Summary

The Aragon research team is uniquely qualified to develop a prototype of a censorship-resistant, privacy-first voting system for DAOs. This system is a critical missing component in the web3 space that requires a deep understanding of cryptography and math to meet its high security needs. The team has multidisciplinary skills and a track record of success that make them well-equipped to tackle this long-term project. Their work aligns with Aragon’s mission and strategy and will be a major focus for the team over the next 14 months, from January 2023 to February 2024. Funding this project will allow the research team to continue building on their strengths and make significant contributions to the field of web3 technology.

Strategic alignment with Aragon

Why does Aragon need a research team?

Web3 companies need to understand math, cryptography, and computer science to keep up with the fast-growing technical innovations in the field. Leading organizations such as Aragon should also contribute to these areas of development and have teams dedicated to them. Building these teams takes time and requires multidisciplinary, knowledgeable team members who can collaborate and experiment.

The setup phase (January - August 2022)

The Aragon research guild was established in late 2021 with the goal of producing proofs-of-concept (such as OVOTE) by leveraging ZK (zero-knowledge) technology to solve decentralized governance challenges. Another goal is to facilitate both vertical and horizontal technology transfers to other Aragon guilds. The guild spent the first few months building the team, identifying areas of interest, and establishing a foundation of knowledge. In May, it set up its blog (https://research.aragon.org) and released its first software PoC: OVOTE. The support its mission, the AZKR guild follows the latest developments in zero-knowledge cryptography, experiments with existing tools and publishes research and training materials related to this area.

The First OKRs season (September - December 2022)

The AZKR guild adopted the objectives and key results methodology in September, with a focus on off-chain voting and private voting. During the first season, the guild accomplished several significant outcomes, creating software prototypes (e.g. blind-OVOTE) and production-ready tools (e.g. SHA512 implementation for Aztec’s Noir language), publishing technical documentation and training materials, and giving talks on private decentralized voting. Further details of our production are provided the annex Team production at end of this document.

Next steps (January 2023 - February 2024)

In light of the Aragon Key Result for 2023 “Voters in Aragon have the option to vote anonymously” of the Objective “Reach defensible product market fit for App & Core”, from January 2023 to February 2024 the AZKR guild will focus its efforts on developing a prototype of a censorship-resistant, privacy-first voting system for DAOs, code-named CeresVote. This is a critical missing component in Aragon’s DAO toolset for enhancing basic participation rights of DAO members, such as privacy. Its development requires a deep understanding of cryptography and math to meet its high security needs. Building on our multidisciplinary skills, our previous work and the resources of this proposal we firmly believe that we can have such a prototype ready for integration by third parties (e.g. App & Core and Vocdoni guilds) by the end of the aforementioned period of time.

As CeresVote will be developed independently of existing ZK platforms, this will open up the possibility of ANT being used to help govern CeresVote, or to secure its infrastructure.

Goals and activities

Primary Goals

CeresVote prototype

The main goal for 2023 is the development of a prototype for a censorship-resistant voting system for DAOs, internally code-named CeresVote (CEnsorship Resistant) with the focus on maximal privacy, verifiability (individual, universal, and eligibility), and decentralization. Such a voting system is an indispensable primitive for any project aimed at becoming a trustless governance hyperstructure like Aragon as it is fundamental for i) the safe participation of the DAO members in the decision making processes and ii) the legitimacy of the decisions taken. The system will use layer 2 ZK-rollups and recursive SNARK technology, and will be built as a COSMOS zone. Its main features will include census creation, voting on ZK-rollup nodes, vote aggregation and proof generation on ZK-rollup nodes, and on-chain execution of vote results on Ethereum or any EVM-compatible chain. The prototype will be intended for further development into a production-ready product, but some features and functionality, including user interfaces, may still be limited or incomplete. The AZKR guild also plans to research and potentially develop recursive and aggregated ZK proofs, which have the potential to be powerful tools with clear applications for the CeresVote project.

