This ERC adds a signature scheme called PLUME to existing Ethereum keypairs that enables unique anonymous nullifiers for accounts in ZK. This enables ZK voting, anonymous proof of solvency, unlinked airdrops, and moderation on anonymous message boards – all directly with Ethereum keypairs.
Yeah! For metamask, we have an open PR set (rpc, api, core), and folks are working on Ledger implementations right now! Mina has an implementation and Aztec is currently building one.
Hey – this standard has nothing to do with handshakes, are you sure you’re commenting on the right post?
We think it’s important to have a standard so that different wallets can interoperate with each other, as everyone in some anonymity set needs to have the same PLUME signature for the nullifiers to work.
We have reference implementations, but we expect many wallets (such as Ledger) to require bespoke implementations. You’ve linked to a blank EIPs page, are you referring to anything concrete?
This is so needed, why this is not a thing already?! Some zk apps require nullifiers, which have to be derived using the user’s secret. Since wallets are not supposed to provide access to private keys, there should be a way to get something that only the user knows, but seems there’s no API for it.
Hey! We think the reason it hasn’t been adopted is due to slow wallet adoption and time needed to finish and audit the halo2 circuits for fast in browser proving. We wre optimistic that this will get better within the next few months.
Even given the reasoned advances in ZKVMs such as SP1, we still believe that Halo 2 is likely to be the fastest for browser side Halo 2 proving, due to upcoming results with Web GPU acceleration + the register optimization of small field Starks likely not being as fast within WASM.