in solution for low-friction user authentication ZK-Login by Mysten Labs, created exclusively for the Sui blockchain, has inspired the development of Zorkin. Zorkin plans to introduce various improvements such as allowing seamless OAuth client migration, postponing session creation until necessary, among other enhancements. -Zorkin aims to enhance the user experience on Algorand by tackling its inherent challenges, like the requirement for users to manually opt into assets. To that end, we may offer a compatible ARC-56 compliant plugin-based contract account. xGov-117 proposes to develop ARC-56. +Zorkin aims to enhance the user experience on Algorand by tackling its inherent challenges, like the requirement for users to manually opt into assets. To that end, we may offer a compatible ARC-56 compliant plugin-based contract account. [xGov-117](https://github.com/algorandfoundation/xGov/pull/117) proposes to develop ARC-56. Lastly, our plan includes adding a regulatory-compliant, third-party fiat on-ramp service like MoonPay. This will enable users to buy approved assets with popular payment methods, including credit cards. From 8faf328dc8b506805ca6323727779bb1fcdf9325 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Mon, 5 Feb 2024 18:07:35 +0100 Subject: [PATCH 25/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index acabf132..6b5f7495 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -42,7 +42,7 @@ Zorkin plans to develop a drop-in solution for low-friction user authentication ZK-Login by Mysten Labs, created exclusively for the Sui blockchain, has inspired the development of Zorkin. Zorkin plans to introduce various improvements such as allowing seamless OAuth client migration, postponing session creation until necessary, among other enhancements. -Zorkin aims to enhance the user experience on Algorand by tackling its inherent challenges, like the requirement for users to manually opt into assets. To that end, we may offer a compatible ARC-56 compliant plugin-based contract account. [xGov-117](https://github.com/algorandfoundation/xGov/pull/117) proposes to develop ARC-56. +Zorkin aims to enhance the user experience on Algorand by tackling its inherent challenges, like the requirement for users to manually opt into assets. To that end, we may offer a compatible ARC-56 compliant plugin-based contract account. [xGov-117](./xgov-117.md) proposes to develop ARC-56. Lastly, our plan includes adding a regulatory-compliant, third-party fiat on-ramp service like MoonPay. This will enable users to buy approved assets with popular payment methods, including credit cards. From 5fa25abc61bf22cb9a6df59086e09713320e9a04 Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Wed, 7 Feb 2024 02:48:54 +1100 Subject: [PATCH 26/27] Update xgov-119.md --- Proposals/xgov-119.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 6b5f7495..8996a462 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -9,7 +9,7 @@ category: dApps focus_area: User Onboarding open_source: Yes amount_requested: 100000 -status: Final +status: Draft --- ## Abstract From 4d0e6b0545b436a0d0fd26718e26555630eb99fe Mon Sep 17 00:00:00 2001 From: mangoplane <104189015+mangoplane@users.noreply.github.com> Date: Wed, 7 Feb 2024 03:57:08 +1100 Subject: [PATCH 27/27] Update xgov-119.md --- Proposals/xgov-119.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Proposals/xgov-119.md b/Proposals/xgov-119.md index 8996a462..e89134d0 100644 --- a/Proposals/xgov-119.md +++ b/Proposals/xgov-119.md @@ -9,7 +9,7 @@ category: dApps focus_area: User Onboarding open_source: Yes amount_requested: 100000 -status: Draft +status: Final --- ## Abstract @@ -126,4 +126,6 @@ To the fullest extent permitted by law, this proposal and Zorkin are subject to Due to the research heavy nature of the proposal, all claims are subject to change. The scope of the proposal, including the deliverables, are completely limited to whatever is described in this proposal document and excludes any external resource or dependency such as a Github repository where some design or intention may be proposed. -Should the proposal be unfunded or fail to pass, we reserve the right to discontinue Zorkin development, terminate our plans and close any public services. +Additional disclaimers: +- If the proposal is passed and approved, but we cannot convince ourselves that the intellectual property is acceptable for use, then we reserve the right to decline the funding and withdraw our proposal even after it has been passed. Should this happen, none of the terms will be delivered on. +- Should the proposal be unfunded or fail to pass, we reserve the right to discontinue Zorkin development, terminate our plans and close any public services