Skip to main content

12 posts tagged with "voting"

View All Tags

2024 Q3 Review

· 4 min read
ctrlc03
MACI team lead

Glad to have you here! It's again that time where we have a few MACI roadmap updates to share.

We’re going to take a moment to look at what we accomplished in Q3, but before we start, we would like to express our gratitude to all our collaborators and contributors to the MACI protocol.

MACI Platform ✅

This quarter, the team continued to focus on building a comprehensive voting platform with MACI. The platform is now turning into a all-in-one solution for voting, quadratic funding, and RPGF rounds. We made the product much more stable by fixing several bugs, and plan on integrating many more features in the future.

In terms of current features, the platform supports these gating mechanisms:

It now also possible to run quadratic and non quadratic voting rounds, as well as run sequential rounds on the same interface. Soon you will also be able to run multiple concurrent rounds.

With the MACI Platform, we were able to support three community rounds, EthMexico, EthTegucigalpa, and Cryptoversidad. All rounds completed successfully with nearly $30,000.00 distributed to several projects and individuals across the three communities. We also received a lot of great feedback that helped improve the platform overall. We couldn’t be happier to work with such wonderful collaborators and help them make a real world impact.

As always, if you're interested in running a round for your community, please get in touch

Coordinator Service ✅

The Coordinator Service is the ultimate automation of MACI’s main pain-points. It now includes three new features for the frontend interface to provide a very neat experience to MACI operators.

Because we prioritise robust security features whenever possible, the service does not hold any wallet seed phrase to communicate with the various chains. Instead, we implemented a flow that uses ephemeral session keys for short lived approvals, greatly decreasing the impact of a key compromise. This is all possible thanks to account abstraction features such as session keys.

With the flow described above, we implemented a deployer service to easily deploy all needed MACI contracts, as well as a an endpoint to merge the MACI state and message trees, an important step required to be able to tally the results.

Account Abstraction Exploration ✅

Together with a fellow PSE team developer, John, the MACI team is working on a fork of the MACI platform that implements account abstraction features, such as smart wallets and paymasters.

This fork was used in PSE’s first internal hackathon, and allows PSE and EF team members to vote on their favourite hackathon project without spending a single cent from their wallet onchain.

This was a successful experiment which will prove fundamental in our future efforts to improve the MACI platform and make it even more accessible to a general “non crypto native” user base.

Stay tuned for a case study of this experiment!

MACI Protocol Improvements ✅

The 3327 team successfully completed their Anonymous Poll Joining grant. This work enabled unconditional voter privacy, further strengthening user privacy in the protocol. For more details, please refer to their blog post.

With regards to implementing Vitalik’s latest MACI proposal Mostly Offchain Happy Path, we have not been able to start due to other priorities, however we have defined the tasks required and unblocked the epic by implementing the session keys flow on the coordinator service, so that it can be re-used for a secure relayer service.

Finally, our internal team has also been brainstorming features and improvements for MACI v3, however no plan is set in stone yet. Stay tuned for more.

MACI v2.0 Release

· 5 min read
ctrlc03
MACI team lead

We are pleased to announce the release of MACI v2.0.0!

This is our second big release of the year, after the MACI v1.2 release in February of this year. MACI v2.0 brings a more secure and efficient protocol, with improved developer experience, and clearer documentation for users looking to learn about and use MACI.

Background

MACI - Minimal Anti-Collusion Infrastructure - is an application that provides privacy and collusion resistance for on-chain voting. If you're new to MACI, we first recommend reading our documentation for background information and technical details.

New Features and improvements

More compact codebase

We have removed some features that were never used in production, namely Topup and Subsidy. This allowed us to reduce the codebase size, making it cheaper to deploy, as well as reducing the complexity of the zk-SNARK circuits.

We highly thank Chao for his work on these two features over the past years, and look forward to integrating similar features in the future as we come up with new use cases and performance improvements.

On top of that, the merkle tree-like structure holding the signups has been swapped out for a more efficient incremental merkle tree (LazyIMT). This offers some savings for users signing up, as well as simplifies the steps required to finalise a poll, by merging all leaves together and removing the need to compute the subroots and root of the tree.

Improved contract tasks

It is now possible to deploy contracts and finalise polls using the contracts tasks only. This makes the protocol much easier to use, as there is no need to use the maci-cli anymore, which often came with a large number of flags and options. You will just need to fill a json file with the correct parameters and run few simple commands.

Concurrent Polls

It is now finally possible to run multiple polls concurrently from a single MACI instance. Users will no longer need to signup again to vote on proposals published by a single organiser. One thing to note is that each poll will have the same amount of voting power, and new users will need to pass the same gating process as existing users.