To summarise CeresVote:

• It is not meant to be a generic e-voting solution, but is specifically meant for web3 DAOs with very specific requirements: safe participation (privacy/anonymity), censorship-resistance and low cost on-chain execution (Ethereum/EVM-chain).
• Fulfilling these requirements is not trivial, therefore a significant amount of the efforts must be spent on research, even though we can leverage the team’s existing knowledge and experience.
• The end result will be a prototype that can later be integrated/adapted by 3rd parties (e.g. Aragon DAO or Vocdoni)

Develop recursion and aggregation of ZK proofs

The AZKR guild plans to research and potentially develop recursive and aggregated ZK proofs, which are still in their infancy and have significant potential as a powerful technology. The guild aims to research the state-of-the-art of existing recursive tooling, theoretical research in the field, and suitable elliptic curves, as well as potentially creating additional recursive SNARK applications. Recursive and aggregated ZK proofs have clear applications for the CeresVote project, such as aggregating users’ ZK proofs of census membership and using recursion to chain ZK proofs and results. The guild will decide on whether to create standalone tools or contribute to existing toolsets, such as Arkworks, after the initial research phase which will take place during 23Q1.

POCs and implementations of cryptographic schemes

The AZKR guild plans to develop proofs-of-concept (POCs) to test the feasibility and functionality of concepts and identify potential challenges or implementation issues. One POC will be an experimental COSMOS blockchain with a simple voting system, and the guild also plans to experiment with connecting digital identity systems to voting systems. Depending on the outcome of research and the requirements of the CeresVote project, the guild may also develop additional POCs during the year. In addition, the guild plans to work on implementations of cryptographic primitives, such as the Poseidon hash, which is currently a missing feature of Aztec’s Noir language. This will contribute to the guild’s reputation in the ZK space. The guild expects to complete about one implementation per quarter, with the first being the Poseidon hash in 23Q1.

Other Core Research Activities

The AZKR guild has several other activities planned for the coming year:

• Fundamental research (taking up 20-25% of the team’s resources):
  • Continue with regular mathematics and cryptography seminars in order to maintain the team’s ability to understand the newest research publications related to zero-knowledge proofs, which are fundamental to e-voting. This may lead to occasional publications in the form of blog posts.
  • Follow research publications in the fields of cryptography, particularly those related to zero-knowledge, privacy, and e-voting, and monitor the development and emergence of new technologies in the ZK space. Occasional technical reports may be published as a result.
  • Work on original research and publish 2 papers per year on zero-knowledge proofs.
• Attend and organize meetups and conferences, and improve the visual quality of the AZKR blog in 1Q23.
• Support other Aragon guilds with questions related to cryptography and cryptographic tools.
• Establish new partnerships with other researchers and research organizations to increase and diversify our ability to follow the latest developments in cryptography, and for joint developments like cryptographic primitives. Maintain existing partnerships (e.g. Aztec).

Methodology

To ensure the achievement of the goals of this proposal we will combine a long-term work plan base in the waterfall approach with the Objectives and key results (OKRs) methodology for quarterly planning and success evaluation -as we have done in the last quarter of 2022.

Work plan

Table 1 presents the proposed work plan. This work plan will be periodically reviewed and updated when needed according to the outputs of the OKRs iterations, the research findings or other project development needs. The following chart shows a summarized version at work package (WP) and their lead.

AZKR_Proposal_Table2_workplan843×517 41.2 KB

Full details of the initial work plan, including tasks, participants, and main outputs, can be found in this google spreadsheet.

Note that this work plan may be impacted by high-value strategic initiatives if agreed with Aragon product development and Aragon growth guilds.

Objectives and key results 23Q1

The OKRs for the first quarter of 2023 (1st January - 31st March) follow. Please note that i) we use standard quarters, thus, the first two months (January and February) are not part of this proposal in terms of execution period and budget. AZKR-23Q1-O1 will take around 60% of the team effort, and AZKR-23Q1-O2 and AZKR-23Q1-O3 about 20%.

AZKR-23Q1-O1 An anonymous censorship resistant voting solution has a draft design that allows for implementation to begin

• ARZR-23Q1-KR11 Technical and functional requirements have been defined and approved by the Executive Director, Research Lead, and Head of Product Development.
• ARZR-23Q1-KR12 Literature and technical analysis for anonymous censorship resistant voting solutions, including cryptographic primitives, census, and e-voting solutions, have been compiled and reviewed by an external specialist.
• ARZR-23Q1-KR13 Create a POC for anonymous on-chain voting ready to be handed over to the product development guild for integration in Aragon OS as a plugin.
• ARZR-23Q1-KR14 Draft designs of essential components, including Census and Eligibility and voting process types, have been produced and approved by Research Engineers.

