Summary
The Aave-Chan Initiative (ACI) Chads Swag Claim is a privacy-preserving application that allows users to prove that they are Aave delegators and claim ACI swag by entering their shipping addresses. This takes place without ever revealing the delegating EVM wallet address.
This case study examines how Sismo Connect is used to solve several problems:
- Privacy-preserving proofs of onchain activity: How to make sure that users can prove their onchain activity, being an Aave delegator, without revealing their EVM wallets? How to allow users to claim swag (enter shipping address) without linking their wallets to that address?
- Double-spending protection (nullifiers): How to identify users so they cannot claim the swag multiple times with different shipping addresses?
How does it work?
Before explaining the details about the Chads Swag Claim app let’s introduce Sismo and Data Groups:
In Sismo, users own a sovereign Data Vault in which they import Data Sources (e.g. EVM wallets, GitHub, Twitter).
From that users can:
- Prove they are part of a Data Group
- Make a claim about their value (e.g, I have more than 1 NFT, I contributed more than 10 commits)
Data Groups 101
A Data Group is a list of Data Sources, either web2 (i.e. Twitter, GitHub, Telegram), web3 (EVM Wallets, Lens Account), or a combination. Each Data Source within the group has an associated value.
// Data Group Example: Aave-chan.eth delegators Data Group
// https://factory.sismo.io/groups-explorer?search=0xf0285dcfe412b24a6ac9a1c365b7b35d
{
[...]
"0xc609b5595e38acbdde1672f9b482db823f51668a": "50", // delegated 50 AAVE
"0xd8bb37399abf6f5769b55d56168ba00865f29b6c": "1200",
"0x4e04a4b01d7851fe57708ca7379f98884023878b": "86",
"0xb5f0fc9fa412305016a0c2c151a564fee5b05183": "6",
"0xdd45542ccf17a16f5c515c20db7f7c7d8bb74cc5": "55500",
[...]
}Users can, from their Data Vault, create a ZK Proof of group membership and backing a specific claim (e.g I delegated more than 30 AAVE to aave-chan.eth)
A Data Group can be created in 2 ways:
- Within our no-code interface via Sismo Factory (guide)
- Programmatically by opening a pull request on the Sismo Hub (guide)
The ACI Chads Swag Claim App, which is available in the Sismo App Store, uses Sismo Connect for access control.
Users must generate a ZK proof proving they own a Data Source part of the Aavechan Delegators Data Group and share it alongside the vaultId (covered in more detail further below). After the app has verified the proof, users can submit their shipping address for swag delivery, with the address and vaultId being recorded.
Information about the Data Group:
Aave-chan Delegators | All Ethereum Addresses are Aave-chan Aave and stkAave delegators, with the value indicating the delegated amount. | Wallets (EVM) | |
Data Group | How the underlying group is created | Types of Data Sources | Links to full group of Data Gems and generators |
Gating and Selective Disclosure.
Aavechan Delegators Group is created from Ethereum wallets that are delegated to the Aave-Chan Initiative (ACI, a delegation platform for Aave) using stkAave or Aave.
This is the Group snippet. The value next to the address represents the amount of stkAave or Aave that is delegated. It can be used to request proofs of certain thresholds.
Users can prove:
- They delegated more than 50 stkAAVE/ AAVE (required to access the form)
- They delegated more than 250 stkAAVE/ AAVE (optional: to get more swags)
- They delegated more than 1000 stkAAVE/ AAVE (optional: to get more swags)
i.e. proof of delegation of more than 50 stkAave or Aave. This is used to have different tiers of swag distributed to users, depending on their delegated amount.
{ //
// full list: https://sismo-prod-hub-data.s3.eu-west-1.amazonaws.com/group-snapshot-store/0xf0285dcfe412b24a6ac9a1c365b7b35d/1687777801.json
...
"0x1a49671802ea369a60b4f6b313d673a7d1423be3": "96"
"0xca5fc6b954c7b0121685e79333bb755fe5f30b7b": "75"
"0xf848cc9418cc06110505f781ee5355a2b11f0209": "134"
"0xc609b5595e38acbdde1672f9b482db823f51668a": "50"
"0xd8bb37399abf6f5769b55d56168ba00865f29b6c": "1200"
...
}Nullifying users with vaultId
Since proof of delegation is done in a privacy-preserving manner, the issue arises that users could make a claim multiple times.
To prevent this, Sismo Connect uses the vaultId as a userId, a unique identifier used as the Nullifier; it allows users to claim anonymously while preventing double claiming. The vaultId is derived in a deterministic way from the appId and vaultSecret. This means that this application will generate the same vaultId, hence it can be stored and used to check if a user tries to do a claim again.
vaultId = hash(vaultSecret, hash(appId, derivationKey)), where
vaultSecret is a secret only known by the Data Vault’s owner (similar to a seed/ private key of a user);
appId is a unique identifier for an associated Sismo Connect app;
derivationKey is an optional parameter that can be used to generate multiple user identifiers for a single Data Vault owner. derivationKey = 0 by default.
The vaultId is computed by the user when they generate a ZK proof, thus enabling them to associate a Group Membership by its vaultId. Learn more about Vault Identifier in the Docs →
Key Takeaways
- Privacy-preserving Proofs of Onchain Activity: The App enables users to prove their onchain activity, such as Aave delegation, without exposing their EVM wallet. After proving, it allows users to claim swag by inputting their shipping address without linking it to any identifiable account.
- Double-spending Protection (Nullifiers): In order to maintain user privacy while preventing double-claiming of swag, the app uses the vaultId as a nullifier. This unique identifier is used to mark each claim and ensure users can't claim multiple times with different addresses.
- Data Groups and Zero-Knowledge Proofs: The app uses Data Groups that contain EVM wallets and values. The value refers to the amount that is delegated. Zero-knowledge proofs allow users to prove they are part of a Data Group and that they fulfill a threshold of the value (delegated amount) without revealing which account they own.