We believe this feature will work best when used for coordinating several polls for the participants of a single event where signup is gated by the conference ticket and there are multiple voting rounds, like at Devcon or Devconnect.

New Gatekeepers

Custom Gatekeepers are a great way to guard MACI against Sybil attacks, and with this release we have integrated a number of new protocols, together with the help of our community:

For instance, with Gitcoin Passport as the gatekeeper, the MACI round organiser can set a threshold score and only allow new users with a passport score greater or equal to that threshold. Additionally, with Zupass, we can now gate access to holders of specific event tickets.

We expect to continue to expand our gatekeeper capabilities and welcome the community to come up with new and innovative ways to grant access to MACI's rounds, helping make MACI more customizable and sybil-resilient.

Documentation

You gave us the feedback that the MACI documentation was way too tough to digest, and we heard you! To make it easier to understand, we have grouped documentation entries under a more logical structure, with different sections for different audiences and objectives.

We continue to use our docs website as the definitive resource for all information related to MACI, including blog releases, documentation updates, and roadmap progress. As always, we welcome suggestions on how to make it better and encourage you to report any inconsistencies you may find.

Security Audit

As usual before a major release, the protocol has been thoroughly audited by PSE's internal Audit team, and this time no significant issues were found. However, thanks to the auditors' hard work, we have been able to further optimise the protocol and clean up our technical documentation.

For more details on this recent audit, please refer to our audit docs or view the full report.

With more and more eyes on the protocol, we feel more and more confident about MACI's security posture.

Trusted Setup Ceremony

We are preparing for a new ceremony to cover the changes in our v2.0.0 circuits. To accomplish this, we'll leverage the tooling of p0tion, which helps to streamline and automate Groth16 phase2 ceremonies.

We'll update this page after the ceremony completes to include the production-ready zkey artifacts. In the meantime, the artifacts for v.1.2 can be found on our website, and the artifacts can still be used in production for releases 1.2.0 up to 1.2.5.

Get Involved

MACI is deeply committed to our community, through our open initiatives like public roadmaps, transparent repository management, and a public Discord channel for interaction with our team.

With every issue, PR, feature and roadmap iteration, we welcome feedback to ensure that the continued development of MACI reflects your and the community's needs. Keep an eye on our documentationGitHub discussions and our official Twitter/X account for updates.

For those looking to contribute directly, report bugs, or offer feedback, our GitHub repository is open for issues and discussions. We're eager to assist with your projects or contributions.

For practical implementation insights, review our docs as well as the clr.fund, Allo Stack with MACI, and maci-platform repositories as reference implementations. The first two integrations are quadratic funding implementations, a mechanism which otherwise is highly susceptible to collusion and bribery.

For any other questions or feedback, please reach out to us via PSE's Discord, in our #🗳️-maci channel. We're excited to connect and collaborate with you!

References

Release

Here's the link to the new release code in GitHub: v2.0.0 Release.

2024 Q3 Roadmap

· 4 min read
ctrlc03
MACI team lead

Greetings anon,

We’re excited to share with you what we're building over the next few months. You'll see some of the same themes as our Q2 roadmap as we strive to make MACI and MACI-RPGF more user-friendly and accessible.

If you haven’t read the Q2 in review yet to learn what we’ve been up to the last three months you can check that out here.

MACI Platform

The team is doubling down efforts to build a comprehensive voting platform with MACI powering it all. Initially called maci-rpgf, the project is soon turning into an all-in-one solution for hosting voting, quadratic funding, and rpgf rounds. We plan to work on improving the product with the following high-level initiatives:

  • Complete the integration of the PSE's design team’s new design
  • Bootstrap an e2e testing framework to ensure the code is more robust and reliable
  • Support quadratic voting
  • Support the use of different signup mechanisms
  • Move application's data storage from Vercel to IPFS
  • Support contributing/voting to multiple rounds on the same deployment

Our efforts will include supporting community organisers who want to fork and operate MACI Platform rounds in production. If you're interested in running a round for your community, please get in touch!

Coordinator Service

After successfully implementing a proof generation service as part of our effort of reducing the burden on round organisers, we have plans to continue automating all MACI related operations. This includes contract deployment, proof generation and submission, contract details storage, automatic upload of final tally results to IPFS and more.

We see the “Coordinator Service” as the ultimate automation of MACI’s main pain-points, and look forward to building a secure and efficient service that will abstract away all the operational burdens of using MACI. For more information on the full feature list that this service will include, please refer to this GitHub issue.