AZKR-23Q1-O2 Deliver in progress POCs and software implementations

• ARZR-23Q1-KR21 Poseidon hashing algorithm in Noir has been implemented and integrated into the Aztec Noir repository.
• ARZR-23Q1-KR22 Elliptic curve primitives in Noir have been implemented and a pull request made in the Aztec Noir repository.
• AZKR-23Q1-KR23 A fully operational Blockchain/COSMOS zone is deployed and made available to AZKR guild for testing.
• AZKR-23Q1-KR24 A prototype implementation of BatRaVot has been deployed on an Ethereum testnet.

AZKR-23Q1-O3 Increase knowledge transfer to Aragon DAO

• ARZR-23Q1-KR31 4 blog posts on relevant topics have been posted in the AZKR blog.
• ARZR-23Q1-KR32 3 technical reports have been produced and shared with Aragon’s technical team.
• AZKR-23Q1-KR33 1 meetup or event organized by the AZKR guild and hosted by Aragon.
• AZKR-23Q1-KR34 3 teaching sessions on relevant topics conducted.
• AZKR-23Q1-KR35 A methodology to assess our knowledge transfer tasks has been defined and the first set of results obtained and shared.

Team

Team Leads

The Team Leads coordinate the work of the entire team and are responsible for representing the team, both internally and externally. However, they also take hands-on responsibilities in specific projects and thus contribute to the team’s production.

H1 - Head of Research. Previously served as a blockchain governance and tokenization expert at a European Body. Research interests include mathematics, consensus protocols and monetary theory.

H2 - PhD, Research Manager and guild steward. Assistant professor at a European university. Extensive experience as research engineer and project manager in e-voting and network infrastructure.

Research engineers

Research engineers play a crucial role in developing proofs-of-concept (POCs) and prototypes. They are skilled in using complex cryptographic toolsets and may also contribute to the development of these tools as needed. In order to effectively carry out their work, research engineers must possess a strong understanding of cryptography and cryptographic primitives, as well as advanced software engineering skills. They may also be responsible for implementing schemes developed by cryptography researchers.

H3 - PhD, Research engineer. Software developer with a strong background in pure mathematics. Currently focused on the implementation of cryptographic primitives and voting systems. Previously postdoctoral scientist at a European university.

H4 - Research engineer. Extensive experience in ZK programming, currently focused on scalability and privacy with recursion. Previously worked at ZK-rollups related company.

H5 - Research engineer. Focused on privacy-preserving smart contracts and implementing cryptographic schemes.

H6 - Research engineer. Long experience in software engineering, database development and system design. Contributor to blockchain projects using Bitcoin, Ethereum, BSV and COSMOS. Co-author of several blockchain standards specifications.

Fundamental Researchers

The fundamental researchers on the team focus on creating new cryptographic schemes and on providing mathematical proofs that these schemes are secure. They stay informed about current research in the field and play a key role in selecting cryptographic schemes for the development of proofs-of-concept (POCs) and prototypes.

H7 - PhD, Cryptographer. Previously Assistant Professor at a European university, where he remains active as an external expert in Cybersecurity. Research interests are in cybersecurity, blockchain, cryptography, and in particular e-voting, functional encryption and ZK.

H8 - Mathematician. (we’re in the process of recruiting to replace a departing team member) Ideal profile: Math PhD with knowledge of cryptography, especially elliptic curve cryptography, and security proofs. Programming skills would be appreciated.

Risks and mitigation

Table 2 presents and classifies the most relevant risks identified and Table 3 the proposed mitigation measures.

AZKR_Proposal_Table2_risks794×604 78.8 KB

AZKR_Proposal_Table2_mitigation794×931 151 KB

Funding breakdown

Table 3 shows the total requested funding. This budget is for a period of 12 months, from March 2023 to February 2024. The budget estimation was done according to the following criteria:

• Full-time workload, compensations and perks: the same policies as presently (as set by Aragon Association)
• Team size: no changes (equivalent of 9 full-time positions)
• Third-party service providers: only the costs for managing the legal wrapper have been budgeted ($ 1.000/moth) as we are choosing to go with the option where the Ops guild takes care of operational overhead.
• Adjustment for inflation: 1.08 (for existing team members, as suggested by the Ops guild)
• Unexpected expenses rate: 1.05 (as suggested by the Ops guild)
• Conversion rate EUR to USD: 1.06 (as suggested by the Ops guild)

Table 4 shows the budget distribution over the 4 funding seasons.

