Cointime

Cointime

Download App
iOS & Android

Building a private, on-chain, implementation for RetroPGF

Cointime精选

From optimism By samajammin

Hello Optimism Collective!

Excited to share plans on a project our team has been working on over the past few weeks.

Our goal is simple - we’d like to add private, bribery-resistant, on-chain voting to Optimism’s RetroPGF rounds.

Who are we?

We’re the core team working on MACI, an on-chain voting platform which protects privacy and minimizes the risk of collusion and bribery. We’re an engineering team within PSE 1, which is supported by the Ethereum Foundation

You can learn more about MACI in our documentation.

What are we doing?

We’re building a proof-of-concept RPGF implementation that supports private on-chain voting for badgeholders of the Citizens House.

  • Thanks to folks at Gitcoin & their work on EasyRetroPGF, we have a purpose-built web app that we’re forking for our frontend
  • For the “backend”, we’re essentially swapping out the SQL database for the MACI smart contracts
  • For badgeholder verification, we’ve built an EAS gatekeeper contract which ensures only OP badgeholders are eligible to register to vote
  • In line with PSE’s mission 1 and inspired by the efforts of EasyRetroPGF, we also open-source all our code in case it’s beneficial for others

Here’s the source code:

GitHub

GitHub - privacy-scaling-explorations/maci-rpgf: RPGF with MACI 3

RPGF with MACI. Contribute to privacy-scaling-explorations/maci-rpgf development by creating an account on GitHub.

Here’s where were tracking our progress:

GitHub

MACI team sprint board • privacy-scaling-explorations 3

MACI team sprint board

Why are we doing this?

In many ways, Optimism’s RPGF rounds are already a massive success. It seems the process worked in round 3 but - like many of you - we see several areas that can be improved.

For one, the RPGF process currently depends heavily on the OP foundation to act honestly and competently. In round 3, the community had to trust that:

  • Only badgeholders would be able to submit ballots
  • No badgeholder ballots would be censored or manipulated or double-counted
  • The final tally of ballots would be calculated correctly

If we think about what security properties are critical to a voting, Vitalik outlined this in his blog post (Blockchain voting is overrated among uninformed people but underrated among informed people) as well as anyone could:

Any voting system requires a few crucial security properties in order to be trusted by users:

  • Correct execution: the results (tally of votes) must be correct, and the results must be guaranteed by a transparent process (so that everyone is convinced that the results are correct)
  • Censorship resistance: anyone eligible to vote should be able to vote, and it should not be possible to interfere with anyone’s attempt to vote or to prevent anyone’s vote from being counted
  • Privacy: no one should be able to tell which candidate anyone voted for, or if they even voted at all
  • Coercion resistance: you should not be able to prove to someone else how you voted, even if you want to

Unfortunately RPGF currently fails in all 4 dimensions. As RPGF continues to grow, we think the need to enforce process integrity will be of upmost importance.

Talking with the folks from the OP foundation about, they’ve mentioned some key requirements for future versions of their RPGF stack:

  • Provably correct execution - They’d want to demonstrate the legitimacy to community in terms of how ballots are submitted and calculated
  • Privacy protection - They want to ensure not just voter privacy, but also vote privacyWhy? While voter privacy alone would offer some valuable protection, if the votes are public, there’s the chance that data sleuths would be able to deduce the identity of some badgeholders. e.g. say a badgeholder publicly declares a few projects where they have conflicts of interest. If they are the only badgeholder who does NOT vote for those specific projects, anyone would be able view their public ballot and tie it to that specific badgeholder, thus circumventing this supposed privacy protection
  • Why? While voter privacy alone would offer some valuable protection, if the votes are public, there’s the chance that data sleuths would be able to deduce the identity of some badgeholders. e.g. say a badgeholder publicly declares a few projects where they have conflicts of interest. If they are the only badgeholder who does NOT vote for those specific projects, anyone would be able view their public ballot and tie it to that specific badgeholder, thus circumventing this supposed privacy protection
  • Collusion resistance - given the money at stake with RPGF, bribery resistance is a key component for any RPGF implementation

What solutions exist?