Explore Account Abstraction

It is clear that mass adoption of blockchain applications will be difficult if users, especially first time users, must pay to interact with dapps. Furthermore, having a crypto wallet installed and configured to work on a specific chain might also not be straightforward for an average user.

To support this thesis, the MACI team will start a collaboration with other PSE teams involved in researching and implementing account abstraction (AA) solutions. We look forward to bringing some proof of concepts (PoC) for MACI Paymasters and more, which will help remove friction when it comes to web3 UX.

MACI Protocol Improvements

As always, we plan to improve the MACI protocol both in terms of making it cheaper and easier to use, as well as making it more secure.

As part of this effort, we are currently working with the 3327 team to integrate their Anonymous Poll Joining grant work into a new MACI version. The effort can be tracked in this public GitHub board. This work enables unconditional voter privacy, further strengthening user privacy in the protocol. For more details, please refer to this blog post.

On top of this, the team will begin the ground work to implement Vitalik’s latest MACI proposal Mostly Offchain Happy Path - in a nutshell, the proposal seeks to completely remove transaction costs for users by moving certain operations offchain. For maximum privacy and trustlessness, voters will still be able to go directly on-chain and submit their own signup/vote actions.

How does that sound?

Questions? Concerns? Ideas? We’d love to hear from you!

If there is a feature you think we should work on, or an initiative you'd like to collaborate with us on, please let us know! We welcome input from anyone in the community. The best ways to get in touch are to hop in our Discord (#🗳️-maci channel), tag us on X, or create an issue on GitHub.

Onward and upward 🚀

2024 Q2 Review

· 5 min read
ctrlc03
MACI team lead

Greetings anon,

Glad to have you here! It's that time of the year where we have a few MACI roadmap updates to share. We’re going to take a moment to look at what we accomplished in Q2, as the most active project in the entire PSE GitHub org.

Before we start, we would like to express our gratitude to all our collaborators and contributors to the MACI protocol.

Q2 in review

In our q2 roadmap, we aimed at a few major Q2 goals that all tied together:

✅ MACI-RPGF

A lot has happened with MACI-RPGF this last quarter. Much time has been spent improving the product in order to provide a more functional and stable product with a better overall user experience.

PSE's design team came up with a beautiful design that will soon be merged into the stable version of the code. We are looking forward to implementing this major update and are excited for you to try it!

maci-rpgf-design

On the outreach and support side, we also engaged with several communities to run a round using MACI-RPGF. There are three rounds ongoing with EthMexico, ETH Tegucigalpa and Cryptoversidad. Our developers have been working closely with their development teams to deploy and run MACI-RPGF. We look forward to supporting them throughout their rounds and helping facilitate the distribution of funds directly into community members building amazing things in the Ethereum ecosystem.

✅ MACI Coordinator Service

The use of a Coordinator Service would greatly simplify the operation requirements when running MACI. To better support communities running MACI polls, whether as a QF round or a simple voting application, the team has prioritised the development of a Coordinator Service that can be used by any Round Operator.

In the last three months we successfully completed the first iteration of a proof generation service, which can be used to more easily finalise MACI polls. Additionally, work on a frontend dashboard has started. This dashboard can be used to more easily deploy contracts in a customisable way via an intuitive user interface.

✅ MACI Core Protocol Improvements

To achieve our Q2 goal of “Unconditional Privacy" we worked with the 3327 team (responsible for the ElGamal on MACI implementation) to come up with an effective solution and a better user experience that we could have hoped for. More on this can be found in our blog, but we have now started this grant work and are looking forward to seeing this in action in the coming months.

We have also been busy working on some new features and improvements to the codebase. It is now easier than ever to deploy MACI instances, as well as re-use certain smart contracts that have already been deployed and will not need changing.

Furthermore, we have managed to slightly reduce the costs for users by removing unused features, as well as using different and more optimised data structures. This brought several improvements, such as allowing for concurrent polls to be run from one MACI instance (finally!).

Finally, we worked with the community to integrate a number of different gatekeepers:

You can now use these (plus more) to gatekeep signups to MACI and shoot down those sybil attacks!!.

Stay tuned for an upcoming MACI release where all these efforts can be seen in action.

✅ Support Gitcoin Allo protocol integration

Throughout May and June, Gitcoin and Nick Lionis in particular worked hard to integrate MACI in the Allo Stack. You can find the code on their GitHub. The stack will soon be used in production by Gitcoin to support running grant rounds privately.

We are excited to see rounds being run with this integration, and look forward to continue to collaborate with the Allo team to improve MACI and integrate new versions into their stack.