AZKR_Proposal_Table2_budget2790×265 5.32 KB

Following the efforts started in 2022, the AZKR guild will continue our collaborations with third parties (Aztec) and look for new ones. All revenue generated by the Aragon ZK Research Guild during the funding period of this proposal through either collaborations, partnerships, or work on behalf of the Aragon Project will be returned to the Aragon DAO treasury intended to be budget-relieving.

Annex - Team deliveries

Code

Implementations available in Github: https://github.com/aragonzkresearch

• BatRaVot: BatRaVot implementation
• Noir SHA2: Noir zk-lang implementation of SHA2 (SHA256 & SHA512) hash functions.
• OVOTE: Offchain Voting with Onchain Trustless Execution (& ovote-node)
• ark-anon-vote: Onchain anonymous voting implementation using arkworks-rs
• ark-ec-blind-signatures: Blind signatures over elliptic curve implementation (native & r1cs constraints)
• Blind-OVOTE: L2 validity rollup combined with blind signatures over elliptic curves inside zkSNARK, to provide offchain anonymous voting with onchain binding execution on Ethereum

Publications

Publicly available

• SNARVs, BatRaVot and SchnorrVot: verifiable voting schemes suitable for Token-based voting on Blockchains
• OVOTE: (Offchain Voting with Onchain Trustless Execution) Ethereum L2 for voting using validity-proofs (kind of zkRollup)
• Blind-OVOTE: a voting system that combines the OVOTE ideas with blind signatures inside zkSNARK, to provide gasless anonymous voting with onchain binding execution on Ethereum.
• SHA-2 in Noir: SHA-256 & SHA-512 hash implementations in Noir zk-language
• Notes on elliptic curves over finite fields and their pairings
• Selected Topics in Cryptography: from the basics to e-voting
• Towards Data Redaction in Bitcoin Use ZKPs to allow any node to delete some data from Bitcoin transactions to make BTC BC compatible with GDPR while preserving the public verifiability of the correctness of the spent and spendable coins.

Tech reports

Restricted access (internal notes for other teams in Aragon)

• Private decentralised voting (2022-11-10)
• Aleo Technical Overview (2022-10-05)
• Anonymous voting in the Vochain without trusted-setup (2022-09-08)
• Ovote - requirements for the transformation of the research output into a product (2022-07-01)
• Rollps, Validiums, zkEVMs concepts (2022-05-12)
• Overview of different proving systems (practical perspective) (2022-02-19)
• Mina overview (2022-02-10)

--------------------------------------------------------------------------------------------------------------------

Makes sense. Your work is extremely important for the broad industry, and even more so for Aragon.

I’m somewhat surprised to read this, as my understanding was that the rollups will settle transactions on Ethereum and not on its own app-specific L1. Any pointers about this decision?

Hi Luis, this is still very much about settling transactions and triggering funds transfers on Ethereum.

Rollups in general refer to proofs that are generated off-chain, possibly requiring significant computing resources. This is done so that the proof is as small as possible and thus less expensive to verify on Ethereum, under the condition that security is not compromised.

The unavoidable weak point of rollups is that the Ethereum smart contract designed to process proofs can only act on proofs that are submitted to it.

In some cases proofs can be definitive and the situation is quite straightforward. For example, in a 3-of-5 multisig, if a proof is submitted that 3 addresses have voted in favour, the situation is clear and a fund transfer can be initiated immediately.

However, in voting the situation may not be as simple. Imagine that ballots are submitted to a single rollup node, whose role it is to collect ballots and compute the proof after the voting period is over. Imagine that this rollup node is in fact malicious, and ignores some of the ballots received, based for example on the IP from which they were sent. The rollup node then generates a proof that excludes some ballots and submits that proof to the smart contract. The smart contract cannot know that this proof does not include all ballots cast. To mitigate this risk, additional fail-safe mechanisms must then be implemented: we can have several roll-up nodes (but then voters may need to submit ballots to several nodes); voters can monitor the proof being submitted and have the possibility to add their ballot manually to the smart contract if necessary (but we all know that voters will not all be as diligent); several parties can submit proofs, and the smart contract is able to aggregate proofs (at a cost of course), etc.

