A monthly development update series created to embrace the transparency and inclusivity that we strive for at Dusk Network
PLONK working group
During this month, three members of our R&D team attended the ZK-proof online workshop. They were initially scheduled to attend the weekend event in London, however, due to the ban on mass gatherings, the offline event was cancelled and given an online replacement. A wide variety of topics, spanning the whole area of zero-knowledge, were proposed and discussed, in line with the organizers’ mission of creating standardizations for zero-knowledge proofs. One talk in particular, which we focused on, was the talk on PLONK.
Amongst a few other blockchain-friendly companies, Dusk Network has plunged itself into the forefront of implementing PLONK. Our R&D team has now joined a working group, in collaboration with a handful of other researchers including Zac Williamson and Ariel Gabizon the creators of PLONK and Chiefs at Aztec Protocol, and Daira Hopwood, from the Electric Coin Company, the company behind ZCash, keen to see the standardization of PLONK. Our primary goal is to create a language for the intermediation between PLONK circuits and R1CS, a rust library for building gadgets over prime fields. The cost of certain PLONK operations, when expressed in R1CS, is understood to be rather expensive. Therefore, this working group is tasked with constructing a language which universally translates operations between the two circuit models, to achieve aggregated efficiency and simplicity.
In short, a workgroup was created to take PLONK forward. Specifically to provide higher interoperability and make it relevant to more use cases.
PLONK gadget addition - a fixed base add gate
This month saw the inception of our very own fixed base add gate - this is particularly exciting for two reasons. The first is that it has permitted us to delve into some interesting research on abstract algebra and number theory. The second is that this has given us the ability to make some of our Phoenix contract operations concrete, which rely upon scalar multiplication.
With regards to number theory, we have spent time researching a manipulated model of the standardized fixed base scalar multiplication, which performs the operation tailored to Edwards curves. Standardly, the fixed base add gate performs a conditionally selectable operation on a coset of points, which are some multiples of a curve generator, and their negative representations.
On what is taken as the de facto elliptic curve model, Weierstraß form, a negation gives a point which reflects in the x-axis, i.e. turning (x, y) into (x, -y). However, due to the geometric properties of the Edwards curves, a standard negation gives (-x, y). This is particularly relevant to us, as our scalars and generator are all taken from a BLS12-381 embedded curve, called JubJub. By finalizing this tweaked method of fixed base addition in circuits, we have given foresight into the workings of Phoenix contract operations.
One of the most fundamental operations in our transfer contract is proving the knowledge of a secret key, which utilizes the fixed base scalar addition operation. Implementing this logic inside of a circuit allows us to construct the proof in zero-knowledge, and maintain the highest levels of privacy.
In more simpler terms, with the implementation of PLONK comes the need to create PLONK gadgets. Gadgets enable developers to easily build zero-knowledge circuits. In Dusk Network, we need many different gadgets to perform a wide variety of zero-knowledge proofs. In PLONK, an efficient way to perform scalar multiplication is to use a 'fixed base add gate'. Considering the unique set of properties of PLONK and JubJub we needed to make modifications to existing formulae to make it work. We now have the outline for the implementation of the fixed base add gate gadget. This can be used to prove knowledge of a secret key - without exposing any details in regard to the values of the key.
After a period of testing and research, the team has upgraded the specification of Zedger to further improve the efficiency and user experience of the system. Previously, if a security token contract specified a maximum personal ownership cap some measures needed to be put in place. Now, the receiver can accept the transfer once-and-for-all, with no further action required from the contract operator, as the user is prevented from exceeding a cap through the use of an updated balance computation formula within our novel Trie structure called Sparse Merkle-Segment Trie.
The update also improves on the efficiency of contract operator interventions by detaching the transactional logic from the public/private keys (utilized to validate the identity of the transactor), allowing for an easy recovery of holdings in case of a private key loss for example.
Kadcast and RaptorQ
We have also finalized our improvements to the Kadcast protocol with an integration of RaptorQ, which improves the stability of the underlying peer-to-peer network. Kadcast - a 2019 Kademlia-based peer-discovery and packet propagation protocol - structures the broadcasting of propagation of transactions and blocks in the network, solving inefficiencies and potential stress on network load. In a sense, Kadcast is our gossip protocol that sends messages in a structured (thus efficient) way to participants in the network, while RaptorQ allows the participants to recover data lost in transit and completely reconstruct it, without using a backchannel.
RaptorQ is an error correction standard enabling the user to retrieve the message, even if some of the ‘packets’ making up the message have been dropped.
In an upcoming demo we will demonstrate the dynamics of our improved gossip protocol and share stress testing results.
In January we reported our initial plans to release the Desktop node for Linux and MacOS. We are excited to say that we have managed to make the Desktop node available for Windows as well. We’ve been tweaking the desktop node software for a while now (we are close to having a cross platform desktop release candidate), and it will be shipped with a user-friendly wallet.
All apps are integrated with our Continuous Integration (CI) platform. The CI platform does automated cross-platform UI testing. CI is a development practice where developers integrate code into a shared repository frequently, each integration can then be verified by an automated build and automated tests.
We have begun porting our protocol specification into a GitBook repository. The repository will soon be home to the extensive knowledge base of the protocol and the accompanying standards, enabling both the developers and technically-minded individuals to explore the intricate details of the Dusk Network protocol. The GitBook repository will become our primary reference for an implementation-focused protocol specification and will provide developers planning to build on top of the Dusk Network protocol with a straightforward way to bootstrap their development.
With all the novel technologies being developed at Dusk Network, one might forget what it is we are building: the world’s first privacy-respecting on-chain blockchain that supports native confidential smart contracts. We have added a use case page on our website that further details solutions on Dusk Network, e.g. security tokens, digital share registries, or self-custody. More interested in our story so far? Take a look at our brief history on the new about us page.
With our developers and researchers working full steam on all novelties, we have managed to get our lead VM Architect Matteo explain the workings of Cake!, a new sugared syntax for writing smart contracts on our network, adding to the list of demos.
- Smart contracts: Rust Cake!
- Zero-Knowledge Plonk Demo 2
- Zero-Knowledge Plonk Demo
- Dusk Technical Framework - overview
- Genesis Contract: Transfer Contract
- Genesis Contract: Fee Contract
- Genesis Contract: Staking Contract
About Dusk Network
Dusk Network is an open-source and privacy-oriented blockchain based on years of academic research. You can use Dusk Network to create smart contracts that control digital assets and securities.