✅ Support ETHDam hackathon QV round

In April, we successfully supported the ETHDam team to run a private quadratic voting (QV) round for the ETHDam hackathon, powered by MACI. Conference attendees used clr.fund to vote on their favourite hackathon projects in order to allocate $10,000 to projects building novel privacy and security solutions in the ecosystem.

✅ MACI starter kit

We've teamed up with Buidl Guild and the Scaffold-ETH team to build a MACI starter kit: a web app that integrates MACI in order to run polls. Thanks to Yash's efforts we now have a ready-to-use MACI starter kit. This has already been used in two hackathons (as an example here's an Eth Berlin project) to quickly prototype projects using MACI. We thank Yash for all his effort with this and are looking forward to see what the community will build with it.

That was a lot, and there’s more to come! Be sure to keep an eye out here for our next post where we look forward to what is coming for MACI in Q3, 2024.

Revolutionising Public Goods Funding

· 2 min read
Vee
MACI contributor

What are Public Goods?

Public goods are services or products that are available for everyone to consume, regardless of whether they contribute to their creation. Examples include clean air, public parks, and open-source software. These goods are essential for community welfare but often face funding challenges due to their non-excludable and non-rivalrous nature. This is where blockchain technology steps in, offering a decentralised approach to funding these vital initiatives. Through blockchain, transparency and community participation in funding decisions are greatly enhanced.

What is MACI and how does it help fund Public Goods?

At its core, MACI is a tool that ensures privacy and prevents collusion in voting and decision-making processes. This function is crucial in public goods funding scenarios, as it ensures that the allocation of funds is fair and uninfluenced by external factors.

Current state

MACI can be used in different forms of decision making and voting.

Quadratic funding is one of the ways in which we could utilise MACI for public goods funding. Quadratic funding is a democratic mechanism for crowdfunding that seeks to promote equitable, inclusive funding for public goods such as open-source software, scientific research, and public art initiatives. By incorporating MACI, these platforms guarantee that votes on how funds are distributed are not swayed by bribery or external pressures. This approach ensures a democratic and equitable distribution of funds, leading to more effective and genuinely representative support for public goods.

Another way in which MACI is utilised is for communities to be able to vote in Retroactive Public Goods Funding (RetroPGF) rounds. For example, Optimism runs RetroPGF rounds which involve allocating funds to projects based on past contributions to the ecosystem, incentivising and rewarding valuable contributions retrospectively. We’ve incorporated MACI to the RPGF stack and thus communities would be able to independently run future rounds in a private and secure manner using maci-rpgf!

The Future looks bright

As we look to the future, the potential of MACI in reshaping public goods funding is significant. MACI could be used for larger and more diverse funding initiatives, expanding its impact, potentially influencing even governmental approaches to public goods funding. The role of MACI in fostering a transparent, fair, and democratic process for funding public goods is set to be a game-changer. Learn more about MACI by reading through our documentation. Join us in our mission, connect with our team on Discord today!

Deciphering MACI - What could we use it for?

· 2 min read
Vee
MACI contributor

Welcome to the intriguing world of blockchain! This guide delves into Minimal Anti-Collusion Infrastructure (MACI), essential for those exploring secure, private voting on the blockchain.

Understanding MACI’s Strengths

MACI stands as a lighthouse of private, secure voting in blockchain voting. Key features include:

  • Collusion Resistance: MACI combats collusion, a significant issue in blockchain voting, by making it impossible for voters to verify their choices to others.
  • Privacy: A cornerstone of MACI, ensuring vote secrecy.
  • Receipt-Freeness: Ensuring voters can’t prove beyond any reasonable doubt their vote to others.
  • Hinders bribery: As anyone looking to bribe voters can’t confirm how voters placed their votes, this potentially discourages bribery.

These strengths make MACI vital in enhancing trustworthiness, especially for newcomers.

Use Cases for MACI

Some potential use cases for MACI are as follows

  • DAO Voting: For Decentralized Autonomous Organizations (DAOs), MACI secures votes for crucial decisions, maintaining democracy in these organizations.
  • Public Goods Funding: On platforms like clr.fund , MACI ensures fair funding decisions, free from external influences via Quadratic Funding.
  • Elections: MACI could also be used in governmental elections for people to cast secure votes for the leaders of their state!

These use cases demonstrate MACI's transformative role in making voting more accessible and trustworthy.

Where MACI May Not Be Ideal

MACI's powerful features may not suit every scenario. For example:

  • Transparent Governance: Where individual vote transparency is key, MACI’s privacy might not be the best option
  • Simple Polling: In basic, non-sensitive blockchain polling, MACI's complexity might not be needed.