One reasonable solution to this is to have a rollup-chain, rather than just one or several independent rollup-nodes. The usual consensus mechanism will ensure that if at least 2/3rd of the nodes are honest, the rollup-chain will actually accept all ballots and compute a proof that takes all of these ballots into account.

Clearly this is not a panacea, but I think it’s an important element of making off-chain voting censorship-resistant.

The easiest solution right now seems to be a cosmos chain/zone, which is what we’re experimenting with at the moment, but this is not set in stone.

Proposal update:

• ARZR-23Q1-KR13 changed based on internal discussions
• minor corrections and additions

Prisma will vote “yes” on this proposal. We are pleased to support the team and in advancing Aragon’s role in the zero-knowledge field. We believe ZK technology will play a critical role in advancing user privacy in our industry, and it’s crucial for Aragon to stay at the forefront. The projects outlined in the AZKR roadmap have the potential to bring about transformative change.

Recently, we have seen the AZKR team succeed in strengthening their relationship with the rest of Aragon, building deeper trust and improving collaboration. We are excited to see this continue to strengthen. The adjustments made to the OKRs to prioritize a private voting POC and the commitment to returning all revenue generation to the Aragon DAO treasury are testaments to this fact.

Going forward, we encourage the AZKR team to:

• Utilize existing implementations and industry knowledge to minimize overhead and overengineering
• Justify their solutions to stakeholders and share their comparative benchmarking from other existing solutions with the rest of the organization
• Operate effectively, efficiently, and leanly
• Improve knowledge transfer across all of Aragon

We acknowledge that the team’s expertise in zero-knowledge technology is highly specialized and may make it difficult for others to collaborate as easily with other guilds. ZK expertise is rare, to say the least. However, we see this as an opportunity for Aragon as a whole; it should be mutually advantageous to invest in this knowledge transfer.

We would also like to express our appreciation for the effort put into this proposal itself, as we know it was a huge undertaking in and of itself.

Dear Prisma members,

Thanks for publicly stating you support to our proposal. Also thanks for trusting us and for the feedback you have provided during the last month which has been crucial for narrowing gaps and optimizing our interaction with other Aragon contributors.

As a team, we are highly motivated to undertake the challenge of executing the proposal. We are pretty confident that we will meet our commitments and we will do our best to implement your recommendations.

OnChainCoop thanks @alex-kampa and the AZKR Guild for the elaborate proposal. OnChainCoop will vote “yes” in support of the proposal.

The functionality that CeresVote Protocol can bring is undeniably essential for the Aragon Protocol. While sourcing similar functionality elsewhere might be possible, developing it within AZKR inside Aragon DAO has two distinct advantages:

• Building organizational capacity in one of the most promising sub-verticals of the blockchain space. One which is also highly relevant to the Aragon Protocol
• Accruing a reputation to the Aragon brand as a leader in the field of zk-tech

We support the positioning of the guild at the interface of practical innovation and fundamental research. We would like to see the continuation of its efforts to collaborate with internal and external teams:

• Working tightly with the Product Guild on crystalizing research findings into prototypes that can have a meaningful impact on the Aragon stack
• Collaborating with external teams (i.e. Aztec) on fundamental research, validating the team’s hypothesis about the applicability and relevance of the challenges being tackled.

These initiatives ensure the relevance of the guild’s efforts to the advancement of Aragon (both brand and product) and the blockchain space as a whole and protect the guild from some of the pitfalls of purely academic research, detached from practical applicability.

Thanks for the support and the feedback. We look forward to continue working together.

Dear members of OnChainCoop,

I would like to express my sincere gratitude for your support. Your comments align very well with our current efforts to prioritize applied research and the development of software prototypes. Moving forward, I have no doubt that the AZKR guild will continue to create significant value for the Aragon ecosystem.

Thank you again for your support.

Best regards,

Alex Kampa

The vote is live: Aragon DAO Vote #3

Q1 activity report

Summary
The performance of the AZKR guild in Q1 was very high (OKRs achievement of 90%) as well as the team’s motivation. This makes us face Q2 very optimistically.

