ScalingETH Async Hackathon 2024 Recap

Hackathon & Bounty Winners

During the ETHGlobal ScalingETH async hackathon, RISC Zero distributed $10k in bounties over a span of 4 weeks.

There were 26 submissions across three categories, ZK Coprocessor, Best zkVM, and On-chain Identify. Out of 26 we chose 10 projects across those categories and awarded $10k in bounties.

ZK Coprocessor Bounty 

Four winning projects each awarded $1,250.00

Z0Wallet stands as a privacy-centric multi-signature wallet, leveraging the robust Risc0 stack. 

Z0Wallet signers remain undisclosed, and the multi-signature process is validated off-chain, then translated into proofs for later verification. This approach could yield a more cost-effective smart contract wallet, in contrast to current solutions managing similar functions on-chain. The wallet offers an off-chain guest code that computes the current state of the wallet, including signers and threshold, and verifies intended calls via the z0 wallet by validating signatures until the threshold is reached. Upon successful validation, a proof with a journal is generated and validated on the on-chain wallet, ensuring secure and efficient transaction processing.

View Z0Wallet's source code and read more

Colibri is a platform designed for generating verifiable omni-chain balances. It operates seamlessly with RISC Zero and IPC. To utilize Colibri, users are required to generate a wrapped token that represents their balance for a specific token. Subsequently, Colibri interfaces with Risc0 to produce a proof of balance.

Colibri leverages colibri-wrapper contracts on various networks, utilizing IPC subnets like Sepolia and Base for omnichain balance storage. Each asset wrapping requires a RISC Zero and Bonsai operation for snark generation. RISC Zero proofs facilitate cross-chain data reading and provide evidence of view calls, converted from stark2snark.
The project aims to establish provable omnichain balances and aims to streamline bridging operations to achieve this in a single transaction on the destination chain while proving state from the origin chain.
View Colibri's source code and read more

zkPoapCommunities can prove you own a POAP from a specific event, without revealing your wallet address.

POAPs, or "Proof of Attendance Protocol," are widely owned digital mementos minted for sharing memories, as described on the official website Technically, POAPs are NFTs on a blockchain, enabling permissionless and composable functionalities. However, a privacy issue arises in the current implementation, where holders must disclose their wallet address to prove ownership of POAPs, exposing more information than necessary.

Rather than designing a new protocol from scratch, an efficient solution involves integrating privacy into the existing POAP protocol. This approach maintains functionality for issuing and owning POAPs while allowing holders to prove ownership without revealing wallet addresses. Applications can seamlessly integrate with this privacy-preserving protocol in a permissionless manner.

View zkPoap's source code and read more

Thumper is creating more structured zk setup ceremonies with trustless coordination, privacy, sybil-resistance, and zk-proven results

This project investigates the integration of transparent zk proof systems to facilitate the setup of non-transparent ones, exploring the balance between easy verifiability and trust in setup ceremonies while maintaining sybil-resistance and trustlessness. Through an implementation example, named "Thumper" after the Dune universe's summoning device, the project proposes a method for incorporating zkvms into the setup process. It enables participation through ZKKYC, ensuring privacy for participants while maintaining a degree of trustlessness.

View Thumper's source code and read more

zkVM Application Bounty

Three winning projects each awarded $1,000.00

ODESEC stands for On-chain Database of Emergency Security Event Contact

ODESEC features a project identity verification mechanism based on Zero-Knowledge Proofs (ZKPs) and an Anti-Spam system for project notification endpoints. Its primary objective is to cater to instances where ethical hackers uncover crucial security flaws in projects, facilitating prompt notifications to the project team through this database and mechanism. By efficiently filtering spam and issuing alerts solely for potentially genuine vulnerabilities, it enhances the team's alertness levels, enabling swift responses. It facilitates querying contact information based on domain or contract address, employs SSL certificates for project identity authentication, and uses RISC Zero’s zkVM and Bonsai to generate proofs and ZKPoE for anti-spam measures.

View ODESEC's source code and read more

Monadic DNA serves as a model for a new approach to privacy-respecting personal genomics services. 

Traditional personal genomics services such as 23andMe and have offered valuable health and ancestry insights, but their use of insecure methods and lack of attention to privacy have resulted in breaches and questionable data sharing, jeopardizing individuals' most sensitive biological information. Consequently, many are hesitant to embrace genomics for healthcare and other purposes, as genetic data, once compromised, cannot be altered and may be exploited for harm.

