Hacking on top of fluidKey (stealth addresses) and zkBob (zk transactions)

Team's submissions

zkStealth Freedom to Transact Smart Contracts

The problem zkStealth solves

This project combines two complementary and powerful privacy technologies:

  • Stealth Addresses: We can generate virtually unlimited addresses where users can receive funds.
    • We do not need the collaboration of the user to generate a new address, we can derive as much as we want from a single stealth address published on ENS.
    • They provide a convenient way to receive funds offering privacy to the sender.
  • Zero Knowledge Proofs (ZKP): We can prove to a smart contract pool that we own a specific address without revealing our identity.
    • They allow us to combine the funds received from a stealth address into a single address.
    • Hence, they provide a private way to receive funds.

Together stealth addresses and ZKP they work better:

  • ZKP provide a way to stealth addresses to use the funds after they have been received.
  • Stealth Addresses make ZKP more accessible to the general ethereum user, as they are simple and familiar addresses (or smart wallets) compatible with the rest of the ecosystem.

Challenges you ran into

I had no previous experience on FluidKey and zkBob libraries, so it has been a challenging and intense night (the ones i like)!

  • First I learned how stealth addresses are derived, and how they are used to create Safe Multisigs. That was fine since FluidKey offered an example explaining that.
  • What has been more challenging has been obtaining the private keys and a way to encode the Safe transactions to send the money away from the stealth addresses. It’s not well documented, and the FluidKey UI is not open-sourced unfortunately. I had to reverse-engineer this part, and use some workarounds (I couldn’t use the safe relayer to interact with the Safes, unfortunately).
  • Integrating zkBob has been interesting too. I was in luck since their UI is open-sourced so I could check how they derive the zkAccount mnemonic from an injected wallet signature.
  • The proof-of-concept has a lot of rough corners in terms of UX, but it works as intended, being able to receive funds from fluidKey and send them to zkBob!

Technology used

The technologies used in this project are:

  • FluidKey, a tool to generate stealth addresses that received a prize in the EthRome Hackathon 2023. We use their @fluidkey/stealth-account-kit to generate and manage stealth addresses.
  • zkBob, a tool to manage zk-SNARK proofs of deposits on privacy pools, very impressive and neeeded evolution of privacy wallets within Ethereum. We use their zkbob-client-js to generate and manage zkAccounts.

I am applying in the Smart Contracts Excellence Award Track even though I did not write any smart contracts, as my project didn’t require it. However, it needed a deep understanding of the intricacies of both protocols and the ability to create a complex workflow that ensures their interoperability. I hope the judges can appreciate the technical difficulty and the innovative approach I employed. Thank you for considering my project.