This topic is to discuss the proposal submitted by @cleaner
Please see below for the details of the proposal and discussion.

11th September , 2024
Current status: Funded
Funding Note : This proposal is approved for funding. The ecosystem currently lacks a multisig wallet. The approach taken by PopKorn team is novel and thus has a risk in terms of integration and possible evolution. The impact would be high as it could open up new patterns to work with zkApps.The funding is in line with the work proposed. We are very excited to see the breakthrough the team makes.

29th Aug, 2024
Current status: Under Consideration.
Opened for community discussion on : 29th Aug,2024

POPKORN: Zero-Knowledge MultiSig for Mina Protocol

Project Background

POPKORN is an innovative MultiSig wallet solution built on Mina, leveraging O1js, to streamline how users interact with blockchain applications. By utilizing zero-knowledge proofs for authentication and transaction authorization, POPKORN creates a faster, more user-friendly MultiSig experience with fewer pop-ups, while maintaining robust security.

Proposal Overview

Problem

Traditional MultiSig wallets often require complex coordination and multiple interactions, creating a barrier to adoption and efficient use. This complexity can deter users from leveraging the enhanced security benefits of MultiSig solutions.

Solution

POPKORN introduces a streamlined approach to MultiSig wallets on Mina:

1. Faster proof generation for each transaction by multiple users
2. Efficient MultiSig dApp to aggregate and verify proofs
3. Significantly reducing the number of pop-ups and user interactions

While the focus of this proposal is on developing a MultiSig MVP, our long-term vision is to extend this solution into a standalone framework. This framework will empower all Mina applications to replace traditional signing mechanisms with zero-knowledge proofs, enhancing both security and user experience across the ecosystem.

Grant Scope

We will develop an MVP MultiSig dApp implementing the POPKORN solution, capable of receiving and sending tokens after collecting the required number of proofs from authorized users.

While the MVP focuses on the MultiSig functionality, it will lay the groundwork for a broader, more versatile solution that could eventually serve as a universal proof-based authentication mechanism for Mina applications. This future potential, although outside the scope of this grant, represents a significant step forward in how Mina dApps could manage transactions and user interactions.

Ecosystem Impact

1. User Experience: Simplifying MultiSig interactions to encourage wider adoption of secure wallet solutions on Mina.
2. Developer Tools: Providing an easier framework for integrating MultiSig functionality into Mina dApps.
3. Ecosystem Growth: Attracting new users to Mina through user-friendly, secure wallet options.

Audience

1. Existing Mina users seeking more efficient MultiSig solutions
2. New users looking for secure, easy-to-use wallet options on Mina
3. Developers interested in new authentication mechanisms for Mina dApps.

Architecture & Design

Detailed Design

screenshot 11808×1118 137 KB

1. Wallet Connection and Multisig Setup:

• Users connect their standard Mina wallet to the POPKORN zkApp
• Within the dApp, users can create a new multisig wallet
• Setup includes specifying signers, confirmation threshold, hierarchy and other parameters

2. Multisig Wallet Creation:

• Users define the number of signers and required confirmations
• Network fee (1 MINA) for new account setup is covered by the deployer

3. Transaction Proposal and Signing:

• Any signer can propose a transaction from the multisig wallet
• Other signers are notified and can review the transaction
• POPKORN generates zero-knowledge proofs for signer approval, replacing traditional signatures

4. Proof Aggregation and Execution:

• The multisig contract receives and verifies proofs from authorized signers
• Proofs are aggregated until the required threshold is met
• Once the threshold is reached, the transaction is automatically executed

5. Wallet Management:

• Users can modify the number of signers and required confirmations after creation
• The dApp provides a user-friendly interface for managing the multisig wallet

Vision

To establish POPKORN as the go-to MultiSig solution on Mina, we aim to:

1. Provide a seamless, user-friendly interface for creating and managing multisig wallets
2. Minimize user interactions required for secure MultiSig transactions while maintaining robust security
3. Lay the foundation for a universal proof-based signing solution that can be integrated into any Mina dApp in the future.