Through three distinct tools employing blind computing and zero knowledge technology, the project demonstrates an ecosystem that prioritizes user privacy. The envisioned future is one where individuals retain ownership of their genomic data, without pressure to disclose it to providers, while still reaping the benefits of advancements in the field.

View Monadic's source code and read more

zkora is a platform where you can write JS scripts that run in a zkVM to offload on-chain Solidity computations.

zkora is a specialized tool designed for Ethereum smart contract developers, offering a seamless solution for conducting off-chain computations. Utilizing the RISC Zero zkVM, developers can execute computations off-chain and receive the results along with a proof ensuring the accuracy of the execution. With zkora, devs can use JavaScript to generate proofs directly within the browser, accelerating development time and accessibility. This empowers developers to focus more on the core features of their smart contracts without the concern of optimizing gas usage for complex operations. zkora streamlines this process further through its web application interface, allowing developers to write both Solidity smart contracts and JavaScript programs, which can be executed within the zkVM. The outcome of these executions, along with the corresponding proofs, can then be seamlessly integrated into smart contracts to validate the accuracy of off-chain computations. Additionally, zkora simplifies user authentication using ERC4337 Smart Accounts, providing developers with a straightforward authentication mechanism.

View zkora's source code and read more

On-chain Identity Bounty

Three winning projects each awarded $666.67

BuildFi is a crowd investment platform that facilitates collaboration between developers and investors. Through a streamlined onboarding process using zero-knowledge KYC (zkKYC), developers verify their authenticity by linking their wallet to their email, which is further validated through platforms like GitHub or LinkedIn. 

Once onboarded, developers outline project milestones, associated dates, and the percentage of total funding they aim to collect upon each milestone's completion. Investors pool funds, which are disbursed to developers sequentially as they achieve milestones. Developers commit to delivering the promised tokens at the project's conclusion through Attestation contracts, with investors having voting rights to verify milestone achievements. Upon project completion, developers transfer tokens to BuildFi, which are then distributed proportionally to investors, marking the successful conclusion of the project. This innovative platform empowers developers to realize their visions while providing investors with opportunities to support promising projects.

View BuildFi's source code and read more

Easy Key is a simple payment solution using phone numbers & zk for authentication. Send and claim low-cost crypto payments with your contacts hassle-free.

Easy Key envisions a user-friendly cryptocurrency experience where wallets can be created using phone numbers, and tokens can be sent to others using only their numbers. This concept simplifies the onboarding process of new users to crypto. Additionally, it explores the idea of streamlining transaction signing by utilizing SMS codes from services like Twilio. The aim of this service is not to rival Ledger or Metamask, but rather provide individuals with a taste of cryptocurrency’s capabilities before they invest in a hardware wallet.

View Easy Key's source code and read more

Zkbiometric is a system that enhances authentication by securely verifying biometric onboarding data against a real-time challenge within a zkVM. It utilizes zero-knowledge proofs to ensure robust identity confirmation while maintaining user privacy.

In support of the European Union's initiative to issue digital credentials to citizens by 2027, the project offers a secure biometric identity verification solution. Leveraging Mobai's technology, users' facial biometrics are captured during onboarding and securely stored as BiometricOnboardingCredentials in their digital wallets. When accessing services, users reproduce their biometric "fingerprint" to generate BiometricChallengeCredentials. Utilizing RISC Zero's zkVM, zero-knowledge proofs confirm the match between the credentials without compromising biometric data. This system ensures GDPR compliance, provides high-assurance identity verification, and supports EU-wide scalability for various applications beyond basic service access.

View Zkbiometric's source code and read more

Watch our workshop: 

ZK Coprocessors, On-Chain Identity, and More: What You Can Do with RISC Zero

Follow along our workshop hosted by Paul Gafni and Austin Abell as they outline what can be built with zero knowledge coprocessors. Devs can demonstrate the accurate execution of diverse Rust code and validate these proofs directly on the blockchain. This facilitates the realization of applications such as on-chain gaming and identity verification. With the increasing adoption of web3, there is a growing demand for essential infrastructure enhancements to support scalability.

To sum it up

The 26 innovative project submissions showcased the outstanding creativity and ingenuity within the zk community. The collaborative spirit is inspiring and we are thrilled to collaborate with these builders in pushing the boundaries of decentralized technology forward. Hack on!

In other news: