ZAct

This technical document will include a detailed context of the project, and why we use zk-SNARK to address the issue of activism insecurity for attendees and organizers.

Context

Citizen protests for lack of democracy, inequality, discrimination, environmental disasters, and an endless list of social injustices are at a dangerous point. Around the world, several are examples of civic protests shut down by police, military, or paramilitary forces.

A common factor of failure on these shutdown procedures is the security in its communication's mechanisms. For this weak link in the chain, we propose the use of two layers of security.

Geofencing barriers

The first security layer we propose is the use of geofence, where for each event created, the owner will need to create a preliminary meeting point with a specific radius, where only there, the final destination will be available to access. We understand this can be avoided with tools that hack GPS location on devices, and that's why we added a second layer of security.

zk-SNARKs shielded memo transactions

Zcash is the first widespread application of zk-SNARKs, a novel form of zero-knowledge cryptography. The strong privacy guarantee of Zcash is derived from the fact that shielded transactions in Zcash can be fully encrypted on the blockchain, yet still, be verified as valid under the network’s consensus rules by using zk-SNARK proofs.

The acronym zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge,” and refers to a proof construction where one can prove possession of certain information, e.g. a secret key, without revealing that information, and without any interaction between the prover and verifier.

“Zero-knowledge” proofs allow one party (the prover) to prove to another (the verifier) that a statement is true, without revealing any information beyond the validity of the statement itself. For example, given the hash of a random number, the prover could convince the verifier that there indeed exists a number with this hash value, without revealing what it is.

In this project, we use this mechanism to create a secure communication channel between two addresses. On the one hand, we have the creator of the event (which will need to have a minimal amount of funds on his wallet), and by the other, the account created for each event, that will receive the final instructions of the event via transaction memo.

With these two security layers added to the communication mechanism to call for protest, we estimate an enhancement of the weakest chain links that could strengthen the result of the activity, a coordinated civil protest.

Workflow

To explain how the app works, we will mention the workflow from two different perspectives, creator and attendee.

Creator

By default, when the user downloads the dapp, it will start as an attendee, having the option to view the available events to attend. But if he wants to publish one event, he would need to go to the information tab, and become a creator, adding the seed phrase from a ZCash shield address with available funds (this information is never shared with a third party, and remains only in the device).

When the seed phrase is added he will now view the creator tab and will have the possibility to create an event. For this, the procedure is:

1. Insert title and public information of the event. This information will be a description for the event and any additional information aside from the preliminary meeting point location, useful to arrive at a specific time.

2. Once the user inserts that information and clicks on save, the following will occur:

   1. A new seed phrase for a ZCash Shield address will be generated.

   2. All this information will be sent to the API, but only 22 of the 24 words of the seed phrase will be sent. With this approach, there's no value on force the servers, because there's no final data there.

   3. Only the last two missing words will be viewable for the user, for him to place them on any viewable place on the destination location.

3. Now that we have the event created, the creator will be able to update the meeting point on a map, with a specific radius.

4. Finally, the creator will have the possibility to send a private message to the ZCash shielded address of the previously generated seed phrase through a transaction memo. With this approach, we able the user to send as many messages as he wants, and the attendee will read only the last one. We tough this, due to any last-minute change for the protest, and an urgent need to cancel it.

Attendee

For the attendee, the workflow is simpler, he or she, will open the dapp and view the available events. If he is interested in one, he will be able to view the title, public information, and meeting point.

Once the person arrives at the place, he will need to add the missing words inside the geographical are delimited in the map due the geofence requirement. Then, the seed phrase is complete, and a syncrhonization with the ZCash blockchain start to reveal the last message sent to this address from the sender address.