Tech Deep Dive Yellow Submarine

# Tech Deep Dive Yellow Submarine ## ****TL;DR: brief summary**** Yellow Submarine is the first decentralized application (dapp), using a practical implementation of ZKP, which abstracts away a lot of the technical complexity, to allow a secure and confidential transit across blockchain networks ,with initial support for EVM compatibile networks only. It is a marquee application developed by the team at Project Columbus with help from the developers of the findora platform. The Findora network is used as the base layer for this solution , which supports completely anonymous payments .Masking the the sender , receiver and and the transfer amount . This is achieved though a system of zero knowledge proofs verifiable by the ledger . Findora uses a slightly modified version of the popular generalized ZKSNARK called Plonk , which makes some adjustments to improve the proof creation and verification times The benefits os an API like this are - Secure payments across blockchains - Protection of identity of the sender - There is no direct corellation between the sender and the receiver address - Chain agnostic Under the hood, Yellow Submarine uses Findora’s multi-chain architecture, which parallelizes the best of ZKP for scalability and privacy with the finest of EVM for programmability, interoperability, and composability. ## What is ZKP Zero knowledge proof or protocol is a way for a “prover” to convince a “verifier” that a statement about some secret information is true without revealing the secret itself. The proof protocol may be interactive or non-interactive. Example: a verifier presents a prover with a hash H, and would like the prover to provide proof that she has the secret data that hashes to H. The prover produce a zero knowledge proof that convinces the verifier that she has the data that hashes to H, without revealing the data itself to the verifier. ## Anonymous transfers on Findora Public blockchain networks such as Bitcoin and Ethereum are transparent and offer pseudonymity rather than genuine anonymity. One of the most important design goals is that anyone can join and use the network. But an innate feature of this design is that everyone is able to scrutinize every single transaction recorded in the ledger. Transactions store information about pseudonymous identities (sender and receiver) of the participants in the transaction. They also store information about the amounts being sent. In the case of multi-asset chains, this also entails information about the assets being traded in the transactions. In order to have stronger privacy, confidentiality and censorship-resistance features, it is eminently desirable to mask this information corresponding to a transaction in tandem with cryptographically proving the integrity of the chain. We briefly describe two instances where the lack of privacy and confidentiality would render an open blockchain unsuitable for the use case. 1. If a company pays its employees in Bitcoin, the salaries would be public knowledge. In particular, all employees would know their colleagues’ salaries, which could be undesirable for both the company and the employees. 2. If a company like Ford pays its (mutually competing) tire suppliers in Bitcoin, the suppliers would see the exact quotation of the prices charged by their competitors. They could game the system by bidding appropriately so as to win the auction. Thus, confidentiality of amounts is essential for transactions in such settings. In the case of multi-asset blockchains, it is also desirable to maintain the confidentiality of the asset type being traded in addition to the amount. An *asset transfer* is a transaction that transfers ownership of an asset from one address to another. A *confidential* asset transfer is an asset transfer such that: 1. The amount being transferred in the transaction is hidden. 2. The asset types involved in the transaction are hidden. Note that unlike some mono-asset networks, Findora network supports multi-asset transfers. An *anonymous* transfer is often referred to as a *triple masking* because it hides three things: 1. The identities of the sender and the receiver 2. The amount being sent 3. The asset type *Anonymous tranfers* are *confidential transfers* where the identities of the sender and receiver are also protected or shielded. Instead of storing transaction data in plaintext on the public ledger, a cryptographic commitment to this data is publicly recorded. The person performing the transaction provides cryptographic proofs attesting to the authenticity and validity of this encrypted data. This feature is made possible by zk-Snarks (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). For the simpler feature of hiding the amount and the asset type but not the identities of the sender/receiver, Findora uses Bulletproofs. This feature - known as *confidential asset transfers* - requires a sender to prove in zero knowledge that a certain committed amount falls within a certain range (usually [0,264][0,264]). This is a transparent scheme (i.e. no trusted setup). It hinges on the hardness of the discrete logarithm problem in elliptic curves, which is one of the oldest and most battle-tested hardness assumptions in cryptography. While the same scheme can, in theory, also support an anonymous transfer, the verification time is linear in the size of the circuit, which is far too expensive for the complex statements that constitute an anonymous transfer. To this end, we use *TurboPlonk*, a pairing-based Snark which has a constant-sized proof and a constant verification time. While this scheme does require a trusted setup, it is far better suited for more complex statements. Furthermore, the trusted setup is universal and updateable. ## Project YS the meaty details ### How does YS transfer work ? ![](https://i.imgur.com/nqTDDlx.png) Use case : Alice wants to transfer 100 USDC from Ethereum to Binance smart chain via YS - Alice sends uses the YS web app to approve and transfer 100 USDC from her wallet to the Columbus Pool contract deployed on ethereum network - The tokes are locked and the deposit event is relayed across to the columbus relayer contract running on the Findora Chain - Yellow Submarine webservice maages the confidential payment , it does the following steps - Convert Mineted USDC.e (Smart Token FRC20) -> USDC.e (utxo) via a modified version of Prism transfer - Does a series of anon payments with this newly minted USDC.e(utxo) . This breaks all links between the sender and receiver - Converts the final USDC.e(utxo) back to USDC.e (Smart Token FRC20) - The fee required for the this trasnaction is being bourne by the Webservice / Findora foundation right now , but will envetually be charged as an upfront payment from the user . - Transfers the USDC.e to BSC smart chain , to mint USDC.b for the recipients address . -