We reviewed the options in this private voting report: State of Private Voting

It’s great to see an array of private on-chain voting solutions emerging! As you can see from the report, each has a unique set of features and trade-offs with their implementation.

Image 2024-02-28 at 15.00.571470×734 205 KB

Why did we decide on this implementation?

A number of projects solve some of the above requirements, but again - given the money at stake with RPGF, we feel that collusion resistance (”Briber Protection”, in that report), is an essential component for any RPGF implementation. Currently MACI is the only project with all 3 of these features:

Image 2024-02-26 at 19.13.391326×640 179 KB

An RPGF MACI integration has the potential to provide several important security guarantees to the RPGF voting process:

  1. Correct execution: With MACI, user registration, voting data and poll logic is stored on-chain. While tallying computation is handled off-chain, ZK-proofs guarantee the correct execution of this logic. In this way, we know the result (tally of votes) will be correct, and the results are guaranteed by a transparent process (anyone can verify that the result is correct) .
  2. Censorship resistance: With voter verification (via an EAS attestation gatekeeper) and vote submission happening on-chain, there’s no way for anyone (including the OP foundation) to censor any badgeholder votes.
  3. Privacy: With MACI’s receipt-free voting scheme, we’re able to ensure that results are transparent, but it is impossible for outsiders to verify how any specific user voted (since on-chain votes are encrypted). Vote tallying takes place off-chain but ZKPs are submitted and verified on-chain, which guarantees votes are counted correctly without revealing the individual votes.
  4. Coercion resistance: With MACI’s private, receipt-free votes, this makes cheating (like bribery) much harder. User’s cannot prove which option they voted for, and therefore bribers cannot reliably trust that a user voted for their preferred option. This prevents any bribers from simply reading the transaction data to see which option a user voted for.

Input/Feedback?

We’d love to hear feedback on this plan! The implementation is in-progress but we’re happy to make potential adjustments based on community input.

If there are any badgeholders interested in being user-testers for us, please let us know and we’ll get in touch to schedule an user interview once we have a working demo up and running on a testnet! Feel free to comment here, hop into the PSE Discord (#🗳️-maci channel), hit us up on Twitter/X 1, or reach out to me directly (sam at ethereum dot org).

Optimism
Comments

All Comments

Recommended for you

  • The JuCoin ecological project JuChain has been launched on the main network, and the public chain co construction summit will be held. The ecological debut protocol is Butterfly

    Cointime News:JuCoin's self-developed public chain JuChain has been launched on the main network. The JuChain Public Chain Co construction Summit initiated by JuCoin will be held on May 15, 2025 in Bangkok, Thailand. The conference will release the first ecological agreement--

  • BTC breaks through $96,000

    the market shows that BTC has broken through $96,000 and is now trading at $96,014.98, with a 24-hour increase of 1.15%. The market fluctuates greatly, so please manage your risks well.

  • JuCoin CEO: UX design in the encryption industry needs to pay attention to user emotional details to enhance user experience

    Cointime News: JuCoin CEO Sammi Li delivered a keynote speech at the TOKEN2049 conference, analyzing the current challenges in user experience (UX) design in the cryptocurrency industry. Sammi Li believes that the existing encryption product experience fails to effectively empathize with users, often leading to usage anxiety, which hinders the large-scale adoption of Web3. Combining her rich experience in the luxury goods industry, she emphasizes that building trust relies on paying attention to user emotions and critical moments of interaction, and constructing it through details rather than simply technical presentations. JuCoin is applying these user centered design principles to its Web3 ecosystem construction, aiming to lower user barriers and enhance user experience by optimizing JuChain and related product designs. It calls on the encryption industry to think together and place user experience at a more core position.

  • Xiongan New Area: Combining blockchain with digital RMB to launch "Digital Currency Loan" product, with payment amount of nearly 100 million yuan

    On January 11th, according to the Xiong'an Public Account, the digital RMB pilot in Xiong'an New Area has achieved new results. The first digital RMB tax payment transaction in the financial field has been completed, and self-service tax terminals have been developed. The "blockchain + digital RMB" technology is applied to government procurement management, increasing the proportion of advance payment and landing multiple applications to solve corporate problems. In 2024, the People's Bank of China Xiong'an New Area Branch, together with the Xiong'an New Area Reform and Development Bureau, will launch the "Implementation Plan for the Deepening of the Pilot Work of Digital RMB in the Rongdong Area", to enhance public awareness. By combining blockchain with digital RMB, the "digital currency loan" product will be launched, with a payment amount of nearly 100 million yuan.

