I recently learnt about Halo 2 and PLONK zero-knowledge circuit design and built a Wordle clone that creates ZK proofs of the grid you share afterwards. This was mostly a fun intro project for me and I wrote up my notes introducing Halo 2 and my circuit design in specific in the README that would be interesting to folks here!
Creator here, thank you for sharing this here - it seems there’s a decent bit of misunderstandings in the comments (particularly around the security model/monetary cost) so I’ll clarify some things:
- Your main wallet is never exposed to the game tiles, only a burner proxy wallet created for in-game interactions. This limits any attack surface area significantly.
- Frontend plug-ins are decently sandboxed and cannot learn things like “what’s your private key?” or make transactions on your behalf unless you explicitly approve it.
- This runs on a testnet L2 (Optimism Kovan) so it’s free to play - this is just meant to be a proof of concept exploration. Anyway, transaction costs are on the order of 1/100th of a cent on such L2s, so it’s really not prohibitively expensive to play the game even if it was with real money!
I’m a bit disappointed that most of the comments here pose rather shallow understanding of what’s interesting about exgrasia/blockchain as a data layer for games - I’d think nothing would excite fellow programmers more than the ability to build their own systems and mod it into a “world” without any limits/permissions on it :(
> I’d think nothing would excite fellow programmers more than the ability to build their own systems and mod it into a “world” without any limits/permissions on it :
You don't need a blockchain with global consensus to do that.
That’s a fair criticism - I like to think a blockchain is akin to a shared computer we all have access to (via programs/contracts) which makes it really convenient to use blockchains in such ways. Besides, the perpetual machine properties of a blockchain allow code to exist independent of an individual creator/entity - exgrasia cannot go the way of club penguin for instance.
> the perpetual machine properties of a blockchain allow code to exist independent of an individual creator/entity - exgrasia cannot go the way of club penguin for instance
Which is framed as a net positive here, but is it? What happens when my little fishing tile is surrounded by $RACIAL_SLUR-ville? What happens when the landscape becomes a sea of swastikas?
Those papers are some of the densest ones, so maybe as a starter I would recommend Vitalik’s blog posts on ZK[1].
If folks are interested in a complexity theoretic introduction to ZK proofs, incidentally, in the interest of being self recommending, I authored one myself I’d be curious to hear thoughts on :)[2]
Yeah, those papers are very dense. You might want try reading zerocoin[0] first, it was the starting point of all the zero-knowledge proofs for private payments on a blockchain. Then another academic paper, Pinocchio coin, had a proposal for zkSNARKs. And Zeorcash built the zksnark + merkle tree+ serial umber (later called a nullifiers ) approach.
> Using a community chest to reward front-runners for submitting claims is clever. Would the ETH reward still need to be at least as large as the transaction cost to incentivize front-runners? Or is there still a cut of the token being taken, in the hopes the token value will make up the difference?
Yeah, it definitely needs to be at least as large as the gas fee (otherwise front runners will just run the transaction locally and notice that it’s not worth rebroadcasting). Our mechanism doesn’t take a cut of the token, mostly because it is hard to put a value to the token as we mention in the post.
> It seems like there would still be a basic gas problem any time the receiving account wants to use the (ERC-20) token, eg to send the token somewhere else via a wallet or some other standard UI?
That’s certainly true, but if, for instance, your primary use case was as a governance token, most governance happens off-chain(on Snapshot Labs[1], for instance), so that wouldn’t require any funds.
Hi folks, I recently made a small game using Zero-Knowledge proofs that awards players Ethereum NFTs for successfully solving a puzzle. Zero-Knowledge proofs are a pretty new crypto idea with lots of cool applications like this one.
It's kind of mind-blowing that the universe allows us to do this at all: Convincingly prove that you have a solution to a puzzle without revealing anything about the solution itself.
It doesn't use the same strategy as the article, but the underlying idea of non-interactive SNARK based proof is the same (just using the more general circom circuit library to compile the constraints into a ZK-SNARK).
It's pretty convincing so far though that P != NP, all NP problems can be reduced to the four color map problem, and that means that if any one NP problem can be shown to be P, then all NP problems can be solved in polynomial time. I believe there are huge bounties and lots of researchers attempting to do this with any number of NP problems.
Of course, it could be that someone does it one day, and if so modern cryptography is useless, but I highly doubt it.