Recognising the context of the situation helps in choosing the right tool for blockchain voting needs.

Conclusion

MACI is a significant advancement for secure, private voting. Understanding its strengths and appropriate applications is key to leveraging this technology. As the blockchain landscape evolves, tools like MACI will play an increasingly vital role. Dive deeper into MACI and its application via our documentation and by joining our team’s discussion via our Discord channel!

Understanding MACI - A Beginner's Guide to Private On-Chain Voting

· 5 min read
Vee
MACI contributor

Hey Anon!

In this blog post, we’ll give a high-level, beginner friendly introduction of what Minimal Anti-Collusion Infrastructure (MACI) is, and how it could be used in a real-world context. We’ll take you through the essentials of MACI, making complex concepts accessible regardless of your background in the blockchain space.

What is MACI?

MACI is a cutting-edge solution that ensures private, reliable voting on the blockchain.

Blockchain Voting Challenges for Beginners

On-chain voting is a method of casting votes directly on the blockchain, leveraging its decentralized and transparent nature. While this provides us with censorship resistance and guarantees correct execution, the transparency of blockchains can be a double-edged sword. Given all transaction data is public by default, it means everyone can see how anyone voted. This ensures all votes are correctly counted but the visibility could lead to undue influence on voters' decisions, and potentially opens doors for unethical practices like voter bribery. The challenge, therefore, lies in preserving the privacy of each vote while maintaining the core principles of blockchain: transparency, process integrity, and security.

How MACI Offers a Solution

Minimal Anti-Collusion Infrastructure, or MACI, steps in as an elegant solution to these challenges. Despite operating on-chain, it protects the privacy of voters and votes, thereby significantly reducing the chances of vote manipulation through bribery. How does it achieve this? By employing advanced cryptographic techniques like zero-knowledge proofs (zk-SNARKs), MACI ensures that while the outcome of the vote is public and transparent, individual voting choices remain private. For instance, let's say you vote in an election using MACI, you could claim to everyone that you voted for a particular candidate, but in reality, you might have voted for someone else. There's no way for anyone to verify your claim, making bribery less appealing.

Key Features of MACI

MACI isn't just a tool; it's a fortress safeguarding the integrity of on-chain voting. Let's break down its key features:

  • Collusion Resistance: MACI makes it virtually impossible for voters to be swayed by bribes, as they can't prove how they voted.
  • Privacy: Your vote is your secret. Only you know where your support lies, thanks to the encryption technology MACI employs.
  • Uncensorability: Every vote counts and cannot be blocked, edited or removed, ensuring a fair voting process.
  • Unforgeability: Your vote is tied to your unique digital identity, preventing anyone else from casting a vote in your place.
  • Non-repudiation: Once cast, your vote is set in stone. You can change your mind and vote again, but you can't erase your previous vote.
  • Correct Execution: The final tally is accurate and tamper-proof, ensuring that the true voice of the voting population is heard.

These features come together to create a voting environment where your voice is heard, loud and clear, without fear of external influence or manipulation.

Technical Overview Simplified

At its heart, MACI is built on Ethereum, a blockchain platform. This foundation provides a high level of security and trust. The real magic, however, lies in something called zk-SNARKs. Think of zk-SNARKs as a cloak of invisibility for your vote; they hide your voting choices while still guaranteeing the overall vote count to be tallied accurately. This blend of Ethereum's robust framework and the innovative use of zk-SNARKs makes MACI a reliable and secure choice for on-chain voting, ensuring that your vote is both private and counted.

If you’re interested in more of the technical details, check out the MACI documentation.

Real-World Applications and Limitations

Imagine a world where funding for public goods, like community projects or open-source software, is decided through fair and transparent voting. This is where MACI shows its true potential. Quadratic funding is already harnessing MACI's capabilities to enhance user privacy and discourage any form of collusion in funding decisions.

However, like any system, MACI isn't perfect. Its effectiveness hinges on the honesty of the coordinator – the entity or person overseeing the voting process and tallying the results. A dishonest coordinator could pose risks, but thankfully, MACI is designed to minimise even this possibility, maintaining a high level of integrity in the voting process.

Conclusion

As we've explored, Minimal Anti-Collusion Infrastructure (MACI) stands as a testament to the innovative solutions being developed in the blockchain space, especially for those new to this technology. It addresses the critical need for privacy and fairness in on-chain voting, ensuring that your vote remains your own, free from external pressures and manipulation.