  • Fardi Wang, Chairman of NEXUS 2140: AI•Web3•Ecom Global Expo, Made Appearance at Meta Crypto Oasis 2025 in Dubai

    Fardi Wang, Chairman of NEXUS 2140: AI•Web3•Ecom Global Expo, recently appeared at the Meta Crypto Oasis 2025 in Dubai, joining global Web3 leaders such as Justin Sun (Founder of TRON) and Chris (Co-founder of Sonic) to discuss the future of the industry. As the first cross-industry event integrating AI, Web3, and E-commerce, NEXUS 2140 is accelerating its international expansion through Fardi Wang’s active participation. At the summit, Fardi Wang emphasized that the integration of virtual and real-world assets is the key breakthrough for the Web3 ecosystem. He mentioned: “NEXUS 2140 is leveraging Korea’s policies, technological strengths, and ecosystem advantages to build a global industrial hub.” His insights received strong recognition from attendees, and the Dubai visit further amplified the international influence of the event, injecting new momentum into global digital economy collaboration.

    Fardi Wang, Chairman of NEXUS 2140: AI•Web3•Ecom Global Expo, Made Appearance at Meta Crypto Oasis 2025 in Dubai

  • Binance Wallet’s New TGE B² Network is Now Available for Investment

    according to official page data, Binance Wallet's new TGE B² Network is now open for investment, with an end time of 18:00 (UTC+8). The participation threshold for this TGE is that Alpha points must reach 82 points.

  • The price of ALPACA perpetual contract on Binance platform rose by more than 25% in the past 5 minutes

    the current price of ALPACA perpetual contract on the Binance platform has risen by over 25% in the past 5 minutes, now falling back to $1.3683. At the same time, the spot price of ALPACA is $1.22, showing a significant price difference.

  • To participate in Binance Wallet's new TGE B² Network, you must have 82 points

    according to the official announcement, Binance Wallet has announced the participation threshold for the new B² Network (B2) TGE, with Alpha points needing to reach 82 points.

  • 1confirmation founder: There is a negative correlation between the popularity of the seed round and the success of the project product

    On April 29th, Nick Tomaino, the founder of 1confirmation, wrote on X that there is a negative correlation between the popularity of seed round projects and their success. Participating in a hot round is indeed exciting: high funding amounts, intense competition, big-name investors, and extensive media coverage. However, rarely does participating in such hot projects before the product-market fit is clear bring truly outstanding results. At 1confirmation, some of the most "popular" projects we have invested in have actually performed the worst.

  • U.S. Treasury Secretary Benson: We hope to obtain long-term tariff revenue and agreements

    US Treasury Secretary Besant said he hopes to obtain long-term tariff revenue and agreements, and the US will hold talks with at least 17 partners in the coming weeks. There is a good chance of seeing income tax reductions in the tax bill, and tariff revenue could be used for tax cuts.

Daily Must-Read

Popular Activities

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

April 30 - April 30
Dubai

Popular Tags

Cointime
News
Contents
RSS
Company
Cointime

Hot Coins

TerraClassicUSD USTC
$0.01304
+ 1.71%
$72974317.47
Terra Classic LUNC
$0.00006258
+ 2.89%
$340138905.7
Axie Infinity AXS
$2.62
+ 4.18%
$422037581.34

Daily Must-Read

01
Paul Atkins, nominated by Trump, has been sworn in as SEC chair
02
Ethereum crashed in Q1. Could May’s Pectra upgrade bring it back?
03
Contrarian Take: How Stablecoins' Disruption of Money Creation Stands in its way to Mass Adoption
04
Atkins Confirmed By U.S. Senate to Take Over SEC Formerly Run by Gensler
05
Time to move on: CT breakup guide
06
Why Trump's Tariffs Could Actually Be Good for Bitcoin