Projects

Semaphore is a primitive object for anonymous set membership "signaling" (voting, spending, etc). A set membership proof is incredibly versatile, and you should seriously consider how you can use it to build out your own applications.

Behind Tornado Cash, MACI is perhaps the second most widely used Circom application as of 2022. Originally proposed by , MACI is a mechanism that (with a trusted centralized operator) facilitates a vote where it incredibly difficult for voters to see the votes of their peers. This has been employed in many contexts already, including hackathon judging and grant funding.

HeyAnon is an exciting application of set membership in social media. By generating a valid ZK proof of membership in some group, a user can forward a message to the HeyAnon back end which is eventually relayed to the HeyAnon Twitter. One proposed use-case is whistle blowing. An individual could theoretically prove their employment in some institution without revealing anything about their personal identities.

Aragon's Vocdoni service is run on top of an incredibly simple Circom circuit. It serves as a great example of how small a Circom app can be while having real-world application.

Dark Forest is one of the best ways to understand what applied ZK looks like today. This real-time strategy game utilizes procedural generation and zero knowledge to create an expansive world for players to explore with a fog of war unique to each player. If you are having issues getting a key, join the discord and mention your interest in Circom development!

BattleZips V1 is a simple demonstration of the execution of private business logic verified on a public blockchain. While it does not offer any novel contributions to the ZK space, it does make a point of being as readable and usable as possible. It is a gentle introduction to the world of applied ZK as it does not involve much cryptography beyond what is already facilitated by Circom.

Conway's Game of Life

Hermez Network was built by many of Circom's creators. Version 1, built before it was acquired by Polygon, demonstrates a L2 non-custodial ZK Roll-Up that can facilitate asset swaps (essentially uniswap). Beyond swaps, Hermez improves over RollupNC by decentralizing block production rights and adding network incentives in the form of transfer fees. This is among the most fully formed production Circom repositories.

circom-pairing is different from the other two projects listed for scaling. This project also could be categorized as a Cryptography project, as this project verifies elliptical curve pairings within Circom. However, this allows proofs inside of proofs - recursive proofs. This can be used to verify many L2 interactions in one L1 transaction. This is still in an experimental phase and is still limited by computational boundaries.

Circomlib provides everything you could need if you choose to use EdDSA. For context, EdDSA is much more efficient to compute in a circuit than ECDSA. Nonetheless there are cases where ECDSA may be needed inside a snark for which this project provides necessary Circom components.

Like ECDSA, the keccak-256 hash function standard on Ethereum is inefficient to compute, and algorithms like MiMC or Poseidon have arisen as circuit-friendly alternatives. If your snark is dependent on the keccak-256 hash built into Solidity, this project provides a capable component.

Group Signatures

Railgun

DarkSwap

Tornado Cash was a formative application for Circom and the ZK space. It is a very simple implementation of a Merkle tree to facilitating coin mixing on EVM blockchains. You should understand how it works if you want to understand more complex applications.

RLN is another exciting up and coming project in the Circom space. RLN provides decentralized and anonymous environments with spam prevention. Let's take a service that wishes to enforce a 1 message/ second cap. Using Shamir's Secret Sharing scheme, RLN creates a system where messaging over this rate exposes a secret key that anyone can use to kick the spammer from the set.

StealthDrop

Scaffold-Eth

Zero Knowledge Proof of Buffiness (zkPoB) is a very simple circuit demonstrating ownership of an NFT token. This implementation proves ownership over the Bufficorn Buidl Brigade NFT (EthDenver 2022), however you should be able to quickly adapt the code for any purpose.

Further, this code base demonstrates the use of Circom/ SnarkJS/ Solidity stack in a mobile context.

Projects

Identity

Games

Scaling

Cryptography

DeFi

Miscellaneous