Blockchain technology is continually evolving, and with tools like MACI, it's becoming more accessible and trustworthy. Whether you're a blockchain enthusiast, a developer, or someone just starting to explore this exciting field, MACI represents a significant step forward in creating a more democratic and transparent digital world.

We encourage you to delve deeper into MACI and the broader world of blockchain by reading through our documentation and installing MACI. Join us too on our Discord to report any bugs or to chat with our team. Your involvement can help shape a future where digital voting is not just secure, but also truly representative of the people's voice.

Together, let's embrace these advancements and contribute to a fairer, more transparent digital voting landscape.

Upcoming grants for MACI protocol improvements

· 6 min read
ctrlc03
MACI dev

Minimal Anti Collusion Infrastructure (MACI) is a public good that allows one to run secure, private, on-chain voting polls.

Given MACI's open source nature, it's common for our core team to develop new features or to fix issues based on community feedback. However, it's been less common for external contributors to make significant changes to the core protocol.

Well, this soon will be a reality thanks to a MACI improvement proposal sent by the 3327 team. 3327 is collective of 10+ people working on improving blockchain technologies, with a focus on research and engineering. Their engineering team previously worked on implementing the ElGamal flow into MACI (here's a nice presentation on it from Marija Mikić at EthCC [6]). The work described in this post aims to be its direct replacement due to its simplified nature and several additional benefits.

This proposal can be divided into two parts:

  1. bring unconditional privacy to MACI's voters
  2. optimise inefficient merkle tree structure holding messages, by replacing it with a hash chain

1) Enable unconditional voter privacy

Currently with MACI, if a voter performs a key change, the voter's new key would not be anonymous to the coordinator. The coordinator could collude with a bad actor to inform the latter of the key change, as the coordinator would have access to all decrypted messages.

The key focus of this improvement is to enable users to be completely anonymous by removing the link between the original signup key and the key used for voting. How would this work? Well, users sign up to vote via the MACI contract, and depending on the gatekeeper in use, they'd have to prove that they've passed the entry condition. Now, given knowledge of this key, they can signup with a new key to polls deployed by this same MACI contract.

Thus, voters can prove anonymously that they know the preimage of a StateLeaf, by passing this information to a zk-SNARK circuit, and validating this proof within the poll contract when joining with the new key. You might be thinking that everyone knows the preimage of a state leaf, as it's public information that can be taken from the contracts' logs. However, the circuit will not accept the public key directly but would instead take the private key and use it to generate the public key. This way, only users with knowledge of a specific private key can generate a valid inclusion proof.

Now after signing up to the Poll with this new key, there will not be any link to the original key, and users will effectively be anonymous. Of course users should ensure that they are using different wallets where possible.

Finally, with the use of a nullifier, it will not be possible for the same original key to be used to signup more than once for each new poll.

Are there any drawbacks? Well, yes. There will be an extra step for users to register to individual Polls. We aim to offset this cost and additional step soon either with gasless transactions or by moving some logic off-chain.

2) Message structure optimisation

On top of the improvements to anonymity, the 3327 team aims to also replace the Merkle tree used for storing messages with a hash chain. Some of the benefits of this approach are:

  • unlimited number of messages
  • removal of expensive merge operations from the coordinator
  • cheaper to send messages as only one hash is required to update the hash chain
  • less constraints on the circuits due to simplified logic

Unlimited messages

Merkle trees are usually bound by a depth property. Together with the number of leaves per node, we can calculate the max capacity of a tree. For instance, for a binary tree with a depth of 10, we can host up to 2^10 (1024) leaves. On the other hand, hash chains do not have a limit, unless if we wanted to set one, so we technically can support an unlimited number of messages.

Cheaper operations

Hashing the previous hash chain with the message is cheaper than inserting into a Merkle tree. Additionally, removing the need for the coordinator to perform merge operations on the accumulator queues that were used on chain will greatly reduce costs and processing time.

Smaller circuits

As cited in their proposal, processing message inclusion proofs for k messages in a tree with height h requires k * h hashing operations within the circuit with 2 * k * h signal values for inclusion proofs. Processing messages with chain hashes removes the unnecessary inclusion proofs and requires only k hashes to be computed for k messages without any extra signals, as the requirement is to prove that the order and inclusion of all messages are correct.

A call for MACI grant proposals

So what does this mean for you, Anon?

As an open-source project of PSE with support from the Ethereum Foundation, MACI is fortunate to have the resources to invest in the maintenance and improvement of the protocol. This means we're able to fund full-time developers as well as allocate grants for various research and development initiatives.