20230406_activity_report_Q1_Jira895×918 123 KB

Participation in Private Voting Research Sprint by Nouns DAO
The activity of in Q1 was strongly and positively influenced by the decision of submitting, jointly with Aztec, a proposal to the Private Voting Research Sprint organized by the Nouns DAO. The decision was made together with the Lead of Product Development Guild (Carlos) and validated by the Interim Executive Director of Aragon Association (Evan). The key reasons for this decision were;

1. the fact that call’s goal (which is to develop a PoC of an anonymous voting system for the Nouns DAO) is a specific use case of the main objective of AZKR’s funding proposal (which is to develop a prototype of a censorship-resistant, privacy-first voting system for DAOs) and

2. the opportunity to work together with Aztec.

The proposal ended in second place at the end of the voting process with enough enough votes to be selected. Since the beginning the team has worked intensely and in a very effective manner to face this challenge, first during the process of drafting the proposal, and now to implement it. The delivery date is by the end of June.

Changes in Q1 OKRs
The decision to put the proposal was confirmed some weeks after this funding proposal was accepted. Thus Q1 OKRs of the proposal had to be adapted to allocate resources to draft the proposal. The most significant changes were the following:

• “ARZR-23Q1-KR11 Technical and functional requirements have been defined and approved by the Executive Director, Research Lead, and Head of Product Development.” → Requirements: the Nouns requirements
• “ARZR-23Q1-KR14 Draft designs of essential components, including Census and Eligibility and voting process types, have been produced and approved by Research Engineers.” → Nouns proposal design; Approval: acceptance of the proposal

Changes in the year work plan
To ensure the correct execution of the Nouns proposal the overall approach must be modified, from a close to a waterfall approach with a clear evolution over quarters, to a more agile approach, because a PoC must be delivered in Q2. This change enables further iterations in the coming quarters and to address the integration integration sooner than initially planned. In Q2 the efforts will be fully focused on delivering Nouns PoC.

Q1 OKRs accomplishment
The only KR that has suffered a significant delay is AZKR-23Q1-KR35 “A methodology to assess our knowledge transfer tasks has been defined and the first set of results obtained and shared”. The methodology has been defined -essentially a questionnaire per quarter, but the first round will happen in Q2.

Other decisions

• Embed the 12% of bonus as part of the salary. This is better aligned with the Swiss labour regulations and, in our opinion, also with the nature of the work done in the team.
• 1 new hire. A senior researcher in applied cryptography is joining AZKR by mid-April.

Here are our OKRs for the 2nd quarter of 2023:

OKR-2023-Q21061×719 91.5 KB

Prisma would like to thanks AZKR for all of the excellent work carried out during Q1. It’s fantastic to see that the team’s motivation remains a priority.

We are happy to see the guild’s participation in the Private Voting Research Sprint by Nouns DAO. This opportunity to collaborate with a well-established DAO that emphasizes delivery and has a strong community presence will not only bring visibility to Aragon’s initiatives but also help advance the yearly objectives set for this year with a more agile way of working, which we fully endorse. Moreover, the collaboration with Aztec, one of the strongest teams in the industry, is another significant achievement.

It’s also great to note that the decision to pivot and focus on the Nouns proposal was made in close coordination with other Aragon guilds. Communication between guilds has been a challenge in the past so we’d like to see continued improvements like this going forward, such as working more closely with the Growth Guild to ensure brand visibility is maximized for the Aragon project and token holders. Similarly, when it comes to knowledge transfer, there have been significant improvements within and outside of Aragon through talks, workshops, AMAs, and writings. We think the next way to improve this would be to target the knowledge transfer directly toward Aragon’s engineering teams so they are better prepared to bring the value of your PoCs and research to DAOs launched on Aragon.

Lastly, you have chosen to incorporate the 12% bonuses into your contributors’ base compensation as a raise, altering the budget allocation from the original proposal and what token holders and delegates initially supported. The original indication of paying a “max” of 12% implies there could be cost savings due to variations in performance, which could be returned to the DAO or rolled into a subsequent funding cycle. We acknowledge that using bonuses may not always be the most effective incentive for high-quality work, but nevertheless, to maintain trust with Prisma and token holders, we expect more up-front transparency into changes to budget allocations and their underlying rationale.

Once again, thanks for your dedication and hard work. We look forward to witnessing all that AZKR aims to achieve in upcoming quarters.

