# zk Voting with ECDSA sig verification and storage proofs WIP circuit [here](https://github.com/noir-lang/noir-starter/blob/jc/scratchpad/scratchpad/circuits/src/main.nr) ## Membership inclusion ### Storage Proofs - verifying token ownership requires storage proofs - snapshot at a given block w/ specific block header - zk program verifies a storage proof on that header ```solidity struct Proposal { uint snapshotBlock; bytes32 blockHeader; bytes32 ipfsHash; uint deadline; uint forVotes; uint againstVotes; } mapping (uint proposalId => Proposal) public proposals; ``` - use this library to build a merkle tree on chain with sybil protection provided by token ownership - https://github.com/hananbeer/protomerkle - program would verify inclusion in the set (storage proof) - nullifier would be `hash(pub_key, proposal_id)` ### Manual setup - otherwise there could be a setup phase where a user generates a private key by signing a message with their ethereum account. for this, there would also need to be a secret value added to prevent links between accounts used in multiple ## Voting ### Signature verification - public key - signature - message_hash - proposal_id - vote - nullifier is a hash of: - proposal id - public_key_x - returned by circuit (must be provided for valid proof) - vote is excluded otherwise people could vote in both directions ## Circuit ```rust! fn main(pub_key_x : [u8; 32], pub_key_y : [u8; 32], signature: [u8; 64], message_hash: pub [u8; 32], proposalId: Field, vote: Field, block_header : [u8; 32]) { let isValid = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, message_hash); assert(isValid == 1); // https://github.com/colinnielsen/ecrecover-noir/blob/main/src/secp256k1/helpers.nr let eth_address = ecrecover(pub_key_x, pub_key_y, signature, message_hash); // storage proof; TBD storage_proof(block_header, eth_address, token_contract, storage_slot); let mut new_array: [Field; 33] = [0;33]; new_array[0] = proposalId; for i in 1..new_array.len() { new_array[i] = pub_key_x[i] as Field; } let nullifier = std::hash::pedersen(new_array); } ```
Last changed by  
Josh
80

Read more

Aztec Handbook

This is going to focused on the aspects of building–no high level explainers of how to do things. High level explanations should link back to docs pages. Much of this content is already written. For content that is already exists, link to it–for content that does not exist yet, create an issue and maybe write it.

3/20/2024
Creating an Aztec Account Contract

https://github.com/critesjosh/aztec-account-abstraction-workshop

11/14/2023
Aztec Contracts - Common Patterns

How to handle private escrows between two parties…?

10/30/2023
Minimal arbitrarily generic attestations (MAGA)

MAGA is a simple on-chain, privacy preserving attestations protocol. Attestations are associated with an ECDSA signature hash that a user can verify ownership of with a zk proof. Github repo here. This may be best for off chain applications. consider making the time a Public input that invalidates it after X seconds. the solidity contract could be adapted for specific onchain applications, to make it resistant to front-running the proof public inputs must include any inputs to other solidity functions in the transaction. so for access control, the proof must include inputs for the action to be taken. eg, if its for a vote, the proof must include the vote (for, against), the proposal id and contract, otherwise those could be manipulated by a front runner. Recursive proofs greatly expand the design space of what's possible. The multisig and voting use cases explored at the bottom of this document are improved greatly when using recursive proofs for aggregation.

6/14/2023
Read more from Josh
Published on HackMD