Projects

Links to Circom projects you can begin working from in your quest to apply ZK (click the Project's title for source code)

Identity

Semaphore

Documentation

Semaphore is a primitive object for anonymous set membership "signaling" (voting, spending, etc). A set membership proof is incredibly versatile, and you should seriously consider how you can use it to build out your own applications.

Minimal Anti-Collusion Infrastructure (MACI)

Example Application (DoraHacks)

Behind Tornado Cash, MACI is perhaps the second most widely used Circom application as of 2022. Originally proposed by Vitalik Buterin, MACI is a mechanism that (with a trusted centralized operator) facilitates a vote where it incredibly difficult for voters to see the votes of their peers. This has been employed in many contexts already, including hackathon judging and grant funding.

HeyAnon

Landing Page

HeyAnon is an exciting application of set membership in social media. By generating a valid ZK proof of membership in some group, a user can forward a message to the HeyAnon back end which is eventually relayed to the HeyAnon Twitter. One proposed use-case is whistle blowing. An individual could theoretically prove their employment in some institution without revealing anything about their personal identities.

Census/ "Franchise" Proof

Documentation

Aragon's Vocdoni service is run on top of an incredibly simple Circom circuit. It serves as a great example of how small a Circom app can be while having real-world application.

Games

Dark Forest

Web App Game

Dark Forest is one of the best ways to understand what applied ZK looks like today. This real-time strategy game utilizes procedural generation and zero knowledge to create an expansive world for players to explore with a fog of war unique to each player. If you are having issues getting a key, join the discord and mention your interest in Circom development!

BattleZips

Web App Game

BattleZips V1 is a simple demonstration of the execution of private business logic verified on a public blockchain. While it does not offer any novel contributions to the ZK space, it does make a point of being as readable and usable as possible. It is a gentle introduction to the world of applied ZK as it does not involve much cryptography beyond what is already facilitated by Circom.

Conway's Game of Life

Scaling

RollupNC

CodeLab Tutorial

Skeleton L2 non-custodial ZK Roll-Up with a single sequencer, capable only of transfers between accounts. RollupNC (Non-Custodial) is likely the ancestor to Hermez- you will find many of the features left unfinished in this repository would appear in the Hermez code base. BattleZips has a fork updated for 2022 as code/docs are well out of date.

Hermez Network

V1 Documentation - API Docs (for retrospective analysis)

Hermez Network was built by many of Circom's creators. Version 1, built before it was acquired by Polygon, demonstrates a L2 non-custodial ZK Roll-Up that can facilitate asset swaps (essentially uniswap). Beyond swaps, Hermez improves over RollupNC by decentralizing block production rights and adding network incentives in the form of transfer fees. This is among the most fully formed production Circom repositories.

circom-pairing

Beacon Chain PoC Web App

Devconnect Amsterdam 2022 circom-pairing Demo

circom-pairing is different from the other two projects listed for scaling. This project also could be categorized as a Cryptography project, as this project verifies elliptical curve pairings within Circom. However, this allows proofs inside of proofs - recursive proofs. This can be used to verify many L2 interactions in one L1 transaction. This is still in an experimental phase and is still limited by computational boundaries.

Cryptography

Make sure you visit circomlib, where 90% of circom cryptographic utilities are!

Circom-ECDSA

Devconnect Amsterdam 2022 Circom-ECDSA Demo

0xParc Blog Post

Circomlib provides everything you could need if you choose to use EdDSA. For context, EdDSA is much more efficient to compute in a circuit than ECDSA. Nonetheless there are cases where ECDSA may be needed inside a snark for which this project provides necessary Circom components.

ed25519-circom

Documentation

Circom generally uses Baby Jubjub, a Twisted Edwards curve over the BLS12-381 scalar field. If you don't understand what this means, chances are you won't need this library. If you have a specific need to use the Curve25519, this library will facilitate research and testing. The project is not rated for production use, and employing it as is for critical applications may result in failures of the cryptosystem.

keccack256-circom

Like ECDSA, the keccak-256 hash function standard on Ethereum is inefficient to compute, and algorithms like MiMC or Poseidon have arisen as circuit-friendly alternatives. If your snark is dependent on the keccak-256 hash built into Solidity, this project provides a capable component.

Group Signatures

DeFi

Railgun

DarkSwap

Miscellaneous

Tornado Cash

Tornado Cash Web App

Tornado Cash was a formative application for Circom and the ZK space. It is a very simple implementation of a Merkle tree to facilitating coin mixing on EVM blockchains. You should understand how it works if you want to understand more complex applications.

Rate Limiting Nullifier (RLN)

Documentation

RLN is another exciting up and coming project in the Circom space. RLN provides decentralized and anonymous environments with spam prevention. Let's take a service that wishes to enforce a 1 message/ second cap. Using Shamir's Secret Sharing scheme, RLN creates a system where messaging over this rate exposes a secret key that anyone can use to kick the spammer from the set.

StealthDrop

Scaffold-Eth

ZK Proof of Buffiness (Proof of NFT)

zkPoB Web App

Zero Knowledge Proof of Buffiness (zkPoB) is a very simple circuit demonstrating ownership of an NFT token. This implementation proves ownership over the Bufficorn Buidl Brigade NFT (EthDenver 2022), however you should be able to quickly adapt the code for any purpose.

Further, this code base demonstrates the use of Circom/ SnarkJS/ Solidity stack in a mobile context.

Last updated