Thanks Prisma for the feedback. Knowing that our work is overseen and feedback is provided is always stimulating. Some comments to your points:

• Integrate the bonuses in to the salary We fully understand your objection about being a max. The decision was taken after a discussion in the forum of guild leaders. We did no make any consensual solution, but no one objected about the option of this integration. We are open to amendments if needed/wanted.

• Better communication between guilds The contribution by the Growth guild was crucial during the proposal and voting periods and still is now. Under their guidance and help we have taken the progress reports of the Nouns project (Aragon-Aztec Private Voting - Documentation - Main page - HackMD) to start harmonizing our communication assets, styles, etc. We are also in close contact with the Lead of Product Development Guild for technical discussions such as the validation of the design. Special reference also needs to be made to to the Eagle ops guild for their support to face all the administrative burden of setting and managing a legally independent organization.

• ** knowledge transfer directly toward Aragon’s engineering teams** We agree and it is our will, but we must leave this objective for Q3/4 because in the quarter we must fully focus on the implementation of Nouns.

Kind regards.

Q2 mid-term progress update

According to the Q2 OKRs proposal, our activity has focused on the development and implementation the nouns proposal.

This project:

• Is fully aligned with the objectives of the AA grant we received. Our estimation is that over 90% of the work can be directly reused.
• It allowed us to strengthen our collaboration with Aztec
• It allowed us to start collaborations with other web3 technical players
• We expect that some of the outcomes to be valuable beyond the on-chain private voting problem (e.g. the Time lock cryptographic service and the zkRegistry)

This three-months long research project (from April to June) aims to answer the following research questions:

1. Up to which point it is possible to build a user-friendly, trustless (decentralised), fair (no one can count votes before a given time), weighed (voting power depends on the amount of tokens hold/delegated) and ballot-secret (it is impossible to link a voter with a choice) voting system in Ethereum?
   2) If all these properties cannot be met at once, which are incompatible and why?
   3) If all these properties cannot be met at once, which is the recommended combination and why?
   4) What is needed to make the recommended combination available to the Nouns community? (Resources needed, roadmap, etc.)

The expected outcomes are:

• Clear answers to research questions 1 to 4
• Proofs of concepts (PoC) of the key components of the proposed system to back our answers
• Integration PoC

PoCs are essentially software developments. Although our repos are currently private, we plan to make them public by early June. Although the design phase took longer than expected (5 to 6 weeks) right now we are fully engaged in the implementation phase.

We published 2 progress reports and we expect to publish at least 2 more. The are available at the following link: https://hackmd.io/130yRfVARSC5AU5aT2w8Lw

In the report below you will find the budget overview of the first Quarter:

AZKR_Aggregated_budget_Q13300×2700 424 KB

Please find below our OKRs’ proposal for Q3. For context, we also provide a forecast for Q4. Feel free to make comments until the end of the month. Thanks in advance.

General workplan for the second half of 2023

Q3
Evolution from Nouns project to Proof-based Onchain Private Voting (zk-POPVOTE )
at least without fairness, as this is the most requested version currently and fairness heavily dependent on Aztec Noir evolution

Q4
Integration of zk-POPVOTE voting solution in Aragon OSX. Together with the Product guild.
Continue working on fairness if not achieved in Q3.
Start working on Relay service.
Explore new lines of work (e.g. anti vote-buying solution)

Proposed 23Q3 OKRs

O1 Generalization of Nouns voting solution to zk-POPVOTE
KR1.1 Ship Server solution: as binaries or docker container
KR1.2 Deploy In-browser solution
KR1.3 Ship Tally: command-line interface (CLI)

O2 Implementation of Time Lock Cryptographic Service (TLCS) from Alpha to Beta
KR2.1 Web user interface in production
KR2.2 Schemes: +5 schemes supported
KR2.3 Minimal deployment: +7 validators available
KR2.4 3rd party users: +2

O3 Implementation of ZkRegistry from Alpha to Beta
KR3.1 Web user interface in production
KR3.2 Standardization: EIP started
KR3.3 Coalition: +4 participants

O4 Maintain a reasonable level of dissemination activities
KR4.1 3 teaching sessions on relevant topics conducted
KR4.2 3 blog posts on relevant topics conducted

In addition to the explicit OKRs stated above, the guild will keep working to ensure a smooth inter-guild coordination and effective contribution to the Aragon project. This includes, but is not restricted to: keep the regular meetings with Growth, reinstate the regular meetings with Product, contribute to the Product roadmap definition and execution, participate in Aragon’s discussions, etc.

