.png)
With ZPrize 2023 kicking off, there’s never been a better time to introduce our prize architects. Architects are the backbone of ZPrize, creating and overseeing all prize specifications and building the test harnesses in addition to supporting teams over the course of the competition. ZPrize could not function without them.
Today, we’re excited to announce Evan Marshall from Demox Labs as the architect for Prize 2: Beat the Best (WASM) in this year’s competition. In this interview, we’ll dig into where he comes from, what motivates his work today, and why ZPrize as well as the greater zero-knowledge space matters to him and Demox Labs!
In college, I wasn’t wasn’t super interested in crypto, I was more interested in privacy. At that time, privacy technology was mostly focused around basic encryption. That was a time when people were still using HTTP for websites. When everything with Edward Snowden started going down, I began scraping social media data out of curiosity. I was very interested in web scraping at the time. I collected everything I could and I turned that into a project and conference paper about how Edward Snowden actually drove a lot of people to use encryption tools like PGP.
After college, I worked at a startup called Rev, which was a double-sided marketplace for transcription and captioning. If your Youtube video needed captions, they had a bunch of people to type them up. Post-work conversations with my co-workers always revolved around two topics: privacy and crypto. Crypto happenings in 2017 were super exciting with the Ethereum ICO and the like. We even knew someone who was closely involved with the theoretical side, Barron Caster, who eventually became my co-founder at Demox Labs.
I left Rev in 2018 to start an ecommerce business in the CBD and hemp/cannabis space. A month before leaving Rev, I had started deploying my first smart contracts on Ethereum and trying stuff out.
I learned a ton about payments over the next few years while building in ecommerce. During the course of building my business I was actually banned from using PayPal (I’m still banned to this day). It was then that I began to understand just how important things like crypto were for open access to payments. With large monopolies on payments, you can be excluded altogether without breaking any laws. Just because a company decides you are too risky, it can shut you out of a huge range of infrastructure.
I’d been following the crypto ecosystem during the course of building my business, which I sold in 2021. That’s when I went into crypto full-time. I got really into payments but my biggest insight was that crypto payments without privacy is a much worse payment system than what exists today. If I send you a dollar on crypto rails, you know my whole net worth, and every transaction I have ever made. It’s absurd to think crypto sans privacy could replace the existing financial system.
That led me down the ZKP rabbit hole. At that time, crypto was collapsing, we had raised our seed round for Demox Labs, and I was really interested in how we could make this technology real. In terms of making it real, my laser focus became stablecoins plus privacy. That’s what really drove me to Aleo.
To build a private crypto payments system two important things are needed. The first is a smart contract platform to create a stablecoin. Second, these contracts need to be private. Aleo was the only company at the time who was anywhere close to architecting these two milestones.
As of now, I’ve been building on Aleo for over a year. We started wanting to build a stablecoin, pivoted to a wallet, realized we needed our own RPC to support that wallet, then realized we needed to work on the Snark VM so it could generate proofs in-browser, so we spent a few months doing that. Then we started reimplementing a lot of the cryptographic math into Web GPU. We were pretty early to Web GPU. We started in March with the hope it would become part of Chrome Stable, which happened in May.
My goal is to eventually build a full private p2p version of Venmo. Ideally, everything would be denoted in USD (a stablecoin) and the crypto rails would be completely hidden from the user. As ecosystems develop, we can incorporate yield bearing protocols and surface them as “Savings” accounts to users.
Long term, I want to build consumer-focused private finance tools to target larger markets like private ecommerce & credit cards.
The journey of building on Aleo really led to ZPrize, where a lot of focus has been on making proving as efficient as possible from a cloud perspective. ZPrize is a unique opportunity to help make ZKPs more practical for consumer applications - right now they’re very costly to generate. A ZKP that takes minutes to generate isn’t likely to find itself on many devices. Better ZKP will decrease compute requirements, making it more attractive for application builders to incorporate for their use case.
Prize focus will always be demand driven and continue to evolve as use cases become clearer. There’s a good balance of prizes this year, but if we see the privacy narrative evolve as the dominant one, we might expect a couple of prizes related to client-side proving to be added.
Right now, most people working in ZKPs are focused on the research and infrastructure layers within crypto, but the application layer is really going to drive what makes sense to build. L2 is currently the biggest application of ZKPs but it’s not yet clear if there's a product market fit for ZKP L2s versus Optimistic based L2s. By shifting the focus to the application layer, builders have the opportunity to bring real products to businesses and consumers. Many technologies are cool. Fewer are useful. ZKPs have a ton of potential but it’s the market that decides how useful a technology is. With Aleo launching mainnet in December, we’re going to see a lot of applications start trying to use ZKPs and many use cases focusing on them.