We encourage all community members to contribute to the improvement and ongoing development of MACI! After all, our goal is to build the most secure e-voting system, and this cannot be accomplished without all of your support.

As a team, we are incredibly excited about this proposal and will continue to work hard to help the 3327 team get this upgrade production-ready over the next 3 months.

To contribute to MACI, submit issues, or learn more about it, you can reach out to us either via Discord or GitHub issues.

If you have an ambitious idea you'd like to work on, reach out to us and we could create a proposal to build together! If you don't yet have a specific idea but are still keen to work on MACI, we have some research ideas which might inspire you and we could collaborate on a grant together. Feel free to explore these ideas below and get in touch:

References

The Origins of MACI - Vitalik’s Vision for Secure Digital Voting

· 3 min read
Vee
MACI marketing manager

Minimal Anti-Collusion Infrastructure (MACI), is making waves in the world of private, digital voting. But where did this technology originate? Vitalik Buterin is the mind that thought of MACI. In this post, we’ll dive into his vision for a more secure and private digital voting system.

Who is Vitalik Buterin?

For those unfamiliar with the name, Vitalik Buterin is a Russian-Canadian programmer who co-founded Ethereum. Ethereum is a blockchain platform that has been a game-changer in the world of cryptocurrency and beyond. Vitalik’s passion for blockchain technology led him to explore various applications, including digital voting, which eventually culminated in the proposal of MACI.

What Inspired MACI?

Vitalik was deeply concerned with the issues plaguing traditional and digital voting systems, such as fraud, lack of privacy, and potential manipulation. He imagined a system that could handle digital voting with utmost integrity, transparency, and security, ensuring that people’s votes would genuinely make a difference. This led to the birth of Minimum Anti-Collusion Infrastructure or MACI.

Breaking Down MACI

MACI is a system designed for digital voting that protects against collusion and bribery, while ensuring privacy, authenticity, and that no vote can be censored. How? Through cleverly employing smart contracts on the Ethereum blockchain and something called Zero-Knowledge Proofs (ZKPs). This combination makes sure that no one, aside from a trusted coordinator who helps tally results, can view the votes. However, absolutely no one, not even the coordinator, can tamper with the results.

The Importance of Privacy

One of Vitalik’s major concerns was the privacy of voters. In a world where data is often exposed or misused, the anonymity of a voter is of utmost importance in maintaining the integrity of the voting process. MACI ensures that votes remain a secret, and that only a trusted coordinator has the ability to decrypt them.

A Democratic Revolution

Through MACI, Vitalik sought to revolutionise the democratic process. Imagine a world where communities could make decisions without fear of interference or manipulation. Where funds could be raised and allocated for public goods and services in a fair and transparent way. That’s what MACI is all about.

Final Thoughts

Vitalik’s vision for MACI was not just a technological advancement, but a stride towards a more just and democratic society. Through blockchain technology, he has shown how innovation can be harnessed for the greater good, by protecting the sanctity of each vote. MACI is a testament to how technology can be a powerful tool in upholding democratic values and ensuring that every voice is heard. If you’re keen on learning more, dig in to our documentation here. Also, join us in building our future, connect with our team on Discord!

MACI v1.1.1 Release

· 7 min read

We are pleased to announce the release of an updated version of MACI - Minimal Anti-Collusion Infrastructure v1.1.1.

This new release brings a more secure product, new features, and a much needed documentation refresh. Before we dive into the updates, let's refresh your memory on what MACI is and what it was created to achieve.

Background

MACI is an application that provides collusion resistance for on-chain voting processes. It was originally created after Vitalik's post, and has since been revisited and improved.

MACI revolves around the need for a trusted coordinator. The coordinator is in charge of setting up the system, publishing its public key, and computing the tally of the votes. Below are the main properties of MACI:

PropertyDescription
Collusion ResistanceNo one except a trusted coordinator should be certain of the validity of a vote, reducing the effectiveness of bribery.
Receipt-freenessNo one can prove (besides to the coordinator) which way they voted.
PrivacyNo one except a trusted coordinator should be able to decrypt a vote.
UncensorabilityNo one — not even the trusted coordinator, should be able to censor a vote.
UnforgeabilityOnly the owner of a user's private key may cast a vote tied to its corresponding public key.
Non-repudiationNo one may modify or delete a vote after it is cast, although a user may cast another vote to nullify it.
Correct executionNo one, not even the trusted coordinator, should be able to produce a false tally of votes.

Since its inception, MACI has been adopted by different projects, most notably clr.fund and QFI. These projects prove how effective MACI can be, especially when integrated with applications that are otherwise prone to collusion, such as funding Public Goods.

