Railgun just announced the launch of version 2.0 this week and in this article we are going to explore the zero knowledge wallet and discuss why privacy protocols are important.
In August 2022 Alexey Pertsev was arrested and he has been imprisoned without trial ever since. He was a developer on a ZK mixer called Tornado Cash and was accused of money laundering.
Privacy is a basic human right and I think the teams still working on ZK privacy protocols are doing an incredible job in the face of adversity.
In this article we will look at Railgun a zero knowledge based permissionless contract on Ethereum, BSC & Polygon.
- Do We Need Privacy Protocols
- A Zero Knowledge Wallet
- How Railgun Works
- RAIL Tokenomics
- ZK-Snarks In Solidity
- Conclusion
Do We Need Privacy Protocols
The Tornado Cash situation was caused by hackers using it to obfuscate funds gained from DeFi hacks. There are however plenty of genuine reasons to strive for privacy on public blockchains.
- Private personal data, such as direct messages or social media profiles
- Private on-chain voting in a political setting
- Trading privately to avoid copy/counter trading
- Censorship resistance for legitimate use cases
- Private payments i.e. paying employees salary
Private transactions are coming to blockchain whether the governments like it or not because the genuine use cases are too powerful to ignore.
Zero Knowledge Railway Wallet
Railgun works differently to a mixer service. You can transfer funds in the form of ETH or ERC20 tokens to a ZK wallet called “Railway” where they go into a combined contract pool.
The idea is that we can generate and use a zero knowledge wallet in much the same way that we use metamask today. For example we can use the Railgun app to carry out swaps on a DeX and funds will go in and out of the zk wallet.
How Railgun Works
The account allocations and permissions are managed via a system built on ZK-Snarks which are a form of zero knowledge proofs.
Zero Knowledge proofs are a cryptographic tool used to prove the truth of a statement without revealing any information other than the truth of the statement. They could be used to prove a user has permission to spend funds for example without revealing the owner of the wallet.
ZK-Snark stands for “Zero Knowledge Succinct Non-Interactive Argument of Knowledge”. They are a form of zero knowledge proof which allows one party (the prover) to prove to another (the verifier) that a certain statement is true, without revealing any information about the statement itself.
ZK-snarks allows the prover to generate a proof that securely and concisely conveys the required information to the verifier. The prover sends a message to the verifier that contains the proof, and the verifier checks the proof to determine if it is valid.
I recently wrote an article on Zero Knowledge cryptography if you would like to know more about how this technology works and why it’s becoming the buzz word for the blockchain sector.
RAIL Tokenomics
The RAIL token is the governance token for Railgun. It can be staked to get voting rights within the DAO.
| Total Supply | 100,000,000 RAIL |
| Supply at launch ○ 25% allocated during the Airdrop ○ 25% allocated to the Foundation ○ 50% allocated to the RAILGUN DAO | 50,000,000 RAIL |
| Staking Incentives | Stakers receive airdrops when launching on new chains. |
| Unstaking Period | 30 days from last vote to encourage long term participation in ecosystem |
| Liquidity Provision | Supply distributed over 10 year period as incentives to LPs |
There was a tweet shortly after publishing suggesting active governor rewards for staked RAIL tokens.
ZK-Snarks In Solidity
Before we draw a conclusion let’s take this opportunity to look at how ZK-Snarks are implemented within the Solidity contracts.
The main library is here: https://github.com/Railgun-Privacy/contract/blob/main/contracts/logic/Snark.sol
This is then imported into Verifier.sol where we have this code
bool validity = verifyProof(verifyingKey, _transaction.proof, inputs);So we are passing in the key, proof and inputs to this function which in turn calls Snark.verify() from the library.
There is also an incremental merkle tree in Commitments.sol which is based on this code by Maci who has some interesting code at:
https://github.com/privacy-scaling-explorations
Conclusion
Railgun is an interesting new project which is at the forefront of the cambrian explosion of zero knowledge technolgy in the blockchain sector. It has real use cases and applications on desktop, iOS, Android and a dApp web interface.
The risk is that it get used in the same way as Tornado Cash and suffers the same fate with sanctions and FOMC listings. However I hope that regulators can look at some of the positives in this technology and take a more sensible approach rather than arresting developers.