One of the biggest opportunities we have in the ZK space is to align on proving systems. Right now there is no finalized proving system that everyone agrees is the best one, thus the space is very fragmented. The really challenging aspect of that is that the fundamental science of it is still not finalized.
With proving system everyone uses different schemes which result in different operations being slower, such as what needs to be optimized, ie. MSMs versus hashing. The second way this fragmentation occurs is in the environment itself. Up until now, a lot of the focus has been on big machines because that’s what it looks like for a lot of L2s like ZK-rollups. They’re running on gigantic machines with hundreds of gigs of RAM, while the greater privacy space is trying to run on a laptop or a phone.
While there are different proving schemes that have approximately the same performance, there are also new proving schemes that should be coming online in the next year or two. We don’t yet know if the new ones are safe, but if they’re safe, they should be faster. In practice, you don’t know if something is just theoretically faster or if when you implement it, you have large constant costs that make it slower.
You should, in theory at least, be able to hide most of the crypto rails when creating any sort of crypto-based application. You need a platform like Aleo where it’s really easy to launch a program and then build a UI around it. If you have to implement your own circuits by hand using Circom, that’s going to be too much.
With Aleo, we’re already seeing a ton of applications where the developers don’t really know how the cryptography works, but it’s simple enough to build on top of it.
Take DeFi for instance. Big institutions are never going to use something that allows competitors to know their book. You already have a mass of people who understand the benefits of something like DeFi but because they can’t tell their competitors every one of their trades or expose customer information on-chain. They’re just not able to use these primitives. But with privacy and crypto working hand and hand, the game fundamentally changes.
Maybe, maybe not. It’s possible it just changes the model so that user’s are the ones selling their data instead of corporations. Web3 is about giving ownership back to individuals, not telling them what to do with that ownership.
Privacy and functionality are the biggest needs. The most obvious reason NFTs need ZKPs on a platform that natively supports them is privacy. If you post a jpeg NFT as your twitter profile, it would be nice not to dox yourself. If you want to purchase an NFT, it would be nice if people couldn’t front-run your trades and watch your every move.
Privacy is more than an end in itself - it enables much more efficient programming models. With ZKPs, you can store private & sensitive information directly on-chain. You can then reuse this same information many times for different purposes.
For example, identity tokens as they exist on ethereum can only provide one off attestations that you can use many times. When you put this information directly on-chain, you can create many different attestations based on the underlying data. With existing identity NFTs, you can prove that you’re at least a certain age or that you’re a citizen of some country but you’re limited to the types of attestations at the time of creation of that NFT. If you want to prove later that you live in a specific zip code or you’re at least a different age, you’re out of luck. In platforms like Aleo, you can put all of your data on a chain directly and then create different attestations based on that data without fetching anything off-chain.
As Ethereum is turing complete, you could in theory do anything there that you’d want to do anywhere else. The reason we need natively private ZKP platforms is to make privacy easy and composable. You couldn’t take your Tornado cash nullifier and deposit it in Aave. You can’t take a ZKP jpg NFT and upload it to Open Sea. You already have to jump through hoops to get anything resembling privacy on a public chain for simple transfers. Building a fully developed private ecosystem requires native support.
Governments love privacy tech when they get to use it. The NSA actively advances cryptography research and TOR was invented at a United States Naval Research Laboratory. I personally don’t worry about building privacy technology because the US government is usually one of the earliest adopters.
In terms of building private finance, I think it’s important to ensure compliance with existing laws. The nice part about programming with ZKPs is that privacy is not absolute. It’s a spectrum of technology design decisions. Privacy is a primitive we can use as little or as much as we want. The real question is what will the laws be that we will have to comply with? Whatever they are, we will be able to build systems that comply with those laws.
I have high confidence that privacy tech will win out in general as it’s more economically productive. It’s not just a fundamental individual right, it unlocks lots of economically productive activity. E-commerce & Fintech would not exist at all without encryption (TLS/SSL). ZKPs, FHE, MPCs are just advances in cryptography that will provide similar economic benefits if governments don’t actively constrain them. Most governments have an aligned interest in their economies growing so I really don’t see misalignment between individual privacy rights and governments.
Thanks for our conversation! To find out more about Demox please check out the various links below.
Website: https://www.demoxlabs.xyz/
Github: https://github.com/demox-labs
Follow us on Twitter: https://twitter.com/DemoxLabs
Join our discord: https://discord.com/invite/cpCrGwfWCs
—-
Interested in getting involved in ZPrize 2023? Head to our Discord and join in on discussions as the competition continues to take shape!
