GitXplorerGitXplorer
a

zkmao

public
8 stars
0 forks
0 issues

Commits

List of commits on branch main.
Unverified
e71c915e1cf6739dd9d43fd63c4f936968d1d98f

Merge remote-tracking branch 'origin/main'

aarvid220u committed 4 years ago
Unverified
a3b2c86660db175d894a0aee0aec2b0d1936022b

remove weirdbug circuit

aarvid220u committed 4 years ago
Verified
2546e747b982f26a800bb5e41cf525c967f991cf

Update README.md

aarvid220u committed 4 years ago
Verified
d4f8888134373de510fc966d69754db8a468e276

Update README.md

aarvid220u committed 4 years ago
Unverified
8eabf9b9d49e3239f4c1c858c802042912edfe6a

use all rules

aarvid220u committed 4 years ago
Unverified
a426e1cd3bc7b5bfe13dbcc65197d5884e4a7130

fix deploy script to do what we want

aarvid220u committed 4 years ago

README

The README file for this repository.

zkmao

play the game: https://zkmao.xyz

zkmao is a fully peer-to-peer, trustless and uncheatable implementation of the game of mao.

overview

there are two main technologies that enables zkmao to be what it is:

  1. webrtc. the javascript client connects directly to another javascript client, bypassing servers. by using the manual signalling mode of webrtc, zkmao in fact depends on no servers at all — there is no third-party who can go down, be bribed, or steal your personal rules.
  2. zksnarks. zksnarks are used in two places in zkmao: for enabling a private, provably random token system, and for enabling the provably consistent enforcing of rules without revealing them. the first use-case is arguably not completely justified (zksnarks enable the tokens to be private, but in the current design of the game it is not obvious that we gained much by making the tokens private). the second use-case is more clearly justified — while one could imagine a commit-reveal scheme for enforcing rules fairly and consistently, such a scheme inevitably needs a reveal phase, which is very undesirable in the game of mao!

how to play zkmao

  1. the goal is to get rid of your cards
  2. you may only play a card if it is of either the same suit or the same rank as the previous card
  3. there are secret rules — if you don't follow them, you will be penalized
  4. after each game, players will be rewarded with tokens. you can spend tokens to create your own personal rule, enforcing penalties on others in subsequent games

caveats

fully peer-to-peer webrtc is unfortunately unreliable in many cases :(. also, the zksnarks are kinda slow — while we think it is possible to performance engineer them and make them faster, it is worth noting that zksnarks are inherently slow

dev

the folder structure is as follows:

  • client: the web client, in React, using create-react-app, which contains all the game logic and manages the p2p connections
  • circuits: the snarkjs circuits that are used in the client to prove things
  • powersoftau: supporting files for generating the .ptau files used in the ZK proofs
  • slides: slides for a presentation about this project

setup

run

npm install

in both the client and the circuits directories.

client

the codebase is... perhaps not the world's prettiest :). most game logic is in src/logic.js. note that great care is needed to make sure that the asynchronous p2p communication does not have subtle bugs, and equally great care is needed to make sure that the snarks and all their public signals are fully verified. it is a somewhat fragile system. we believe that it is bug-free and safe, but we also acknowledge that much of the code was written at 4 am in the morning so who knows how safe it is ¯\_(ツ)_/¯

circuits

each circuit is in its own subfolder. there are a ton of scripts at the top level for compiling circuits and resolving snarkjs-specific problems (such as for loops being broken; circumvented by manual unrolling using unroll.sh). the most important one is deploy-circuits.sh, which compiles all circuits and puts them into the client for use by the website. debug.sh is useful for debugging.

the main circuits are:

  1. drawcardsprivately: this circuit allows us to simulate our concept of tokens in the game of mao. each player has a personal stock of tokens, of differing values. this circuit allows the player to provably randomly take a token from the stock and move it into their personal hand, for later use.
  2. playCard: this circuit allows the player to consume a token, proving to their opponent that the token was previously in their hand.
  3. maoRule: this circuit allows for players to enforce their personal rules without revealing them.

the other circuits are used for supporting these main circuits.

(yes, we do confuse "tokens" with "cards" a lot — we started out building the token snarks intending them for card games, but ended up using them to power zkmao's tokens. we believe that our circuits are more powerful than they get use for with the tokens, and would encourage anyone to apply the same idea to some other card game with private decks you want to draw randomly from)