Production Timeline

We target a production-ready MultiSig dApp within 3 months of funding.

Budget & Milestones

Milestones

1. Develop core proof generation and verification logic
2. Implement MultiSig dApp smart contract
3. Create user-friendly wallet interface
4. Integrate proof aggregation and verification
5. Conduct testing and security audits

Project Timeline

3 months

Mid-Point Check-In

At the mid-point (around 1.5 months in), we plan to have made progress on the following:

1. Proof Generation & Verification:

• Initial development of zero-knowledge proof generation and verification logic.

• Early-stage testing to ensure basic functionality is working.

2. MultiSig Smart Contract:

• Basic structure of the MultiSig smart contract in place, capable of handling signers and transactions.

• Deployed on testnet for initial testing, but not fully feature-complete.

3. Prototype User Interface:

• A rough prototype interface where users can connect their Mina wallet and start setting up a MultiSig wallet.

• Some core features will be functional, with others still in development.

Budget Requested

30,000 MINA

Budget Breakdown

• Core POPKORN functionality: 12,000 MINA
• MultiSig dApp development: 12,000 MINA
• User interface and wallet integration: 3,000 MINA
• Testing, auditing, and documentation: 3,000 MINA

Wallet Address

B62qrNc1QFe8Sr1ioGaanuDQ9aLvcpcNVpcwMDBtTmaXXH72cLtStBV
B62qjfxgtyYsjpfKZGQ4AACvH96uVY5TAwjkW1DubWfwP2nbEqjrrSy

Team Info

Team Members

• arjanjohan - Github - Twitter
• Kacper Github - Twitter

Team Achievements

• First prize at ZkHack Krakow for POPKORN prototype
• Both Kacper and arjanjohan are EthGlobal finalists (EthGlobal Brussels)

Proposer Github

Popkorn Github link

Proposer Experience

Our team has demonstrated expertise in zero-knowledge proofs and blockchain development, as evidenced by our win at ZkHack Krakow with the POPKORN prototype.

Risks & Mitigations

Risks

1. Potential vulnerabilities in proof handling
2. User adoption challenges
3. Compatibility with existing Mina infrastructure

Mitigations

1. Rigorous security audits and leveraging Mina’s native security features
2. Focus on intuitive UX design and user education
3. Close collaboration with Mina community for seamless integration

Additional Considerations

• Explore synergies with other Mina ecosystem projects
• Prioritize scalability for growing user base
• Establish a roadmap for evolving the MultiSig solution into a universal proof-based authentication framework for all Mina dApps.

Hey guys, great proposal. It is a fascinating concept! I have a few questions:

• How would you ensure proofs are discarded, and how can you do this if you are ‘aggregating’ them?
• I am unsure how the transaction will be automatically executed.
• Would the proof have an ‘expiry’ time?

*How would you ensure proofs are discarded, and how can you do this if you are ‘aggregating’ them?

The aggregation of proofs is not actually storing the proofs. It is verifying the proofs, and then keeping a tally of which account verified.

I am unsure how the transaction will be automatically executed.

Again we used a bad wording here. It will not be done automatically, but it will be trigger by the last account that provides the proof that makes the threshold to be met.

Would the proof have an ‘expiry’ time?

Yes we are thinking of using blocknumber or nonces to ensure proofs will expire when they are not consumed.

How will the mulsig be able to interact with mina apps?

For now, the Multisig will be a standalone PoC, to showcase the novel approach to authentication and authorization. This PoC in the future could be the basis for a broader solution, that can interact with other Mina apps.

This proposal is approved for funding. The ecosystem currently lacks a multisig wallet. The approach taken by PopKorn team is novel and thus has a risk in terms of integration and possible evolution. The impact would be high as it could open up new patterns to work with zkApps.The funding is in line with the work proposed. We are very excited to see the breakthrough the team makes.