Hey Alex! Thanks for sharing these and being on top of drafting the OKRs for the next quarter. Great work.

I’m particularly excited to see the integration of the AZKR tools into Aragon OSX. The AZKR Guild has produced a lot of innovative work in the last couple of quarters but I’m concerned I’m not seeing these tools integrated into the Aragon stack yet. Would love to learn more about:

• Why you’ve chosen to integrate zk-POPVOTE vs the other voting solutions you’ve prepared (like Batratvote or OVOTE) and how you’ve reached this conclusion.
• Would love to hear about a procedure/strategy plan on making these integrations more recurrent. It’d be amazing to see more of these prototypes into production. Are there any blockers here the other guilds can support with?
• I’d also love to learn about the Tally CLI you’ve mentioned as the O1 KR3. What is it and how does it bring value back to Aragon, as defined in Aragon’s Hyperstructure Strategy?
• Additionally, what is the plan after the TLCS is out in beta? Are there any plans of integrating it into Aragon OSx? What are some of the expected use cases you envision here? Would love to understand how the team is thinking of prioritizing some projects over others.

I think having better context on these questions will enhance the collaboration among Aragon guilds and ensure we’re doing aligned work. I’m also excited to attend the teaching sessions and review the blogs. Let me know if I can support at all in this regard.

Hey Juliette, thanks for your comments, here are some answers to your questions:

Why you’ve chosen to integrate zk-POPVOTE vs the other voting solutions you’ve prepared (like Batratvote or OVOTE) and how you’ve reached this conclusion.

OVOTE has actually been ready for integration for a while now, but the product team probably has other priorities right now. zk-POPVOTE is just the next project we’re working on, with the aim of getting it to proof-of-concept stage.

Would love to hear about a procedure/strategy plan on making these integrations more recurrent. It’d be amazing to see more of these prototypes into production. Are there any blockers here the other guilds can support with?

See previous answer. Our role is go as far as proof-of-concept, then it’s up to the product team to decide next steps, i.e. whether to develop it into a product.

I’d also love to learn about the Tally CLI you’ve mentioned as the O1 KR3. What is it and how does it bring value back to Aragon, as defined in Aragon’s Hyperstructure Strategy?

The Tally CLI is simply an offchain component of zk-POPVOTE. It’s zk-POPVOTE as a whole that could bring value to Aragon, if it’s decided to develop it into a product or Aragon OSx plugin later.

Additionally, what is the plan after the TLCS is out in beta? Are there any plans of integrating it into Aragon OSx? What are some of the expected use cases you envision here? Would love to understand how the team is thinking of prioritizing some projects over others.

TLCS (or Timelock) will be a standalone public service service that will enable anyone to encrypt
data for decryption in the future. It is needed for transparent and independent verification of voting results, but there are many other applications. It is not something that can be integrated into Aragon OSx, although one could imagine an on-chain Oracle that gets its data from TLCS. There will be a blog post about all this in the coming days.

Hey Alex! Thanks for your answers. Some comments:

• Feels to me like there is potential for the AZKR guild to collaborate more with product to make sure the proofs of concept turn into products that DAOs can use. Have you considered creating the plugins yourself for Aragon OSx? Potentially we could get many of these solutions to the hands of DAOs sooner, even if the App doesn’t yet support these features. As soon as the modularity framework for governance plugins is done (which is still several months away), DAOs could use this in the front-end, but meanwhile devs can already start experimenting with these voting solutions for their custom DAOs. This could also give the AZKR guild feedback earlier on to improve the plugin as time goes.
• Would also love to learn about the process you use to identify which solutions to build next. Is there any discovery process you’re following internally?
• Regarding Tally CLI - why do we need it in order for zk-POPVOTE to become an Aragon OSx plugin? Would love to read more about this if you have any documents available!
• Interesting to hear about the TLCS public service. I’m wondering - if it cannot be integrated into Aragon OSx, what’s the main reason for spending resources in building it?

Thanks again for the response. Excited to keep learning about your work!