Posted on 2021-10-04 by mikerahq
Lelantus Spark is the next generation Lelantus protocol, jointly designed by Aram Jivanyan and Aaron Feickert. It improves upon the current Lelantus protocol by providing recipient privacy, fine tuned selective disclosure and other user friendly improvements. Further, the authors have provided more formal security arguments, ensuring more confidence in the Lelantus Spark construction.
Due to community interest across cryptocurrency ecosystems, the Lelantus Spark protocol would benefit from a cryptography audit. HashCloak would like to provide such an audit for the Firo community.
HashCloak Inc is a R&D lab and consultancy focused on privacy, anonymity and scalability for blockchains and cryptocurrencies. Founded in 2019, the Toronto-based team is well-known for working on state of the art Ethereum projects such as Ethereum 2.0, Shyft Network and Althea, for pioneering optimistic rollups and bringing forth the first empirical analysis of Ethereum’s privacy guarantees and applications. Recent projects such as Meson, a mix network project, and an SoK on universal SNARKs, delved into areas such as Multi-Party Computation (MPC), anonymous networking, Private Information Retrieval (PIR), zero-knowledge proofs and the intersection of cryptography, game theory and finance.
The scope of the audit will be as follows: * Verifying that the security proofs in the paper are indeed correct * Providing alternative security proofs to ensure that the properties for Lelantus Spark are indeed correct * Identifying any security issues by providing counterexamples to security proofs and statements
Mikerah Quintyne-Collins is an independent researcher and founder and CEO of HashCloak, a blockchain privacy R&D startup with a global team. Her research focuses on networking, validator privacy, and optimistic rollups. She organized Scaling Ethereum, a research workshop bringing together top Ethereum researchers to work on Ethereum’s most pressing scalability problems. Currently, she’s focused on privacy for blockchains, specifically mixers and mix networks for cryptocurrency transactions. Previously, she was part of the ChainSafe Systems team working on ETH2.0, namely the Lodestar Typescript client. She was awarded a Vitalik YOLO grant for her work on ETH2.0.
Karl Yu is a researcher at HashCloak. His research focuses on zero-knowledge proofs, decentralized systems design, and blockchain protocol design. He’s contributed to several Mandarin translation articles about some of the core technical aspects of Ethereum. Karl has been an active member of the ZKProof research community since 2019. More recently, he is the lead author of an in-progress paper systematizing general purpose ZK-SNARKs protocols. He is familiar with Rust and Solidity. He has a bachelor’s degree in software engineering from WenZhou University.
Er-Cheng Tang is a research engineer with interest in cryptography and computer security. He engaged in projects that focused on exploiting and protecting against common security vulnerabilities, and worked as a system engineer in a hardware security company to strengthen the embedded systems. He is familiar with C, C++, Python, and Golang. He has a background in mathematics, and he conducted a research on improving the communication efficiency of zero knowledge arguments. Currently, he contributes to the Meson project and makes blockchain security audits with the HashCloak team.
The overall costs of the audit will be $20K USD. The payments will be tied to milestones.
We propose the following payment schedule:
|1||Read the following documents: 1) Lelantus Protocol. 2) Lelantus Spark. Any documents that we feel that is relevant will be read as well.||1-2||$8K|
|2||1) Start Cryptography analysis with emphasis on the following: Verify security proofs, Come up with alternate security proofs, Finding security issues. 2) Delivery of initial report. Note that this part of the audit is open-ended and exploratory due to the nature of working with mathematical proofs and constructions||2-4||$8K|
|3||1) Working with the Lelantus Spark authors on rectifying any issues that may have arisen during the audit. 2) Update the audit report.||5-6||$4K|
We expect the audit to take 4 weeks for the initial delivery of the report and 1 to 2 weeks for verifying and assisting the authors in rectifying issues.
The start date for the audit is flexible depending on when the Firo community would like the audit done.