For a more detailed description of MACI, please refer to the v1 technical introduction article.

Security Audit

MACI was audited by HashCloak in the summer of 2022. The audit team discovered certain high risk vulnerabilities, whose fixes were the focus of the MACI team in the past months.

In more details, the audit revealed two high risk issues within the zk-SNARK circuits:

  • Incomplete validation when processing messages
  • Integer overflow which could have allowed users to affect a coordinator's effort of calculating the subsidy by either making it incorrect or by intercepting the calculation

Another notable security issue was the lack of initialization of the AccQueue contract. This contract is used to store messages (votes or topups) for the different polls. Without inserting a zero value hash into the merkle tree contract as the first message during initialization, a malicious user could have performed a denial of service attack on a poll. This could have resulted in the poll results taking a very long time before being tallied by the coordinator.

All of these issues have been successfully resolved, on top of fixing minor issues and general code optimizations. The updated product uses a more up to date and secure version of Solidity, and more thorough test cases to verify the correctness of the solution.

New Features

FeatureDescription
Top Up CreditUsers can now top up credits rather than having to sign up with a different MACI key
Pairwise SubsidyEnhanced protection against collusion in quadratic funding
Coordinator ServiceSample coordinator server for easier MACI use

Top Up Credit

Rather than requiring a user to sign up multiple times, it is now possible to top up voice credits by sending a top up message on the Poll contract. Withdrawals are not enabled as this would allow a malicious user to bribe others offline to transfer their keys.

Now, the Poll contract will hold all the funds deposited from users for the current poll. At the end of a poll, the coordinator can transfer the funds to a hardcoded address which can be used to fund public goods.

When a user deposits tokens by calling topup, they will also need to specify the stateTree index. The topup function will insert a topup message into the message queue for them. When the voting period ends, any call of topup function will be rejected. Both voting and topup messages have the same ending time, which ensures there is a well-defined ending state for each poll.

Please note that in this approach, the initial credit is still shared across multiple polls, and the actual credit an user can spend in a given poll is the following: totalCredit=initialCredit+topupCredit where the topupCredit is the voice credit amount deposited by the user during the voting period of the given pollID.

For a detailed description, please refer to this document.

Pairwise Subsidy

Pairwise subsidy is a new way to reduce collusion in quadratic funding applications. If two contributors collude with each other, they can extract most of the public funding pool if they have enough funds.

In this post, Vitalik introduced this kind of collusion and also proposed a protocol to penalize this behavior. As a generalized solution, the more correlation between contributions, the smaller subsidy should be allocated to this project, as this reduces the risk of collusion between contributors. It should be noted that this solution assumes that an identity system is in place to prevent the same entity from registering with two different identities.

Please refer to this post for a more detailed explanation of the implementation.

Finally, please note that currently it is not possible to generate the zkeys for the subsidy circuit with with the vote options parameter larger than 525^2. This issue is documented here and the team will focus on finding a solution to be able to support larger vote options.

Coordinator Service

MACI now includes a sample coordinator service.

There are two roles in the coordinator service: admin (i.e. MACI coordinator) and user (i.e. a voter). The admin's responsibility is to ensure that the code remains updated and that the backend services are live. The user can then simply send HTTP requests to the backend server to interact with MACI, for instance, by signing up and publishing a message on chain.

The coordinator service has been wrapped into two docker instances: one for the backend server to accept user requests; one for the Mongodb service to store all necessary information on the current state such as smart contract addresses, zero knowledge proof keys and so on.

For further reading on coordinator services, please refer to this doc.

How to use MACI

MACI can be used as a standalone application to carry out on-chain polls, or be implemented into new projects that can then benefit from its properties.

For use as a standalone application, a cli package is provided which allows coordinators and voters to use MACI. Please refer to this doc for details on how to use it.

To implement MACI into a project, the documentation can be used a reference, as well as reviewing how clr.fund and qf use MACI in their code.

MACI 0.x

MACI version 0.x will be discontinued. MACI 1.x has feature parity, more robust code and newest features. Users are encouraged to use the latest version. Starting February 7, 2023, the team will focus solely on resolving issues for MACI 1.x, and will cease to provide support for version 0.x.

How to get involved

Should you wish to get involved with MACI or simply report a bug, feel free to visit the repository and open an issue, or comment under an open issue to notify the team of your intention to work on it.

For any other enquiry, please reach out to us via the Privacy and Scaling Explorations (PSE) Discord.

References

Release

Here is a link to the new release code in GitHub - v1.1.1 Release.